Uniformed Services' Employment and Reemployment
Rights Act (USERRA)
Information Management System (IMS)

EXECUTIVE SUMMARY REPORT

INTRODUCTION TO THE PIA

Purpose

The assessment was performed to ensure Veterans' Employment and Training Services' compliance with the Privacy Act of 1974 and other legislation requirements. The guidelines include E-Government Act of 2002, Office of Management and Budget (OMB) Circular A-130, the Management of Federal Information Resources and Circular A-11. As mandated by the Department each agency must assess their policies and systems against the Privacy Impact Methodology developed by the Department.

Scope

System Name: USERRA IMS (DOL-VETS-OAMB-M-001)

System Title: Uniformed Services' Employment and Reemployment Rights Act (USERRA) Information Management System (IMS).

System Owner: Veterans Employment and Training Services

The USERRA IMS is operational and has held production status since October 1, 1996. The system recently under went a software change and is now using Cold Fusion. The system is routinely evaluated to determine what upgrades or service pak (s) may be needed.

General Description

The purpose of the USERRA IMS is to establish an effective automated process of collecting, consolidating, and reporting USERRA data submitted by Veterans' Employment and Training Service (VETS) staff. The system provides the capability to interactively accept and manipulate data, then perform a roll up of information through Regional Offices to the Regional Lead Center (RLC). The USERRA IMS replaces existing software applications used to support the USERRA program and includes enhanced output capabilities, new administrative services, and additional functionality not previously available through existing VETS information management systems.

The USERRA module supports interactive input and update of current USERRA case data. Data is maintained in such a way that the baseline data entered can be manipulated to provide both standard reports and flexible spreadsheet data exports for use in assisting in the analysis of USERRA operations and outcomes. The system is accessible through the Department of Labor (DOL) Employees' Communications Network (ECN); however, it resides and is hosted at the National Veterans' Training Institute (NVTI). It provides information for use at several organizational and administrative levels, including: VETS field staff doing investigations, VETS supervisors and managers, VETS executive staff, and Congress. Data collected does not only include information on cases opened by investigators, but also provides output to support specified information requirements on other activities essential to the USERRA program, such as outreach actions, employer contacts and technical assistance responses.

System Interconnection/Information Sharing

The USERRA IMS is a standalone application connected via a dedicated connection to the Internet and using the TCP/IP protocol stack.

The USERRA system is an independent/standalone system and does not depend on sharing data with any other systems.

The USERRA IMS is operational and has held production status since October 1, 1996. The system is routinely evaluated to determine what upgrades or service pak(s) may be needed.

General Description of Sensitivity

The USERRA IMS sensitivity is primarily focused on the confidentiality of the case data, which has a high sensitivity. Certain categories of personal information reflected in the USERRA IMS regarding individual claimants, employers, and others involved in particular USERRA cases must remain confidential under the Privacy Act.

Approach

VETS approached the PIA by first reviewing in detail the Privacy Act of 1974, E-Government Act of 2002, the Office of Management and Budget Circular A-130 and the Management of Federal Information Resources and Circular A-11. VETS then reviewed its current security documents and procedures and compared them to the guidance provided in the above mentioned documents. VETS then went through the PIA questionnaire answering the questions and determining risk.

Results

The results of the PIA are favorable. VETS has met the requirements outlined in the above mentioned documents. VETS has in place the following requirements:The Workload Management Systems contain personally identifying information. Based on this assessment SOL has determined that the WMS have adequate controls in place to meet minimal compliance with federal privacy requirements and that all risks have been minimized.

• PARN posting
• Does not share PII with other sources
• VETS users are the only users of the data

Summary

VETS is compliant with the Privacy Impact Methodology Guidance provided by the OCIO. VETS' USERRA Information System security and policies satisfy the requirements outlined in the following documents:

• Privacy Act of 1974 and other legislation requirements.
• The guidelines include E-Government Act of 2002,
• Office of Management and Budget (OMB) Circular A-130
• Management of Federal Information Resources
• and Circular A-11

Because VETS has satisfied these requirements no mitigating actions are required. Attached is the PIA Questionnaire that was used to determine if there were any risks to public information associated with the data captured by USERRA IMS.