The following laws and regulations establish specific requirements for the confidentiality, integrity, and availability of the data processed, stored, and transmitted by the EEOC Training and Outreach Online Registration System:
Computer Fraud and Abuse Act of 1984
Federal Information Security Management Act of 2002
OMB February 1996 Circular A-130, Appendix III
Paperwork Reduction Act of 1980
Privacy Act of 1974
EEOC Order 240.005, EEOC Information Security Program
Information Security Responsibilities of EEOC Employees
EEOC Order 150.003, Privacy Act of 1974, As Amended
Public laws and regulations applicable to all federal agencies
The individualís right to privacy must be protected in Federal Government information activities involving personal information. This assessment addresses the privacy impact of the EEOC Training and Outreach Online Registration System (the System) operated by the Office of Field Programís Revolving Fund Division. This system supports the training registration function of the EEOC Education, Technical Assistance and Training Revolving Fund (Revolving Fund).
1. Generally describe the information to be used in the system in each of the following categories: Registrant, Company, EEOC Employee, Other.
Revolving Fund Training event registrants provide data that is entered into the System. This data consists of personal and employer information, reasonable accommodations needed, if any, and payment data.
2. What are the sources of the information in the system?
2.1. What EEOC files and databases are used?
Electronic address files of previous registrants contained in the previous EEOC Revolving Fund registration system (the Marketing, Sales and Registration System), were transferred to the System in 2004. No other external files or databases are used.
2.2. What Federal Agencies are providing data for use in the system?
Those Federal Agencies whose employees register for Revolving Fund
training events. All Revolving Fund training events are open to all Federal
2.3. What State and Local Agencies are providing data for use in the system?
Those State and Local Agencies whose employees register for Revolving
Fund training events. All Revolving Fund training events are open to all State
and Local Agency employees.
2.4. What other third party sources will data be collected from?
Those private and commercial, and non-profit entities whose employees register
for Revolving Fund training events. All Revolving Fund training events are open
to all private and commercial, and non-profit entities employees.
2.5. What information will be collected from the Registrant?
Information collected consists of registrant name, employer electronic and physical mailing addresses and telephone number, job title, disability and diet needs if any, training history, marketing methods that led to registration for training, employer name, size, type, address, telephone number, and payment data consisting of method of preferred payment, purchase order and credit card data if applicable, billing address if called for by payment method, interagency billing and collection data from Federal employers, and tax identification data.
3. How will data collected from sources other than EEOC records and the Registrant be verified for accuracy?
All data is provided by the Registrant (entered directly by the Registrant or by a representative from the EEOC Training Institute who enters information exactly as the Registrant has directed on registration forms).
3.1. How will data be checked for completeness?
Online registration can only be accepted if data is entered in all required fields. If registration data is submitted offline, contractor registration staff checks for completeness.
3.2. Is the data current? How do you know?
Contractor registration staffs check for current payment data. Registrants who do not provide current payment data may not be registered to attend training events. When marketing for future training events, any non-current mailing address and electronic mail information is deleted from the System and current data is entered. Non-current data is identified when mailing to a physical address is returned or electronic mail is returned as undeliverable.
4. Are the data elements described in detail and documented? If yes, what is the name of the document?
The data element names are sufficiently descriptive and self-explanatory for Registrants to provide information for training event registration. The data elements are described and documented within the online questionnaire and on hardcopy training event registration forms.
5. How will the data be used by the agency? Who is responsible for assuring proper use of the data?
The information that is captured and stored in the database is solely used to organize events, communicate with registrants, and process financial transactions for Revolving Fund training events. Responsibility to maintain confidentiality of this information rests with the EEOC Revolving Fund administrative and training staff.
6. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Other)?
There are internal and external users. Internal users are users that access the system to review data. All of these users require valid user identification and a password to access the system. The user identification and a password are created by the System administrator and are only issued to authorized users. Internal users are either authorized EEOC or System contractor employees and there are different levels of access to data. In addition to external user accounts, the following user types exist: System Administrator - access to meeting planner and administrative functions; Meeting Planner Ė access to view, create, modify, and delete the following: events, forms, web sites, registrations, and reports; and Meeting Owner - access to accept/deny invitations and view reports.
External users are able to enter registration data into the System. The external user can create their own user identification and password for subsequent data and information review and registration for additional training events in the future. The external user can update data and information they have previously entered into the System but does not have access to data entered by someone with different user identification and password.
7. How is access to the data by a user determined? Are criteria, procedures, controls, andresponsibilities regarding access documented?
Access to the data is determined by user type and is based on the userís need for data and level of access as approved by the System administration contractor.
8. Will users have access to all data on the system or will the usersí access be restricted?
System Administrator access is limited to software development and maintenance staff/contractors. Meeting Planner access is limited to select EEOC Revolving Fund staff. Meeting Owner access is limited to EEOC Outreach Coordinators and selected Revolving Fund staff.
External users are registrants who only have access to the data they have entered in the System with valid user identification and password.
9. What controls are in place to prevent the misuse (e.g. browsing) of data by those having access?
Level of access is granted to individuals based on user type. There are restrictions to level of access corresponding to user type. Access will be restricted if any misuse is noted.
10. Do other systems share data or have access to data in this system? If yes, explain. Who will be responsible for protecting the privacy rights of the taxpayers and employees affected by the interface?
No other systems share data or have access to data in the system. However, updated System job number data, and billing and collection financial data is transmitted daily to EEOCís Integrated Financial Management System (official EEOC accounting system) in batch files. Data transmitted in these batch files does not contain any registrant personal or organizationsí confidential information.
11. Will other agencies share data or have access to data in this system (International, Federal, State, Local, Other)?
No other agencies have direct access to this system. However information from the system may be shared with the U. S. Treasury, as outlined in response to Question #12.
12. How will the system ensure that agencies only get the information they are entitled to under applicable statutes or regulations?
Training event registration information fields are designed to solicit information that is only needed to identify training event registrants, their employers, evaluate training event marketing effort and collect payment. In order to collect potential delinquent payment, personal information may be required so that the U. S. Treasury will have the ability to offset other registrant federal payments if needed.
13. Is the use of the data both relevant and necessary to the purpose for which the system is being designed?
Yes. The data obtained is limited to what is required for a registrant to register for a training event and provide marketing feedback, and for EEOC to collect payment.
14. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?
No. The System does not have data-mining capability and is designed to only obtain training event registration and payment information.
14.1. Will the new data be placed in the Registrantís record?
The only new data in the System is updating of previously entered registration and payment information by the Registrant.
14.2. Can the system make determinations about Registrants that would not be possible without the new data?
14.3. How will the new data be verified for relevance and accuracy?
Data is only verified when Registrant registers for future training events and provides updated data and when Revolving Fund marketing campaigns result in returned or undeliverable mail.
15. If data is being consolidated, what controls are in place to protect the data from unauthorized access or use?
15.1. If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? Explain.
16. How will the data be retrieved? Can it be retrieved by personal identifier? If yes, explain. What are the potential effects on the due process rights of Registrants or companies of: consolidation and linkage of files and systems; derivation of data; accelerated information processing and decision making; use of new technologies. How are the effects to be mitigated?
An internal user can retrieve data by searching on a number of fields, including: last name, first name, electronic mail address, organization, event code, or telephone number. Some examples of why data may be retrieved would be to determine if a registrant is enrolled in a training event or needs to be notified of a change in the training event date, has made payment or to determine if an event has been set up in the System.
An external user, through use of user identification and password, can access the System to update previously entered information or register for additional training events.
The system has no effects on due process rights because it does not make any determinations with respect to registrants or companies.
17. Explain how the system and its use will ensure equitable treatment of Registrants. If the system is operated in more than one site, how will consistent use of the system and data be maintained in all sites?
System software logic rules based on type of training event, registration date and payment type are used to assign training event price. Users do not have the ability to modify training event pricing. Revolving Fund training event prices are entered in System reference table fields in advance of scheduled events and are based on training event length, method and timing of payment and cost recovery guidelines without regard to registrant personal and employer information. Since all registrants have access to the same software, equitable treatment is maximized.
17.1. Explain any possibility of disparate treatment of individuals or groups.
No personal information is solicited from registrants that identifies race, sex, nationality, national origin, religion, age or disability. The only exception is when registrants request special accommodations based on disability. Registrants must voluntarily provide sufficient information in order for EEOC to provide these accommodations. Moreover, the service delivered by the System is seat reservations for training events offered by the Revolving Fund. System program logic automatically reserves a seat, on a first come-first serve basis, for whoever registers for a training event.
18. What are the retention periods of data in this system?
Data is retained in the system indefinitely. Data can be updated or deleted at the request of registrants or if returned marketing material indicates address change.
18.1. What are the procedures for eliminating the data at the end of the retention period? Where are the procedures documented?
18.2. While the data is retained in the system, what are the requirements for determining if the data is still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?
Data is retained in the System as entered unless past registrants with data in the System update their data by registering for subsequent training events or returned mail indicates outdated addresses. Any incorrect data is immediately removed from the database.
19. Is the system using technologies in ways that the EEOC has not previously employed?
Yes. Prior to 2004, registrants did not have the ability to register for training events and pay online nor were registration billings and collections linked to the EEOC accounting system. Upon implementation of the System, the technology allowed registration and payment online as well as transfer of billing and collection data to the accounting system. In addition, the System has the capability for mass marketing of training events through use of electronic mail.
19.1. How does the use of this technology affect taxpayer/employee privacy?
There has been no effect on individual privacy.
20. Will this system provide the capability to identify, locate, and monitor individuals? If yes, explain.
This system has the capability to identify and locate individuals for verification of training event registration and payment and to market future events but not to monitor individuals.
20.1. Will this system provide the capability to identify, locate, and monitor groups of people? If yes, explain.
The system has the capability to identify and locate individuals who work for common employers (private and government), common federal agencies and who live in specific geographical areas. This information is used to comply with federal agency collection reporting requirements imposed by the Treasury and for marketing purposes.
20.2. What controls will be used to prevent unauthorized monitoring?
Only authorized users will have access to the data based on user type as described above. Moreover, the basic employee, employer and payment data required for training event registration is not the type of data that typically results in unauthorized monitoring.
21. Under which Systems of Record notice (SOR) does the system operate? Provide number and name.
EEOC-19, Revolving Fund Registrations.