USCIS telework may add to privacy risks, IG says

Report says two USCIS service centers with higher telework rates also had higher loss rates

The U.S. Citizenship and Immigration Services agency might be putting data with personally identifiable information at a higher risk of exposure by allowing its employees to telework, according to a report issued June 13 by the Homeland Security Department’s Office of Inspector General.

The IG analyzed whether teleworking contributed to higher rates of lost files at the four USCIS service centers.

The centers together lose an average of 27,000 alien registration files each month, by in-office workers and teleworkers, the IG said. The missing files typically contain personally identifiable information such as Social Security numbers, fingerprints and photographs, the report states.


Related story:

More feds teleworking, OPM reports


The IG found that the two service centers with the highest rates of telework participation experienced the highest rates of missing files. The Vermont service center was responsible for 39 percent of the lost files; its telework participation rate was 23 percent. The Texas service center accounted for 32 percent of the lost files, and its telework participation rate was 24 percent.

The Nebraska center accounted for 17 percent of the lost files and had a 17 percent teleworking rate, while the California center was responsible for 12 percent of the lost files and had a 7 percent telework rate, the report states.

“Greater telework participation increases the risks to personally identifiable information because teleworkers are transporting more Alien Registration Files to additional locations than if the [files] were processed at the office,” the report states.

One area of risk is from vehicle accidents while the files are being transferred, according to the report. In one such accident, numerous files were “scattered out of the car and across the highway,” the report states. In another incident, the driver was incapacitated and “unable to protect the personally identifiable information being transported in the car.”

On average, a USCIS adjudicator at a service center who teleworks four days per week will transport about 2,000 files a year between the office and the telework site, the report states.

The investigation also identified privacy risks from data contained on unsecured data storage devices and privacy weaknesses due to gaps in encryption, system auditing and monitoring.

The IG recommended that USCIS identify vulnerabilities and mitigation strategies at its service centers, issue privacy rules of conduct for teleworkers, and develop privacy requirements to address removable data devices and system weaknesses.

USCIS officials agreed with the recommendations.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.