OPM merges security investigation databases


The Office of Personnel Management is streamlining a database with records on feds and contractors with access to security clearance investigative records, with the apparent goal of putting an additional layer of security over the actual contents of government background investigations.

The federal government is in the midst of an overhaul of the security clearance process, the result of reviews initiated in the wake of last year's deadly Navy Yard shooting, perpetrated by a cleared federal contractor with a record of mental health issues and violent behavior that did not show up in his security check.

A report to President Barack Obama released in February advised switching to an automated continuous evaluation method for updating clearances, rather than periodic reinvestigations, and using a risk-based approach to identify subjects for more intensive probes. The report also advised a coordinated, government-wide approach to managing the IT around clearance investigations and adjudications.

An OPM spokesperson told FCW that the planned changes put forth in a Feb. 27 Federal Register Notice were administrative in nature, and did not represent new policy. However, the planned changes mesh closely with the administration's goal of creating a collaborative, enterprise-wide, case-management tool for investigations. OPM plans to merge several internal databases – the Security Officer Control Files and the Adjudication Officer Control Files – with data on individuals with access to OPM facilities or systems, including OPM employees, contractors, and others who need access to OPM systems.

Notably, OPM plans to exclude records on employees and contractors working for outside agencies who were themselves the subject of investigations by OPM at the request of outside federal agencies. This would appear to constitute the meat of the OPM internal database – the case files containing information on suitability and security investigations conducted by OPM on behalf of federal agencies. The notice advises further that owing to these changes, "requests for background investigations maintained in the Adjudications Officer Control Files will be denied," presumably because they no longer reside in that system.

The changes to the records system was announced in the Federal Register as required by the Privacy Act of 1974.

It's not clear from the Federal Register notice how the investigation case files will be housed, or in whose custody. An OPM spokesperson did not shed light on the content of the notice in a brief conversation. However, isolating the investigative case files from OPM's internal employee and contractor files make sense in the context of building an interoperable system that can support the analytics necessary to conduct the kind of ongoing automated evaluations sought by the administration. However, there has been no public announcement of the creation of the kind of enterprise-wide case management system envisioned under the report to the president, so it's not clear whether the notice is part of a larger plan to prep clearance investigations records for an overhaul, or simple IT housekeeping.

OPM has also come under fire in recent months because its main investigative contractor, United States Investigative Services, is being sued for fraud over employee claims that it fast-tracked clearances without conducting the required investigations. The Justice Department joined the whistleblower suit, which is proceeding in the Washington, D.C., federal district court. USIS has until June 4 to respond to the charges. As a result of the controversy, OPM has put its own employees in charge of reviewing background checks before they are sent to the requesting agencies for adjudication.

OPM is also adding security checks to the merged system of records it is retaining. Employees will require a completed investigation or a grant of interim access before gaining access to the records contained in the unified database. Records themselves are to be stored as digital images on a secure, local network or in locked metal cabinets in a secure facility.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy, health IT and the Department of Veterans Affairs. Prior to joining FCW, Mr. Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian started his career as an arts reporter and critic, and has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, Architect magazine, and other publications. He was an editorial assistant and staff writer at the now-defunct New York Press and arts editor at the online network in the 1990s, and was a weekly contributor of music and film reviews to the Washington Times from 2007 to 2014.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.

The Fed 100

Read the profiles of all this year's winners.


  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group