In accordance with Department of Labor (DOL) guidelines, the Office of Workers' Compensation Programs (OWCP)'s Division of Coal Mine Workers' Compensation (DCMWC) conducted a Privacy Impact Assessment (PIA) on the Automated Support Package (ASP).
ASP is a major application which provides monetary compensation and/or medical care to coal miners or qualified survivors of decedents who are totally disabled due to Pneumoconiosis (Black Lung) arising out of their employment in the nation's coal mines. ASP supports DCMWC core business functions in implementing the Federal Coal Mine Health and Safety Act of 1969.
OWCP, in conjunction with the Office of the Chief Information Officer (OCIO), has determined that ASP processes personally identifiable information (PII). As such, this document has been prepared to describe the information collected by ASP; what it is used for; who has access to the information; how the information can be corrected; and in general terms how the information is secured.
Characterization of the Information
ASP collects PII on individuals filing claims for black lung (pneumoconiosis) benefits under the provisions of the Black Lung Benefits Act, as amended, including miners, and their surviving spouses, children, dependent parents, and siblings.
In addition to these individuals, the system contains records of medical providers, attorneys representing claimants who provide information in support of compensation claims, coal mine operators, and insurance carriers.
What are the sources of the PII in the information system?
PII is provided to the agency in a variety of ways including:
Forms submitted either by the individual claimant, medical provider, responsible coal mine operator or insurance carrier. A list of the forms can be found at the following link:
- Medical bills and other medical records and evaluations provided by a variety of health care professionals including physicians, hospitals, rehabilitation centers, and nurses.
- Employment data provided by claimants, responsible coal mine operators, and insurance carriers.
- Communication between attorneys' representing claimants and responsible coal mine operators.
- Other records of communication including notes on phone calls, letters, etc.
- Information from state workers' compensation agencies concerning claims filed and/or awarded under state laws that may affect the federal claim.
- If the individual has received benefits to which he or she is not entitled, the system may contain consumer credit reports correspondence to and from the debtor, information or records relating to the debtor's current whereabouts, assets, liabilities, income and expenses, debtor's personal financial statements, and other information such as the nature, amount and history of a claim filed by an individual covered by this system, and other records and reports relating to the implementation of the Debt Collection Act of 1982 including any investigative records or administrative review matters.
What is the PII being collected, used, disseminated, or maintained?
- First and/or last name
- Date of birth
- Social Security Number (SSN)
- Photographic identifiers
- Personal phone numbers (e.g., phone, fax, cell)
- Mailing address (e.g., P.O. Box)
- Financial Account Information and/or Numbers
- Business phone numbers and addresses
- Birth, death and marriage certificates
- Legal documents or notes, such as divorce decrees
- Educational records
- Medical bill information from Central Bill Process Service (CBPS) – includes procedure codes, dates of service, and costs of service
- Coded results of legal proceedings regarding claimant eligibility
How is the PII collected?
The DCMWC provides the majority of its forms on-line at https://www.dol.gov/agencies/owcp/dcmwc/regs/compliance/blforms. These forms can be printed and then filled out and mailed or faxed. They can also be filled out on-line and then printed and faxed or mailed. A few of the forms are available to be filled out on-line and then transmitted directly to the appropriate District Office. Forms received electronically are printed and processed along with the paper forms that are received.
Disability applications are received and a Claims Examiner is assigned and enters the claimant's information into the ASP on a claim master screen. After this input, the Claims Examiner sends the claimant an application receipt confirmation letter and an information package that contains a list of the criteria that must be met in order to be eligible for benefits, instructions on submitting evidence that must be met, and a list of doctors who are approved by DOL to perform the medical evaluation.
District Office personnel authorize medical appointments and send the medical providers a Health Insurance Claim form pre-coded by the District Office with the appropriate diagnostic tests to be conducted. The medical provider administers and completes the diagnostic tests and claim form and sends them to the District Office. The claimant assembles all the documentation to provide other evidence of eligibility, such as proof of employment and proof of dependents, and sends the evidence to the District Office. Concurrently, information is sent to the coal company that may be responsible for claimant payment, which is given the opportunity to accept responsibility or dispute the claim, and prove claimant ineligibility.
When sufficient documentation has been received from the claimant, the medical provider, and the coal company, the Claims Examiner reviews the evidence and issues a Schedule for the Submission of Additional Evidence (SSAE) based on the eligibility criteria. The SSAE is sent to notify the claimant and the coal company of the determination of the eligibility of the claimant.
After receiving all the additional documentation from the claimant and the coal company, the Claims Examiner reviews the evidence and, based on the eligibility criteria, issues a Proposed Decision and Order (PDO). This order is sent to both the claimant and the coal company to notify them of the determination of claimant eligibility.
If the claimant is not eligible to receive benefits, the claimant can file an appeal under 33 U.S.C. § 921 and a hearing will be held by the Office of Administrative Law Judges, but the case can extend through the Benefits Review Board and the US Court of Appeals to as far as the US Supreme Court. The ALJ or higher appellate body may uphold the decision that the claimant is not eligible. If there is no further appeal, the Claims Examiner will note the file and close the claim. If an appellate body overturns the decision, awards the claim, and holds the coal company responsible, the coal company can file an appeal under 33 U.S.C. § 921 at the next level of appeal. Alternatively, if the District Director finds that the claimant is eligible for benefits and names a coal company as liable for payments, the company may appeal to the Office of Administrative Law Judge. If the ALJ or any subsequent appellate body upholds the award and the decision that the coal company is responsible, the company is liable for the claimant's benefit payments. If the coal company refuses to pay benefits while an appeal is pending, interim benefit payments are initiated from the Black Lung Disability Trust Fund.
If the claimant is eligible to receive benefits, the Claims Examiner fills out the CM-1261 Benefits Payments Data form to initiate the payment process. The CM-1261 is sent to the District Director/or Designee for review and approval. If approved by the District Director, the form is signed and forwarded to the data transcriber for input and signature. If the form is not approved, the form is sent back to the Claims Examiner for corrective action and the completion of a new form. After any level of review, if the form is not approved, the Claims Examiner will complete a new and corrected form.
The OWCP contractor receives paper medical bills from medical providers, claimants, and DCMWC District Offices. They also receive paper and electronic pharmacy bills from providers and claimants. Contract staff prepares and organizes these documents at contractor facilities. The images of the documents are stored on a server. All inbound and outbound call reference notes are also transcribed and are available electronically to support the bill payment process. A secured Web portal is provided to allow providers and claimants on-line read only access to information about their claims.
Data is also collected via data exchanges with the Social Security Administration (SSA) and Dept. of Commerce.
How will the information be checked for accuracy?
All paper forms and the data that is entered as a result of those forms are reviewed multiple times, as indicated above, to ensure the accuracy of the information.
In addition, there are ASP system functions to detect errors and reject the form until corrections have been made.
The images of the documents received by ACS are electronically indexed, verified, and quality checked before being transmitted to DOL and to ACS State Healthcare for adjudication and payment processing.
What specific legal authorities, arrangements, and/or agreements defined the collection of information?
OWCP has been authorized by Congress (Public Law 92-303: The Black Lung Benefits Act of 1972) to require persons who file claims for compensation under the Black Lung Benefits Act of 1972 and its extensions to disclose certain identifying information, including SSN.
Privacy Impact Analysis
There are many potential risks when medical information is recorded about an individual, such as identity theft, refusal of insurance coverage, loss of employment, etc. In particular, the risk of inadvertent disclosure of PII when it is exchanged among medical offices, other medical staff, and DCMWC offices is taken very seriously. DCMWC understands its obligation to safeguard this information to prevent any of the potential risks from being realized and has established policies and procedures to safeguard this information. Throughout the remainder of this document, examples of those safeguards have been explained to illustrate this commitment to preventing the compromise of PII.
In addition to the safeguards in place internally, DCMWC required the contractor's operation to fully comply with Federal security guidance to ensure proper safeguards are in place to prevent the accidental release of information that has been entrusted to the organization.
Uses of the PII
The following questions are intended to clearly delineate the use of information and the accuracy of the data being used.
Describe all the uses of the PII
DCMWC uses the collected PII as critical information for the purposes of managing the claimant's case and successfully fulfilling its mission.
ASP operations provide the following functions, which in some part depend on PII:
- Conduct correspondence with claimants, attorneys, mine owners, and various medical personnel to determine the eligibility of the claim
- Determine whether a claim is eligible, and notify the claimant
- Periodically update claimant and medical information to determine continued eligibility
- Calculate the amount of benefits the claimant is eligible for
- Receive electronic file of approved payments from contractor for transmission to the Treasury Department
- Disburse benefit payments to claimants or their beneficiaries
- Review pre-authorization requests for medical procedures
- Gather information for hearings and reviews when a claimant or his/her representative has filed an appeal
- Provide statistics for quality reviews including utilization review and fraud and abuse detection
- Recover funds that have been disbursed in error or where an overpayment has been made
What types of tools are used to analyze data and what type of data may be produced?
Data mining and some pattern recognition are used to look for instances of potential fraud, as well as for reporting purposes, i.e. to determine if performance goals are being met.
Will the system derive new data, or create previously unavailable data, about an individual through aggregation of the collected information?
The system does not.
If the system uses commercial or publicly available data, please explain why and how it is used.
ASP employs the National Technical Information Service (NTIS) SSA Death Master File (DMF) to check for decedents. DCMWC has a contract with NTIS to provide this information over a secure Web based server. This information is not available to the public.
Privacy Impact Analysis
All system users are required to read and sign the Rules of Behavior before being granted access to the system. ASP uses least privilege principles to ensure that only those who need access to the data to fulfill the agency's mission are given access in addition to the authentication controls discussed above.
The system maintains only PII that is necessary and relevant to accomplish the purpose for which it is being collected.
The following questions are intended to outline how long information will be retained after the initial collection.
How long is information retained in the system?
Black Lung Automated Support Package: Electronic file data has permanent retention, limited access and is in a highly secure environment. Claimant and benefit master file data will be transferred to magnetic tape and transmitted to the National Archives and Records Administration (NARA) every ten years. This data (which includes both open and closed cases) will not be made available to the public until 90 years after transfer to NARA due to Privacy Act restrictions.
Black Lung Benefits Claim File: Approved hard copy claims files are destroyed 10 years after death of last beneficiary. Denied claims are destroyed 30 years after final denial.
Has the retention schedule been approved by the DOL agency records officer and the National Archives and Records Administration (NARA)?
Yes, the Archivist of the United States signed the "Request for Records Disposition Authority", Job Number: N1-271-02-01 on April 30, 2004.
What efforts are being made to eliminate or reduce PII that is collected, stored or maintained by the system if it is no longer required?
PII is only stored on the Central Bill Process system for a period of up to seven years. After that, non-active records are copied to tape and the archived records are stored at a separate backup facility. The Division of Coal Mine Workers' Compensation (DCMWC) maintains both hardcopy PII (Black Lung claims files) as well as electronic PII (claims data maintained in the ASP system). The hardcopy PII records are retired to the Federal Records Center according to the procedures in the Black Lung Benefits Act (BLBA) procedure manual, Chapter 1-402 Records Disposal. The electronic PII records are retained indefinitely in the ASP databases.
How is it determined that PII is no longer required?
The OWCP programs, under which PII records are collected and processed, are authorized by Congress to collect such information. Because these records are part of the official record that justifies the compensation decisions made by OWCP, they are required to be maintained as part of the audit record for the agency.
Privacy Impact Analysis
ASP is required to maintain the paper record for the interval indicated by the Archivist of the United States. The paper files are maintained in secure file areas within the DCMWC offices. Once the file is eligible to be shipped to the FRC, it is sent via tracked packages which are labeled appropriately. The electronic records are secured with numerous security controls. Electronic data sent to NARA is encrypted and is also sent via tracked packages which are labeled appropriately.
Internal Sharing and Disclosure
The following questions are intended to define the scope of sharing within the Department of Labor.
With which internal organization(s) is the PII shared, what information is shared, and for what purpose?
Electronic case records can be requested by the following organizations outside of the OWCP program for auditing purposes: the DOL Office of Inspector General (OIG) and the Office of the Chief Financial Officer (OCFO) for audit purposes; and the Office of the Solicitor (SOL) for litigation support.
How is the PII transmitted or disclosed?
All PII shared internally (with OIG) is transmitted via portable media (typically CD/DVD) and encrypted via the DOL mandated encryption software.
Privacy Impact Analysis
The sharing of data with internal users is limited to SOL for litigation support and the OIG and OCFO and their designated auditors. All auditors are required to sign strict non-disclosure agreements, read and sign Rules of Behavior and complete security screening before they are authorized to access any data. The information is being shared with auditors and the SOL for civil or criminal law enforcement.
External Sharing and Disclosure
The following questions are intended to define the content, scope, and authority for information sharing external to DOL which includes federal, state and local government, and the private sector.
With which external organization(s) is the PII shared, what information is shared, and for what purpose?
The following Agencies receive ASP data:
- Department of the Treasury – Financial Management Services (FMS) - disposition of Black Lung benefit payments to and on behalf of beneficiaries. Only the Department of the Treasury receives data from the ASP via Connect:Direct.
- Social Security Administration - to notify changes in benefit files that could affect other SSA benefits. This information is transmitted via the SSA's secure web site.
- Affiliated Computer Services – Strategic Business Unit (ACS-SBU). ACS data is transmitted via a secure interface managed by OWCP. This information is used to update ACS regarding claimant eligibility and authorizations for medical procedures. ACS provides file updates to the ASP regarding medical bill payments and related claim status.
- Department of Commerce – National Technical Information Service (NTIS) - Provides DCMWC with weekly SSA death master files from an NTIS website.
As discussed earlier, DCMWC receives documents from its Central Bill Process (CBP) contractor for purposes of prior authorization and other claims management. Also as part of its contract with OWCP, CBP prepares files for transmission to the U.S. Treasury for payments to be made. These payments are authorized and approved by the OWCP program office, so no transaction is completed without the intervention of authorized federal staff who confirms the payments.
Documents are exchanged with mine owners, insurance companies, state workers' compensation agencies, and various health care providers as part of the determination of eligibility and the payment of benefits.
Is the sharing of PII outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the PII outside of DOL.
Yes. It is covered by System of Records Notices: DOL/ESA-5, DOL/ESA-6, and DOL/ESA-30. Authorization is documented within a Memorandum of Understanding (MOU) and/or an Interconnectivity Security Agreement (ISA) between OWCP/DCMWC and the outside Agencies.
How is the information shared outside the Department and what security measures safeguard its transmission?
The information is shared via encrypted portable media (CD) with the DOL mandated encryption software or through direct connections.
The transmission of data through a direct connection includes two factor authentication and encryption of the data.
Privacy Impact Analysis
The electronic external sharing of data is the required connections to ACS-SBU, SSA, Dept. of Commerce and the Treasury's FMS.
Since the connection is made through the OWCP network, an Interconnection Service Agreement is in place between OWCP and Treasury's FMS. In addition, an MOU between the U.S. Department of Labor and U. S. Treasury Department is in place covering this connection. The data is used in order for payments to be issued to claimants.
Currently, data sharing agreements between the DOL, ACS-SBU, the Department of Commerce, and the SSA are in place.
The following questions are directed at notice to the individual of the scope of PII collected, the right to consent to uses of said information, and the right to decline to provide information.
Was notice provided to the individual prior to collection of PII?
Privacy Act considerations are included on the back of our claimant forms. Claimants are instructed to review the entire document before submitting the form.
Do individuals have the opportunity and/or right to decline to provide information?
Yes, the following statement is included on the claimant forms:
In accordance with the Privacy Act of 1974, as amended (5 U.S.C. 552a) you are hereby notified that
- the Black Lung Benefits Act (BLBA) (30 U.S.C. 901 et. seq.) as amended, is administered by the Office of Workers' Compensation Programs (OWCP) of the U.S. Department of Labor, which receives and maintains personal information, relative to this application, or claimants and their immediate families.
- information obtained by OWCP will be used to determine eligibility for the amount of benefits payable under the BLBA;
- information may be given to coal mine operators potentially liable for payment of the claim, or to the insurance carrier or other entity which secured the operator's compensation liability;
- information may be given to the physicians or medical service providers for use in providing treatment, making evaluations and for other purposes relating to the medical management of the claim;
- information may be given to the Department of Labor's Office of Administrative Law Judges, or other person, board or organization, which is authorized or required to render decisions with respect to the claim or other matters arising in connection with the claim;
- information may be given to Federal, state or local agencies for law enforcement purposes, to obtain information relevant to a decision under the BLBA, to determine whether benefits are being or have been paid properly, and, where appropriate, to pursue administrative offset and/or debt collection actions required or permitted by law;
- disclosure of the claimant's Social Security Number (SSN) or tax identifying number (TIN) on this form is voluntary. The SSN and/or TIN and other information maintained by the OWCP may be used for identification and for other purposes authorized by law;
- failure to disclose all requested information may delay the processing of this claim or the payment of benefits or may result in an unfavorable decision or a reduced level of benefits.
Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right?
As indicated in the previous question, OWCP has been authorized by law to collect certain information in order to process claims. The information is used only for the purposes of managing the Coal Mine Workers' compensation claim. Claimants consent to this use of their information by signing the claimant form.
Privacy Impact Analysis
Specific notice of the need to have and use privacy data to process a claim is included on the claim form itself to ensure that all claimants are aware of the data necessary to complete their claim and its uses. In addition, SORNs outlining the users of privacy data for this system are available to the public through the DOL website. (See list of SORNS in the External Sharing and Disclosure section)
Access, Redress, and Correction
The following questions are directed at an individual's ability to ensure the accuracy of the information collected about them.
What are the procedures that allow individuals to gain access to their information?
Claimants have the right to request a copy of their file at any time.
What are the procedures for correcting inaccurate or erroneous information?
Claimants can contact the closest OWCP-DCMWC office and provide amended information. They are also periodically contacted by DCMWC claims administrators to request updated information for their claim.
How are individuals notified of the procedures for correcting their information?
When they file the claim, they are told to contact the office should there be any changes in the information provided. DCMWC also regularly communicates with the claimant providing the opportunity for correction of information throughout the life of the claim.
If no formal redress is provided, what alternatives are available to the individual?
Individuals have access, redress, and amendment rights under the Privacy Act for their records, and the procedures pertaining thereto are documented in the Privacy Act system of records notice.
Privacy Impact Analysis
Electronic access to the claimant's records is strictly limited to preserve the privacy of the claimant. Only the claimant and/or "party in interest" (under federal regulations (20 CFR 702.113-114), any "party in interest", including the employer, the carrier, the claimant, and any lien claimant, as well as their legal representatives, have the right to a copy of the admin claim file) can request copies of their records to avoid any potential breach of privacy
Technical Access and Security
The following questions are intended to describe technical safeguards and security measures.
What procedures are in place to determine which users may access the system and are they documented?
DCMWC has put in place access control measures that include documented user access authorization, encryption and least privilege.
Will Department contractors have access to the system?
DCMWC contractors are required to read the Computer Security Training slides and the OWCP MA Rules of Behavior and sign a Non-Disclosure Agreement before accessing the system. Also a Personal Identity Verification is conducted on each contractor.
Describe what privacy training is provided to users, either generally or specifically relevant to the program or system?
Annual Information System Security and Privacy Awareness Training which has a privacy module or component to it. In addition, all DOL employees must complete online training on protecting PII each year.
What auditing measures and technical safeguards are in place to prevent misuse of data?
OWCP uses the concept of least privilege as described above. Access is granted only after authorization based on documented access request policies. Logs for certain system functions are also reviewed on a regular basis to check for any misuse or other issues.
All OWCP operations are required to have security audits and assessments conducted of their operations on an annual basis. All OWCP systems must have system level auditing enabled to provide for reasonable response in the event of a security situation. IT system auditing and security testing is an essential aspect of how the Agency ensures the integrity and availability of our computing systems. Auditing and assessments also provide the Agency the ability to be more effective in preventing security vulnerabilities.
Privacy Impact Analysis
There are many potential risks when medical information is recorded about an individual, such as identity theft, certain types of insurance coverage being refused if certain medical information became public, loss of employment, etc. DCMWC understands its obligation to safeguard this information to prevent any of the potential risks from being realized. Throughout this document examples of those safeguards have been explained to illustrate this commitment to preventing the compromise of PII.
There are appropriate administrative, technical and physical safeguards in place to ensure the confidentiality, integrity, and availability of the information.
The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics, and other technology.
What stage of development is the system in, and what project development life cycle was used?
Operations and Maintenance.
The DOL System Development Life Cycle Management (SDLCM) Manual.
Does the project employ technology which may raise privacy concerns? If so please discuss their implementation?
As a result of performing the PIA, what choices has the agency made regarding the information technology system and collection of information?
- OWCP has completed the PIA for ASP which is currently in operation. OWCP has determined that the safeguards and controls for this moderate system adequately protect the information.
- OWCP has determined that it is collecting the minimum necessary information for the proper performance of a documented agency function.