Department of Health and Human Services Administration for Children and Families Office of Child Support EnforcementAgreement to Exchange Electronic Income Withholding Orders/Notices • February 10th, 2022
Contract Type FiledFebruary 10th, 2022The employer, company, or government agency shall have appropriate procedures in place to promptly report confirmed or suspected information security or privacy incidents, including, but not limited to, unauthorized use or disclosure of Personally Identifiable Information (PII) involving confidential child support information submitted through OCSE to your organization. As soon as reasonably practicable after discovery, but in no case later than one hour after discovery of the incident, the employer, company, or government agency shall report confirmed or suspected incidents to OCSE as specified in this paragraph. The requirement for the employer, company, or government agency to report confirmed or suspected incidents involving PII to OCSE is based on federal guidance/requirements from the Office of Management and Budget (OMB), Health and Human Services (HHS), the Federal Information Security Modernization Act of 2014 (FISMA), and the United States Computer Emergency Readiness Team (U