EXECUTIVE SUMMARY REPORT
INTRODUCTION TO THE PIA
Purpose
DOL is responsible for ensuring the confidentiality, integrity, and
availability of the information contained within its information systems. DOL
must at times collect, use, analyze, and store PII from its employees and
customers. DOL remains vigilant in protecting all its information technology
resources, but this is especially true of those systems containing PII.
Ideally, the PIA should be performed during the development phase of a system
life cycle. A PIA should also be conducted at any time when the system is
significantly modified, or the sensitivity of the data contained within the
system is changed.
The Solicitor's Office (SOL) has assessed its Workload Management
Systems (WMS) and evaluated privacy vulnerabilities and risks, and their
implications on this information system. This assessment enables SOL to ensure
that it has complied with all relevant privacy policies, regulations,
procedures, and guidance, both internal and external to DOL.
Scope
The Workload Management System is a collection of workload systems used
to manage resources in the Office of the Solicitor. The WMS contains in-house
developed databases that tracks all significant legal activities referred by
DOL client program agencies to the various components of the Solicitor's
Office. Legal activities include case work (trial and appeals litigation) as
well as other legal workload matters (legal opinion and advice, legislative
reviews, and regulation and standards reviews). Data collected through the
workload systems are used to analyze the volume, diversity, trends, and impact
of the workload in the SOL divisions and field offices. These systems provide
information needed to manage SOL resources, to monitor performance, and to
provide SOL's client agencies (DOL program offices) with updated information on
the work being done in their respective program areas.
The information contained in these systems is descriptive in nature.
They do not contain actual legal documents (briefs, evidence, transcripts, etc)
or legal evidence (medical and payroll records). These systems have the same
business objective, risk and associated security controls. The WMS is a
sensitive system because it contains limited personally identifiable
information subject to the Privacy Act.
The Workload Management Systems include:
- Solicitor's Office Legal Activity Reporting (SOLAR) system is a legal
activity tracking system. It tracks all significant legal matters referred to
the various components of the Solicitor's Office (SOL).
- Time Distribution (TD) system is a time tracking system. Time is
recorded by attorneys and paralegals against activity categories on a task
basis.
- SOL's Freedom of Information Appeals Tracking system (FOIA) records
the request and tracks the status and disposition of the FOIA appeal.
- The Wage and Hour Reports Database (W&H) tracks information about
selected Wage and Hour litigation.
- The Legislative Project Tracking System (LPTS) records and reports
the status of activity on workload items generated by requests from Congress,
the White House, OMB (Office of Management and Budget), and other
agencies.
Approach
This assessment was completed by the development contractor and reviewed
by the SOL Security Officer, SOL IT Manager and the Program Manager.
Results and Summary
The Workload Management Systems contain personally identifying
information. Based on this assessment SOL has determined that the WMS have
adequate controls in place to meet minimal compliance with federal privacy
requirements and that all risks have been minimized.
|
