Division of Personnel Security and Access Control (DPSAC),
Office of Research Services
Appointment Line: 301-496-0051
HHS ID Badge/PIV Card Rollout Scorecard
Here are the most recent NIH badging statistics provided by HHS as of June 21, 2013.
Sponsored: 38,358 Enrolled: 37,864 Issued: 37,446*
*This figure represents 97.6% of individuals who have been sponsored.
Upgrade to Physical Access Control System Software at NIH Facilities a Success
During the late hours of Friday, June 28 and into Saturday morning, June 29, NIH successfully upgraded the software that controls the Physical Access Control Systems (PACS) at the NIH main campus perimeter gates and at select buildings, offices and laboratories on and off campus that are secured with electronic badge readers.
Thanks to a carefully orchestrated team effort by everyone involved with the upgrade, including the HSPD-12 Program Office, the ORS Information Technology Branch, CIT, the Division of Police and the many IC points of contacts and other IC representatives, NIH staff entering affected sites experienced minimal inconvencience during the operation.
Congratulations to everyone involved who made this upgrade a success.
HSPD-12 Program Office Adds August NED Classes
The HSPD-12 Program Office will be offering Beginner and Advanced "NED and the PIV Process" classes on August 23 to close out its summer schedule. Quickly master NED in a hands-on computer lab environment. All classes are FREE!
* For the first time, these courses, and all future NED courses, will be posted on the CIT Training site where visitors will be able to view availability for any class and receive a confirmation immediately after registering.
The catalog of NED classes is posted at: http://training.cit.nih.gov/coursecatalog.aspx under "General Seminars." When you see a course you want to take, just click on the course name (listed in the right column of the table). You'll be taken to the HHS Learning Management System (LMS) where you can register for the course online.
To log onto the HHS Learning Management System you can use either your PIV card and PIN or your NIH credentials. If you experience any difficulties accessing the LMS, please contact the CIT Training Program at 301-594-6248 or send an e-mail to firstname.lastname@example.org.
Executive Plaza Enrollment and Badge Issuance Stations Have Moved
As of Monday June 3, 2013, the Enrollment and Badge Issuance Stations previously located at 6116 Executive Boulevard, Rooms 4138 and 4137, relocated to 9609 Medical Center Drive, Rockville. DPSAC is providing staff at the new site.
Hours of operation at these new locations are posted at: http://www.ors.od.nih.gov/ser/dpsac/Pages/contactinfo.aspx
All Standard Form Investigation Requests to be Submitted Through e-QIP as of October 1, 2013*
The Office of Personnel Management Federal Investigative Services (FIS) recently announced that: "effective 10/1/13 all Standard Form (SF) investigative requests to OPM must be submitted through e-QIP.
[Any agency] not presently [utilizing] e-QIP ... will need to proceed with moving towards e-QIP usage as soon as possible in order to meet the requirement."
FIS Notice 13-5, states that "maximum utilization of electronic questionnaires is the fulfillment of the e-Government clearance initiatives and aligns with reform goals to employ end-to-end automation to the extent practicable. ... Elimination of the acceptance of hard copy forms also eliminates resource-intensive manual processing."
The full text of Notice can be read at: FIN 13-5
* Note: NIH implemented this practice nearly a year ago.
Removing your PIV Card from your card reader will not log you off your computer-- however, after a period of inactivity, whether your PIV card is inserted in your card reader or in your card holder, your computer will log you off and you'll have to log back in with your PIV Card and PIN.
ICs that want to add LWS operators to the approved roster -- send a
written request to Richie Taffet at: email@example.com. Your request
should include the new operator's name, their IC, their NED number, as well as the operator's e-mail address, building/room and phone number.
Once Mr. Taffet has approved the request, he will forward the name(s) to HHSIdentityAdmins@deloitte.com to complete the approval process, add the name to the LWS operator roster and inform the IC that the individual is now approved to operate the LWS.
Need to make changes to the LWS operator directories? -- drop an e-mail to Lanny Newman, firstname.lastname@example.org, and let him know what needs changing (e.g., adding new operators or LWS locations, removing operators, etc.). Remember, before a new operator can be added to the LWS directory, s/he must first be approved by Richie Taffet (see preceding Helpful Tip).
If an LWS is not available in your IC or your immediate area, and you work in the greater Bethesda or Rockville area -- please call 301-451-4766 or 301-402-9755 to schedule an appointment with the Division of Personnel Security and Access Control located in Building 31, Room B1A26 or in Building 10, South Lobby, Room 1C52.
If you work outside the Bethesda/Rockville area, contact your local badge issuance office.
Subscribing to DPSAC News -- Know someone who would benefit by subscribing to DPSAC News. Have them contact Lanny Newman, newmanL@mail.nih.gov, with a request to be added to the mailing list. The HSPD-12 Program Office publishes this bi-weekly e-newsletter every other Wednesday.
Past issues get posted on the 'idbadge' website at: http://www.ors.od.nih.gov/ser/dpsac/resources/newsletter/Pages/newsletter.aspx
Where can I find information about issuing ID badges to summer students?
A. NIH badge issuance policies for incoming summer students are posted on the 'idbadge' website under: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/students.aspx.
Topics include: background checks; completing a NED record and NED sponsorship for incoming summer students; summer students at remote locations; foreign summer students; and FDA summer students. At the bottom of the page are links to three useful appendices:
* Appendix 1 -- The PIV Badge Request Form (HHS-745) with
Parental Consent attachment. Students under
the age of 18 must complete this document
* Appendix 2 -- An online Application Privacy Statement
* Appendix 3 -- A Summer Student Guide
Can agencies team up in responding to cyber attacks?
Excerpted from the July 3, 2013 "Government Computer News" article by William Jackson. To read the entire article, click on: http://gcn.com/articles/2013/07/03/nist-cybersecurity-incident-coordination.aspx
The National Institute of Standards and Technology is planning guidance on how agencies can better cooperate and respond to cybersecurity incidents.
"Unfortunately, modern computing systems frequently are exposed to various forms of cyber attack," NIST said in its recently published request for information. Despite use of defensive technologies, some attacks will be successful. The proposed special publication will help answer the question, what comes next?
"This is a challenging area," said Lee Badger, security components and mechanisms group leader in NIST's computer security division. And response is complicated by the need for cooperation when security incidents cross agency boundaries. "This happens informally a lot. It is important to do a better job of this," and the proposed guidelines could help formalize the process.
There is no timeframe at this point for publication.
NIST already has weighed in on the subject of incident response with Special Publication 800-61 Rev. 2, Computer Security Incident Handling Guide. This document offers guidance on establishing and Computer Security Incident Response Team (CSIRT) and responding to incidents within an agency. The proposed publication, which would be SP 800-150, Computer Security Incident Coordination, would focus on improving coordination between agencies and reducing delays when reacting to widespread and cross-agency computer security incidents.
"Special Publication 800-61 does cover incident coordination, but at a high level," Badger said. "There was an effort to put more guidance for distributed response into it, but we realized there was too much to do." So rather than delay the publication of SP 800-61, officials decided to create a separate document.
The new publication would focus "primarily on understanding team-to-team relationships, sharing agreements and the role that automation techniques may play in the coordination of incident response."
NIST wants to know how this is being done now, what works, what doesn't and how shared information is protected and handled. It also wants to find out what information should not or cannot be shared and what restrictions are placed on shared information. It will look at the best ways for organizations to pre-establish relationships among response teams, creating circles of trust that can help leverage expertise and facilitate cooperation by being in place before a crisis.
Fire Safety Tips for Using Microwave Ovens
This article was prepared by the Division of the Fire Marshal, ORS
Microwave ovens are used every day, both at home and in the workplace. When used properly, the microwave is safe and convenient for heating a variety of foods in a short time. When you become complacent about microwave safety, however, your appliance can cause painful burns and become a potential fire hazard.
The following tips will help make the use of your microwave oven a safe method of food preparation.
- To minimize risk of fire, never attempt to heat articles that are not approved for use in microwave ovens.
- Remove food from packaging before defrosting in a microwave oven. Do not use plastic storage containers, foam trays and plastic wraps in microwave ovens because they are not heat stable at high temperatures. Melting or warping can occur which may cause harmful chemicals to migrate into the food.
- Never use recycled paper products in microwave ovens unless they are specifically approved for microwave use. Some recycled products including paper towels and even waxed paper may contain minute metal flecks. When a microwave oven is operating, the interaction between microwaves and the metal can cause sparks and even flames.
- Do not leave a microwave oven unattended when microwaving popcorn, since the heat buildup can cause fires. Heat the popcorn according to the written instructions, but begin with the minimum time specified because some microwaves can scorch popcorn in as little as two minutes.
- If you have a fire in your microwave oven, turn it off immediately. This will stop the fan so it won't feed oxygen to the flames. Then simply wait until the fire suffocates. Never open the oven door until you are absolutely certain that the fire is out. If in doubt, call the fire department.
- Use only microwave-safe utensils. The instructions that come with each microwave oven specify what kinds of containers are safe to use and how to test the suitability of materials before use.
- Always use oven mitts to remove items from the microwave oven after cooking. Be careful when removing a wrapping or covering from a hot item. Hot steam escaping from the container, as the covering is lifted, can cause painful burns.
- Be careful when heating liquids in the microwave oven. Since the containers may only feel warm, rather than hot, they are sometimes handled with less caution. This can easily result in the splashing or spilling of a scalding liquid.
- Before allowing children to operate a microwave oven, make sure that they are instructed in the proper use, and that they are tall enough to reach the oven and handle foods safely. Over 50% of those burned using microwave ovens are under 5 years of age.
If you have any questions concerning microwave oven fire safety and burn prevention, please contact the Division of the Fire Marshal, Office of Research Services, at 301-496-0487.
A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.