In November, the U.S. Office of Management and Budget (OMB) released the memorandum, “Modernizing Access to and Consent for Disclosure of Records Subject to the Privacy Act.” The memo (M-21-04) offers guidance for federal agencies to modernize processes of public records requests under the Privacy Act of 1974. The memo references requirements set forth by the Creating Advanced Streamlined Electronic Services for Constituents Act of 2019 (CASES Act) in its guidance.
The CASES Act mandates that 1) every federal agency must accept “electronic identity proofing” and “authentication processes” for the individuals seeking access to records to “provide prior written consent for the disclosure of the individual’s records”; 2) every federal agency must have a template for electronic consent and access forms available on their website; and 3) every federal agency must accept valid electronic consent and access forms within one year of receipt.
In memo M-21-04, OMB states that agencies are “responsible” for “modernizing supporting information systems and digitizing any existing processes” to meet the requirements of the CASES Act. OMB recommends that Senior Agency Officials for Privacy (SAOPs) coordinate with the senior IT officials, including CIOs and CSOs, within their respective agencies to comply with the CASES Act. OMB also recommends that agencies apply the minimization principle when collecting individuals’ information and consent. The minimization principle dictates that agencies “should only create, collect, use, process, store, maintain, disseminate, or disclose PII that is directly relevant and necessary to accomplish a legally authorized purpose.”
Additionally, OMB recommends that agencies establish strong identity-proofing and authentication of their electronic forms and comply with their Privacy Act implementation rules when implementing the required electronic forms and procedures.
Federal agencies and customers of FOIAXpress should know that we are ready to comply with the requirements set by the CASES Act and the guidelines set by memo M-21-04. Through our FOIAXpress Public Access Link (PAL), members of the public can securely and electronically submit Freedom of Information Act (FOIA) and Privacy Act requests to federal agencies. FOIAXpress accepts and tracks all FOIA and Privacy Act requests from intake to disclosure.
Through PAL, FOIAXpress links to agency sites that host proof of identity forms. Our next version of FOIAXpress, 10.7, will be capable of integrating with login.gov in order to meet the identity proofing and authentication requirement of the CASES Act.
At AINS, our experienced FOIA professionals are constantly up-to-date on new guidance and mandates so that we can ensure FOIAXpress remains in compliance with FOIA and Privacy Act law. We are committed to delivering the best FOIA solution to our customers as the number one FOIA solutions provider in America.
If you have more questions about how FOIAXpress complies with the CASES Act or memo M-21-04, you can contact us at firstname.lastname@example.org. To learn how your agency can implement FOIAXpress PAL or other solutions to facilitate your processing of FOIA requests, please request a demo today.