Contents

Contact Us

Division of Personnel Security
and Access Control

Helpdesk: 301-402-9755
e-QIP: 301-402-9735
Appointment Line: 301-496-0051
Email: orspersonnelsecurity@mail.nih.gov

This is the September 9, 2009 issue of the DPSAC NEWS

Purchasing USB Card Readers

Eventually every computer at NIH will be required to have a smartcard reader that will work with the new HHS ID Badge (SmartCard). HHS policy requires that all newly purchased servers, desktop computers and laptops shall be equipped with a FIPS 201 certified smartcard reader.

ICs will be responsible for purchasing Smartcard Readers for existing computers that do not have one. The NITAAC ECSIII contract vehicle may be used to assist with these purchases.

To view the instructions for purchasing SmartCard readers, click on: http://nitaac.nih.gov/SmartCardPurchaseInstructions.asp. This site provides the names of Prime Contractors who have pre-competed and have been selected to provide Smartcard Readers for NIH. The pricing has been pre-negotiated and established through competition.

Note: Of the two products shown, ActivIdentity V3 is the name brand product and the SCR3310v2.0 is the generic version. The device driver (if needed) for the ActivIdenty version is installed as part of the ActivClient software install; the SCR device drivers (if needed) require downloading from the SCM website. Either unit is acceptable.

Clarification on Temporarily Lifting a Security Freeze on Credit Information

In the last issue of DPSAC News, we reported that the Office of Personnel Management (OPM), Federal Investigative Services Division (FISD), was experiencing an increase in the number of national credit bureau checks that are unobtainable due to individuals of investigation placing a security freeze on their credit file.

When OPM-FISD is unable to obtain a tri-bureau credit report due to one, two, or all three bureaus having a security freeze, the overall effect is an incomplete investigation,”
 

In the article, DPSAC's Lead Personnel Security Specialist Barbara Hardy stated that “In order to ensure the quality of OPM’s investigative products, effective immediately, if you have a security freeze in place, it must be temporarily lifted prior to submission of the e-QIP to the DPSAC office.” She noted that this requirement applies ONLY to national credit bureau checks which are conducted as extra coverage for positions of 'public trust' or higher."

Unfortunately, some readers came away thinking that this directive applies to everyone who has placed a security freeze on their credit information. This is not so. Only individuals in positions of public trust or higher are being asked to temporarily lift the security freeze on their credit file to national credit bureau checks to enable the extra coverage that is required for these positions.
 

The number of individuals falling into these categories is limited to just over 25% of the NIH workforce. For the remaining 75%, this is not applicable.

Below is the contact information for the three major credit bureaus. Individuals in positions of public trusts or higher should advise the credit bureaus to temporarily lift the freeze on their credit file at the time of submission of the e-QIP form to DPSAC and for 40 days thereafter.

• Equifax – telephone 800-685-1111 or contact them via e-mail from their website: www.equifax.com

• Experian – telephone 888-397-3742 or contact them via e-mail from their website: http://www.experian.com/freeze

• TransUnion – telephone 888-909-8872 or contact them via e-mail from their website: http;//www.transunion.com

Helpful Tips

Help in Resetting Your SmartCard PIN

If you’ve forgotten your HHS SmartCard PIN, you will need to reset it. Please e-mail facilityaccesscontrol@mail.nih.gov and provide your full name, IC, and phone number. An Access Control specialist will contact you to help you reset your PIN.

AOs Must Use their Smartcard for Sponsorship Tasks in NED

AO Sponsors are now required to login to NED using their new HHS ID Badge (PIV Card) to sponsor people for ID badges and NIH network accounts. Note: This does not apply to AOs who have not yet received their new HHS ID Badge.

For technical problems, including the installation of the USB Card Reader or completion of NED tasks, please contact the NIH Helpdesk at (301) 496-4357; for all other questions related to the process, please contact the HSPD-12 Program Office at (301) 496-3067 or HSPD12@mail.nih.gov.

News Briefs

New Secure Flight Requirements
[from the Transportation Security Administration (TSA) website]

“You should ensure that the name provided when booking your travel matches the government ID that you will use when traveling. However, TSA has built some flexibility into the processes regarding passenger name accuracy. For the near future, small differences between the passenger’s ID and the passenger’s reservation information, such as the use of a middle initial instead of a full middle name or no middle name/initial at all, should not cause a problem for the passenger. Over time, passengers should strive to obtain consistency between the name on their ID and their travel information.”

HSPD-12: What's Next?
August 19, 2009 - 2:26pm

By Suzanne Kubota
Senior Internet Editor
(reprinted from FederalNewsRadio.com)

Now that there are about 3.5 million PIV (Personal Identity Verification) cards in the hands of federal employees, the Booz Allen Distinguished Speaker Series heard on FederalNewsRadio took the opportunity this week to talk about the challenges and successes of HSPD-12 and what's next.

NIST's William MacGregor, the Program Manager of the Personal Identification Verification Program, said the small hurdles are being overcome.

"It's not the cost of the card, which is now a relatively insignificant part of the deployment. It's not the cost of a card reader..... It is the organizational cost of project management, and in particular application integration on a large scale," said MacGregor.

Corinne Irwin, Project Executive for Authentication and Authorization at National Aeronautics and Space Administration, said she's already seeing employees excited about the card's possibilities.

"What we find is that every time that we add (an)important applications to either require the use of the Smart Card or just enable the use of Smart Card, we get ...(excellent) user acceptance," noted Irwin. "It's one of the few areas where we're increasing security and making users happy at the same time" she pointed out.

Irwin predicts the use of a common credential across the government is about to reach a tipping point, "where our users start asking for things to be Smart Card enabled just to make it easier for them."

FAQs

Q. What if I lose my badge?

A. By following the instructions below, you will be able to obtain a temporary replacement badge quickly and begin the process of obtaining your permanent HHS ID Badge:

1) Report the badge as lost to your Administrative Officer (AO).

2) Proceed to the ID Badge Issuance office.

3) You will be issued an immediate temporary replacement badge good for 60 days.

4) Your AO will next complete a badge renewal process. This requires you to satisfy the PIV process (i.e., identity proofing and background investigation).

5) Personnel Security will determine your investigation requirements.

6) You will be notified to make an enrollment appointment (if you have need of a higher level investigation but have a previous investigation or have a completed fingerprint check you will also be able to make a badge issuance appointment to pick up your new badge).

If you have not completed an investigation or do not have your fingerprints on file, it generally takes 3 to 5 days for fingerprint results. Until then, you will be asked to enter the Bethesda NIH campus as a visitor. 

A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.