VA Privacy Initiatives
NIST 800-53 Rev. 4
The National Institute of Standards and Technology (NIST), Revision 4 was created as a framework to help federal agencies, like VA, in applying and complying with laws specific to information security and privacy. This publication helps promote a better culture of privacy and security across all of VA. This involves revising privacy policies to make them compliant with existing privacy and information security laws, implementing policy, procedures, or technology to improve data protection for information system programs and projects. These policies will help to ensure that the information of Veterans and VA staff remains private.
The Office of Management and Budget (OMB) has mandated that VA review their information systems to reduce the use of Social Security Numbers (SSN) and explore alternative personal identifiers. The memorandum requires that VA address compliance with the Social Security Number Fraud Prevention Act of 2017 and the Consolidated Appropriations Act of 2018 through a multi-year phased approach. By reducing or even eliminating the use of Social Security Numbers, VA can further reduce the risk and impact of a potential data breach.