On June 18, the Department of Homeland Security (DHS) issued a Privacy Impact Assessment Update for the Personal Identity Verification (pdf). Some of the statements:
- The categories of individuals for which information will be collected are expanded to include emergency response officials, detailees from other agencies, and foreign nationals on assignment that require long-term access to DHS facilities.
- The uses of the personally identifiable information collected for the PIV Program have not changed with this update. The information is used to verify identity and issue credentials throughout DHS and its components.
- DHS may share limited personally identifiable information (name, email address, and duty office) with a contractor service used to schedule appointments for employees to receive their cards. The only other change to external sharing is reflected in the updated SORN [System of Record Notice] for the IDMS [Identity Management System]. The updated SORN includes an additional routine use for information sharing for the purposes of resolving and investigating incidents related to a data breach or identity theft.