OST

Within the Department of Transportation (DOT), DOT's Office of Chief Information Officer (OCIO), within the Office of the Secretary of Transportation (OST), is responsible for leading DOT's compliance with the Open Government Directive issued by the Office of Management and Budget on December 8, 2009 (OMB Memorandum M-10-06). OCIO and other OST offices (principally, the Office of Public Affairs (OPA) and the Office of General Counsel (OGC)) provide technical, programmatic and legal support for DOT-wide compliance with the Open Government Directive. OMB's Open Government Directive requires agencies to take specific actions to implement the principles of transparency, participation, and collaboration as set forth in the President's Memorandum on Transparency and Open Government, issued January 21, 2009. 

As part of its support function for Open Government, OCIO issued policies (DOT Order 1351.24 "Departmental Web Policy" and DOT Order 1351.33 "Departmental Web-Based Interactive Technologies Policy") regarding use of third-party web sites and applications. These policies permit DOT public engagement and public affairs offices and Information Technology (IT) support personnel to use third-party web sites and applications (i.e., "non-.gov" sites,[1]  such as Facebook, YouTube and Twitter) to provide information and services to the public and to provide social media tools (such as blogs) for members of the public to use to engage with DOT regarding DOT programs. On a "non-.gov" site, the third party that operates the site collects certain mandatory information about users of the site as necessary to operate the social media tools (for example, to register or enroll users to submit comments to the site or to receive information alerts from the site). The third party may also solicit and collect optional information about users of the site for the third party's own commercial purposes. The mandatory and optional information collected by the third party could include personally identifiable information (PII) about individual users. The third party could make some of this PII publicly available to other users of the site (for example, a user's personal email address may appear on the site if the user is using it as his or her public ID; "friending" may reveal some of the user's personal profile information to the user who is "friended"). In addition, individual members of the public may include other PII in their public interactions with the site (such as, by including PII in comments they submit to the site).

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and OST will have the information, tools and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing OST to achieve its mission of protecting and enhancing the U.S. transportation system. The methodology is based upon the following steps: 

•     Establish priority, authority, and responsibility. Appointing a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
•     Assess the current privacy environment. This involves interviews with key individuals involved in the WCIS system to ensure that privacy risks are identified, addressed and documented.
•     Organize the resources necessary for the project's goals. Internal OST resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks. They are also involved in developing the necessary redress systems and training programs.
•     Develop the policies, practices, and procedures. The resources identified in the paragraph above work to develop effective policies, practices, and procedures to ensure that fair information practices are complied with. The policies are designed to protect privacy effectively while allowing OST to achieve its mission.
•     Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training all individuals who will have access to and/or process personally identifiable information (PII). It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the OST project.
•     Maintain policies, practices, and procedures. Due to changes in technology, personnel and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance is required.
•     Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints are effectively addressed and corrections made, if necessary.

DEPARTMENT OF TRANSPORTATION
Departmental Office of Civil Rights

  PRIVACY IMPACT ASSESSMENT 
OnLine Accommodation Tracking System (OATS)

August 15, 2009

The Office of the Secretary (OST) oversees the formulation of national transportation policy and promotes intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of US airlines, enforcing airline consumer protection regulations, issuance of regulations to prevent alcohol and illegal drug misuse in transportation systems and preparing transportation legislation.  

The Workers' Compensation Information System (WCIS) is the Department of Transportation (DOT) Information Technology system used to manage the Department's workers' compensation program by providing features and functions to allow authorized personnel to transmit workers' compensation claims and to monitor the status of workers' compensation cases established with the United States Department of Labor (DOL) under the Federal Employee Compensation Act (FECA).

The Office of the Secretary (OST) oversees the formulation of national transportation policy and promotes intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of US airlines, enforcing airline consumer protection regulations, issuance of regulations to prevent alcohol and illegal drug misuse in transportation systems and preparing transportation legislation.  

TIPTS is a web-based procurement system that allows customers to order products from the DOT's Office of Information Services (M-30) Printing and Graphics division. TIPTS facilitates Printing and Graphics ability to manage orders, assign orders to specialists, and run reports on data in the system. Additionally, vendors contracted by DOT to complete work on the orders will be able to review bid opportunities and place bids on the orders from within TIPTS.

The Security Operations Systems are used in support of security operations processes including classified document control; monitoring performance of security checks by guard personnel; facility entry control; personnel identification (badging); and monitoring of electronic access (intrusion detection) systems. It also has a general purpose database that supports the following office functions: training; investigations; locks and keys; gun inventory; investigator credentials; lost ID cards; and contractors.  

Privacy management is an integral part of the Department of Transportation (DOT) Security Operations Systems (SOS). The Office of the Secretary (OST) has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and established methodologies. 

The Office of the Secretary (OST) oversees the formulation of national transportation policy and promotes intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of US airlines, enforcing airline consumer protection regulations, issuance of regulations to prevent alcohol and illegal drug misuse in transportation systems and preparing transportation legislation.  

Privacy management is an integral part of the Department of Transportation (DOT) PRISM System (PRISM). The Office of the Secretary (OST) has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and established methodologies.

The Office of the Secretary (OST) oversees the formulation of national transportation policy and promotes intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of US airlines, enforcing airline consumer protection regulations, issuance of regulations to prevent alcohol and illegal drug misuse in transportation systems and preparing transportation legislation.  

The Parking and Transit Benefit System (PTBS) is the Department of Transportation (DOT) Information Technology system used to manage the Transportation Subsidy Program (TSP) and facilitate the distribution of public-transport fare media to DOT and other Federal Agency employees, to schedule distribution of the fare media, to maintain an inventory of fare media on hand, and to manage the fare media billing. Also, the Office of Transportation Services (TRANServe), within the Office of the Assistant Secretary for Administration, Department of Transportation, has been given the responsibility of managing the vehicle parking resources at the DOT South East Federal Center (SEFC) Headquarters Facility. As space for parking personally owned vehicles (POV) in the area surrounding the facility is severely limited it is important to ensure that access for government-required vehicles and key DOT employees POVs is available full time within the DOT spaces. Thus, parking at the Headquarters Facility is allocated via a the DOT Headquarters Parking Application (DOT HPA) reservation system.

The Office of the Secretary (OST) oversees the formulation of national transportation policy and promotes intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of US airlines, enforcing airline consumer protection regulations, issuance of regulations to prevent alcohol and illegal drug misuse in transportation systems and preparing transportation legislation.  

As part of its support function, DOT is responsible for providing information about its programs and initiatives to the public by disseminating publications. To help fulfill this responsibility, DOT uses the Transportation Inventory Management System (TIMS) and Online Publications System (OLP) (TIMS/OLP). TIMS/OLP is used by employees and contractors working on DOT's behalf to send outgoing publications associated with DOT operations to members of the public, and to other Federal agencies, who have requested certain information. Because of the personal information contained within the system, privacy management is an integral part of the TIMS/OLP. DOT has implemented a thorough privacy management program, utilizing proven technology, methodologies, and sound policies and procedures.  

Privacy management is an integral part of the TIMS/OLP system. OST has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and established methodologies.

The Office of the Secretary (OST), within the Department of Transportation (DOT), has been given the responsibility of formulating national transportation policy and promoting intermodal transportation. Other responsibilities include negotiation and implementation of international transportation agreements, assuring the fitness of U.S. airlines, enforcing airline consumer protection regulations, issuing regulations to prevent alcohol and illegal drug misuse in transportation systems, improving the security of the national transportation system, and preparing transportation legislation.  

As part of its support function, DOT is responsible for providing information about its programs and initiatives to the public by disseminating mail correspondence. To help fulfill this responsibility, DOT uses the Mail Out Management System II (MOMS).  MOMS is used by employees and contractors working on DOTs behalf to send outgoing mail associated with DOT operations to members of the public, and to other Federal agencies, who have requested certain information. Because of the personal information contained within the system, privacy management is an integral part of the MOMS. DOT has implemented a thorough privacy management program, utilizing proven technology, methodologies, and sound policies and procedures.