DPSAC News Header

December 28, 2011 issue of the DPSAC NEWS

In This Issue
HHS ID Badge Rollout Scorecard
Thank You, and a Happy, Healthy, Safe New Year
NIH Deploys NED v3.1.1
Online Appointment System Goes Live for HHS ID Badge Certificate Renewals
Helpful Tips
News Briefs
DPSAC News - Year in Review



Contact Us


Division of Personnel Security and Access Control


Personnel Security 

Helpdesk: 301-402-9755

e-QIP: 301-402-9735

Appointment Line: 301-496-0051

E-mail: orspersonnesecurity@ 



Access Control

Helpdesk: 301-451-4766

E-mail: facilityaccesscontrol@ 


 DHHS Logo gif   NIH Logo gif    ORS jpg


HHS ID Badge Rollout Scorecard


Here are the most recent NIH badging statistics provided by HHS as of December 23, 2011.  


Sponsored: 39,526    Enrolled: 38,614   Issued: 38,241 *


*This figure represents 96.7% of individuals who have been sponsored.

Pie Chart 12-23-11

Table for 12-23-11 Pie Chart

Jan 1 from brad full size reducedThank You, and a Happy, Healthy, Safe New Year


Dear Valued DPSAC News Subscriber - 


At the end of last year DPSAC News reported that DPSAC had reached the 100% mark in issuing new HHS ID Badges (PIV Cards) to all of the approximately 34,000 Federal NIH employees, contractors and affiliates.


Not only was NIH among the first HHS OPDIVs to reach the 100% mark in issuing new HHS ID Badges to its workforce in 2010, it has continued to be among the leading OPDIVs in issuing badges as a percentage of sponsored individuals - consistently just below 97% -- throughout 2011!


DPSAC reports that cumulatively through December 23, 2011, ICs have sponsored 39,526 individuals. Of those sponsored, DPSAC enrolled 38,614 and issued new HHS ID Badges to 38,241. In 2011, DPSAC issued nearly 4,400 new HHS ID Badges.  


We would like to once again thank everyone who helped NIH achieve these impressive results, including DPSAC and HSPD-12 Program Offices staffs, the NED Team, the IT Branch in ORS, as well as the NIH Administrative community and other stakeholders at NIH.


This past year DPSAC focused on significantly reducing the time it takes to process background investigations. Toward that end, DPSAC stepped up its efforts to enforce the requirements to complete background investigation forms. Individuals who failed to complete any/all required forms in a timely manner have had their HHS ID Badge deactivated. This effort has indeed helped reduce the time to process investigations.      


As most readers of DPSAC News are aware, the HSPD-12 Program Office has been sponsoring free beginner and advanced NED classes to the NIH Administrative community and other NED users for the past three years. In 2011, nearly 300 'students' completed NED training offered at computer labs on the NIH main campus and at nearby off-campus locations. The HSPD-12 Program Office plans to continue to offer these valuable hands-on classes in 2012.


In 2011 ORS took over hosting duties for the ID Badge website, making it part of ORS's modernized public-facing website. While the official URL for the DPSAC website is http://www.ors.od.nih.gov/ser/dpsac/Pages/Home.aspx#happens, readers will still be able to access the site using the old URL (http://www.idbadge,nih.gov). The re-designed ORS website makes navigation simple and intuitive, allowing users to find ORS services easily, including information about DPSAC and the HHS ID Badge.


Also in 2011, DPSAC News began publishing on a more robust platform. The addition of graphics and other visual elements, along with dynamic links offer our subscribers an enhanced reading experience. Remember, all past issues of DPSAC News are posted to http://www.idbadge.nih.gov  under 'Resources and Forms/DPSAC Newsletter.'     


Best wishes for a happy, healthy, safe and productive New Year to you and your families.  



CAPT Theresa Minter             Richie Taffet
Director, DPSAC, ORS           Program Manager, HSPD-12 Program Office        


NIH Deploys NED v3.1.1


NED v. 3.1.1 release went live on December 19, 2011. The NIH Enterprise Directory (NED) Project Team reported that this new NED Release will be mostly transparent to NED end users (e.g., AOs, ATs) with little or no impact on NIH staff.  


The exception is that NED will support a new ORS/DPSAC policy that allows a five year maximum expiration date for all NIH staff receiving HHS ID Badges ("PIV cards").  For example, NIH contractors currently limited to receiving a two-year badge may receive a five-year HHS ID badge.  NED will set the default expiration for all HHS ID badges to five years, but AOs/ATs can override the default date when requesting a badge.    


To view the complete NED v3.1.1 release notes, click here.


Online Appointment System Goes Live for HHS ID Badge Certificate Renewals

Reprinted from the October 19, 2011 issue of DPSAC News 


Making an appointment to renew your HHS ID Badge (PIV card) certificates just got a little easier with the recent modification to the Background Information Tracking System (BITS). This modification allows users to create appointments from their desktop or laptop.


An AO receiving an applicant's request for a certificate may refer the applicant to the NIH online scheduling system link:




Note: the applicant MUST be logged into the NIH network in order to use the system.


When the applicant clicks the link, they will see the following screen:


NIH Scheduling System for Cert Renewals 

Applicants will need to enter their NIH ID Personal Identifier found on the back of the HHS ID Badge and retype the verification code. Once this information is submitted, the applicant will automatically receive an e-mail allowing them to schedule the online appointment.   


The AO has the option of creating the appointment for the individual manually in the BITS Scheduling System by following this link:




In the next several weeks, the HHS e-mail which is automatically sent to cardholders six weeks in advance of their certificate expiration date will be modified to include the link and instructions, allowing users to schedule the appointment themselves without the assistance of their AO. Below is a sample notification:  


Subject: ACTION REQUIRED: The certificates on your HHS ID Badge must be renewed


<Dear *NAME*>


You are receiving this e-mail because the PKI digital certificates loaded on your HHS ID Badge are expiring <on *DATE*> and must be renewed. The PKI digital certificates have a shorter lifespan than the expiration date printed on your HHS ID Badge.


To renew your digital certificates, you need to appear in-person at an NIH Badge Issuance location. Please copy the following link into your browser to schedule an appointment *:




You must be logged into the NIH network to access the appointment scheduler or you may call 301-451-4766 or 301-402-9755.

  • Special Note: Some Institutes and Centers have purchased a Lifecycle Work Station (LWS) that can renew your certificates. To see if your Institute or Center has an LWS, please copy this link, http://idbadge.nih.gov into your browser, then click on the link "Locating LWS Administrators by IC' under 'What's New.'

* Individuals located at the following remote sites should contact their local Badge Issuance location for a certificate renewal appointment:


-    Biomedical Research Center, Baltimore, MD

-    Rocky Mountain Labs, Hamilton, MT


Failure to renew your digital certificates <by *DATE*> will prevent you from sending and receiving encrypted e-mail, or digitally signing e-mail.


Helpful Tips  


Don't Miss a Single Issue of DPSAC News in 2012 -- if you know someone who would benefit from receiving DPSAC News, just have that person send a request to be added to the DPSAC News listserv along with his/her e-mail address to: newmanl@mail.nih.gov. Also, all past issues of DPSAC News can be found on the ID Badge website at: http://www.ors.od.nih.gov/ser/dpsac/resources/newsletter/Pages/newsletter.aspx). 


PSC Regional Offices Now Offer Badging Services to NIH Personnel --  the NIH has contracted with the Program Support Center (PSC) to offer badging services at its ten (10) Regional Offices to NIH personnel located around the country. This arrangement provides a solution for the many individuals who require enrollment or badge issuance services as well as certificate re-certifications, but travel to DPSAC's facilities in Bethesda or other satellite locations would be impractical.    


Click here to view a listing of PSC Regional Office locations and contact information as well as guidelines for obtaining HHS ID Badge Enrollment, Issuance and Maintenance services at these sites.*


Note: Individuals must call ahead for an appointment with the PSC Regional Administrative Manager (RAM) in the region closest to their office.


* Travel costs will not be borne by DPSAC.  



Do not lend your ID badge to anyone to gain access to NIH facilities -- lending out your ID card is prohibited. The issuance of the new HHS ID Badge is based on strict identity proofing and the determination of one's suitability for a specific position classification.


News Briefs


One billion contactless payment cards predicted to ship in 2016

From re:ID (an ID Technology Publication) , Fall 2011


ID Shorts -- ABI Research has released a new report predicting one billion contactless payment cards will ship globally in 2016. The estimate marks a nearly six-fold increase from the 170 million contactless cards shipped in 2010.


The report predicts that smart card shipments will overtake magnetic stripe card shipments by 2015, although ABI says that mag-stripe cards will still have a "significant hold" on the payment cards market through 2016.


It cites China as the region to watch. According to ABI, China now has 2.3 billion payment cards in circulation, all of which will need to be replaced by smart cards in the country's effort to undergo a complete transition to smart cards by 2015. 



Q. The new Federal-wide ID Badge is accepted by other Departments, but apparently visitors to the NIH campus from other Departments cannot use their Badge to enter without being screened like all other visitors. Why is that?


A. The long term plan for interoperability of Federal ID Badges has not been met by most Federal agencies. For security reasons, agencies have visitor policies they utilize to determine how to process visitors, including those from other Federal agencies. At the NIH, our current policy is to recognize other HHS ID Badges. Until the long term interoperability of Federal IDs is fully implemented, the recognition of other Federal ID Badges will vary from agency to agency.



Q. What is NIH's policy for returning an HHS ID Badge for someone leaving NIH?


A. If you plan to leave the employ of NIH, whether you're an employee, contractor or affiliate, you will need to turn in your HHS ID Badge to your Administrative Officer so that s/he can deactivate your badge in NED. The AO will turn over the deactivated badge to DPSAC.


Note: if you are moving from one Institute/Center to another, your badge will not change.  



The following FAQ appeared in the December 14, 2011 issue of DPSAC News. Since then, the HHS-wide HSPD-12 Help Desk has provided additional clarifying information on the topic of renewing expired certificates using a Lifecycle Work Station.


Q. If I discover that my HHS ID Badge certificates are expired, can I have my IC's Lifecycle Work Station (LWS) operator reissue new certificates.


A. Yes. Once your PIV Card certificates are expired, you can have them re-issued either by an LWS operator within your IC or at a DPSAC Badge Issuance Station. In either case, you will need to make an appointment.    


The HHS-wide HSPD-12 Help Desk adds that "as long as the CIS or LWS (both software operate identically in terms of certificate updates) has a pending cert update request in the SCMS, users will be able to execute a certificate update.


Issues may still arise for users who have certificates that are CONSIDERABLY overdue. For instance, if the individual has been so delinquent in getting her certificates updated that she already surpassed her new certificate expiration date. There should not be many of these instances."


DPSAC News - Year in ReviewCalendar generic from Brad 12-28-11

Some of the headlines from past issues of DPSAC News in 2011. Clicking on the date will take you to that issue of the newsletter.


January 12, 2011

Tracking Smart Card Certificate Renewal Deadlines

Smart card subscribers receive an e-mail notification from HHS 60 days before their digital certificates expire informing them that they need to update their HHS ID Badge (Smart Card).*


ICs can now track the certificate status for individuals in their organization. This information can be helpful when planning appointments with local Lifecycle Work Station (LWS) operators who will be renewing the certificates on site.


The HHS notification mentioned above does not apply to the renewal of software certificates (i.e., certificates NOT stored on the Smart Card). Individuals who need to update their software certificates should follow the instructions posted at: http://pki.nih.gov/PKI_request.htm.


News Brief  

NIH Director Francis S. Collins, M.D., Ph.D., recently sent the following notice to all NIH Employees announcing availability of a new "Guide for Identifying and Handling Sensitive Information at the NIH."


The Department of Health and Human Services (HHS), Office of Management and Budget (OMB), and Federal Information Security Management Act (FISMA) require implementation of stringent controls to protect the confidentiality, integrity, and availability of sensitive information.


In an effort to assist the NIH community in using good judgment to protect information considered to be "sensitive," we have produced the Guide for Identifying and Handling Sensitive Information at the NIH, which can be found at the following link: http://ocio.nih.gov/security/NIH_Sensitive_Info_Guide.pdf 


First NED Classes of 2011 -- Date: January 28, 2011


January 26, 2011 

Shortened Operating Schedule for Clinical Center Enrollment Station

The Enrollment Station located in the Clinical Center South Lobby (Room 1C52) will no longer offer enrollment appointments on Tuesdays and Thursdays; enrollment appointments will continue to be available Monday, Wednesday and Friday.


It is still possible to make HHS ID Badge Issuance appointments Monday through Friday at the Clinical Center Badging Center (South Lobby, Room 1C52).


Do You Know Your PIN? Countdown Begins for Logical Access

DPSAC is preparing for a possible rush of PIN resets at its Badge Issuance stations as IC's prepare to ready their computers and laptops for the eventual migration to 'logical access.'


February 9, 2011

Revoking Legacy Badges of Individuals Who Have Not Received an HHS ID Badge

The HSPD-12 Program Office reports that hundreds of NIH staff who require an HHS ID Badge have not completed enrollment and/or badge issuance. The Program Office will soon begin notifying these individuals by e-mail that they will have 30 days to complete the enrollment and badging process or their NIH legacy badge will be revoked. Once this action is taken, the badges can no longer be used to gain access to NIH facilities. Individuals who are not required to receive HHS ID Badges (e.g., Extended Visitors, Service Providers) will not be affected.


Department Revises HHS 207 Form (Request for Security Clearance)

The Office of the Secretary/Office of Security and Strategic Information (OSSI) recently announced that the HHS 207 Form, "Request for Security Clearance," has been revised. The Department is in the process of updating the OSSI intranet site to add this revised form.


February 23, 2011 

Follow these three important steps when processing individuals who are leaving NIH service --  (1) Deactivate the person's NED Record; (2) Collect the person's HHS ID Badge (or NIH Badge); (3) Send the Badge to DPSAC.


If the individual leaving NIH still has outstanding travel reimbursements through GovTrip, please be sure to leave their NED record active until all reimbursements have been completed. Deactivating the NED record prior to completing travel reimbursements will halt the GovTrip process prematurely.


March 9, 2011 

Two New Classifications in NED: Collaborator (Clinical) and Collaborator (Non-Clinical)

NED will soon add Clinical and Non-Clinical Research Collaborators to its selection of classifications to reflect the NIH Architecture Review Board's recent approval of these new categories. The new classifications will appear following the release of NED v2.9, tentatively scheduled for release on April 18, 2011.


March 23, 2011

OPM Provides Guidance on Investigation Policy for Minors

Is it ok to conduct background investigations on students under the age of 18 (minors). Until now, the rules were unclear. Some sources have indicated that it is OK to conduct background investigations on minors as long as parental consent is given. Others have said that you cannot conduct an investigation on a person under age 18.


The OPM's Agency Systems and Liaison Branch Investigative Services recently provided the following guidelines: "OPM will accept investigative requests for individuals age 16 and up. (OPM) does not define any 'parental signature' requirement."   


"...[T]he scope of our investigations will only go back to subject's 16th birthday so if a subject is 17 years old and the investigation is a 5-year coverage period, you would not get the full 5 years of coverage as we can only go back to the 16th birthday."


ID Badge Re-Issuance Procedures Guide Distributed to AO Sponsors

The HSPD-12 Program Office recently sent out an easy-to-use reference guide, "ID Badge Re-Issuance Procedures," to all IC Executive Officers for distribution to their AO Sponsors. This handy quick-reference Guide explains how to go about replacing an HHS ID Badge (Smart Card) under various circumstances: Lost or Stolen Badge; Classification Changes; Badge Renewals; Broken or Damaged Badge; and, Name Changes.


April 6, 2011 

Revised Standard Form 86 Implementation

In March 2010, the Office of Management and Budget approved the revised version of the Standard Form (SF) 86, Questionnaire for National Security Positions. The revised (form) was loaded into the Electronic Questionnaires for Investigations Processing (e-QIP) system on December 17, 2010, and is now available to other investigation service providers (ISP). The 2010 revised SF 86 will be available in e-QIP to OPM customer agencies in the spring of 2011, following training and advance coordination.


The SF 86 revisions include expanded or branching questions that allow applicants to provide more complete and accurate information about their backgrounds.


Request Goes Out to Temporarily Remove Security Freezes on Credit Information

The Office of Personnel Management (OPM), Federal Investigative Services Division (FISD), has experienced an increase in the number of national credit bureau checks that are unobtainable due to individuals of investigation placing a security freeze on their credit file. When OPM-FISD is unable to obtain a tri-bureau credit report due to one, two, or all three bureaus having a security freeze, the overall effect is an incomplete investigation.


In order to ensure the quality of OPM's investigative products, effective immediately, if you have a security freeze in place, it must be temporarily lifted prior to submission of the e-QIP to the DPSAC office.


Only individuals in positions of public trust or higher are being asked to temporarily lift the security freeze on their credit file to national credit bureau checks to enable the extra coverage that is required for these positions."  


April 20, 2011 

DPSAC to Accelerate the Initiation of Background Investigations for NIH Staff

Now that DPSAC has issued HHS ID Badges (smart cards) to all NIH staff, it is moving on to the next phase of HSPD-12 implementation. One of the important pieces is the completion of background investigations on all NIH staff that do not have a current investigation on file at the appropriate level [per Executive Order 10450 and Homeland Security Presidential Directive 12 (HSPD-12)].


NED Version 2.9 Goes Live

An updated version of NED, NED v. 2.9, went live on Monday, April 18. The NED Project team reports that the new release introduces new features requested by NED users, the Division of Personnel Security and Access Control (DPSAC), the Office of Intramural Research (OIR), and the Division of Amenities and Transportation Services (DATS) along with fixes for defects identified in the current version of NED.


May 4, 2011 

Badging Authority by Classification Table and NIH 2866 Instructions Updated

The new NED v2.9 brings many new enhancements and fixes, including the addition of the new "Collaborator" classification for which there are two variations: "Clinical" and "Non-Clinical."


The expanded "NIH Badging Authority by Classification Table" is now posted online at: http://www.idbadge.nih.gov/policies/docs/PositionCategory041511.pdf. Also, the instructions for the NIH 2866 have been updated to reflect these changes and are posted in NED.


ORS Is New Host to ID Badge Website

Starting at the close of business on Thursday May 5, 2011, the "IDBadge.nih.gov" domain name will be moving to ORS where it will become part of ORS' newly revamped public-facing website. The re-designed ORS website makes navigation simple and intuitive, allowing users to find ORS services easily, including information about DPSAC and the ID Badge.

Users of the ID Badge website may continue to access the site via the existing
 http://idbadge.nih.gov domain name.  


May 18, 2011 

DPSAC Asks ICs to Boost LWS Use to Avert Renewal Backlog

DPSAC is concerned that significant backups and delays are coming unless ICs begin stepping up use of the Lifecycle Work Stations they purchased. Only about one third of the 70 LWSs purchased and deployed by ICs were used in April for renewing expiring certificates. As the number of expired certificates grow, so will the lines at DPSAC's badge issuance stations.


June 1, 2011 

Help DPSAC Reduce Paper Consumption - Avoid Faxing Unnecessary e-QIP Documents

DPSAC is approaching full automation of the investigations process that will eliminate the need for most paper. Currently, however, customers who are faxing in their e-QIP forms to DPSAC are including many unnecessary pages that eventually wind up in the shredder. Customers can help DPSAC eliminate this unnecessary blizzard of paper by faxing only the necessary attachments and NOT faxing the investigation questionnaire itself.


NIH HSPD-12 Helpdesk Transitions to HHS-Wide HSPD-12 Helpdesk

Beginning Wednesday June 1, 2011, the NIH HSPD-12 helpdesk will transition to an HHS-wide HSPD-12 helpdesk. Any and all requests regarding IDMS portal functions, Card Issuance Station (CIS) operations, Lifecycle Workstation (LWS) operations, and Enrollment Workstation (EWS) Operations should be directed to: HHSIdentityAdmins@deloitte.com or 571-249- 2273.


The NIH administrative community should understand that general badge inquiries should still be directed to the DPSAC helpdesk at 301-402-9755. If needed, DPSAC will escalate your issue to the HHS Identity helpdesk or appropriate personnel.


HHS Revises Notification to Renew HHS ID Badge (PIV Card) Certificates

The Department of Health and Human Services (HHS) recently updated the NIH certificate renewal notification that it sends to NIH holders of the HHS ID Badge (PIV card) whose certificates are about to expire.  

In accordance with FIPS 201 guidance, HHS PIV cards (HHS ID Badges) may be valid for up to five years after issuance. However, HHS policy allows certificates on the PIV cards to be valid for no longer than three (3) years.


This difference in validity durations between the PIV card and the certificates on the card necessitates the need for a Cardholder to bring their valid PIV card (HHS ID Badge) to an Issuance Station to have their certificates renewed (replaced) before the certificates expire.


The proposed solution to this situation is to begin sending "certificate expiration notifications" to the PIV Cardholders (HHS ID Badge holders) starting six (6) weeks prior to the certificate expiration date. These... e-mails...will alert the Cardholder of the impending expiration and provide OPDIV-specific directions on how to get their certificates renewed.


June 15, 2011 

PIV Card/HHS ID Badge To Be Required For All VPN Remote Access User Logins

Beginning July 11, 2011, all users of the NIH remote access Virtual Private Network (VPN) will be required to use their PIV Card (HHS ID Badge) to login to the VPN.


June 29, 2011

Are You Ready for 2-Factor Authentication?

By now, all NIH Employees, Contractors and Affiliates should have completed their 2011 NIH Information Security Awareness Annual Refresher training that included information about 2-Factor Authentication. Below are excerpts from this training module to help ensure that everyone with access to the NIH network is optimally protected from cyber attacks.


Various Federal requirements and directives are driving a transition toward the use of 2-factor authentication - a more secure user authentication than passwords alone. This means that you will need two things to access a system: 1. Something you know, like a PIN; 2. Something you have, like a PIV Card (HHS ID Badge)

ICs have already transitioned their staffs to require this type of authentication for remote access VPN. (described in this issue of DPSAC News). You can expect an increasing number of systems will soon require two-factor authentication.


July 13, 2011 

PIV Card/HHS ID Badge Now Required For All VPN Remote Access User Logins

As of July 11, 2011, all users of the NIH remote access Virtual Private Network (VPN) are required to use their PIV Card (HHS ID Badge) to login to the VPN.


ID Badge Reissuance Procedures "Quick Reference Guide" Posted Online

The ID Badge Reissuance Procedures "Quick Reference Guide" is now viewable online under the  "What's New" section of the ID Badge main page:  http://www.ors.od.nih.gov/ser/dpsac/Pages/Home.aspx.



August 10, 2011 

The 'Key' to Accessing Encrypted E-Mails With Your New Badge or Certificate

'Key' - A cryptographic key allows a cardholder to encrypt and/or digitally sign e-mails, thereby enhancing security and confidentiality.  Keys, associated with certificates, are stored on the integrated circuit chip of the HHS ID Badge (Smart Card).


If you've been issued or re-issued a new HHS ID Badge (Smart Card) or you've renewed your Smart Card certificate, there are still some steps you'll need to take so that you can read old e-mails that were encrypted with an earlier certificate or read encrypted e-mails on external devices such as a Blackberry.


Those steps, known collectively as 'Key Recovery,' allow cardholders with valid PIV Cards (HHS ID Badges) and certificates, a card reader and applicable software, to log into the HHSIdentity PIV Portal via an HHSNet connection and recover current or expired certificates. 


HHS To Disable Inactive AMS Accounts

Due to a recent upgrade in the HHS Access Management System (AMS), HHS has begun sending out e-mail messages to any user who has not logged into their AMS account in the past 60 days. If more than 60 days have passed since the user last logged in, their AMS account will be "disabled," preventing the person from using AMS Service.


August 24, 2011

DPSAC News Getting a 'Facelift'

Starting September 7, 2011, DPSAC News will begin publishing on a more robust platform to offer our subscribers an enhanced reading experience. Readers will notice the addition of graphics and other visual elements along with dynamic links to help us tell the story better.


September 7, 2011

OPM Publishes 2012 Investigations ... Policy Changes

Notice  No. 11-07: "Discontinuing the 2008 Standard Form (SF) 86; Implementing the Fully Electronic 2010 SF86"


Effective October 1, 2011, OPM will be removing the ability to initiate new Electronic Questionnaires for Investigations Processing (e-QIP) requests on the 2008 SF 86, and paper or hardcopy submissions of the 2008 version will no longer be accepted (unless previously submitted and returned as unacceptable).


The 2010 SF 86 includes branching questions that expand based on the applicant's responses, asking for more detailed information.


September 21, 2011   

HHS Sending Out "Action Required" E-mails to Renew Digital Certificates

The Department of Health and Human Services (HHS) recently began sending "certificate renewal notifications" to HHS ID Badge holders (PIV card holders) starting six (6) weeks prior to the certificate expiration date.  These notifications alert the cardholder of the impending expiration and provide directions on how to renew certificates. 


October 5, 2011

Pharmacy Is First Clinical System in the Clinical Center to Use HHS ID Badge for Logical Access

The Clinical Center Pharmacy Department has begun requiring staff to use their HHS ID Badges (Smart Cards/PIV Cards) to access government computers.  


Lending Your HHS ID Badge Comes With Serious Consequences 

The following message from Dr. Alfred C. Johnson, Director of ORS and Chief Security Officer for NIH, which went out to all ORS and ORF staff on September 15, 2011, underscores the serious consequences that come with allowing others to use your ID Badge. Dr. Johnson's e-mail is excerpted below:  


Several recent incidents have occurred where individuals have allowed unauthorized personnel to fraudulently use their personal identification badge to access the NIH campus and buildings.  


The practice of sharing your badge to either expedite someone's campus access or to intentionally bypass the required security checks is a felony offense of 18 U.S.C., part 499 punishable by up to 5 years imprisonment and a substantial fine.  Four individuals have been arrested and are currently facing felony prosecution.  


October 19, 2011 

Online Appointment System Goes Live for HHS ID Badge Certificate Renewals

Making an appointment to renew your HHS ID Badge (PIV card) certificates just got a little easier with the recent modification to the Background Information Tracking System (BITS). This modification allows users to create appointments from their desktop or laptop.


An AO receiving an applicant's request for a certificate may refer the applicant to the NIH online scheduling system link: 



GAO Study Reveals Government Information Security Incidents Up by 650% in Past 5 Years


November 2, 2011 

Helping New Hires Sail Through Their First Day at NIH with Early and Accurate NED Entry

Entering new employees into NED before they arrive for their first day of work brings a number of time saving benefits, not only to the new hires, but also to their ICs, DPSAC and the NIH.


Exercise Care When Selecting or Changing a Position Title in NED

DPSAC wants to remind AOs that selecting the correct position title and the corresponding sensitivity level in NED must be done carefully since these selections drive the type of background investigation that will be conducted for that individual.  AOs not sure what position the person will be occupying or what position is most appropriate should check with the person's project officer or supervisor before entering the position title into NED.   


November 16, 2011 

Updated e-QIP Will Streamline PIV Process, Reduce Applicant Confusion (Hopefully) 

OPM will soon release a new version of eQIP (v. 3.0) that will offer expanded functionality and performance and should take some of the confusion out of the personal identity verification (PIV) process for applicants. 


One of the more significant changes will enable users to digitally sign e-QIP documents. This welcome feature will eliminate the laborious and time consuming process that required the applicant to print various documents, sign them, and then, upload them or mail/fax them to DPSAC....   


Prevent Inadvertent NED Record Auto-Deregistration

(from NED News 'Tip of the Month,' October/November 2011 Vol. II)


The NED support team receives many questions regarding how to prevent a NED record from being auto-deregistered. A NED record can be auto-deregistered by the not to exceed (NTE) date or a change in an external "authoritative source."  


November 30, 2011

OPM Sets Reinvestigations at Every 5 Years for 'Public Trust' Feds

Starting Dec. 9, agencies will have to reinvestigate employees in "public trust" positions every five years.


The rule identifies public trust positions as those that are "designated at a moderate or high risk level, based on the position's potential for adverse impact on the efficiency or integrity of the service."


December 14, 2011

PSC Regional Offices Now Offer Enrollment, Badge Issuance and Certificate Renewal Services to NIH Personnel    


The NIH has contracted with the Program Support Center (PSC) to offer badging services at its Regional Offices to NIH personnel located around the country. This arrangement provides a solution for the many individuals who require enrollment or badge issuance services as well as certificate re-certifications, but travel to DPSAC's facilities in Bethesda or other satellite locations would be impractical.    


e-QIP 3.0 Scheduled to Deploy in January, 2012

OPM recently announced that it will move the delivery date for e-QIP 3.0 from December 4, 2011 to January 22, 2012.  According to OPM, the additional time "will ensure appropriate connectivity and technical testing is completed."  E-QIP version 3.0 is a full system upgrade that involves changes to OPM hardware, servers, databases, and all of its connection points. 



Throughout 2011 DPSAC News ran timely safety stories prepared by Security and Emergency Response Divisions for the protection of the NIH community and their families. Below is a sampling of headlines to these stories. 

  • Spot Common Fire Safety Hazards in the Workplace
  • Get the Cold Facts about Winter Safety
  • NIH's Police Canine Unit - Protecting the NIH Workforce Ice Safety
  • Strange Odor in the Workplace? Know Who to Call for Help!
  • Fire Safety Tips for Using Microwave Ovens
  • Staying Safe When Using Your Propane-Fueled Barbecue Grills
  • Enjoy Fireworks the Safe Way - at a Public Display
  • Fire Prevention Week (October 9 - 15, 2011) ... Protect Your Family from Fire
  • Play it Safe When Using Space Heaters in NIH Buildings (ors division of fire marshal)  
A biweekly e-newsletter from the Office of Research Resources, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.