DPSAC News Header

September 30, 2015 issue of the DPSAC NEWS

In This Issue

Contact Us

 

Division of Personnel Security and Access Control (DPSAC),  

Office of Research Services  

 

Personnel Security 

Helpdesk: 301-402-9755

e-QIP: 301-402-9735

Appointment Line: 301-496-0051

E-mail: orspersonnelsecurity@ 

mail.nih.gov

 

Access Control

Helpdesk: 301-451-4766

E-mail: facilityaccesscontrol@ 

mail.nih.gov

 

       

        HHS logo small Logo Mark NIH Logo Mark    

NED Screens Signal When ID Badge Can be Issued & When Person Can Begin Working at NIH

Determining When an Applicant is Approved for a PIV Card or RLA Badge
DPSAC regularly fields calls from the administrative community asking about the badge status of incoming employees, contractors and affiliates. Finding where someone is in the badge approval process is as simple as checking 'View Badge History' in the NED Portal. Badge approval also signals that a person can begin working at the NIH.

As each step in the badge process is completed, the NED Portal updates 'View Badge History' with a new tracking point.

Figure 1 shows a sample chronology of 'View Badge History' tracking points pertaining to the badging process. (Click here to view an enlarged image).


Figure 1. Sample NED Screen Showing View Badge History Report

The NED team recommends the use of 'View badge History' instead of 'Track Badge Status' because the latter may not always return the expected results. Specifically, when there are two badge requests, 'Track Badge Status' will only show the request with the most recent activity.

If the most recent activity is terminating one of the requests, 'Track Badge Status' will display the request with the last action "Process Terminated," but will not display the active request. 

Authorizing ID Badge Issuance

The View Badge History "DPSAC authorized ID badge issuance" tracking point indicates that DPSAC has completed its employment suitability pre-screening process. This means that the individual has been cleared by DSPAC to begin working at the NIH.

For new federal employees, it signals to the Office of Human Resources that it can extend a final offer letter with an expected EOD (Entry on Duty) date to the prospective employee. For non-FTEs, this means that the IC can allow them to begin working.

The "Email sent to individual to pick up ID badge" tracking point indicates that the badge is available for issuance. Individuals should not report to a badging office with an expectation of receiving a badge until NED has sent this e-mail.

Note: badges cannot be issued prior to the expected EOD date.

New NED e-mail alerts OHR it can extend final offer to a new FTE

The September 16 issue of DPSAC News reported the deployment of maintenance release NED v.3.7.5 that includes functionality for NED to e-mail an OD/OHR e-mail distribution list when DPSAC completes pre-screening of a prospective NIH FTE (employee).

DPSAC pre-screening includes adjudication of the prospective employee's fingerprints and validation that the e-QIP forms completed by the prospective employee are ready for DPSAC to submit to OPM.

This added functionality will save both DPSAC and OHR considerable time and commitment of personnel in determining when OHR is able to extend a final offer letter to a prospective new employee.
 
e-QIP Requires Temporary Registration PIN binary-beams-abstract.jpg

Now that e-QIP has been reactivated, DPSAC will no longer authorize the six-month ID badge. Remember, DPSAC must receive and review the background investigation forms and release them to OPM before it can issue an HHS ID or RLA Badge.

This requirement affects all HHS Operating Divisions, including NIH.
New to the process, DPSAC will need to communicate with the applicant and supply him/her with a personalized and unique 14 character (alpha and numeric) temporary registration PIN.    

The new registration PIN will be required for the applicant to initially register his/her username and password. The applicant will enter his/her username and password each subsequent time he/she returns to e-QIP to update responses. DPSAC can phone the applicant with the new temporary registration PIN or securely e-mail it to him/her.

If the applicant's e-mail is not ".gov" or ".mil," DPSAC will send the temporary registration pin through e-QIP directly or will use the NIH Secure E-mail File Transfer service (SEFT):
 https://secureemail.nih.gov/bds/Main.do

Due to these changes, it now becomes imperative that an IC AO collect and enter into NED a current personal e-mail address and current personal phone number.


If you have any questions, please contact DPSAC at:
ORSPersonnelSecurity@mail.nih.gov
 
"Click-to-Sign" (CTS) Will Offer Faster e-QIP Review and Approval

Starting October 1, applicants completing their electronic Questionnaires for Investigations Processing (e-QIP) will have the ability to digitally sign their e-QIP Standard Form Certification page and related release forms (General, and if applicable, Fair Credit and Medical) using e-QIP's new 'Click-to-Sign' function.

This capability will extend to all federal applicants (military, employees and contractors) who use e-QIP to fill out their Standard Form.

According to Lindsay Gorewitz, Division of Personnel Security and Access Control, DPSAC, "the use of digital signatures with e-QIP will improve the efficiency, timeliness and quality of the background investigation review and approval process."

"Individuals will still have the option of printing the signature pages and hand signing and uploading them into e-QIP before releasing or delivering them to DPSAC," Gorewitz added.

OPM provides additional information about the Digitally Signed Releases on their website at: https://www.opm.gov/investigations/background-investigations/digitally-signed-releases/.

Note: applicants can only access the e-QIP system if they have been invited to do so by an appropriate official at their sponsoring agency. Individuals cannot pre-apply for a security clearance, nor update their security questionnaire unless granted access by an appropriate agency official.
   
How the individual 'digitally' signs the forms
During the electronic signature process, the individual is presented with the option to "digitally sign" the certification of his/her investigation questionnaire and supporting release forms.

The individual is not required to complete the signature process electronically, and is provided with the option to print the forms and sign them legibly using traditional pen and ink.

When digitally signing forms, the individual must use his or her self-created password which authenticates the digital signature and creates an imprinted secure code that ties the receipt to the original electronically signed document. The final record produced provides an audit trail and provides a specific logical association to all related signed material.

The individual has the ability to print the forms, as a receipt of digitally signed material is required by United States law concerning electronic signature transactions.

Individuals are prompted to perform this print action immediately following each digital signature as record of, and assurance that the form was successfully electronically signed and saved in the e-QIP system.

The resulting signature appears as:



The Office of Personnel Management-Federal Investigative Services (OPM-FIS) has the authority to allow subjects to digitally sign their release pages in accordance with Public Law 105-277, Title XVII which states "Releases that are digitally signed are as valid as those with handwritten signatures."  Each background investigation conducted by OPM is accomplished with the full knowledge and consent of the subject of the investigation.

See also CTS FAQs below.


NIH Begins Enforcing REAL ID Act October 10

Will Require Use of 'Compliant' Drivers' Licenses and ID Cards to Access Federal Facilities Requiring Proof of Identity


The Department of Homeland Security (DHS) recently sent its federal partners a reminder that on October 10, DHS will implement REAL ID Phased 3b Enforcement.


As of that date, federal agencies are prohibited from accepting driver's licenses or identification cards issued by non-compliant states for the purpose of accessing military facilities and federal facilities rated at Facility Security Levels 3, 4, or 5 and military facilities. NIH is a Security Level 3 facility.


Currently, this restriction only applies to driver's licenses and identification cards from Louisiana, Minnesota, New Hampshire, New York, and American Samoa. 

As this list is subject to periodic revision, agencies may refer to the most recent list at http://www.dhs.gov/secure-drivers-licenses.

Currently the DHS process to review state extension applications will prevent any additional states from being added to the non-compliant list until mid-January when it releases its findings. This will also minimize any confusion regarding non-compliant state status.

The Interagency Security Committee has produced a guide to REAL ID that can be found online at:

What is REAL ID?
REAL ID is a coordinated effort by the states and the federal government to establish minimum standards for the production and issuance of state-issued driver's licenses and identification cards to improve the reliability and accuracy of state-issued identification documents.

Current regulations state that federal agencies "may not accept state-issued driver's licenses or identification cards for official purposes from individuals unless the license or card is REAL ID-compliant and was issued by a compliant state as determined by DHS."   
 
Helpful Tips

Do not lend your ID badge to anyone!
--
lending out your ID Badge is prohibited. The issuance of ID badges is based on strict identity proofing and the determination of one's suitability for a specific position classification.

AOs who wish to obtain sponsor authority --
must complete the sponsor training (available at:http://www.ors.od.nih.gov/ser/dpsac/Training/Pages/administrators.aspx) and e-mail a copy of your signed certificate to the NIH HSPD-12 Program Office at hspd12@od.nih.gov. Upon receipt of the certificate, the Program Office will authorize the AO as a sponsor.

ICs that want to add Lifecycle Work Station (LWS) operators to the approved roster -- send a written request to Richie Taffet at: taffetr@mail.nih.gov. Your request should include:  
  • the new operator's name
  • his/her IC
  • his/her NED number
  • the operator's e-mail address, building/room and phone number
Once Mr. Taffet has approved the request, he will forward the name(s) to HHSIdentityAdmins@deloitte.com to complete the approval process, add the name(s) to the LWS operator roster, and inform the IC that the individual is now approved to operate the LWS.

Need to make changes to the LWS operator directories?
-- drop an e-mail to Lanny Newman,
newmanl@mail.nih.gov, and let him know what needs changing (e.g., adding new operators or LWS locations, removing operators, etc.). Remember, before a new operator can be added to the LWS directory, s/he must first be approved by Richie Taffet (see preceding Helpful Tip).

If an LWS is not available in your IC or your immediate area, and you work in the greater Bethesda or Rockville area -- please call 301-451-4766 or 301-402-9755 to schedule an appointment with the Division of Personnel Security and Access Control located in Building 31, Room B1A26 or in Building 10, South Lobby, Room 1C52.    
 

Know someone who could benefit by receiving DPSAC News? -- just have that person contact Lanny Newman, newmanl@mail.nih.gov, and ask to be put on the mailing list.   
 
"Click to Sign" (CTS) Frequently Asked QuestionsCTS  

Q.
What is "Click to Sign?"

A.
Click to Sign (CTS) is a function that allows the individual to sign his or her certification page, as well as their General release and any other applicable release(s), such as Fair Credit and/or Medical, digitally by utilizing their e-QIP password.


Q.
What is the benefit of CTS?

A.
With Click-to-Sign (CTS) capability, the e-QIP applicant's electronic signature is authenticated, allowing the applicant to complete and submit all required documentation online.

The applicant will no longer have to print out, sign and deliver in person or mail the e-QIP documents to DPSAC (or the appropriate security office at off-campus locations). Also, CTS will help DPSAC expedite the investigation review and approval process before sending the e-QIP documents on to OPM.


Q.
Is Click to Sign a secure method that I can use to sign my investigation request in e-QIP?
 
A. Yes. There are multiple levels of authentication that occur throughout the e-QIP process:

   * An individual can only gain access to e-QIP through an invitation from a sponsoring federal agency

   * The individual's invitation is active for a restricted number of days during which time the individual proceeds to fill out their standard form.

   * Authentication occurs every time the individual logs into e-QIP by using their username and password.

   * During the initial login to e-QIP, the individual must provide specific identifying information, choose a username and password, and choose and answer three challenge questions unique only to them.

   * An e-QIP session will timeout if the individual remains inactive for 15 minutes. This procedure reduces the 'Authentication Risk' of allowing anyone other than the applicant from logging on or accessing information.


Q. How does an applicant digitally sign the forms?

A. During the electronic signature process, the individual is presented with the option to sign his or her forms digitally by using a self-created password for authentication. The final record produced provides an audit trail and data code for all related signed material.

The individual is not required or forced to complete the signature process electronically. e-QIP will allow the individual to print their forms and sign using traditional pen and ink.


Q. Will OPM mandate that all of our applicants use CTS from this point forward?

A. No. OPM cannot force applicants to use CTS. Applicants will have the option to print and sign their signature pages as they do today. OPM asks our customer agencies to encourage their applicants to use CTS to the widest extent possible to improve the efficiency of the case process.


Q. What regulations were followed to ensure the validity of a digital signature?

A. The electronic signature implemented within e-QIP was designed to satisfy Federal e-SIGN and applicable State UETA laws, as well as federal information processing and security standards.

Safety Corner

Fire Prevention Week 2015 (October 4 - 10, 2015)

 
The following fire safety awareness article was prepared by the Division of the Fire Marshal, ORS
 
This year the Fire Prevention Week campaign, "Hear the Beep Where You Sleep," takes aim at ensuring every room used for sleeping in your home has a working smoke alarm. In fact, working smoke alarms cut the risk of dying in home fires in half!

Home fires in the United States continue to claim many lives each year. In fact, 85 percent of all fire deaths occur in the home, and the majority happen at night when most people are sleeping.

Most people think they have at least 6 minutes before a fire in their home would become life threatening. The time available is often less. Data indicates that a typical living room fire can become deadly in only two minutes or less. Smoke alarms are an important first line of defense against fire. But if they don't work, they can't protect you.

It is essential for every household to have working smoke alarms. Data indicate that 40 percent of home fire deaths happen in homes with no smoke alarms and another 23 percent happen in homes with smoke alarms that don't work. When smoke alarms fail to sound (beep), it's usually because they have missing, dead, or disconnected batteries.
 
The Division of the Fire Marshal, Office of Research Services is strongly urging the NIH community to ensure their homes, sleeping rooms, and loved ones are adequately protected by using battery operated smoke alarms in their residences.

Most fatal home fires begin in one room and then kill people elsewhere in the house. This occurs after the fire has reached extremely high temperatures in the room where it began and then smoke and toxic gases migrate to other areas. These fires are readily detected by all common types of smoke detectors in time for sleeping occupants to awaken and safely escape.

Smoke alarms are not created equally. Hard-wired smoke alarms will not work during a power outage, unless they are equipped with a battery back-up and many are not so equipped.

Homeowners are strongly urged to install battery operated smoke alarms in order to provide maximum protection when power is interrupted, a common occurrence during thunderstorms and heavy snow storms.

Smoke alarms must be properly located, installed and maintained in order to be effective. To afford adequate protection, smoke alarms must be:

1. located on each level of the dwelling unit, including basements;
2. located in all sleeping rooms and outside of each separate sleeping
    area, in the immediate vicinity of the sleeping rooms;
3. installed properly and in working condition; and
4. tested at least once a month by pushing the "test button." Batteries
    should be routinely replaced twice a year.
 
Smoke alarms generally have a useful life expectancy of 10 years. It is wise to check the date of manufacture for your smoke alarms and replace them as you deem appropriate.

Remember, at the first sound of the alarm, all occupants should evacuate, call the fire department from a phone away from the house and remain out of the house until the responding firefighters allow reentry.

If you experience a fire in your home, and your house contains properly installed and maintained smoke alarms, the chances of serious injury or death are significantly reduced.

Working smoke alarms save lives! Test yours every month!

If you have any questions regarding residential smoke alarms, including detailed advice on their proper placement in your home, please contact the Division of the Fire Marshal, ORS at 301-496-0487.
 
            Smoke Alarm 2                    Smoke Alarm 2                  Smoke Alarm 2               
 
A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.