Download:
pdf |
pdfPrivacy Impact Assessment
for the
U.S. Citizenship and Immigration Services
Electronic Immigration System
(ELIS-3)
Automated Background Functions
DHS/USCIS/PIA-043
May 16, 2012
Contact Point
Donald Hawkins
Privacy Officer
U.S. Citizenship and Immigration Services
(202) 272-8000
Reviewing Official
Mary Ellen Callahan
Chief Privacy Officer
Department of Homeland Security
(703) 235-0780
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 1
Abstract
U.S. Citizenship and Immigration Services (USCIS) is the component of the Department
of Homeland Security (DHS) that oversees lawful immigration to the United States. USCIS is
transforming its operations by creating a new electronic environment known as the USCIS
Electronic Immigration System (USCIS ELIS), which allows individuals requesting a USCIS
benefit to register online and submit certain benefit requests through the online system. This
system will improve customer service; increase efficiency for processing benefits; better identify
potential national security concerns, criminality, and fraud; and create improved access controls
and better auditing capabilities. This Privacy Impact Assessment (PIA) is being conducted
because USCIS ELIS collects and uses personally identifiable information (PII). This new
electronic environment is divided into three distinct processes: 1) Temporary Account and Draft
Benefit Requests; 2) Account and Case Management; and 3) Automated Background Functions.
This PIA addresses the Automated Background Functions process, which includes the actions
USCIS ELIS takes to ensure that serious or complex cases receive additional scrutiny by
detecting duplicate and related accounts and identifying potential national security concerns,
criminality, and fraud. USCIS is publishing separate PIAs for the other two USCIS ELIS
processes concurrent with this PIA.
Overview
U.S. Citizenship and Immigration Services (USCIS) is the component of the Department
of Homeland Security (DHS) that oversees lawful immigration to the United States. USCIS is
transforming its operations by creating a new electronic environment known as the USCIS
Electronic Immigration System (USCIS ELIS), which allows individuals requesting a USCIS
benefit to register online and submit certain benefit requests. This system will improve customer
service; increase efficiency for processing benefits; better identify potential national security
concerns, criminality, and fraud; and create improved access controls and better auditing
capabilities.
Applicants and petitioners (Applicants); co-applicants, beneficiaries, derivatives,
dependents, or other persons on whose behalf a benefit request is made or whose immigration
status may be derived because of a relationship to an Applicant (Co-Applicants); and/or their
attorneys and representatives recognized by USCIS and/or accredited by the Board of
Immigration Appeals (Representatives); may create individualized online accounts. These
online accounts help Applicants and their Representatives file for benefits, track the status of
open benefit requests, schedule appointments, change their addresses and contact information,
and receive notices and notifications regarding their cases. Through USCIS ELIS, individuals
may submit evidence electronically. Once an individual provides biographic information in one
benefit request, USCIS ELIS uses that information to pre-populate certain fields in future benefit
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 2
requests. This eases the burden on an individual so he or she does not have to repeatedly type in
the same information each time the individual is seeking a benefit from USCIS.
USCIS is publishing three PIAs to cover the following three distinct processes of this
new electronic environment and the privacy and security protections incorporated into USCIS
ELIS 1:
1. Temporary Accounts and Draft Benefit Requests: The DHS/USCIS/PIA-041
Temporary Accounts and Draft Benefit Requests (USCIS ELIS-1) PIA addresses
temporary data provided by Applicants or Representatives. All Applicants first
interact with USCIS ELIS by creating a temporary account, setting notification
preferences, and drafting their first benefit request. If a first-time Applicant does
not begin drafting a benefit request within 30 days of opening a temporary
account, USCIS ELIS deletes the temporary account. If he or she does not submit
the benefit request within 30 days of starting a draft benefit request, USCIS ELIS
deletes the temporary account and all draft benefit request data. If a first-time
Applicant submits the benefit request within 30 days, USCIS ELIS changes the
status of the account from temporary to permanent, at which point it is processed
according to the DHS/USCIS/PIA-042 Account and Case Management (ELIS-2)
PIA detailed below. Applicants with permanent USCIS ELIS accounts or
Representatives may also draft benefit requests. USCIS ELIS deletes all draft
benefit requests, both first-time and existing Applicants, if they are not submitted
within 30 days of initiation.
2. Account and Case Management: The DHS/USCIS/PIA-042 Account and Case
Management (USCIS ELIS-2)PIA addresses the activities undertaken by USCIS
after Applicants or Representatives submit a benefit request. USCIS ELIS uses
information provided on initial and subsequent benefit requests and subsequent
collections through the Account and Case Management process to create or
update USCIS ELIS accounts; collect any missing information; manage
workflow; assist USCIS adjudicators as they make a benefit determination; and
provide a repository of data to assist with future benefit requests. In addition,
USCIS ELIS processes and tracks all actions related to the case, including
scheduling appointments and issuing decision notices and/or proofs of benefit.
1
The three PIAs covering USCIS ELIS: DHS/USCIS/PIA-041, DHS/USCIS/PIA-042, and DHS/USCIS/PIA-043,
were conducted concurrently and are all available at
http://www.dhs.gov/files/publications/gc_1279308495679.shtm.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 3
3. Automated Background Functions: The DHS/USCIS/PIA-043 Automated
Background Functions (USCIS ELIS-3)PIA addresses the actions USCIS ELIS
takes to detect duplicate and related accounts, compare and append information from
existing immigration benefit data previously collected by USCIS, and identify potential
national security concerns, criminality, and fraud to ensure that serious or
complex cases receive additional scrutiny.
This DHS/USCIS/PIA-043 Automated Background Functions PIA supports the actions
USCIS ELIS takes to detect duplicate and related accounts, compare and append information from
existing immigration benefit data previously collected by USCIS, and identify potential national
security concerns, criminality, and fraud to ensure that serious or complex cases receive
additional scrutiny. The Automated Background Functions:
•
Ensure that USCIS merges duplicate accounts and identifies related accounts; and
•
Assist USCIS personnel in verifying the data submitted by the Applicant or
Representative, including comparing it to previously submitted application data
collected by other source USCIS systems;
•
Ensure that USCIS personnel appropriately consider national security, law
enforcement, and fraud risks in adjudicating the benefit request in light of the
background check results.
At several points during the processing of a benefit request, the Automated Background
Functions process consolidates and compares information collected from the USCIS ELIS
Account and Case data, other USCIS immigration benefit systems, and information from other
DHS and federal government agencies. USCIS ELIS uses certain rules to detect duplicates,
related cases, and/or issues that may raise potential national security, criminality, and fraud
concerns. When a rule’s conditions are met, USCIS ELIS generates a result and then routes it to
the appropriate USCIS personnel for review.
These Automated Background Functions operate in three stages: Assistance Rules,
Results Ranking, and Case Routing.
Assistance Rules
The Automated Background Functions component of USCIS ELIS processes information
received from the Accounts and Case Management (ACM) portion of USCIS ELIS (see
DHS/USCIS/PIA-042 Account and Case Management (ELIS-2) PIA by running a series of
automated assistance rules on the ACM information, comparing the information to existing
immigration benefit information collected generating results, and assigning confidence and
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 4
severity levels to those results. The results of these rules assist USCIS personnel in reviewing
the Applicant’s benefit request by flagging relevant information for consideration and resolution,
such as criminal history, use of aliases, and prior immigration benefits or proceedings. A
working group comprised of subject matter experts within USCIS develops rules based on
USCIS business needs. Senior-level leaders from the various directorates inside of USCIS,
including the Office of Chief Counsel and Office of Privacy, evaluate the proposed rules prior to
submission to USCIS leadership for approval. The approving leadership includes the Director of
USCIS and executive-level representatives from USCIS. These assistance rules support the
following functions:
(1) Detect Duplicates and Relationships: When an Applicant or Representative is
creating an account, USCIS ELIS will use the email address the individual provides to determine
if there is an existing account in ELIS associated with that address. USCIS ELIS also compares
biographic information provided via the new benefit request, a response to a request for evidence
(RFE), an update to account information, an interview, or other sources, with biographic
information in other USCIS ELIS accounts and existing immigration benefit systems. For
comparison purposes, USCIS ELIS retains a copy of certain biographic data from the following
existing immigration benefit systems:
•
Central Index System (CIS); 2
•
Computer Linked Account Information Management System (CLAIMS) 3; 3
•
CLAIMS 4; 4
•
Refugees, Asylum, and Parole System (RAPS); 5 and
•
Fraud Detection and National Security Data System (FDNS-DS). 6
2
DHS/USCIS/PIA-009 http://www.dhs.gov/files/publications/gc_1279308495679.shtm#6, DHS/USCIS-001 - Alien
File, Index, and National File Tracking System of Records June 13, 2011, 76 FR 34233
3
DHS/USCIS/PIA-016 http://www.dhs.gov/files/publications/gc_1279308495679.shtm#14, DHS-USCIS-007 Benefits Information System September 29, 2008 73 FR 56596
4
DHS/USCIS/PIA-015 http://www.dhs.gov/files/publications/gc_1279308495679.shtm#13; DHS-USCIS-007 Benefits Information System September 29, 2008 73 FR 56596
5
DHS/USCIS/PIA-027 http://www.dhs.gov/files/publications/gc_1279308495679.shtm#25, DHS/USCIS-010 Asylum Information and Pre-Screening January 5, 2010 75 FR 409
6
DHS/USCIS/PIA-013 http://www.dhs.gov/files/publications/gc_1279308495679.shtm#11, DHS-USCIS-006 Fraud Detection and National Security Data System (FDNS DS) August 18, 2008, 73 FR 48231
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 5
USCIS ELIS regularly updates the data it receives from existing immigration systems to provide
timely and accurate results. When a record is changed or updated in the source system, the
change or update is made to this copy of the record in USCIS ELIS Automated Background
Function. Records from the existing immigration benefit systems that are not associated with a
USCIS ELIS account are not retrieved. Records from existing immigration benefit systems that
are appended to the USCIS ELIS records are tagged with the origin of the data. If an individual
requests access to USCIS ELIS records that also have appended existing immigration benefit
data, USCIS will provide the individual access based on the access provisions of the existing
immigration benefit system of records.
USCIS ELIS uses both the existing USCIS ELIS Account and Case data and the
immigration benefit data to identify duplicate accounts and other existing records pertaining to
the individual. USCIS ELIS also compares new biographic information with data in other
accounts to discover relationships that the Applicant or Co-Applicant may have with other
individuals in other federal government systems. The results obtained from these comparisons
can be used by adjudicators to identify inconsistencies in the information provided by the
Applicant and prior immigration history contained in existing immigration benefit systems.
USCIS ELIS also performs these functions when USCIS personnel discover new
information during the course of reviewing a benefit request and performing external system
checks. By detecting duplicate and related accounts and records, USCIS ELIS has a more
complete picture to manage risks and fraud and detect law enforcement and national security
issues.
(2) Risk and Fraud Management: USCIS ELIS runs approved assistance rules against the
data provided by the Applicant or Representative, looking for known indications of fraud and
other inconsistencies by comparing it against other data in USCIS ELIS, existing immigration
benefit systems, and other systems internal and external to DHS. 7
(3) Law Enforcement and National Security Checks: USCIS ELIS automatically
performs background checks each time a new benefit request is submitted and at the discretion of
USCIS personnel during the processing of a benefit request. USCIS ELIS queries the new
information against several law enforcement and national security systems internal and external
to DHS, and verifies identity through fingerprints maintained in IDENT as well as the FBI .
USCIS ELIS, in an effort to account for variations in individuals’ names and other data elements,
performs the queries by combining data elements in various ways. Many systems return multiple
results, which USCIS ELIS sorts according to the likelihood that the result actually refers to the
individual applicant.
7
See 2.2 for a complete list of the systems and other systems USCIS ELIS uses to determine fraud and
inconsistencies.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 6
Results Ranking
When USCIS ELIS runs the assistance rules, the rules assign confidence and severity
levels to the results. Confidence levels indicate how strongly the information in one record
matches another record. For example, when considering multiple results from a background
check, USCIS ELIS assigns higher confidence levels to results that match the individual’s name,
date of birth, country of birth, and passport number than results that only partially match the
individual’s name and date of birth. A result’s confidence level must meet minimum thresholds
in order for the result to be presented to appropriate USCIS personnel and saved with the case or
account.
USCIS ELIS also prioritizes each rule result according to the potential severity of the
linked record. For example, USCIS ELIS prioritizes records with potential national security
implications over records relating to minor fraud. While this prioritization implies some level of
scoring, USCIS ELIS does not present scores to the USCIS employee responsible for reviewing
and adjudicating the associated benefit request. This ensures the USCIS employee does not
consider a number or score when rendering a decision on the benefit request.
Each result has a summary that includes the rule used to produce the result and any alerts
or flags to route and assist subsequent processing. USCIS ELIS provides a list of source record
identification (ID) numbers for all results to assist appropriate USCIS personnel reviewing the
results. For example, USCIS ELIS will provide the source record ID number of the law
enforcement system associated with the background check results.
Case Routing
Once the assistance rules have returned results with the associated confidence and
severity levels, USCIS ELIS routes the case to the appropriate USCIS personnel based on the
characteristics of the benefit request, including the nature of the results. USCIS ELIS refers
cases that do not contain indications of national security, fraud, or law enforcement risks to
USCIS adjudicators for processing as described in the DHS/USCIS/PIA-042 Account and Case
Management (ELIS-2) PIA. When USCIS ELIS generates Automated Background Functions
results, those results do not become part of the Applicant’s account or case until reviewed by
appropriate USCIS personnel. USCIS ELIS routes complex cases to more experienced USCIS
personnel and routes cases that indicate national security issues to the Fraud Detection and
National Security (FDNS) Directorate. 8
8
DHS/USCIS/PIA-013 Fraud Detection and National Security Data System (FDNS-DS) Privacy Impact
Assessment.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 7
Where cases are referred to an FDNS Officer, the FDNS Officer reviews the information
and, using information in the Fraud Detection and National Security Data System 9 (FDNS-DS),
provides a Statement of Findings to assist USCIS personnel in making a case determination.
When the FDNS Officer determines the results about the Applicant or Co-Applicant present a
national security, fraud, or law enforcement issue, the case may be referred to U.S. Immigration
and Customs Enforcement (ICE) for further investigation.
USCIS ELIS stores data used to query other systems, results from those queries that
pertain to the individual, and other data produced during this process with the USCIS ELIS
account assigned to the individual (see DHS/USCIS/PIA-042 Account and Case Management
(ELIS-2) PIA). When checking other systems, USCIS ELIS Account and Case data does not store
the contents of irrelevant results. If USCIS personnel determine that a record does not relate to
the individual, USCIS ELIS immediately deletes the content of that record and retains the record
ID to prevent it from being associated with the individual in the future.
Section 1.0 Authorities and Other Requirements
1.1
What specific legal authorities and/or agreements permit and
define the collection of information by the project in question?
The primary legal authority supporting the collection of the information provided to
USCIS is 8 U.S.C. § 1101 et seq. Specifically, 8 U.S.C. § 1360 established a central file of
information for the security and enforcement agencies of the Government of the United States
that contains the names of all aliens admitted or denied admission to the United States and such
other relevant information as required to aid in the proper enforcement of this chapter. The
Homeland Security Act of 2002, Pub. L. No.107-296, 116 Stat. 2135 (2002), 6 U.S.C. § 112, and
the INA charge the Secretary of Homeland Security with administration and enforcement of the
immigration and naturalization laws. The Secretary of Homeland Security has delegated duties
to USCIS pursuant to a DHS Management Directive MD 0150.1. DHS has also promulgated
regulations which permit the collection and processing of benefit requests online entitled,
“Immigration Benefits Business Transformation, Increment I.” 76 Fed. Reg. 53764 (August 29,
2011); “Immigration Benefits Business Transformation, Increment I; Correction.” 76 Fed. Reg.
73475, (Nov. 29, 2011).
The Government Paperwork Elimination Act (GPEA), 44 U.S.C. § 3504 (2004), provides
that, when possible, federal agencies use electronic forms, electronic filing, and electronic
submissions to conduct agency business with the public. GPEA establishes the criteria and
guidelines for the use of electronic signatures. Executive Order 13571, 75 Fed. Reg. 24339 (Apr.
9
DHS/USCIS-006 – Fraud Detection and National Security Data System (FDNS – DS), August 18, 2008, 73 FR
48231.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 8
27, 2011), requires federal agencies to develop plans to streamline delivery of services and
improve customer service by exploring lower-cost, self-service options accessed by the Internet
or mobile phone and improved processes that deliver services faster and more responsively,
reducing the overall need for customer inquiries and complaints.
1.2
What Privacy Act System of Records Notice(s) (SORN(s)) apply
to the information?
DHS/USCIS issued DHS/USCIS-016 - Electronic Immigration System-3 Automated
Background Functions System of Records 76 FR 70735 (November 15, 2011) to provide the
public with notice about USCIS’s collection, maintenance, and use of information in the
Automated Background Functions process. USCIS ELIS Automated Background Functions
process also relies on several existing System of Records Notices (SORNs) to support its
operation. The USCIS ELIS Automated Background Functions process takes information from
and returns results to the DHS/USCIS-015 – Electronic Immigration System-2 Account and Case
Management System of Records 76 FR 70739 (November 15, 2011).
In addition, as part of the process of identifying existing immigration benefit data on
individuals, USCIS ELIS retains data from the following system of records:
DHS/USCIS/ICE/CBP-001 - Alien File, Index, and National File Tracking System of Records
June 13, 2011, 76 FR 34233; DHS/USCIS-006 - FDNS DS August 18, 2008, 73 FR 48231;
DHS/USCIS-007 - Benefits Information System September 29, 2008 73 FR 56596; and
DHS/USCIS-010 - Asylum Information and Pre-Screening January 5, 2010 75 FR 409. Records
from existing immigration benefit systems maintained in ELIS are not retrieved by personal
identifier until an ELIS account matches data in one of the existing immigration benefit system
of records.
Internal DHS user roles and access information is covered by DHS/ALL-004 – General
Information Technology Access Account Records System (GITAARS), September 29, 2009, 74
FR 49882. All of these SORNs are available for review on the DHS Privacy website at
http://www.dhs.gov/privacy.
1.3
Has a system security plan been completed for the information
system(s) supporting the project?
Yes. The comprehensive System Security Plan (SSP) for USCIS ELIS, which includes
the activities associated with Automated Background Functions of USCIS ELIS, has been
developed. The Authority to Operate (ATO) was issued on December 6, 2011 and is valid
through July of 2012, at which point USCIS expects to issue a new 12-month ATO.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 9
1.4
Does a records retention schedule approved by the National
Archives and Records Administration (NARA) exist?
No. USCIS is currently in negotiations with NARA for approval of the USCIS ELIS data
retention and archiving plan. USCIS proposes retaining the copy of biographic data stored in the
USCIS ELIS Automated Background Functions system as long as the records exist in the source
system. However, USCIS is reviewing its retention requirements for the information as it
transitions to a fully electronic environment and may amend its retention, as needed.
USCIS proposes that, in compliance with NARA General Records Schedule 24,
section 6, “User Identification, Profiles, Authorizations, and Password Files,” internal user
accounts will be destroyed or deleted six years after the user account is terminated, or when no
longer needed for investigative or security purposes, whichever is later.
1.5
If the information is covered by the Paperwork Reduction Act
(PRA), provide the OMB Control number and the agency number
for the collection. If there are multiple forms, include a list in an
appendix.
The information used in the Automated Background Functions comes from the Account
and Case Management process (covered by the OMB control numbers listed in the
DHS/USCIS/PIA-042 Account and Case Management (ELIS-2) PIA Appendix) and other DHS,
federal and state government systems and international law enforcement entities (e.g.
INTERPOL). USCIS ELIS Automated Background Functions do not collect information
directly from the public.
Section 2.0 Characterization of the Information
2.1
Identify the information the project collects, uses, disseminates, or
maintains.
During the Automated Background Functions process, USCIS ELIS does not collect
additional data from the Applicant, Co-Applicant, or Representative. Rather, information is
collected from the Applicant, Co-Applicant, and his or her Representative through the processes
described in the DHS/USCIS/PIA-041 Temporary Account and Draft Benefit Request (ELIS-1)
PIA and DHS/USCIS/PIA-042 Account and Case Management (ELIS-2) PIA. USCIS ELIS
compares information from the Applicant’s or Co-Applicant’s USCIS ELIS account and case
against other USCIS ELIS accounts and cases, existing USCIS immigration benefit data (CIS,
CLAIMS 3, CLAIMS 4, RAPS, and FDNS-DS) as well as information in other existing systems
at DHS, other federal and state government agencies, and international law enforcement entities
(e.g.; INTERPOL). The USCIS ELIS Automated Background Functions system stores the
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 10
results from the Automated Background Functions until USCIS personnel reviews and
determines the information is related to the Applicant’s or Co-Applicant’s USCIS ELIS Account
and Case data. This review includes relevant results from external systems, relevant rules,
confidence and severity levels, and case routing data.
Note: USCIS ELIS Automated Background Functions do not access or use any data from
temporary accounts or draft benefit requests (as defined in the DHS/USCIS/PIA-041 Temporary
Accounts and Draft Benefit Requests (ELIS-1) PIA).
2.2
What are the sources of the information and how is the
information collected for the project?
USCIS ELIS Automated Background Functions compare information from the USCIS
ELIS Account and Case data against other USCIS ELIS accounts and cases, as well as other
USCIS immigration benefit data. Certain data elements from the following USCIS systems are
ingested into USCIS ELIS:
•
DHS/USCIS/PIA-009 – Central Index System (CIS).
o DHS/USCIS-001 – Alien File, Index, and National File Tracking System of
Records, June 13, 2011, 76 FR 34233.
•
DHS/USCIS/PIA-016 – Computer Linked Application Information Management System
Version 3 (CLAIMS 3).
o DHS-USCIS-007 – Benefits Information System (BIS), September 29, 2008, 73 FR
56596.
•
DHS/USCIS/PIA-015 – Computer Linked Application Information Management System
Version 4 (CLAIMS 4).
o DHS-USCIS-007 – Benefits Information System (BIS), September 29, 2008, 73 FR
56596.
•
DHS/USCIS/PIA-027 – Refugee, Asylum, and Parole System and the Asylum PreScreening System (RAPS/APSS).
o DHS/USCIS-010 – Asylum Information and Pre-Screening, January 5, 2010, 75
FR 409.
•
DHS/USCIS/PIA-013 – Fraud Detection and National Security Data System (FDNS-DS).
o DHS-USCIS-006 – Fraud Detection and National Security Data System (FDNS
DS), August 18, 2008, 73 FR 48231.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 11
In addition, USCIS Automated Background Functions conduct queries against the following
systems noted below. USCIS does not ingest this data. Responses from these systems will be
appended to the USCIS ELIS account information.
•
DHS/CBP/PIA-009 – TECS System: CBP Primary and Secondary Processing.
o DHS/CBP-011 – U.S. Customs and Border Protection TECS, December 19, 2008,
73 FR 77778.
•
DHS/ICE/PIA-001 – Student and Exchange Visitor Information System (SEVIS).
o DHS/ICE 001 – Student and Exchange Visitor Information System (SEVIS),
January 5, 2010, 75 FR 412.
•
DHS/ICE/PIA-015 – Enforcement Integrated Database (EID).
o DHS/ICE-011 – Immigration Enforcement Operational Records System
(ENFORCE), May 3, 2010, 75 FR 23274.
•
DHS/US-VISIT/PIA-005 – Arrival Departure Information System (ADIS).
o DHS/USVISIT-001 – Arrival and Departure Information System (ADIS), August
22, 2007, 72 FR 47057.
•
DHS/US-VISIT/PIA-002(b) – Enumeration Services of the Automated Biometric
Identification System (IDENT).
o DHS/USVISIT-0012 – DHS Automated Biometric Identification System (IDENT),
June 5, 2007, 72 FR 31080.
USCIS ELIS Automated Background Functions may also gather information from systems
outside of DHS. These include:
•
Department of State – Consular Consolidated Database (CCD).
•
Department of Justice Executive Office for Immigration Review – Case Access System
for the Executive Office of Immigration Review (CASE).
o JUSTICE/EOIR-001-Records and Management Information System, May 11,
2004, 69 FR 26179.
•
Department of Justice Federal Bureau of Investigation – Central Records System (CRS).
o JUSTICE/FBI-002- FBI Central Records System, February 20, 1998, 64 FR
52343.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 12
•
Department of Justice Federal Bureau of Investigation – Fingerprint Identification
Records System (FIRS).
o JUSTICE/FBI-009-Fingerprint Identification Records System (FIRS), September
28, 1999, 64 FR 52347.
2.3
Does the project use information from commercial sources or
publicly available data? If so, explain why and how this
information is used.
USCIS ELIS does not currently connect to commercial sources or publicly-available data.
However, USCIS personnel do use commercial sources outside of USCIS ELIS (e.g., LexisNexis
or Dun & Bradstreet) to verify information provided by the Applicant with respect to his or her
eligibility for the requested benefit. If relevant to the case, USCIS personnel input and store
notes or data from these commercial sources with the USCIS ELIS Account and Case data. Once
this data is entered into the USCIS ELIS account or case, the information is processed through
the Automated Background Functions process.
2.4
Discuss how accuracy of the data is ensured.
During the Automated Background Functions process, USCIS ELIS uses data from the
USCIS ELIS Account and Case. USCIS ELIS collects this information directly from the
Applicant or Representative to ensure USCIS ELIS uses the most accurate data when comparing
it against other accounts and querying other systems. USCIS ELIS also ingests certain
biographic data elements from existing USCIS immigration benefit systems and updates this
copy of existing system data routinely. USCIS relies on source system owners for accurate data
from the source systems.
When USCIS ELIS generates Automated Background Functions results, those results do
not become part of the Applicant’s account or case until reviewed by appropriate USCIS
personnel. Trained USCIS personnel review the results, both to help ensure the information
provided by the individual is correct and to identify other information relevant to the case. Once
USCIS personnel have determined the information accurately pertains to the individual, USCIS
ELIS stores the information with the individual’s account or case. If USCIS personnel determine
that a record does not relate to the individual, USCIS ELIS immediately deletes the content of
that record and retains the record ID to prevent it from being associated with the individual in the
future.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 13
2.5
Privacy Impact Analysis: Related to Characterization of the
Information
Privacy Risk: There is a risk that an Applicant’s or Co-Applicant’s data could be
improperly matched with data from other systems and sources that do not pertain to the
Applicant or Co-Applicant.
Mitigation: USCIS ELIS queries other systems using data provided by the Applicant or
Representative to ensure results are accurate. USCIS ELIS further ensures the results refer to the
Applicant or Co-Applicant by assigning confidence levels to the results and having the
appropriate USCIS employees review the information before permanently associating it with the
Applicant or Co-Applicant. USCIS routinely reviews rules to mitigate inaccurate results being
presented to USCIS personnel for review.
Privacy Risk: There is a risk that USCIS ELIS could generate risk scores for individuals
resulting in unfair adjudication decisions.
Mitigation: USCIS does not assign risk scores to individuals. Rather, USCIS ELIS
assigns confidence and severity levels to the automated background check results, which are then
used to prioritize the list of results for the appropriate USCIS employee’s review. The
confidence levels created by USCIS ELIS do not determine the risk of the individual, but
measure the likelihood that a result from another system or account actually refers to the
individual. Severity levels help USCIS personnel prioritize potentially serious possible matches
above relatively minor possible matches. To prevent USCIS employees from being swayed in
their analysis, the severity levels are hidden from USCIS employees who are responsible for
reviewing and adjudicating benefit requests and are only used to prioritize the results.
Authorized USCIS personnel also view a list of links to all the applicable records in the source
systems, such as background check results when querying law enforcement systems, to verify the
results of the rule.
Privacy Risk: There is risk that data is inaccurately copied when ingested into USCIS
ELIS.
Mitigation: USCIS has regular updates from the existing immigration benefit systems to
ensure the data is as accurate as possible. In addition, USCIS will make data from the existing
immigration benefit systems available to the individual based on the underlying system of
records for the data ingested into the Automated Background Functions.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 14
Section 3.0 Uses of the Information
3.1
Describe how and why the project uses the information.
USCIS primarily uses the information collected for the benefit decision-making process
to determine any potential national security or law enforcement risks and fraud, and to ensure the
integrity of the immigration system. The Automated Background Functions assist USCIS
personnel in verifying the data submitted by the Applicant or Representative, ensure that USCIS
merges duplicate accounts and identifies related accounts, and ensures that USCIS personnel
appropriately consider background check results, national security, law enforcement, and fraud
risks when adjudicating the benefit request.
The Automated Background Functions process consolidates and compares information
collected from the USCIS ELIS account and case, existing USCIS immigration benefit systems,
and information from other DHS, federal and state government agencies, and international law
enforcement entities (e.g. INTERPOL). When a rule’s conditions are met, USCIS ELIS
generates a result identifying the potential match or risk. USCIS ELIS assigns the result a
confidence and severity level and routes it so that the appropriate USCIS personnel can review
the most relevant data to the account or case in question. Result summaries include the rule used
to produce the result and any alerts or flags to control subsequent processing.
USCIS ELIS Automated Background Function does not allow USCIS officers manually
create and run their own rules. Rules can only be implemented through the governance process
as described above (see Overview). The Automated Background Functions process creates a
prioritized list of results for USCIS personnel to review. USCIS personnel are trained to review
the first cases in the list because they are possibly the highest risk for national security, public
safety, and/or fraud. Finally, USCIS ELIS will create an audit trail of the data analyzed, routing
of the case, and results of the Automated Background Functions process verify the system is
being used appropriately .
3.2
Does the project use technology to conduct electronic searches,
queries, or analyses in an electronic database to discover or locate
a predictive pattern or an anomaly? If so, state how DHS plans to
use such results.
No. The Automated Background Functions do not identify predictive patterns or
anomalies. Using the individual’s biographic information, USCIS ELIS Automated Background
Functions rules only identify possible matches to other records in USCIS systems, match to
known fraud indicators, and send queries to DHS and other federal government systems, listed in
2.2, above.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 15
3.3
Are there other components with assigned roles and
responsibilities within the system?
No. USCIS does not assign other components roles and responsibilities within the
Automated Background Functions portion of USCIS ELIS.
3.4
Privacy Impact Analysis: Related to the Uses of Information
Privacy Risk:
individuals or groups.
There is a risk that USCIS could use improper rule sets to target
Mitigation: USCIS has a robust governance process in place, including review of rules,
policies, and procedures associated with the USCIS ELIS Automated Background Functions.
USCIS currently requires potential rules to be developed by a working group of USCIS
employees and recommended to a group of delegates from each of the USCIS directorates, the
Office of Chief Counsel, and Office of Privacy. With the approval of these delegates, USCIS
requires a governing body, consisting of the Director of USCIS and senior executives, to approve
the rule before being implemented.
Privacy Risk: There is a risk that USCIS could deny a benefit based on incorrect
information.
Mitigation: USCIS collects information directly from the Applicant or Representative
through USCIS ELIS to ensure it uses accurate information to detect duplicates, potential fraud,
and perform system queries. Once the results are returned and prioritized according to
confidence and severity levels, USCIS requires human adjudication and review by trained
USCIS personnel before making a determination. USCIS ELIS routinely updates its information
from all source systems to ensure accurate and timely information is used in the decision-making
process. USCIS provides the individual the opportunity to challenge the information during the
interview process, appeals process, or through an RFE, as applicable. In many cases, USCIS
ELIS provides Applicants the opportunity to refute derogatory information before USCIS denies
a benefit request if the information is the basis for the denial.
Privacy Risk: There is a risk that USCIS employees might abuse the Automated
Background Functions for personal use.
Mitigation: USCIS trains employees with access to the Automated Background
Functions about the appropriate use of the system and features. USCIS ELIS will create an audit
trail of the data analyzed, routing of the case, and assistance rules results for needed USCIS
personnel investigations and adverse actions.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 16
Section 4.0 Notice
4.1
How does the project provide individuals notice prior to the
collection of information? If notice is not provided, explain why
not.
While the information to be used in the Automated Background Functions is covered by
other DHS and other federal government SORNs (see 1.2, above), USCIS published
DHS/USCIS-016 - Electronic Immigration System-3 Automated Background Functions System of
Records 76 FR 70735 (November 15, 2011) to provide the public notice about the retention of
the biographic information used to find related records and identify national security and public
safety concerns. Further, USCIS is engaged in a public relations campaign to notify the public
about USCIS ELIS and posts updates on www.uscis.gov/elis.
USCIS presents individuals who use USCIS ELIS with a Privacy Act Statement as
required by Section (e)(3) of the Privacy Act before logging in to USCIS ELIS and before
submitting any information. All paper-based applications include a Privacy Act Statement on the
benefit request form. The Privacy Act Statement details the authority to collect the information
requested, purpose(s) for which the information is intended to be used, routine uses which may
be made of the information, and any effects on the individual of not providing the requested
information. Lastly, USCIS notifies the individual and obtains consent before collecting
information from an individual in person at Application Support Centers (ASC) or in interviews.
4.2
What opportunities are available for individuals to consent to
uses, decline to provide information, or opt out of the project?
Providing information to USCIS ELIS is a voluntary act on the part of the Applicant or
Representative. USCIS ELIS informs the Applicant or Representative at the point of data
collection that it is within his or her right to decline to provide the requested information;
however, failure to provide accurate information may delay a final decision or result in denial of
any pending benefit requests. USCIS ELIS gives Applicants and Representatives several
opportunities to update their accounts or correct information in an interview, if applicable. Once
an Applicant or Representative has provided information to USCIS ELIS, he or she may not
consent to particular uses.
Pursuant to 8 CFR 103.2(a)(3), Co-Applicants may not access, modify, or participate in
benefit requests submitted by the Applicant. However, Co-Applicants may create their own
USCIS ELIS accounts and submit their own benefit requests.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 17
4.3
Privacy Impact Analysis: Related to Notice
Privacy Risk: There is a risk that an Applicant or Co-Applicant may not be fully aware
that the information contained in their USCIS ELIS account and case will be used to conduct an
inquiry into benefits eligibility, including national security and law enforcement checks.
Mitigation: USCIS provides individual notice through the publication of a SORN in the
Federal Register and this PIA. USCIS also notifies Applicants in the form of a Privacy Act
Statement that the information they provide is being collected to determine eligibility for
immigration benefits, including national security and law enforcement checks. USCIS informs
Applicants before submission that the information they provide about themselves and any CoApplicants must be accurate and complete.
Section 5.0 Data Retention by the project
5.1
Explain how long and for what reason the information is retained.
USCIS proposes storing relevant query results, related rule descriptions, and scores that
were generated through the Automated Background Function process in the USCIS ELIS
account and case. (See the DHS/USCIS/PIA-041 Account and Case Management (ELIS-2) PIA
and SORN). Records returned through system checks that are determined to be irrelevant will be
discarded immediately, retaining only minimal identifying information in the account or case to
indicate the records are not related to the individual. USCIS proposes storing the copy of all
biographic data from USCIS ELIS and existing immigration benefit systems in USCIS ELIS as
long as the records in the source systems.
Once available, USCIS ELIS will keep active audit logs recording every system action
for 90 days, then archives the audit logs for seven years. USCIS proposes that, in compliance
with NARA General Records Schedule 24, section 6, “User Identification, Profiles,
Authorizations, and Password Files,” internal USCIS personnel accounts will be destroyed or
deleted six years after the account is terminated or when no longer needed for investigative or
security purposes, whichever is later.
5.2
Privacy Impact Analysis: Related to Retention
Privacy Risk: There is a risk that USCIS ELIS may retain outdated or inaccurate PII by
keeping a copy of data from existing immigration benefit systems in a separate data store.
Mitigation: USCIS must retain a copy of certain biographic data from USCIS ELIS and
existing immigration benefit systems to conduct searches that identify all applicable records
regarding the individual. USCIS ELIS retains a copy of biographic data in the Automated
Background Functions for the same period of time as it is kept by the source system. USCIS
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 18
ELIS immediately discards records returned through system checks that are determined to be
irrelevant, retaining only minimal identifying information to indicate the records are not related
to the individual to prevent a repeat mismatch. This copy is regularly updated from existing
immigration benefits systems to ensure changes are reflected in the USCIS ELIS copy.
Privacy Risk: There is a risk that USCIS ELIS is retaining more than the minimum PII
necessary for the Automated Background Functions process.
Mitigation: USCIS ELIS only retains certain biographic data elements from existing
systems necessary to identify data related to the Applicant; not full copies of the existing
systems. If the source system deletes or modifies the record, USCIS ELIS makes the same
deletion or modification to its copy. This also ensures that data is not kept beyond the source
system’s retention period.
Privacy Risk: There is a risk that USCIS ELIS will retain inaccurate or outdated
Automated Background Functions results in an Applicant’s Account and Case data.
Mitigation: When USCIS ELIS generates Automated Background Functions results,
those results do not become part of the Applicant’s account or case until reviewed for accuracy
by appropriate USCIS personnel. USCIS ELIS routes complex cases to more experienced USCIS
personnel and routes cases that indicate national security issues to the FDNS Directorate. USCIS
put these processes in place to ensure that only accurate, relevant, and fair Automated
Background Functions results are attached to the Applicant’s Account and Case data.
Upon review, USCIS personnel store and maintain relevant results according to the
DHS/USCIS-015 – Electronic Immigration System-2 Account and Case Management SORN.
USCIS personnel discard results that do not pertain to the individual.
Section 6.0 Information Sharing
6.1 Is information shared outside of DHS as part of the normal
agency operations? If so, identify the organization(s) and how the
information is accessed and how it is to be used.
Yes, USCIS ELIS shares information from the Applicant’s account and any benefit
requests, as well as from the account of the Applicant’s representative, outside of DHS to
perform system queries as part of the Automated Background Functions process. USCIS ELIS
shares biographic information from the account or case with the Department of State and
receives visa information in return. USCIS provides biometric and biographic information from
the account or case to, and receives criminal history information from, the Department of Justice
(DOJ) Federal Bureau of Investigation. USCIS provides biographic information from the
individual’s account or case to, and receives biographic and immigration court data from, the
DOJ Executive Office of Immigration Review. The copy of biographic information stored in
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 19
USCIS ELIS’s Automated Background Functions is not routinely shared outside of DHS except
in cases of litigation, system breach, or otherwise provided in the DHS/USCIS-016 - Electronic
Immigration System-3 Automated Background Functions SORN.
6.2
Describe how the external sharing noted in 6.1 is compatible with
the SORN noted in 1.2.
The applicable SORNs listed in Section 1.2 above allow for the sharing of information,
stored in the USCIS ELIS account or case, for law enforcement, national security, and benefit
eligibility purposes. DHS may provide the information stored in the account or case and a copy
of the biographic information stored in the Automated Background Functions as relevant and
necessary to any litigation or court proceeding involving a federal agency. DHS also shares this
information with the appropriate agencies, entities, and persons when DHS suspects or has
confirmed that there has been a real or suspected breach of information security.
6.3
Does the project place limitations on re-dissemination?
Yes. DHS has Memoranda of Understanding (MOUs) in place with external
organizations for recurring information sharing processes. When sharing information with
parties outside of DHS, DHS requires the same specifications related to security and privacy that
are in place for USCIS and DHS apply to the outside entity. Access to records is governed by
need-to-know criteria that demand the receiving entity demonstrate the mission-related need for
the data before access is granted. The reason for the access, an intended use consistent with the
receiving agency’s purpose, USCIS’s justification for collecting the data, and an
acknowledgement that the receiving agency will not share the information without USCIS’s
permission are also concerns that are included in either the terms of a negotiated MOU or the
language of an authorization providing information to an external agency.
6.4
Describe how the project maintains a record of any disclosures
outside of the Department.
For data sharing on an ad hoc basis, USCIS requires a representative from an outside
agency to specify in writing the information being sought and the justification for the request.
USCIS also requires the outside agency representative to sign a non-disclosure statement or
record of disclosure, as appropriate, before the information is released. As required by the
Privacy Act, USCIS maintains a record of these ad hoc sharing transactions.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 20
6.5
Privacy Impact Analysis: Related to Information Sharing
Privacy Risk: There is a risk that the copy of all biographic data from USCIS ELIS and
existing immigration benefit systems stored in USCIS ELIS’s Automated Background Functions
may be shared for a purpose inconsistent with the original collection or to an unnecessary degree.
Mitigation: USCIS ELIS Automated Background Functions only uses the copy of all
biographic data from USCIS ELIS and existing immigration benefit systems in USCIS ELIS
internally. The Automated Background Functions process will not externally share a copy of all
biographic data; rather, that data will only be shared as described in the DHS/USCIS/PIA-042
Account and Case Management (ELIS-2) PIA. New content generated by the Automated
Background Functions (e.g., summaries of findings) may be shared externally if the USCIS ELIS
account and case data is shared externally, as it is stored as part of the case data. Where
information from USCIS ELIS is shared, USCIS limits the risk of improper sharing by the data
sharing agreements in place along with the appropriate MOUs. For ad hoc disclosures, USCIS
provides only the requested information to prevent any otherwise unauthorized or inappropriate
release of information.
Section 7.0 Redress
7.1
What are the procedures that allow individuals to access their
information?
DHS promulgated a Final Rule 10 exempting this system from certain provisions of the
Privacy Act (PA) pursuant to 5 U.S.C. § 552a(k)(2). Records from existing immigration benefit
systems that are appended to the USCIS ELIS records are tagged with the origin of the data. If
an individual requests access to USCIS ELIS records that also have appended existing
immigration benefit data, USCIS will provide the individual access based on the access
provisions of the existing immigration benefit system of records. According to its exemption,
however, USCIS will not provide access to records of a law enforcement nature if the systems
queried and results returned may not be appropriate for external access. Some biographic
information in USCIS ELIS Automated Background Functions may relate to official DHS
national security, law enforcement, and immigration activities. The exemptions are required to
preclude subjects from compromising an ongoing law enforcement, national security or fraud
investigation; to avoid disclosure of investigative techniques; to protect the identities and
physical safety of confidential informants and law enforcement personnel; and to ensure DHS’s
ability to obtain information from third parties and other sources. Additionally, many of the
functions in this system require retrieving records from law enforcement systems. Where a
10
76 FR 70637 (November 15, 2011).
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 21
record received from another system has been exempted in that source system under 5 U.S.C. §
552a(j)(2), DHS claims the same exemptions for those records as are claimed for the original
primary originating systems of records and claims any additional exemptions in accordance with
this system. However, individuals may seek access to Automated Background Functions records
not otherwise exempt from disclosure by submitting a Freedom of Information Act (FOIA)
request or PA request using the forms and procedures outlined on the DHS web page at
http://www.dhs.gov/foia. All requests for access must be made in writing. For those individuals
subject to the PA, proper identification (a notarized signature or sworn statement submitted
under penalty of perjury) must be included. Requesters are required to provide their full name,
date and place of birth, and return address.
Individuals may request access to their information by submitting a request to USCIS in
writing at the following address:
National Records Center
FOIA/PA Office
P.O. Box 648010
Lee’s Summit, MO 64064-8010
7.2
What procedures are in place to allow the subject individual to
correct inaccurate or erroneous information?
Individuals may seek access to records maintained in USCIS related to the Automated
Background Function process by submitting a PA or FOIA request as stated above. USCIS
provides the individual the opportunity to challenge the information during the interview
process, appeals process, or through an RFE, as applicable. In many cases, USCIS ELIS
provides Applicants the opportunity to refute derogatory information before USCIS denies a
benefit request if the information is the basis for the denial. If the information is inaccurate,
USCIS personnel will make the appropriate notations in USCIS ELIS.
7.3
How does the project notify individuals about the procedures for
correcting their information?
USCIS notifies Applicants about the process for correcting information before
submission through warning banners, a pre-submission PDF for review, and through the account
update feature in USCIS ELIS. USCIS informs individuals during the interview process that
they may provide or correct information regarding their benefit request. Otherwise, the
individuals are notified through the publication of the appropriate SORNs and this PIA.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 22
7.4
Privacy Impact Analysis: Related to Redress
Privacy Risk: There is a risk that inaccurate Automated Background Functions rule
results may result in the USCIS personnel improperly denying the Applicant’s benefit request. If
the Applicant cannot obtain access to derogatory or erroneous information, the individual cannot
correct the inaccuracy.
Mitigation: Because of the law enforcement nature of the systems queried, Applicants
are not provided a formal redress procedure for the Automated Background Function process.
However, USCIS provides the individual the opportunity to challenge the information during the
interview process, appeals process, or through an RFE or Notice of Intent to
Deny/Revoke/Withdraw, as applicable. In many cases, USCIS ELIS provides Applicants the
opportunity to refute derogatory information before USCIS denies a benefit request if the
information is the basis for the denial.
Section 8.0 Auditing and Accountability
8.1
How does the project ensure that the information is used in
accordance with stated practices in this PIA?
USCIS ELIS will employ role-based access controls to minimize access to information
beyond necessary for each user’s job duties. USCIS ELIS will keep audit logs to record which
users access the system and what information was viewed by the user. Records of the individual
case and account histories will track who created, deleted, or edited a record and when the
change was made.
In accordance with National Institute of Standards and Technology (NIST) controls and
OMB requirements, staff and/or administrators of USCIS ELIS conduct a self-assessment of
privacy policies and security controls, at least annually, to determine the extent to which policies
and controls are implemented correctly, operating as intended, and meet the privacy and security
requirements for the operating environment.
8.2
Describe what privacy training is provided to users either
generally or specifically relevant to the project.
All internal USCIS ELIS users, including federal employees and contractors, must
complete annual privacy training to ensure they properly handle PII. DHS personnel,
contractors, and vendors with significant security responsibilities (e.g., ISSOs, system
administrators) receive initial specialized training, and annual refresher training thereafter,
specific to their security and privacy responsibilities. USCIS ELIS incorporates simulated events
into incident response training to facilitate effective response by personnel. Staffs who are
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 23
responsible for maintaining USCIS ELIS also train personnel in their incident response roles and
responsibilities with respect to the USCIS solution. They also provide refresher training on an
annual basis.
USCIS maintains training records, including name, position, type of training received,
and costs of training. USCIS requires internal users to complete security and privacy awareness
training before authorizing accounts.
8.3
What procedures are in place to determine which users may
access the information and how does the project determine who
has access?
USCIS ensures that all USCIS ELIS employees are trained and agree to the system’s
rules of behavior before being granted access. USCIS provides security awareness training to all
information system users (including managers, senior executives, and contractors) as part of
initial training for new users, when required by system changes, and annually thereafter. DHS
personnel and contractors with significant security responsibilities (e.g., ISSOs, system
administrators) receive initial specialized training, and annual refresher training thereafter,
specific to their security responsibilities prior to being granted access to DHS IT systems.
USCIS ELIS has formal documented procedures that establish appropriate divisions of
responsibility and separate duties, as needed, to eliminate conflicts of interest in the
responsibilities and duties of individuals. The purpose of this segregation of duties is to prevent
users from having all of the necessary authority or access to information to perform fraudulent
activity absent collusion.
Access controls for USCIS ELIS will follow the principles of least privilege necessary to
complete the assigned tasks. USCIS maintains a list of security functions deployed in hardware,
software, and firmware and security-related information. USCIS explicitly authorizes access to
that functionality when feasible. In addition, USCIS advises users with privileges to use nonprivileged access when accessing functions that do not require privileged access.
USCIS ELIS employees will have access to different views and content based on their
roles and access privileges. USCIS ELIS will record all employee access along with their
activities in USCIS ELIS. USCIS ELIS will limit each user’s view to the data required to
perform their job functions (e.g., adjudicator, supervisor, or performance analyst).
In addition, USCIS requires these rules to control access to the Automated Background
Function tools:
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 24
1. All information in the Automated Background Functions system is For Official Use
Only (FOUO) and some information is Law Enforcement Sensitive.
2. Assistance rules are not accessible outside of the Automated Background Functions
governance process. They are visible to USCIS personnel involved in the benefit decisionmaking process only to show why a result was returned.
3. Working group members that develop the assistance rules and the systems managers
will be the only persons with functional access to the Automated Background Function process
in USCIS ELIS. No other USCIS personnel will be able to modify the Automated Background
Functions process directly.
USCIS ELIS preserves the results of the queries within the USCIS ELIS account and/or
case to document the evidence available at each point in the case life cycle. As account and case
records, results are accessible to USCIS personnel under USCIS ELIS’s access control rules and
audit procedures. USCIS personnel who do not have a job function requiring them to see the
results or any portion of the Automated Background Function process will not have access to
those portions of USCIS ELIS.
�Privacy Impact Assessment
USCIS ELIS-3 Automated Background Functions
Page 25
8.4
How does the project review and approve information sharing
agreements, MOUs, new uses of the information, new access to the
system by organizations within DHS and outside?
The USCIS Office of Transformation Coordination - Program Management Office,
USICS Office of Information Technology, USCIS Privacy Office and USCIS legal counsel
review all MOUs related to USCIS ELIS.
New uses of information and/or new access requests for the system by organizations
within DHS and outside agencies go through the USCIS change control process, including
assessments of impact, and must be approved by the proper Program Authorities of this process
(e.g., USCIS Privacy Office, USCIS Transformation Program Office Change Control Board,
USCIS Office of Information Technology, and DHS offices, where applicable).
Responsible Officials
Donald Hawkins
Privacy Officer
U.S. Citizenship and Immigration Services
Department of Homeland Security
Approval Signature
[Original signed copy on file with the DHS Privacy Office]
Mary Ellen Callahan
Chief Privacy Officer
Department of Homeland Security
�
| File Type | application/pdf |
| File Title | Privacy Impact Assessment for USCIS Electronic Immigration System [ELIS-3] Automated Background Functions |
| Author | Department Of Homeland Security Privacy Office |
| File Modified | 2015-01-21 |
| File Created | 2012-05-17 |