(a)(1)The Secretary of Homeland Security shall develop a data framework to integrate existing Department of Homeland Security datasets and systems, as appropriate, for access by authorized personnel in a manner consistent with relevant legal authorities and privacy, civil rights, and civil liberties policies and protections.
(2)In developing the framework required under paragraph (1), the Secretary of Homeland Security shall ensure, in accordance with all applicable statutory and regulatory requirements, the following information is included:
(A)All information acquired, held, or obtained by an office or component of the Department of Homeland Security that falls within the scope of the information sharing environment, including homeland security information, terrorism information, weapons of mass destruction information, and national intelligence.
(B)Any information or intelligence relevant to priority mission needs and capability requirements of the homeland security enterprise, as determined appropriate by the Secretary.
(b)(1)The Secretary of Homeland Security shall ensure that the data framework required under this section is accessible to employees of the Department of Homeland Security who the Secretary determines—
(A)have an appropriate security clearance;
(B)are assigned to perform a function that requires access to information in such framework; and
(C)are trained in applicable standards for safeguarding and using such information.
(2)The Secretary of Homeland Security shall—
(A)issue guidance for Department of Homeland Security employees authorized to access and contribute to the data framework pursuant to paragraph (1); and
(B)ensure that such guidance enforces a duty to share between offices and components of the Department when accessing or contributing to such framework for mission needs.
(3)The Secretary of Homeland Security shall promulgate data standards and instruct components of the Department of Homeland Security to make available information through the data framework required under this section in a machine-readable standard format, to the greatest extent practicable.
(c)The Secretary of Homeland Security may exclude information from the data framework required under this section if the Secretary determines inclusion of such information may—
(1)jeopardize the protection of sources, methods, or activities;
(2)compromise a criminal or national security investigation;
(3)be inconsistent with other Federal laws or regulations; or
(4)be duplicative or not serve an operational purpose if included in such framework.
(d)The Secretary of Homeland Security shall incorporate into the data framework required under this section systems capabilities for auditing and ensuring the security of information included in such framework. Such capabilities shall include the following:
(1)Mechanisms for identifying insider threats.
(2)Mechanisms for identifying security risks.
(3)Safeguards for privacy, civil rights, and civil liberties.
(e)Not later than 2 years after December 19, 2018, the Secretary of Homeland Security shall ensure the data framework required under this section has the ability to include appropriate information in existence within the Department of Homeland Security to meet the critical mission operations of the Department of Homeland Security.
(f)(1)The Secretary of Homeland Security shall submit to the appropriate congressional committees regular updates on the status of the data framework until the framework is fully operational.
(2)Not later than 60 days after the date on which the data framework required under this section is fully operational, the Secretary of Homeland Security shall provide notice to the appropriate congressional committees that the data framework is fully operational.
(3)The Secretary of Homeland Security shall annually brief Congress on component use of the data framework required under this section to support operations that disrupt terrorist activities and incidents in the homeland.
(g)In this section:
(1)The terms “appropriate congressional committee” and “homeland” have the meaning given those terms in section 101 of this title. (2)The term “homeland security information” has the meaning given such term in section 482 of this title. (3)The term “national intelligence” has the meaning given such term in section 3003(5) of title 50. (4)The term “terrorism information” has the meaning given such term in section 485 of this title. 