In conjunction with Data Privacy Week, MeriTalk spoke with Kirsten Moncada, Chief Privacy Officer at the Office of Personnel Management (OPM), to discuss how data privacy efforts are working to build trust in government and We discussed the importance of teamwork in data governance.
Mr. Moncada, who joined OPM in September, serves as executive director of OPM’s Office of Secretariat, Privacy, and Information Management. She also served as chair of the Federal Privacy Council until last weekend, leading the federal privacy community.
Prior to joining OPM, Mr. Moncada served as the first Director of Privacy at the Office of Management and Budget (OMB). Moncada, who has been a leader in federal privacy law and policy for more than 30 years, began the conversation by explaining that data privacy is “often misunderstood.”
“Often people think it’s just about keeping data safe and private, but it’s actually much more than that,” Moncada said. “At its core is trust and fairness, and maintaining the trust of the people we serve in government. We do that through a set of Fair Information Practices Principles.”
of Principles of fair information practicesor FIPP, is a widely accepted set of principles that government agencies use as the basis for their privacy laws and policies.
Notably, Moncada said the United States was the first country to establish privacy principles. FIPPS is rooted in his 1973 Federal Report by the Department of Health, Education, and Welfare Advisory Committee.Records, computers, and citizens’ rights”
The report was published after the development of the personal computer, which led to the Privacy Act of 1974, “for the first time these fundamental principles were articulated in law,” she said.
“Data is the driving force behind everything we do. In government, especially in an agency like OPM, we need information about people to accomplish our mission and serve our people,” Moncada said. Told. “How we handle information about the people we serve is directly related to their trust in government.”
“We therefore strive to maintain very high standards in the handling of personal data,” she added. “Everything we do, we fundamentally try to embrace these principles.”
She explained that the nine FIPPS include transparency, individual participation, authority, purpose designation and use limitations, minimization, quality and integrity, access and remediation, security, and accountability.
Moncada said that through these principles, OPM is working to move privacy from just a compliance exercise to a more comprehensive, ongoing, risk-based program, in line with government-wide policy. .
“My data governance colleagues and I like to refer to data governance as a team sport, and I think this is an important message for other institutions,” Moncada said. “Good data governance and the protection of sensitive data, including data about individuals, clearly depends on us coordinating across disciplines and working as a team.”
Moncada said privacy officers need to work with a variety of people on the team, including those responsible for collecting and using the information.
Additionally, they need to collaborate with people in the “data governance space,” including chief data officers who look at how data is used, chief information officers who work with technology, and chief information security officers who work with technology, he said. . security, and even statistical officials seeking to reduce the risk of personal identification within datasets.
“All of these areas have very unique expertise, and together we can all contribute to improving data governance,” Moncada said. “Working with colleagues across the agency because before you can start assessing and managing compliance, you need to really understand what they are doing and how they are collecting and using information. and we need to collaborate.” And risk management. ”
“Privacy and data governance cannot be done in silos. We need to work, collaborate, and work as a team,” she concluded.
So what’s next for Moncada? In light of her new role at OPM, she explained that she is stepping down as chair of the Federal Privacy Council, which OMB chairs, so that OMB can resume its leadership responsibilities.
But as she leans into her new role at OPM, she looks forward to serving as a council member and “particularly working on workforce-related issues.”
“It’s an interesting time to be focused on this type of work,” Moncada said. “As the technology and data landscape evolves, our work naturally evolves as well, and there are new laws and new policies that make it really exciting.”