System Name:
User Profile Support Records Related to Digital Service.

System Location

Contractor sites.

Categories of Individuals Covered by the System

Current and former USPS employees and their dependents that voluntarily opt-in to use USPS Health Connect.

Categories of Records in the System

  1. User profile information: Name, date of birth, email, gender, phone, internally assigned identifier, username, physical address, employee identification number (EIN), contact information, customer ID(s), text message number, date of account creation, method of referral to website, date of last logon, and authentication method preferences.
  2. User preferences for communications: Frequency and channel opt in/opt out and preferred means of contact for service alerts and notifications, and language.
  3. Online user information: Internet Protocol (IP) address, domain name, operating system versions, browser version, date and time of first and last connection, and geographic location.
  4. Identity verification information: username, user ID, email address, text message number, and results of identity proofing validation.

Authority for Maintenance of the System

39 U.S.C. 1003, 1004, and 1201-1209.


  1. To provide administrative support to assist end users with technical questions and issues.
  2. To provide account management assistance.
  3. To provide account security and to deter and detect fraud.

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses

Standard routine uses 1–9 and 11 apply.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing of Records in the System


Automated database, computer storage media, and digital files.


For System administrators and\u2044or customer service representatives, by internally assigned identifier, or end user account details such as name, phone number, etc. to assist end users with access\u2044use of USPS Health Connect and to understand and fulfill end user needs.


Contractor site utilizes a Cloud Infrastructure under Agency Authorization to Operate (ATO) using a FedRAMP accredited Third Party Assessment Organization (3PAO) for selected Cloud Service Provider services. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All physical access to data centers by contractor employees is logged and audited routinely.

Encryption and Data Security uses Federal Information Processing Standards (FIPS) compliant encryption, secure certificates for Client and Server communication authenticity, session protection certificates for end to end protection, multiple layers of protection for data confidentiality and integrity, hashes and password storage encryption, and block level encryption for the data volumes. Customer support personnel have minimum access to user profile records.

Retention and Disposal
  1. Records stored in digital service are retained until (1) the end user cancels the account, (2) six years after the end user last accesses their account, (3) until the relationship ends, or (4) after reasonable notice has been provided to the end user to export their account information in the event the agreement is terminated.
  2. Records existing on computer storage media are destroyed according to the applicable USPS media sanitization practice.

System Manager(s) and Address

Chief Information Officer and Executive Vice President, United States Postal Service, 475 L’Enfant Plaza SW, Washington, DC 20260.

Notification Procedure

Individuals wanting to know if information about them is maintained in this system must address inquiries in writing to the system manager. Inquiries must include full name, date of birth, physical address, email address, username, and other identifying information, if requested.

Record Access Procedures

Requests for access must be made in accordance with the Notification Procedure above and USPS Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.6.

Contesting Record Procedures

See Notification Procedure and Record Access Procedures above.

Record Source Categories

Individual end user.