{ "version" : "https://jsonfeed.org/version/1", "content" : "resources", "type" : "single", "title" : "An introduction to privacy |Digital.gov", "description": "An introduction to privacy", "home_page_url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/","feed_url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/resources/an-introduction-to-privacy/index.json","item" : [ {"title" :"An introduction to privacy","deck" : "Understand privacy requirements for agency websites","summary" : "Introductory guidance on implementing privacy protections for users of federal websites.","date" : "2023-12-08T06:46:00-05:00","date_modified" : "2025-01-27T19:42:55-05:00","authors" : {"rflagg" : "Rachel Flagg"},"topics" : { "analytics" : "Analytics", "privacy" : "Privacy", "trust" : "Trust", "user-experience" : "User experience" },"branch" : "bc-archive-content-3", "filename" :"an-introduction-to-privacy.md", "filepath" :"resources/an-introduction-to-privacy.md", "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/bc-archive-content-3/content/resources/an-introduction-to-privacy.md", "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/bc-archive-content-3/content/resources/an-introduction-to-privacy.md","slug" : "an-introduction-to-privacy","url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/resources/an-introduction-to-privacy/","weight" : "1","content" :"\u003ch2 id=\"what-is-privacy\"\u003eWhat is privacy?\u003c/h2\u003e\n\u003cp\u003eFederal agencies must take great care when collecting information from users to protect their \u003ca href=\"https://digital.gov/topics/privacy/\"\u003eprivacy\u003c/a\u003e, and publish a privacy policy to clearly disclose how that information will be used. The privacy policy should be easy for users to find and understand (written in \u003ca href=\"https://digital.gov/topics/plain-language/\"\u003eplain language\u003c/a\u003e), and include a link to the agency’s Privacy Program page. Privacy controls prevent the inappropriate disclosure of sensitive information.\u003c/p\u003e\n\u003ch2 id=\"why-is-privacy-important\"\u003eWhy is privacy important?\u003c/h2\u003e\n\u003cp\u003eAs public servants, one of our greatest responsibilities is to ensure that people can trust us to keep their information safe. Protecting the privacy of visitors to federal websites is paramount to improving the public’s trust in government.\u003c/p\u003e\n\u003ch2 id=\"how-to-handle-personally-identifiable-information\"\u003eHow to handle personally identifiable information\u003c/h2\u003e\n\u003cp\u003ePersonally identifiable information, commonly known as PII, includes any piece of information that could be used to identify a specific person.\u003c/p\u003e\n\u003cp\u003eGenerally, personally identifiable information is a name or unique identifier, plus one of the following data elements:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eFamily and contact information\u003c/strong\u003e such as a birthday or address\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEducation\u003c/strong\u003e, including student records\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eGovernment-issued identifiers\u003c/strong\u003e such as a passport or driver’s license number\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEmployment\u003c/strong\u003e, including performance ratings and personnel records\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eFinancial information\u003c/strong\u003e, including account numbers or credit history\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHealth information\u003c/strong\u003e, such as medical records\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBiometrics\u003c/strong\u003e, including photos or fingerprints\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDemographic info\u003c/strong\u003e, including sex or citizenship\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIf your agency needs to collect personally identifiable information from users (or if users could provide this information even if you don’t ask for it), your agency should publish a Privacy Act Statement that explains the agency’s legal authority for collecting personal data and how that data will be used.\u003c/p\u003e\n\u003cp\u003eWhen determining whether and how to collect personally identifiable information, identify a clear business requirement for every piece of information, and collect only the information you need to meet that requirement. Never collect personally identifiable information “just in case.” Apply this same rigor not just to websites, but other methods of information collection such as surveys and customer emails.\u003c/p\u003e\n\u003cp\u003eTo help users understand why you’re asking for their personally identifiable information:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eLink to your agency’s Privacy Program page from your website’s “About” page.\u003c/li\u003e\n\u003cli\u003eLink to the site’s \u003ca href=\"https://digital.gov/resources/required-web-content-and-links/#privacy-policy\"\u003eprivacy policy\u003c/a\u003e from the \u003ca href=\"https://designsystem.digital.gov/components/identifier/\"\u003eUSWDS Identifier component\u003c/a\u003e in your website footer.\u003c/li\u003e\n\u003cli\u003eKeep all privacy policies and information up-to-date.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eTo complete your privacy coverage, consult with your agency’s Privacy Office to put strong controls in place to keep user information safe. Discuss whether you need to conduct a Privacy Threshold Assessment (PTA) or Privacy Impact Assessment (PIA), or publish a System of Records Notice (SORN). Also consult with them when considering adoption of third-party websites and applications, to ensure proper privacy protections are in place for users.\u003c/p\u003e\n\u003ch2 id=\"what-can-i-do-next\"\u003eWhat can I do next?\u003c/h2\u003e\n\u003cp\u003eDo you ever wonder how many visitors your agency’s privacy website gets, what they search for, how long they stay, and if they are mobile users? Or does your \u003ca href=\"https://www.fpc.gov/council-members/\"\u003eSenior Agency Official for Privacy\u003c/a\u003e ever ask how well your privacy resources are serving your users?\u003c/p\u003e\n\u003cp\u003eIt’s important to understand how visitors use the privacy pages on your agency websites. Watch the 52-minute video, \u003ca href=\"https://youtu.be/bYkOqGiPXKE\"\u003eAnalyzing web metrics for federal privacy professionals\u003c/a\u003e, to understand how you can use data from the \u003ca href=\"https://digital.gov/guides/dap/\"\u003eDigital Analytics Program\u003c/a\u003e to improve the privacy-related pages on your website.\u003c/p\u003e\n"} ] }