Official US Government Icon

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure Site Icon

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PIA - iComplaints

DEPARTMENT OF TRANSPORTATION
Office of the Secretary (OST)
PRIVACY IMPACT ASSESSMENT
iComplaints

August 30, 2004


Table of Contents

Overview of OST (OST) privacy management process for iComplaints
Personally-Identifiable Information and iComplaints
Why iComplaints collects information
How iComplaints uses information
How iComplaints shares information
How iComplaints provides notice and consent
How iComplaints ensures data accuracy
How iComplaints provides redress
How iComplaints secures information
System of records

Overview of OST (OST) privacy management process for iComplaints

The Office of the Secretary (OST), within the Department of Transportation (DOT), has been given the responsibility of formulating national transportation policy and promoting intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of US airlines, enforcing airline consumer protection regulations, issuing regulations to prevent alcohol and illegal drug misuse in transportation systems, improving the security of the national transportation system, and preparing transportation legislation.

As part of its support function for DOT, OST is responsible for investigating and tracking Equal Employment Opportunity (EEO) discrimination complaints. To help fulfill this need, OST uses a Web-enabled system, iComplaints. iComplaints records, tracks, and provides reporting on EEO complaints against DOT.

Privacy management is an integral part of the iComplaints project. DOT/OST has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, methodologies, and sound policies and procedures.

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and OST will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing OST to achieve its mission of protecting and enhancing all U.S. civil transportation systems. The methodology is based upon the following:

  • Establish priority, authority, and responsibility. Appoint a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
  • Assess the current privacy environment. This involved interviews with key individuals involved in the iComplaints system to ensure that all uses of Personally Identifiable Information (PII), along with the risks involved with such use, are identified and documented.
  • Organize the resources necessary for the project's goals. Internal DOT/OST resources, along with outside experts, are involved in reviewing the technology, data uses and associated risks. They are also involved in developing the necessary redress systems and training programs.
  • Develop the policies, practices, and procedures. The resources identified in the paragraph immediately above work to develop an effective policy or policies, practices, and procedures to ensure that fair information practices are complied with. The policies effectively protect privacy while allowing DOT/OST to achieve its mission.
  • Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who will have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the OST project.
  • Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures is required.
  • Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints are effectively addressed and corrections made if necessary.

Personally-Identifiable Information (PII) and iComplaints

The iComplaints system uses both PII and non-PII data to record, track, and manage EEO complaints against DOT. DOT takes EEO seriously, and it tracks and investigates both informal and formal complaints. For example, an individual may have an EEO-related question or concern and ask that DOT handle that issue in an informal way, without resorting to a formal complaint. In this instance, DOT enters the information issue into iComplaints along with any needed PII and tracks that record.

DOT must also track and respond to all formal EEO complaints against the Department and respond to the complaint within 180 days. DOT uses necessary PII to investigate complaints as needed. In addition, DOT must report (EEOC form 462) status on its EEO program, and it provides quarterly status reports in compliance with the No Fear Act.

PII in iComplaints will include name, and last four digits of a filer's social security number, and postal address. It may also include the email address, phone number, and attached legal documents.

In addition, iComplaints uses logon names and passwords to control access. Therefore, iComplaints also contains the name and password of each DOT user and associates the data with that individual.

An individual's PII enters the iComplaints system when that person files an informal or formal EEO complaint, is a witness to an alleged discriminatory act, or has been named as committing an alleged discriminatory act.

Why iComplaints collects information

iComplaints collects information in order to assist DOT with its EEO investigations and meet reporting requirements. iComplaints does not interface with DOT or other external systems. The iComplaints system collects PII only when an individual is involved in an EEO complaint.

How iComplaints uses information

Information in iComplaints is used by DOT to investigate EEO complaints and create yearly and quarterly reports to meet federal reporting requirements. During the investigation process, DOT may use iComplaints PII to contact individuals, research facts, pass on appropriate information to judges, attorneys, and other parties.

How iComplaints shares information

DOT EEO investigators access and use PII in iComplaints. In addition, DOT may share PII through system generated reports with Administrative judges, Federal judges, attorneys, and others involved with an EEO case. Administrators to the iComplaints system have access to PII. In addition, each DOT Operating Administration has access to informal EEO case information before it becomes an official complaint. Operating Administrations cannot view legal (formal) actions against them.

IComplaints is also a Privacy Act system of records and complies with the information sharing practices described in the Routine Uses section of its Privacy Act system of records notice.

How iComplaints provides notice and consent

Entry of PII into iComplaints is a necessary condition of involvement with an EEO complaint. Individuals involved with an EEO complaint are made to understand, though an interview process, that they are providing PII for an EEO complaint. DOT does not use iComplaints PII for any other purpose.

How iComplaints ensures data accuracy

IComplaints PII is received through an initial interview with an investigator, either from the individual directly or through the interview about another individual involved in the case. Designated DOT iComplaints staff members enter data into the system and are responsible for the accuracy of those data. If any inaccuracies are noted, designated DOT staff will conduct further research and enter corrections to the data. At any time, an individual may contact his or her investigator to review his or her personal data and request changes, as appropriate.

How iComplaints provides redress

An individual may request that his or her investigator address privacy questions or concerns. Also, an individual may contact the iComplaints System Owner, as designated in the Privacy Act system of records notice, for redress of privacy issues.

How iComplaints secures information

The iComplaints system is housed in Herndon, Virginia. Personnel with physical access have all undergone and passed DOT background checks.

In addition to physical access, electronic access to PII in iComplaints is limited according to a matrix of job function and accounting activities. Different users are provided different levels of access.

OST controls access privileges through the following roles:

  • Investigator
  • Regional Director
  • Operating Administration
  • Administrator

The following matrix describes the privileges and safeguards around each of these roles as they pertain to PII.

PII
RoleAccessSafeguards
Investigator
  • Read-only data for cases assigned to him or her.
The following safeguards apply:
  • Passwords expire after a set period.
  • Accounts are locked after a set period of inactivity.
  • Minimum length of passwords is eight characters.
  • Accounts are locked after a set number of incorrect attempts.
Regional Director
  • Enter and update cases assigned to his or her region.
The following safeguards apply:
  • Passwords expire after a set period.
  • Accounts are locked after a set period of inactivity.
  • Minimum length of passwords is eight characters.o Accounts are locked after a set number of incorrect attempts.
Operating Administration
  • Add, view, and change informal complaints only.
The following safeguards apply:
  • Passwords expire after a set period.
  • Accounts are locked after a set period of inactivity.
  • Minimum length of passwords is eight characters.
  • Accounts are locked after a set number of incorrect attempts.
Administrator
  • Assign roles and privileges in system, view case information.
The following safeguards apply:
  • Passwords expire after a set period.
  • Accounts are locked after a set period of inactivity.
  • Minimum length of passwords is eight characters.
  • Accounts are locked after a set number of incorrect attempts.
Super Administrator
  • Assign roles and privileges in system, view, add, change all information.
The following safeguards apply:
  • Passwords expire after a set period.
  • Accounts are locked after a set period of inactivity.
  • Minimum length of passwords is eight characters.
  • Accounts are locked after a set number of incorrect attempts.

Access for all iComplaints users must be granted by an Administrator, who also sets privileges.

System of records

IComplaints is a Privacy Act system of records (SOR), because it is searched by an individual's name and last four digits of his or her social security number. DOT is currently working to meet Privacy Act requirements, including posting a SOR notice. OST has certified and accredited iComplaints in accordance with DOT requirements.