HHS Machine-Readable Privacy Policy Guide - Substance Abuse ...
HHS Machine-Readable Privacy Policy Guide - Substance Abuse ...
HHS Machine-Readable Privacy Policy Guide - Substance Abuse ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Machine</strong>-<strong>Readable</strong> <strong>Privacy</strong> <strong>Policy</strong> <strong>Guide</strong><br />
US Department of Health and Human Services<br />
<br />
<br />
Assuming responsibility for ensuring that machine-readable privacy policy<br />
responsibilities are assigned; and<br />
Working with CIOs to ensure that resources necessary for completing IT<br />
privacy and security tasks are allocated.<br />
3.2.2 OPDIV CIOs<br />
OPDIV CIOs are responsible for:<br />
<br />
<br />
<br />
<br />
<br />
Tracking and maintaining all machine-readable privacy policies;<br />
Reviewing completed machine-readable privacy policies and attesting that<br />
they are adequately and accurately completed;<br />
Ensuring that completed machine-readable privacy policies are implemented<br />
on all applicable OPDIV websites (existing and in development);<br />
Keeping management informed of machine-readable privacy policy resource<br />
needs; and<br />
Allocating proper resources to implement and maintain machine-readable<br />
privacy policies.<br />
3.2.3 OPDIV ISSOs<br />
OPDIV ISSOs are responsible for:<br />
<br />
<br />
<br />
Coordinating the completion and implementation of machine-readable<br />
privacy policies;<br />
Working with website owners to collect information needed to complete<br />
machine readable privacy policies; and<br />
Updating, at the direction of the OPDIV CIO/OPDIV management on the<br />
progress of machine-readable privacy policy completion, which enables the<br />
OPDIV CIO to monitor OPDIV wide progress and the effectiveness of the<br />
machine-readable privacy policy program.<br />
3.2.4 Website Owners and Website Administrators<br />
Website owners and website administrators are responsible for:<br />
<br />
<br />
<br />
<br />
Working with ISSOs, CIOs, or other staff to provide information relative to<br />
completing machine-readable privacy policies;<br />
Identifying any additional resources needed to complete machine-readable<br />
privacy policies;<br />
Implementing, testing, and maintaining machine-readable privacy policies on<br />
existing websites and websites in development; and<br />
Implementing, testing, and maintaining machine-readable policy reference<br />
files on any Web server that hosts an <strong>HHS</strong> website.<br />
3.2.5 OPDIV <strong>Privacy</strong> Contact<br />
Page 17