OWCP - Longshore Disbursement System (LDS) 2009

Longshore Disbursement System (LDS) 2009

Abstract

In accordance with Department of Labor (DOL) guidelines the Office of Worker' Compensation Programs (OWCP)'s Division of Longshore and Harbor Workers' Compensation (DLHWC) in the Employment Standards Administration (ESA) conducted a Privacy Impact Assessment (PIA) on the Longshore Disbursement System (LDS).

LDS is a centralized client server database application that was established to provide DLHWC with an electronic benefit payment system, and resides on the ESA General Support System (GSS) environment.

The ESA/OWCP in conjunction with the Office of the Chief Information Officer (OCIO) has determined that LDS processes privacy information. As such, this document has been prepared to describe the information collected by LDS; what it is used for; who has access to the information, how the information can be corrected; and in general terms how the information is secured.

Overview

The Longshore systems comprise the accounting/computer systems used by the Division of Longshore and Harbor Workers' Compensation (DLHWC). The systems are used to maintain data concerning the compensation and medical care for employees disabled from injuries that occur on the navigable waters of the United States, or in adjoining areas customarily used in loading, unloading, repairing or building a vessel. Compensation and medical care is offered under the Longshore and Harbor Workers' Compensation Act (LHWCA) and its extensions.

Employers of covered employees are responsible for insuring the payment of compensation and medical benefits to injured employees. This insurance is provided through private insurance carriers, or by employers who are authorized by the Department of Labor to become self-insured. While benefits in certain circumstances may be paid by a Special Fund administered by the Department of Labor, most benefits under the Longshore program are funded by the authorized insurance carriers and self-insured employers.

There are two major applications that support the DLHWC: Longshore Case Management System (LCMS) and the Longshore Disbursement System (LDS). This PIA is limited to the LDS. LCMS information is provided in a separate PIA for that system.

As stated previously, LDS is a major application that runs on and is supported by the ESA General Support System (GSS).

LDS supports delivery of mission critical services in compliance with the Longshore and Harbor Workers' Compensation Act (LHWCA).

The LDS is comprised of two components: The Longshore Special Fund System (LSFS), and the Rehabilitation Bill Pay System (RBPS).The LSFS provides claims processing, periodic roll maintenance and generation of DLHWC compensation benefit and attorney fee payments. It also records & calculates all insurance carriers and self-insured employer assessments due annually for the Special Fund. The LDS generates assessment notices in paper format to these groups on an annual basis. The RBPS provides claims processing and tracking capabilities as well as generates DLHWC approved payments for medical and vocational rehabilitation expenses incurred by program beneficiaries.

Introduction

DOL, in compliance with federal privacy laws, regulations, and directives, is responsible for ensuring PII that in-house agencies collect, store, and transmit is properly protected.

In accordance with DOL guidelines, the OWCP's DLHWC conducted a PIA on the LDS. LDS is a centralized client server database application that was established to provide DLHWC with an electronic benefit payment system.

Characterization of the Information

The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, or technology being developed.

Specify whether the system collects personally identifiable information (PII) on DOL employees, other federal employees, contractors, members of the public (U.S. citizens), foreign citizens, or minor children.

The LDS collects PII on individuals and/or their survivors who are approved for benefits under the LHWCA (and/or extensions) by reason of injuries sustained while in the performance of duty. The LHWCA applies to employees injured or killed while working in private industry who are covered by the provisions of the LHWCA, the Non-Appropriated Fund Instrumentalities Act, the Defense Base Act, the War Hazards Act, and the DC Workers' Compensation Act, referred to collectively herein as the LHWCA.

In addition to these individuals, the system contains records of medical providers, insurance providers, attorneys and others representing claimants, rehabilitation counselors, nurses, and other health care professionals who provide information in support of compensation claims. Records are also kept on employers and insurance providers who provide funding for the benefits paid through this program. NOTE: Because the LDS is a payment system and not the claims management system only those claims that are authorized for payment are included in this system.

What are the sources of the PII in the information system?

PII is provided to the agency in a variety of ways including:

Forms submitted either by the individual claimant, their survivors or their employer/agency.
Medical bills and other medical records and evaluations provided by a variety of health care professionals including physicians, hospitals, rehabilitation centers, and nurses.
Employment data provided by employers, unions and other federal agencies.
Communication between attorneys' representing claimants and the agency.
Other records of communication including notes on phone calls, letters, etc
Compensation payments records
Formal orders for or against the payment of benefits
Transcripts of hearings conducted
Any other medical, employer, or personal information submitted or gathered in connection with the claim.
Information relating to dates of birth, marriage, divorce, and death
Information relating to other benefits (financial and otherwise) the claimant or employer may be entitled to
Information received from various investigative agencies concerning possible violations of Federal civil or criminal law

What is the PII being collected, used, disseminated, or maintained?

First and/or last name
Date of birth
SSN
Residential address
Personal phone numbers (e.g., phone, fax, cell)
Mailing address (e.g., P.O. Box)
Medical information including physician's notes
Medical record number
Financial account information and/or number (e.g., checking account number, PIN, retirement, investment account
Legal documents or notes (e.g., divorce decree, criminal records)

How is the PII collected?

The DLHWC has a number of forms that are used to collect data in support of a claim. The majority of those forms are available on the Internet at http://www.dol.gov/owcp/dlhwc/lsforms.htm. These forms can be completed electronically and then printed or printed and then filled in by hand and mailed or faxed to the District Office with jurisdiction over that claim. In addition several of the forms are available to be filled out on line and sent directly to the District Office via the Web.

In addition to these forms DLHWC receives paper medical bills from medical providers, claimants, and DLHWC District Offices. They also receive paper bills from providers and claimants.

Cases are reviewed by claim's examiners and a determination is made of whether the case is eligible for payment of benefits. The claims examiner also reviews Form LS 200, Report of Earnings, and Form LS 267, Claimant's Statement, which are completed and returned by the claimant/beneficiary yearly to the district offices. The Form LS 200 is required to be completed and returned by the employee to the EC/special fund within 30 days of the receipt even if there are no earnings to report. The Form LS 267 is used to collect information relating to the payment of death benefits. The information provided will be used to determine entitlement to death benefits

If the case meets the requirements for payment it can be automatically created (drawing the data from the LCMS) or the information can be manually entered into the LDS. Before either method (automated, manual) is employed the case is reviewed by both District Office and National office personnel. This applies to both Special Fund and Rehabilitation cases.

How will the information be checked for accuracy?

Paper forms are reviewed and checked for accuracy by the responsible claims examiners and staff and the pertinent information is entered into the system. System edit checks help to ensure the accuracy of the data on the forms. Forms that are received via the Web are printed and then reviewed and checked for accuracy just as the paper forms are.

The LDS periodically produces an auto-roll file containing the information on who is eligible to be paid, amounts to be paid, etc. The roll is then subjected to an intensive internal verification audit. Once Longshore management approves the roll it is then sent to Treasury (via Connect:Direct) for processing.

There are also a number of checks and balances within the LDS that prevent duplicate payments, unauthorized payments, etc.

What specific legal authorities, arrangements, and/or agreements defined the collection of information?

The OWCP has been authorized by Congress (Public Law 103-112: Departments of Labor, Health and Human Services, and Education, and Related Agencies Appropriations Act, 1994) to require persons who file notices of injury and/or claims for compensation under the LHWCA and its extensions to disclose certain identifying information, including Social Security Number (SSN). Consequently, applicable regulations, including 20 CFR 702.202 concerning the employer's report of an employee's injury or death, have been amended to expressly require the reporting of the injured worker's SSN. The amended regulations are contained in the Federal Register dated December 23, 1993 (58 FR 68031).

Privacy Impact Analysis

There are many potential risks when medical information is recorded about an individual, such as identity theft, certain types of insurance coverage being refused if certain medical information became public, loss of employment, etc. In particular the risk of PII being disclosed inadvertently when information is being passed between medical offices, rehabilitation counselors, other medical staff and DLHWC is taken very seriously. DLHWC understands its obligation to safeguard this information to prevent any of the potential risks from being realized and has established policies and procedures to safeguard this information. Throughout the remainder of this document examples of those safeguards have been explained to illustrate this commitment to prevention of PII being compromised.

Although the PII is being manually collected from records and is subject to errors, the system is equipped with the mechanism to perform edit checks and other forms of error checking procedures, which ensures the accuracy of the data being collected.

Uses of the PII

The following questions are intended to clearly delineate the use of information and the accuracy of the data being used.

Describe all the uses of the PII

DLHWC uses the collected PII data as critical information for the purposes of managing the payment of eligible claims under the LHWCA.
LDS operations provide the following functions which in some part depend on PII:

Establish payment transactions for benefits to be paid out of the special fund or rehabilitation funds
Establish payment transaction for payment of attorney's fees
Produce electronic file of approved payments for transmission to the Treasury Department
Reconciliation of Treasury disbursement records with batches prepared by DLHWC
Produce periodic reimbursement billing to insurance companies and self-insured employers
Track payments made by insurance companies and self-insured employers
Provide statistics for quality reviews including utilization review and fraud and abuse detection

What types of tools are used to analyze data and what type of data may be produced?

Data mining and some pattern recognition is used to look for instances of potential fraud, as well as, for reporting purposes to determine if performance goals are being met.

Will the system derive new data, or create previously unavailable data, about an individual through aggregation of the collected information?

No.

If the system uses commercial or publicly available data, please explain why and how it is used.

Privacy Impact Analysis

All system users are required to read and sign the Rules of Behavior before being granted access to the system. The LDS uses least privilege principles to ensure that only those who need access to the data to fulfill the agency's mission are given access in addition to the authentication controls discussed above.

The system maintains only PII that is necessary and relevant to accomplish the purpose for which it is being collected.

Retention

The following questions are intended to outline how long information will be retained after the initial collection.

How long is information retained in the system?

Paper case records are sent to the Federal Records Center (FRC) once they are eligible (two years after the case has been put in closed status). They are destroyed 20 years after the case is closed.

Electronic records are archived in the system (put in Federal Record Center (FRC) status, cannot be edited) two years after being placed in closed status.

Has the retention schedule been approved by the DOL agency records officer and the National Archives and Records Administration (NARA)?

Yes, the Archivist of the United States signed the "Request for Records Disposition Authority", Job Number: N1-271-02-01 on April 30, 2004.

Privacy Impact Analysis

The LDS is required to maintain the paper record for the interval indicated by the Archivist of the United States. The paper files are maintained in a secure location within the DLHWC offices. Once the file is eligible to be shipped to the Federal Records Center it is sent via tracked packages which are labeled appropriately. The electronic records are secured with numerous security controls.

Internal Sharing and Disclosure

The following questions are intended to define the scope of sharing within the Department of Labor.

With which internal organization(s) is the PII shared, what information is shared, and for what purpose?

Electronic case records can be requested by the following organizations outside of the OWCP program for auditing purposes: the DOL Office of Inspector General (OIG) and the Office of the Chief Financial Officer (OCFO) for audit purposes; and the Office of the Solicitor (SOL) for litigation support.

How is the PII transmitted or disclosed?

Access to data is provided via "read only" auditor user accounts for temporary periods required by the auditors. If any PII has to be transmitted to an auditor outside the DOL firewall it is done via an encrypted E-Mail attachment, password protected file or CD.

Privacy Impact Analysis

The sharing of data with internal users is limited to SOL for litigation support; and the OIG and OCFO and their designated auditors. All auditors are required to sign strict non-disclosure agreements, read and sign Rules of Behavior and complete security screening before they are authorized to access any data. The information is being shared with auditors and the SOL for civil or criminal law enforcement.

External Sharing and Disclosure

The following questions are intended to define the content, scope, and authority for information sharing external to DOL which includes federal, state and local government, and the private sector.

With which external organization(s) is the PII shared, what information is shared, and for what purpose?

Department of the Treasury, namely the Financial Management Services (FMS). The LDS data is used by the Treasury Department's FMS in Philadelphia to process workers' compensation payments.

Is the sharing of PII outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the PII outside of DOL.

The sharing of the PII with Treasury is essential for the mission of the agency to be carried out — namely the disbursement of workers compensation benefit payments that are mandated by the LHWCA and its extensions. Treasury's Financial Management Service acts as the "bank" for purposes of all payments made by Federal agencies to individuals and businesses. Treasury's FMS issues all the benefit checks for OWCP and as such is required to have sufficient data to generate and mail those payments. This essential data includes PII. Authorization for the connection to Treasury's FMS is documented via a Memorandum of Understanding (MOU) between ESA/OWCP/DLHWC and Treasury.

How is the information shared outside the Department and what security measures safeguard its transmission?

The transmissions are made via the Treasury required Connect:Direct software over a hardware encrypted, dedicated T-1 connection to Treasury's system.

Privacy Impact Analysis

The external sharing of data is the required connection to Treasury's Financial Management Service (FMS).

The transmission of data to Treasury (FMS) is through a direct connection which includes two factor authentication and encryption of the data. Since the connection is made through the ESA network an Interconnection Service Agreement is in place between ESA and Treasury's FMS. In addition an MOU between the U.S. Department of Labor and U. S. Treasury Department is also in place covering this connection. The data is used in order for payments to be issued to claimants.

Notice

The following questions are directed at notice to the individual of the scope of PII collected, the right to consent to uses of said information, and the right to decline to provide information.

Was notice provided to the individual prior to collection of PII?

Privacy Act considerations are included on the back of our claimant forms. Claimants are instructed to review the entire document before submitting the form.

Do individuals have the opportunity and/or right to decline to provide information?

The Office of Workers' Compensation Programs (OWCP) has been authorized by Congress (Public Law 103-112: Departments of Labor, Health and Human Services, and Education, and Related Agencies Appropriations Act, 1994) to require persons who file notices of injury and/or claims for compensation under the Longshore and Harbor Workers' Compensation Act (LHWCA) and it's extensions to disclose certain identifying information, including Social Security Number (SSN). Consequently, applicable regulations, including 20 CFR 702.202 concerning the employer's report of an employee's injury or death, have been amended to expressly require the reporting of the injured worker's SSN. The amended regulations are contained in the Federal Register dated December 23, 1993 (58 FR 68031).

Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right?

As indicated in the previous question, OWCP has been authorized by law to collect certain information in order to process claims. The information is used only for the purposes of managing the Longshore claim. Claimants consent to this use of their information by signing the claimant form.

Privacy Impact Analysis

Specific notice of the need to have and use privacy data to process a claim is included on the claim form itself to ensure that all claimants are aware of the data necessary to complete their claim and its uses. In addition SORNs which outline the users of privacy data for this system are available to the public through the DOL internet.

Access, Redress, and Correction

The following questions are directed at an individual's ability to ensure the accuracy of the information collected about them.

What are the procedures that allow individuals to gain access to their information?

Claimants have the right to request a copy of their file at any time.

What are the procedures for correcting inaccurate or erroneous information?

Claimants can contact the closest OWCP-DLHWC office and provide amended information.

How are individuals notified of the procedures for correcting their information?

At the time they file the claim they are informed that they should contact the office should there be any changes in the information provided.

If no formal redress is provided, what alternatives are available to the individual?

Individuals have access, redress, and amendment rights under the Privacy Act for their records, and the procedures pertaining thereto are documented in the Privacy Act system of records notice.

The system of records notices applicable to this system are:
Published in 67 Federal Register,
April 8, 2002.

DOL/ESA-15 — LHWCA Case files
DOL/ESA-24 — LHWCA Special Fund System
DOL/ESA-26 — LHWCA Investigation Files
DOL/ESA-43 - Office of Workers' Compensation Programs, Federal Employees' Compensation Act and Longshore and Harbor Workers' Compensation Act Rehabilitation Files

Privacy Impact Analysis

Electronic access to the claimant's records is strictly limited to preserve the privacy of the claimant. Only the claimant and/or "party in interest" (under federal regulations (20 CFR 702.113-114), any "party in interest", including the employer, the carrier, the claimant, and any lien claimant, as well as their legal representatives, have the right to a copy of the admin claim file) can request copies of their records to avoid any potential breach of privacy.

Technical Access and Security

The following questions are intended to describe technical safeguards and security measures.

What procedures are in place to determine which users may access the system and are they documented?

DLHWC has put in place access control measures that include documented user access authorization, encryption and least privilege.

Will Department contractors have access to the system?

Yes.

Describe what privacy training is provided to users, either generally or specifically relevant to the program or system?

The ESA annual Information System Security Awareness (ISSA) Training which has a privacy module or component to it. In addition all users are provided with copies of the Privacy Policy and Rules of Behavior when they are first given access to the system, and when periodic updates are made after that.

What auditing measures and technical safeguards are in place to prevent misuse of data?

OWCP uses the concept of least privilege as described above. Access is granted only after authorization based on documented access request policies. Logs for certain system functions are also reviewed on a regular basis to check for any misuse or other issues.

All OWCP operations are required to have security audits and assessments conducted of their operations on an annual basis. All OWCP systems must have system level auditing enabled to provide for reasonable response in the event of a security situation. IT system auditing and security testing is an essential aspect of how we ensure the integrity and availability of our computing systems. Auditing and assessments also provide us the ability to be more effective in preventing security vulnerabilities.

Privacy Impact Analysis

There are many potential risks when medical information is recorded about an individual, such as identity theft, certain types of insurance coverage being refused if certain medical information became public, loss of employment, etc. DLHWC understands its obligation to safeguard this information to prevent any of the potential risks from being realized. Throughout this document examples of those safeguards have been explained to illustrate this commitment to prevention of PII being compromised.

There are appropriate administrative, technical and physical safeguards in place to ensure the confidentiality, integrity, and availability of the information.

Technology

The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics, and other technology.

What stage of development is the system in, and what project development life cycle was used?

Operations and Maintenance.

The DOL System Development Life Cycle Management (SDLCM) Manual

Does the project employ technology which may raise privacy concerns? If so please discuss their implementation?
No.

Determination

As a result of performing the PIA, what choices has the agency made regarding the information technology system and collection of information?

OWCP has completed the PIA for LDS which is currently in operation. OWCP has determined that the safeguards and controls for this moderate system adequately protect the information.

OWCP has determined that it is collecting the minimum necessary information for the proper performance of a documented agency function.