Congress

Report: How federal agencies can improve data security, decision-making

Federal departments should be required by law to conduct comprehensive risk assessments on de-identified confidential data before it is made public, the Commission on Evidence-Based Policymaking recommended in its final report unveiled Thursday.

The requirement should be done by amending the Privacy Act and the Confidential Information Protection and Statistical Efficiency Act (CIPSEA), said the bipartisan commission established by Congress last year to find out how data can be used to make government run better.

The Commission emphasized it is critical for federal agencies to be at the forefront of applying cutting-edge technologies to improve data security and privacy.

“That technology offers part of the solution for enhancing privacy while allowing more use of data to satisfy the growing demand for evidence (and) improve data security, minimize risk,” the report said.

The report charged many federal agencies aren’t as vigilant as they should be in instituting access controls and privacy protections.

The Commission urged departments to increasingly use data minimization to give access to the least amount of data needed to complete a project.

“A well-designed and properly implemented data minimization strategy can reduce the risk of unauthorized use and unintended harm to individuals,” the report said.

In addition, the Commission called for the Office of Management and Budget to create and implement a single, streamlined process to give outside researchers access to data not publicly available.

“A streamlined process will ensure that data access requests are all adequately scrutinized. (This) approach for improving access would acknowledge differences in the sensitivity levels of data and set appropriate access requirements and data security and privacy protocols,” the Commission said.

In an overview, the Commission said the federal government’s ability to use data to improve decision-making is being harmed by unintentional limits on data access, inadequate privacy practices, and insufficient capacity to generate enough of quality evidence.

“Businesses rely on data and analysis to make their decisions. Why should government spending be treated differently? Taxpayers and policymakers should receive credible information to know and understand how well the programs and policies they fund achieve their intended goals,” the task force wrote to try to underline the importance of its advice.

Recommended for you
Around The Web
Comments