skip navigational linksDOL Seal - Link to DOL Home Page
Photos representing the workforce - Digital ImageryŠ copyright 2001 PhotoDisc, Inc.
www.dol.gov/cio
Search / A to Z Index
By Topic | By Audience | By Top 20 Requested Items | By Form | By Organization | By Location    
May 17, 2008    DOL Home > CIO > Privacy Impact Assessments

MSHA Standardized Information System (MSIS)

EXECUTIVE SUMMARY REPORT

INTRODUCTION TO THE PIA

The Department of Labor (DOL) is responsible for ensuring proper protections of the information contained within its information systems, including PII. To that end, the Department developed a Privacy Impact Methodology to assess whether a system that contains PII meets legal privacy requirements. This methodology, based on the evaluation of applicable law and executive branch guidance as well as internal policy, was the foundation for determining question sets and remediation guidance for developing the PIA Questionnaire that was applied to the MSHA Standardized Information System (MSIS).

Purpose

A PIA is used to evaluate privacy vulnerabilities and risks, and their implications on information systems. It provides a number of benefits that include enhancing policy decision making and system design, anticipating the public's possible privacy concerns, and generating confidence that privacy objectives are addressed in the development and implementation of single-agency or integrated information systems. The IT PIA Questionnaire provides a framework by which the Mine Safety and Health Administration (MSHA) can ensure that they have complied with all relevant privacy policies, regulations, and guidance, both internal and external to DOL.

Objective

  • Detect what PII exists on MSIS;
  • Determining who has access to the PII and for what purposes;
  • Ensuring compliance with federal privacy laws concerning PII;
  • Enabling management to make informed decisions regarding implementation of security controls and countermeasures related to privacy vulnerabilities;
  • Promoting a repeatable approach to measuring the effectiveness of privacy protections; and
  • Preventing unintended mishandling, abuse, or fraudulent use of PII creating noncompliance that could impede the overall mission of DOL.

Scope

This PIA assessment was conducted on the components that make up the MSIS system, the data collected and the data disseminated.

PIA Summary and Results

The MSIS Team will work with the MSHA Information Security Office on remediation of the findings in this PIA. The remediations will be included in the MSIS POA&Ms. The MSIS Team will also work with the DOL/SOL to comply with the Privacy Act of 1974 requirements to develop a PARN for MSIS and get it published to the Federal Register.



Back to Top Back to Top
www.dol.gov/cio
www.dol.gov
Frequently Asked Questions | Freedom of Information Act | Customer Survey
Privacy & Security Statement | Disclaimers | E-mail to a Friend
U.S. Department of Labor
Frances Perkins Building
200 Constitution Avenue, NW
Washington, DC 20210
 Phone Numbers
1-866-4-USA-DOL
TTY: 1-877-889-5627
Contact Us