DEPARTMENT OF TRANSPORTATION
Office of the Secretary of Transportation (OST)

PRIVACY IMPACT ASSESSMENT

Enterprise Support Systems (ESS)

November 1, 2007

TABLE OF CONTENTS

Overview of Privacy Management Process

Enterprise Support Systems (ESS) consists of B-30 functionality that is utilized by other B-30 Systems, such as Delphi & CASTLE. Three sub-systems have been identified as the following:

Kintana
DMZ Hydra Cluster
Service-Oriented Architecture (SOA)

Privacy management is an integral part of the Enterprise Support Systems (ESS). AME has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and established methodologies.

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and AME will have the information, tools and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing AME to achieve its mission of protecting and enhancing the U.S. transportation system. The methodology is based upon the following steps:

Establish priority, authority, and responsibility. Appointing a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
Assess the current privacy environment. This involves interviews with key individuals involved in the ESS to ensure that privacy risks are identified, addressed and documented.
Organize the resources necessary for the project’s goals. Internal AME resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks. They are also involved in developing the necessary redress systems and training programs.
Develop the policies, practices, and procedures. The resources identified in the paragraph above work to develop effective policies, practices, and procedures to ensure that fair information practices are complied with. The policies are designed to protect privacy effectively while allowing AME to achieve its mission.
Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training all individuals who will have access to and/or process personally identifiable information (PII). It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the AME project.
Maintain policies, practices, and procedures. Due to changes in technology, personnel and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance is required.
Manage exceptions and/or problems with the policies, practices, and procedures. practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints are effectively addressed and corrections made, if necessary.

ESS is hosted and supported by the Enterprise Service Center (ESC) located at the Federal Aviation Administration (FAA), Mike Monroney Aeronautical Center (MMAC), in Oklahoma City. ESS hardware physically resides in the System Management Facility (SMF), which are a consolidated data processing and support facility for small and large scale, general and special purpose data processing and telecommunications systems at the MMAC.

Personally Identifiable Information (PII) & Enterprise Support System (ESS)

Per DOT, all agency data is considered sensitive data and it may or may not contain PII. The Enterprise Support System consists of functionality that is being used by all B-30 systems.

Why Enterprise Support Systems (ESS) Collects Information

The Enterprise Support System collects information that will be utilized by both B-30 systems.

How Enterprise Support Systems (ESS) Uses Information

Kintana is utilized by ESS as a means of tracking & mitigating System Change Request (SCR). In mitigating SCR’s, test results are sometimes attached to provide proof documentation that the enhancement was tested. If the attachment contains PII, it is encrypted. If encryption is not used, all PII/SPII fields are masked out with a comment in the notes field dictating as such. All other sub-systems of ESS do not display data to the users.

How Enterprise Support Systems (ESS) Shares Information

How Enterprise Support Systems (ESS) Provides Notice and Consent

All ESS users (Kintana users) are required to sign a Rules of Behavior (RoB).

How Enterprise Support Systems (ESS) Ensures Data Accuracy

The ESS sub-systems receive their data from Delphi & CASTLE. That data is presumed to be accurate. Kintana information is entered via the users.

How Enterprise Support Systems (ESS) Provides Redress

Corrections would not be made to the ESS system unless it was a problem with the data being displayed in error. There will be a "help desk" number for the users to call.

How Enterprise Support Systems (ESS) Secures Information

Enterprise Support Systems (ESS) takes appropriate security measures to safeguard PII and other sensitive data. Enterprise Support Systems (ESS) applies DOT security standards, including but not limited to routine scans and monitoring, back-up activities, and background security checks of AME employees and contractors.

ROLE	ACCESS	SAFEGUARDS
User (Level 3)	Submit new debarment, suspension, and conviction records for designated transportation oversight entity Change existing debarment, suspension, and conviction records for designated transportation oversight entity Access and change own profile information	User-set user name and password Account set-up approved by User (Level 2) and Administrator (Level 1) Passwords expire after a set period Minimum length of passwords is 8 characters Passwords must be combination of alpha/numeric/special characters Accounts are locked after a set number of incorrect log-in attempts
User (Level 2)	Submit new debarment, suspension, and conviction records for designated transportation oversight entity Change existing debarment, suspension, and conviction records for designated transportation oversight entity Access and change own profile information Request User (Level 3) account for designated transportation oversight entity Access and change own profile information	User-set user name and password Account set-up approved by Site Administrator (Level 1) Passwords expire after a set period Minimum length of passwords is 8 characters Passwords must be combination of alpha/numeric/special characters Accounts are locked after a set number of incorrect log-in attempts
Site Administrator	Search and view user names and profile information Grant User (levels 2 and 3) accounts, reset account passwords, view access log information Delete profiles (without viewing full profile information) View, search, add, change, and delete all information in database	User-set user name and password Account set-up approved by OIG management Passwords expire after a set period Minimum length of passwords is 8 characters Passwords must be combination of alpha/numeric/special characters Accounts are locked after a set number of incorrect log-in attempts Must access system from limited number of computers, each of which also has user name/password access control.

How Long Enterprise Support Systems (ESS) Retains Information

Kintana information is retained for 7 years and is currently backed up under the Delphi Tape Backup.

System of Records

Enterprise Support Systems (ESS) contains information that is part of existing System of Records subject to the Privacy Act. In some cases, such as DOT/OST 101, the Department of Transportation controls the data and maintains System of Records responsibilities. In other cases, other government entities providing Enterprise Support Systems (ESS) source data control the data and retain Privacy Act responsibilities.

Enterprise Support Systems (ESS) was certified and accredited in September 2007 in accordance with DOT information technology security standard requirements.