• Are there robust systems in place to identify errors, such as false positives, use them systematically to improve information-based programs, and provide rapid, effective redress to affected individuals?

  1. Assessment

    • Are there reliable tools for assessing the performance of information-based programs and their compliance with applicable laws and regulations, as well as for acting on those assessments?

    • Does the information-based program create a permanent, tamper-resistant record of when data have been accessed and by whom?

    • Does it provide for continuous, automated analysis of audit records?

    • Is the information-based program audited not less than annually to ensure compliance with the provisions of this framework and other applicable laws and regulations?

    • Are the results of ongoing assessment documented?

  1. Oversight

    • Is the information-based program subject to meaningful oversight from both inside and outside the agency, including from Congress?

    • Are the program and its oversight mechanism transparent to the public and the press to the greatest extent possible?

    • If transparency is impossible, are there reliable means for heightened independent agency, judicial, and/or congressional oversight?

The National Academies of Sciences, Engineering, and Medicine
500 Fifth St. N.W. | Washington, D.C. 20001

Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement