Accessibility Tools

Skip to main content

Access World-Class NIST RMF Documentation with ASP Learn More

Privacy Program Plan for DoD Contractors
A Must for Federal Compliance Reporting

Overview

A strict requirement for federal agencies - and federal contractors supporting such agencies - is developing a Privacy Program Plan (PPP). Per NIST SP 800-53, “A privacy program plan is a formal document that provides an overview of an organization’s privacy program, including a description of the structure of the privacy program, the resources dedicated to the privacy program…”

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

Reporting Requirements

Per PM-18 of NIST SP 800-53, organizations are to “...Develop and disseminate an organization-wide privacy program plan that provides an overview of the…privacy program…”. And per the Defense Health Agency, “...contractors [are] to protect from unauthorized exposure the PII entrusted to their care, to complete privacy compliance activities, to report breaches of PII, and to reduce the volume and types of PII to only that needed for program functions…”

As a federal contractor supporting the DoD, or any other government agency, if you work with PII that is owned or maintained by a federal agency, you need a Privacy Program Plan.

Key Elements of a Successful Privacy Program Plan

A well-written Privacy Program Plan must include a description of the structure of the program and the resources dedicated to the program, an overview of the requirements for the program and a description of program management controls and common controls in place or planned for meeting those requirements, and so much more.

How to Get Started

Start by downloading our Privacy Program Plan toolkit at the Arlington Security Portal (ASP).

How Arlington Can Help

We have years of experience working within the broader federal agency apparatus in helping federal contractors develop high-quality, well-written, policies and procedures and additional NIST RMF information security and privacy materials. Our NIST RMF information security and privacy policies, procedures, programs, and plans have been used by thousands of federal contractors in helping organizations develop customized documentation for their growing security and compliance needs.

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.


More Briefs