Compliance Management, Government Regulations, Vulnerability Management

OPM rewrites privacy policy to allow for system investigations

Following a pair of massive data breaches, The Office of Personnel Management (OPM) rewrote its privacy regulations to allow legislators and outside entities to look through its databases for signs of data breaches.

Systems holding medical files and nearly 40 other types of records will be available for probing, Nextgov reported. The update allows for personal information to be shared with outside entities when the agency suspect or confirms a compromised system.

These entities can include external agencies, firms or any “appropriate persons and entities.”

The agency will continue to look into security weak spots and has already identified the e-QIP system as a liability.

The public has 30 days to comment on the rewritten policy and can do so online.

To date, OPM breaches impacted more than 25 million individuals and prompted the resignation of agency Director Katherine Archuleta.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.