EXECUTIVE SUMMARY REPORT
Purpose
This assessment was performed to ensure that the Veterans Investigative Preference and Employment Rights System (VIPERS) is in compliance with the Privacy Act of 1974 and other legislation requirements. The guidelines for this assessment included the E-Government Act of 2002, Office of Management and Budget (OMB) Circular A-130, the Management of Federal Information Resources, and OMB Circular A-11. The Department of Labor mandates that each of its agencies must assess their policies and systems against the Privacy Impact Methodology developed by the Department.
Scope
This assessment is for Veterans Investigative Preference and Employment Rights System (VIPERS).VIPERS is owned by the U.S. Department of Labor’s (DOL) Office of the Assistant Secretary for Veterans' Employment and Training Service (VETS).
System Description
What is now called VIPERS started out as Uniformed Services Employment and Reemployment Act (USERRA). It was developed in 1996 and has been operational since October 1, 1996. The purpose of VIPERS is to establish an effective automated process of collecting, consolidating, and reporting USERRA data submitted by Veterans' Employment and Training Service (VETS) staff.
The system is accessible through the Internet. It provides information for use at several organizational and administrative levels, including: VETS field staff doing investigations, VETS supervisors and managers, VETS executive staff, and Congress. Data collected does not only include information on cases opened by investigators, but also provides output to support specified information requirements on other activities essential to the VIPERS program, such as outreach actions, employer contacts and technical assistance responses.
PIA Approach
VETS approached the PIA by first reviewing in detail the Privacy Act of 1974, E-Government Act of 2002, the Office of Management and Budget Circular A-130, the Management of Federal Information Resources, and OMB Circular A-11. VETS then reviewed its current security documents and procedures and compared them to the guidance provided in the above mentioned documents. VETS then went through the PIA questionnaire answering the questions and determining risk.
PIA Results
The result of the PIA for the VIPERS is favorable. It met the requirements specified in the following documents:
- Systems of Records Notice (SORN) posting
- Does not share PII with other sources
- VETS staff and participating members of DOL Office of the Solicitor (SOL), the U.S. Department of Defense (DOD) Employer Support for the Guard and Reserve (ESGR), the U.S. Department of Justice (DOJ) and U.S. Office of Special Counsel (OSC ) are the only users of the data
Summary
VIPERS is compliant with the Privacy Impact Methodology Guidance provided by the OCIO. Its security and policies satisfy the requirements outlined in the following documents:
- Privacy Act of 1974 and other legislation requirements,
- The guidelines include E-Government Act of 2002,
- Office of Management and Budget (OMB) Circular A-130, Management of Federal Information Resources, and
- OMB Circular A-11.
Because VIPERS has satisfied these requirements, no mitigating actions are required.
|
