The 2010 Census is the first decennial census requiring a full accounting of Personally Identifiable Information and Non-Personally Identifiable Information Title-13 data losses. This requirement stems from the Office of Management and Budget, specifically Memorandum M-06-19 Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments. The team that created the system to collect the necessary information had limited historical data for estimating losses and workloads and limited time for creating an automated system in support of the 2010 Census. This assessment will provide information to assist 2020 Census planning for estimating workloads of number of losses in order to create a process and system for reporting and investigating Personally Identifiable Information and Non-Personally Identifiable Information data losses. This document will also provide guidance for developing a new computerized system to document and track protected data losses during the 2020 Census.
This report has four broad categories of questions:
The first question asks whether requirements were delivered with enough time to create the system, was the system delivered on schedule and did it meet the sponsor’s requirements, were there adequate licenses for Footprints (the system used for Personally Identifiable Information incident management), was there sufficient role-based access provided in the system, were changes quickly and easily implemented, and other system-specific questions.
The second question is about metrics, and includes looking at the percentage of electronic and paper forms, the impact of miscoded forms, how many individuals were needed to perform investigations, and other resource/expectation specific questions. Results include showing that the Personally Identifiable Information Management System did permit us to track all incidents as they occurred, and use the data to evaluate how protected data losses were handled during the operation.
The third question includes procedural questions, that is, how the reporting of incidents was handled, any burdens associated with tracking lost or stolen forms, number of people required to investigate incidents, issues associated with reporting form losses, and costs of mailings and credit monitoring. Results include the difficulties in assessing the large number of different types of paper forms resulting in the analyst needing additional time to investigate these incidents by sending questions back and forth about the information on the forms.
Questions about training are covered by the fourth question and include how much training was provided, various types of training for users and whether the training was adequate, were reports used as intended, processes for closing incidents, updating users within the system, call center data capture and Field Division processes for investigation, and questions regarding awareness of other area’s processes and other decennial census processes. Results include the Personally Identifiable Information Management System requirement for better documentation so training of the staff can easily include all the functionality of the system.
Core findings include the following: