ML21091A145: Difference between revisions

From kanterella
Jump to navigation Jump to search
(StriderTol Bot change)
(StriderTol Bot change)
 
(3 intermediate revisions by the same user not shown)
Line 12: Line 12:
| document type = Privacy Impact Assessment
| document type = Privacy Impact Assessment
| page count = 19
| page count = 19
| project =
| stage = Other
}}
}}


=Text=
=Text=
{{#Wiki_filter:}}
{{#Wiki_filter:U.S. Nuclear Regulatory Commission Privacy Impact Assessment Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements.
Integrity (Office of Government Ethics (OGE) Application)
Date: March 3, 2021 A. GENERAL SYSTEM INFORMATION
: 1. Provide a detailed description of the system: (Use plain language, no technical terms.)
Integrity is a secure, controlled-access, web-based information system created by the U.S. Office of Government Ethics (OGE) for the executive branch of the U.S. Federal Government for electronically filing and reviewing public financial disclosure reports. The system is used to collect, manage, process, and store financial disclosure information from select members of the public in anticipation of nomination by the President and approval by the Senate and certain federal employees. Authorized agency ethics officials use the collected data to identify and resolve potential conflicts of interest between an employee's official duties and his or her private financial interests and affiliations.
OGE developed Integrity in partnership with the Budget Line of Business (BLoB) and the MAX.gov team at the Office of Management and Budget (OMB) Budget Systems Branch (BSB). Integrity was built using MAX Platform-as-a-Service (MAX PaaS). MAX.govs Central Authentication Service (MAX CAS) provides authentication services to the Integrity users (filers and ethics officials).
OGE contracted with the U.S. Department of Agriculture (USDA) Digital Infrastructure Services Center (DISC), formerly known as the USDA National Information Technology Center (NITC), to host Integrity in a secure cloud environment. The USDA DISC is a federally-owned Cloud Service Provider (CSP) authorized by the Federal Risk and Authorization Management Program (FedRAMP).
: 2. What agency function does it support? (How will this support the U.S.
Nuclear Regulatory Commissions (NRCs) mission, which strategic goal?)
Integrity is used by applicable NRC employees to file their public financial disclosure reports. Integrity reduces processing time, eliminates common errors, and improves conflict of interest prevention and resolution. The system meets the requirements set forth in the Stop Trading on Congressional Knowledge (STOCK) Act, which was signed into law on April 4, 2012, as amended.
PIA Template (03-2021)
Integrity supports the following reports and forms:
Nominee, New Entrant, Annual, and Termination reports using the OGE Form 278e. Filers may also complete a combined Annual and Termination report if appropriate.
Periodic Transaction reports using the OGE Form 278-T.
: 3.      Describe any modules or subsystems, where relevant, and their functions.
N/A.
: 4.      What legal authority authorizes the purchase or development of this system? (What law, regulation, or Executive Order authorizes the collection and maintenance of the information necessary to meet an official program mission or goal? NRC internal policy is not a legal authority.)
The Stop Trading on Congressional Knowledge Act of 2012 (STOCK Act), Pub.
L. No. 112-105, 125 Stat. 191, 298-99 (2012), (as amended); EIGA, 5 U.S.C.
app. § 101 et seq as amended, authorizes the use of this system.
: 5.      What is the purpose of the system and the data to be collected?
The purpose of this executive branch-wide system is to electronically collect, manage, process, measure, and store reported financial and related information used in the OGE Form 278e and the OGE Form 278-T. Authorized OGE and NRC users will use the collected information to identify, prevent, and resolve conflicts of interest in accordance with Ethics in Government Act of 1978 (EIGA).
PIA Template (03-2021)
: 6.      Points of
 
==Contact:==
(Do not adjust or change table fields. Annotate N/A if unknown. If multiple individuals need to be added in a certain field, please add lines where necessary.)
Project Manager                  Office/Division/Branch        Telephone Jay Hosseini                    OCIO/GEMSD/APIB/PMT          301-415-0021 Business Project Manager        Office/Division/Branch        Telephone Tracy Hurston                    OGE                          202-482-9251 Technical Project Manager        Office/Division/Branch        Telephone Jay Hosseini                    OCIO/GEMSD/APIB/PMT          301-415-0021 Executive Sponsor                Office/Division/Branch        Telephone ISSO                            Office/Division/Branch        Telephone Natalya Bobryakova              OCIO/GEMS/CSB/IAT            301-287-0671 System Owner/User                Office/Division/Branch        Telephone Thomas Ashley                    OCIO/ITSDOD                  301-415-0771
: 7.      Does this privacy impact assessment (PIA) support a proposed new system or a proposed modification to an existing system?
: a.            New System Modify Existing System X  Other
: b.      If modifying or making other updates to an existing system, has a PIA been prepared before?
Yes.
PIA Template (03-2021)
If yes, provide the date approved and the Agencywide Documents Access and Management System (ADAMS) accession number.
A PIA was approved on June 15, 2018. The ADAMS accession number is ML18134A108.
(1)    If yes, provide a summary of modifications or other changes to the existing system.
The following information has been updated in this PIA: System description (to include a name change for the CSP), Points of Contact (POC), and the Privacy Act System of Records Notice (SORN) information.
: 8. Do you have an NRC system Enterprise Architecture (EA)/Inventory number?
Yes.
: a. If yes, please provide the EA/Inventory number.
Integrity is a subsystem of the Third Party System (TPS). The TPS EA number is 20180002.
: b. If, no, please contact EA Service Desk to get the EA/Inventory number.
B. INFORMATION COLLECTED AND MAINTAINED These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals.
: 1.      INFORMATION ABOUT INDIVIDUALS
: a.      Does this system maintain information about individuals?
Yes.
PIA Template (03-2021)
(1)    If yes, identify the group(s) of individuals (e.g., Federal employees, Federal contractors, licensees, general public (provide description for general public (non-licensee workers, applicants before they are licenses etc.)).
Covered individuals include members of the public, usually nominees, who are under consideration for Presidentially-appointed, Senate-confirmed (PAS) positions, terminated PAS officials, federal employees who file an OGE Form 278e and/or an OGE Form 278-T, terminated federal employees who file a Termination OGE 278, agency reviewers, and users who administer the system.
(2)    IF NO, SKIP TO QUESTION B.2.
: b. What information is being maintained in the system about an individual (be specific - e.g. Social Security Number (SSN), Place of Birth, Name, Address)?
The system maintains information identifiable to the filers completing the online public disclosure forms, which includes the filers name, position, address, telephone number, email address, and financial information.
: c. Is information being collected from the subject individual? (To the greatest extent possible, collect information about an individual directly from the individual.)
Yes. Individual users are the source of the information. Filers may designate individuals to enter information into the system on their behalf.
(1)    If yes, what information is being collected?
Any individual who uses the system must provide minimal contact information, such as name, agency, business address, telephone number, and official email address. Filers using the system provide their official position title and reportable personal financial information.
: d. Will the information be collected from individuals who are not Federal employees?
Potentially, yes. Nominees to PAS positions are usually members of the public who will use the system to complete a Nominee OGE Form 278.
PIA Template (03-2021)
(1)      If yes, does the information collection have the Office of Management and Budgets (OMB) approval?
BLoB and the MAX.gov team at OMB BSB.
(a)      If yes, indicate the OMB approval number:
The OMB control number for Form 278e is 3209-0001 and is referenced in OGEs regulations, at 5 C.F.R. section 2634.601(c).
: e. Is the information being collected from existing NRC files, databases, or systems?
No.
(1)      If yes, identify the files/databases/systems and the information being collected.
: f. Is the information being collected from external sources (any source outside of the NRC)?
Yes.
(1)      If yes, identify the source and what type of information is being collected?
Integrity is used by other executive branch agencies, as well as members of the public who have been nominated for PAS positions. The type of information collected includes the individuals agency, business address, telephone number and official email address, official position title, and reportable personal financial information.
: g. How will information not collected directly from the subject individual be verified as current, accurate, and complete?
All information about a subject individual will be provided by the subject individual. Individual users are responsible for ensuring the information they enter is accurate and are required to certify to this effect. The system will generate an error message and highlight incomplete required fields.
: h. How will the information be collected (e.g. form, data transfer)?
N/A.
PIA Template (03-2021)
: 2.      INFORMATION NOT ABOUT INDIVIDUALS
: a.      Will information not about individuals be maintained in this system?
No.
(1)      If yes, identify the type of information (be specific).
: b.      What is the source of this information? Will it come from internal agency sources and/or external sources? Explain in detail.
N/A.
C. USES OF SYSTEM AND INFORMATION These questions will identify the use of the information and the accuracy of the data being used.
: 1.      Describe all uses made of the data in this system.
Authorized agency ethics officials use the collected data to identify, prevent, and resolve conflicts of interest.
: 2.      Is the use of the data both relevant and necessary for the purpose for which the system is designed?
Yes. The system collects, manages, processes, renders, and stores public financial disclosure information that responsible officials use to identify, prevent, and resolve conflicts of interest under the Ethics in Government Act of 1978, as amended. The system measures agency processing of its filers reports.
: 3.      Who will ensure the proper use of the data in this system?
The executive branch agency (NRC) users who have access will ensure the proper use of the data.
: 4.      Are the data elements described in detail and documented?
Yes.
: a.      If yes, what is the name of the document that contains this information and where is it located?
The data elements are described in the respective information fields that collect the information from individuals using the system. Details of the data elements can be found in the latest Integrity User Guide located on the oge.gov website.
https://oge.gov/Web/OGE.nsf/0/D3CEB8CCAEC1BA11852585F8005C9D D4/$FILE/Integrity%20User%20Guide_v3.0.pdf .
PIA Template (03-2021)
: 5.      Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?
No.
Derived data is obtained from a source for one purpose and then the original information is used to deduce/infer a separate and distinct bit of information that is aggregated to form information that is usually different from the source information.
Aggregation of data is the taking of various data elements and then turning it into a composite of all the data to form another type of data (i.e. tables or data arrays).
: a.      If yes, how will aggregated data be maintained, filed, and utilized?
N/A.
: b.      How will aggregated data be validated for relevance and accuracy?
N/A.
: c.      If data are consolidated, what controls protect it from unauthorized access, use, or modification?
N/A.
: 6.      How will data be retrieved from the system? Will data be retrieved by an individuals name or personal identifier (name, unique number or symbol)?
(Be specific.)
Yes. The data will be retrieved from the system by an individuals name or personal identifier.
: a.      If yes, explain, and list the identifiers that will be used to retrieve information on the individual.
The identifiers are used to retrieve information from the disclosure forms (OGE Form 278, OGE Form 278-T). The retrievable information includes:
* Agency
* Item (New Entrant, Nominee, etc.)
* Year
* Status
* First, middle, last name
* Position PIA Template (03-2021)
: 7.      Has a Privacy Act System of Records Notice (SORN) been published in the Federal Register?
Yes.
: a.      If Yes, provide name of SORN and location in the Federal Register.
The data collected are covered by the Government-wide, OGE/GOVT-1 SORN.
: 8.      If the information system is being modified, will the SORN(s) require amendment or revision?
The OGE Privacy Act System of Records, OGE/GOVT-1, was written to include all information that is necessary for administering provisions of the Ethics in Government Act of 1978, as amended, the Ethics Reform Act of 1989 and other ethics laws. The systems notice includes all records in the system that are developed, or information and material received by the Director of OGE or Designated Agency Ethics Officials in administering the various ethics laws. In addition, the current system of records notice covers records in both paper and electronic form. The OGE Privacy Act System of Records, OGE/GOVT-1, was amended to update the authority for maintaining the system by adding the citation to the STOCK 12-105, 126 Stat. 291 (2012) as amended by Pub. L. 113-7 (2013).
: 9.      Will this system provide the capability to identify, locate, and monitor (e.g., track, observe) individuals?
No.
: a.      If yes, explain.
N/A.
(1)      What controls will be used to prevent unauthorized monitoring?
: 10. List the report(s) that will be produced from this system.
The system allows authorized users to render the data in an OGE Form 278 or OGE Form 278-T, as applicable.
: a.      What are the reports used for?
These reports inform the authorized agency users of the processing status (e.g., assigned, draft, under review or certified) of the agencys filers reports and other covered documents, measuring completion against standards.
PIA Template (03-2021)
: b.      Who has access to these reports?
Authorized system users may access these reports. OGE has access to this processing information for all agencies.
D. ACCESS TO DATA
: 1.      Which NRC office(s) will have access to the data in the system?
Only system-registered, authorized users will be granted access to the system.
The system will be used by Office of the General Council (OGC,) who will manage accounts and roles for other NRC users who are required to use Integrity to file public financial disclosure reports.
(1)    For what purpose?
Authorized NRC users use Integrity to file their public financial disclosure reports as required by the EIGA and STOCK Act.
(2)    Will access be limited?
Yes. Access to the system data is role-based. OGC administrators manage accounts and roles for NRC Integrity users.
: 2.      Will other NRC systems share data with or have access to the data in the system?
No.
(1)    If yes, identify the system(s).
N/A.
(2)    How will the data be transmitted or disclosed?
N/A.
: 3.      Will external agencies/organizations/public have access to the data in the system?
Yes.
(1)    If yes, who?
Integrity is used by other executive branch agencies, as well as members of the public who have been nominated for PAS positions. OGE owns and maintains the system and has access to system information.
PIA Template (03-2021)
(2)    Will access be limited?
Yes. Access to the system data is role-based.
(3)    What data will be accessible and for what purpose/use?
Executive branch agency ethics officials and other agency-authorized users have access to the agencys system data for use in determining ethics-related matters, (e.g., conflict of interest of the filers reported information).
(4)    How will the data be transmitted or disclosed?
The data can only be accessed by authorized users when they log into the system.
E. RECORDS AND INFORMATION MANAGEMENT (RIM) - RETENTION AND DISPOSAL The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and NARA statutes (44 United States Code (U.S.C.), 36 Code of Federation Regulations (CFR)). Under 36 CFR 1234.10, agencies are required to establish procedures for addressing records management requirements, including recordkeeping requirements and disposition, before approving new electronic information systems or enhancements to existing systems. The following question is intended to determine whether the records and data/information in the system have approved records retention schedule and disposition instructions, whether the system incorporates Records and Information Management and NARAs Universal Electronic Records Management requirements, and if a strategy is needed to ensure compliance.
: 1)      Can you map this system to an applicable retention schedule in NRCs Comprehensive Records Disposition Schedule (NUREG-0910), or NARAs General Records Schedules (GRS)?
Yes.
PIA Template (03-2021)
: a.      If yes, please cite the schedule number, approved disposition, and describe how this is accomplished (then move to F.1).
* For example, will the records or a composite thereof be deleted once they reach their approved retention or exported to an approved file format for transfer to the National Archives based on their approved disposition?
GRS 2.8 - Employee Ethics GRS 2.8 item 060 - Public financial disclosure reports. Reports for individuals filing in accordance with the Ethics in Government Actand not subsequently confirmed by the US Senate.
Temporary. Destroy 1 year after nominee ceases to be under consideration for the position or when no longer needed for active investigation, whichever is later. This disposition instruction is mandatory; deviations are not allowed.
GRS 2.8 item 061 - Public financial disclosure reports. All other reports.
Temporary. Destroy 6 years after receipt of the OGE Form 278 or 278e by the agency or when no longer needed for active investigation, whichever is later. This disposition instruction is mandatory; deviations are not allowed.
GRS 2.8 item 062 - Public financial disclosure reports. Periodic transaction reports.
Temporary. Destroy 7 years after receipt by the agency or when the related subsequent OGE Form 278 (SF 278) is ready for destruction 6 years later. The reports may be retained longer if needed for active investigation. This disposition instruction is mandatory; deviations are not allowed.
OGE/GOVT-1 SORN RETENTION AND DISPOSAL:
In accordance with the National Archives and Records Administration General Records Schedule for ethics program records, these records are generally retained for a period of six years after filing, or for such other period of time as is provided for in that schedule for certain specified types of ethics records. In cases where records are filed by, or with respect to, a nominee for an appointment requiring confirmation by the Senate when the nominee is not appointed and Presidential and Vice-Presidential candidates who are not elected, the records are generally destroyed one year after the date the individual ceased being under Senate consideration for appointment or is no longer a candidate for office.
However, if any records are needed in an ongoing investigation, they will be retained until no longer needed in the investigation. Destruction is by shredding or electronic deletion.
PIA Template (03-2021)
A filers data for the OGE Form 278 public financial disclosure reports and related records maintained in the system is identified for deletion from the system in compliance with section 105(e)(2)(d) of EIGA (5 U.S.C. app.):
1 year after the date the individual withdraws or otherwise is no longer under consideration for a Presidentially-appointed, Senate-confirmed position, or 6 years after the year the report was received for other filers, or when no longer needed for active investigation, whichever is later. Filers data related to the OGE Form 278-T Periodic Transaction Reports, mandated by the Stop Trading on Congressional Knowledge Act (STOCK Act) of 2012, is to be deleted from the system usually when 7 years old, when the related (subsequent) OGE Form 278 which they support is deleted from the system, or when no longer needed for active investigation, whichever is later.
Certain information about individuals such as name, executive branch agency, and position title will be deleted manually when all related document data has been deleted. System administration reports will be deleted when OGE determines that they are no longer needed for administrative, legal, audit, or operational purposes under General Records Schedule 3.2, Item 30.
: b.      If no, please contact the RIM staff at ITIMPolicy.Resource@nrc.gov.
F. TECHNICAL ACCESS AND SECURITY
: 1.      Describe the security controls used to limit access to the system (e.g., passwords).
OGE is responsible for ensuring physical controls are implemented and in place to mitigate the privacy risks for unauthorized access. Electronic controls, such as password or PIV card authentication, are in place to protect the data. Access to the system is controlled. Access to system information is role-based. Executive branch agencies control their users access to information. Only users who are registered with credentials at MAX.gov can access the system. Detailed information regarding system security controls is documented in the agencys Integrity System Security Plan.
PIA Template (03-2021)
: 2.      What controls will prevent the misuse (e.g., unauthorized browsing) of system data by those having access?
The data view is role-based. Only certain roles have access to the filers data.
Agencies using the system appoint agency role assignment administrators who assign users roles (e.g., filer, reviewer, group administrator) in the system.
: 3.      Are the criteria, procedures, controls, and responsibilities regarding access to the system documented?
Yes.
(1)    If yes, where?
Non-filer users have access depending on their system role(s) as defined in the NRC Integrity Standard Operating Procedures (SOP). Procedures, controls, and responsibilities regarding access are documented in the Integrity System Security Plan.
: 4.      Will the system be accessed or operated at more than one location (site)?
Yes.
: a.      If yes, how will consistent use be maintained at all sites?
OGE owns and maintains the Integrity application and is responsible for securing data on the backend of the system. Other agencies that use the system are responsible for implementing security controls for which they share some or all of the security responsibility, as specified by the Integrity System Security Plan.
: 5.      Which user groups (e.g., system administrators, project managers, etc.)
have access to the system?
OGE Integrity system administrators are responsible for the operation and maintenance of the system. NRC has appointed agency role assignment administrators who assign agency users roles (e.g., filer, reviewer, group administrator) in the system.
: 6.      Will a record of their access to the system be captured?
Yes.
: a.      If yes, what will be collected?
NRC relies on OGE to implement audit logs. Access attempts to the system are captured, including the user attempting access, as well as the date/time of access and whether the access attempt was successful or failed.
PIA Template (03-2021)
: 7.      Will contractors be involved with the design, development, or maintenance of the system?
If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or Personally Identifiable Information (PII) contract clauses are inserted in their contracts.
* Federal Acquisition Regulation (FAR) clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function.
* PII clause, Contractor Responsibility for Protecting Personally Identifiable Information (June 2009), in all contracts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII.
Yes. Contractors are involved in the design and development of this system.
Contractors sign Confidentiality and Non-Disclosure Agreements.
In addition, OGEs Privacy Act System of Records includes a routine that allows agencies, including OGE, to disclose information to contractors performing or working on a contract for the federal government, when necessary, to accomplish an agency function related to the System of Records Notice.
: 8.      What auditing measures and technical safeguards are in place to prevent misuse of data?
Integrity system components, including operating system, database, and application components, generate audit logs. Auditing is configured in accordance with FISMA and NIST requirements.
: 9.      Is the data secured in accordance with the Federal Information Security Management Act (FISMA) requirements?
Yes.
: a.      If yes, when was Certification and Accreditation last completed?
And what FISMA system is this part of?
OGE issued an Authorization to Operate (ATO) for Integrity on July 28, 2015. NRC authorized Integrity on December 23, 2015. Both agencies perform independent security assessments for their systems annually.
: b.      If no, is the Certification and Accreditation in progress and what is the expected completion date? And what FISMA system is this planned to be a part of?
N/A.
PIA Template (03-2021)
: c. If no, please note that the authorization status must be reported to the Chief Information Security Officer (CISO) and Computer Security Offices (CSOs) Point of Contact (POC) via e-mail quarterly to ensure the authorization remains on track.
N/A.
PIA Template (03-2021)
PRIVACY IMPACT ASSESSMENT REVIEW/APPROVAL (For Use by OCIO/GEMSD/CSB Staff)
System Name: Integrity Office of Government Ethics (OGE) Application Submitting Office: OCIO A.      PRIVACY ACT APPLICABILITY REVIEW Privacy Act is not applicable.
X  Privacy Act is applicable.
Comments:
Integrity will be covered by Government-wide system of records notice OGE/GOVT-1 Executive Branch Personnel Public Financial Disclosure Reports and Other Name-Retrieved Ethics Program Records.
Reviewers Name                                    Title Signed by Hardy, Sally on 04/16/21                          Privacy Officer B.      INFORMATION COLLECTION APPLICABILITY DETERMINATION No OMB clearance is needed.
OMB clearance is needed.
X    Currently has OMB Clearance. Clearance No.        3209-0001 Comments:
OGE Form 278e is covered by OMB Clearance 3209-0001. OGE Form 278-T does not require an OMB Clearance.
Reviewers Name                                    Title Signed by Cullison, David on 04/05/21                      Agency Clearance Officer PIA Template (03-2021)
C.      RECORDS RETENTION AND DISPOSAL SCHEDULE DETERMINATION No record schedule required.
Additional information is needed to complete assessment.
Needs to be scheduled.
X    Existing records retention and disposition schedule covers the system - no modifications needed.
Comments:
Reviewers Name                                        Title Signed by Dove, Marna        Sr. Program Analyst, Electronic Records on 04/15/21                              Manager D.      BRANCH CHIEF REVIEW AND CONCURRENCE This IT system does not collect, maintain, or disseminate information in identifiable form from or about members of the public.
X This IT system does collect, maintain, or disseminate information in identifiable form from or about members of the public.
I concur in the Privacy Act, Information Collections, and Records Management reviews:
Signed by Nalabandian, Garo on 04/26/21 Chief Cyber Security Branch Governance and Enterprise Management Services Division Office of the Chief Information Officer PIA Template (03-2021)                              18
 
TRANSMITTAL OF PRIVACY IMPACT ASSESSMENT/
PRIVACY IMPACT ASSESSMENT REVIEW RESULTS TO: Thomas Ashley, OCIO Name of System: Integrity Office of Government Ethics (OGE) Application Date CSB received PIA for review:                Date CSB completed PIA review:
April 1, 2021                      April 16, 2021 Noted Issues:
Chief                                            Signature/Date:
Cyber Security Branch Governance and Enterprise Management                                  Signed by Nalabandian, Garo Services Division                                                    on 04/26/21 Office of the Chief Information Officer Copies of this PIA will be provided to:
Thomas G. Ashley, Jr.
Director IT Services Development and Operations Division Office of the Chief Information Officer Garo Nalabandian Acting, Chief Information Security Officer (CISO)
Office of the Chief Information Officer PIA Template (03-2021)                          19}}

Latest revision as of 17:19, 19 January 2022

Integrity Office of Government Ethics Oge Application
ML21091A145
Person / Time
Issue date: 04/28/2021
From:
NRC/OCIO
To:
References
Download: ML21091A145 (19)


Text

U.S. Nuclear Regulatory Commission Privacy Impact Assessment Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements.

Integrity (Office of Government Ethics (OGE) Application)

Date: March 3, 2021 A. GENERAL SYSTEM INFORMATION

1. Provide a detailed description of the system: (Use plain language, no technical terms.)

Integrity is a secure, controlled-access, web-based information system created by the U.S. Office of Government Ethics (OGE) for the executive branch of the U.S. Federal Government for electronically filing and reviewing public financial disclosure reports. The system is used to collect, manage, process, and store financial disclosure information from select members of the public in anticipation of nomination by the President and approval by the Senate and certain federal employees. Authorized agency ethics officials use the collected data to identify and resolve potential conflicts of interest between an employee's official duties and his or her private financial interests and affiliations.

OGE developed Integrity in partnership with the Budget Line of Business (BLoB) and the MAX.gov team at the Office of Management and Budget (OMB) Budget Systems Branch (BSB). Integrity was built using MAX Platform-as-a-Service (MAX PaaS). MAX.govs Central Authentication Service (MAX CAS) provides authentication services to the Integrity users (filers and ethics officials).

OGE contracted with the U.S. Department of Agriculture (USDA) Digital Infrastructure Services Center (DISC), formerly known as the USDA National Information Technology Center (NITC), to host Integrity in a secure cloud environment. The USDA DISC is a federally-owned Cloud Service Provider (CSP) authorized by the Federal Risk and Authorization Management Program (FedRAMP).

2. What agency function does it support? (How will this support the U.S.

Nuclear Regulatory Commissions (NRCs) mission, which strategic goal?)

Integrity is used by applicable NRC employees to file their public financial disclosure reports. Integrity reduces processing time, eliminates common errors, and improves conflict of interest prevention and resolution. The system meets the requirements set forth in the Stop Trading on Congressional Knowledge (STOCK) Act, which was signed into law on April 4, 2012, as amended.

PIA Template (03-2021)

Integrity supports the following reports and forms:

Nominee, New Entrant, Annual, and Termination reports using the OGE Form 278e. Filers may also complete a combined Annual and Termination report if appropriate.

Periodic Transaction reports using the OGE Form 278-T.

3. Describe any modules or subsystems, where relevant, and their functions.

N/A.

4. What legal authority authorizes the purchase or development of this system? (What law, regulation, or Executive Order authorizes the collection and maintenance of the information necessary to meet an official program mission or goal? NRC internal policy is not a legal authority.)

The Stop Trading on Congressional Knowledge Act of 2012 (STOCK Act), Pub.

L. No. 112-105, 125 Stat. 191, 298-99 (2012), (as amended); EIGA, 5 U.S.C.

app. § 101 et seq as amended, authorizes the use of this system.

5. What is the purpose of the system and the data to be collected?

The purpose of this executive branch-wide system is to electronically collect, manage, process, measure, and store reported financial and related information used in the OGE Form 278e and the OGE Form 278-T. Authorized OGE and NRC users will use the collected information to identify, prevent, and resolve conflicts of interest in accordance with Ethics in Government Act of 1978 (EIGA).

PIA Template (03-2021)

6. Points of

Contact:

(Do not adjust or change table fields. Annotate N/A if unknown. If multiple individuals need to be added in a certain field, please add lines where necessary.)

Project Manager Office/Division/Branch Telephone Jay Hosseini OCIO/GEMSD/APIB/PMT 301-415-0021 Business Project Manager Office/Division/Branch Telephone Tracy Hurston OGE 202-482-9251 Technical Project Manager Office/Division/Branch Telephone Jay Hosseini OCIO/GEMSD/APIB/PMT 301-415-0021 Executive Sponsor Office/Division/Branch Telephone ISSO Office/Division/Branch Telephone Natalya Bobryakova OCIO/GEMS/CSB/IAT 301-287-0671 System Owner/User Office/Division/Branch Telephone Thomas Ashley OCIO/ITSDOD 301-415-0771

7. Does this privacy impact assessment (PIA) support a proposed new system or a proposed modification to an existing system?
a. New System Modify Existing System X Other
b. If modifying or making other updates to an existing system, has a PIA been prepared before?

Yes.

PIA Template (03-2021)

If yes, provide the date approved and the Agencywide Documents Access and Management System (ADAMS) accession number.

A PIA was approved on June 15, 2018. The ADAMS accession number is ML18134A108.

(1) If yes, provide a summary of modifications or other changes to the existing system.

The following information has been updated in this PIA: System description (to include a name change for the CSP), Points of Contact (POC), and the Privacy Act System of Records Notice (SORN) information.

8. Do you have an NRC system Enterprise Architecture (EA)/Inventory number?

Yes.

a. If yes, please provide the EA/Inventory number.

Integrity is a subsystem of the Third Party System (TPS). The TPS EA number is 20180002.

b. If, no, please contact EA Service Desk to get the EA/Inventory number.

B. INFORMATION COLLECTED AND MAINTAINED These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals.

1. INFORMATION ABOUT INDIVIDUALS
a. Does this system maintain information about individuals?

Yes.

PIA Template (03-2021)

(1) If yes, identify the group(s) of individuals (e.g., Federal employees, Federal contractors, licensees, general public (provide description for general public (non-licensee workers, applicants before they are licenses etc.)).

Covered individuals include members of the public, usually nominees, who are under consideration for Presidentially-appointed, Senate-confirmed (PAS) positions, terminated PAS officials, federal employees who file an OGE Form 278e and/or an OGE Form 278-T, terminated federal employees who file a Termination OGE 278, agency reviewers, and users who administer the system.

(2) IF NO, SKIP TO QUESTION B.2.

b. What information is being maintained in the system about an individual (be specific - e.g. Social Security Number (SSN), Place of Birth, Name, Address)?

The system maintains information identifiable to the filers completing the online public disclosure forms, which includes the filers name, position, address, telephone number, email address, and financial information.

c. Is information being collected from the subject individual? (To the greatest extent possible, collect information about an individual directly from the individual.)

Yes. Individual users are the source of the information. Filers may designate individuals to enter information into the system on their behalf.

(1) If yes, what information is being collected?

Any individual who uses the system must provide minimal contact information, such as name, agency, business address, telephone number, and official email address. Filers using the system provide their official position title and reportable personal financial information.

d. Will the information be collected from individuals who are not Federal employees?

Potentially, yes. Nominees to PAS positions are usually members of the public who will use the system to complete a Nominee OGE Form 278.

PIA Template (03-2021)

(1) If yes, does the information collection have the Office of Management and Budgets (OMB) approval?

BLoB and the MAX.gov team at OMB BSB.

(a) If yes, indicate the OMB approval number:

The OMB control number for Form 278e is 3209-0001 and is referenced in OGEs regulations, at 5 C.F.R. section 2634.601(c).

e. Is the information being collected from existing NRC files, databases, or systems?

No.

(1) If yes, identify the files/databases/systems and the information being collected.

f. Is the information being collected from external sources (any source outside of the NRC)?

Yes.

(1) If yes, identify the source and what type of information is being collected?

Integrity is used by other executive branch agencies, as well as members of the public who have been nominated for PAS positions. The type of information collected includes the individuals agency, business address, telephone number and official email address, official position title, and reportable personal financial information.

g. How will information not collected directly from the subject individual be verified as current, accurate, and complete?

All information about a subject individual will be provided by the subject individual. Individual users are responsible for ensuring the information they enter is accurate and are required to certify to this effect. The system will generate an error message and highlight incomplete required fields.

h. How will the information be collected (e.g. form, data transfer)?

N/A.

PIA Template (03-2021)

2. INFORMATION NOT ABOUT INDIVIDUALS
a. Will information not about individuals be maintained in this system?

No.

(1) If yes, identify the type of information (be specific).

b. What is the source of this information? Will it come from internal agency sources and/or external sources? Explain in detail.

N/A.

C. USES OF SYSTEM AND INFORMATION These questions will identify the use of the information and the accuracy of the data being used.

1. Describe all uses made of the data in this system.

Authorized agency ethics officials use the collected data to identify, prevent, and resolve conflicts of interest.

2. Is the use of the data both relevant and necessary for the purpose for which the system is designed?

Yes. The system collects, manages, processes, renders, and stores public financial disclosure information that responsible officials use to identify, prevent, and resolve conflicts of interest under the Ethics in Government Act of 1978, as amended. The system measures agency processing of its filers reports.

3. Who will ensure the proper use of the data in this system?

The executive branch agency (NRC) users who have access will ensure the proper use of the data.

4. Are the data elements described in detail and documented?

Yes.

a. If yes, what is the name of the document that contains this information and where is it located?

The data elements are described in the respective information fields that collect the information from individuals using the system. Details of the data elements can be found in the latest Integrity User Guide located on the oge.gov website.

https://oge.gov/Web/OGE.nsf/0/D3CEB8CCAEC1BA11852585F8005C9D D4/$FILE/Integrity%20User%20Guide_v3.0.pdf .

PIA Template (03-2021)

5. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?

No.

Derived data is obtained from a source for one purpose and then the original information is used to deduce/infer a separate and distinct bit of information that is aggregated to form information that is usually different from the source information.

Aggregation of data is the taking of various data elements and then turning it into a composite of all the data to form another type of data (i.e. tables or data arrays).

a. If yes, how will aggregated data be maintained, filed, and utilized?

N/A.

b. How will aggregated data be validated for relevance and accuracy?

N/A.

c. If data are consolidated, what controls protect it from unauthorized access, use, or modification?

N/A.

6. How will data be retrieved from the system? Will data be retrieved by an individuals name or personal identifier (name, unique number or symbol)?

(Be specific.)

Yes. The data will be retrieved from the system by an individuals name or personal identifier.

a. If yes, explain, and list the identifiers that will be used to retrieve information on the individual.

The identifiers are used to retrieve information from the disclosure forms (OGE Form 278, OGE Form 278-T). The retrievable information includes:

  • Agency
  • Item (New Entrant, Nominee, etc.)
  • Year
  • Status
  • First, middle, last name
  • Position PIA Template (03-2021)
7. Has a Privacy Act System of Records Notice (SORN) been published in the Federal Register?

Yes.

a. If Yes, provide name of SORN and location in the Federal Register.

The data collected are covered by the Government-wide, OGE/GOVT-1 SORN.

8. If the information system is being modified, will the SORN(s) require amendment or revision?

The OGE Privacy Act System of Records, OGE/GOVT-1, was written to include all information that is necessary for administering provisions of the Ethics in Government Act of 1978, as amended, the Ethics Reform Act of 1989 and other ethics laws. The systems notice includes all records in the system that are developed, or information and material received by the Director of OGE or Designated Agency Ethics Officials in administering the various ethics laws. In addition, the current system of records notice covers records in both paper and electronic form. The OGE Privacy Act System of Records, OGE/GOVT-1, was amended to update the authority for maintaining the system by adding the citation to the STOCK 12-105, 126 Stat. 291 (2012) as amended by Pub. L. 113-7 (2013).

9. Will this system provide the capability to identify, locate, and monitor (e.g., track, observe) individuals?

No.

a. If yes, explain.

N/A.

(1) What controls will be used to prevent unauthorized monitoring?

10. List the report(s) that will be produced from this system.

The system allows authorized users to render the data in an OGE Form 278 or OGE Form 278-T, as applicable.

a. What are the reports used for?

These reports inform the authorized agency users of the processing status (e.g., assigned, draft, under review or certified) of the agencys filers reports and other covered documents, measuring completion against standards.

PIA Template (03-2021)

b. Who has access to these reports?

Authorized system users may access these reports. OGE has access to this processing information for all agencies.

D. ACCESS TO DATA

1. Which NRC office(s) will have access to the data in the system?

Only system-registered, authorized users will be granted access to the system.

The system will be used by Office of the General Council (OGC,) who will manage accounts and roles for other NRC users who are required to use Integrity to file public financial disclosure reports.

(1) For what purpose?

Authorized NRC users use Integrity to file their public financial disclosure reports as required by the EIGA and STOCK Act.

(2) Will access be limited?

Yes. Access to the system data is role-based. OGC administrators manage accounts and roles for NRC Integrity users.

2. Will other NRC systems share data with or have access to the data in the system?

No.

(1) If yes, identify the system(s).

N/A.

(2) How will the data be transmitted or disclosed?

N/A.

3. Will external agencies/organizations/public have access to the data in the system?

Yes.

(1) If yes, who?

Integrity is used by other executive branch agencies, as well as members of the public who have been nominated for PAS positions. OGE owns and maintains the system and has access to system information.

PIA Template (03-2021)

(2) Will access be limited?

Yes. Access to the system data is role-based.

(3) What data will be accessible and for what purpose/use?

Executive branch agency ethics officials and other agency-authorized users have access to the agencys system data for use in determining ethics-related matters, (e.g., conflict of interest of the filers reported information).

(4) How will the data be transmitted or disclosed?

The data can only be accessed by authorized users when they log into the system.

E. RECORDS AND INFORMATION MANAGEMENT (RIM) - RETENTION AND DISPOSAL The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and NARA statutes (44 United States Code (U.S.C.), 36 Code of Federation Regulations (CFR)). Under 36 CFR 1234.10, agencies are required to establish procedures for addressing records management requirements, including recordkeeping requirements and disposition, before approving new electronic information systems or enhancements to existing systems. The following question is intended to determine whether the records and data/information in the system have approved records retention schedule and disposition instructions, whether the system incorporates Records and Information Management and NARAs Universal Electronic Records Management requirements, and if a strategy is needed to ensure compliance.

1) Can you map this system to an applicable retention schedule in NRCs Comprehensive Records Disposition Schedule (NUREG-0910), or NARAs General Records Schedules (GRS)?

Yes.

PIA Template (03-2021)

a. If yes, please cite the schedule number, approved disposition, and describe how this is accomplished (then move to F.1).
  • For example, will the records or a composite thereof be deleted once they reach their approved retention or exported to an approved file format for transfer to the National Archives based on their approved disposition?

GRS 2.8 - Employee Ethics GRS 2.8 item 060 - Public financial disclosure reports. Reports for individuals filing in accordance with the Ethics in Government Actand not subsequently confirmed by the US Senate.

Temporary. Destroy 1 year after nominee ceases to be under consideration for the position or when no longer needed for active investigation, whichever is later. This disposition instruction is mandatory; deviations are not allowed.

GRS 2.8 item 061 - Public financial disclosure reports. All other reports.

Temporary. Destroy 6 years after receipt of the OGE Form 278 or 278e by the agency or when no longer needed for active investigation, whichever is later. This disposition instruction is mandatory; deviations are not allowed.

GRS 2.8 item 062 - Public financial disclosure reports. Periodic transaction reports.

Temporary. Destroy 7 years after receipt by the agency or when the related subsequent OGE Form 278 (SF 278) is ready for destruction 6 years later. The reports may be retained longer if needed for active investigation. This disposition instruction is mandatory; deviations are not allowed.

OGE/GOVT-1 SORN RETENTION AND DISPOSAL:

In accordance with the National Archives and Records Administration General Records Schedule for ethics program records, these records are generally retained for a period of six years after filing, or for such other period of time as is provided for in that schedule for certain specified types of ethics records. In cases where records are filed by, or with respect to, a nominee for an appointment requiring confirmation by the Senate when the nominee is not appointed and Presidential and Vice-Presidential candidates who are not elected, the records are generally destroyed one year after the date the individual ceased being under Senate consideration for appointment or is no longer a candidate for office.

However, if any records are needed in an ongoing investigation, they will be retained until no longer needed in the investigation. Destruction is by shredding or electronic deletion.

PIA Template (03-2021)

A filers data for the OGE Form 278 public financial disclosure reports and related records maintained in the system is identified for deletion from the system in compliance with section 105(e)(2)(d) of EIGA (5 U.S.C. app.):

1 year after the date the individual withdraws or otherwise is no longer under consideration for a Presidentially-appointed, Senate-confirmed position, or 6 years after the year the report was received for other filers, or when no longer needed for active investigation, whichever is later. Filers data related to the OGE Form 278-T Periodic Transaction Reports, mandated by the Stop Trading on Congressional Knowledge Act (STOCK Act) of 2012, is to be deleted from the system usually when 7 years old, when the related (subsequent) OGE Form 278 which they support is deleted from the system, or when no longer needed for active investigation, whichever is later.

Certain information about individuals such as name, executive branch agency, and position title will be deleted manually when all related document data has been deleted. System administration reports will be deleted when OGE determines that they are no longer needed for administrative, legal, audit, or operational purposes under General Records Schedule 3.2, Item 30.

b. If no, please contact the RIM staff at ITIMPolicy.Resource@nrc.gov.

F. TECHNICAL ACCESS AND SECURITY

1. Describe the security controls used to limit access to the system (e.g., passwords).

OGE is responsible for ensuring physical controls are implemented and in place to mitigate the privacy risks for unauthorized access. Electronic controls, such as password or PIV card authentication, are in place to protect the data. Access to the system is controlled. Access to system information is role-based. Executive branch agencies control their users access to information. Only users who are registered with credentials at MAX.gov can access the system. Detailed information regarding system security controls is documented in the agencys Integrity System Security Plan.

PIA Template (03-2021)

2. What controls will prevent the misuse (e.g., unauthorized browsing) of system data by those having access?

The data view is role-based. Only certain roles have access to the filers data.

Agencies using the system appoint agency role assignment administrators who assign users roles (e.g., filer, reviewer, group administrator) in the system.

3. Are the criteria, procedures, controls, and responsibilities regarding access to the system documented?

Yes.

(1) If yes, where?

Non-filer users have access depending on their system role(s) as defined in the NRC Integrity Standard Operating Procedures (SOP). Procedures, controls, and responsibilities regarding access are documented in the Integrity System Security Plan.

4. Will the system be accessed or operated at more than one location (site)?

Yes.

a. If yes, how will consistent use be maintained at all sites?

OGE owns and maintains the Integrity application and is responsible for securing data on the backend of the system. Other agencies that use the system are responsible for implementing security controls for which they share some or all of the security responsibility, as specified by the Integrity System Security Plan.

5. Which user groups (e.g., system administrators, project managers, etc.)

have access to the system?

OGE Integrity system administrators are responsible for the operation and maintenance of the system. NRC has appointed agency role assignment administrators who assign agency users roles (e.g., filer, reviewer, group administrator) in the system.

6. Will a record of their access to the system be captured?

Yes.

a. If yes, what will be collected?

NRC relies on OGE to implement audit logs. Access attempts to the system are captured, including the user attempting access, as well as the date/time of access and whether the access attempt was successful or failed.

PIA Template (03-2021)

7. Will contractors be involved with the design, development, or maintenance of the system?

If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or Personally Identifiable Information (PII) contract clauses are inserted in their contracts.

  • Federal Acquisition Regulation (FAR) clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function.
  • PII clause, Contractor Responsibility for Protecting Personally Identifiable Information (June 2009), in all contracts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII.

Yes. Contractors are involved in the design and development of this system.

Contractors sign Confidentiality and Non-Disclosure Agreements.

In addition, OGEs Privacy Act System of Records includes a routine that allows agencies, including OGE, to disclose information to contractors performing or working on a contract for the federal government, when necessary, to accomplish an agency function related to the System of Records Notice.

8. What auditing measures and technical safeguards are in place to prevent misuse of data?

Integrity system components, including operating system, database, and application components, generate audit logs. Auditing is configured in accordance with FISMA and NIST requirements.

9. Is the data secured in accordance with the Federal Information Security Management Act (FISMA) requirements?

Yes.

a. If yes, when was Certification and Accreditation last completed?

And what FISMA system is this part of?

OGE issued an Authorization to Operate (ATO) for Integrity on July 28, 2015. NRC authorized Integrity on December 23, 2015. Both agencies perform independent security assessments for their systems annually.

b. If no, is the Certification and Accreditation in progress and what is the expected completion date? And what FISMA system is this planned to be a part of?

N/A.

PIA Template (03-2021)

c. If no, please note that the authorization status must be reported to the Chief Information Security Officer (CISO) and Computer Security Offices (CSOs) Point of Contact (POC) via e-mail quarterly to ensure the authorization remains on track.

N/A.

PIA Template (03-2021)

PRIVACY IMPACT ASSESSMENT REVIEW/APPROVAL (For Use by OCIO/GEMSD/CSB Staff)

System Name: Integrity Office of Government Ethics (OGE) Application Submitting Office: OCIO A. PRIVACY ACT APPLICABILITY REVIEW Privacy Act is not applicable.

X Privacy Act is applicable.

Comments:

Integrity will be covered by Government-wide system of records notice OGE/GOVT-1 Executive Branch Personnel Public Financial Disclosure Reports and Other Name-Retrieved Ethics Program Records.

Reviewers Name Title Signed by Hardy, Sally on 04/16/21 Privacy Officer B. INFORMATION COLLECTION APPLICABILITY DETERMINATION No OMB clearance is needed.

OMB clearance is needed.

X Currently has OMB Clearance. Clearance No. 3209-0001 Comments:

OGE Form 278e is covered by OMB Clearance 3209-0001. OGE Form 278-T does not require an OMB Clearance.

Reviewers Name Title Signed by Cullison, David on 04/05/21 Agency Clearance Officer PIA Template (03-2021)

C. RECORDS RETENTION AND DISPOSAL SCHEDULE DETERMINATION No record schedule required.

Additional information is needed to complete assessment.

Needs to be scheduled.

X Existing records retention and disposition schedule covers the system - no modifications needed.

Comments:

Reviewers Name Title Signed by Dove, Marna Sr. Program Analyst, Electronic Records on 04/15/21 Manager D. BRANCH CHIEF REVIEW AND CONCURRENCE This IT system does not collect, maintain, or disseminate information in identifiable form from or about members of the public.

X This IT system does collect, maintain, or disseminate information in identifiable form from or about members of the public.

I concur in the Privacy Act, Information Collections, and Records Management reviews:

Signed by Nalabandian, Garo on 04/26/21 Chief Cyber Security Branch Governance and Enterprise Management Services Division Office of the Chief Information Officer PIA Template (03-2021) 18

TRANSMITTAL OF PRIVACY IMPACT ASSESSMENT/

PRIVACY IMPACT ASSESSMENT REVIEW RESULTS TO: Thomas Ashley, OCIO Name of System: Integrity Office of Government Ethics (OGE) Application Date CSB received PIA for review: Date CSB completed PIA review:

April 1, 2021 April 16, 2021 Noted Issues:

Chief Signature/Date:

Cyber Security Branch Governance and Enterprise Management Signed by Nalabandian, Garo Services Division on 04/26/21 Office of the Chief Information Officer Copies of this PIA will be provided to:

Thomas G. Ashley, Jr.

Director IT Services Development and Operations Division Office of the Chief Information Officer Garo Nalabandian Acting, Chief Information Security Officer (CISO)

Office of the Chief Information Officer PIA Template (03-2021) 19