PRIVACY IMPACT ASSESSMENT



Similar documents
PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

How To Use The Fdic External Service For Mortgage Servicing Rights

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

PRIVACY IMPACT ASSESSMENT

DOCSVAULT WhitePaper. Concise Guide to E-discovery. Contents

How To Understand And Understand The Role Of Reverse Mortgage Solutions

Federal Trade Commission Privacy Impact Assessment

Privacy Impact Assessment of Automated Loan Examination Review Tool

Federal Trade Commission Privacy Impact Assessment

PRIVACY IMPACT ASSESSMENT

This is not your grandfather s litigation. BUT. ediscovery Services are not legal services.

Discussion of Electronic Discovery at Rule 26(f) Conferences: A Guide for Practitioners

THE FREEDOM OF INFORMATION ACT (FOIA) AND DISCOVERY TWO DIFFERENT AVENUES FOR ACCESSING AGENCY RECORDS AND THE BENEFITS OF LEVERAGING E-

Privacy Impact Assessment

Electronic Discovery Software System

Privacy Impact Assessment of the Nationwide Mortgage Licensing System and Registry

Federal Trade Commission Privacy Impact Assessment. for the: Secure File Transfer System

Todd Heythaler Information Governance & ediscovery. Emerging Technologies Work Group

CASE MATTER MANAGEMENT TRACKING SYSTEM

Hong Kong High Court Procedure E-Discovery: Practice Direction Effective September 1, 2014

PRIVACY IMPACT ASSESSMENT

The E-Discovery Process

Office of Audits Report No. AUD The FDIC s Privacy Program 2011

Privacy Impact Assessment Of the. Office of Inspector General Information Technology Infrastructure Systems

DEFENSE RESEARCH INSTITUTE RECOMMENDED CASE HANDLING GUIDELINES FOR INSURERS

Introduction to The Privacy Act

E-Discovery in Practice: A Roadmap for Financial Institutions

Best Practices Page 1

Village of Hastings-on-Hudson Electronic Policy. Internal and External Policies and Procedures

Personal Information Collection and the Privacy Impact Assessment (PIA)

Privacy Impact Assessment of the CHAT Suite of Analysis Tools

E-Discovery Toolkit for Educational Institutions

Federal Trade Commission Privacy Impact Assessment. Electronic Discovery Support System

CHAPTER OUTLINE. Copyright Delmar Learning. ALL RIGHTS RESERVED. 35

NextGen Virtual Legal Services, LLC

January 2008 Report No. EVAL Evaluation of Contract Rationalization

ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws

EnCase Portable. Extend Your Forensic Reach with Powerful Triage & Data Collection

Introduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery

Reduce Cost and Risk during Discovery E-DISCOVERY GLOSSARY

Current Position Range Knowledge, Skills and Abilities Experience Years

DOJ Guidance on Use of the False Claims Act in Health Care Matters

Department of Veterans Affairs VA Directive 6311 VA E-DISCOVERY

Privacy Impact Assessment for the Volunteer/Contractor Information System

Best Practices in Electronic Record Retention

Developing an Integrated e-discovery and Corporate Records Management Program. Presented by: Janeine Charpiat Information Security Professional

AccessData Corporation. No More Load Files. Integrating AD ediscovery and Summation to Eliminate Moving Data Between Litigation Support Products

Five Steps to Ensure a Technically Accurate Document Production

E-Discovery and Data Management. Managing Litigation in the Digital Age. Attorney Advertising

PRIVACY IMPACT ASSESSMENT (PIA) GUIDE

General Support System

Case 2:14-cv KHV-JPO Document 12 Filed 07/10/14 Page 1 of 10 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS

Agenda 1) Applicable Disclosure Requirements 2) Records Retention for 3) Confidentiality Obligations 4) Management Strategies 2

Director, Value Engineering

APPENDIX B TO REQUEST FOR PROPOSALS

The FDIC s Data Submissions through the Governmentwide Financial Report System as of September 30, 2015

ATTORNEY-CLIENT CONTRACT. The Firm has agreed to represent you in a case involving.

The Bureau of the Fiscal Service. Privacy Impact Assessment

The Bureau of the Fiscal Service. Privacy Impact Assessment

Taming the Beast Open Records and Discovery for

ACCESS TO ACCOUNTS VIA THE INTERNET.

1. Contact Information. 2. System Information. 3. Characterization of the Information

Rule 30(b)(6) Depositions in Electronic Discovery. Discovering What There Is to Discover

Privacy Impact Assessment

Document & Digital Data Solutions. The Company

United States Attorney s Office for the District of Oregon. Criminal Discovery Policy

Office of Audits and Evaluations Report No. EVAL The FDIC s Controls Over Destruction of Archived Paper Records

Procedure: Electronic Discovery

The Bureau of the Fiscal Service. Privacy Impact Assessment

Get back your good name. Refuse to be a target of identity crime again.

Introduction to Recommendations for ESI Discovery in Federal Criminal Cases

Digital Forensics & e-discovery Services

How To Get A Credit Card From A Credit Union

Discovery Data Management

Digital Forensics & e-discovery Services

Office of Audits and Evaluations Report No. AUD DRR s Controls for Managing, Marketing, and Disposing of Owned Real Estate Assets

Whether information is on paper or online, the basic privacy rights for students and parents remain the

NightOwlDiscovery. EnCase Enterprise/ ediscovery Strategic Consulting Services

Symantec Enterprise Vault E-Discovery Connectors

Guidelines for Outside Counsel New York University, NYU Langone Medical Center and Affiliates

Breakfast Meeting: Securing your Secured Data Digital Forensics, Fraud and Forensic Advancements

ASARCO ASBESTOS PERSONAL INJURY SETTLEMENT TRUST ALTERNATIVE DISPUTE RESOLUTION PROCEDURES

Enhancing Document Review Efficiency with OmniX

Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. Xact Data Discovery. ediscovery for DUMMIES LAWYERS. MDLA TTS August 23, 2013

EEO Database System - icomplaints

Canine Website System (CWS System) DHS/TSA/PIA-036 January 13, 2012

Transcription:

PRIVACY IMPACT ASSESSMENT Electronic Litigation Support System June 2012 FDIC Internal System Table of Contents System Overview Personally Identifiable Information (PII) in ELS Purpose & Use of Information in ELS Sources of Information in ELS Notice & Consent Access to Data in ELS Data Sharing Data Accuracy in ELS Data Security for ELS System of Records Notice (SORN) Contact Us

System Overview The FDIC Legal Division is responsible for collecting, reviewing, redacting, and producing agency records, in support of processing and resolving FDIC legal matters. The Legal Division utilizes the Electronic Litigation Support software to help with the organizing, processing, review, and analysis of discovery and evidence data collected in preparation for a trial or hearing. ELS indirectly supports the Corporation s ability to carry out one of its most prominent tasks: resolve failing or failed institutions in a prompt and cost-effective manner, and ensuring that potential recoveries 1 are investigated, pursued, and resolved in a fair and cost-effective manner. ELS provides FDIC attorneys and paralegals with a simple user interface for searching and sorting different pieces of information. ELS integrates a document database, transcript management, remote and local document retrieval, and an interactive real-time deposition tool for case management, display, and presentation of evidence at trials. ELS is one of two review platforms used by the Legal Division attorneys. ELS is used primarily for small scale reviews of records, while another platform E-Mail E-Discovery (EDEM) is used for large scale record reviews. 2 Personally Identifiable Information (PII) in ELS The information in ELS pertains to investigations or litigation involving: officers, directors, and employees of open or closed banks; loans made to firms and individuals by open or closed banks; or those hired by open or closed banks (i.e., law firms, appraisers, accountants). ELS stores a number of supporting legal artifacts including scanned documentation and electronically stored information (ESI) including emails, word processing documents, PDF files, spreadsheets, presentations, database entries, or other documents. Depending on the nature of the litigation, these documents can consist of contracts, etc. that may contain, full name, maiden name, mother s maiden name, or alias of individuals. Purpose & Use of Information in ELS Information contained in ELS relates to investigations and litigation regarding officers, directors, and employees of open or closed banks; loans made to firms or individuals by open or closed banks; or individuals hired by open or closed banks. The information is used for the resolution of legal matters in the course of trial preparation. 1 Potential recoveries refers to legal claims against bank directors, officers, and other bank professionals (i.e., appraisers, accountants, attorneys) for monetary damages resulting from their actions. The FDIC Legal Division investigates such claims and pursues litigation when justified. Recoveries, in the case of failed banks, are returned to the receivership; otherwise, recoveries are returned to the Corporate fund. 2 For more information, refer to the EDEM Privacy Impact Assessment at www.fdic.gov. 1

Sources of Information in ELS Electronically stored information (ESI) is automatically and securely imported into ELS from the Legal Division s EDEM system. Additional information is derived from interviews, subpoenas, documents, research, public records, and from parties in legal matters by FDIC attorneys or FDIC Outside Counsel, including FDIC employees and contractors. Closed bank data may also be imported from FDIC s Data Management Services (DMS) platform. 3 Attorneys send a request to the Legal Information Technology Unit (LITU)-Litigation Support Group (LSG), who collaborates with the DMS Program Manager within the FDIC Division of Resolutions and Receiverships (DRR) to scope and provide specifications for the data to be retrieved from DMS. External agencies such as the Department of Justice (DOJ), the Office of the Comptroller of the Currency, the Federal Bureau of Investigations (FBI), the Federal Trade Commission (FTC), the Securities and Exchange Commission (SEC), law enforcement agencies, and other bank regulatory agencies may produce and contribute paper and electronic data to ELS. The information is provided to Legal Division attorneys or other authorized staff via encrypted media (i.e., USB hard drive or DVD) or encrypted files within that media. The information is then scanned and/or uploaded to ELS by authorized users in the LITU-LSG or other ELS administrative users. Legal Division attorneys search and review images of the information in ELS to determine if it should be used as evidence or if it needs to be produced to opposing counsel. State law enforcement agencies or state bank regulatory agencies may provide paper or electronic data to ELS. The information is provided to Legal Division attorneys or other authorized FDIC staff via encrypted media, then scanned and/or uploaded to ELS by authorized users in the LITU-LSG or other ELS administrative users. Legal Division attorneys search and review images of the information in ELS to determine if it should be used as evidence or needs to be produced to opposing counsel. Lastly, on occasion, external parties involved in legal matters, such as the FDIC Outside Counsel, opposing counsel, or other stakeholders, provide paper or electronic data to Legal Division attorneys or other authorized FDIC staff via encrypted media. The information is scanned and uploaded into the system by authorized ELS users, and reviewed for relevance. Notice & Consent Individuals may not opt-out of providing the information. The documentation stored in ELS is obtained from a variety of internal FDIC sources (i.e., attorneys, FDIC employees and contractors), FDIC Outside Counsel, other Federal or state banking or law enforcement agencies, FDIC insured banks, and other parties involved in legal matters (i.e., opposing counsel) in the course of trial preparation. 3 For more information about DMS, see the Privacy Impact Assessment at www.fdic.gov. 2

Access to Data in ELS Authorized FDIC Legal Division attorneys and paralegals in FDIC Headquarters and several Regional Offices require access to the ELS case files in preparation for trials or to resolve legal matters. The attorneys and paralegals sort and search the data, and review the records for relevance and for the potential need to redact sensitive confidential information (i.e., SSNs or other PII). FDIC LITU-LSG staff access ELS in order to assist with the scanning and uploading of information to the system. Additionally, they may also access ELS to conduct other system administration functions such as adding users to the system, system upgrades, and troubleshooting user reported problems. Employees and contractors of the FDIC Division of Information Technology (DIT) access ELS to provide network and system troubleshooting support. The ELS database is not viewed by DIT or contractor staff. Data Sharing Other Systems that Share or Have Access to Data in the System: System Name E-Mail E-Discovery (EDEM) IMAC-EnCase E- Discovery (Chain of Custody) Module (EnCase) Data Management Services (DMS) SCAN-IT System Description EDEM processes FDIC emails and attachments along with other PII. Electronically stored information (ESI) is automatically and securely imported into ELS from EDEM. EnCase provides the FDIC with an automated platform for identifying, collecting, and preserving ESI. Once data is collected by EnCase and verified by the Legal Division, data may be manually exported to ELS for further review. DMS provides a standardized way of maintaining data from failed financial institutions. Closed bank data is imported from DMS into ELS. SCAN IT application Combines electronic discovery data processing conventional paper scanning, and printing into one. Type of Information Processed 3

Data Accuracy in ELS Data received from other sources is scanned and uploaded into ELS by LITU-LSG system administrators for access by Legal Division attorneys and paralegals. ESI from the EDEM system is automatically imported into ELS. Lawyers and paralegals manually review the data for accuracy, relevance, and privileges. Data Security for ELS The data in ELS comes from internal and external sources, in both paper and electronic form. The data is stored in case folders and files in the secure ELS database. ELS data is considered sensitive as it directly relates to legal matters, including materials subject to Attorney-Client privilege and attorney work product principles. As such, access is strictly controlled, and data sharing agreements are in place with all external agencies and third parties. Access is determined on a need to know basis and requires the approval of the System Owner in the FDIC Legal Division. In addition, access to the application is controlled through the FDIC Identity Access Management System (IAMS) process. ELS users are provided with specific procedures and training materials; they must also complete the FDIC s annual Security and Privacy Awareness Training. This training has specific information regarding the protection or misuse of sensitive information and sensitive PII. System of Records Notice (SORN) Currently, ELS processes information imported from other FDIC record systems that are collected and maintained for other business purposes. Such record systems include: FDIC SORN #30-64-0002, Financial Institution Investigative and Enforcement Records; FDIC SORN #30-64-0005, Consumer Complaint and Inquiry Records; FDIC SORN #30-64-0013, Insured Financial Institution Liquidation Records; FDIC SORN #30-64-0022, Freedom of Information Act and Privacy Act Request Records; FDIC SORN #30-64-0023, Affordable Housing Program Records; and FDIC SORN #30-64-0024, Unclaimed Deposit Account Records. Contact Us To learn more about the FDIC s Privacy Program, please visit: http://www.fdic.gov/about/privacy/. If you have a privacy-related question or request, email Privacy@fdic.gov or one of the FDIC Privacy Program Contacts. You may also mail your privacy question or request to the FDIC Privacy Program at the following address: 3501 Fairfax Drive, Arlington, VA 22226. 4

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information