The Bureau of Industry and Security Chief Privacy Officer is responsible for the development and maintenance of privacy policies, procedures, and guidance essential to safeguarding the collection, access, use, dissemination, and storage of personally identifiable information (PII), business identifiable information (BII), and Privacy Act information in accordance with the Privacy Act of 1974, the E-Government Act of 2002, Federal Information Security Modernization Act (FISMA) of 2014, and policy and guidance issued by the President and Office of Management and Budget (OMB). 

Bureau's Chief Privacy Officer

The Bureau’s Privacy Office is within the Bureau of Industry and Security, Chief Financial Officer and Director of Administration, Office of Planning, Evaluation and Management.

 KValentin photo

Keven Valentin, Chief Financial Officer and Director of Administration, Bureau of Industry and Security

Mr. Valentin leads the Financial Management, Budgetary, Human Capital, Acquisitions, Internal Controls, Risk Management, Privacy, and Space Management activities across BIS.

Prior to serving as the BIS Chief Financial Officer (CFO) and Director of Administration (DOA), Mr. Valentin served as the BIS Budget Officer, where he ensured BIS was properly resourced to meet its mission. Mr. Valentin also served at the Department of Commerce (DOC), Office of Budget, with oversight responsibilities in support of the U.S. Census Bureau and Departmental Management budget. In this role, Mr. Valentin provided technical guidance and support to senior DOC and bureau leadership, and regularly engaged in all phases of the DOC budget process.

Mr. Valentin has spent his entire career working within the budget and CFO community and has also served at the U.S. Department of Homeland Security, Federal Emergency Management Agency (FEMA), where he managed resources and supported recovery efforts during the historically active 2017 hurricane season. Mr. Valentin also served at the U.S. Department of Agriculture, in multiple financial management and acquisitions positions. Mr. Valentin is a native of Chicago, where he attended Loyola University’s Business School, and later graduated Magna cum Laude from the University of Puerto Rico earning his BA in Accounting and Finance.


Bureau's Chief Information Security Officer

Ms. Ida Mix serves as the Bureau’s Chief Information Security Officer

Bureau's Reviewing Official for Privacy Impact Assesments (PIA) 

Ms. Tiffany Daniel serves as the Bureau’s Reviewing Official for PIAs

Bureau's Point of Contact (POC) for URL Links

Mr. Aleck Che-Mponda serves as the POC for Bureau’s URL Links

Bureau's Privacy Operations

Ms. Tiffany Daniel serves as the Bureau’s Privacy Officer

Privacy Act Regulations

Here are the Privacy Act Implementation and Exemption Regulations. Each agency that maintains a system of records is required to publicize certain rules in order to carry out the provisions of the Privacy Act.  In addition, the head of any agency may disseminate rules to exempt certain system of records within the agency from certain provisions of the Privacy Act.

Privacy Act of 1974

Public Law 93-579, Dec 31, 1974 was enacted to amend title 5, United Sates Code, by adding section 552a to safeguard individual privacy from the misuse of Federal records, to provide that individuals be granted access to records concerning them which are maintained by Federal Agencies, to establish a Privacy Protection Study Commission, and for other purposes. In accordance with the ruling of the Senate and House of Representatives of the United States of America in Congress assembled, that this Act may be sited the “Privacy Act of 1974” as amended, Title 5, United States Code (U.S.C.)552a€; Pub. L. 93–579, § 1, Dec. 31, 1974, 88 Stat. 1896

The Privacy Act guarantees three primary rights:

    1. The right to see records about oneself, subject to Privacy Act exemptions;
    2. The right to request the amendment of records that are not accurate, relevant, timely or complete; and
    3. The right of individuals to be protected against unwarranted invasion of their privacy resulting from the collection, maintenance, use, and disclosure of personal information.

Bureau's Federal Information Security Modernization Act of 2014

In accordance with the Federal Information Security Modernization Act of 2014 (FISMA), OMB is responsible for overseeing Federal agencies’ information security practices and developing and implementing related policies and guidelines. (Amends the Federal Information Security Management Act of 2002, 44 U.S.C. § 3541), requires agencies to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of an agency.

E-Government Act of 2002

Establishes procedures to ensure the privacy of personal information in electronic records.

Freedom of Information Act (FOIA)

Spearheads the concept of Open Government by distributing the accountability and transparency of information as much as possible in equal shares for citizens and government except to the extent that such records (or portions of them) are protected from public disclosure by one of nine exemptions or by one of three special law enforcement record exclusions.

Children’s Online Privacy Protection Act of 1998

(15 U.S.C. 6501-06) (COPPA) imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.

Department of Commerce Privacy Act Fact Sheets

General fact sheet for Systems of Records Notice (SORNs)

OIG's Whistleblower Protection Program:



System of Records

Below is a link to the system of records maintained by BIS. A system of records is defined by the Privacy Act of 1974 as a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual.  Rules exempting systems of records from certain Privacy Act requirements are in 28 CFR Part 16, Subpart E, and are listed with the corresponding system of record;

System Exemptions From Certain Provisions Of The Act

Sec. 552 - Public information; agency rules, opinions, orders, records, and proceedings

United States Code, 2015 Edition| Title 5 - GOVERNMENT ORGANIZATION AND EMPLOYEES

Export Administration Act of 1979


The Act was repealed by the Export Controls Act of 2018 enacted on August 4, 2018. That law made the Export Administration Regulations permanent. However, "because the implementation of certain sanctions authorities, including sections 11A, 11B, and 11C of the Export Administration Act," (that were not repealed), the president must continue to use the IEEPA to reauthorize every year.

The link above will show the legal authorities which include the entire EAA as it existed before being repealed with the exception of 11A, 11B and 11C.


Chemical Weapons Convention Implementation Act of 1998


Additional Protocol Implementation Act of 2006

The Committee on Foreign Relations, having had under consideration an original bill to implement the obligations of the United States under the Protocol Additional to the Agreement Between the United States of America and the International Atomic Energy Agency for the Application of Safeguards in the United States of America, with annexes, signed at Vienna June 12, 1998, reports favorably thereon and recommends that the bill do pass.

Defense Production Act of 1950 

The Act establishes a limited antitrust exemption for such voluntary agreements.

Additional Authorities, Office of Management and Budget (OMB) Memoranda and Circulars

BIS Approved PIAs

Instructions for Submitting a Privacy Act Request

(h) Agreements regarding consultations and referrals: Agencies may make agreements with other agencies to eliminate the need for consultations or referrals for particular types of records.

Bureau of Industry and Security Privacy Policy Page

If further questions, please send an email to:

Please send an email to Bureau of Industry and Security at: This email address is being protected from spambots. You need JavaScript enabled to view it.


U.S. Department of Commerce Office of Privacy and Open Government send email to: This email address is being protected from spambots. You need JavaScript enabled to view it.




© BIS 2020