| Contact Us Division of Personnel Security and Access Control (DPSAC), Office of Research Services Building 31, Room 1B03
Hours: 8:00 a.m. - 5:00 p.m. Monday - Friday Personnel Security Helpdesk: 301-402-9755 E-mail: orspersonnelsecurity@ mail.nih.gov Access Control Helpdesk: 301-451-4766 E-mail: facilityaccesscontrol@ mail.nih.gov   |
|
| |
HHS OSSI Now Must Approve Individuals Filling Positions Requiring National Security Clearance
Since September 11, 2001, the United States has worked diligently to better secure and protect its citizens and the nation against terrorism. As an important part of these efforts, the federal government has implemented a number of policies that tighten the screening and vetting processes for current and future federal workers.
Recently, the Department of Health and Human Services (HHS) announced changes to its policies for granting national security clearances. At NIH, these changes will affect a very small segment of its workforce, namely, those who require an active security clearance and who are hired for 'non-critical sensitive' or 'critical' positions. According to DPSAC, these individuals will require special handling before they come on board.
OSSI/HHS to confirm whether a position requires a security clearance before DPSAC submits e-QIP to OPM
To be consistent with these policies and Department changes for granting national security clearance, DPSAC will now collect all required forms before the individual comes on board for any federal positions designated as 'non-critical sensitive' or 'critical.' These forms include the OF-8, the Position Description (PD), and the Request for Security Clearance form HHS-207.
Before DPSAC releases the individual's e-QIP to OPM, the
HHS Office of Security and Strategic Information (OS/OSSI) will review these forms to confirm that the current position and position sensitivity requires a security clearance.
If a new OF-8/PD is created, it must state the need for the security clearance prior to OSSI granting clearance. OSSI also requires that the PD must reflect that a security clearance is required to perform their daily duties and that security clearances are not granted for additional or collateral duties.
The goal of these policies is to maintain an effective program to ensure that access to classified information by each employee is clearly consistent with the interests of the national security.
Background
Executive Order 10450, April 1953: requires that in the interests of national security, all persons privileged to be employed in the departments and agencies of the Government, shall be reliable, trustworthy, of good conduct and character, and have complete and unswerving loyalty to the U.S.
Executive Orders 12968, August 1995: established that no employee shall be granted access to classified information unless that employee has been determined to be eligible in accordance with this order and to possess a need-to-know.
Executive Order 13467, June 2008: established a governance security clearance structure and legal basis for major changes to the government's personnel security program. It directed that the existing disparate processes for employment suitability, public trust and security clearances be aligned into a unified coherent structure.
The Director of National Intelligence (DNI) was named as the Security Executive Agent with the sole responsibility over security and public trust clearance processing.
July 2015: OPM and the Office of the Director of National Intelligence (ODNI) issued final regulations regarding the designation of national security positions in the competitive service. The purpose of this revision was to clarify the requirements and procedures agencies should observe when designating national security positions. The goal of these regulations is to simplify and streamline the system of Federal Government investigative and adjudicative processes to make them more efficient and equitable.*
These new requirements are also based on the
Intelligence Reform Act (IRTPA) of 2004 that states that all federal government agencies have been mandated to limit and/or decrease the amount of security clearance holders.
*
The Intelligence Reform and Terrorism Prevention Act of 2004 established the Office of the Director of National Intelligence (ODNI) as an
independent agency to assist the DNI. The ODNI's goal is to effectively integrate foreign, military and domestic intelligence in defense of the homeland and of United States interests abroad. This office evolved under succeeding directors, culminating in a new organization focused on intelligence integration across the community.
*
Competitive service positions are positions subject to the civil service laws passed by Congress to ensure that applicants and employees receive fair and equal treatment in the hiring process. In the competitive service, individuals must go through a competitive hiring process (i.e., competitive examining) before being appointed; one that is open to all applicants. This process may consist of a written test, an evaluation of the individual's education and experience, and/or an evaluation of other attributes necessary for successful performance in the position to be filled.
|
CIT to LWS Points of Contact: Expect a Spike in Digital Certificate Update Requests
CIT recently notified all NIH Lifecycle Work Station (LWS) Operators/Points of Contact (POC) about plans to correct errors in the PIV card digital certificates of about 3,000 people at NIH.
Below is the e-mail that went out to the LWS POCs as well as a copy of the e-mail that will be sent to those who need to update their digital certificates. This message explains why the PIV certificates need to be updated, and provides instructions on how to download new certificates.
[
E-mail sent to LWS P.O.C.s]
Subject: *FOR YOUR INFORMATION* HHS is preparing to correct errors in the digital certificates on 3,000 PIV cards
Good morning,
The purpose of this message is to give you a heads up that HHS is preparing to correct errors in the PIV card digital certificates of about 3,000 people at NIH. All 3,000 people must update their digital certificates by:
- Using the Access Card Utility (ACU), provided your Institute or Center (IC) has installed the utility on Windows computers in your organization
**OR**
- Visiting an LWS
[To view the e-mail that will be sent to individuals who need to update their digital certificates, please click here. This e-mail explains why the PIV certificates need to be updated and provides instructions on how to download new certificates].
So, if you see an influx of people at your LWS, this is why.
What You Can Do To Help
- Help people update their digital certificates. The process is the same as if they are renewing their digital certificates.
- If people ask, confirm that the attached e-mail is legitimate and not phishing or SPAM.
CIT IAM Smart Card team
|
|
OPM Publishes FY 2017 Pricing Schedule for Background Investigations
This latest pricing schedule is also posted on the DPSAC website under Background Checks
.
The Office of Personnel Management (OPM) has published the FY 2017 pricing schedule for Background Investigations in OPM
Federal Investigations Notice - No. 16-06: Investigations Reimbursable Billing Rates Effective October 1, 2016.
According to the notice, "for FY 2017, the OPM is issuing prices to fully recover an estimated 5.4% increase in the costs necessary to sustain and advance the program." To read Notice 16-06 in its entirety and view all FY 2017 billing rates, please click on the link:
Federal Investigations Notice No.16--06.
Costs for the eight most commonly ordered investigations at the NIH are listed in the table below:
|
Getting a New PIV Card Because of a Name Change
The NIH IT Service Desk is asking the administrative community to inform customers having a Name Change to contact the Service Desk/Accounts Team to process the name change on their domain and e-mail account BEFORE picking up their new PIV Card (HHS ID Badge).
Customers should not go to the badging office to get their new badge (PIV Card) prior to the name change being processed on their Domain Account.
According the NIH IT Service Desk, customers who get a new PIV card/badge prior to the Service Desk making changes on the account will need to update the certificates on the PIV card after the Service Desk makes the changes.
By waiting for the name change to be processed on their Domain Account, the customer can avoid having to update their digital certificates after they pick up their new PIV card. Following the correct sequence will also help the individual avoid any inconvenience or confusion when s/he discovers that the PIV card is not working properly.
|
Avoid Losing Your Access to the NIH Network
Individuals who fail to respond to Letters of Inquiry (LOI) from DPSAC adjudicators
or who fail to complete and submit their e-QIP in a timely manner are subject to having their logical access (i.e., access to the NIH network) deactivated.
DPSAC urges anyone receiving an LOI from its adjudication staff to respond as soon as they are in receipt of the letter.
DPSAC also wants to remind individuals that they need to complete and
submit their e-QIP and any additional required forms as soon as possible, but not later than 7 business days.
|
Helpful Tips
Do not lend your ID badge to anyone! - lending out your ID badge is prohibited. The issuance of ID badges is based on strict identity proofing and the determination of one's suitability for a specific position classification.
ALT cards -- need to be returned to the IC ALT card coordinator -
NOT to DPSAC.
All Building 31 badging services -- Enrollment, Badge Issuance and Customer Service -- now offered at a single, convenient location in 1B03. All badging services in Building 31 are available between 8:00 a.m. and 5:00 p.m., Monday through Friday. DPSAC will continue to offer Enrollment and Badging services in the South Lobby of the Clinical Center from 7:30 a.m. to 4:30 p.m. on weekdays.
AOs who wish to obtain sponsor authority -- must complete the sponsor training (see:
http://www.ors.od.nih.gov/ser/dpsac/Training/Pages/administrators.aspx) and e-mail a copy of your signed certificate to the NIH HSPD-12 Program Office at
hspd12@od.nih.gov. Upon receipt of the certificate, the Program Office will authorize the AO as a Sponsor.
Please note: ONLY individuals with an Administrative Officer role are eligible to be HHS ID Badge/PIV Card Sponsors.
ICs that want to add Lifecycle Work Station (LWS) operators to the approved roster -- send a written request to Richie Taffet at: taffetr@mail.nih.gov. Your request should include:
- the new operator's name
- his/her Institute/Center (I/C)
- his/her NED number
- the operator's e-mail address, building/room and phone number
- the hours of operation of the Lifecycle Work Station
Once Mr. Taffet has approved the request, he will forward the name(s) to
HHSIdentityAdmins@deloitte.com to complete the approval process, add the name(s) to the LWS operator roster, and inform the IC that the individual is now approved to operate the LWS.
Need to make changes to the LWS operator directories? -- drop an e-mail to Lanny Newman,
newmanl@mail.nih.gov, and let him know what needs changing (e.g., adding new operators or LWS locations, removing operators, etc.). Remember, before a new operator can be added to the LWS directory, s/he must first be approved by Richie Taffet (see preceding Helpful Tip).
If an LWS is not available in your IC or your immediate area, and you work in the greater Bethesda or Rockville area -- please call 301-402-9755 to schedule an appointment with the Division of Personnel Security and Access Control located in Building 31, Room 1B03 or in Building 10, South Lobby, Room 1C52.
If you work outside the Bethesda/Rockville area, contact your local badge issuance office. You can find contact information for all badge issuance offices at:
http://www.ors.od.nih.gov/ser/dpsac/Pages/contactinfo.aspx.
Know someone who should be reading DPSAC News? -- have the person contact Lanny Newman,
newmanl@mail.nih.gov, and ask to be put on the mailing list.
|
FAQs
Q.
I have someone coming on board who would like to avoid having to go to the NIH Gateway Visitors Center each day to obtain a temporary visitor badge while he's waiting for his PIV card from DPSAC. Can I request an extended visitor badge to give him access to campus while he waits for his badge?
A.
No. ICs should not request an extended visitor badge while waiting for a PIV card or an RLA badge from DPSAC.
|
NED Team to Deploy NED v4.0 for Increased System Security, Improved Platform to Support New Functionality
The NED team will deploy an upgraded version (v4.0) of the NED Portal during the weekend of December 9 with a go-live date of December 12. The upgraded Portal utilizes new business process management software running on new hardware. The upgrade will increase system security and provide an improved, modernized platform that will better support future system enhancements and new functionality.
How will the upgrade affect NED Portal users?
The NED Portal URL is changing, but users will be automatically redirected to the new URL starting December 12. The NED team will communicate the new URL on December 12.
After the upgrade, Portal users with the Administrative Officer (AO) or Administrative Technician (AT) role will see a few cosmetic changes, e.g., minor differences in the look and feel of their Portal Inbox. Also, after initiating a Portal task, an AO or AT won't see the Portal menu until after they complete, save or terminate the task. Click
here to view a complete list of differences between the NED v3.x and NED v4.0 Portal.
Aside from these minor differences, the NED Team expects no impact to NED Portal users.
- Current Portal processes for requesting ID badges, NIH network accounts/email, VPN remote access, etc. will remain the same.
- Portal users will perform the same tasks and see the same screens.
- Portal users will retain their current system role(s).
- Portal tasks that are pending at the time of the upgrade will be migrated to the new Portal as part of the upgrade process.
The NED Portal will be unavailable from December 9, 7PM (Eastern Time) through December 12, 7AM.
What might NED Portal users need to do?
The NED Team suggests that NED Portal users with the AO or AT role review the NED v4.0 "differences" document referenced above and contact the NED team at
nedteam@mail.nih.gov with any questions.
Why is this change happening?
Upgrading the NED business process management software and system hardware provides the following benefits:
- Increases system security by retiring previously unsupported software and hardware.
- Provides support for new features and functionality in the future.
Questions?
|
News Briefs
New Provider for Identity Theft Services
The Department recently sent the following 'HHS News' e-mail to its workforce
Sent: Wednesday, November 16, 2016 2:53 PM
To: List HHS-NEWS-ALL
Subject: New Provider for Identity Theft Services
Since 2015, the U.S. Office of Personnel Management has offered credit monitoring and identity protection services at no charge to individuals impacted by the personnel records and background investigations cyber incidents. There will be an upcoming service provider change that will affect a subset of the individuals impacted by these incidents.
OPM has taken steps to ensure that while this change is occurring there are no gaps in identity restoration and identity theft insurance coverage. Most impacted individuals will not need to take any action and can keep their current services, while others may need to enroll with a new provider if they want to continue to use credit monitoring services.
For more information about this provider change, and about the 2015 OPM cybersecurity incidents, please visit our Cybersecurity Resource Center at https://www.opm.gov/cybersecurity.
Am I affected by this change?
Two service providers, ID Experts (MyIDCare) and Winvale/CSID, currently support impacted individuals. ID Experts (MyIDCare) currently makes coverage available to 97 percent of the total population impacted by the cyber incidents.
- If you are covered by ID Experts (MyIDCare) for the background investigations incident, there is NO CHANGE to your current available coverage from ID Experts and NO ACTION is required from you at this time.
- If you are covered by Winvale/CSID for the personnel records incident, this coverage will expire on December 1, 2016. However, the same type of coverage will be available to you from a different vendor.
- If you would like to continue receiving credit monitoring services, please go to the Cybersecurity Resource Center website for information about how to re-enroll.
- If you are enrolled for credit monitoring services with Winvale/CSID, you will likely receive a communication from Winvale/CSID in the coming days explaining that your coverage is expiring.
- If you don't know if you are impacted, don't know your service provider, or need a copy of your notification letter, please visit the Cybersecurity Resource Center at https://www.opm.gov/cybersecurity for more information.
This change is the first step in OPM's efforts to extend coverage to all impacted individuals to 10 years. We will continue to provide you with credit monitoring and identity protection services updates. In addition, there are steps everyone can take to protect against identity theft, fraud, and other online crimes and malicious activity.
For more information visit Stop.Think.Connect™.
|
Safety Corner
Fire Safety During the Holiday Season
The following fire safety awareness article was prepared by the Division of the Fire Marshal, ORS
With the approach of the holiday season, many of us look forward to decorating our workplace. When planning, here are some practical guidelines to minimize fire hazards. Many of these fire safety tips are equally appropriate for your home as well.
- Christmas trees may be displayed beginning Monday, November 28, 2016 through Friday, January 6, 2017.
- Only small artificial trees are permitted in laboratory areas.
- The height of natural trees is limited to four feet. Be sure that the tree base is submerged in water at all times.
- Display trees and decorations away from room exits in a manner that does not obstruct entering or leaving the room. Trees are not permitted in corridors or stairwells.
- All artificial trees and decorations must be made of flame retardant or non-combustible materials. Non-combustible decorations are safer and preferred.
- Open flame candles (including menorahs with real candles) are not permitted.
- Because of the risk of electrical shock, lights are not to be used on aluminum trees.
These guidelines apply only to Bethesda main campus facilities. For other NIH occupied facilities, contact your local fire department for guidance.
The Division of the Fire Marshal, Office of Research Services, wishes everyone the happiest of holidays and a fire-safe and prosperous New Year.
If you have any questions concerning holiday fire safety issues in the workplace, or in the home, please contact the Office of Research Services, Division of the Fire Marshal at 301-496-0487.
|
NED Training Schedule for FY '17
Description:
This course provides an overview of the NED Portal and the NIH business functions it supports from the perspective of a NED Portal user with the AO or AT role. Upon completing the course, students will have a solid working knowledge of the NED Portal and be able to perform the following tasks: Register/Activate, Update, Modify, Transfer, Badge Renewal, and Deactivate.
The course will also familiarize students with other aspects of the NED Portal so they can: set their primary SAC coverage using Preferences, determine the status of a person's ID badge and/or network account request, look up and view information in a person's NED record, and utilize NED reporting capabilities.
Intended Audience:
New or relatively inexperienced NED Portal users with the Administrative Officer (AO) or Administrative Technician (AT) role.
Prerequisites:
Basic personal computer skills and experience with web-based computer applications.
Reasonable Accommodations/Interpreting Services:
For deaf or hard-of-hearing individuals requiring interpreting services, please enter your request online in the Interpreting Services System at least five (5) days before the start of the class.
If you have any questions regarding this service, you may contact the ORS Division of Amenities and Transportation Services (DATS) Interpreting Team at (301-402-8180). Individuals who need other reasonable accommodations to participate in any of the Center for Information Technology (CIT) Training courses should let CIT Training know at least 5 days prior to the class.
|
|
A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.
|
|
| |
|
