Effective March 31, 2016, the Postal Service™ is revising Handbook AS-353, Guide to Privacy, the Freedom of Information Act, and Records Management, to include these modifications which were published in the Federal Register on August 14, 2015 (80 FR 48935–48936).
The Postal Service is providing a new wellness tool to its employees by offering USPS® Health Connect, a secure application that allows end users to collect, store, and manage their personal health and wellness information in an account completely under the end user’s control. Postal Service employees will be able to voluntarily elect to use this application.
The System of Records USPS 100.450, Administrative Records Related to Digital Services, is being established to provide administrative support to assist end users with technical questions and issues concerning the USPS Health Connect application. This new system of records includes only the categories of administrative records defined below. Neither the Postal Service nor its contractors or subcontractors can view or access any health or medical information that is collected, stored, or shared by the end user when using USPS Health Connect.
Handbook AS-353, Guide to Privacy, the Freedom of Information Act, and Records Management
* * * * *
Appendix — Privacy Act Systems of Records
* * * * *
Section E. Complete Text of Systems of Records
* * * * *
[Add new System of Records USPS 100.450 to read as follows:]
USPS 100.450
System Name:
User Profile Support Records Related to Digital Service.
System Location
Contractor sites.
Categories of Individuals Covered by the System
Current and former USPS employees and their dependents that voluntarily opt-in to use USPS Health Connect.
Categories of Records in the System
1. User Profile Information: Name, date of birth, email, gender, phone, internally assigned identifier, username, physical address, EIN, contact information, customer ID(s), text message number, date of account creation, method of referral to website, date of last logon.
2. User Preferences: Communications opt in⁄opt out and preferred means of contact for service alerts and notifications, authentication methods, language.
3. Online user information: Internet Protocol (IP) address, domain name, operating system versions, browser version, date and time of first and last connection, and geographic location.
4. Identity verification information: username, user ID, email address, text message number, and results of identity proofing validation.
Authority for Maintenance of the System
39 U.S.C. 1003, 1004, and 1201-1209.
Purpose(s)
1. To provide administrative support to assist end users with technical questions and issues.
2. To provide security to deter and detect fraud.
Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses
Standard routine uses 1–9 and 11 apply.
Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing of Records in the System
Storage
Automated database, computer storage media, and digital files.
Retrievability
For System administrators and⁄or customer service representatives, by internally assigned identifier, or end user account details such as name, phone number, etc. to assist end users with access⁄use of USPS Health Connect and to understand and fulfill end user needs.
Safeguards
Contractor site utilizes a Cloud Infrastructure under Agency Authorization to Operate (ATO) using a FedRAMP accredited Third Party Assessment Organization (3PAO) for selected Cloud Service Provider services. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All physical access to data centers by contractor employees is logged and audited routinely.
Encryption and Data Security uses Federal Information Processing Standards (FIPS) compliant encryption, secure certificates for Client and Server communication authenticity, session protection certificates for end to end protection, multiple layers of protection for data confidentiality and integrity, hashes and password storage encryption, and block level encryption for the data volumes. Customer support personnel have minimum access to user profile records.
Retention and Disposal
1. Records stored in digital service are retained until (1) the end user cancels the account, (2) six years after the end user last accesses their account, (3) until the relationship ends, or (4) after reasonable notice has been provided to the end user to export their account information in the event the agreement is terminated.
2. Records existing on computer storage media are destroyed according to the applicable USPS media sanitization practice.
System Manager(s) and Address
Chief Information Officer and Executive Vice President, United States Postal Service, 475 L’Enfant Plaza SW, Washington, DC 20260.
Notification Procedure
Individuals wanting to know if information about them is maintained in this system must address inquiries in writing to the system manager. Inquiries must include full name, date of birth, physical address, email address, username, and other identifying information, if requested.
Record Access Procedures
Requests for access must be made in accordance with the Notification Procedure above and USPS Privacy Act regulations regarding access to records and verification of identity under 39 CFR 266.6.
Contesting Record Procedures
See Notification Procedure and Record Access Procedures above.
Record Source Categories
Individual end user.
* * * * *
We will incorporate these revisions into the next online update of Handbook AS-353, Guide to Privacy, the Freedom of Information Act, and Records Management, which is available on the Postal Service PolicyNet website:
n Go to http:⁄⁄blue.usps.gov.
n Under “Essential Links” in the left-hand column, click PolicyNet.
n Click HBKs.
The direct URL for the Postal Service PolicyNet website is http:⁄⁄blue.usps.gov⁄cpim.
— Privacy Office,
General Counsel and Executive Vice President, 3-31-16
