PIA - Security Operations Systems (SOS)
DEPARTMENT OF TRANSPORTATION
Office of the Secretary of Transportation (OST)
PRIVACY IMPACT ASSESSMENT
Security Operations Systems (SOS)
November 17, 2008
TABLE OF CONTENTS
Overview of Privacy Management Process
Personally Identifiable Information (PII) & SOS
Why SOS Collects Information
How SOS uses information
How SOS Shares Information
How SOS Provides Notice and Consent
How SOS Ensures Data Accuracy
How SOS Provides Redress
How SOS Secures Information
How Long SOS Retains Information
System of Records
Overview of Privacy Management Process
The Security Operations Systems are used in support of security operations processes including classified document control; monitoring performance of security checks by guard personnel; facility entry control; personnel identification (badging); and monitoring of electronic access (intrusion detection) systems. It also has a general purpose database that supports the following office functions: training; investigations; locks and keys; gun inventory; investigator credentials; lost ID cards; and contractors.
Privacy management is an integral part of the Department of Transportation (DOT) Security Operations Systems (SOS). The Office of the Secretary (OST) has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and established methodologies.
Privacy management is an integral part of the SOS system. OST has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and established methodologies.
The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and OST will have the information, tools and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing OST to achieve its mission of protecting and enhancing the U.S. transportation system. The methodology is based upon the following steps:
- Establish priority, authority, and responsibility. Appointing a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
- Assess the current privacy environment. This involves interviews with key individuals involved in the SOS system to ensure that privacy risks are identified, addressed and documented.
- Organize the resources necessary for the project's goals. Internal OST resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks. They are also involved in developing the necessary redress systems and training programs.
- Develop the policies, practices, and procedures. The resources identified in the paragraph above work to develop effective policies, practices, and procedures to ensure that fair information practices are complied with. The policies are designed to protect privacy effectively while allowing OST to achieve its mission.
- Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training all individuals who will have access to and/or process personally identifiable information (PII). It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the OST project.
- Maintain policies, practices, and procedures. Due to changes in technology, personnel and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance is required.
- Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints are effectively addressed and corrections made, if necessary.
Personally Identifiable Information (PII) & SOS
SOS are used in support of security operations processing including classified document control, personnel identification (badging), and monitoring of electronic access (intrusion detection) systems. As such, it contains information on individuals in the following systems:
- M-70 System: Name, date of birth, age, height, weight, sex, and race
- FAA Headquarters Alarm Monitoring System: Name
- Document Control: Name, social security number
- FAA 10A & 10B Access Control System: Name
- FAA Guard Patrol System: None
- Lenel OnGuard Physical Access Control System: Name, photographic facial image, DOT mode, organization name
The SOS modules will contain and publicly post the following information:
SOS does not publicly post any PII information.
Why SOS Collects Information
SOS collects the PII in order to effectively manage the identification, badging, and access of DOT employees and contractors.
How SOS uses information
OST personnel enter identification records, contact information and access privileges prior to badge issuance. The SOS monitoring systems track and record individual access to the facilities.
How SOS Shares Information
In accordance with Sections A4 and A5 of the SOS System Security Plan, SOS is located in the DOT Headquarters Facility. The systems are not available on the Internet. The systems do not interface with, nor are they interconnected with other automated information resources. The systems do not share data with other systems.
How SOS Provides Notice and Consent
SOS displays the DOT approved system warning banner to alert users of notice and consent to monitoring prior to login. Privacy Act acknowledgement statements are included on all applications for services.
How SOS Ensures Data Accuracy
SOS employs the data accuracy checks inherit in the database software to ensure data validity and accuracy. The systems have been reviewed to ensure, to the greatest extent possible, it is accurate, relevant, timely and complete via security testing and evaluation.
How SOS Provides Redress
Validation checks are built into the application software that both prompt the user that an incorrect entry has been entered and must be corrected, and that a user has successfully input data. Personnel may examine and update information via request to M-40.
How SOS Secures Information
SOS takes appropriate security measures to safeguard PII and other sensitive data. SOS applies DOT security standards, including but not limited to routine scans and monitoring, back-up activities, and background security checks of OST employees and contractors.
| Role | Access | Safeguards |
|---|---|---|
| STAFF | Application and data set access only | Access is audited. |
| ADMIN | Access to all system functions | Can only be granted by ADMIN level users |
How Long SOS Retains Information
SOS retains PII information for a minimum of one year.
System of Records
SOS contains information that is part of existing System of Records subject to the Privacy Act, because it can be searched by an individual's name, address, position, badge code and, in some instances SSN. In most instances, DOT/ALL 9, DOT/OST 16, DOT/OST 35 and DOT/OST 46 apply and the Department of Transportation controls the data and maintains System of Records responsibilities.
OST has certified and accredited the security of SOS in accordance with DOT information technology security standard requirements.