Privacy Office

About the Privacy Office

The United States Department of Agriculture Privacy Office is located within the Office of the Chief Information Officer. The mission of the USDA Privacy Office is to preserve and enhance privacy protections for all individuals, to promote transparency of USDA operations, and to serve as a leader in the federal privacy community. The Office accomplishes its mission by focusing on two key activities: (1) requiring compliance with the letter and spirit of federal laws promoting privacy and to provide policy and programmatic oversight and support operational implementation within the components; (2) providing education and outreach to build a culture of privacy and adherence to Fair Information Practice Principles (FIPPs) across the Department.

The USDA Privacy Office operates under the direction of the Chief Information Officer and the Chief Privacy Officer. The USDA Privacy Office works within the parameters of the Privacy Act of 1974, the e-Government Act of 2002 and the numerous laws, Executive Orders, Department policies that protect the use, and disclosure of personal and Departmental information.

Senior Agency Official for Privacy/Chief Information Officer

Gary S. Washington is the Chief Information Officer (CIO) for the U.S. Department of Agriculture. In this role, Mr. Washington works with stakeholders across USDA’s 17 component agencies and throughout Federal government to formulate Information Technology (IT) strategies and to develop policies that support IT budget formulation and execution, portfolio management, governance, IT operations and information security.

Mr. Washington continues to lead the information technology (IT) Modernization changes at USDA to transform USDA into a facts-based, data-driven, and customer-focused organization. In partnership with the White House Office of American Innovation and the General Services Administration Mr. Washington oversaw the co-creation of five (5) IT Modernization Centers of Excellence (CoEs), IT Infrastructure Optimization, Cloud Adoption, Customer Experience, Service Delivery Analytics, and the Contact Center. Over a two-year period, the CoEs in collaboration with USDA IT Professionals transformed IT and the way USDA does business today.

Prior to his appointment as CIO, Mr. Washington served as the CIO for the USDA’s, Animal and Plant Health Inspection Service (APHIS) as well as the CIO and Director of the Information Technology Division for USDA’s Natural Resources Conservation Service (NRCS). Prior to his appointment as the USDA, APHIS and NRCS CIO, Mr. Washington was a portfolio manager in the Electronic Government Office in the Executive Office of the President, Office of Management and Budget (OMB), where he was responsible for managing the Internal Effectiveness and Efficiency portfolio.

Mr. Washington has also worked at the Food and Drug Administration (FDA), where he was the Director of IT Governance and the Deputy Director of Infrastructure, and at the Bureau of Alcohol, Tobacco and Firearms (ATF) where he was the service manager for one of the first nationwide seat management programs.

Mr. Washington joined government after working for five (5) years in private industry as well as serving his country for 10 years in the U.S. Air Force as a Computer Operator and Command Control Specialist. He is the current president of the American Council Technology and a 2006 graduate of the Industry Advisory Council Partners Program. Mr. Washington is a graduate of the Federal Executive Institute (FEI) and holds a Bachelor of Science (BS) degree from Strayer University in Washington D.C.

Chief Privacy Officer

Scherida Lambert is the Chief Privacy Officer and Director of the Privacy Division for the U.S. Department of Agriculture. The Chief Privacy Officer (CPO) serves as a senior advisor and the principal advocate within USDA’s Office of the Chief Information Officer (OCIO). Ms. Lambert is responsible for integrating privacy protections into the collection, maintenance, use, sharing, and disposal of personal information about individuals across all OCIO programs and activities. The CPO has dual roles of developing the OCIO’s privacy program and ensuring the Department’s compliance with privacy-related laws, while also advising other USDA staff offices and mission areas on privacy related matters that impact USDA’s mission activities.

Ms. Lambert is a long-time privacy professional who, prior to joining the USDA, served as the Deputy Chief of Privacy and Transparency at the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS), managing CISA’s Privacy and FOIA programs. From 2008- 2024, she served as a privacy expert within DHS, starting her privacy career leading the incident response program at the Federal Emergency Management Agency (FEMA), responding to, investigating, and determining the appropriate privacy mitigation actions for incidents. She is a member of the International Association of Privacy Professionals with a certification in Government Privacy.

Ms. Lambert is well known for her expertise in federal privacy laws, risk management, privacy oversight, training and awareness, and privacy compliance. She has examined hundreds of systems, programs, initiatives, and information collections that implicate the privacy of customers, employees, and public citizens. She sincerely cares about the information which is collected, used, and disseminated about all individuals.

Privacy Compliance Documentation

The availability of information, from personal information to public information, is made all the easier due to technological changes in computers, digitized networks, internet access, and the creation of new information products. The e-Government Act of 2002 recognized that these advances also have important ramifications for the protection of personal information contained in government records and systems. The Act mandates an assessment of the privacy impact of any substantially revised or new Information Technology System. The document that results from these mandated assessments is called a Privacy Impact Assessment, or "PIA."

Privacy Impact Assessments (PIAs)

System of Records Notices (SORNs)

USDA Privacy Policy Statement

Privacy Policy Statement

USDA Privacy Policies

• DR3515-002: Privacy Policy and Compliance for Personally Identifiable Information
• DR3505-003: Access Control for Information and Information Systems
• DR3565-003 Plan of Action and Milestones Policy
• DR3545-001 Information Security Awareness (ISA) Program
• DR3450-001 Computer Matching Program Involving Personally Identifiable Information
• DR3505-005 Cyber Security Incident Management
• DM3505-005 Cybersecurity Incident Management Procedures
• DR3440-002 Control and Protection of “Sensitive Security Information

For a comprehensive list of USDA policies related to privacy, visit USDA’s online repository for all USDA Departmental Regulations, Notices, Manuals, Guidebooks.

Privacy Laws

• The Privacy Act of 1974
• The eGovernment Act of 2002
• Federal Information Security Modernization Act of 2014
• The Computer Matching and Privacy Protection Act 0f 1988
• The Paperwork Reduction Act of 1995
• Judicial Redress Act of 2015
• Trade Secrets Act
• Paperwork Reduction Act (PRA) of 1995
• Children’s Online Privacy Protection Act of 1998
• Social Security Number Fraud Prevention Act of 2017

For a comprehensive list of Federal laws related to privacy, visit the Federal Privacy Council's Law Library page.

Office of Management and Budget (OMB) Guidance

• OMB Memorandum 17-26, Reducing Burden for Federal Agencies by Rescinding and Modifying OMB Memoranda
• OMB Memorandum 06-19, Reporting Incidents Involving Personally Identifiable Information Incorporating the Cost for Security in Agency Information Technology Investments
• OMB Memorandum 10-23, Guidance for Agency Use of Third-Party Websites and Applications
• OMB Memorandum 06-16, Protection of Sensitive Agency Information
• OMB Memorandum 10-22, Guidance for Online Use of Web Measurement and Customization Technologies
• OMB Memorandum 06-15, Safeguarding Personally Identifiable Information
• OMB Memorandum 23-03, Guidance on Federal Information Security and Privacy Management Requirements for FY 2023
• OMB Memorandum 05-08, Designation of Senior Agency Officials for Privacy
• OMB Memorandum 03-22, Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002
• OMB Memorandum 07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information
• OMB Memorandum 99-18, Privacy Policies on Federal Web Sites
• OMB Memorandum M-01-05, Guidance on Inter-Agency Sharing of Personal Data - Protecting Personal Privacy
• OMB Memorandum M-11-02, Sharing Data While Protecting Privacy
• OMB Memorandum M-13-13, Open Data Policy - Managing Information as an Asset
• OMB Memorandum M-13-20, Protecting Privacy while Reducing Improper Payments with the Do Not Pay Initiative
• OMB Memorandum M-14-04, Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Management

For a comprehensive list of OMB Guidelines related to privacy, visit OMB’s Information and Guidance webpage.

Computer Matching Agreements

Publicly Available Agency Reports on Privacy

2023 Annual Computer Matching Agreement Activity Report (PDF, 67.4 KB)

Freedom of Information Act (FOIA)

The FOIA is found in Title 5 of the United States Code, Section 552. FOIA was enacted in 1966 and gives any person the right to request access to almost any federal agency record, except those protected from disclosure by legal exemptions and exclusions (e.g., classified national security, business proprietary, personal privacy, and investigative documents.)

USDA FOIA webpage

Contact Information

The Privacy Office
U.S. Department of Agriculture
Washington, DC 20250
Phone: 202-720-8755
Fax: 202-720-3445
Email: usdaprivacy@usda.gov