US Department of Education

Click to download
US Department of Education Privacy Impact Assessment Federal Student Aid (FSA) Virtual Data Center (VDC) Privacy Impact Assessment for the Virtual Data Center Date August 1, 2007 Contact Point System Owner: Chief Information Officer Author: Christine Williams Office of the Chief Information Officer U.S. Department of Education US Department of Education Privacy Impact Assessment Federal Student Aid (FSA) Virtual Data Center (VDC) 1. What information will be collected for the system (e.g., Name, Social Security Number, annual income, etc.)? The VDC serves as the host facility for FSA systems that process student financial aid applications (grants, loans, and work-study), provide schools and lenders with eligibility determinations, and support payments from and repayment to lenders. The VDC is the principal IT infrastructure component of the FSA's Target State Vision (TSV), and does not collect privacy data. Data is collected by the systems hosted at the facility. Application systems supported include, but are not limited to: Central Processing System (CPS), Participation Eligibility Post Secondary System (PEPS), National Student Loans Database Systems (NSLDS), Direct Loans (LO) Consolidation, Direct Loans Servicing Network Connectivity, FAFSA on the Web (FOTW), Personal Identification Number (PIN) web site, Student Aid Internet Gateway (SAIG), Financial Management System (FMS), Federal Family Education Loan System (FFEL). The listed applications maintain and control the type of collected data for the systems respectively. 2. Why is this information being collected? The VDC hosts most of the Department of Education’s systems that administer Federal Student Aid. The systems listed in Question One maintain and control the type of collected data for each system. The Privacy Impact Assessments addressing these systems can be found at the Department of Education’s website at: http://www.ed.gov/notices/pia/index.html. 3. How will FSA use this information? Each system that the VDC hosts uses the information for student financial aid purposes, as specified within its PIA found at the Department of Education’s website at: http://www.ed.gov/notices/pia/index.html. The VDC will not use the data outside of hosting the systems. 4. Will this information be shared with any other entity? If so, with whom? While the Virtual Data Center is a host facility and as such does not collect or disseminate data as part of infrastructure maintenance, the VDC contractor has been asked to send files/tapes on behalf of systems listed in Question One, to other agencies. For example, NSLDS (the system) exchanges data with the Social Security Administration. Please refer to each system’s Privacy Impact Assessment. In general, however, Federal Student Aid shares data with the Social Security Administration, Veterans Administration, the Internal Revenue Service, as well as with our trading partners (banks, guaranty agencies and schools). DMCS participates in the Treasury Offset Program US Department of Education Privacy Impact Assessment Federal Student Aid (FSA) Virtual Data Center (VDC) 5. Describe the notice or opportunities for consent that would be or are provided to individuals about what information is collected and how that information is shared with other organizations (e.g., posted Privacy Notice) The VDC hosts most of the Department of Education’s systems that administer Federal Student Aid. The systems listed in Question One maintain and control the type of collected data for each system, and they provide any relevant notice or opportunities for consent. The Privacy Impact Assessments addressing these systems can be found at the Department of Education’s website at: http://www.ed.gov/notices/pia/index.html. 6. How will the information be secured? (An overview of security controls described in the system security plan (Technical Controls section) would be applicable to answer this question.) The Virtual Data Center has been secured at the physical security, operating systems, databases, security and change management process, and network infrastructure levels. For example, the data center’s Wide Area Network (WAN) is FIPS 140-2 compliant, is behind a firewall, and uses government-standard access management procedures. The following list below provides some of the technical solutions employed to secure information at the VDC: • • • • • All operating systems are hardened IAW NIST and ED guidance. Intrusion Detection Systems are deployed at the Intranet and Internet edges and are actively monitored by the Security Operations Center (SOC) Every server within the VDC maintains a Host Intrusion Detection System (HIDS) that is actively monitored by the SOC All existing tape transfers with other Federal Agencies and trading partners are being upgraded to secure Electronic File Transfers (EFT) Vulnerability scans are conducted monthly to insure supporting systems and all applications are at the highest state of security and are patched accordingly 7. Is a system of records being created or updated with the collection of this information? No, a System of Records is not being created or updated because the VDC is not a System under the Privacy Act. The VDC is a data center that is responsible for hosting systems. Please refer to each individual system’s PIAs for information regarding what information is a Privacy Act System of Record within their system.

Related docs
ALASKA-DEPARTMENT OF EDUCATION
Views: 1  |  Downloads: 0
us department of education loan
Views: 46  |  Downloads: 0
Circ50 - Department of Education - Home
Views: 0  |  Downloads: 0
U.S. Department of Education
Views: 3  |  Downloads: 0
US Department of Education
Views: 0  |  Downloads: 0
DEPARTMENT OF EDUCATION
Views: 23  |  Downloads: 1
A-Project-of-the-US-Department-of-Education-NRS-Data-Detective-
Views: 0  |  Downloads: 0
Race to the Top Application for Initial Funding U.S. Department of Education
Views: 100  |  Downloads: 3
NARRATIVE REPORT TO THE U.S. DEPARTMENT OF EDUCATION
Views: 7  |  Downloads: 0
Department of Education
Views: 51  |  Downloads: 0
The US Department of Education Office of Special Education
Views: 12  |  Downloads: 0
U.S. Department of Education Character Education Grant 2008-2009
Views: 0  |  Downloads: 0
U.S._Department_of_Education
Views: 0  |  Downloads: 0
Department of Education Organizational Directory
Views: 1389  |  Downloads: 12
Other docs by bdcec4b06577cf...
Trust for relatives business associates and to continue business
Views: 251  |  Downloads: 3
Notice of division having business management responsibility
Views: 164  |  Downloads: 2
Pacific Railway Act info
Views: 723  |  Downloads: 0
Transcript of Executive Order 10730 Desegregation of Central High School
Views: 190  |  Downloads: 0
President Andrew Jacksons Message to Congress on Indian Removal info
Views: 284  |  Downloads: 0
Goodwill
Views: 259  |  Downloads: 2
Capital and contributions
Views: 340  |  Downloads: 7
President George Washingtons First Inaugural Speech info
Views: 243  |  Downloads: 0
Assignments of beneficial interests in public limited partnership assignee units
Views: 282  |  Downloads: 0
Agreement to furnish truck with driver
Views: 374  |  Downloads: 3
Lend-Lease Act info
Views: 165  |  Downloads: 0
Transcript of 14th Amendment to the US Constitution Civil Rights
Views: 209  |  Downloads: 1
Sample Executive Summary Medbase
Views: 209  |  Downloads: 0
Transcript of United Nations Charter
Views: 152  |  Downloads: 0
170 Rent Control 7 Dollar Charge
Views: 212  |  Downloads: 0