Privacy Policy
Effective Date: 1 February 2023
1. Introduction
DCI Solutions is committed to safeguarding the privacy and security of personal and sensitive information. This Privacy Policy outlines our practices for collecting, using, storing, and protecting information, in alignment with the principles of the National Institute of Standards and Technology Special Publication 800-171 (NIST SP 800-171).
2. Information We Collect
We may collect various types of information, including but not limited to:
- Personally Identifiable Information (PII): Information that can be used to identify an individual, such as name, address, email, and contact details.
- Controlled Unclassified Information (CUI): Sensitive information defined by NIST SP 800-171, which requires enhanced protection measures.
3. Data Security
We implement security measures to protect the confidentiality, integrity, and availability of collected information, in accordance with NIST SP 800-171 security requirements. These measures include:
- Access Controls: Limiting access to authorized personnel and implementing authentication mechanisms.
- Encryption: Using encryption techniques to protect sensitive data both in transit and at rest.
- Incident Response: Developing plans to address and mitigate security incidents promptly.
- Regular Assessments: Conducting periodic assessments of our security controls to ensure compliance with NIST SP 800-171 guidelines.
4. Information Usage
We use collected information for purposes such as:
- Providing requested services and information.
- Improving our products and services based on feedback and usage patterns.
- Compliance with legal and regulatory requirements, including those outlined in NIST SP 800-171.
5. Information Sharing
We do not sell or rent your information to third parties. However, we may share information under the following circumstances:
- With trusted service providers who assist us in operating our business.
- In response to legal requests, court orders, or to comply with applicable laws.
6. Your Choices
You have the right to:
- Access your personal information and request corrections.
- Opt-out of receiving promotional communications.
- Request the deletion of your information, subject to legal and regulatory requirements.
7. Updates to this Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The effective date at the beginning of the policy indicates the latest revision date.
8. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:
DCI Solutions – Cybersecurity
6245 Guardian Gateway
Suite 120
Aberdeen Proving Ground, MD 21005
ATTN: Director of Cybersecurity
9. Changelog
| # | Date | Change | Change Author | Material Change |
|---|---|---|---|---|
| 1 | 1 FEB 23 | Policy Creation | DCI Cybersecurity | Yes |
| 2 | ||||
| 3 | ||||
| 4 |
Next Review Date: 11 December 2023