CAMBRIDGE, Mass. (AP) -- The Department of Homeland Security's top privacy official said Wednesday that she is investigating whether the agency's airline passenger screening program has violated federal privacy laws by failing to properly disclose its mission.

The privacy officer, Nuala O'Connor Kelly, said the review will focus on whether the program's use of commercial databases and other details were properly disclosed to the public.

Under the 1974 Privacy Act, no governmental record-keeping system can be kept secret.

She said she also was concerned about the security of the system, known as Secure Flight, given that commercial data vendors have suffered widely publicized breaches. Kelly said she was not opposed to the government's use of commercial databases but said ''we have to be thoughtful.''

''We need to give a hard look at any program that collects information on Americans,'' she said in an interview on the sidelines of a public hearing by Homeland Security's data-privacy advisory committee at Harvard Law School. ''The scrutiny is appropriate.''

Kelly said it was unclear how long the investigation would take or what the ramifications might be.

On Nov. 15, the Transportation Security Agency announced in the Federal Register that its testing of commercial data for Secure Flight ''will be governed by stringent data security and privacy protections, including ... strict firewalls between the government and commercial data providers ... and strict rules prohibiting the access or use of commercially held personal data by TSA.''

But at Wednesday's hearing, the TSA official in charge of Secure Flight, Justin Oberman, said his group is working to update and clarify the project's use of commercially available data. The system has been in a testing phase and is expected to go live later this year.