1 for the United States Coast Guard use of College Board s Recruitment PLUS April 1, 2011 Contact Point Ms. Patricia M. Soares U.S. Coast Guard U.S. Coast Guard Academy (860) Reviewing Official Mary Ellen Callahan Chief Privacy Officer Department of Homeland Security (703)
2 Page 2 Abstract The Department of Homeland Security United States Coast Guard Academy (USCGA or Academy) uses College Board s Recruitment PLUS (Recruitment PLUS) software application for college admissions and enrollment activities. The Recruitment PLUS system does the following things: 1. Collects and stores prospective applicants biographic and educational data, 2. Collects USCGA admissions staff s and volunteers biographical data, 3. Facilitates and tracks the application process, and 4. Aligns admissions staff and volunteers to prospective applicants. The purpose of this PIA is to document how Recruitment Plus collects and uses personally identifiable information (PII). Overview USCGA Admissions (Admissions) uses the Recruitment PLUS application for USCGA college admissions and enrollment activities in furtherance of 14 U.S.C. 181 and 211. Students who are interested in or who are applying to the USCGA are managed in the Recruitment PLUS system. Admissions uses this system to manage communications with prospective applicants as well as track their progress through the application process. Recruitment PLUS is a business system that helps Admissions automate individualized communication to prospective applicants. Most middle school and high school freshman inquiries consist of general requests for information for reports or class projects. Starting in the prospective applicant s sophomore year, Admissions begins sending information to interested students; this information is generic in nature and focuses on the missions of the U.S. Coast Guard and relates those missions to the USCGA. During the prospective applicant s junior year the focus of information is on military service academies and contains detailed information on majors, faculty, and athletic opportunities available at the USCGA. Admissions encourages prospective applicants to visit the USCGA through one of the many campus based programs offered throughout the year. Throughout the USCGA Admissions process, the following four Recruitment PLUS modules are utilized: Student Module Student Module Admissions Staff Module Volunteer (Admissions Partners) Module Report Builder Module Prospective applicants provide information to the USCGA through personal, online, and postal recruitment efforts. The Admissions staff along with their USCGA Admissions Partners (volunteers) visit high schools and attend local and national college fairs to gather information from prospective students. In addition, prospective applicants provide their contact information directly to the USCGA so an Admissions staff member, with system privileges, can enter the information into Recruitment PLUS.
3 Page 3 This information includes their name, mailing address, phone number(s) and address Once that occurs, prospective applicants begin to receive information about the USCGA and its admissions process. Admissions Staff Module The Admissions Staff Module consists of admissions staff s basic biographical data, which is used to align staff with prospective applicants. This module consists of: Data a user can view, add, update and delete (at the tab or data group level) Actions a user can perform (including sending letters, running reports, etc.) Administrative actions a user can take (including the creation of letters, reports, and communications roles, as well as execute an import or export, etc.) Volunteer (Admissions Partner) Module The Volunteer Module contains biographical data on USCGA admissions partners. This datais used to connect prospective applicants to admissions partners within the region. Admissions partners meet, interview, and refer prospective applicants to USCGA admissions officers. USCGA admissions partners voluntarily provide the information maintained in this module of the Recruitment PLUS system.. Admissions Partners are comprised of USCGA alumni, parents of current and former cadets, members of the USCG Auxiliary, members of the Association of Naval Services Officers (ANSO), members of the National Naval Officers Association (NNOA), USCG civilian personnel, USCG active duty and reserve members, and members from other military services. Individuals interested in becoming an admissions partner must first submit an online registration request to USCGA. The registration is reviewed by the admissions staff. Acceptance is based on an individual s background investigation, geographical area, and the particular needs of the service. This review is independent of Recruitment PLUS. Admissions partners are differentiated by their level of engagement with the admissions program, training status, and their membership status. Membership status is established as follows: Inactive Members: admissions partners who fail to complete mandatory training in specified time frame or have not done any volunteer activities since completing the initial background check and training; Inquiry: Prospective admissions partners who have expressed interest in the program but not yet completed the online registration request, background check, or training; Members: Prospective admissions partners who have successfully completed the online registration request, but have not completed the background check and training processes; Provisional Members: Prospective admissions partners who have successfully completed the online registration request, but not completed the background check and training processes; Rejected Inquiry: Prospective Admissions Partners who have been denied admissions partner status; and Withdrawn/Cancelled Memberships: Admissions partners who have requested to be removed from the active partner program rolls. Recruitment PLUS maintains this data because members
4 Page 4 who withdrawor cancel their membership frequently renew their active status due to health- or work-related situations. Report Builder Module The Report Builder Module consists of unique prospective applicant files. Either the prospective applicant or admissions personnel can update these files by entering new data into the USCGA webpage or a Recruitment PLUS prospective applicant report, respectively. Report Builder Module data is created from information provided voluntarily by a student at a college fair, high school visits by admissions staff and partners, and Congressional events. Once the admissions staff member receives a prospective applicant s information, the student s data is entered into Recruitment PLUS, which creates a student record. Alternatively, a prospective applicant can visit to complete a voluntary profile for more information. Upon completion of the voluntary profile, the web-based Inquiry to Enrollment application (i2e) passes the prospective applicant s information to Recruitment PLUS, which generates a new student record. Recruitment PLUS s data export utility allows Admissions to upload data to the web-based i2e so that prospective applicants can view their application status. Additionally, Recruitment PLUS includes an import package that allows data to be imported from the USCGA s existing Academy Information System (ACADIS) via electronically transmitted files, but does not allow Recruitment PLUS data to be transmitted to the ACADIS system. This process is outlined further in the ACADIS PIA. 1 Additional data that is input into the Recruitment PLUS system originates from the Department of Defense Medical Exam Review Board (DODMERB), and SAT/ACT admissions tests. During a prospective applicant s senior year, he is sent mailings and invitations to participate in campus-based programs to provide students with an in-depth look at USCGA. Programs consist of daylong and overnight programs and enable the prospective applicant the opportunity to meet with cadets, faculty, and staff to learn more about the USCGA and determine if USCGA is the right choice for them. Additionally, admissions staff and partners travel throughout the Unitied States and host informational sessions for prospective students and their families. In those instances, students are sent invitations to the off-campus events, which are also posted on the USCGA web site. Once a senior determines that USCGA is their school of choice, the student goes to the USCGA website and completes an online application. Once the online application is completed, the applicant s data is exported into Recruitment PLUS via the i2e program. Throughout the admissions process (which runs from September through June of the prospective applicant s senior year), applicants are able to update their application with SAT/ACT scores, additional high school transcript data, and letters of recommendation. A typical record in Recruitment PLUS is generated in one of three ways. First, admissions can receive student information provided voluntarily by a student at a college fair or Congressional event. An admissions staff member then enters this student data into Recruitment PLUS and a student record is 1 Privacy Office, DHS, United States Coast Guard Academy Information System (2010), _pia_uscg_acadis.pdf.
5 Page 5 created. Second, a student can voluntarily completes a profile for more information at The web-based application i2e then passes this information to Recruitment PLUS and a new student record is created. Third, informaton in Recruitment PLUS can be passed from ACADIS once an application for admission is started by the student. Recruitment PLUS supports the appointment of permanent commissioned officers in the regular Coast Guard from the USCGA as authorized by 14 USC 211. The authority to operate the USCGA is contained in 14 USC 181. Section 1.0 Characterization of the Information The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, rule, or technology being developed. 1.1 What information is collected, used, disseminated, or maintained in the system? Prospective applicant/student, admissions staff and admissions partner information is collected, used, disseminated and maintained in Recruitment PLUS. The following fields are part of a student s record, although many students have only the most basic information as part of their student record. As a student moves along the application process, more information, provided by the student, is made a part of his electronic record in Recruitment PLUS. Student Full name (first, middle, and last name); Nickname; Social Security number (SSN) (collected only after student starts the application process); Birth date; Rating (based on admissions activities, system-generated); Application status, including Applied, Application iomplete, Application incomplete, Admitted with conditions, and Admitted without conditions; I2E identifier (CGA web generated); Student type (e.g., Freshman, or International); Gender; Citizenship; Race/ethnicity category; Prior last name (if applicable); Geographic market (system generated based on student s address): Recruitment PLUS s Geomarkets define State-based geo-demographic areas, which is used to track and focus recruiting efforts and data; Addresses (including home, work, , and previous schools/colleges); Telephone/fax numbers;
6 Page 6 Staff Activities (completed by the student or admissions): includes student s interests, sports participation, and extracurricular activities; Standardized test scores: reflects results of individual test components (critical reading, math and writing), as well as SAT, ACT, and other required test scores; Student ID: this can be either a system-generated ID or an ID created by the USCGA; Official correspondence: All letters related to the prospective applicant. Letters can include responses to inquiries for information; a request for additional information to complete the application; or a decision letter that could indicate that the prospective students has been admitted, rejected or placed on a waitlist for admissions to the Academy. Recruitment Plus collects much of the same information from USCG staff in the admissions staff module as the student module: Full name (first, middle, and last name); Suffix; Nickname; Title; Network ID; SSN; Race/ethnicity category; Marital status; Gender; Birth date; Citizenship; Telephone number; Relationship; Username; Work street address, city, state, zip, ; Activities. Academy Admissions Partners (Volunteers) Academy admissions partners are used to connect prospective applicants to admissions partners within their respective region. Academy admissions partners are comprised of USCGA alumni, parents of cadets (current and former), CG Auxiliary members, Association of Naval Services Officers (ANSO) & Naval Officers Association (NNOA )members, CG active duty, reserve, civilian personnel as well as individuals from other branches of military service. Full name (first, middle, and last name); Suffix; Nickname; Birth date;
7 Page 7 Marital status: (admissions does not ask for the marital status of admissions partners-- this is a default Recruitment PLUS field, but is left blank in each record); Type of volunteer (USCGA Alumni, USCG Active Duty/Auxiliarist, etc.); Prior name (if applicable); Gender; Race/ethnicity type (to ensure members are representative of the population and occasionally provide stats on the composition of the program, in aggregate); Citizenship; Geographic market (system generated based on volunteer s address); Home address (including city, state, zip, county, and country); Phone numbers (home, cell, work, and fax numbers); addresses; Activities (those completed by the admissions partner or those completed by Admissions relating to the volunteer); Type of graduate degree (MA/BS, PhD, etc.): although the field is present, USCGA does not collect this information for our mission, and therefore this field is left empty for USCGA s use of Recruitment PLUS; Employment status; Membership status. 1.2 What are the sources of the information in the system? Student information is voluntarily provided by middle school, high school, and college students interested in applying to the USCGA. Student information also comes from the purchase of student names from commercial organizations such as College Board, College Bound Student Services (CBSS), and National Research Center for College University Admissions (NRCCUA). Admissions staff information is voluntarily provided when staff members join the admissions Division. Admissions partner information is required as part of the admissions partner application process. 1.3 Why is the information being collected, used, disseminated, or maintained? Prospective applicant s information is collected, used, disseminated and maintained to screen students interested in applying to the USCGA. The information is used to communicate by mail and electronically as they move through the application process. Staff information is collected to maintain user accounts and to link Admissions Officers with students in their areas of responsibility, Admissions partner information is used to help connect students interested in applying to the Academy with local area volunteers for applicant interviews and outreach. Admissions partners are notified by or phone when interview or outreach activities need to be completed in a specific
8 Page 8 geographic area. Additionally, admissions partners can utilize the Recruitment PLUS system to view a list of upcoming college fairs which they may request to attend as a USCGA representative. 1.4 How is the information collected? Information is collected voluntarily online at as well as at college fairs, high school visits, Congressional events, and in person during Academy visitation programs. Admissions staff provide their information when they join the Admissions Division. Admissions partners provide their information as part of the application process. 1.5 How will the information be checked for accuracy? Admissions staff checks information for accuracy during the course of mailings and communication. Invalid mailing addresses are corrected when the mail is returned to the USCGA. USCGA Admissions uses Return Service Requested to identify returned mail and obtain updated address information, which is entered into Recruitment PLUS. The original mailing is then re-sent to the correct, updated address. Additionally, admissions staff members with sufficient access can update student, staff and admissions partner informationwhen advised of the need for a correction by the subject of the record. If an address is determined to be invalid, an admissions staff member contacts the student by telephone or mail requesting an updated address. Once an updated address has been provided, an admissions staff member with the proper permissions updates the data in the Recruitment PLUS system. All SAT/ACT test scores entered in Recruitment PLUS system are official scores received either directly from a College Board/ACT score import or from data imported from the USCGA s ACADIS system. An applicant s identity is not confirmed until they are actually tendered an appointment to the USCGA. Additionally, the admissions staff works with the USCGA cadet Administration office to enter all incoming cadets into the Office of Personnel Management s e-qip system in order to verify citizenship and initiate a background/security investigation. High schools are not routinely contacted to verify information provided on an official transcripts. However, schools are contacted if the academic information submitted, such as SAT/ACT scores, are received from the student and not forwarded directly from the testing services or are not on an official high school transcript. Recruitment PLUS validates data at its front-end as well as back-end database. Some validation rules are derived from business logic and some are data-driven. Additionally, because Recruitment PLUS uses Microsoft Structured Query Language (SQL), referential integrity is implemented through foreign keys. When an individual is approved to complete the registration process to become an academy admissions partner, the USCGA sends a volunteer disclosure/authorization form and a request form. While completion of both forms is strictly voluntary, they must be completed and returned to the USCGA s employment screening service in order to initiate a background check.
9 Page 9 The employment screening service, which is conducted by Lexis/Nexis Employment Screening, conducts an SSN validation and verification check to confirm that the potential partner holds a valid SSN, and to provide an accurate name and address history. That history is critical to the screening service s second step, a thorough criminal background screen involving a 50-state search of criminal records from multiple sources. The USCGA is not interested in credit history or any other data unrelated to a criminal history screen and Lexis/Nexis Employment Screening will not be searching that data. The USCGA uses the criminal background data it receives from Lexis/Nexis Employment Screening solely to adjudicate an individual s Academy admissions partner application. Generally, an arrest or conviction for a crime against a minor, a violent crime (including domestic assault or abuse), or a sex crime will be disqualifying, as will an arrest or conviction for driving under the influence (DUI), driving while intoxicated (DWI), or reckless driving within the last 5 years. This is not an exhaustive list and other arrests or convictions will be reviewed on a case-by-case basis. It is, of course, a purely voluntary decision on the individual s part whether to provide the required personal information to Lexis/Nexis Employment Screening. However, due to USCGA s commitment to providing the safest possible environment for our prospective cadets, if the individual decides not to provide information, USCGA is unable to maintain him or her as an admissions partner. 1.6 What specific legal authorities, arrangements, and/or agreements defined the collection of information? The appointment of permanent commissioned officers in the regular Coast Guard from the USCGA is authorized by 14 USC 211. The authority to operate the USCGA is contained in 14 USC Privacy Impact Analysis: Given the amount and type of data collected, discuss the privacy risks identified and how they were mitigated. Privacy Risk: High school/college transcripts may be lost or misrouted to another USCGA office. All students seeking admissions to the USCGA must submit an official high school transcript from their high school or current college. The USCG can only receive transcripts in paper form as CGA does not have a mechanism to receive them electronically. Mitigation: All transcripts are mailed directly to the Admissions Office. Only trained members of the Admissions staff are authorized to handle student transcripts. All transcripts are reviewed to verify that the record is an official transcript. Transcripts are deemed official if there is an embossed seal from the high school along with the signature from the principal and/or guidance counselor. If there is any question to the validity of the transcript, the admissions staff member will contact the high school and request a new official transcript be sent directly from the high school to the Admissions Office. The Admissions Office does not upload high school transcripts into Recruitment PLUS since we do not receive any electronically.
10 Page 10 Section 2.0 Uses of the Information The following questions are intended to delineate clearly the use of information and the accuracy of the data being used. 2.1 Describe all the uses of information. Recruitment PLUS data is used to communicate with prospective cadets in the years leading up to the submission of an application and throughout the application process. USCGA communicates with prospective students using a multi-channel, multimedia strategy which encompasses direct mail, , USCGA website, outside websites, banner ads, and online marketing campaigns. The admissions staff and admissions partner data component of Recruitment PLUS is used during the period of the staff s and Admissions Partners active admissions work. Once a staff member or admissions partner departs for another position or withdraws from the admissions partners program, his information is retained for limited, discrete historical purposes. These purposes include year-end recruiting activity reports and tracking historical recruiting practices and efforts. Once a student has either been accepted, rejected, withdrawn, or is no longer is interested in applying to the USCGA, he can amend or update Recruitment PLUS data by direct mail, or via telephone. 2.2 What types of tools are used to analyze data and what type of data may be produced? The Report Builder function of Recruitment PLUS is used to analyze data. For example, the Report Builder function is frequently used to separate and examine applicant data by geographical markets or educational neighborhoods. This analysis helps shape the annual recruiting plan and determine admissions officer travel schedules. Recruitment PLUS s Report Builder uses Microsoft Access report creation tools to develop report templates. These reports are instantly available to admissions staff members through Recruitment PLUS. Additionally, Recruitment PLUS administrators have the ability to use these standard reports as templates for creating customized reports. In addition to the Report Builder tool, Recruitment PLUS has the ability to create data analyst reports. These real-time reports use pivot tables to stratify and display USCGA admissions data in graphical and statistical ways by summarizing Recruitment PLUS data. 2.3 If the system uses commercial or publicly available data please explain why and how it is used. The USCGA uses criminal background data it receives from Lexis/Nexis Employment Screening to adjudicate an individual s Academy admissions partner application. Generally, an arrest or conviction for a crime against a minor, a violent crime (including domestic assault or abuse), or a sex crime will be disqualifying, as will an arrest or conviction for driving under the influence (DUI), driving while intoxicated (DWI), or reckless driving within the last 5 years. This is not an exhaustive list and other arrests or convictions will be reviewed on a case-by-case basis. Within Recruitment PLUS, Admissions
11 Page 11 documents the results of the screening service summary (green, yellow, red status) but not the content of the screening. Details are only available through the employee screening service. The Recruitment PLUS system captures both SAT/ACT exam data and student name data purchased from commercial organizations such as College Board, CBSS, and NRCCUA. USCGA uses SAT/ACT exam scores to determine the academic quality of USCGA applicants. Prior to taking the SAT/ACT exams, College Board asks students whether they would like to release their scores to colleges and universities. If the student chooses, official scores reports are then sent by SAT/ACT directly to USCGA to be incorporated into a student s application. The purchased student name data is used to identify potential USCGA applicants and focus admissions recruiting efforts. For the Academy Admissions Partner Program, which is charged with hiring admissions partners, USCGA uses publically available data from an employee service. Partners voluntarily authorize Admissions to review the publicly available data. The USCGA uses the criminal background data it receives from the employment screening service to make a decision to complete the process in making the individual an Academy Admissions Partner. 2.4 Privacy Impact Analysis: Describe any types of controls that may be in place to ensure that information is handled in accordance with the above described uses. Privacy Risk: There is a potential risk of misuse of Recruitment PLUS information. Mitigation: Only trained admissions staff members are granted access to College Board s Recruitment PLUS. These staff members must complete annual Privacy Act training. In addition, all users attend a four day training session by the College Board to assist staff members in learning about Recruitment PLUS and how to effectively utilize the information. When Admissions Staff members and Admissions Partners depart, withdraw, or become inactive in the USCG Admissions process, their accounts are disabled. Student/applicant information is not available to anyone not associate with the Admissions Division. Section 3.0 Retention The following questions are intended to outline how long information will be retained after the initial collection. 3.1 What information is retained? The information in the student, admissions staff, and admissions partner records is retained for historical purposes and trend analysis. This includes name, DOB, SSN, ethnicity, address, and citizenship and whether the application was admitted, or rejected. USCGA uses this for year-end recruiting activity reports and tracking historical recruiting practices and efforts.
12 Page How long is information retained? Electronic records are retained for approximately four years. However, because these records are used to both account for and track historical recruiting efforts and shape prospective recruiting efforts, the USCGA Records Management Program is working with the USCGA to determine the business need of records in this system. 3.3 Has the retention schedule been approved by the component records officer and the National Archives and Records Administration (NARA)? The retention schedule has not yet been approved by the CG Records Officer or NARA. 3.4 Privacy Impact Analysis: Please discuss the risks associated with the length of time data is retained and how those risks are mitigated. Privacy Risk: USCGA Admissions Division keeps data for historical purposes, such as tracking historical recruiting efforts and analyzing trends. Because Admissions retains information for long periods of time there is a privacy risk that data may become out-of-date or lost. Mitigation: College Board s Recruitment PLUS access is only available to trained admissions staff members. Admissions staff receives annual Privacy Act training. When admissions staff members and admissions partners depart, withdraw, or become inactive in the USCGA admissions process, their accounts are disabled. Further, student/applicant information is not available to anyone but admissions staff. When reviewing the data retention schedules, USCGA admissions will strive to keep the minimal amount of data needed to perform its mission. Any out-of-date information does not impact the Admissions Division for their analysis of admissions trends. Section 4.0 Internal Sharing and Disclosure The following questions are intended to define the scope of sharing within the Department of Homeland Security. 4.1 With which internal organization(s) is the information shared, what information is shared and for what purpose? This information is not shared with any other organization within the Department of Homeland Security. 4.2 How is the information transmitted or disclosed? Not applicable since information is not shared with other DHS organizations.
13 Page Privacy Impact Analysis: Considering the extent of internal information sharing, discuss the privacy risks associated with the sharing and how they were mitigated. Not applicable since information is not share with other DHS organizations. Section 5.0 External Sharing and Disclosure The following questions are intended to define the content, scope, and authority for information sharing external to DHS which includes Federal, state and local government, and the private sector. 5.1 With which external organization(s) is the information shared, what information is shared, and for what purpose? Recruitment PLUS data is not routinely shared, but is stored on The College Board s domain with Equinox Managed Services Data Center located in Northern Virginia. Infrequently, Recruitment PLUS s proprietor, The College Board, must access the Recruitment PLUS system to correct system failures or restore data. As with all access to Recruitment PLUS, user authentication is required. This activity is recorded in security logs and with USCG notification. 5.2 Is the sharing of personally identifiable information outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the personally identifiable information outside of DHS. PII is not shared substantively outside the Department, but rather IT personnel who maintain the Recruitment PLUS servers occasionally require access to Recruitment PLUS data files to correct system failures or restore data. The System of Records Notices that govern the collection of the data within the Recruitment PLUS system. Admissions partner records are covered by DHS/ALL-003 Department of Homeland Security General Training Records (73 FR 71656, November 25, 2008). Staff records and system maintenance personnel records are covered by DHS/ALL-004 Department of Homeland Security General Information Technology Access Account Records (74 FR 49882, September ). Student records are covered by DHS/USCG-027 Recruiting Files (73 FR 77804, December 19, 2008).
14 Page How is the information shared outside the Department and what security measures safeguard its transmission? As described above, personnel who maintain the Recruitment PLUS servers occasionally require access to Recruitment PLUS data files to correct system failures or restore data. All Recruitment PLUS data manipulation and modification within the Recruitment PLUS system is handled by stored procedures in SQL Server. No ad-hoc queries are allowed. The database server is placed behind firewalls and can only be accessed by Recruitment PLUS Web Services. These configurations protect the Recruitment PLUS database from unauthorized probing and data destruction. Recruitment PLUS stores dates and user IDs of changed records for tracking purposes. Recruitment PLUS uses both application-level security and database-level security to manage authentication and authorization. At the application level, users are authenticated based on a user table maintained by the application. Users are assigned to one or many roles with various access levels managed by the application. Recruitment PLUS authenticates every user request through web service calls. All access to Recruitment PLUS requires user authentication. Transactions from the web server to the database are authenticated through SQL Server user authentication. Network data encryption can be achieved at the transport layer through SSL and Secure IP. Recruitment PLUS encrypted user passwords are stored in the database. In the hosted environment, the Recruitment PLUS Web service component is setup inside a DMZ while the database server is placed behind firewalls. Communications between the Recruitment PLUS client and the web service component are protected using SSL. Recruitment PLUS uses industry standard security guidelines to prevent security breaches like SQL injection, cross site scripting, etc. 5.4 Privacy Impact Analysis: Given the external sharing, explain the privacy risks identified and describe how they were mitigated. Privacy Risk: There is a possible risk of unauthorized or improper access to USCGA Admissions Recruitment PLUS data. Mitigation: While the proprietor of the Recruitment PLUS application, The College Board, requires infrequent access to the Recruitment PLUS system to correct system failures or restore data, strict policies and procedures are in place to ensure proper handling and destruction of USCGA data. The College Board requires explicit approval from customers to directly access customer databases. Section 6.0 Notice The following questions are directed at notice to the individual of the scope of information collected, the right to consent to uses of said information, and the right to decline to provide information.
15 Page Was notice provided to the individual prior to collection of information? Prospective USCGA applicants are informed through both an online notice on the USCGA website, as well as told in person when they request information that the information they provide USCGA is voluntarily. Moreover, when a prospective USCGA applicant starts an online application, they must affirmatively acknowledge the Privacy Act Statement. OMB No is also displayed. If the applicant elects not to provide the information, he can withdraw from the process. Students are notified that information they provide is voluntary and will be shared in performance of duties of officials and employees of the USCG in managing and contributing to the admissions process and appointment of USCGA cadets. Admissions partners and staff also acknowledge the Privacy Act statement before submitting PII. Additionally, notice is provided pursuant with 5 U.S.C. 552a in the DHS/ALL-003 General Training Records, DHS/ALL-004 General Information Technology Access Account Records, and DHS/USCG 027 Recruiting Files SORNs. 6.2 Do individuals have the opportunity and/or right to decline to provide information? Yes, information is provided voluntarily by prospective applicants and admissions partners. However, if information is not provided, the USCGA will not consider the applicant for admission to the Academy or to the Academy Admissions Partner program. Data provided by admissions staff is incidental to the staff s official duties. Staff failure to provide information would result in the staff s inability to perform their official functions and may require transfer or termination. 6.3 Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right? The information provided is only used for the admissions and appointment process of USCGA cadets and aligning admissions partners and staff with prospective applicants. 6.4 Privacy Impact Analysis: Describe how notice is provided to individuals, and how the risks associated with individuals being unaware of the collection are mitigated. Students or admissions partners who did not understand why they were providing information or if they have changed their mind are able to contact Admissions and request to be withdrawn and no longer contacted. Student and volunteer records can then be permanently deleted by a staff Recruitment PLUS administrator.
16 Page 16 Section 7.0 Access, Redress and Correction The following questions are directed at an individual s ability to ensure the accuracy of the information collected about them. 7.1 What are the procedures that allow individuals to gain access to their information? Students and volunteers are able to review information they provide online at by logging into their account. Students and volunteers may obtain a copy of their information by submitting a Freedom of Information Act (FOIA)/Privacy Act request to: Commandant (CG-611), ND Street, SW, Washington, DC , Attn: FOIA. 7.2 What are the procedures for correcting inaccurate or erroneous information? Students and volunteers can make edits to their personal information through the USCGA website, which electronically houses the data in a queue so the designated import package can transfer the data from i2e to Recruitment PLUS. Further, once a student has either been accepted, rejected, withdrawn, or is no longer is interested in applying to the USCGA, s/he can contact the Admissions Division by direct mail, or via the telephone to amend or update Recruitment PLUS data The prospective applicant cannot directly add or change his information through Recruitment PLUS, but can update personal information through the USCGA Admissions website, which is, in turn, updated in the Recruitment PLUS system. Prospective applicants may contact an admissions staff member who, with proper permissions, can update the student data. Additionally, students and volunteers may obtain a copy of their information by submitting a Freedom of Information Act (FOIA)/Privacy Act request to: Commandant (CG-611), ND Street, SW. Washington, DC , Attn: FOIA. 7.3 How are individuals notified of the procedures for correcting their information? Students and volunteers are advised online on how to make corrections to their information. They are also provided contact information to Admissions where a staff member may make the correction to their record. 7.4 If no formal redress is provided, what alternatives are available to the individual? Redress is provided.
17 Page Privacy Impact Analysis: Please discuss the privacy risks associated with the redress available to individuals and how those risks are mitigated. Privacy Risk: There is a risk of Admissions staff inadvertently mishandling student and volunteer information. Mitigation: Only trained members of the admissions staff are authorized to handle student and volunteer information. Before information is entered into Recruitment PLUS, it is reviewed by the admissions staff to ensure accuracy. An admissions staff member with authorized permissions may correct discrepancies at any time. Additionally, students and volunteers are advised online on how to make corrections to their information. Section 8.0 Technical Access and Security The following questions are intended to describe technical safeguards and security measures. 8.1 What procedures are in place to determine which users may access the system and are they documented? User data is maintained in the staff module of Recruitment PLUS. Recruitment PLUS uses both application level security and database level security to manage authentication and authorization. At the application level, users are authenticated based on a user table maintained by the application. User names, salt and the corresponding hashed password values are stored in the user table. Users are assigned to one or many roles with various access levels managed by the application. Recruitment PLUS authenticates every user request through web service calls. All access to Recruitment PLUS requires user authentication. Transactions from the web server to the database are authenticated through SQL Server user authentication. Network data encryption can be achieved at the transport layer through SSL and Secure IP. Recruitment PLUS allows the USCGA to create permissions based on user role through the client at the field, data and functional levels. Only users who are assigned an Administrator role, or a custom role that includes the right to modify Staff Roles, can use this utility. This functionality will help protect the USCGA against unauthorized usage, introduction of fraudulent records, and alteration or destruction of information in files. The admissions staff component of the Recruitment PLUS security system was designed with three major goals. The first goal is to support the concept of sharing Recruitment PLUS data with authorized admissions users. The second goal is to prevent admissions and other users from unauthorized access and use of Recruitment PLUS data. The third goal is to categorize types of users to create custom permission roles.
18 Page Will Department contractors have access to the system? Yes. Although most users are federal employees, there is currently one contractor. Contractor users are subject to the same training and user rules as employees Describe what privacy training is provided to users either generally or specifically relevant to the program or system? Privacy training is provided to admissions staff members on an annual basis. Refresher training and reminders are also provided throughout the year regarding safeguarding student information. 8.4 Has Certification & Accreditation been completed for the system or systems supporting the program? Recruitment PLUS is a minor system supported by the ACADIS general support system. No separate C&A is pending for this application. Recruitment PLUS is/will be covered under the General Support System C&A effort. 8.6 Privacy Impact Analysis: Given the sensitivity and scope of the information collected, as well as any information sharing conducted on the system, what privacy risks were identified and how do the security controls mitigate them? For Managed Service implementations, rather than allow outside entities to scan The College Board public-facing IP, security firms perform independent security scans several times a year. Section 9.0 Technology The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics and other technology. 9.1 What type of project is the program or system? Recruitment PLUS application is a Win32 client that accesses the database via web services (https.) After the initial setup of the client, all deployments are performed from the web services. The Recruitment PLUS application can be configured as a 3-tier architecture which includes a smart client, web services and the database. Recruitment PLUS operates in a Windows environment and utilizes Microsoft SQL Server 2005 to create a table-driven, relational database design with primary, secondary and tertiary table structure. SQL Server Integration System can be used to combine and join data from various data sources.
19 Page What stage of development is the system in and what project development lifecycle was used? Recruitment PLUS has been available since 1994 and version 10.0 was released on July 14, Currently, new releases are issued annually as new versions of the software. Scripts for smaller enhancements and patches are deployed as needed throughout the year. Recruitment PLUS users are notified via , electronic newsletter, the client list-serve and postings on the Recruitment PLUS Support Website. The Recruitment PLUS Program team in partnership with the College Board Regional and National Account Services, and College Board Enrollment Software Support, solicit current users for feedback on enhancements. Enhancement requests can be made at any time throughout the year by calling, ing or submitting them through the Recruitment PLUS Support Website. The College Board also works with a client advisory group that advises the College Board in product updates and enhancements, and service needs within the Support and Implementation process. Recruitment PLUS software engineering practice includes rigorous controls for ensuring quality. Reported defects are prioritized during the release planning process to ensure that higher impact issues are prioritized for correction in the system earlier than less severe issues. During the actual development cycle the software is verified first via test cases and test procedures defined for new features, enhancements, and defect corrections. Thereafter, the system is subject to both manual and automated regression testing. Throughout the development process, a highly-skilled quality assurance team works with College Board Enrollment Software Services to ensure user acceptance. In some cases, members of the Client Advisory Group are asked to conduct beta testing in their Recruitment PLUS environment. Currently, new releases are issued annually as new versions of the software. Scripts for smaller enhancements and patches are deployed as needed throughout the year. After initial setup of the client, all deployments are performed via the Web Services. 9.3 Does the project employ technology which may raise privacy concerns? If so please discuss their implementation. No, this is a commercially available package based on commercially available Microsoft technology and tools. At this point, USCGA is not aware of any risks in the underlying technology.
20 Page 20 Responsible Officials Patricia M. Soares U.S. Coast Guard U.S. Coast Guard Academy Department of Homeland Security Approval Signature Page Original signed copy on file with the DHS Privacy Office. Mary Ellen Callahan Chief Privacy Officer Department of Homeland Security
for the CASE MATTER MANAGEMENT TRACKING SYSTEM September 25, 2009 Contact Point Mr. Donald A. Pedersen Commandant (CG-0948) (202) 372-3818 Reviewing Official Mary Ellen Callahan Chief Privacy Officer Department
for the United States Coast Guard Academy Information System (ACADIS) January 26, 2010 Contact Point ITCS Guy O. Cranfill ISSO CGA Information Services Division 860-444-8273 Reviewing Official Mary Ellen
for the Student Administration and Scheduling System DHS/FLETC/PIA-002 February 12, 2013 Contact Point William H. Dooley Chief, Office of IT Budget, Policy, & Plans (912) 261-4524 Reviewing Official Jonathan
for the Stakeholder Engagement Initiative: December 10, 2009 Contact Point Christine Campigotto Private Sector Office Policy 202-612-1623 Reviewing Official Mary Ellen Callahan Chief Privacy Officer Department
for the E-Verify Self Check March 4, 2011 Contact Point Janice M. Jackson Privacy Branch, Verification Division United States Citizenship and Immigration Services 202-443-0109 Reviewing Official Mary Ellen
for the (CWS System) DHS/TSA/PIA-036 January 13, 2012 Contact Point Carolyn Y. Dorgham Program Manager, National Explosives Detection Canine Team Program Carolyn.Dorgham@dhs.gov Reviewing Official Mary
for the Bonds Online System (ebonds) - Phase One July 14, 2009 Contact Point James T. Hayes, Jr. Director, Office of Detention and Removal U.S. Immigration and Customs Enforcement (202) 732-3100 Reviewing
for the Directory Services and Email System (DSES) Contact Point James Kief Functional Area Manager Department of Homeland Security/US Coast Guard (304) 264-2573 Reviewing Official Hugo Teufel III Chief
for Clearances, Logistics, Employees, Applicants, and Recruitment (CLEAR) DHS/USSS/PIA-013 January 3, 2013 Contact Point Latita M. Payne, Privacy Officer United States Secret Service (202) 406-5838 Reviewing
for the Automated Threat Prioritization Web Service DHS/ICE/PIA-028 June 6, 2011 Contact Point Luke McCormack Chief Information Officer U.S. Immigration and Customs Enforcement (202) 732-3100 Reviewing
for the Five Country Joint Enrollment and Information-Sharing Project (FCC) November 2, 2009 Contact Point Paul Hasson, Privacy Officer Program National Protection & Programs Directorate (202) 298-5200
for the Homeland Security Virtual Assistance Center November 3, 2008 Contact Point Donald M. Lumpkins National Preparedness Directorate (FEMA) (202) 786-9754 Reviewing Official Hugo Teufel III Chief Privacy
for the E-Mail Secure Gateway (EMSG) DHS/MGMT/PIA-006 March 22, 2012 Contact Point David Jones MGMT/OCIO/ITSO/ESDO DHS HQ (202) 447-0167 Reviewing Official Mary Ellen Callahan Chief Privacy Officer Department
for the Enterprise Services Management System April 28, 2016 Contact Point Marshall Nolan Border Enforcement and Management Systems Division Office of Information Technology U.S. Customs & Border Protection
INTERNational Connections Privacy Impact Assessment 1. Contact Information Department of State Privacy Coordinator Margaret P. Grafeld Bureau of Administration Global Information Services Office of Information
for the Physical Access Control System DHS/ALL 039 June 9, 2011 Contact Point David S. Coven Chief, Access Control Branch (202) 282-8742 Reviewing Official Mary Ellen Callahan Chief Privacy Officer (703)
Federal Trade Commission Privacy Impact Assessment for the: Gilardi & Co., LLC Claims Management System and Online Claim Submission Website January 2015 Page 1 of 14 1 System Overview The Federal Trade
for the Conversion to 10-Fingerprint Collection for the United States Visitor and Immigrant Status Indicator Technology Program (US-VISIT) November 15, 2007 Contact Point Barbara M. Harrison, Acting Privacy
Technology, Planning, Architecture, & E-Government Version: 1.1 Date: April 14, 2011 Prepared for: USDA OCIO TPA&E Privacy Impact Assessment for the April 14, 2011 Contact Point Charles McClam Deputy Chief
for the Crew Member Self Defense Training (CMSDT) Program February 6, 2008 Contact Point Michael Rigney Federal Air Marshal Service Flight Programs Division Michael.Rigney@dhs.gov Reviewing Officials Peter
for the Database January 15, 2010 Contact Point Kumar Kibble Acting Director, Office of Investigations U.S. (202) 732-5100 Reviewing Official Mary Ellen Callahan Chief Privacy Officer Department of Homeland
for the Protected Critical Infrastructure Information Management System (PCIIMS) Final Operating Capability (FOC) DHS/NPPD/PIA-006(a) Contact Point Tammy Barbour Protected Critical Infrastructure Information
for the Customer Scheduling and Services DHS/USCIS/PIA-046 March 25, 2014 Contact Point Donald K. Hawkins Privacy Officer U.S. Citizenship and Immigration Services (202) 272-8000 Reviewing Official Karen
Federal Trade Commission Privacy Impact Assessment for the: Analytics Consulting LLC Claims Management System and Online Claim Submission Website January 2015 Page 1 of 14 1 System Overview The Federal
for the Federal Protective Service Dispatch and Incident Record Management Systems September 16, 2009 Contact Point Gary Schenkel Director, Federal Protective Service U.S. Immigration and Customs Enforcement
for the Financial Disclosure Management (FDM) September 30, 2008 Contact Point Cynthia D. Morgan, Financial Disclosure Program Manager Ethics Division Office of General Counsel (202) 447-3514 Reviewing
AUGUST 16, 2013 Privacy Impact Assessment CIVIL PENALTY FUND AND BUREAU-ADMINISTERED REDRESS PROGRAM Contact Point: Claire Stapleton Chief Privacy Officer 1700 G Street, NW Washington, DC 20552 202-435-7220
for the Merchant Mariner Licensing and Documentation System DHS/USCG/PIA-020 March 1, 2011 Contact Point Gary Chappell MMLD Project Officer U.S. Coast Guard CG-633 (202) 372-1293 Reviewing Official Mary
for the E-Verify Program: Use of Commercial Data for Employer Verification June 2, 2010 Contact Point Claire Stapleton Privacy Branch Chief Verification Division United States Citizenship and Immigration
FHFA Privacy Impact Assessment Template FM: SYSTEMS (SYSTEM NAME) This template is used when the Chief Privacy Officer determines that the system contains Personally Identifiable Information and a more
United States Department of State (PIA) Waiver Review System (WRS) Version 03.06.01.01 Last Updated: December 2, 2013 Bureau of Administration 1. Contact Information Department of State Privacy Coordinator
United States Trustee Program Privacy Impact Assessment for the Credit Counseling/Debtor Education System (CC/DE System) Issued by: Larry Wahlquist, Privacy Point of Contact Reviewed by: Approved by: Vance
for the DHS / UKvisas Project November 14, 2007 Contact Point Elizabeth Gaffin Associate Counsel United States Citizenship and Immigration Services 202-272-1400 Reviewing Official Hugo Teufel III Chief
Federal Trade Commission Privacy Impact Assessment for: DCBE Websites and Blogs Consumer.ftc.gov, Consumidor.ftc.gov, OnGuardOnline, AlertaenLinea, Consumer.gov, Consumidor.gov and the BCP Business Center
for the Fugitive Case Management System (FCMS) August 11, 2009 Contact Point David Venturella Acting Director, Detention and Removal Operations U.S. Immigration and Customs Enforcement (202) 732-3100 Reviewing
for the Computer Linked Application Information Management System DHS/USCIS/PIA-015(a) August 31, 2011 Contact Point Donald Hawkins Privacy Officer United States Citizenship and Immigration Services (202)
Federal Bureau of Prisons Privacy Impact Assessment for TRUFONE Inmate Telephone System Issued by: Sonya D. Thompson Reviewed by: Approved by: Vance E. Hitch, Chief Information Officer, Department of Justice
Federal Bureau of Prisons Privacy Impact Assessment for the Correspondence Tracking System (CTS) Issued by: Sonya D. Thompson Sr. Deputy Assistant Director/CIO Reviewed by: Approved by: Luke J. McCormack,
1. Contact Information A/GIS/IPS Director Department of State SharePoint Server PIA Bureau of Administration Global Information Services Office of Information Programs and Services 2. System Information
Federal Bureau of Prisons Privacy Impact Assessment for the HR Automation System Issued by: Sonya D. Thompson Deputy Assistant Director/CIO Reviewed by: Approved by: Eric Olson, Acting Chief Information
for the 9/11 Heroes Stamp Act of 2001 File System Contact Point Elizabeth Edge US Fire Administration Federal Emergency Management Agency (202) 646-3675 Reviewing Official Nuala O Connor Kelly Chief Privacy
Privacy Impact Assessment For: Education Investigative Tracking System (EDITS) Date: April 10, 2013 Point of Contact: Hui Yang System Owner: Wanda A. Scott Author: William Hamel Office of Inspector General
United States Department of State (PIA) Consular Affairs Enterprise Service Bus (CAESB) 01.00.00 Last Updated: May 1, 2015 Bureau of Administration 1. Contact Information A/GIS/IPS Director Bureau of Administration
For Person Authentication Service (PAS) Date: January 9, 2015 Point of Contact and Author: Hanan Abu Lebdeh Hanan.Abulebdeh@ed.gov System Owner: Ganesh Reddy Ganesh.Reddy@ed.gov Office of Federal Student
for the Background Check Service Contact Point Elizabeth Gaffin USCIS Privacy Officer United States Citizenship and Immigration Services 202-272-1400 Reviewing Official Hugo Teufel III Chief Privacy Officer
Federal Trade Commission Privacy Impact Assessment for the: Rust Consulting, Inc. Integrated Settlement Information System and Online Claim Submission Websites January 2015 Page 1 of 15 1 System Overview
for the Enforcement Integrated Database (EID) ENFORCE Alien Removal Module (EARM 3.0) DHS/ICE-PIA-015(b) May 20, 2011 Contact Point James Dinkins Executive Associate Director Homeland Security Investigations
United States Department of State Privacy Impact Assessment IIP Program Management and Outreach System (IIP-PMOS ITAB Number 2600) Bureau of Administration 1. Contact Information Department of State Privacy
U.S. Securities and Exchange Commission (IWMS) PRIVACY IMPACT ASSESSMENT (PIA) March 21, 2013 General Information 1. Name of Project or System. (IWMS) 2. Describe the project and its purpose or function
U.S. Securities and Exchange Commission Office of Information Technology Alexandria, VA PRIVACY IMPACT ASSESSMENT (PIA) GUIDE Revised January 2007 Privacy Office Office of Information Technology PRIVACY
for the United States Citizenship and Immigration Services (USCIS) June 22, 2007 Contact Point Harry Hopkins Office of Information Technology (OIT) (202) 272-8953 Reviewing Official Hugo Teufel III Chief
for the NOC Patriot Report Database December 7, 2010 Contact Point Ashley Tyler Department of Homeland Security Office of Operations and Coordination and Planning Reviewing Official Mary Ellen Callahan
for the Enforcement Integrated Database (EID) Criminal History Information Sharing (CHIS) Program DHS/ICE/PIA-015(h) January 15, 2016 Contact Point Peter Edge Executive Associate Director, Homeland Security
Android Developer Applications January 31, 2013 Contact Departmental Privacy Office U.S. Department of the Interior 1849 C Street NW Mail Stop MIB-7456 Washington, DC 20240 202-208-1605 DOI_Privacy@ios.doi.gov
1. Contact Information Department of State Privacy Coordinator Margaret P. Grafeld Bureau of Administration Global Information Services Office of Information Programs and Services 2. System Information
for the March 22, 2011 Robert Morningstar Information Systems Security Manager DHS Office of the Chief Information Officer/Enterprise Service Delivery Office (202) 447-0467 Reviewing Official Mary Ellen
for the Information System (IFMIS) Merger DHS/FEMA/PIA-020 December 16, 2011 Contact Point Michael Thaggard Office of Chief Financial Officer (202) 212-8192 Reviewing Official Mary Ellen Callahan Chief
Privacy Impact Assessment For Management Information System (MIS) Date: September 4, 2015 Point of contact: Hui Yang firstname.lastname@example.org System Owner: Wanda Scott email@example.com Author: Oscar Rosario firstname.lastname@example.org
United States Department of State Privacy Impact Assessment Risk Analysis and Management Bureau of Administration 1. Contact Information Risk Analysis and Management (RAM) PIA Department of State Privacy
PRIVACY IMPACT ASSESSMENT (PIA) For the Naval Audit Service Information Management System (NASIMS) Department of the Navy - DON/AA - NAVAUDSVC SECTION 1: IS A PIA REQUIRED? a. Will this Department of Defense
for the November 10, 2010 Point of Contact Sharmont André Smith Texas National Processing Service Center (940) 891-8762 Reviewing Official Mary Ellen Callahan Chief Privacy Officer Department of Homeland
for the HSIN R3 User Accounts: Manual Identity Proofing Process DHS/OPS/PIA-008(a) January 15, 2013 Contact Point James Lanoue DHS Operations HSIN Program Management Office (202) 282-9580 Reviewing Official
for the DHS/FEMA/PIA-034 September 24, 2013 Contact Point J'son Tyson Identity, Credential & Access Management Section Chief Office of the Chief Security Officer (202) 646-1898 Reviewing Official Jonathan
for Alien Criminal Response Information Management System (ACRIMe) April 22, 2010 Contact Point James A. Dinkins, Director Office of Investigations U.S. Immigration & Customs Enforcement (202) 732-5100
for the Coast Guard Business Intelligence (CGBI) System DHS/USCG/PIA-018 April 17, 2012 Contact Point Mr. David Bandel CGBI Program Manager, CG-0954 (202) 372-4570 Reviewing Official Mary Ellen Callahan
Federal Trade Commission Privacy Impact Assessment for the: W120023 ONLINE FAX SERVICE December 2012 1 System Overview The Federal Trade Commission (FTC, Commission or the agency) is an independent federal
Introduction to The Privacy Act Defense Privacy and Civil Liberties Office dpclo.defense.gov 1 Introduction The Privacy Act (5 U.S.C. 552a, as amended) can generally be characterized as an omnibus Code
For Rehabilitation Services Administration Management Information System (RSA-MIS) Date: November 19, 2014 Point of Contact and Author: Ken Schellenberg Ken.Schellenberg@ed.gov System Owner: Ed Anthony
United States Department of State Global Financial Management System (GFMS) Privacy Impact Assessment CGFS/DCFO/GFMS 1. Contact Information Privacy Impact Assessment (PIA) Department of State Privacy Coordinator
United States Department of State (PIA) Consular Data Information Transfer System (CDITS) Version 02.00.00 Last Updated: April 15, 2014 Bureau of Administration 1. Contact Information Department of State
Federal Trade Commission Privacy Impact Assessment Conference Room Scheduling PIA July 2014 1. System Overview The Federal Trade Commission (FTC) uses conference spaces in various FTC facilities and FTC-leased
U.S. Securities and Exchange Commission Easy Lobby PRIVACY IMPACT ASSESSMENT (PIA) September 30, 2013 General Information 1. Name of Project or System. Easy Lobby v10.0.8 Upgrade: Administrator and SVM
Privacy Impact Assessment For Central Processing System (CPS) Date: March 25, 2013 Point of contact: Calvin Whitaker 202-377-3045 Calvin.Whitaker@ed,gov System Owner: Keith Wilson 202-377-3591 Keith.Wilson@ed.gov
Department of the Interior August 15, 2014 Name of Project: email Enterprise Records and Document Management System (eerdms) Bureau: Office of the Secretary Project s Unique ID: Not Applicable A. CONTACT
for the Port Authority of New York/New Jersey Secure Worker Access Consortium Vetting Services DHS/TSA/PIA-040 November 14, 2012 Contact Point Joseph Salvator Office of Intelligence & Analysis Joseph.Salvator@tsa.dhs.gov
Privacy Impact Assessment 1. Contact Information A/GIS/IPS Director Sheryl L. Walter Bureau of Administration Global Information Services Office of Information Programs and Services 2. System Information
DBIDS/IACS PRIVACY IMPACT ASSESSMENT (PIA) (Use N/A where appropriate) 1. DoD Component: Defense Manpower Data Center (DMDC) 2. Name of IT System: Defense Biometric Identification System (DBIDS) 3. Budget
for the Visa Security Program Tracking System August 27, 2009 Contact Point Raymond R. Parmer Director, Office of International Affairs U.S. Immigration and Customs Enforcement (202) 732-0350 Reviewing
U.S. Securities and Exchange Commission (MPTS) PRIVACY IMPACT ASSESSMENT (PIA) February 24, 2013 General Information 1. Name of Project or System. (MPTS) 2. Describe the project and its purpose or function
for the Office for Civil Rights and Civil Liberties Matters Database May 5, 2010 Contact Point Jackie Mayi Complaints Manager Office for Civil Rights and Civil Liberties U.S. Department of Homeland Security