U.S. flag

An official website of the United States government Here’s how you know

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you're on a federal government site.

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Document
Document

Federal organizations have a fundamental responsibility to protect the privacy of individuals and their personally identifiable information (PII) that is collected, used, maintained, shared, and disposed of by agency programs and information systems. The management of U.S. Department of Housing and Urban Development (HUD) programs demands the availability and use of extensive amounts of financial, demographic, and personal information. HUD is entrusted with the PII of millions of individuals. Its compromise would result in considerable inconvenience and financial hardship for these individuals. A compromise may also lead to a lack of trust, and unwillingness by external parties to share personal information with the agency, thereby jeopardizing HUD’s ability to complete its mission.

Concern for the security of personal information on Federal systems has intensified with recent large-scale compromises of such information. Federal agencies have more responsibility than ever for ensuring proper enterprise information security to address the growing threat of cyberattacks and data breaches. A critical component in each Federal agency’s cybersecurity capability is the agency’s privacy program. The privacy program must ensure that 1) adequate safeguards are in place to correctly manage and protect sensitive information and mitigate risks and 2) privacy implications are thoroughly considered in all business and operational decisions.

Congress and relevant oversight entities have established many requirements for proper stewardship and security of PII by Federal agencies. We conducted this evaluation to assess HUD’s compliance with Federal guidance and the overall effectiveness of its privacy program.

The OIG has determined that the contents of this report would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.  Please contact the Office of Evaluations at [email protected] to request a copy of this report.

Recommendations

Chief Information Officer

  •  
    Status
      Open
      Closed
    2014-ITED-0001-32
    Sensitive
    Sensitive

    Sensitive information refers to information that could have a damaging import if released to the public and, therefore, must be restricted from public disclosure.

    The OIG has determined that the contents of this recommendation would not be appropriate for public disclosure and has therefore limited its distribution to selected officials.