Laws and regulations are violated as a result of customers' data being modified.
The organization:
a. Documents processes to ensure the integrity of personally identifiable information (PII) through existing security controls; and
Establishes a Data Integrity Board when appropriate to oversee organizational Computer Matching Agreements and to ensure that those agreements comply with the computer matching provisions of the Privacy Act.
(1) DATA INTEGRITY AND DATA INTEGRITY BOARD | PUBLISH AGREEMENTS ON WEBSITE
The organization publishes Computer Matching Agreements on its public website.
A committee is in place (legal) to disseminate and discern the computer matching agreements.
No statewide control
Obtain data privacy policy and procedures; other relevant documents or records and ascertain if:
(I) the organization documents processes to ensure the integrity of personally identifiable information (PII) through existing security controls;
(ii) the organization establishes a Data Integrity Board when appropriate to oversee organizational Computer Matching Agreements and to ensure that those agreements comply with the computer matching provisions of the Privacy Act; and
(iii) the organization publishes Computer Matching Agreements on its public website.