1. Home
  2. Privacy
  3. Integrated Mission System (IMS) / Agency Records System (ARC) Privacy Impact Assessment

Integrated Mission System (IMS) / Agency Records System (ARC) Privacy Impact Assessment

The following laws, regulations, guidance, and orders establish specific requirements for the confidentiality, integrity, and availability of the data processed, stored, and transmitted by the EEOC Integrated Mission System (IMS) and the Agency Records Center (ARC):

Computer Fraud and Abuse Act of 1984
Federal Information Security Modernization Act of 2014
OMB Circular A-130, Appendix III
Paperwork Reduction Act of 1980
Privacy Act of 1974
Title VII of the Civil Rights Act of 1964, as amended
Equal Pay Act of 1963, as amended
Age Discrimination in Employment Act of 1967, as amended
Sections 501 and 505 of the Rehabilitation Act of 1973
Title I and Title V of the Americans with Disabilities Act of 1990, as amended
The Civil Rights Act of 1991
EEOC Order 240.005, EEOC Information Security Program
EEOC Order 240.005, Appendix A, Information Security Responsibilities of EEOC Employees
EEOC Order 150.003, Privacy Act of 1974, as amended
Public laws and regulations applicable to all federal agencies

The Federal Government must protect an individual’s right to privacy when it maintains, collects, or shares personal information. This assessment addresses the privacy impact of the EEOC IMS legacy applications and the modernized ARC applications.

Data in the System

1. Generally describe the information to be used in the system in each of the following categories: Complainant, Company, EEOC Employee, Other.

The IMS and ARC provide users with five different support capabilities as follows:

  • Private Sector & FEPA Services– maintains information on private sector charges of employment discrimination for use by staff within EEOC headquarters, field offices, and participating State and local government Fair Employment Practices Agencies (FEPAs). The system maintains the charging party’s name, address, and demographics; respondent company address and profile information; particulars about the details of the charge; and activities related to charge processing.
  • Federal Hearings - maintains information on federal complaint hearings records for use by staff within EEOC headquarters and field offices. The system maintains the complainant’s name, address, and demographics; agency name and address; particulars about the details of the complaint; and activities related to hearings processing.
  • Litigation - maintains information on EEOC litigation cases for use by staff within EEOC headquarters and field offices. The system maintains the charging party’s name, address, and demographics; respondent company address and profile information; particulars about the details of the case; and activities related to case processing.
  • Outreach – maintains information on outreach events sponsored by the EEOC.
  • Federal Appeals - maintains information related to appeals of federal complaint findings for use by staff within the EEOC headquarters office. The system maintains the complainant’s name, address, and demographics; agency name and address; particulars about the details of the complaint; and activities related to appeal processing.

Due to the risk associated with maintaining an individual’s Social Security Number, this data is no longer maintained or stored within the IMS or ARC.

2. What are the sources of the information in the system?

Primary sources of information are from the charging party/complainant, respondent/agency, legal representatives, and EEOC/FEPA staff.

2.1. What EEOC files and databases are used?

All data is stored within the structure of IMS and/or ARC databases and content management systems, which are located within EEOC’s managed cloud services.

2.2 What Federal Agencies are providing data for use in the system?

Other Federal Agencies provide data stored for Federal Hearings and Federal Appeals, consistent with what is included in the case file maintained by the Federal Agency’s EEO office.

2.3 What State and Local Agencies are providing data for use in the system?

EEOC’s Fair Employment Practices Agency (FEPA) State and local government partners use the ARC system to enter, maintain, or import, their charges of employment discrimination. FEPAs may also create and maintain information on state and local charges that are outside of EEOC’s federal jurisdiction.

2.4 What other third-party sources will data be collected from?

i. Information may be provided from third-party witnesses and uploaded into the charge record by the charging party, respondent, or EEOC/FEPA staff.

2.5 What information will be collected from the complainant or company?

The complainant, also referred to as the charging party or appellant, can provide the following information:

  • Full name
  • Address
  • E-mail address
  • Phone information (Home, Work and/or Cell)
  • Date of Birth
  • Race
  • National Origin
  • Sex
  • Representative(s) point of contact(s)
  • Details related to the charge/complaint and preferences related to processing

The company, also referred to as the respondent or agency, can provide the following information:

  • Name
  • Address
  • Phone
  • Fax
  • E-mail address
  • Institution Type
  • EEO Company ID
  • EEO Function
  • Employer Size
  • NAIC Code
  • Representative(s) point of contact(s)
  • Details related to the charge/complaint and preferences related to processing

3. How will data collected from sources other than EEOC records and the complainant or company be verified for accuracy?

All data is provided by the parties involved in the charge/complaint/case and is verified by an EEOC employee through direct communication as a part of the follow-up and investigation process. Data may also be provided by third-party witnesses but is verified prior to upload by one of the parties above. Charging Parties, complainants, respondents, and agencies may view and update their specific information maintained in IMS/ARC through web-service connections with EEOC’s Public Portals.

3.1 How will data be checked for completeness?

Certain data fields are monitored as a part of the data entry functionality with validation checks and rules to ensure completeness and consistency of required fields. ARC further increases data integrity through automated workflow and recordation.

3.2 Is the data current? How do you know?

Data currency is dependent on the status of the charge. It is validated and updated throughout the life cycle of the charge/complaint/case; however, is no longer updated once the charge/case/complaint is resolved or closed. Charging party records may be updated after closure, if the individual files an additional charge/case/complaint with the EEOC or FEPA.

4. Are the data elements described in detail and documented? If yes, what is the name of the document?

Data elements are described in the module specifications for each application of the IMS and ARC.

5. Who will have access to the data in the system (Users, Managers, System Administrators, Developers, Other)?

Each application has a system owner who controls access authorization for individuals under their purview. Designated individuals within each EEOC/FEPA offices manage role-based access permissions for users within their office. ARC enforces a two-step request/approval process. In addition to EEOC/FEPA staff users, IMS/ARC database administrators, system administrators, developers, and help desk support personnel have access to the IMS/ARC systems, as required.

6. How is access to the data by a user determined? Are criteria, procedures, controls, and responsibilities regarding access documented?

Each application has profile elements and roles that are used to control access within the system, down to particular elements of a charge, case, or complaint record. Each user is granted roles or permission within the applications that control access to data at the application and form level. Access level is determined by the EEOC/FEPA office director, for field employees. For HQ employees, access level is determined by their office director, in conjunction with the specific application’s system owner, thereby ensuring even greater restriction of access to data.

7. Will users have access to all data on the system or will the users’ access be restricted?

Access to data is first restricted by each application in the system and then by the access profile/role established for the user. Degree of access is controlled and monitored at the office director level, based on the user’s role and their “need to know” such data in order to perform their job duties.  Whereas some users have access to read, but not modify relevant data contained within the IMS/ARC database, most are restricted in their access and abilities to viewing a limited scope of data and modifying only data sets pertaining to their own investigations/cases.

8. What controls are in place to prevent the misuse (e.g. browsing) of data by those having access?

All users within the IMS/ARC must agree to and accept strict Rules of Behavior (ROB) and Privacy Act certifications prior to being granted access to data within the applications. The ROB and privacy requirements are additionally reviewed during system training and employee orientations. Additional restrictions are enforced by user roles to limit data access based on business need. Application/activity logs record the name of the individual that last updated a record, transactions made, and documents that are uploaded or viewed.

9. Do other systems share data or have access to data in this system? If yes, explain. Who will be responsible for protecting the privacy rights of the taxpayers and employees affected by the interface?

The EEOC’s Public Portals provide indirect access to specific charge/case data to authorized parties via secure web-services. In addition, the EEOC’s reporting database and enterprise data warehouse contain extracts of IMS/ARC data. EEOC is responsible for protecting the privacy rights of individuals affected by these interfaces.

10. Will other agencies share data or have access to data in this system (International, Federal, State, Local, Other)?

The only agencies that have direct access to data within the ARC database are the FEPAs, which conduct investigations of employment discrimination via contract with the EEOC. Part of their contract includes stipulations that they will abide by EEOC’s rules and regulations. These offices are limited to the data “accountable” to their office. Other research agencies contracted with EEOC also receive sanitized extracted information for the purposes of conducting their research. All extracted data is requested through appropriate channels and output content is controlled by EEOC.

11. How will the data be used by the agency? Who is responsible for assuring proper use of the data?

EEOC and FEPA offices use this data for the purposes of intake and investigation of charges of employment discrimination (including processing federal sector hearings and appeals). EEOC and FEPA staff are responsible for assuring proper use of the data, which is enforced by EEOC policies and Federal laws.

12. How will the system ensure that agencies only get the information they are entitled to under applicable statutes or regulations?   

Security controls tightly restrict any FEPA access to only those charge records “accountable” to their respective office. Although EEOC’s offices may view records within the entire database, their ability to modify or write to those records is greatly restricted.

Attributes of the Data

13. Is the use of the data both relevant and necessary to the purpose for which the system is being designed?


14. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?


14.1. Will the new data be placed in the individual’s record (complainant or company)?

Not applicable.

14.2. Can the system make determinations about complainants or companies that would not be possible without the new data?

Not applicable.

14.3. How will the new data be verified for relevance and accuracy?

Not applicable.

15. If data is being consolidated, what controls are in place to protect the data from unauthorized access or use?

The EEOC highly prioritizes information security and has a comprehensive defense- security program based on NIST Special Publication 800-53 Security and Privacy Controls for Federal Information Systems and Organizations. There are many layers of security utilizing different physical and software components in order to provide the highest level of protection. These security controls and measures are audited frequently and monitored continuously with state of the art automated vulnerability and compliance software suites   .

15.1. If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? Explain.

Access to the IMS/ARC data is granted by EEOC/FEPA Office Directors, based on business needs. The appropriate security controls are in place to protect the data and prevent unauthorized access. These controls have been verified through third-party risk assessments.

16. How will the data be retrieved? Can it be retrieved by personal identifier? If yes, explain. What are the potential effects on the due process rights of complainants or companies of: consolidation and linkage of files and systems; derivation of data; accelerated information processing and decision making; use of new technologies. How are the effects to be mitigated?

EEOC users access ARC via directory services with multi-factor authentication (MFA) single sign-on (SSO) authentication. FEPA staff use Business to Business (B2B) directory-based federated identity authentication with MFA. B2B users are also provisioned in the EEOC directory tenant as guests and go through OAuth 2.0 SOO with required MFA authentication. Legacy IMS access is based on username/strong password for authentication.  

There is no effect on due process rights when individual data is retrieved by staff. When aggregate data is retrieved and analyzed by research staff, agency-wide policy development at a macro level may be impacted. Decision-making at an individual or macro level is not controlled by technology tools. Rather, technology tools are utilized to enhance decision-making. Decision-making is controlled by agency-wide policy and regulations, as well as applicable laws and statutes through which the agency operates. Programmatic and managerial controls are in place to ensure due process rights for all individuals and companies/defendant agencies.

Maintenance of Administrative Controls

17. Explain how the system and its use will ensure equitable treatment of complainants or companies. If the system is operated in more than one site, how will consistent use of the system and data be maintained in all sites?

The IMS/ARC follow system-wide business rules based on agency work processes and laws governing discrimination, thereby ensuring equitable treatment of all individuals and entities. They are web-based, centrally located systems, with functions and rules centrally controlled and managed.

17.1. Explain any possibility of disparate treatment of individuals or groups.

To our knowledge, there is no possibility of disparate treatment of individuals or groups due to the use of IMS/ARC data.

18. What are the retention periods of data in this system?

At present, data maintained in IMS/ARC is retained indefinitely for historical reporting. Data retention schedules for charge/case document files is under EEOC/NARA review, with automated record management controls pending.

18.1. What are the procedures for eliminating the data at the end of the retention period? Where are the procedures documented?

Data within the IMS/ARC database is not eliminated; it is archived to a reporting database, removing that record, as needed, from the currently used production database. These procedures are system functions described in the system documentation. Record retention policies for related charge/case documents/files are presently under review.

18.2 While the data is retained in the system, what are the requirements for determining if the data is still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?

The life cycle processes internal to all EEOC and FEPA offices ensure “open” cases are updated throughout their lifetime.

19. Is the system using technologies in ways that the EEOC has not previously employed?

IMS utilizes legacy technologies and is being replaced with ARC in a phased manner. ARC utilizes modern technologies and secure cloud infrastructure.  

19.1. How does the use of this technology affect taxpayer/employee privacy?

Transmission of information employs secure technologies. Persistent cookies or tracking mechanisms are not employed. IMS/ARC data is handled in accordance with EEOC's policies and laws, including guidance from NIST Publication 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII), to ensure that PII is only accessed by authorized users with the need to access it.

20. Will this system provide the capability to identify, locate, and monitor individuals? If yes, explain.

Voluntarily submitted information contains identifying and contact information. That information is used by agency staff to send official correspondence required for the proper processing of charges/complaints/cases or to contact specific individuals and respondent companies/agencies on official business. The systems, however, cannot be used to monitor an individual.

20.1. Will this system provide the capability to identify, locate, and monitor groups of people? If yes, explain.

IMS/ARC maintains demographic information such as to Race/National Origin/Sex, etc. and charge allegation information. Therefore, IMS/ARC could be used to identify groups of individuals who have filed charges with the EEOC/FEPAs that match certain demographic profiles.

20.2. What controls will be used to prevent unauthorized monitoring?

The EEOC has established managerial and operational controls to ensure that IMS/ARC users do not engage in unauthorized monitoring.

21. Under which Systems of Record notice (SOR) does the system operate? Provide number and name.

EEOC-1, Age and Equal Pay Act Discrimination Case Files
EEOC-3, Title VII and Americans with Disabilities Act Discrimination Case Files
EEOC-6, Freedom of Information Act and Privacy Records
EEOC/GOVT -1, Equal Employment Opportunity in the Federal Government Complaint and Appeal Records

Updated 10/2022