| Contact Us Division of Personnel Security and Access Control (DPSAC), Office of Research Services Building 31, Room 1B03
Hours: 8:00 a.m. - 5:00 p.m. Monday - Friday Personnel Security Helpdesk: 301-402-9755 E-mail: orspersonnelsecurity@ mail.nih.gov Access Control Helpdesk: 301-451-4766 E-mail: facilityaccesscontrol@ mail.nih.gov   |
|
| |
|
Your Position Sensitivity Level - the Starting Point in the Badging Process to Safeguard the NIH Workforce
This is the second in a series that explores Position Sensitivity Levels (PSLs) and their role in the vetting and protection of the approximately 37,000 employees, contractors and affiliates who are issued a Personal Identity Verification (PIV) card (a.k.a., HHS ID Badge) and become part of the NIH workforce.
Introduction
Every person entering NIH facilities is required to have an identification badge issued by the Division of Personnel Security and Access Control (DPSAC) or the NIH Police. All federal employees, contractors and organizational affiliates who require access to federal facilities and/or information systems for a period greater than six months must complete the Personal Identity Verification (PIV)
[i]
process in order to be issued a PIV card (HHS ID Badge) or, in some cases, an NIH Restricted Local Access (RLA) Badge).
[ii]
As part of the PIV process, each position at NIH is assigned a level of risk and sensitivity that determines what type of background check will be required for that position.
While all employee, contractor and affiliate positions at NIH fall within one of three major security categories -- Non-Sensitive, Public Trust and National Security -- each position also has a defined risk and sensitivity profile that determines the type of background investigation that must be completed (Figure 1)
Figure 1
. The three main Security Categories
and the Personal Security Level(s) associated with them
A Closer Look at Non-Sensitive Level 1 Positions
The first installment in this series that appeared in the January 4, 2017
DPSAC News offered an overview of the three main security levels along with a general discussion of the position sensitivity levels that fall within each of these categories.
This article briefly reviews how to use the NIH Form 2866 in the NIH Enterprise Directory (NED) to determine if a position is a Level 1 Non-Sensitive position before taking a closer look at the "Non-sensitive" category, including the scope and cost of the Form SF85 background investigation questionnaire for non-sensitive positions. The position title "Communications and Public Liaison Professional Staff" is used here for demonstration purposes.
NED Registration
When an AO Sponsor begins the registration process for a new employee/contractor/affiliate in NED, s/he will need to select one of sixteen (16) position classifications presented in the drop down menu of the Classification field. (Examples include NIH FTE-including GS, SES; Title 42, etc.; Contractor; NIH FTE - Commissioned Corps; Collaborator (Clinical); Collaborator (Non-Clinical); Guest Researcher; Fellow; etc. In this example, the Classification field will be 'NIH FTE-including GS, SES.'
Also on that first screen, the AO will indicate whether the applicant is a Summer Student (Y/N), whether the anticipated appointment time is more than or less than six months, the SAC/Organization unit, and the position contact information (the name of the Supervisor and the Servicing AO)
On the following screen, the user will be prompted to fill out the online interactive worksheet (Form 2866) that will calculate the appropriate sensitivity level and corresponding background investigation for that NIH position.
On the Form 2866, the AO will need to complete the following steps:
Step 1 of the worksheet will display the Position Title selected (Communications and Public Liaison Professional). If you are not sure of the correct Position Title, please contact the individual's supervisor.
Step 2 automatically validates the Position Sensitivity Level for the Selected Position Title/Function as a Level 1 (i.e., the basic and minimum investigation required on all new federal employees, contractors and affiliates).
Steps 3 and 4 in the worksheet allow the AO to select "exception factors" that would elevate the minimum sensitivity level to Level 5B or Level 2 respectively (Level 2 requires a higher level background investigation than either Level 1 or Level 5B). In this example there are no exception factors to move the position to one of these higher levels.
Step 5 asks the user to "Select Additional Exception Factors Requiring No Position Sensitivity Level Changes." The only Exception Factor listed here is 'Works with children.' Applicants who work with children will require additional scrutiny in their background investigation but will remain under the Level 1 (Non-sensitive). In this example, the applicant does not work with children.
The Position Sensitivity Level and Background Investigation are revealed
Since the AO has determined that the applicant's position does not have exception factors to move him or her to a higher position sensitivity level or to an elevated background investigation, the 2866 has computed the minimum position sensitivity level and background investigation at a 'Level 1 - NACI.'
Once the Form 2866 is complete, NED will also require a Common Account Number (CAN) to cover the costs of the background investigation. The FY 2017 OPM Pricing Schedule for
the eight most commonly ordered background investigations at the NIH are posted on the DPSAC website at: https://www.ors.od.nih.gov/ser/dpsac/bgchecks/Pages/pricing.aspx
Note: When completing the NIH Form 2866 in NED, it is important never to guess! If you are not sure how to complete part of the form, DPSAC strongly advises you to reach out to the individual's supervisor. Be aware that DPSAC updates the Form 2866 against the OPM Position Designation Tool (PDT) annually to ensure compliance.
e-QIP and the SF-85 (the questionnaire for Level 1-Non-sensitive position investigations)
Once the AO completes sponsorship of the individual in NED, an applicant who needs to complete a background investigation will receive an e-mail from DPSAC with instructions to complete e-QIP (the Electronic Questionnaires for Investigations Processing) and any necessary forms.
Individuals whose position has been calculated via the NIH Form 2866 as 'Level 1 - Non Sensitive' will be asked to complete the SF85 questionnaire for non-sensitive positions provided in e-QIP.
Note: If the individual does not complete e-QIP and submit the required forms, DPSAC will not be able to issue a new ID Badge to that person. This e-mail provides a secure link to e-QIP that allows the individual to access and complete his/her background investigation form online. Access to the e-QIP system occurs only after the applicant has been sponsored for an ID badge in NED and has received his/her e-mail from DPSAC.
Non-sensitive level 1 positions require one of two types of background investigations: the National Agency Check with Inquiries [NACI] or the Child Care National Agency Check with Inquiries (CNACI). Both of these background investigations are primarily for federal employees who will not have access to classified information.
The scope of the NACI and CNACI investigations
- The National Agency Check with Written Inquiries [NACI]
This is the basic and minimum investigation required for all new federal employees. It consists of a NAC with written inquiries and searches of records covering specific areas of a person's background during the past five years. Those inquiries are sent to current and past employers, schools attended, references, and local law enforement authorities." The majority of non-sensitive positions will require a NACI (Level 1) investigation.*
-
Child Care National Agency Check with Written Inquiries [CNACI (Level 1+]
Level 1 positions that involve child care will require the CNACI (Level 1+) investigation. The CNACI, is also for Level 1 low risk positions, but is designed for federal agencies that have employees, contractors or affiliates who work with children. The scope of the CNACI includes the basic National Agency Check with Written Inquiries (NACI) as well as state criminal history repository (SCHR) checks for all states of residence and employment. Other coverage elements, such as a credit search are available by request, or when certain background conditions exist.
* Note: National Agency Check (NAC
) is an integral part of all background investigations, consisting of searches of OPM's Security/Suitability Investigations Index (SII), the Defense Clearance and Investigations Index, the FBI Identification Divison's
name and fingerprint files and other files or indices, when necessary.
|
|
|
Figure 2. A summary of the scope of the SF85 questionnaire and NACI investigation. Because of the non-sensitive nature of the position, background checks will go back for 5 years only.
|
As part of the investigation process, the applicant will be asked to complete other forms in addition to the SF85. At a minimum, s/he will need to complete the following:
- OF 306 (Declaration for Federal Employment)
- OF 612 (Employees and Affiliates) (Optional Application for Federal Employment)
- Any other required forms as directed in the e-mail
Once e-QIP is complete, DPSAC will review the submitted forms and forward them to the Office of Personnel Management (OPM) to conduct the background investigation. Once the investigation is complete, DPSAC will notify the applicant.
Some positions that fall into the non-sensitive Position Sensitivity Level (Level 1)
AO sponsors registering individuals in NED will notice that the majority of NIH positions have low-risk, non-public trust, and non-national security program responsibilities.
Below is a sampling of position types listed on the 2866 worksheet that have a corresponding Sensitivity Level 1. To view all Level 1 positions listed on the 2866, please click here.
Accounting Technician
Acquisitions Support Staff
Adjunct Investigator
Administrative / Office Support (Customer Support, Support Services Specialist, etc)
Animal Facility Operations & Management staff
Biologist
Chemist
Clinical Fellow
Collaborators (Clinical or Non-Clinical)
Committee Management Support staff
Communications and Public Liaison Professional Staff
Contracting Office Support Staff (Procurement Tech)
Dental Hygienist
Dietitian, Registered
[i]
Personal Identity Verification (PIV) is a common credentialing and standard background investigation process required by Homeland Security Presidential Directive 12 (HSPD-12).
Certain classifications of individuals who are at NIH and who require access to NIH facilities will not require fingerprinting or a background investigation. These individuals will, however, undergo a standard criminal history check that will be conducted by the NIH Police prior to being issued an alternate NIH (Legacy) ID Badge.
[ii]
A PIV card is a United States federal smart card that contains the necessary data for the cardholder to be granted access to federal facilities and information systems and assure appropriate levels of security for all applicable federal applications.
|
FAQS
Q. I have sponsored a person for an HHS ID Badge to provide him with physical and logical access to NIH. For several days the most recent NED status screen indicates, 'Waiting for DPSAC to determine investigation requirements.' Can you tell me when the next step will occur for this individual?
A.
The problem here may be that this individual currently has an HHS ID (PIV) badge that was issued by another OPDIV/STAFFDIV (e.g., FDA or CDC).
Before he can be issued an ID Badge from NIH, someone from the other OPDIV/STAFFDIV needs to revoke his current HHS ID Badge. To get help with this, please contact DPSAC at [email protected].
Q. I recently was promoted from AT to AO, and I also recently took the PIV Sponsor training to become a PIV sponsor. Unfortunately, DPSAC informed me that I am still listed as an AT and cannot be approved as an AO sponsor until I'm registered in NED as an AO. What should I do?
A. An AO in your IC will need to go to the Role Management task in NED and switch you from AT to AO. Once your AO has made this change, please forward your signed PIV Sponsor training certificate to Richie Taffet ([email protected]), HSPD-12 Program Manager, for approval. Mr. Taffet will notify you once you have been approved for Sponsor authority.
|
Helpful Tips
Do not lend your ID badge to anyone! -- lending out your ID badge is prohibited. The issuance of ID badges is based on strict identity proofing and the determination of one's suitability for a specific position classification. To do so is a criminal offense.
ALT cards -- need to be returned to the IC ALT card coordinator -
NOT to the Division of Personnel Security and Access Control (DPSAC).
All Building 31 badging services -- Enrollment, Badge Issuance and Customer Service -- now offered at a single, convenient location in 1B03. All badging services in Building 31 are available between 8:00 a.m. and 5:00 p.m., Monday through Friday. DPSAC will continue to offer Enrollment and Badging services in the South Lobby of the Clinical Center from 7:30 a.m. to 4:30 p.m. on weekdays.
Administrative Officers (AOs) who wish to obtain sponsor authority -- must complete the sponsor training (see:
http://www.ors.od.nih.gov/ser/dpsac/Training/Pages/administrators.aspx) and e-mail a copy of your signed certificate to the NIH HSPD-12 Program Office at
[email protected]. Upon receipt of the certificate, the Program Office will authorize the AO as a Sponsor.
Please note: ONLY individuals with an Administrative Officer role are eligible to be HHS ID Badge/PIV Card Sponsors.
ICs that want to add Lifecycle Work Station (LWS) operators to the approved roster -- send a written request to Richie Taffet at: [email protected]. Your request should include:
- the new operator's name
- his/her Institute or Center (IC)
- his/her NED number
- the operator's e-mail address, building/room and phone number
- the hours of operation of the Lifecycle Work Station
Once Mr. Taffet has approved the request, he will forward the name(s) to
[email protected] to complete the approval process, add the name(s) to the LWS operator roster, and inform the IC that the individual is now approved to operate the LWS.
Need to make changes to the LWS operator directories? -- drop an e-mail to Lanny Newman,
[email protected], and let him know what needs changing (e.g., adding new operators or LWS locations, removing operators, etc.). Remember, before a new operator can be added to the LWS directory, s/he must first be approved by Richie Taffet (see preceding Helpful Tip).
If an LWS is not available in your IC or your immediate area, and you work in the greater Bethesda or Rockville area -- please call 301-402-9755 to schedule an appointment with DPSAC, located in Building 31, Room 1B03 or in Building 10, South Lobby, Room 1C52.
If you work outside the Bethesda/Rockville area, contact your local badge issuance office. You can find contact information for all badge issuance offices at:
http://www.ors.od.nih.gov/ser/dpsac/Pages/contactinfo.aspx.
Know someone who should be reading DPSAC News? -- have the person contact Lanny Newman,
[email protected], and ask to be put on the mailing list.
|
Safety Corner
Help Us Help You! - Know How to Spot Common Fire Safety Hazards in the Workplace
The following fire safety awareness article was prepared by the Division of the Fire Marshal, ORS
Even though all facilities on the NIH Bethesda and Poolesville campuses are surveyed by the Division of the Fire Marshal (DFM) on a regular basis, fire safety hazards in the workplace can
still pop up. With this in mind, the NIH community should not assume the DFM is aware of and/or working to correct every fire safety hazard.
Peer responsibility plays a large part in keeping NIH facilities fire safe. Therefore, it is extremely important for the NIH community to be able to spot and correct the more common workplace fire safety hazards before a fire incident occurs.
Below are the top 10 fire safety hazards that are frequently encountered in NIH facilities that can be easily spotted, corrected, and more importantly, prevented.
1. Blocked or locked exit doors
Exit doors are required by fire codes to be unobstructed so that they are readily obvious in the event of an emergency. In addition, exits doors are required to be unlocked and readily available any time the building is occupied.
2. Storage in stairwells
Stairwells are prohibited by fire codes to be used for storage or for the installation of equipment not necessary for safety. The objective is to not use the stairwell for any purpose that has the potential to interfere with its use as an exit.
3. Fire doors propped open
Required fire doors in NIH facilities are typically doors to stairwells, mechanical/electrical rooms, and corridor doors to laboratory work areas. Fire codes prohibit the blocking or wedging of fire doors in the open position so that fire doors are always ready to serve their intended purpose -- to prevent the spread of fire, smoke and hot gases.
4. Improper use of extension cords
Make sure all extension cords and power strips are approved by the Underwriters Laboratory (UL) and have a UL label. Sometimes extension cords and power strips that are not UL approved do not have a sufficient protective coating over the wires. Electrical shocks, burns or fires can result from using unapproved equipment.
Do not "daisy chain" power strips with extension cords. In other words, do not hook several extension cords together to energize a power strip located far away from an electrical outlet. Electrical resistance increases with cord length and can cause overheating, leading to a fire or equipment failure. In addition, hooking several power strips together can result in an overload, which can cause a fire, trip a circuit breaker, or cause a loss of power to the electrical equipment plugged into the power strips.
Do not use power strips or extension cords for high power loads such as microwave ovens, refrigerators or space heaters. Power strips and extension cords are for use with low power loads such as computers and audio or visual equipment according to the Occupational Safety and Health Administration.
In addition, inspect the wattage of everything plugged into a power strip. Add up the total wattage of all items plugged into the power strip. Do not exceed the total electrical wattage the power strip or extension cord is rated to handle to avoid the hazards of a fire or damage to the electrical equipment plugged into the strip.
5. Material/equipment in corridors that impede egress
A proper means of egress allows unobstructed travel at all times. Fire codes require means of egress to be continuously maintained free of all obstructions or impediments for full instant use in the case of a fire or other emergency.
6. The use of portable space-heating devices in laboratories and health care areas
Fire codes and NIH policy prohibit portable space-heating devices in all health care areas and laboratory work areas.
7. Flammable or combustible liquids and compressed gas cylinders in corridors
NIH Policy Manual 1361 (Corridor Utilization) prohibits the use of corridors for the storage of flammable or combustible liquids and compressed gas cylinders of all sizes. The restriction on the storage of flammable or combustible liquids in corridors is intended to eliminate significant fuel sources for a fire.
Cylinders containing compressed gases present a particular hazard because of their high pressure and can act as a missile by reaching a high speed in an extremely short period of time if the valve mechanism breaks.
For additional information, please use the following link to NIH Policy Manual 1361 (Corridor Utilization):
http://oma.od.nih.gov/manualchapters/management/1361/
.
8. Tampering with fire protection equipment
Fire codes prohibit any person from tampering with or rendering any portable (i.e. fire extinguisher) or fixed fire protection system or device (i.e. automatic sprinklers, fire alarm system devices, etc.) inaccessible or obstructed from view and/or for proper operation.
9. Missing ceiling tiles
A missing ceiling tile can easily allow hot products of combustion from a fire to rise through the ceiling opening and collect in the space above the ceiling. This effect can severely delay the activation time of automatic fire sprinklers that have been installed at the ceiling level.
If you see ceiling tiles being removed by workers in your workplace, please remind the workers to have the ceiling tiles reinstalled in their exact location.
10. Use of equipment with damaged or exposed electrical wiring
Do not use equipment with wiring that is damaged, including cuts or exposed wires. In addition, do not place power cords where they can incur damage during use. Damaged wiring on extension cords or power strips can cause fires and touching a single exposed wire can cause an electrical shock or burn.
The Division of the Fire Marshal (DFM), Office of Research Services, greatly appreciates the ongoing assistance and support of the NIH community as our advocates for keeping NIH facilities fire safe.
For questions or assistance regarding any workplace fire safety matter, please contact the DFM at 301-496-0487.
###
The American Red Cross Wants You to Take the Fire Safety Pledge
Today, I pledge to take at least one of these preparedness actions:
 Install smoke alarms on every level of my home, inside bedrooms and outside sleeping
areas.
Test smoke alarms. If they're not working, change the batteries.
Talk with all of my family members about a fire escape plan and practice the plan twice a
year
________________________________
Your signature
###
Protecting your Financial Records
The Defense Finance and Accounting Service sent the following advisory to all myPay customers in a January 6, 2017 e-mail.[1]
Dear myPay customer:
This is a message to myPay users to protect your user credentials and not share with a third party.
myPay is a U. S. Government (USG) Information System that is provided for USG-authorized use only. 18 U.S.C. Section 1030 prohibits unauthorized or fraudulent access to government computer systems. You are responsible for protecting your account from potential misuse and should not provide your user ID and password to any third party to gain access to your W2 information.
Providing your myPay credentials could potentially expose your account to more access than what you expect. Remember, the instant you provide your credentials to a third party, you have given the keys to your account away and your security is potentially compromised.
The myPay user is responsible for any resultant losses from sharing credentials and will not be reimbursed by the USG
.
Protect yourself. Do not share your myPay access credentials.
Other steps to take to protect your myPay account:
- Check whether you have authorized third party access to myPay information;
- Change passwords for any shared access information of this nature;
- Choose vigilance over minor convenience -- do not share your myPay access credentials with third parties.
____________________________
DFAS pays all DoD military and civilian personnel, retirees and annuitants, as well as major DoD contractors and vendors. DFAS also supports customers outside the DoD in support of electronic government initiatives. These customers include the Department of Health and Human Services.
|
NED Training Schedule for FY '17
Description:
This course provides an overview of the NED Portal and the NIH business functions it supports from the perspective of a NED Portal user with the AO or AT role. Upon completing the course, students will have a solid working knowledge of the NED Portal and be able to perform the following tasks: Register/Activate, Update, Modify, Transfer, Badge Renewal, and Deactivate.
The course will also familiarize students with other aspects of the NED Portal so they can: set their primary SAC coverage using Preferences; determine the status of a person's ID badge and/or network account request; look up and view information in a person's NED record; and, utilize NED reporting capabilities.
Intended Audience:
New or relatively inexperienced NED Portal users with the Administrative Officer (AO) or Administrative Technician (AT) role.
Prerequisites:
Basic personal computer skills and experience with web-based computer applications.
Reasonable Accommodations/Interpreting Services:
For deaf or hard-of-hearing individuals requiring interpreting services, please enter your request online in the Interpreting Services System at least five (5) days before the start of the class.
If you have any questions regarding this service, you may contact the ORS Division of Amenities and Transportation Services (DATS) Interpreting Team at (301-402-8180). Individuals who need other reasonable accommodations to participate in any of the Center for Information Technology (CIT) Training courses should let CIT Training know at least 5 days prior to the class.
|
|
A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.
|
|
| |
|
