SSN Justification

	

DEPARTMENTS OF THE ARMY AND AIR FORCE
ARMY & AIR FORCE EXCHANGE SERVICE
Office of the General Counsel
P.O. Box 650060
Dallas, TX 75265-0060

GC-C

27 MAR 2019

MEMORANDUM THRU:
Army Privacy Office (AAHS-RDF), 9301 Chapek Rd. Bldg. 1458 Fort Belvoir, VA 22060-5605
FOR Defense Privacy, Civil Liberties and, Transparency Division, 4800 Mark Center Drive,
Alexandria, VA 22350-3100
SUBJECT: Justification for the Use of the Social Security Number (SSN); Exchange Form
3900-002 “Trusted Associate Sponsorship Systems (TASS), Exchange Form
3900-006 “Background Check for Vendors/Contractors”, Exchange Form 3900013 “e-QIP Request Form; AAFES Resource Onboarding Application (ROBA)
Web-based system; and AAFES Electronic system of Personnel Security
Clearance Case Files.
1.
This memorandum is to satisfy the requirements of DoDI 1000.30, “Reduction of Social
Security Number (SSN) Use Within the DoD,” requiring justification to collect and use the SSN.
2.
AAFES System for Personnel Security Clearance Case Files consists of information
collected from persons affiliated with AAFS by assignment, employment, contractual
relationship, or as the result of an inter-service support agreement. Records contain security
clearance determination that have been completed, in process, or pending.
AAFES uses the SSN to aid the Exchange Force Protection in determining and providing
security clearance for individuals stationed at AAFES facilities. This includes providing security
clearance, denial of clearance, or removal of clearance into classified locations or sensitive
positions.
3.
The applicable acceptable uses for collection and use of the SSN are (2) Law
Enforcement, National Security, and Credentialing, (3) Security Clearance Investigation or
Verification, (4) Interactions With Financial Institutions, (5) Confirmation of Employment
Eligibility, (8) Computer Matching, and (9) Foreign Travel. Information collected and
maintained is obtainable by the individual’s name or SSN. SSN collected is used to assist in the
location of all relevant data within AAFES and outside sources associated with reviewing the
individual’s criteria, background, and trustworthiness for security clearance and providing such
clearance.
4.
The System of Records Notice (SORNs) associated with the AAFES Personnel
Security Clearance is AAFES 1703.03, “Personnel Security Clearance Case Files”. AAFES
systems are stand-alone .com technology and not part of Department of Defense Business
Information Systems. Therefore, there is not DIPTR number to provide.

	

	

GC-C
SUBJECT: Justification for the Use of the Social Security Number (SSN); Exchange Form
3900-002 “Trusted Associate Sponsorship Systems (TASS), Exchange Form 3900-006
“Background Check for Vendors/Contractors”, Exchange Form 3900-013 “e-QIP Request Form;
AAFES Resource Onboarding Application (ROBA) Web-based system; and AAFES Electronic
system of Personnel Security Clearance Case Files.
	
5.
The prescribing directives for the AAFES Forms 3900-002, 3900-006 and 3900-013 and
the collection of information on the AAFES Resource Onboarding Application (ROBA) Webbased system is DoDI 5200.01, May 1, 2018, DoD Information Security Program and Protection
of Sensitive Compartmental Information and DoDI 5200.02, May 11, 2018, DoD Personnel
Security Program (PSP). Appropriate authorities supporting collection of the SSN are: Title 10
U.S.C. 7013, Secretary of the Army; Title 10 U.S.C. 9013, Secretary of the Air Force; Executive
Order 10450, Security Requirements for Government Employment; Department of Defense
5200.02-R, DoD Personnel Security Program; Army Regulation 215-8/AFI 34-211(I), Army and
Air Force Exchange Service Operations; Army Regulation 380.67, Personnel Security Program;
Air Force Instruction 31-501, Personnel Security Program Management; Air Force Instruction
31-401, Information Security Program Management; and E.O. 9397 (SSN), as amended.
6.
The security clearance files are not made publically available. Only personnel with a
need to know have access to these files. A thorough effort has been made to evaluate the risk
associated with the use of the SSN. Paper and electronic copies of the applications are disposed
of as required by the records disposition schedule. Personnel monitoring, reviewing, or using the
applications are required to follow the established safeguards to protect individual’s privacy.
In addition, administrative, technical and physical safeguards are in place limiting access
to personnel with an official need to know. AAFES conducts periodic security audits and regular
monitoring to prevent unauthorized access. Users of the electronic systems have a two point
login criteria including their official AAFES user name and password. Intrusion detection
systems, encryption and firewall protection furtherly protects unauthorized access. Physical
safeguards include security guards, identification badges, key cards, safes, and cipher locks.
Hard copy files are kept in secured areas under lock and key accessible only to authorized
individuals.
7.
My POC is Mrs. Teresa Schreurs, Paralegal, FOIA/Privacy Manager,
[email protected], 214-312-6103.

On behalf of:
EDWIN LLEWELLYN
Deputy General Counsel
Office of the General Counsel

	
	

2