FIPS 201 requires new scrutiny of contractors

FIPS Publication 201: Personal Identity Verification of Federal Employees and Contractors

A surge in background investigations of federal employees and contractors could begin in October as agencies prepare to comply with a new governmentwide standard for personal identity credentials.

The Office of Personnel Management, which will conduct the investigations, has no idea how many will be requested. "It could be a lot," said Kathy Dillaman, deputy associate director of investigations at OPM's Center for Federal Investigative Services.

To gain access to federal buildings and information systems, employees and contractors will have to use identity credentials that meet the specifications of Federal Information Processing Standard (FIPS) 201. That standard requires agencies to conduct background checks on all new federal employees and a potentially large number of federal contractors before issuing identity credentials.

Most current federal employees have already been fingerprinted and had their backgrounds checked. They will not need to go through the process again.

Dillaman expects that background investigations on federal contractors will account for the greatest workload increase. Many agencies rely on contractors who have not undergone previous background checks because their work does not affect national security, Dillaman said. But under the mandatory FIPS 201 standard, those contractors will need background checks for the first time, she said.

The prospect of a background investigation could create anxiety for those who have not gone through the process before, Dillaman said. "When you're told someone's going to do a background investigation on you, of course that can be an unsettling thing," she said.

On the other hand, OPM's procedures ensure a high level of data privacy, security and accuracy, Dillaman said. OPM does not use the databases of companies such as ChoicePoint, LexisNexis and Acxiom when it conducts background checks, she said. Those companies have come under congressional scrutiny for failing to protect the personal data stored in their databases.

A prominent privacy expert who is often critical of the government for mishandling data gives OPM credit for its investigative procedures. "The federal government really knows its stuff on conducting background checks and tends to be very fair," said Pam Dixon, executive director of the World Privacy Forum, a nonprofit group that focuses on technology-related privacy issues.

However, when employees or contractors are denied identity credentials or have their credentials revoked, they should have an opportunity to appeal, Dixon said. OPM should give agencies new guidelines on handling such appeals fairly, she said, noting that today's standard adjudication procedures for background checks "did not anticipate the role that identity theft plays in messing up people's backgrounds."

Dillaman said the basic elements of a background investigation haven't changed as a result of FIPS 201.

At a minimum, the investigation requires OPM officials to complete a process known as a National Agency Check with Inquiries.

For the National Agency Check, OPM will query the Security/Suitability Investigations Index, Defense Clearance and Investigation Index, FBI Name Check, and FBI National Criminal History Fingerprint Check databases. The National Agency Check must be completed before agencies can issue identity credentials.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.