View all text of Part A [§ 121 - § 126]
§ 126. Department of Homeland Security data framework
(a) In general
(1) Development
(2) Requirements
In developing the framework required under paragraph (1), the Secretary of Homeland Security shall ensure, in accordance with all applicable statutory and regulatory requirements, the following information is included:
(A) All information acquired, held, or obtained by an office or component of the Department of Homeland Security that falls within the scope of the information sharing environment, including homeland security information, terrorism information, weapons of mass destruction information, and national intelligence.
(B) Any information or intelligence relevant to priority mission needs and capability requirements of the homeland security enterprise, as determined appropriate by the Secretary.
(b) Data framework access
(1) In general
The Secretary of Homeland Security shall ensure that the data framework required under this section is accessible to employees of the Department of Homeland Security who the Secretary determines—
(A) have an appropriate security clearance;
(B) are assigned to perform a function that requires access to information in such framework; and
(C) are trained in applicable standards for safeguarding and using such information.
(2) Guidance
The Secretary of Homeland Security shall—
(A) issue guidance for Department of Homeland Security employees authorized to access and contribute to the data framework pursuant to paragraph (1); and
(B) ensure that such guidance enforces a duty to share between offices and components of the Department when accessing or contributing to such framework for mission needs.
(3) Efficiency
(c) Exclusion of information
The Secretary of Homeland Security may exclude information from the data framework required under this section if the Secretary determines inclusion of such information may—
(1) jeopardize the protection of sources, methods, or activities;
(2) compromise a criminal or national security investigation;
(3) be inconsistent with other Federal laws or regulations; or
(4) be duplicative or not serve an operational purpose if included in such framework.
(d) Safeguards
The Secretary of Homeland Security shall incorporate into the data framework required under this section systems capabilities for auditing and ensuring the security of information included in such framework. Such capabilities shall include the following:
(1) Mechanisms for identifying insider threats.
(2) Mechanisms for identifying security risks.
(3) Safeguards for privacy, civil rights, and civil liberties.
(e) Deadline for implementation
(f) Notice to Congress
(1) Status updates
(2) Operational notification
(3) Value added
(g) Definitions
In this section:
(1) Appropriate congressional committee; homeland
(2) Homeland security information
(3) National intelligence
(4) Terrorism information
(Pub. L. 115–331, § 2, Dec. 19, 2018, 132 Stat. 4484.)