HHS OCIO Policies, Standards and Charters (Historical)
Historical Policies, Standards, and Charters - Categories
Policy is defined as the "what" and the "when" whereas Procedure is defined as the "how".
Oversight groups (the President; Congress; Office of Management and Budget (OMB); General Services Agency (GSA); Office of Personnel Management (OPM); etc.) set the standards, the goal, the expectations that all Cabinet-Level Departments and their equivalents are to meet.
The delta between where a Department is from that oversight-set goal, that expectation; that is the Department's Policy on "what" and "when" activities must occur in order to achieve progress towards that set that goal.
HISTORICAL POLICIES
Description | Number | Date Issued | HTML Document |
|---|---|---|---|
| HHS-OCIO Pilot Policy for Information Technology Investment Performance Baseline Management - Superseded and made obsolete by Policy HHS-OCIO-2010-0007 | 2009-0005 | 11/03/2009 | HTML |
HHS-OCIO Policy for IT Earned Value Management -Superseded and made obsolete by Policy 2009.0005 See Procedures Section for EVM Procedures Document | 2007-0001.001 | 06/11/2007 | HTML |
HHS IRM Policy for Conducting Information Technology Alternatives Analysis – superseded and obsoleted by Policy 2003-0002 | 2000-0002 | 01/08/2001 | |
HHS IRM Policy for Capital Planning and Investment Control – superseded and obsoleted by Policy 2005-0005.001 | 2000-0001 | 01/08/2001 | |
HHS IRM Guidelines for Capital Planning and Investment Control – superseded and obsoleted by Policy 2005-0005.001 | 2000-0001-GD | 01/08/2001 | |
| HHS-OCIO Policy for IT Earned Value Management – superseded and obsoleted by Policy 2007-0001 | 2005-0004.001 | 12/30/2005 | HTML |
| HHS Policy for IT Capital Planning and Investment Control (CPIC) - superseded and obsoleted by Policy 2010-0002 | 2005-0005.001 | 12/30/2005 | HTML |
| HHS-OCIO IT Policy for Enterprise Architecture (EA) - superceded and obsoleted by Policy 2008-0003.001 | 2005-0003.001 | 01/10/2006 | HTML |
HHS-OCIO policy for Networx Program Designated Agency Representatives superseded and made obsolete by Policy 2010-0005 |
|
|
|
OCIO Policy Development and Review Process [2 Policies] | |||
HHS IRM Policy for Personal Use Of Information Technology Resources – superseded and obsoleted by Policy 2006-0001 | 2004-0001 | 11/23/2004 | |
Personal Use Of Information Technology Resources – superseded and obsoleted by Policy 2004-0001 | 2000-0003 | 01/08/2001 | |
| HHS IRM Usage of Persistent Cookies - obsoleted by Implementation of OMB Memoranda (M)-10-22 and OMB M-10-23 | 2000-0009 | 1/08/2001 | HTML |
| HHS IRM Information Security Program Policy | 2004-0002.001 | 12/15/2004 | HTML |
| HHS Policy for Responding to Breaches of Personally Identifiable Information (PII) – superseded and obsoleted by Policy 2008-0001.003 | 2008-0001.002 | 04/15/2008 | HTML |
| HHS - OCIO Policy for Information Systems Security and Privacy - obsoleted and superseded by Policy for Information Systems Security and Privacy 2010-0006 | 2009-0003 | 06/25/2009 | HTML |
| HHS IRM Policy for Establishing an Incident Response Capability -obsoleted and superseded by Policy for IT Security and Privacy Incident Reporting and Response 2010-0004 | 2000-0006 | 01/08/2001 | HTML |
| HHS - OCIO Policy for Information Systems Security and Privacy obsoleted and superseded by HHS - OCIO Policy for Information Systems Security and Privacy 2011-0003 | 20010-0006 | 09/22/2010 | HTML |
HHS Policy for Electronic Records Management - superceded and obsoleted by Policy 2007-0004.001 | 2005-0001 | 09/15/2005 | |
| HHS Policy for Records Management - superceded and obsoleted by Policy 2007-0004.001 | 2005-0002.002 | 09/15/2005 | HTML |
| HHS Policy for Records Management Employee Departures - superceded and obsoleted by Policy 2007-0004.001 | 2007-0003.002 | 09/24/2007 | HTML |
Domain Names – superseded and obsoleted by Policy WEB-2005-01 | 2000-0008 | 01/08/2001 | |
HISTORICAL PROCEDURES AND APPENDICES
Description | Number | Date Issued | HTML Document |
|---|---|---|---|
|
|
| |
|
|
| |
| Information Quality Guidelines | |||
HISTORICAL STANDARDS [1 Total]
Description | Number | Date Issued | HTML Document |
|---|---|---|---|
| Records Management | |||
| IT Security and Privacy [1 Policy] | |||
| HHS Encryption Standard for Mobile Devices and Portable Media | 2007-0001.001S | 08/21/2007 | HTML |
| HHS Rules of Behavior (For Use of Technology Resources and Information) | 2008-0001.003S | 02/12/2008 | HTML |
| HHS Standard for Plan of Action and Milestones superceded and obsoleted by Standard 2011-0010.001S | 2008-0005.001S | 12/23/2008 | HTML |
HISTORICAL CHARTERS [2 Total]
Description | Number | Date Issued | HTML Document |
|---|---|---|---|
| Enterprise Architecture [1 Charter] | |||
Department of Health and Human Services Chief Technology Officer (CTO) Council Charter | 2009-0001.001C | 11/18/2009 | HTML |
| Records Management | |||
| IT Security and Privacy [1 Charter] | |||
| Personally Identifiable Information (PII) Breach Response Team (BRT) Charter | 2008.0001.002C | 04/15/2008 | HTML |