SI-18(4)

  • Requirement

    Correct or delete personally identifiable information upon request by individuals or their designated representatives.

  • Discussion

    Inaccurate personally identifiable information maintained by organizations may cause problems for individuals, especially in those business functions where inaccurate information may result in inappropriate decisions or the denial of benefits and services to individuals. Even correct information, in certain circumstances, can cause problems for individuals that outweigh the benefits of an organization maintaining the information. Organizations use discretion when determining if personally identifiable information is to be corrected or deleted based on the scope of requests, the changes sought, the impact of the changes, and laws, regulations, and policies. Organizational personnel consult with the senior agency official for privacy and legal counsel regarding appropriate instances of correction or deletion.

More Info

  • Title

    Personally Identifiable Information Quality Operations | Individual Requests
  • Family

    System and Information Integrity
  • NIST 800-53B Baseline(s)

    • Privacy
  • Related NIST 800-53 ID

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!