View Rule

In accordance with the Privacy Act of 1974, the Department of Homeland Security (DHS) proposes to modify and reissue a current DHS system of records titled, Department of Homeland Security/ALL-038 Insider Threat System of Records.” This system of records allows DHS to establish capabilities to detect, deter, and mitigate insider threats. An Insider” is defined to include any person who has or who had authorized access to any DHS facility, information, equipment, network, or system. An insider threat” is the threat that an insider will use his or her authorized access, wittingly or unwittingly, to do harm to the Department's mission, resources, personnel, facilities, information, equipment, networks, or systems. DHS will use the system to facilitate management of insider threat inquiries; identify potential threats to DHS resources and information assets; manage referrals of potential insider threats to and from internal and external partners; provide authorized assistance to lawful administrative, civil, counterintelligence, and criminal investigations; and provide statistical reports and meet other insider threat reporting requirements.

DHS is modifying the Insider Threat System of Records to account for the new population affected and new types of information the program is now authorized to collect and maintain pursuant to a memorandum, Expanding the Scope of the Department of Homeland Security Insider Threat Program, approved by the Secretary of Homeland Security on January 3, 2017. Originally, the Insider Threat Program focused on the detection, prevention, and mitigation of unauthorized disclosure of classified information by DHS personnel with active security clearances. The Secretary’s memorandum expands the scope of the Insider Threat Program to its current breadth: threats posed to the Department by all individuals who have or had access to the Department's facilities, information, equipment, networks, or systems. Unauthorized disclosure of classified information is merely one way in which this threat might manifest. Therefore, the expanded scope increases the population covered by the system to include all those with past or current access to DHS facilities, information, equipment, networks, or systems.