IP-02-727 Individual Access

Individual Access

IP-02-727
Individual Access
Individual Participation and Redress
Identify, Protect
Access Control, Privacy and Confidentiality
NOT SELECTED
NA
No
Laws and regulations are violated as a result of individuals not having the ability to access their personal information as stored by the company.
The organization: a. Provides individuals the ability to have access to their personally identifiable information (PII) maintained in its system(s) of records; b. Publishes rules and regulations governing how individuals may request access to records maintained in a Privacy Act system of records; c. Publishes access procedures in System of Records Notices (SORNs); and d. Adheres to Privacy Act requirements and OMB policies and guidance for the proper processing of Privacy Act requests.
Users signoff on acceptable usage guidelines for PII, and have access to relevant information.
No statewide control
Obtain data privacy policy and procedures; other relevant documents or records and ascertain if: (I) the organization provides individuals the ability to have access to their personally identifiable information (PII) maintained in its system(s) of records; (ii) the organization publishes rules and regulations governing how individuals may request access to records maintained in a Privacy Act system of records; (iii) the organization publishes access procedures in System of Records Notices (SORNs); and (iv) the organization adheres to Privacy Act requirements and OMB policies and guidance for the proper processing of Privacy Act requests.