Standard Mandatory DoD Notice and Consent

You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.

By using this IS (which includes any device attached to this IS), you consent to the following conditions:

  • The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
  • At any time, the USG may inspect and seize data stored on this IS.
  • Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG authorized purpose.
  • This IS includes security measures (e.g., authentication and access controls) to protect USG interests - not for your personal benefit or privacy.
  • Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.

Data Sharing Acknowledgement

To properly protect data containing information protected by the Federal Privacy Act and other laws, and to maintain the confidence of the American public regarding the confidentiality of information collected and maintained by the Federal government, DHRA requires requestors and recipients of information and data provided to adhere to those laws and agree to comply with the conditions set forth in this document. The Requestor/Recipient agrees that:

  1. Shared or derived data will be used in a manner consistent with the purpose for which it was collected and maintained.
  2. Requestor/Recipient will delete or destroy data in accordance with National Archives and Records Administration (NARA) requirements for records retention and disposition.
  3. Any data or information derived from the shared data shall not be disclosed, released, revealed, shown, sold, rented, leased, loaned, duplicated or disseminated to anyone outside of this agreement without express written authorization from DHRA.
  4. Any data and information derived from the shared data may not be maintained outside the United States.
  5. Requestor/Recipient will not use the shared information or data for marketing or other unauthorized purposes.
  6. Ensure that any persons accessing Federal Privacy Act information complies, at all times, with the Privacy Act of 1974, 5 U.S.C. § 552a, as amended, and applicable DoD guidance, including but not limited to DoD Manual 5200.02.
  7. Requestor/Recipient will ensure they have successfully completed an acceptable system accreditation process in accordance with the Federal Information Security Modernization Act of 2014, and provide a letter signed off by someone with the authority to accept responsibility and obligation for the agency. Upon request, evidence of compliance in the form of an Authority to Operate (ATO) must be provided to DHRA.
  8. If the shared or derived data is to be used for human studies, the Requestor/Recipient has gone through all the requirements for the Human Research Protection Program (HRRP). Upon request, provide supporting artifacts of compliance to the DHRA Human Research Protections Officer.
  9. Requestor/Recipient will ensure data transmission and data storage are conducted in accordance with Federal law, including the provisions of the Office of Management and Budget (OMB) and National Institute of Standards and Technology (NIST) guidance and make certain that their contractors and partners similarly comply.
  10. Requestor/Recipient will not share the shared or derived data with any person who does not have a need to know, any non-U.S. citizen contractors, nor with any U.S. citizen contractors who cannot obtain proper clearance or meet the access and handling requirements.
  11. Requestor/Recipient, within an hour of becoming aware of a breach or potential breach of data provided by DHRA, will notify DHRA of the breach. Cybersecurity incidents discovered on DHRA systems or involve DHRA data will be reported to the DHRA Cybersecurity Incident Response Team via email (dodhra.dodc-mb.dmdc.list.ir-team@mail.mil).
Contact DMDC || Accessibility/Section 508 || USA.gov || No Fear Act Notice
For assistance or to report problems, please call toll free: 800-538-9522 Commercial: 502-335-9980.