DOC Web Policies & Best Practices Jennifer Hammond NOAA Research WebShop 2002 August 7, 2002

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 1. Links to DOC Home Page Policy: must link to DOC’s home page Purpose: To identify high level organizations as part of DOC, while allowing flexibility and creativity in the development of Web pages and Web sites Deadline: August 11, 2000

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 2. Links to Organizational Home Page Policy: Any home page maintained by or for a DOC organization shall include a link to home page of higher organization within its hierarchy *i.e. OAR must link to NOAA; OGP must link to OAR Purpose: To establish a series of links that will eventually lead the user to the home page of one of the organization listed in Policy 1. Deadline: Certification due June 21 annually; beginning in 2001

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 3. Identification of Web Site Owner Policy: All DOC web pages shall identify the Web site owner *Policy does not spell out how or where on the page the identifier should appear Purpose: To identify the DOC organization that manages the Web site Deadline: August 11, 2000

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 4. Web Site Contact Information Policy: Every Web site of a DOC organization shall provide an address for comments, inquiries, and accessibility issues Purpose: To ensure that users of DOC Web sites are provided a way to contact the organization Deadline: Original Implementation: August 11, 2000 Accessibility Amendments: June 21, 2001

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 5. Domain Names Policy: All new Web sites of DOC organizations shall have.gov as the top level domain. Within one year of the adoption of this policy, all existing Web sites shall have.gov as the top level domain Purpose: To ensure that the public can easily recognize DOC Web sites as U.S. Government sites and to ensure that DOC Web sites are indexed by FirstGov.gov search engine Deadline: February 8, 2002

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 6. Web Site Accessibility Policy: All new Web sites of DOC organizations shall be designed to ensure that members of the public with disabilities, and Federal employees with disabilities, have access to, and use of, information and data that is comparable to the access and use available to persons who do not have disabilities, unless an undue burden would be imposed on the agency. (Section 508 – 36 CFR ) Purpose: Incorporating 36 CFR as a DOC Web policy ensures that DOC organizations will certify the accessibility of their Web sites under Annual Web Site Certification Policy and provides a framework for the Department to provide guidance to DOC organizations attempting to make their Web sites accessible. Deadline: Immediate Web pages posted before June 21, 2001 are grandfathered; however, DOC organizations are encouraged to make all pages compliant

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 7. Privacy of Visitors Policy: It is the policy of the Department of Commerce (DOC) to respect the privacy of visitors to Web sites of Department of Commerce organizations to the maximum extent possible consistent with law. *Privacy Statement and Persistent Cookies Purpose: To assure members of the public that their privacy will be respected when they view Web sites of Department of Commerce organizations Deadline: Immediate

Web Policies (Mandatory) 7. Privacy of Visitors – Privacy Statement Major points of entry and any page where information is collected on any Department of Commerce organization's Web site shall include a clearly identifiable link to the Privacy Statement, which shall be labeled either "Privacy Statement" or "Privacy Notice." The Privacy Statement shall identify the information collection practices of the site with regard to the following elements, if applicable: the kinds of information collected, how long the information is retained, how it is used, the conditions under which the information may be shared, who it might be shared with, the conditions under which the information may be made available to the public, and whether information is collected from children. In addition, the Privacy Statement shall specifically address: how is handled, and the use of "cookies" and the extent to which information gathered through the use of "cookies" is safeguarded.

Web Policies (Mandatory) 7. Privacy of Visitors – Persistent Cookies It is the policy of the Department to prohibit the use of persistent cookies on Department of Commerce Web sites except where: there is a compelling need; there are appropriate safeguards in place; the use is personally approved by the Secretary of Commerce; and there is clear and conspicuous notice to the public. Approval Process: Before using a persistent cookie on any Department of Commerce Web site, the Web site owner must submit an Approval Request to the Secretary of Commerce through the Web site owner's CIO and the Department's Chief Information Officer. Since the Approval Request may divulge methods used in safeguarding information it should always be marked as "For Official Use Only"

Web Policies (Mandatory) 1. Links to DOC Home Page 2. Links to Organizational Home Page 3. Identification of Web Site Owner 4. Web Site Contact Information 5. Domain Names 6. Web Site Accessibility 7. Privacy of Visitors Privacy Statement and Information Collection 8. Annual Web Site Certification

Web Policies (Mandatory) 8. Annual Web Site Certification Policy: The CIOs listed in Policy 1 shall annually certify to the Department's CIO that all Web sites of their organization comply with the Department's Web policies. If any deficiencies exist, the CIO shall provide a plan to bring the Web sites into compliance. The Department's CIO will determine whether the proposed approach is acceptable, and retains the authority to shut down any site for non- compliance. Purpose: To ensure that Web sites of Department of Commerce organizations comply with Department Web policies Deadline: Certification is due in April of each year

Web Policies (Proposed) 9. Content Management Policy 10. Endorsement Disclaimer Policy

Web Policies (Proposed) 9. Content Management Policy Policy: Web sites of DOC organizations shall be related to the mission, goals, and objectives of the Department and be subject to appropriate management controls * It is imperative that Web content be overseen by management to ensure its quality, relevance to the agency's mission, and that it is delivered in a usable and accessible form. The head of each DOC organization is ultimately responsible for the content on Web sites of his or her organization and for its delivery. Therefore, managers should consider establishing guidelines for the approval of Web content and its delivery. Purpose: to ensure and maximize the quality of information on DOC Web sites Deadline: Immediate

Web Policies (Proposed) 9. Content Management Policy 10. Endorsement Disclaimer Policy

Web Policies (Proposed) 10. Endorsement Disclaimer Policy Policy: All DOC Web sites shall have a disclaimer stating that links to non-Federal Government Web sites do not imply endorsement of any particular product, service, organization, company, information provider, or content. *The decision on where to place the disclaimer and the exact wording is left up to the individual Operating Units. It could be on a separate page linked to from the home page, adjacent to the link itself, or handled in any number of ways. However, it must be clear to the Web site visitor that no Department of Commerce endorsement is implied. Purpose: to ensure that visitors to DOC Web sites know that links do not imply endorsement Deadline: Thirty days following approval of this policy by the Department's CIO.

Web Best Practices (Recommended) Identification of Content Source Process in Support of the Annual Web Site Certification Testing Web Site Accessibility for Persons with Disabilities Making Public Pages Easy to Find Internet Use Policy PDF GIF Licensing

Web Best Practices (Recommended) Identification of Content Source Best Practice: If the source of the content of a Web page of a Department of Commerce organization is not the "Web site owner," the source of the content should be identified Purpose: To identify the source of the content when it is not the same as the Web site owner.

Web Best Practices (Recommended) Process in Support of the Annual Web Site Certification Best Practice: DOC CIOs should maintain a list of their organizations' Web sites and have in place a process designed to support annual certification so that as new Web sites are launched and existing Web sites are modified, ongoing compliance with Department Web site policies is maintained.

Web Best Practices (Recommended) Testing Web Site Accessibility for Persons with Disabilities Best Practice: All DOC organizations should establish a policy and procedures for testing their Web sites for compliance with Web Policy #6 (on Accessibility). Purpose: To help CIOs and Department of Commerce organizations ensure that DOC Web sites comply with Web Policy 6 and to support the Annual Web Site Certification Policy.

Web Best Practices (Recommended) Making Public Web Pages Easy to Find Best Practice: All DOC organizations should use HTML title tags and appropriate meta tags to make their Web pages easier to find by Web search engines and should consider submission to the major search engines. Purpose: To make DOC Web sites easy to find

Web Best Practices (Recommended) PDF GIF Licensing