Privacy Impact Assessment (PIA) Summary
Date of this Submission (MM/DD/YYYY):July 20, 2006
NASA Center: NASA Headquarters
Application Name: NASA Security Records System
Is this application or information collection new or is an existing one being modified? Existing
Does this application collect, maintain, and/or disseminate information in identifiable form (IIF)? Yes
Mission Program/Project Supported: NASA Office of Security and Program
NASA Office of the Chief Information Officer
Identifying Numbers (Use N/A, where appropriate)
Privacy Act System of Records Number: NASA 10 SECR
OMB Information Collection Approval Number and Expiration Date:SF 85 – OMB No. 3206-0005,SF 86 -OMB No. 3206-0007
Other Identifying Number(s): N/A
1. Provide an overview of the application or collection and indicate the legislation authorizing this activity.
The National Aeronautics and Space Administration Security Records System is a Privacy Act system of records to document, track, manage, analyze, and/or report on individuals accessing NASA resources. Routine uses of this system of records will be to determine eligibility to access classified national security information; to maintain a record of identification documentation provided to NASA as proof of an individual’s identity; to establish contact with an employee’s next-of-kin in the event of a mishap involving the employee; to provide personal identifying data to Federal, State, local or foreign law enforcement representatives seeking confirmation of identity of persons under investigation.
Authority for this activity is derived from: 42 U.S.C. 2451, et seq., the National Aeronautics and Space Act of 1958, as amended; Espionage and Information Control Statutes, 18 U.S.C. 793-799; Sabotage Statutes, 18 U.S.C. 2151--2157; Conspiracy Statute, 18 U.S.C. 371; 18 U.S.C. 202-208, 3056; Internal Security Act of 1950; Atomic Energy Act of 1954, as amended; Executive Order 12958, as amended, Classified National Security Information; Executive Order 12968, as amended, Access to Classified Information; Executive Order 10865, Safeguarding Classified Information Within Industry; Executive Order 10450, Security Requirements for Government Employees; Pub. L. 81-733;5 U.S.C. 552a, Privacy Act of 1974; E-Government Act of 2002;Federal Information Security Management Act 2002 41 CFR Chapter 101; 14 CFR parts 1203-1203b; 44 U.S.C. 3101; and Homeland Security Presidential Directive 12; Federal Information Processing Standard 201: Policy for a Common Identification Standard for Federal Employees and Contractors.
(See Federal Register System of Record Notice (SORN) NASA 10 SECR)
2. Describe the
information the agency will collect, maintain, or disseminate and how the
agency will use the information. In this description, indicate whether the
information contains IIF and whether submission is voluntary
Records in this system include information about the individuals seeking access to NASA resources.Information about an individual may include, but is not limited to: name, home address, place of birth and citizenship, U.S. visitor/travel document numbers, employment information, Tax Identification Numbers (Social Security Number), description of the individual (height, weight, hair color, et al.)Submission of requested information is voluntary.
The records in this system of records are intended for the sole use of the U.S. Government and its contractors who support U.S. Government operations, policies, laws and regulations, as well as State, local and foreign law enforcement representatives seeking confirmation of identity of persons under investigation.
The Agency will use the information to conduct and document security violations and supervisory actions; ensure the safety and security of NASA facilities, systems, or information, and Agency occupants and users; enable contact with an employee’s next-of-kin in the event of a mishap involving the employee; complete the NASA identity proofing and registration process; create data records in the Personal Identity Verification (PIV) Identity Management System (IDMS); issue PIV cardsto verify that individuals entering federal facilities, using federal information resources, or accessing classified information are authorized to do so; track and control issued PIV cards.
Although fingerprints are collected, they are at once electronically transmitted to the Federal Bureau of Investigation (FBI) as part of a background investigative package in accordance with 42USC14616.Further, as required by FIPS-201 (Personal Identity Verification (PIV) of Federal Employees and Contractors), the fingerprints are encoded on the PIV card and held in an encrypted container.Immediately upon fulfilling these two requirements, NASA purges the collected fingerprints from the system. Thus, NASA does not maintain any fingerprints in any database, or any other system. Should a PIV card become lost, or damaged, biometrics must be recaptured because they are not stored in any NASA system.
See Federal Register System of Record Notice (SORN) NASA 10 SECR and Attachment A to this PIA.
3. Is submission of the IIF mandatory?
Submission of requested information is voluntary.Failure to submit requested information could result in NASA’s inability to fulfill Agency requirements as set forth in Federal Information Processing Standards Publication 201 (FIPS-201), and could result in the individual’s request for access to NASA physical and/or Information Technology resources being turn down.
4. Explain how the IIF collected, maintained, and/or disseminated is the minimum necessary to accomplish the purpose for this effort.
The information is collected directly from the individual.To achieve the objectives of the system, only the IIF information necessary to positively identify an individual; perform national criminal database checks; identify emergency notification information; and to maintain a history of traffic incidents on NASA facilities is obtained from individuals.This information may be shared with other Federal, State, local and foreign government agencies only as authorized by applicable laws and regulations.
See Federal Register System of Record Notice (SORN) NASA 10 SECR
5. Is a Privacy Act notice provided to the individual at the time information is collected? Yes
If yes, provide or attach the Privacy Act Statement.If notice is not provided, why not? The Privacy Act notice is currently being revised to ensure greater adequacy.
Privacy Act Notice
General - Pursuant to the, Privacy Act of 1974, as amended (5 U.S.C. 552a), and the National Aeronautics and Space Act, 42 U,S.C. § 2451 et seq., the following information is being solicited and collected for use in conjunction with the NASA Security Records System know as NASA 10SECR.
Authority - The National Aeronautics and Space Act (42 U.S.C. 2455, Section 304(a)).
Purposes and Uses - The primary use of information collected on this form will be for the issuance of NASA badges.In addition, state, local, or Congressional offices which have a need to know in connection with program oversight or when relevant to civil, criminal, administrative, or regulatory investigations or proceedings. Additional uses are set forth and published in 10SECR at 49 FR 39742 (Dec. 13, 1999) and the standard uses as listed in Appendix B.
Effect of Nondisclosure - Failure to provide your Social Security Number (SSN) will result in NASA's inability to issue an Agency identification badge, as required under NPD 1600 "NASA Security Policy."This may result in your disqualification from performing particular work or duty assignments, or from the position that you currently hold.Disclosure of your SSN is MANDATORY in order to obtain a NASA badge.Executive Order 9397 authorizes the use of the SSN to distinguish between you and other people who may have identical names and birth dates.The SSN will be used to match the person completing this form with the correct individual master record currently maintained in NASA 10SECR.
6. Explain why the IIF is being collected, maintained, or disseminated.
Records are being collected and maintained pursuant to Homeland Security Presidential Directive 12 to provide positive identification of individuals who access NASA physical and information technology resources, to include NASA Headquarters, Field Offices, National Laboratories, Federally Funded Research and Development Centers, Contractor Sites, components facilities (NASA Management Office, Wallops Flight Facility, White Sands Test Facility, White Sands Complex, Independent Validation & Verification Facility, Michoud Assembly Center, Moffett Federal Airfield, Goldstone Deep Space Communications Complex, Goddard Institute for Space Studies, National Scientific Balloon Facility, Plum Brook Station).
The IIF information is only disseminated to other government agencies as authorized by applicable laws and regulations for purposes outlined below and provided in the Routine Uses of the SORN.
(See Federal Register System of Record Notice (SORN) for NASA 10 SECR.)
7. Identify with whom the agency will share the IIF.
Routine uses of the records containing IIF are as follows:
A record from this system may be disclosed to:
See Federal Register System of Record Notice (SORN) NASA 10 SECR
8. Describe how the IIF will be obtained, from whom it will be collected, what the suppliers of information and the subjects will be told about the information collection, and how this message will be conveyed to them (e.g., written notice, electronic notice if a Web-based collection, etc.). Describe any opportunities for consent provided to individuals regarding what information is collected and how the information will be shared.
The IIF will be solicited directly from the individual. The individual will be advised of the authority and purposes for collecting this information as stated in 1-5 above.The information may be provided in written form, usually by the use of an approved OMB Standard Form (e.g., SF-85, SF-85P or SF-86).Individuals grant consent to the collection by providing the requested information.
Employers’ and former employers’ records; FBI criminal history records and other databases; financial institutions and credit reports; medical records and health care providers; educational institutions; interviews of witnesses such as neighbors, friends, co-workers, business associates, teachers, landlords, or family members; tax records; and other public records.Security violation information is obtained from a variety of sources, such as guard reports, security inspections, witnesses, supervisor’s reports, audit reports.
9. State whether personal information will be collected from children under age 13 on the Internet and, if so, how parental or guardian approval will be obtained. (Reference: Children’s Online Privacy Protection Act of 1998)
Information will not be collected from children.
10. Describe how the IIF will be secured.
The IIF will be secured using procedures set forth in NIST SP 800-18, NIST SP 800-53 and NIST SP 800-30.
11. Describe plans for retention and destruction of IIF.
NASA Records Retention Schedule (NRRS) 1/Item 103, NRRS 2/Item 4B2, NRRS 6/Item 11B, and General Records Schedule 18/Item 22a provide for the retention of the records for a period not to exceed 5-years from termination date.At that point, the records will be removed from the system, and all media with the data either overwritten or destroyed.
12. Identify whether a system of records is being created under section 552a of Title 5, United States Code (the Privacy Act), or identify the existing Privacy Act system of records notice under which the records will be maintained.
NASA 10 SECR is being updated.
13. Identify the procedures individuals must follow to gain access to their own information:
Individuals should follow the Record Access Procedures specified in NASA 10SECR.Specifically, Personnel Security Records compiled solely for the purpose of determining suitability, eligibility, or qualifications for Federal civilian employment, Federal contracts, or access to classified information have been exempted by the Administrator under 5 U.S.C. 552a(k)(5) from the access provisions of the Act.
Personal Identity Records:Requests from individuals should be addressed to the same address as stated in the Notification section in NASA 10SECR.
Emergency Data Records: Requests from individuals should be addressed to the same address as stated in the Notification section in NASA 10SECR.
Criminal Matter Records compiled for civil or criminal law enforcement purposes have been exempted by the Administrator under 5 U.S.C. 552a(k)(2) from the access provision of the Act.
Traffic Management Records: Requests from individuals should be addressed to the same address as stated in the Notification section in NASA 10SECR
14. What are the procedures for correcting information?
Procedures are specified in 14 CFR.1212.
15. Do individuals have the right to consent to particular uses of the information?
Through the NASA Systems of Record Notice (NASA 10 SECR) published in the Federal Register and the Privacy Act Statement provided at the time data are collected, NASA has informed individuals of the purpose of its collection.By providing the information, the individual concurs with the uses of the information as published in the Federal Register and this PIA.Individuals are not given the ability to determine individual uses for the information collected.
16. Data Protection Controls
General Program Controls
What are the controls on data exchange and integrity of the credential?
The agency follows all applicable government-wide standards for controlling and protecting information systems (see NIST SP800-53). Specific controls are described below.
System security:The controls include network security and limited access to system and physical facilities.Program controls include protecting data through the >use of FIPS validated cryptographic algorithms in transit, processing and at rest.
Networks: The IT infrastructure that supports security programs is described in detail in associated IT Security Plans. All data exchange takes place over encrypted data communication networks that are designed and managed specifically to meet the needs of the Security program.Private networks and or encryption technologies are used during the electronic transfer of information to ensure “eavesdropping” is not allowed and that data is sent only to its intended destination and to an authorized user, by an authorized user.
Data Transmission: All data transmissions associated with IIF are protected by NIST SP 800-37 NIST SP 800-53 approved procedures.
Data Storage Facilities:Facilities and equipment are secured by limiting physical access to the workspace and system, and by requiring an appropriate verification of identity for logical access to the system.
Equipment: User Identification: PIV cardholders are authenticated to access the PIV system using, at a minimum, two-factor authentication based on their role and responsibility.A required component (first factor) of this authentication is the PIV card itself.In combination with the PIV, the second factor of this authentication requires a personal ID number (PIN), and/or biometric (e.g., fingerprint).
Separation of Duties Controls: As specified by NIST SP 800-79, duties associated with the issuance of badges/credentials meeting FIPS-201 requirements are separated to insure roles do not overlap.
Who will have access to the information?
Individuals listed in questions 18 and 40 of this PIA who include authorized information technology (IT) personnel or contractors (pursuant to an appropriate routine use) who handle the operations and maintenance of the system will have limited access to the system to support the credentialing activity as well as trouble shoot technical system issues encountered on a day-to-day basis.Additionally, as authorized by Section (b) (1) of the Privacy Act, disclosures may be made to officers and employees of the Agency which maintains the record who have a need for the record in the performance of their duties.
Are written procedures in place identifying who may access the system?
All NASA employees and assigned contractor staff with access to security systems containing IIF will receive appropriate privacy and security training, and have any necessary background investigations and/or security clearances for access to sensitive, privacy or classified information or secured facilities.Personnel will only have access to IIF information as part of their official duties within NASA and must first be approved by the Center Chief of Security prior to being granted access.
What technical and/or operational controls are in place to prevent misuse of data by those having access?
By design, and for security and privacy reasons, no enrollment data is stored at or by the enrollment workstation or center.The enrollment record can only be viewed or retrieved by a NASA enrollment official or PIV issuer who is trained and authorized to perform enrollment activities.The ability to retrieve or view an employee’s enrollment record is controlled by user authentication, which ensures only those with a need to access the data and who possess proper training can retrieve or view enrollment information.In addition to this access control, physical privacy protections will be used. These physical protections include the use of “Privacy Screens” that prevent passers-by from viewing enrollment record information that may be displayed on the enrollment center workstation.Additionally, the enrollment center’s physical security controls will be enforced to ensure that only NASA employment officer or PIV issuer with a need for access can enter the enrollment center and view personal information displayed on screens.
17. What decisions were made concerning this system as a result of conducting this assessment?
The storage location for system backup files is under
Update Privacy Act Statement provided to individuals at the time of information collection.
Contingent on the elements listed above and the satisfaction of all applicable Directives, OMB Guidance, and NIST standards and requirements, the privacy controls related to the system this PIA covers is considered adequate.
Signature on File at NASA Headquarters
Phillip A. Bounds
Acting Director, Security Management Division,
NASA HQ Office of Security and Program Protection
Date : July 20 , 2006
Signature on File at NASA Headquarters Signature on File at NASA Headquarters
Patti F. Stockman Scott Santiago
NASA Privacy Act Officer Deputy CIO for IT Security
Date: July 20, 2006 Date: July 20, 2006
Approved for Publication:
Signature on File at NASA Headquarters
John W. McManu
Acting, Chief Information Officer
Date: July 23, 2006