An official website of the United States government.

This is not the current EPA website. To navigate to the current EPA website, please go to This website is historical material reflecting the EPA website as it existed on January 19, 2021. This website is no longer updated and links to external websites and some internal pages may not work. More information »

Privacy Impact Assessment for the Hotline Allegation System for the Office of Inspector General

On this page:

I. Data in the System

  1. Generally describe what data/information will be collected in the system.

    The OIG Hotline Allegation System is used to record and track allegations of waste, fraud and abuse at the Environmental Protection Agency (EPA). Individuals may call, write by mail, send an E-Mail or FAX information to the EPA Hotline about waste, fraud or abuse. The Hotline system is used by Office of Inspector General staff in the Office of Investigations (OI). OI hotline staff is responsible for entering data in the system. Persons making allegations do not have access to the system. Only OIG staff assigned to the hotline and their managers and computer maintenance personnel have access to this system.

    The data collected includes identifying information about the person or persons making an allegation including name, home address, e-mail address, business address or other locating data. Information about the nature of the allegation and incidences that occurred is also recorded. Information about individuals that may be involved in incidences that could lead to waste, fraud or abuse may be recorded.

    The OIG Hotline Allegation system does not use a person's Social Security Number (SSN) as an identifier. Social Security Numbers are not collected and are not required for this system. However, if someone were to disclose their or another person's Social Security Number for informational purposes, that Social Security Number may be recorded in the system. There are no input screens, output screens or reports that contain Social Security Number. Records in the database are accessed using a person's name or assigned file number.

  2. What are the sources and types of the information in the system?

    The EPA OIG hotline receives complaints of fraud, waste, and abuse in EPA programs and operations including mismanagement or violations of law, rules, or regulations by EPA employees or program participants. Complaints may be received directly from EPA employees, participants in EPA programs, or the general public.

    The EPA OIG hotline is staffed by the OIG Office of Investigations in Washington, DC. Hotline complaints may be submitted by mail, telephone, fax, or e-mail. Hotline complaints are reviewed by auditors, evaluators, and/or criminal investigators as conditions warrant. Upon receipt of a specific allegation of fraud, waste, abuse, or mismanagement, the OIG may take any one of the following actions:

    1. Open an OIG investigation or audit;
    2. Refer the matter to EPA management for appropriate review and action; or
    3. Refer the allegation to another Federal or State agency, including the Federal Bureau of Investigation or other appropriate law enforcement.

    All allegations are acknowledged and matters within the purview of the OIG are monitored until the necessary resolution action is planned or taken. Allegations with limited specificity or merit may be held in abeyance until further specific details are reported. Complaints are analyzed to identify trends which should be considered in the audit and investigative planning processes.

    Complaints Made by EPA Employees

    In accordance with section 7(b) of the Inspector General Act of 1978, as amended, the OIG shall not, after receipt of a complaint or information from an EPA employee, disclose the identity of the employee without the consent of the employee unless the Inspector General determines such disclosure is unavoidable during the course of an investigation. Any identifying information is confidential source material, and OIG employees must not disclose such information except to other OIG employees who have a need to know in connection with their official duties.

    Complaints Made by Other Persons

    Complainants who are not EPA employees do not have an automatic right to confidentiality under section 7(b) of the Inspector General Act of 1978. However, non-EPA employees may specifically request confidentiality, and the OIG will protect the confidentiality of such complainants to the maximum extent permitted by law (for example, by using applicable exemptions and exclusions of the Freedom of Information Act and applicable exemptions of the Privacy Act).

    For contact purposes, persons reporting allegations may need to give identifying information including their name, address, home, work and possibly cell phone numbers, e-mail addresses and detailed information pertaining to the allegation. Also, callers may implicate individuals and give details about individuals that may be involved in an incidence of waste, fraud or abuse. EPA staff may be protected under the Whistleblowers Act.

    In terms of database security, the information recorded in the Hotline Allegation System is protected by restricting access to OI staff that performs hotline duties and their supervisors. The database has limited access to insure data reliability and protect the privacy of the complainant.

  3. How will the data be used by the Agency?

    Information collected from individuals making allegations is used by Office of Inspector General personnel assigned to review each allegation. OIG personnel assigned may be OIG Special Agents, auditors, or other staff based on the nature of the allegation and requirements for the assignment. The data for each individual case are confidential and access is limited to only the OIG staff assigned the case, their supervisors and managers, and hotline allegation staff who have a need to know the details of the allegation. As the case progresses, details about the allegation may be given to other individuals as the need requires.

  4. Why is the information being collected? (Purpose)

    The purpose of the EPA OIG Hotline is to receive complaints of fraud, waste, or abuse in EPA programs and activities including mismanagement or violations of law, rules, or regulations by EPA employees or program participants. Examples of reportable violations include:

    • Contract, procurement, and grant fraud
    • Bribery and acceptance of gratuities
    • Significant mismanagement and waste of funds
    • Conflict of interest
    • Travel fraud
    • Abuse of authority
    • Theft or abuse of Government property
    • Computer crime

Top of Page

II. Access to the Data

  1. Who will have access to the data/information in the system (internal and external parties)? If contractors, are the Federal Acquisition Regulations (FAR) clauses included in the contract (24.104 Contract clauses; 52.224-1 Privacy Act Notification; and 52.224-2 Privacy Act)?

    Access to the OIG Hotline Allegation System is limited to hotline supervisors, managers, and staff, and those who have a need to know on a case by case basis. Also, three computer maintenance personnel from the OIG's Office of Mission Systems have access to perform software or hardware maintenance including security profile changes. No parties external to the EPA OIG have access to the OIG Hotline Allegation system. It is primarily a tracking tool to record information about a hotline allegation and is used to track individual allegations until a satisfactory completion.

  2. What controls are in place to prevent the misuse of data by those having authorized access?

    The OIG Hotline Allegation System access is restricted to nine individuals. Profiles and levels of access are setup under Lotus Notes security. The OIG requires background investigations on all employees including those that have access to the OIG Hotline Allegation System and these employees are cleared to look at confidential level data. Based on the background checks, the OIG relies on the personal integrity of the staff that have access to the OIG Hotline Allegation System. Access is granted to Hotline staff and their two OI supervisors. Also, three computer specialists from the Office of Mission Systems have access to perform software maintenance and update security profiles as the need warrants.

  3. Do other systems share data or have access to data/information in this system? If yes, explain who will be responsible for protecting the privacy rights of the individuals affected by the interface? (i.e., System Administrators, System Developers, System Managers)

    This system does not share data with any other system and there are no linkages between this system and other computer based systems.

  4. Will other agencies, state or local governments share data/information or have access to data in this system? (Includes any entity external to EPA.)

    No.  Federal, state or local government organizations share information or have access to data in this system. However, based on the nature of the investigation, audit or review of the allegation, an individual agent, auditor, or staff member of the OIG may disclose information about the allegation, based on a need to know, to persons being interviewed or contacted as part of the case resolution.

  5. Do individuals have the opportunity to decline to provide information or to consent to particular uses of the information? If yes, how is notice given to the individual? (Privacy policies must clearly explain where the collection or sharing of certain information may be optional and provide users a mechanism to assert any preference to withhold information or prohibit secondary use.)

    Those choosing to contact the OIG Hotline do so voluntarily. The OIG internet site explains when the identity of complainants is protected and the hotline accepts anonymous complaints. EPA employees are protected by the Whistleblowers Act, as amended. Non EPA employees are not guaranteed a right to privacy, but may request anonymity when making an allegation.

Top of Page

III. Attributes of the Data

  1. Explain how the use of the data is both relevant and necessary to the purpose for which the system is being designed.

    The EPA Office of Inspector General is tasked with following up on reports of waste, fraud and abuse within EPA programs. The OIG Allegation Hotline system is setup so citizens, EPA employees, EPA contract personnel and others may report incidences involving waste, fraud and abuse within EPA. The OIG must keep official records of such activity as part of the Federal records retention requirement. The database is a tracking tool to follow each allegation from the time it is first reported until there is a resolution. Records that are closed out are kept in the office for a three year period and then sent to Federal records storage where they are kept an additional 10 years.

  2. If data are being consolidated, what controls are in place to protect the data from unauthorized access or use? Explain.

    The OIG Hotline Allegation system resides on a Lotus Notes database server at EPA headquarters in Washington, DC. The servers are kept in a secure room with limited access. Only nine people have Lotus Notes security profiles that allow access to this database. Each of these OIG staff has a background check and authority to access confidential level data. Old case electronic records are periodically archived, kept three years in the office and then sent to a Federal records center where they are kept an additional 10 years.

  3. If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? Explain.

    There are no plans at present to change the system, rewrite it or consolidate this system with other systems or databases.

  4. How will data be retrieved? Can it be retrieved by personal identifier? If yes, explain. (A personal identifier is a name, Social Security Number, or other identifying symbol assigned to an individual, i.e. any identifier unique to an individual.)

    Data can be retrieved by a person's name, telephone number or address. Social Security Number is not used as a record key and is not routinely collected. If a person making an allegation gives their or someone else's SSN when providing information about an allegation, it would be part of a narrative field. Information in the narrative field can not be searched.

  5. Is the Web privacy policy machine readable? Where is the policy stated? (Machine readable technology enables visitors to easily identify privacy policies and make an informed choice about whether to conduct business with that site.)

    The web privacy policy is machine readable.
    Privacy and Security Notice

Top of Page

IV. Maintenance of Administrative Controls

  1. Has a record control schedule been issued for the records in the system? If so, provide the schedule number. What are the retention periods for records in this system? What are the procedures for eliminating the records at the end of the retention period? (You may check with the record liaison officer (RLO) for your AA-ship, Tammy Boulware (Headquarters Records Officer) or Judy Hutt, Agency Privacy Act Officer, to determine if there is a retention schedule for the subject records.)

    Federal Records Schedule for the OIG Hotline Allegation system is EPA Record Schedule Number 703.

    Records for the OIG Hotline Allegation System are retained for 3 years in the office after allegations are closed. The records are then sent to a Federal Records Center where they are kept an additional 10 years. After that the records are destroyed.
  2. While the data are retained in the system, what are the requirements for determining if the data are still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?

    As an allegation case progresses, the data in the Allegation Hotline system is continually updated. During the audit or investigative phase of the allegation, OIG staff will attach supporting documentation to the case record and provide brief summaries. Once the allegation has a satisfactory resolution including any required formal reports, the CURRENT STATUS data field value is changed to "Closed". A CLOSED DATE field is updated when the CURRENT STATUS field is changed to "Closed".

  3. Will this system provide the capability to identify, locate, and monitor individuals? If yes, explain.

    The system does not provide any capability for monitoring individuals. Because it may contain names, addresses and telephone numbers, it may provide the capability of locating an individual who has submitted an allegation. The individual can request anonymity and an EPA employee is protected under the Whistle Blowers Protection Act.

  4. Does the system use any persistent tracking technologies?

    This system does not use cookies or other persistent tracking technologies.

  5. Under which System of Records (SOR) notice does the system operate? Provide the name of the system and its SOR number if applicable. For reference, please view this list of Agency SORs. (A SOR is any collection of records under the control of the Agency in which the data is retrieved by a personal identifier. The Privacy Act Officer will determine if a SOR is necessary for your system.)

    This system is under SORN EPA-30 and the official name of the system is: OIG Hotline Allegation System.

Top of Page