Skip to page content
Office of the Chief Information Officer
Bookmark and Share

Privacy Impact Assessment Questionnaire

SOL — Matter Management System — FY2017

Overview

The system name and the name of the DOL component(s) which own(s) the system:

The Matter Management System (MMS) is owned by the Office of the Solicitor (SOL).

The purpose/function of the program, system, or technology and how it relates to the component's and DOL mission:

The SOL mission is to represent the Secretary and the DOL client agencies in all necessary litigation, including both enforcement actions and defensive litigation, and in alternative dispute resolution activities; assist in the development of regulations, standards, and legislative proposals, and provide legal opinions and advice concerning all the Department's activities.

The Matter Management System (MMS) tracks all significant legal activities referred by DOL client agencies to the various components of SOL. Legal services include undertaking litigation to carry out priority enforcement initiatives, and to defend the Secretary and the program agencies of the Department; assisting in the development, drafting, and legal review of legislation, regulations, Executive Orders, and other matters affecting Departmental programs; and providing legal opinions/advice for the Secretary, Departmental and agency officials. Data collected through the MMS is used to analyze the volume, diversity, trends, and impact of the workload in SOL offices. This system provides information to manage SOL resources, monitor operational performance, support budget activities, and provide SOL's client agencies (DOL agencies) with updated information on the work being done in their respective program areas. The system also captures SOL resource time spent providing legal services and manages legal holds for litigation cases. The MMS provides these functions throughout SOL national, regional and sub-regional offices supporting approximately 700 attorneys, docket clerks, and paralegals.

A general description of the information in the system.

The information in the system is descriptive and status information about the legal services (litigation, opinion and advice, rules and regulations review) provided by SOL to DOL client agencies. This descriptive information may contain some PII.

A description of a typical transaction conducted on the system.

A typical transaction in the MMS involves a SOL docket clerk creating a litigation matter (legal services) to support a DOL enforcement agency, updating a matter's status, recording the time spent on a matter, sending a legal hold request to preserve documents related to the litigation, and closing a matter at the completion of the litigation case.

Any information sharing conducted by the program or system.

SOL shares information with DOL clients (DOL agencies).

A general description of the modules and subsystems, where relevant, and their functions:

The Matter Management System contains the following major components:

  • Matter Management — tracks the legal services provided to clients from initiation to completion
  • Legal Hold — manages notices to preserve documents in the event of pending or reasonable anticipation of litigation
  • Management Reporting — provides standard and ad hoc reporting.

Where appropriate, a citation to the legal authority to operate the program or system.

5 U.S.C. 301, 5 U.S.C. 552 and 5 U.S.C. 552a.

Provide a description of why the PIA is being conducted.

The MMS contains PII on Federal employees, contractors and members of the public and therefore a Privacy Impact Assessment is required. The Privacy Act requires that a SORN be published in the Federal Register when PII is maintained by a Federal agency in a system of records and the information is retrieved by a personal identifier. The system can retrieve PII by the specific personal identifier. A Privacy Act System of Record Notice (SORN) is published in the Federal Register.

Characterization of the Information

The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, or technology being developed.

Specify whether the system collects personally identifiable information (PII) on DOL employees, other federal employees, contractors, members of the public (U.S. citizens), foreign citizens, or minor children.

PII is collected in the system on members of the public (US citizens), DOL contractors and DOL employees.

What are the sources of the PII in the information system?

Sources of PII are the work files of DOL client agencies that request legal services from SOL.

What is the PII being collected, used, disseminated, or maintained?

Members of the Public

  • Name of party to a litigation case
  • Name of legal hold recipient
  • Residential address
  • Mailing address
  • Personal phone number
  • Personal email address
  • SSN (FEEWC Subrogation and Black Lung matters only)

Note: Party to a case includes judge, expert witnesses, claimant, opposing counsel, etc.

SOL Federal Employees

  • Name of SOL employee
  • Network logon credentials (network domain/user ID) of system business users
  • Business phone
  • Business email

SOL Contractors

  • Name of contractor
  • Network logon credentials (network domain/user ID) of contractors that maintain the system
  • Business phone
  • Business email

How is the PII collected?

PII is collected as the result of performing legal services for the DOL client agencies.

How will the information be checked for accuracy?

PII for a specific matter/case is reviewed by the supervising attorney assigned to the matter/case.

What specific legal authorities, arrangements, and/or agreements defined the collection of information?

SOL has the authority to perform legal services under statutes and federal regulations noted in 5 U.S.C. §301. Departmental Regulations. These legal services are recorded in MMS.

SOL adheres to the Privacy Act of 1974 for PII that is contained within the MMS. PII is stored for the exclusive purpose of performing SOL's mission. The mission is to represent the Secretary and the client agencies in all necessary litigation, including both enforcement actions and defensive litigation, and in alternative dispute resolution activities; assist in the development of regulations, standards, and legislative proposals, and provide legal opinions and advice concerning all the Department's activities.

Privacy Impact Analysis

The PII stored in the MMS is subject to minimal risk because it is well protected by implementation of numerous security controls at the network and application level as defined by NIST SP 800-53 Security and Privacy Controls for Federal Systems and Organizations. The key security controls to ensure that PII is properly protected from unauthorized access and unauthorized disclosure include:

  • Technical Controls
    • Access Control (AC)
      • Account Management
      • Access Enforcement
      • Information Flow Enforcement
      • Separation of Duties
      • Least Privilege
      • Session Lock
      • Session Termination
    • Audit and Accountability (AU)
      • Audit Review, Analysis and Reporting
    • Identification and Authentication (IA)
      • Identifier Management
      • Authenticator Management
    • System and Communications Protection (SC)
      • Cryptographic Protection
  • Management Controls
    • Planning (PL)
      • Rules of Behavior
  • Operational Controls
    • Awareness and Training (AT)
      • Security Awareness Training
      • Role-based Training
    • Media Protection (MP)
      • Media Access
      • Media Marking
      • Media Storage
      • Media Transport
      • Media Transport/Cryptographic Protection
    • Physical and Environmental Protection (PE)
      • Physical Access Authorizations
      • Physical Access Control

Uses of the PII

The following questions are intended to clearly delineate the use of information and the accuracy of the data being used.

Describe all the uses of the PII

PII

Use

MEMBERS OF THE PUBLIC

SSN of the miner who filed the black lung claim.

Used to identify the claimants, beneficiaries, survivors, etc., and ensure that the DOL client agency and SOL attorney are communicating concerning the correct individual, and to ensure proper payment of benefits.

SSN of the DOL employee who filed the workers compensation claim for which DOL will request reimbursement from the third party at fault

Used to identify the claimants.

Name of parties to a litigation case (member of the public)

Used to communicate with the parties involved in the case.

Residential address and mailing address of parties to a litigation case (member of the public)

Used to communicate with the parties involved in the case.

Personal phone number and email of parties to a litigation case (member of the public)

Used to communicate with the parties involved in the case.

Business address, phone and email of parties to a litigation case (member of the public)

Used to communicate with the parties involved in the case.

Name, business email and personal email

Used to communicate legal hold requests to non-DOL individuals. A legal hold is a request to preserve documentation that may be relevant to an active or pending litigation case.

SOL EMPLOYEES AND CONTRACTORS

Name of SOL employees and contractors

Used for management reporting

Business phone and email

Used to communicate within and outside of DOL.

Network logon credentials

Used to authenticate the SOL user for authorized use of the MMS.

DOL EMPLOYEES AND CONTRACTORS

Name and business email

Used to communicate legal hold requests to DOL individuals. A legal hold is a request to preserve documentation that may be relevant to an active or pending litigation case.

What types of tools are used to analyze data and what type of data may be produced?

The SQL Reporting Services tool is used to analyze data and generate operational reports. These reports contain workload information at the aggregate level for legal services rendered. PII is not displayed at the aggregate level. However, any report from the contact information function of the system has significant PII on members of the public. Any report from the Staff Notebook function of the system has PII on SOL employees and contractors. Time reporting has time spent on providing legal services by attorney name, however, attorney name is not linkable to other PII. The Report Wizard tool is used to analyze data requested through on-line inquiries and may display PII data. The Report Wizard does not export to Excel. SQL Reporting Services exports are management reports that do not contain PII.

Will the system derive new data, or create previously unavailable data, about an individual through aggregation of the collected information?

No.

If the system uses commercial or publicly available data, please explain why and how it is used.

Not applicable.

Privacy Impact Analysis

The operational storage and use of PII can create the risk of unauthorized access and disclosure. The use of PII stored in the MMS is subject to minimal risk because it is well protected by numerous technical security controls. The key security controls to ensure that PII is properly protected in accordance with the above described uses include:

  • Technical Controls
    • Access Control (AC)
      • Account Management
      • Access Enforcement
      • Information Flow Enforcement
      • Separation of Duties
      • Least Privilege
      • Session Lock
      • Session Termination
    • Audit and Accountability (AU)
      • Audit Review, Analysis, and Reporting
    • Identification and Authentication (IA)
      • Identifier Management
      • Authenticator Management
    • System and Communications Protection (SC)
      • Cryptographic Protection
  • Management Controls
    • Planning (PL)
      • Rules of Behavior
  • Operational Controls
    • Awareness and Training (AT)
      • Security Awareness Training
      • Role-based Training
    • Media Protection (MP)
      • Media Access
      • Media Marking
      • Media Storage
      • Media Transport
      • Media Transport/Cryptographic Protection
    • Physical and Environmental Protection (PE)
      • Physical Access Authorizations
      • Physical Access Control
  • Privacy Controls
    • Authority and Purpose (AP)
      • Authority to Collect
      • Purpose Specification

Retention

The following questions are intended to outline how long information will be retained after the initial collection.

How long is information retained in the system?

Information is retained in accordance with the SOL Records Schedule.

Has the retention schedule been approved by the DOL agency records officer and the National Archives and Records Administration (NARA)?

Yes. National Archive and Records Administration Schedule #DAA-0174-2013-0006.

How is it determined that PII is no longer required?

A determination as to when PII is no longer required within the system is performed as part of the annual review of the Privacy Impact Assessment. Specifically, the MALS Legal Technology Unit will make recommendations for approval by the System Owner. Also SOL addresses all federal mandates to reduce the storage of PII in the system.

What efforts are being made to eliminate or reduce PII that is collected, stored or maintained by the system if it is no longer required?

As of March 2010, only the last 4 digits of the SSN are recorded for the Black Lung matters.

As of August 2010, SSN is no longer recorded for FECA Subrogation.

Privacy Impact Analysis

The risk of unauthorized access and unauthorized disclosure is proportionally increased by the length of time in which the data is retained. The key security controls to ensure that PII is properly protected include:

  • Operational Controls
    • System and Information Integrity (SI)
      • Information Handling and Retention
  • Privacy Controls
    • Data minimization and Retention (DM)
      • Minimization of personally Identifiable Information
      • Data Retention and Disposal
      • Minimization of PII Used in Testing, Training, and Research

Internal Sharing and Disclosure

The following questions are intended to define the scope of sharing within the Department of Labor.

With which internal organization(s) is the PII shared, what information is shared, and for what purpose?

Time by attorney name may be shared with DOL client agencies through management reports to provide the legal services accomplished in each DOL client agency.

How is the PII transmitted or disclosed?

PII is transmitted or disclosed through management reporting distributed electronically via email.

Privacy Impact Analysis

When information is shared, there is always a risk that the sharing partner does not have the appropriate authorized access level resulting in unauthorized disclosure. The key security controls to ensure that access to PII is properly authorized include:

  • Technical Controls
    • Access Control (AC)
      • Information Sharing
  • Privacy Controls
    • Use Limitation (UL)
      • Internal Use

External Sharing and Disclosure

The following questions are intended to define the content, scope, and authority for information sharing external to DOL which includes federal, state and local government, and the private sector.

With which external organization(s) is the PII shared, what information is shared, and for what purpose?

Not applicable. PII from the MMS is not shared outside the Department.

Is the sharing of PII outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the PII outside of DOL.

Not applicable. PII from the MMS is not shared outside the Department.

How is the information shared outside the Department and what security measures safeguard its transmission?

Not applicable. PII from the MMS is not shared outside the Department,

Privacy Impact Analysis

Not applicable. PII from the MMS is not shared outside the Department.

Notice

The following questions are directed at notice to the individual of the scope of PII collected, the right to consent to uses of said information, and the right to decline to provide information.

Was notice provided to the individual prior to collection of PII?

Yes. Notice was provided to the individual prior to collection of PII by the DOL agency. This occurs prior to SOL's use of the information. SOL does not collect PII directly from members of the public but rather extracts the information from records collected by the DOL client agencies.

Do individuals have the opportunity and/or right to decline to provide information?

Yes. Individuals have the right to decline to provide information based on the invocation of the Privacy Act of 1974. Individuals would have addressed this opportunity or right with the DOL agency prior to SOL's use of the information. SOL does not collect this information directly from members of the public but rather extracts the information from records collected by the DOL agencies.

Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right?

No, as there are only routine uses of the information, and no particular uses that would require consent under the Privacy Act of 1974.

Privacy Impact Analysis

The predominant risk exists in unauthorized disclosure. DOL shall not disclose, nor make available, any personal data except with the consent of the individual concerned or by authority of law. DOL shall, when appropriate and required by law, provide access to, and a process for amending, personal information in accordance with the Privacy Act of 1974. The key security controls to ensure proper notice include:

  • Privacy Controls
    • Transparency (TR)
      • Privacy Notice
      • System of Records Notices and Privacy Act Statements
      • Dissemination of Privacy Program Information

Access, Redress, and Correction

The following questions are directed at an individual's ability to ensure the accuracy of the information collected about them.

What are the procedures that allow individuals to gain access to their information?

An individual, or legal representative acting on their behalf, may request access to their record by appearing in person or by writing to the Department of Labor, Associate Solicitor, Office of Management and Administrative Legal Services Office of the Solicitor (SOL), 200 Constitution Avenue, NW, Washington, DC 20210. A requester in need of guidance in defining the request may write to the Assistant Secretary for Administration and Management, U.S. Department of Labor, 200 Constitution Avenue, NW, Washington, DC 20210.

The specific procedures for allowing an individual to gain access to their information are provided in Title 29 CFR Part 71.2.

What are the procedures for correcting inaccurate or erroneous information?

An individual may submit a request for correction or amendment of their record. The request must be in writing and must be addressed to the Department of Labor, Associate Solicitor, Office of Management and Administrative Legal Services Office of the Solicitor (SOL), 200 Constitution Avenue, NW, Washington, DC 20210. The request must identify the particular record in question, state the correction or amendment sought, and set forth the justification for the change. Both the envelope and the request itself must be clearly marked: "Privacy Act Amendment Request."

The specific procedures for correcting inaccurate or erroneous information are provided in Title 29 CFR 71.9.

How are individuals notified of the procedures for correcting their information?

This information is published in the Federal Register entry for the system.

If no formal redress is provided, what alternatives are available to the individual?

When a request for correction or amendment is denied in whole or in part, the requester may appeal the denial to the Solicitor of Labor within 90 days of the receipt of the notice denying the request.

Privacy Impact Analysis

There is minimal risk to the data integrity of PII stored in the MMS because it is well protected by numerous security controls. Data integrity is primarily accomplished through authorized restrictive access to information in the system.

The key security controls to ensure the integrity of PII include:

  • Operational Controls
    • System and Information Integrity (SI)
      • Information Input Validation
      • Error Handling
      • Information Handling and Retention
  • Privacy Controls
    • Individual Participation and Redress (IP)
      • Consent
      • Individual Access
      • Redress
      • Complaint Management
    • Data Quality and Integrity (DI)
      • Data Quality
      • Data Integrity and Data Integrity Board

Technical Access and Security

The following questions are intended to describe technical safeguards and security measures.

What procedures are in place to determine which users may access the system and are they documented?

SOL has documented access control procedures in place which ensures that only authorized users have access to MMS. Highlights of the SOL procedures include:

  • general and privileged user Rules of Behavior acknowledgement
  • access provided strictly on the basis of approved authorizations
  • automatic removal of inactive accounts
  • least privileges access based on role
  • separation of duties

Will Department contractors have access to the system?

Yes, the MMS is accessed by developers and system administrators who are authorized contractors of the Department of Labor, for the purpose of developing, testing, operating and maintaining the system.

Describe what privacy training is provided to users, either generally or specifically relevant to the program or system?

Mandatory DOL Information Systems Security and Privacy Awareness Training is provided to all SOL employees and contractors annually.

What auditing measures and technical safeguards are in place to prevent misuse of data?

Auditing functionality exists within the system to record all business users and system administrator actions in an Audit Log. The Audit Log is protected from viewing by unauthorized users and is reviewed on a weekly basis for unusual or suspicious activity.

Within the system there are specific user roles (groups) defined which provide varying levels of authorized access to data stored in the MMS. Critical functions are divided among different individuals based on their user role assignment. Data stored in the system is encrypted at rest and during transmission. Inactive user accounts are automatically deactivated.

Privacy Impact Analysis

The PII stored in the MMS is subject to minimal risk because it is well protected by implementation of numerous security controls at the network and application level as defined by NIST SP 800-53 Security and Privacy Controls for Federal Systems and Organizations. The key security controls to ensure that PII is properly protected from unauthorized access and unauthorized disclosure include:

  • Technical Controls
    • Access Control (AC)
      • Account Management
      • Access Enforcement
      • Information Flow Enforcement
      • Separation of Duties
      • Least Privilege
      • Session Lock
      • Session Termination
  • Audit and Accountability (AU)
    • Audit Review, Analysis, and Reporting
  • Identification and Authentication (IA)
    • Identifier Management
    • Authenticator Management
  • System and Communications Protection (SC)
    • Cryptographic Protection
  • Operational Controls
    • Awareness and Training (AT)
      • Security Awareness Training
      • Role-based Training
    • Media Protection (MP)
      • Media Access
      • Media Marking
      • Media Storage
      • Media Transport
      • Media Transport/Cryptographic Protection
    • Physical and Environmental Protection (PE)
      • Physical Access Authorizations
      • Physical Access Control
  • Privacy Controls
    • Security (SE)
      • Inventory of Personally Identifiable Information
      • Privacy Incident Response

Technology

The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics, and other technology.

What stage of development is the system in, and what project development life cycle was used?

MMS is in the Phase 6 Operations and Maintenance. The ATO was signed February 2015 and the initial system rollout to national and regional offices was completed in June 2012. The project development life cycle used is the DOL Systems Development Life Cycle Management Manual (SDLCMM).

Does the project employ technology which may raise privacy concerns? If so please discuss their implementation?

No. MMS consists of configured commercial off-the-shelf (COTS) software which does not raise privacy concerns.

Determination

As a result of performing the PIA, what choices has the agency made regarding the information technology system and collection of information?

  • SOL has completed the PIA for the Matter Management System. SOL has determined that the safeguards and controls for this moderate system will adequately protect the information and will be referenced in Matter Management System Security Plan.
  • SOL has determined that it is collecting the minimum necessary information for the proper performance of a documented agency function.