Description
a. Develop [Assignment: organization-defined privacy reports] and disseminate to: 1. [Assignment: organization-defined oversight bodies] to demonstrate accountability with statutory, regulatory, and policy privacy mandates; and 2. [Assignment: organization-defined officials] and other personnel with responsibility for monitoring privacy program compliance; and b. Review and update privacy reports [Assignment: organization-defined frequency].
Supplemental Guidance
Through internal and external privacy reporting, organizations promote accountability and transparency in organizational privacy operations. Privacy reporting helps organizations to determine progress in meeting privacy compliance and risk mitigation requirements, to compare performance across the federal government, to identify vulnerabilities, and to identify the resources needed to implement privacy programs.
Changes from Rev 4
New control in Rev 5. Privacy program reporting requirements.