Recognition, reporting, and disciplinary action in response to security violations are crucial to successfully maintaining the security and privacy of the EIV system. These security violations may include the disclosure of private data as well as attempts to access unauthorized data and the sharing of User IDs and passwords. Upon the discovery of a possible improper disclosure of UIV information or another security violation by a program administrator employee or any other person, the individual making the observation or receiving the information should contact the program administrator’s security officer and/or the HUD Field Office’s Housing Director. The program administrator security officer or designated staff should document all improper disclosures in writing providing details including who was involved, what was disclosed, how the disclosure occurred, and where and when it occurred.
The following contacts should be made:
The individual that discovered the improper disclosure should contact the EBMC Program Administrator security officer and provide them with the written documentation;
The EBMC Program Administrator should provide the HUD Field Office Housing Director with the written documentation; and,
The HUD Field Office Public Housing Director upon receipt of the written documentation will make a determination regarding the referral and the provision of the written documentation to the HUD Headquarters EIV Coordinator and/or EIV Security Officer for further review and follow-up action.
Attachments;
History______________________________________________________________
Gabrielle Harris composed this Policy/Procedure on 02/09/2011 03:09:41 PM.