Homeland Security Presidential Directive 12

HSPD 12 Full Text
Homeland Security Presidential Directive-12
August 27, 2004
SUBJECT: Policies for a Common Identification Standard for Federal Employees and
Contractors
1. Wide variations in the quality and security of forms of identification used to gain access to
secure Federal and other facilities where there is potential for terrorist attacks need to be
eliminated. Therefore, it is the policy of the United States to enhance security, increase
Government efficiency, reduce identity fraud, and protect personal privacy by establishing
a mandatory, Government-wide standard for secure and reliable forms of identification
issued by the Federal Government to its employees and contractors (including contractor
employees).
2. To implement the policy set forth in paragraph (1), the Secretary of Commerce shall
promulgate in accordance with applicable law a Federal standard for secure and reliable
forms of identification (the "Standard") not later than 6 months after the date of this
directive in consultation with the Secretary of State, the Secretary of Defense, the
Attorney General, the Secretary of Homeland Security, the Director of the Office of
Management and Budget (OMB), and the Director of the Office of Science and
Technology Policy. The Secretary of Commerce shall periodically review the Standard and
update the Standard as appropriate in consultation with the affected agencies.
3. "Secure and reliable forms of identification" for purposes of this directive means
identification that (a) is issued based on sound criteria for verifying an individual
employee's identity; (b) is strongly resistant to identity fraud, tampering, counterfeiting,
and terrorist exploitation; (c) can be rapidly authenticated electronically; and (d) is issued
only by providers whose reliability has been established by an official accreditation
process. The Standard will include graduated criteria, from least secure to most secure, to
ensure flexibility in selecting the appropriate level of security for each application. The
Standard shall not apply to identification associated with national security systems as
defined by 44 U.S.C. 3542(b)(2).
4. Not later than 4 months following promulgation of the Standard, the heads of executive
departments and agencies shall have a program in place to ensure that identification
issued by their departments and agencies to Federal employees and contractors meets
the Standard. As promptly as possible, but in no case later than 8 months after the date of
promulgation of the Standard, the heads of executive departments and agencies shall, to
the maximum extent practicable, require the use of identification by Federal employees
and contractors that meets the Standard in gaining physical access to Federally controlled
facilities and logical access to Federally controlled information systems. Departments and
agencies shall implement this directive in a manner consistent with ongoing Governmentwide activities, policies and guidance issued by OMB, which shall ensure compliance.

5. Not later than 6 months following promulgation of the Standard, the heads of executive
departments and agencies shall identify to the Assistant to the President for Homeland
Security and the Director of OMB those Federally controlled facilities, Federally controlled
information systems, and other Federal applications that are important for security and for
which use of the Standard in circumstances not covered by this directive should be
considered. Not later than 7 months following the promulgation of the Standard, the
Assistant to the President for Homeland Security and the Director of OMB shall make
recommendations to the President concerning possible use of the Standard for such
additional Federal applications.
6. This directive shall be implemented in a manner consistent with the Constitution and
applicable laws, including the Privacy Act (5 U.S.C. 552a) and other statutes protecting
the rights of Americans.
7. Nothing in this directive alters, or impedes the ability to carry out, the authorities of the
Federal departments and agencies to perform their responsibilities under law and
consistent with applicable legal authorities and presidential guidance. This directive is
intended only to improve the internal management of the executive branch of the Federal
Government, and it is not intended to, and does not, create any right or benefit
enforceable at law or in equity by any party against the United States, its departments,
agencies, entities, officers, employees or agents, or any other person.
8. The Assistant to the President for Homeland Security shall report to me not later than 7
months after the promulgation of the Standard on progress made to implement this
directive, and shall thereafter report to me on such progress or any recommended
changes from time to time as appropriate.