Now Available:

line

Featured Resources:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Rebecca.

« A New Risk Management Standard Worth Looking At | Main | Info Sec and Privacy Concerns For Mobile Workers »

Federal Agency SSN Use Mandate Has Been Removed!

On November 18 President Bush signed Executive Order 13478; see how/if it impacts your organization and how you use social security numbers (SSNs), and how it will impact how you require SSNs. And now you personall should NOT need to provide SSNs as often...

Executive Order 13478 of November 18, 2008

Amendments To Executive Order 9397 Relating To Federal Agency Use of Social Security Numbers

By the authority vested in me as President by the Constitution and laws of the United States of America, it is hereby ordered as follows:
Section 1. Policy. It is the policy of the United States that Federal agencies should conduct agency activities that involve personal identifiers in a manner
consistent with protection of such identifiers against unlawful use.
Sec. 2. Amendments to Executive Order 9397. Executive Order 9397 of November 22, 1943, is amended:
(a) in paragraph 1 by:
(i) striking ''shall'' and inserting in lieu thereof ''may'';
(ii) striking ''exclusively'';
(iii) striking ''Title 26, section 402.502'' and inserting in lieu thereof ''title 20, section 422.103''; and
(iv) striking ''the 1940 Supplement to'';
(b) by striking ''Bureau of the Budget'' in paragraph 5 and inserting in lieu thereof ''Office of Management and Budget'';
(c) by renumbering paragraph 6 as paragraph 8;
(d) by inserting immediately following paragraph 5 the following new paragraphs:
''6. This order shall be implemented in accordance with applicable law and subject to the availability of appropriations.
''7. This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity, by any party against the United States, its departments, agencies, instrumentalities, or entities, its officers, employees, or agents, or any other person.''; and
(e) by striking ''Board'' each place it appears and inserting in lieu thereof in each such place ''Administration''.

Tags:                      
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Rebecca Herold on November 30, 2008 1:29 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-itcompliance.com/type/mt-tb.cgi/863

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Rebecca Herold's Bio:

Rebecca Herold,CISSP, CIPP, CISM, CISA, FLMI, has been providing information security, privacy and regulatory assistance and services to organizations from a wide range of industries for over 18 years. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the CSI Information Security Program of the Year Award in 1998. IT Security ranked Rebecca as one of the top 59 IT security influencers, and Computerworld put Rebecca their list of the 25 top privacy experts and on their list of the 9 best privacy consulting firms. Rebecca has been CPO for two consulting organizations, and has had her own information privacy, security and compliance business since 2004. Rebecca has written chapters for several books, dozens of articles, and has been writing a monthly privacy column for the CSI Alert newsletter since the beginning of 2001, and is working on her 11th book. Some of her other books include The Privacy Papers, Managing an Information Security and Privacy Awareness and Training Program, The Definitive Guide to Security Inside the Perimeter (Realtime Publishers), The Shortcut Guide to Improving IT Service Support through ITIL (Realtime Publishers), and The Practical Guide to HIPAA Privacy and Security Compliance. In addition, Rebecca is the leader of The Realtime IT Compliance Community where she posts to her IT Compliance weblog. You can contact Rebecca at: rebecca_herold@realtimepublishers.net.