Summary
Federal Privacy and Data Protection Policy Act of 2002 - Requires each Federal agency to designate an employee as privacy manager to: (1) be responsible for data protection and management within that agency; (2) ensure compliance with the privacy and data security policies; and (3) be responsible for training and educating employees about such policies and developing practices and procedures to ensure compliance.
Requires each agency to conduct and record with its Inspector General a benchmark assessment of privacy and data protection policies and practices for the collection, use, sharing, disclosure, transfer, and security of personally identifiable information relating to employees and the public.
Requires each agency to perform an independent, third-party review of privacy and data protection practices every three years to: (1) determine the effectiveness of policies, practices, and procedures; and (2) ensure compliance with its stated privacy policy.
Requires each Inspector General to: (1) contract with an independent, third party to evaluate privacy and data protection policies and recommend strategies and steps to improve privacy and data protection management; and (2) report to the head of the agency on such review.
Requires agencies to make such assessments, reviews, and Inspector General reports available to the public on their websites.
Lifecycle of the Bill
No events recorded for this stage yet.
No events recorded for this stage yet.
Congress
107th Congress
Introduced
Jun 17, 2002
