View ZIP version of Agency IT Policy Archive
| Policy Name | Effective Date | Policy Number |
|---|---|---|
| HHS Policy for Rules of Behavior for Use of Information and IT Resources | February 2023 | HHS-OCIO-OIS-2023-02-002 |
| HHS Policy for the Common Data Use Agreement (DUA) Structure and Repository | January 2023 | HHS-OCIO-CDO-2023-01-001 |
| HHS Policy for Encryption of Computing Devices and Information | December 2022 | HHS-OCIO-OIS-2022-12-001 |
| HHS Policy for Securing Artificial Intelligence (AI) Technology | December 2021 | HHS-OCIO-OIS-2021-12-007 |
| HHS Policy for Information Security and Privacy Protection | November 2021 | HHS-OCIO-OIS-2021-11-006 |
| HHS Policy for Information Technology Portfolio Management (PfM) | September 2021 | HHS-OCIO-OES-2021-09-005 |
| HHS Policy For The Transition To Internet Protocol Version 6 (Ipv6) | August 2021 | HHS-OCIO-OES-2021-08-004 |
| HHS Policy for the Implementation of DHS Directive on Vulnerability Disclosure | May 2021 | HHS-OCIO-OIS-2021-05-003 |
| Complete Transition to IPv6 Memorandum | April 2021 | |
| HHS Policy for the Implementation of Trusted Internet Connections (TIC) | March 2021 | HHS-OCIO-OIS-2021-03-002 |
| HHS Policy for Information Technology Procurements - Security And Privacy Language | March 2021 | HHS-OCIO-OIS-2021-03-001 |
| HHS Policy for IT System Inventory Management | December 2020 | HHS-OCIO-OES-2020-12-011 |
| HHS Policy for Cyber Supply Chain Risk Management | August 2020 | HHS-OCIO-OIS-2020-08-010 |
| HHS Policy for Information Technology Asset Management (ITAM) | August 2020 | HHS-OCIO-OCPO-2020-08-008 |
| HHS Policy for Vulnerability Management | August 2020 | HHS-OCIO-OIS-2020-08-009 |
| HHS Policy for Section 508 Compliance and Accessibility of Information and Communications Technology (ICT) | July 2020 | HHS-OCIO-OES-2020-07-007 |
| HHS Policy for Information Technology Acquisition Reviews (ITAR) | June 2020 | HHS-OCIO-OES-2020-06-006 |
| HHS Policy for Implementing Electronic Mail (Email) Records Management | May 2020 | HHS-OCIO-PIM-2020-06-005 |
| HHS Policy for Preparing for and Responding to a Breach of Personally Identifiable Information (PII) | May 2020 | HHS-OCIO-PIM-2020-05-003 |
| HHS Policy for Records Management | May 2020 | HHS-OCIO-PIM-2020-06-004 |
| HHS Policy for Domain Name System (DNS) and Domain Name System Security Extensions (DNSSEC) Services | October 2019 | HHS-OCIO-OIS-2019-11-011 |
| HHS Policy for Internet and Email Security | October 2019 | HHS-OCIO-OIS-2019-10-009 |
| HHS OIS High Value Asset Program Policy | August 2019 | HHS-OCIO-OES-2018-09-006 |
| HHS Policy for Mobile Devices and Removable Media | August 2019 | HHS-OCIO-OIS-2019-09-0005 |
| HHS Policy for Software Development Secure Coding Practices | August 2019 | HHS-OCIO-OES-2019-08-005 |
| Policy for Privacy Impact Assessments | June 2019 | HHS-OCIO-PIM-2019-05-003 |
| HHS Mobile Applications Privacy Policy | September 2018 | HHS-OCIO-PIM-2018-09-001 |
| HHS IT Policy for Enterprise Performance Life Cycle | November 2016 | HHS-OCIO-2008-004.002 |
| HHS Policy for Litigation Holds | November 2016 | |
| HHS OCIO Policy for Information Technology Capital Planning and Investment Control | September 2016 | HHS-OCIO-2016-CPIC-01 |
| HHS OCIO Policy for Social Media Technologies | March 2012 | HHS-OCIO-2010-0003.1 |
| HHS Policy for Electronic Stewardship | June 2011 | HHS-OCIO-2011-0002.001 |
| HHS OCIO Policy for Networx Program Designated Agency Representatives | June 2010 | HHS-OCIO-2010-0005 |
| HHS Policy for Enterprise Architecture | August 2008 | HHS-OCIO-2008-0003 |
| HHS OCIO Policy for Information Technology Policy Development | November 2006 | HHS-OCIO-2006-0004 |
| HHS IRM Policy for Comments from and Responses to Operating Divisions on Newly Developed policies and CIO Council and ITIRB Clearance Documents | February 2003 | HHS-IRM-2003-0001 |
