PT-8

  • Requirement

    When a system or organization processes information for the purpose of conducting a matching program:

    1. Obtain approval from the Data Integrity Board to conduct the matching program;
    2. Develop and enter into a computer matching agreement;
    3. Publish a matching notice in the Federal Register;
    4. Independently verify the information produced by the matching program before taking adverse action against an individual, if required; and
    5. Provide individuals with notice and an opportunity to contest the findings before taking adverse action against an individual.
  • Discussion

    The PRIVACT establishes requirements for federal and non-federal agencies if they engage in a matching program. In general, a matching program is a computerized comparison of records from two or more automated PRIVACT systems of records or an automated system of records and automated records maintained by a non-federal agency (or agent thereof). A matching program either pertains to federal benefit programs or federal personnel or payroll records. A federal benefit match is performed to determine or verify eligibility for payments under federal benefit programs or to recoup payments or delinquent debts under federal benefit programs. A matching program involves not just the matching activity itself but also the investigative follow-up and ultimate action, if any.

More Info

  • Title

    Computer Matching Requirements
  • Family

    PII Processing and Transparency
  • NIST 800-53B Baseline(s)

    • Privacy
  • Related NIST 800-53 ID

    PM-24

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!