Download:
pdf |
pdfPrivacy Impact Assessment Update
for the
Human Resources Business Engine (HRBE)
DHS/CBP/PIA-032(a)
August 19, 2019
Contact Point
James Bonnell
Office of Human Resources Management
Business Process Solutions Division
U.S. Customs and Border Protection
(202) 325-6224
Reviewing Official
Jonathan R. Cantor
Acting Chief Privacy Officer
Department of Homeland Security
(202) 343-1717
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 1
Abstract
The Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP)
provides Human Resources (HR) services to CBP and other DHS components through a webbased tool called the Human Resources Business Engine (HRBE). HRBE provides case
management and HR business process capabilities to CBP and its DHS component customers.
CBP published a Privacy Impact Assessment (PIA) for HRBE on July 25, 2016. CBP is publishing
this update to the original PIA to describe several new modules in HRBE supporting HR processes
that collect, use, and maintain personally identifiable information (PII) about CBP applicants and
employees.
Overview
HRBE, a CBP-owned and developed HR services information technology system, provides
case management and business process capabilities for CBP and a limited number of DHS
component customers. Although developed originally for CBP, HRBE also provides HR services
to other DHS customers, including U.S. Immigration and Customs Enforcement (ICE), United
States Citizenship and Immigration Services (USCIS), Federal Emergency Management Agency
(FEMA), and DHS Headquarters. The National Protection and Programs Directorate (NPPD),
previously a HRBE user, ceased its use of the system in 2016. An updated list of system users is
included in the appendix to this PIA. DHS customers may choose from HRBE’s offered HR
services to meet their individual HR case management and workflow needs. As other DHS
customers request HRBE services in the future, the system has the potential to become an
enterprise-wide HR case management system for DHS.
Reason for PIA Update
HRBE is composed of twenty distinct HR functions, seventeen of which were outlined in
the original PIA as follows:
1. Performance Management Function automates the administration, processing,
tracking, and reporting of CBP employees’ annual performance plans, covering the
initial establishment of each employee’s plan, the mid-year review, and the end of year
review.
2. Entry and Professional Level Hiring Function tracks and manages applicants from
the submission of application to actual Entrance on Duty (EOD). Interactions include:
text messages from HR staff to applicants to keep them apprised of their application
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 2
status; access to a tracking application1 for those applicants who have received a
tentative offer for select positions to monitor their hiring status; data exchange of
staffing and certificate data between the Office of Personnel Management (OPM) and
CBP; data exchange of background investigation information between HR and CBP
Office of Professional Responsibility (OPR); and scheduling and results of preemployment tests such as: drug test results (pass/fail only), medical results if required
for position suitability, and background investigation results (including polygraph) to
obtain required clearances. The actual required pre-employment tests will vary
depending on the position for which the applicant is being considered. The Entry and
Professional Level Hiring Function does not store the details of an applicant’s
suitability or pre-employment tests, but rather which tests are required and if they have
been passed. HRBE also maintains a copy of CBP employees’ active duty military
orders to maintain information regarding the employee’s obligations to serve on active
duty or deployment for scheduling purposes.
3. Senior Executive Service (SES) Function, similar to the preceding function, this
function tracks and manages recruitment actions but focuses on senior executive
recruitments.
4. Table of Organization Function provides the reporting capability to accurately
project and compare CBP’s federally funded positions to the CBP mission within
budgetary constraints.
5. Safety Inspection Function tracks and manages the scheduling, workflow, processing,
results, corrective actions taken, and reporting of safety inspections conducted in the
work place. The goals of these inspections are: 1) to ensure safety concerns of those
who work in CBP workplaces are addressed, and 2) to ensure that CBP workplaces
remain compliant with Department of Labor (DOL) Occupational Safety and Health
Administration (OHSA) safety standards.
6. Employee Relations Case Tracking Function tracks and manages records related to
DHS employees’ disciplinary, performance, medical, and informal counseling cases.
This module exchanges case status updates and basic personnel information with the
1
Select applicants are granted access to the CBP Jobs mobile application (CBP Jobs). This application provides job
application process status for CBP conditional employees who have passed the entrance exam and been issued a
Tentative Selection Letter for an entry-level position in one of these occupations: Agricultural Specialist, Border
Patrol Agent, or Border Patrol Officer. CBP Jobs provides a status on the following requirements: pre-employment
forms, medical exam fitness test, drug screening, structured interview, background investigation, qualifications, and
scheduled report date. Login into CBP Jobs requires the applicant’s name, phone number, email address, and
password created by the applicant. CBP Jobs is described in the Appendix to the DHS/ALL/PIA-043 Hiring and OnBoarding Process PIA, available at: https://www.dhs.gov/sites/default/files/publications/pia-app-update-043-dhswide-hiring-and-on-boarding-06252015.pdf.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 3
CBP OPR’s Joint Intake Case Management System (JICMS)2 through a system-tosystem data exchange. Labor and Employee Relations staff have limited access to
JICMS on a case-by-case basis when they have an official need to know. Investigatory
material is not stored in HRBE.
7. Fitness Function provides entry of, and access to, fitness exam results administered
during the hiring of applicants or (re)certification of employees as determined by the
specific position requirements, such as law enforcement positions. This function differs
from pre-employment medical tests, which verifies the applicant against medical
standards for entry-level law enforcement positions.
8. Labor Relations Case Tracking Function tracks and manages labor relations cases
such as Unfair Labor Practice claims, grievances, and arbitrations. This function serves
as an information resource for the historical activity/status reports and trends for client
managers and executive leadership.
9. Drug Free Workplace Function maintains records mandated by the Federal
Government’s comprehensive drug-free workplace program for all Federal Executive
Branch workers.3 It requires random selection of employees for drug testing and the
maintenance of historical drug test results.
10. Financial Disclosure OGE-450 Function tracks and manages the data entry, routing,
processing, and tracking of financial disclosure forms completed by covered employees
annually.
11. Customer Inquiry Tracking Function tracks and manages inquiries from employees
and applicants via phone, email, or direct contact on various topics/subtopics related to
the status of their pending applications or personnel actions.
12. Retirement Tracking Function tracks the retirement application from receipt in the
HR office to OPM. This function also provides reports to monitor workload and
provide metrics.
13. Background Investigations (BI) Function initiates the BI process with applicants by
forwarding them a link to complete the OPM eQIP4 form. HR specialists with access
to the BI function review the submitted eQIP for completeness, and then forward the
2
JICMS is the OPR system used to record misconduct, to conduct criminal and administrative investigations, and to
track disciplinary actions related to CBP and U.S. Immigration and Customs Enforcement (ICE) employees and
contractors. See DHS/CBP/PIA-044 Joint Integrity Case Management System (JICMS) (July 18, 2017), available
at: https://www.dhs.gov/sites/default/files/publications/privacy-pia-cbp044-jicms-july2017.pdf.
3
Executive Order 12564 - Drug-Free Federal Workplace, 1986, available at: http://www.archives.gov/federalregister/codification/executive-order/12564.html.
4
eQIP is a secure website managed by OPM that is designed to automate the common security questionnaires used
to process federal background investigations. For additional information, please see
http://www.opm.gov/privacy/PIAs/eQIP.pdf.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 4
eQIP package to the OPR Cornerstone System5 to initiate the BI process for applicants
and employees. It also receives information from OPR when the BI is completed. In
addition, this function exchanges information with the DHS Integrated Security
Management System (ISMS)6 nightly to update case information in both systems. The
BI Function maintains status and basic biographic information only. HR specialists
view the eQIP to verify completeness but do not make any adjudicative decisions. It is
a pass-through for the eQIP but does not ingest or retain any information from the eQIP.
The BI Function does not maintain investigatory material. The purpose of this module
is to manage the caseload on HR for eQIP initiations and wait for results from OPR.
For a full description of the BI process at CBP, please see the Cornerstone System PIA.
14. Medical and Contracting Officer’s Representative (COR) Function tracks and
manages the medical activities associated with an applicant (i.e., scheduling the
medical appointment and getting the test results of the medical examination) during the
hiring process for the hiring centers. This function also tracks and processes the
invoices received for the medical services provided to the applicant during the preemployment process.
15. Position Person Lookup Function, formerly known as the Employee Position Profile
Function, supports the look up of positions and employees assigned to the positions in
CBP. It also allows the Office of Human Resources Management (HRM) and the
Program offices to support the tracking of Person or Position data elements that are not
supported by the United States Department of Agriculture (USDA) National Finance
Center (NFC) (i.e., special initiatives like Trade Revenue and Cybersecurity-designated
positions, emergency essential personnel).
16. Ticketing Function allows all HRBE users to submit a request to correct a technical
error. This module differs from the Customer Inquiry Tracking module, which tracks
the incoming requests from employees and applicants regarding the status of the hiring
or personnel actions. The Ticketing function is the bug/defect tracking system for
HRBE administrators to report issues or request enhancements to the HRBE system.
The following function was described in the 2016 PIA, but this update covers recent changes for
the filing of the OPM Request for Personnel Action (Standard Form 52):
17. Personnel Action Request Function allows requesting and approving officials to
submit a Request for Personnel Action to HR for processing; HR specialists to route
5
The Cornerstone System facilitates the BI process and improves its efficiency. Cornerstone retrieves information
from other systems, compiles the information, and sends the document to the appropriate system for processing. For
additional information, please see DHS/CBP/PIA-038 Cornerstone (February 27, 2017), available at
https://www.dhs.gov/sites/default/files/publications/privacy-pia038-cbp-cornerstone-february2017.pdf.
6
DHS/ALL/PIA-038 Integrated Security Management System (ISMS) (March 22, 2011), available at:
https://www.dhs.gov/sites/default/files/publications/privacy_pia_dhswide_isms-2011.pdf.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 5
and code the personnel action; and transmission of data to the NFC. CBP has
implemented an employee retention incentive for all existing U.S. Border Patrol GS12 and GS-13 agents who participate in a 12-month service agreement. The employee
retention agreements are managed through the OPM Standard Form-52, Request for
Personnel Action. This workflow allows CBP to monitor the employee period of
performance, incentive payout, and incentive eligibility requirements.
Since the previous PIA was published, HRBE has added the following three modules:
18. Scheduling Function tracks and manages the structured and pre-security interview
calendars and allows the CBP hiring center to schedule structured interviews7 and presecurity interview8 appointments with applicants, employees, and contractors who have
received a tentative offer for certain CBP law enforcement frontline positions. The
scheduling function tracks the dates and times of each interview, the CBP Program
office location, and CBP site point of contact information.
19. Structured Interview Function allows HRM to track the applicant’s progress through
the pre-employment process of structured interviews for CBP law enforcement
frontline positions. CBP Program Office personnel conduct the structured interviews
to determine suitability for CBP positions and manually update the results in HRBE to
indicate if the applicant provided fingerprints, and passed, failed, or did not appear for
the interview. If an applicant fails the structured interview, the applicant is disqualified
and removed from the hiring process. Upon process completion, HRBE automatically
sends an email notification to the applicant to confirm the pass or fail status. The
structured interview function stores the details of an applicant’s suitability and preemployment tests, pass or fail status, and email communication.
20. Pre-Security Interview Function allows HRM to track the applicant’s progress
through the pre-employment process of pre-security interviews for CBP law
enforcement frontline positions. If an applicant does not appear for the pre-security
interview, the individual is removed from the hiring process. CBP Program office
personnel conduct the interviews to assist with the background investigation process
and manually update the system to indicate whether an applicant completed the presecurity interview and if they responded affirmatively to any questions. HRBE
automatically sends an email notification of the status to the applicant after the presecurity interview process is completed. The module stores the details of an applicant’s
7
A structured interview is an assessment method designed to measure job-related competencies of candidates by
systematically inquiring about their behavior in past experiences and/or their proposed behavior in hypothetical
situations. Generally speaking, structured interviews ensure candidates have equal opportunities to provide
information and are assessed accurately and consistently.
8
The pre-security interview is an assessment method designed to measure the likelihood of an applicant passing a
polygraph administered OPR. Pre-security interviews review topics covered during a polygraph exam.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 6
interview and a completed copy of Pre-Security Interview Questionnaire (CBP Form
0075), and the full information collection is sent to OPR via email. The Cornerstone
System initiates the BI process by scanning the OPR email to retrieve the form and presecurity interview information collection.
Privacy Impact Analysis
Authorities and Other Requirements
The legal authorities and other requirements associated with CBP’s collection, use,
maintenance, and dissemination of information within HRBE have not changed since the original
PIA was published in 2016. Pursuant to 5 Code of Regulations (CFR) Part 731, CBP is authorized
to collect and maintain information to examine suitability for competitive federal employment.
CBP granted the most recent HRBE Authority to Operate (ATO) on September 7, 2016.
The HRBE ATO is scheduled for renewal pending publication of this PIA.
Characterization of the Information
HRBE collects, uses, disseminates, and maintains information about applicants for
employment, current employees, and contractors who require access to HRBE as part of their HR
support job duties. A complete list of these data elements is available in the 2016 HRBE PIA.
In addition to the interfaces and data collection outlined in the previous HRBE PIA, HRBE
processes the following new data elements for CBP applicants and employees who apply for CBP
positions:
Applicants:
•
Active duty military orders;
•
System generated unique identifier (hiring ID);
•
Scheduling details (dates, times, and locations for in-person meetings) for structured and
pre-security interviews;
•
Current status in the employment process, including the results of any pre-security, and
structured interviews; and
•
Completed Pre-Screening Interview Questionnaire (CBP Form 0075) that includes the
name and signature of the CBP interviewer (CBP employee), the name of any existing
Federal Credentials Agency, the signature of the applicant, and answers to questions
related to: 1) use of marijuana, steroids, or misuse of prescription medication, 2) illegal
drug use, 3) sale, transportation or trafficking illegal drugs, 4) termination of
employment, 5) child pornography, 6) domestic violence or domestic abuse, 7) sexual
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 7
assault, 8) sexual acts with minors, 9) theft, and 10) violated or assisted others in
violating immigration laws.
Employees:
In addition to the information collected previously reported and noted under applicants,
HRBE collects employee retention incentive agreement information for existing U.S. Border
Patrol GS-12 and GS-13 positions, which includes the following new data elements:
•
Incentive Reason;
•
Organization Number;
•
Master Record Number (MRN): Unique identifier assigned to the employee’s job
category;
•
Individual Position Number (IPN): Unique identifier assigned to the employee’s position
category;
•
Agreement Start and End Date;
•
Number of Years and Months of Service;
•
Payment Amount;
•
Additional Conditions: Ongoing eligibility requirements;
•
CBP Employee Signature and Date; and
•
Approving CBP Official’s Signature and Date.
The original sources of the information and how the information is collected for the project have
not changed since the 2016 HRBE PIA.
During the structured and pre-security interview process, information is obtained directly
from the CBP applicant and employee. Information collected during the structured interview is
manually entered in HRBE by the CBP Program office interviewer. Through the pre-security
interview process, the CBP applicant or employee fills out the CBP Form 0075 and signs the form.
The CBP Program office interviewer uploads the CBP Form 0075 in the Pre-Security Interview
module and manually enters the results of the pre-security interview.
Privacy Risk: There is a risk that with the addition of the information from the CBP Form
0075, HRBE may maintain more sensitive information than is necessary for HR activities.
Mitigation: This risk is partially mitigated. Although the standard background
investigation and suitability review typically begins later in the process, CBP will now use this
questionnaire to share information between HRM and OPR. CBP collects the pre-security
interview information in order to track the individuals’ progress through the security process,
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 8
which, though managed by OPR, is a key stage in the hiring and onboarding process. HRM
captures the pre-security information on behalf of OPR, which does not currently have the
capability to do so.
Uses of the Information
The uses of the information within HRBE outlined in the original PIA have not changed.
HRBE uses the information maintained in the Scheduling, Structured Interview, and PreSecurity Interview Functions to record, process, track, and report on the status of the interview
process for availability, position, location, and status; and in the Personnel Action Request
Function to monitor employee retention agreements in relation to period of performance, incentive
payout, and eligibility requirements.
Scheduling
CBP uses HRBE to register and track the dates and times of each interview, the CBP office
location for each meeting, and related CBP site point of contact information. The scheduling
function allows CBP to manually schedule structured and pre-security interview appointments
within one system. HRBE allows the CBP hiring center to search for the applicant’s name within
the system, schedule the appointment, and automatically send confirmation emails to the
applicants for each interview. In addition, HRBE also generates a historical structured interview
report to display the number of interviews that were conducted during a period of time. It also
provides planning reporting capabilities to cover future hiring activity.
Structured Interviews
The structured interview function allows CBP to collect applicant interview results,
structured interview scheduling information, communications with applicants, and provide
information to Hiring Center staff about historical CBP interview experiences. The structured
interview is a required step in the pre-employment process. CBP uses the information captured in
the module to determine if an applicant has successfully completed the structured interview steps.
Although HRBE serves as a method to track the status of the structured interview and collection
of applicant fingerprints, details of the oral examination and fingerprints are not stored in or
transmitted through HRBE.
Pre-Security Interviews
The purpose of the pre-security interview function is to collect CBP applicant information
and oral or written responses to questions prior to the applicant being scheduled for a CBP
polygraph, which is required for certain CBP positions. The pre-security interview is a required
step in the pre-employment process. CBP uses the information submitted by applicants during the
interviews to identify any conduct or actions that could affect suitability for a CBP position. While
CBP does not regularly share this information outside of DHS, CBP may make this information
available as a routine use to other government agencies if the information is relevant and necessary
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 9
to a requesting agency’s decision concerning the hiring or retention of an individual, or issuance
of a national security clearance.
Personnel Action Requests
CBP announced a new retention incentive program on April 24, 2019, in an effort to
mitigate the staffing challenges faced on the border. The retention incentive is the product of
months of collaboration between CBP and the National Border Patrol Council. This retention
incentive is part of a comprehensive recruitment and retention strategy for the U.S. Border Patrol.
HRBE will use the employee retention incentive information collection to select eligible
employees to receive retention incentives, monitor employees’ continuing eligibility over the life
of the agreement, stage future payment transactions through personnel action processing, and
generate, track, and terminate agreements. The CBP hiring center reviews all incentive agreements
across all incentive packages that are managed through the Standard Form-52. CBP mission
support teams countersign retention incentive agreements after the U.S. Border Patrol employees
apply their electronic signatures.
Information from Other Systems
HRBE interacts with many different systems in a variety of ways to send and receive
information; the list of system interfaces reported in the 2016 HRBE PIA remain the same.
Privacy Risk: There is a risk for misuse or mishandling of information for systems users.
Mitigation: This risk is mitigated. HRBE users are assigned system access according to
their position functionality. Role-based access controls are employed to limit access to information
and all system users undergo a review and approval process to ensure that access is granted based
on an authorized need to know. HRBE uses an audit log report that is generated to track system
activities conducted by all users on a monthly basis.
Notice
There are no changes to the notice required or provided to individuals.
Data Retention
There are no changes to the retention period of the data.
Information Sharing and Disclosure
There are no changes to the sharing and disclosure of the data within the Department.
External Sharing and Disclosure
The external sharing described in the 2016 PIA remains in effect.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 10
Individual Access, Redress, and Correction
There are no changes to individual access, redress, and correction procedures.
Auditing and Accountability
There are no changes to the auditing and accountability procedures described in the
previously issued HRBE PIA.
Responsible Officials
James Bonnell
Office of Human Resources Management (HRM)
Business Process Solutions Division (BPS)
U.S. Customs and Border Protection
Debra L. Danisek
Privacy Officer
Office of Privacy and Diversity
Office of the Commissioner
U.S. Customs and Border Protection
Approval Signature
[Original signed and on file with the DHS Privacy Office]
________________________________
Jonathan R. Cantor
Acting Chief Privacy Officer
Department of Homeland Security
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 11
APPENDIX A
HRBE Functions Used by Other DHS Components
9
Component
DHS Headquarters
Function Access
Customer Inquiry Tracking
Ticketing
ICE
Entry and Professional Level Hiring
Employee Relations
Labor Relations
Ticketing
USCIS
Employee Relations
Labor Relations
Ticketing
FEMA9
Financial Disclosure OGE-450 Function
In April 2018, FEMA was added to the list of DHS Components in Appendix A of this PIA, to document the
agency’s use of HRBE for the Financial Disclosure/OGE-450 reporting function. FEMA’s permissions in HRBE are
identical to those of the other components (ICE & USCIS) who use HRBE.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 12
APPENDIX B
Level of Access by HRBE Function
1
Function
Performance
Management
(PM)
Roles
PM_Admin
PM_Agency_Goal
PM_DHS_Goal
PM_Employee
PM_POC
PM_Prog_Office_Goal
PM_Rating_Official
PM_Super_POC
Role Description
Administers the
performance management
workflow. They are able to
assign additional roles to
users and take action on
behalf of employees on
their performance plans
Allows the users to edit
Agency level performance
goals
Allows users to edit DHS
level performance goals
This role grants users
access to the performance
management workflow as a
federal employee able to
receive performance plans.
The organization point of
contact (POC). This user is
able to act as an employee
and perform administrative
tasks on his/her
performance plans but only
within his/her own
organization level and
below
Allows this user to edit the
program office level
performance goals
This role grants the user
access as a federal
supervisor able to issue
performance plans to
his/her direct reports and
rate their performance
This role is the same as the
POC role but is granted at
the program office level.
This user is able to perform
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 13
Function
Roles
PM_User_Reports
PM_View_Only
2
Entry and
Professional
Level Hiring
Hiring Entry Level
User Administrator
Fitness Results
Email PFT2
Email Refer to Scheduling and EOD
3
Senior Executive
Service (SES)
SATS_User
4
Table of
Organization
TO_User
TO_Super_User
TO_Org_Target_User
TO_Admin
5
Safety
Inspection
STAR_View_only
Role Description
POC-like tasks for the
whole program office
Allows this user to run
reports
Allows user to view/search
performance plans but not
take any action
Access to the Entry Level
tracking system
Allows user to administer
roles in Entry and
Professional Hiring
Allows access to enter
detailed fitness results into
the system
Allow the sending of
emails to applicants
regarding the second
physical fitness test.
Allow the sending of
emails to applicants
regarding academy
scheduling and entry on
duty (EOD) information.
Allows user full user /
admin access to Senior
Executive Service hiring
workflow
Allows user access to set
organizational targets at
specific levels or his/her
own organization
Allows user access to set
organizational targets for
all organizations and all
levels
Sets the high level program
office targets
Allows user to add /
remove users
View-only access to search
and open inspection reports
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 14
Function
Roles
STAR_Supervisor
STAR_Safety_Specialist
STAR_MSS
STAR_MOIC_Reporting
STAR_Health_Physicist
STAR_Email_Admin
STAR_Delegate
Star_Admin
6
Employee
Relations (ER)
Assigned_DRB_Supervisor
(Discipline Review Board)
Assigned_DRB_Specialist
Assigned_Supervisor
Assigned Labor and Employee
Relations (LER)_Specialist
Assigned_Intake_Specialist
Role Description
Allows user to perform a
review of the safety
inspections before it is sent
to the building management
Users performing the safety
inspections
Mission Support Specialist
runs reports and manages
the overall process and acts
as a liaison between safety
specialists and the building
management.
Management Official In
Charge (MOIC) is the
building management in
charge of remediating all
the safety findings
Users performing
inspections on the radiation
equipment at CBP facilities
Users allowed to modify
email templates that are
used to send emails in the
workflow
Users delegated
responsibility to remediate
safety finding by the MOIC
Allows user to administer
roles, facilities, standard
findings
Allows DRB supervisor
assigned to case to perform
supervisory actions
Allows DRB specialist
assigned to case to perform
workflow actions
Allows DRB supervisor to
view case
Allows LER specialist
assigned to case to perform
workflow actions
Allows intake specialist
assigned to case to perform
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 15
Function
Roles
Assigned_Intake_Assistant
Agency_Intake_Assistant
Agency_Intake_Specialist
Agency_LER_Admin (Labor and
Employee Relations)
Agency_DRB_Admin
Agency_Specialists
LER_Specialist
LER_Supervisor
LER_Administrator
DRB_Specialist
DRB_Supervisor
DRB_Administrator
Role Description
intake review workflow
actions
Allows intake assistant
assigned to case to perform
intake workflow actions
Allows DRB intake
assistant to view case
within his/her agency at
select stages
Allows DRB intake
specialist to view case
within his/her agency at
select stages
Allows LER administrator
to take select migration
actions for cases within
his/her agency
Allows DRB administrator
to take select migration
actions for cases within
his/her agency
Allows DRB
specialist/DRB supervisor
or LER specialist/LER
supervisor to take select
migration actions for cases
within his/her agency
Allows LER specialist to
perform workflow actions
Allows LER supervisor to
perform supervisory actions
Allows LER administrator
to perform actions taken by
LER specialist/LER
supervisor and
administrative actions
Allows DRB specialist to
perform workflow actions
Allows DRB supervisor to
perform supervisory actions
Allows DRB administrator
to perform actions taken by
DRB specialist/DRB
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 16
Function
Roles
DRB_Intake_Specialist
DRB_Intake_Assistant
HRBE_Admin
ER_Dashboard
ER_QueryStudio
ER_Analysis
ER_Super_Maintenance
ER_DD_Administrator (Discipline
Dashboard)
ER_DD_Org_Level_2_User
ER_DD_Org_Level_3_User
ER_DD_CBP
7
Fitness
PFT2_User
PFT2_admin
8
Labor Relations
(LR)
Assigned_LR_Specialist
LR_Super_Maintenance
Role Description
supervisor and
administrative actions
Allows DRB intake
specialist to perform select
actions
Allows DRB intake
assistant to perform select
actions
Allows access to admin
form to load cases
Allows access to ER
dashboard (external
interface)
Allows access to ER Query
Studio (external interface)
Allows access to ER
Analysis Studio (external
interface)
Allows access to admin
forms to update critical
fields or delete cases
Allows access to admin
form to manage discipline
dashboard users
Allows access to specified
CBP level 2 org data in
discipline dashboard
Allows access to specified
CBP level 3 org data in
discipline dashboard
Allows access to CBP data
in discipline dashboard
Allows user to enter fitness
results
Administers the user roles
for fitness workflow
Allows specialist assigned
to the case to perform
workflow actions
Allows access to admin
forms to update critical
fields or delete cases
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 17
Function
Roles
Assigned_LER_Supervisor
Agency_LR_Supervisor
HRBE_LR_Supervisor
HRBE_LR_Specialist
HRBE_LR_Admin
HRBE_LR_QueryStudio
HRBE_LR_Dashboard
HRBE_LR_AnalysisStudio
9
Drug Free
Workplace
(DFWP)
Administrator
Specialist
10
Financial
Filer
Disclosure OGE450
Final Approver
Designee
POC
Role Description
Allows assigned
specialist’s team supervisor
to perform supervisory
actions
Allows supervisor to
perform supervisory actions
for cases within his/her
agency
Allows supervisor to
perform supervisory actions
Allows specialist to
perform workflow actions
Allows access to
administrative forms and
actions
Allows access to Query
Studio (external interface)
Allows access to LR
dashboard (external
interface)
Allows access to Analysis
Studio (external interface)
Can do all things the
specialist can do but also
has the ability to maintain
users, tables, regions, and
explicit lists
General user of the DFWP
tool. Can perform all nonadministrative functions
Allows user to be a
OGE450 filer
User performs the final
approval for OGE450
filings
User designated by final
approver to perform the
final approval
Point of contact can
monitor and take
administrative action on
OGE450 filing within
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 18
Function
Roles
Program Office Admin
Supervisor
Viewer
Report Analysis
Report Query
Report Dashboard
11
Customer
Inquiry
Tracking (CIT)
AssignedUser
CIT_Admin
CIT_FAQ_Supervisor
CIT_Initiators
CIT_Super_Maintenance
CIT_Supervisor
CIT_Supervisor_Administration
CIT_Tier1
CIT_Tier2
CIT_Tier3
12
Retirement
Tracking (RT)
RT_Management
Role Description
his/her organization
User, also known as the
Organizational Admin, can
administer filings at the
program office level
User performs the
supervisor approvals for
filings
Allows user to search and
view filings
Allows user to access
Cognos analysis studio
Allows users to access
Cognos Query Studio
Allows user to access the
financial disclosure
dashboard in Cognos
Places case folder on the
to-do list of the current
assigned user
Global admin user access to
all blank/admin forms
Frequently Asked
Questions (FAQ) process
supervisor approves FAQ
requests
Users that can start requests
Super users that maintain
topics/subtopics/teams
Supervisors that oversee
and resolve tickets
Access to admin forms
Users belonging to
designated Tier 1 team
Users belonging to
designated Tier 2 team
Users belonging to
designated Tier 3 team
Users who initiate RT,
update case, reassign case,
view RT archived package
search form, view RT
Reports
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 19
Function
Roles
RT_Worker
RT_Assistant
RT_Specialist
RT_Assigned_Specialist
RT_UserMaintenance
13
Background
Investigations
(BI)
BI Supervisor
BI Specialist
BI Assistant
BI Observer
BI Administrator
BI Social Security number (SSN)
Viewer
BI Academy Report
BI Metrics Report
Role Description
Users who initiate RT,
audit processed case,
update case, reassign case,
view RT archived package
search form
Users who initiate RT,
update case, reassign case,
view RT reports
Users who initiate RT, pool
of specialist for assignment,
reassign case, view RT
Users who assigned
specialist for a case, view
RT Reports
Users who access
retirement tracking
administration form, view
RT archived package
search form, view RT
reports
Users with full access to
the module
Users with full access to
the module
User who performs most
actions, except ones that
need higher levels of
authority, such as returns
from IA (Internal Affairs)
User with view-only in
Module, but performs no
actions
User who has full access to
the Module, including the
admin forms for data set up
Users who can see the full
SSN, and not just the four
digits
Users with access to the IA
Academy Report
Users with access to the BI
metrics report
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 20
14
Function
Roles
Personnel Action SF52_Create
Request
SF52 Org Submitter (Lvl 1 Approver)
SF52_CurrentApprovalTier
SF52_HigherApprovalTier
SF52_OrgAdm
SF52_SysAdm
SF52_User
SF52_Copy
SF52_Level2OrgAdm
SF52_HRTeamMember
SF52_HRTeam
SF52_HRPayApprovers
SF52_HRFinalApprovers
SF52_HRUser
SF52_HRAdmin_Agency
SF52_HRViewer
SF52_HRAdmin_FormList
Role Description
All users who can create
SF-52 request
Users who can submit SF52. Cannot be person
named as employee on SF52
Users who have sign ability
for current approval level
Users who have sign ability
higher than current level
Administrators within
specific organization. Can
send notifications, reassign
requests, and revoke roles
Administrators with general
access to all functions
within the process.
All users with any role
regardless of organization
Create/Sign users with
access to Organization
Level 2 Organization
Administrators who can set
who has sign ability used in
the approval tiers for
submission of requests
Specific HR Team member
assigned to request
All members of team
assigned to request
Any HR user with Pay
Approve authority (within
Agency)
Any HR user with Final
Approve authority (within
Agency)
Member of any HR team
within agency
Agency-Specific HR
Administrators
Member with Any HR role
within agency
HR Admins in any agency
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 21
Function
Roles
SF52_HRTransmitter
SF52_HRClassApprover
SF52_HRTeamForAdminForms
SF52_HRViewer_NoAgency
SF52_Mass_BusinessOwner
SF52_Mass_ProgramOfficeToDo
SF52_Mass_ProgramOffice
SF52_MassSearch_Access
SF52_Mass_Owners
SF52_Mass_OrgAdmins
15
Medical and
Contracting
Officer’s
Representative
Med Supervisor
Med Specialist
Med Assistant
Role Description
(For Form List)
Any HR user with transmit
authority (within Agency)
Any HR user with Class
Approve authority (within
Agency)
Not agency aware - cannot
be since no agency declared
yet
Not agency aware member with any HR role
Action-Specific
Owners/Administrators for
a given type of Mass
Process – i.e., Organization
Design Division (ODD)
does Realignments
Defined by Business
Owners in the Task form
who have active items to do
Defined by Business
Owners in Task Form - no
Active Task assigned
Business Owners and
Program Office
Business Owners who can
start Mass Process
Org Admins for orgs
included in the particular
requests realign list
User with full access to the
Med Module
User with full access to the
Med Module
User who can perform most
actions, except ones that
need higher levels of
authority, and cannot make
any decisions on the cases:
Cleared, Failed to Respond,
Disqualified, and
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 22
Function
Roles
Med Observer
Med Administrator
Med Nurse
Med Manual
Med SSN Viewer
COR Administrator
16
Position Person
Lookup
Employee_Profile_Admin
Employee_Profile_Data_Elements
Employee_Profile_HR_Viewer
Employee_Profile_MRN_Lookup
Employee_Profile_Person_Lookup
Employee_Profile_Reports_Viewer
Employee_Profile_Role_Admin
17
Ticketing
HRBE_Issue_Tracking_UI_Team
Role Description
Insufficient
User with view-only in the
Module, but performs no
actions
Administrator with full
access to the Med Module,
including the admin forms
for data set up
Nurse who can only
evaluate the medical part of
the module: Exams,
Consults, Follow Ups
User who can manually
start a case, or enter web
service data with this role
User who can to see the full
SSN, and not just the four
digits
Administrator who has full
access to the Module,
including the admin forms
for data set up
Administrator who has
read-write access to all
forms
User who has read-write
access to the
position/person data
elements admin forms
User who has view only
forms access for
employee/position data
Use who has read-access to
Master Record Number
(MRN) data
User who has read-access
to person lookup form
User with access to reports
Designated Role
Administrator who can
grant workflow access
permissions to users
Business Process Solutions
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 23
Function
Roles
Role Description
(BPS) User Interface (UI)
Team for workflow task
assignment
HRBE_Issue_Tracking_Tier_1
Client Tier 1 support users
responsible for reviewing
tickets submitted and
testing in SAT environment
HRBE_Issue_Tracking_Submitter
Users authorized to submit
a ticket
HRBE_Issue_Tracking_SAFR_Team
BPS Simulation
Accountability Feedback
and Reporting (SAFR)
Team for workflow task
assignment
HRBE_Issue_Tracking_Reassign
Users authorized to
reassign a ticket
HRBE_Issue_Tracking_Product_Mgr Designated Product
Managers
HRBE_Issue_Tracking_PM
BPS PM Team for
workflow task assignment
HRBE_Issue_Tracking_LOE
Users responsible for doing
Level of Effort (LOE)
estimates
HRBE_Issue_Tracking_LAN_Support BPS LAN Support Team
for workflow task
assignment
HRBE_Issue_Tracking_ISSO_Team
BPS Information System
Security Officer (ISSO)
Team for workflow task
assignment
HRBE_Issue_Tracking_DB_Team
BPS DB Team for
workflow task assignment
HRBE_Issue_Tracking_CPRO_Team BPS Consolidated
Personnel Reporting Online
(CPRO) Team for
workflow task assignment
HRBE_Issue_Tracking_Comms_Team BPS Communications
Team for workflow task
assignment
HRBE_Issue_Tracking_Admin
Users designated as the
overall ticketing
administrators
Business_Justification
Users responsible for doing
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 24
Function
Roles
Agency_Category_Changer
18
Scheduling
Scheduling Admin
Org Admin
Scheduling Viewer
Site POC
19
Structured
Interview (SI)
SI User
SI Admin
SI Specialist
SI SSN Viewer
Role Description
business justifications for
enhancements
Allowed to change agency
category for a ticket
User has full access to the
module.
User monitors and confirms
that all scheduling data
changes are made in
accordance with the
organization’s guidelines.
User should only see Sites
specific to his/her positions
that are tied to his/her org.
User has the ability to
manage Site POC and view
all Site Information specific
to his/her positions that are
tied to his/her org
User can see the scheduling
module (Calendar and
Details View) with Read
Only access.
Users have the ability to
create, update and delete
slots, and can only update
information tied to the Sites
they are assigned to.
Not used.
User has full access to the
module; all SI specialist
capabilities; ability to
manage SI Role
assignments; update SI
configurations.
User can change Site, select
an interview date, and
specify a slot from
available slots.
User can view SSN on
demand temporarily (SSN
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 25
Function
Roles
SI Assistant
SI Call Center
SI Access Batch Notes
20
Pre-Security
Interview (PSI)
PSI User
PSI Admin
PSI Specialist
PSI SSN Viewer
PSI Assistant
PSI Call Center
PSI Access Batch Notes
Role Description
is not saved anywhere
within the SI module).
User can look up and open
SI cases for reschedules,
notes, and emails.
User can access the SI
Search form and view Tab
forms; however, the user
does not have access to any
SI process actions.
User has the ability to add
notes to selected cases via
the admin form.
Not used.
User has full access to the
module; all PSI specialist
capabilities; ability to
manage PSI Role
assignments; update PSI
configurations.
User can
schedule/reschedule
interview, change Site,
hold/terminate interview
process, and send emails.
User can view SSN on
demand temporarily (SSN
is not saved anywhere
within the PSI module).
User can access the PSI
Search form and view Tab
forms; access to PSI actions
limited by PSI Admin.
User can access the PSI
Search form and view Tab
forms however, user does
not have access to any PSI
process actions.
User has the ability to add
notes to selected cases via
the admin form.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 26
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 27
APPENDIX C
Record Retention Schedule by
Category and SORN Coverage
1
Basic
Record
Category
Personal
Actions and
Records
10
SORN
Record Retention Schedule
OPM/GOVT-1
General
Personnel
Records10 SORN
The Official Personnel File (OPF) is maintained for the period of
the employee’s service in the agency and is then, if in a paper
format, transferred to the National Personnel Records Center for
storage or, as appropriate, to the next employing federal agency.
If the OPF is maintained in an electronic format, the transfer and
storage is in accordance with the OPM approved electronic
system. Other records are either retained at the agency for
various lengths of time in accordance with the National Archives
and Records Administration records schedules or destroyed
when they have served their purpose or when the employee
leaves the agency. The transfer occurs within 90 days of the
individuals’ separation. In the case of administrative need, a
retired employee, or an employee who dies in service, the OPF is
sent within 120 days. Destruction of the OPF is in accordance
with General Records Schedule-1 (GRS-1) or GRS 20. Records
contained within the Central Personnel Data File (CPDF) and
Enterprise Human Resource Integration (EHRI) (and in agency’s
automated personnel records) may be retained indefinitely as a
basis for longitudinal work history statistical studies. After the
disposition date in GRS-1 or GRS 20, such records should not be
used in making decisions concerning employees.
OPM/GOVT-2
Employee
Performance File
System
Records11 SORN
Records on former non-SES employees will generally be
retained no longer than 1 year after the employee leaves his or
her employing agency. Records on former SES employees may
be retained up to 5 years under 5 U.S.C. 4314.
a. Summary performance appraisals (and related records as the
agency prescribes) on SES appointees are retained for 5 years
and ratings of record on other employees for 4 years, except as
shown in paragraph b. below, and are disposed of by shredding,
burning, erasing of disks, or in accordance with agency
procedures regarding destruction of personnel records, including
OPM/GOVT-1 General Personnel Records (December 11, 2012), 77 FR 73694, available at:
https://www.gpo.gov/fdsys/pkg/FR-2012-12-11/html/2012-29777.htm.
11
OPM/GOVT-2 Employee Performance File System Records (June 19, 2006), 71 FR 35342, available at:
https://www.gpo.gov/fdsys/pkg/FR-2006-06-19/html/06-5459.htm.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 28
Basic
Record
Category
SORN
Record Retention Schedule
giving them to the individual. When a non-SES employee
transfers to another agency or leaves federal employment,
ratings of record and subsequent ratings (4 years old or less) are
to be filed on the temporary side of the OPF and forwarded with
the OPF.
b. Ratings of unacceptable performance and related documents,
pursuant to 5 U.S.C. 4303(d), are destroyed after the employee
completes 1 year of acceptable performance from the date of the
proposed removal or reduction-in-grade notice. (Destruction to
be no later than 30 days after the year is up.)
c. When a career appointee in the SES accepts a Presidential
appointment pursuant to 5 U.S.C. 3392(c), the employee’s
performance folder remains active so long as the employee
remains employed under the Presidential appointment and elects
to have certain provisions of 5 U.S.C. relating to the Service
apply.
d. When an incumbent of the SES transfers to another position
in the Service, ratings and plans 5 years old or less shall be
forwarded to the gaining agency with the individual’s OPF.
e. Some performance-related records (e.g., documents
maintained to assist rating officials in appraising performance or
recommending remedial actions or to show that the employee is
currently licensed or certified) may be destroyed after 1 year.
f. Where any of these documents are needed in connection with
administrative or negotiated grievance procedures, or quasijudicial or judicial proceedings, they may be retained as needed
beyond the retention schedules identified above.
g. Generally, agencies retain records on former employees for
no longer than 1 year after the employee leaves.
OPM/GOVT-3
Records of
Adverse Actions,
Performance
Based Reduction
in Grade and
Removal
Actions, and
Termination of
Probationers12
12
Records documenting an adverse action, performance-based
removal or demotion action, or covered actions against
probationers are disposed of not sooner than four years nor later
than seven years after the closing of the case in accordance with
each agency’s records disposition manual. Disposal is by
shredding, or erasure of tapes (disks).
OPM/GOVT-3 Records of Adverse Actions, Performance Based Reduction in Grade and Removal Actions, and
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 29
Basic
Record
Category
SORN
SORN
OPM/GOVT-5
Recruiting,
Examining, and
Placement
Records13 SORN
OPM/GOVT-6
Personnel
Research and
Test Validation
Records14 SORN
2
Contractors
and
Consultants
Record Retention Schedule
Records in this system are retained for varying lengths of time,
ranging from a few months to 5 years, e.g., applicant records that
are part of medical determination case files or medical suitability
appeal files are retained for 3 years from completion of action on
the case.
Most records are retained for a period of 1 to 2 years. Some
records, such as: individual applications, become part of the
person’s permanent official records when hired, while some
records (e.g., non-competitive action case files), are retained for
5 years. Some records are destroyed by shredding or burning
while magnetic tapes or disks are erased.
Records are retained for 2 years after completion of the project
unless needed in the course of litigation or other administrative
actions involving a research or test validation survey. Records
collected for longitudinal studies will be maintained indefinitely.
Manual records are destroyed by shredding or burning and
magnetic tapes and disks are erased.
OPM/GOVT-7
Applicant Race,
Sex, National
Origin and
Disability Status
Records15 SORN
Records are generally retained for 2 years, except when needed
to process applications or to prepare adverse impact and related
reports, or for as long as an application is still under
consideration for selection purposes. When records are needed in
the course of an administrative procedure or litigation, they may
be maintained until the administrative procedure or litigation is
completed. Manual records are shredded or burned and magnetic
tapes and disks are erased.
DHS/ALL-021
Department of
Homeland
Security
Contractors and
Consultants
Records are retained for six years and three months after the
final payment to a contractor/consultant in accordance with
National Archives and Records Administration-approved
General Records Schedule 3, Item 3--General Procurement Files.
Termination of Probationers (April 27, 2000), 65 FR 24732, available at: https://www.gpo.gov/fdsys/pkg/FR-200004-27/html/00-10088.htm.
13
OPM/GOVT-5 Recruiting, Examining, and Placement Records (June 19, 2006), 71 FR 35351, available at:
https://www.gpo.gov/fdsys/pkg/FR-2014-03-26/html/2014-06593.htm.
14
OPM/GOVT-6 Personnel Research and Test Validation Records (June 19, 2006), 71 FR 35354, available at:
https://www.gpo.gov/fdsys/pkg/FR-2006-06-19/html/06-5459.htm.
15
OPM/GOVT-7 Applicant Race, Sex, National Origin and Disability Status Records (June 19, 2006), 71 FR 35356,
available at: https://www.gpo.gov/fdsys/pkg/FR-2006-06-19/html/06-5459.htm.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 30
Basic
Record
Category
3
Employee
Relations,
Internal
Affairs, and
Professional
Responsibili
ty
4
Labor
Relations
Cases
16
SORN
SORN16
DHS/ALL-018
Department of
Homeland
Security
Grievances,
Appeals, and
Disciplinary
Action Records
System of
Records17 SORN
OPM/GOVT-9
File on Position
Classification
Appeals, Job
Grading
Appeals,
Retained Grade
or Pay Appeals,
Fair Labor
Standard Act
(FLSA) Claims
and Complaints,
Federal Civilian
Employee
Compensation
and Leave
Claims, and
Settlement of
Accounts for
Deceased
Civilian Officers
and Employees
File on Position
Classification
Appeals, Job
Grading
Record Retention Schedule
Records are destroyed no sooner than 2 years but no later than 7
years after a case is closed, in accordance with National
Archives and Records Administration General Records Schedule
1, Civilian Personnel Records, Item 30.
Records related to position classification appeal, job grading
appeal, retained grade or pay appeal files, FLSA claims or
complaints, compensation and leave claims, or disputes
concerning the settlement of the account for a deceased federal
civilian officer or employees are maintained for 7 years after
closing action on the case. Records are destroyed by shredding,
burning, or erasing as appropriate.
DHS/ALL-021 Department of Homeland Security Contractors and Consultants System of Records (October 23,
2008), 73 FR 63179, available at: https://www.gpo.gov/fdsys/pkg/FR-2008-10-23/html/E8-25205.htm.
17
DHS/ALL-018 Department of Homeland Security Grievances, Appeals, and Disciplinary Action Records System
of Records (October 17, 2008), 73 FR 61882, available at: https://www.gpo.gov/fdsys/pkg/FR-2008-10-17/html/E824741.htm.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 31
Basic
Record
Category
SORN
Appeals, and
Retained Grade
or Pay Appeals,
and Fair Labor
Standard Act
(FLSA) Claims
and Complaints18
SORN
EEOC/GOVT-1
Equal
Employment
Opportunity in
the Federal
Government
Complaint and
Appeal
Records19 SORN
DOL/GOVT-1
Office of
Worker’s
Compensation
Programs
(OWCP),
Federal
Employees’
Compensation
Act File20 SORN
OPM/GOVT-10
Employee
Medical File
System
Records21 SORN
18
Record Retention Schedule
These records are maintained for one year after resolution of the
case and then transferred to the Federal Records Center where
they are destroyed after three years.
All case files and automated data pertaining to a claim are
destroyed 15 years after the case file has become inactive. Case
files that have been scanned to create electronic copies are
destroyed after the copies are verified. Electronic data is retained
in its most current form only, and as information is updated,
outdated information is deleted. Some related financial records
are retained only in electronic form, and destroyed six years and
three months after creation or receipt.
The Employee Medical Folder (EMF) is maintained for the
period of the employee’s service in the agency and is then
transferred to the National Personnel Records Center for storage,
or as appropriate, to the next employing federal agency. Other
medical records are either retained at the agency for various
OPM/GOVT-9 File on Position Classification Appeals, Job Grading Appeals, Retained Grade or Pay Appeals,
Fair Labor Standard Act (FLSA) Claims and Complaints, Federal Civilian Employee Compensation and Leave
Claims, and Settlement of Accounts for Deceased Civilian Officers and Employees File on Position Classification
Appeals, Job Grading Appeals, and Retained Grade or Pay Appeals, and Fair Labor Standard Act (FLSA) Claims
and Complaints (October 1, 2013), 78 FR 60331, available at: https://www.gpo.gov/fdsys/pkg/FR-2013-1001/html/2013-23839.htmhttps:/www.gpo.gov/fdsys/pkg/FR-2013-10-01/html/2013-23839.htm.
19
EEOC/GOVT-1 Equal Employment Opportunity in the Federal Government Complaint and Appeal Records (July
30, 2002), 67 FR 49338, available at: https://www.gpo.gov/fdsys/pkg/FR-2002-07-30/html/02-18895.htm.
20
DOL/GOVT-1 Office of Worker’s Compensation Programs, Federal Employees’ Compensation Act File (January
11, 2012), 77 FR 1738, available at: https://www.gpo.gov/fdsys/pkg/FR-2012-01-11/html/2012-345.htm.
21
OPM/GOVT-10 Employee Medical File System Records (June 21, 2010), FR
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 32
Basic
Record
Category
SORN
Record Retention Schedule
lengths of time in accordance with the National Archives and
Records Administration’s records schedules or destroyed when
they have served their purpose or when the employee leaves the
agency. Within 90 days after the individual separates from the
federal service, the EMF is sent to the National Personnel
Records Center for storage. Destruction of the EMF is in
accordance with General Records Schedule-1(21). Records
arising in connection with employee drug testing under
Executive Order 12564 are generally retained for up to 3 years.
Records are destroyed by shredding, burning, or by erasing the
disk.
5
General
System
Access
6
Customer
Inquiries,
Comments
and
Complaints
DHS/ALL-022
Department of
Homeland
Security Drug
Free
Workplace22
SORN
DHS/ALL-004
General
Information
Technology
Access Account
Records System
(GITAARS)23
SORN
DHS/ALL-016
Department of
Homeland
Security
Correspondence
Records24 SORN
Records are destroyed after three years, in accordance with
National Archives and Records Administration General Records
Schedule 1, Item 36.
Records are securely retained and disposed of in accordance
with the National Archives and Records Administration’s
General Records Schedule 24, section 6, “User Identification,
Profiles, Authorizations, and Password Files.” Inactive records
will be destroyed or deleted 6 years after the user account is
terminated or password is altered, or when no longer needed for
investigative or security purposes, whichever is later.
Executive-level records are permanent, and files are cut off
annually and transferred to the National Archives and Records
Administration 10 years after cut-off date, in accordance with
National Archives and Records Administration General
Schedule N1-563-07-13-4 (Pending NARA Approval). Nonexecutive level records are destroyed after 10 years, in
accordance with a pending National Archives and Records
Administration General Records Schedule.
73694, available at: https://www.gpo.gov/fdsys/pkg/FR-2010-06-21/html/2010-14838.htm.
22
DHS/ALL-022 Department of Homeland Security Drug Free Workplace (October 31, 2008), 73 FR 64974,
available at: https://www.gpo.gov/fdsys/pkg/FR-2008-10-31/html/E8-25971.htm.
23
DHS/ALL-004 General Information Technology Access Account Records System (GITAARS) (November 27,
2012), 77 FR 70792, available at: https://www.gpo.gov/fdsys/pkg/FR-2012-11-27/html/2012-28675.htm.
24
DHS/ALL-028 Department of Homeland Security Correspondence Records System (November 10, 2008), 73 FR
66657, available at https://www.gpo.gov/fdsys/pkg/FR-2008-11-10/html/E8-26691.htm.
�Privacy Impact Assessment
DHS/CBP/PIA-032(a) HRBE
Page 33
Basic
Record
Category
7
Ethics
Programs
and
Financial
disclosures
25
SORN
Record Retention Schedule
OGE/GOVT-1
Executive
Branch
Personnel Public
Financial
Disclosure
Reports and
Other NameRetrieved Ethics
Program25
SORN
In accordance with the National Archives and Records
Administration General Records Schedule for ethics program
records, these records are generally retained for a period of six
years after filing, or for such other period of time as is provided
for in that schedule for certain specified types of ethics records.
In cases where records are filed by, or with respect to, a nominee
for an appointment requiring confirmation by the Senate when
the nominee is not appointed and Presidential and VicePresidential candidates who are not elected, the records are
generally destroyed one year after the date the individual ceased
being under Senate consideration for appointment or is no longer
a candidate for office. However, if any records are needed in an
ongoing investigation, they will be retained until no longer
needed in the investigation. Destruction is by shredding or
electronic deletion.
OGE/GOVT-1 Executive Branch Personnel Public Financial Disclosure Reports and Other Name-Retrieved
Ethics Program (May 8, 2003), FR 24744, available at https://www.gpo.gov/fdsys/pkg/FR-2003-01-22/html/031101.htm.
�
| File Type | application/pdf |
| File Title | DHS/CBP/PIA-032(a) Human Resources Business Engine (HRBE) |
| Author | U.S. Department of Homeland Security Privacy Office |
| File Modified | 2019-08-20 |
| File Created | 2019-08-19 |