An official website of the United States government.

This is not the current EPA website. To navigate to the current EPA website, please go to This website is historical material reflecting the EPA website as it existed on January 19, 2021. This website is no longer updated and links to external websites and some internal pages may not work. More information »

Privacy Impact Assessment for the Integrated Financial Management System

On this page:

I. Data in the System

  1. Generally describe what data/information will be collected in the system.

    This system of records is composed of an accounts receivable module and travel and other accounts payable modules.

  2. What are the sources and types of the information in the system?

    The system contains personal identifying information such as names, addresses, and Social Security numbers of persons indebted to or owed money by EPA. Input to IFMS can be in either the form of individual or batched transaction(s), both of which are passed through the system's edit/update process. IFMS may also receive data from electronic interfaces with other systems, such systems include the Contracts Payment System (CPS), the Grants Information Control System(GICS), the Small Purchase Information Tracking System (SPITS), and the EPA Payroll and Personnel System (People Plus).

  3. How will the data be used by the Agency?

    Some of the system functions include: Entry of operating plans, reprogrammings, and supports funds management activities; Commits and obligates funds; Records Accounts Receivable, including interest calculations, dunning functions, and cash receipts; Records Accounts Payable, including interest, handling and penalty calculations and making automated disbursements; and Records travel obligations, issues advances, and pays both the traveler and third party vendors.

  4. Why is the information being collected? (Purpose)

    The purpose of IFMS is to provide accounting and budgetry controls for the entire agency.

Top of Page

II. Access to the Data

  1. Who will have access to the data/information in the system (internal and external parties)? If contractors, are the Federal Acquisition Regulations (FAR) clauses included in the contract (24.104 Contract clauses; 52.224-1 Privacy Act Notification; and 52.224-2 Privacy Act)?

    Only authorized users that have had a proper background check will have access to the system.

  2. What controls are in place to prevent the misuse of data by those having authorized access?

    Access requests are reviewed on three levels to insure that only need to know access is granted.

  3. Do other systems share data or have access to data/information in this system? If yes, explain who will be responsible for protecting the privacy rights of the individuals affected by the interface? (i.e., System Administrators, System Developers, System Managers)

    Yes. The systems managers are responsible for protecting the privacy rights of the individuals affected by the interface.

  4. Will other agencies, state or local governments share data/information or have access to data in this system? (Includes any entity external to EPA.)


  5. Do individuals have the opportunity to decline to provide information or to consent to particular uses of the information? If yes, how is notice given to the individual? (Privacy policies must clearly explain where the collection or sharing of certain information may be optional and provide users a mechanism to assert any preference to withhold information or prohibit secondary use.)


Top of Page

III. Attributes of the Data

  1. Explain how the use of the data is both relevant and necessary to the purpose for which the system is being designed.

    IFMS was implemented in 1989 before sensitivity to SSN was an issue.

  2. If data are being consolidated, what controls are in place to protect the data from unauthorized access or use? Explain.

    IFMS data access is controlled by an internal IFMS security table that is maintained by the Financial Systems Staff (FSS). The IFMS data that is stored in flat files is protected by the mainframe's Resource Access Control Facility (RACF), which is also maintained by FSS.

  3. If processes are being consolidated, are the proper controls remaining in place to protect the data and prevent unauthorized access? Explain.

    N/A - No consolidation planned.

  4. How will data be retrieved? Can it be retrieved by personal identifier? If yes, explain. (A personal identifier is a name, Social Security Number, or other identifying symbol assigned to an individual, i.e. any identifier unique to an individual.)

    Some data recordes can be retrieved by Social Security Number.

  5. Is the Web privacy policy machine readable? Where is the policy stated? (Machine readable technology enables visitors to easily identify privacy policies and make an informed choice about whether to conduct business with that site.)

    NA - not a web based system

Top of Page

IV. Maintenance of Administrative Controls

  1. Has a record control schedule been issued for the records in the system? If so, provide the schedule number. What are the retention periods for records in this system? What are the procedures for eliminating the records at the end of the retention period? (You may check with the record liaison officer (RLO) for your AA-ship, Tammy Boulware (Headquarters Records Officer) or Judy Hutt, Agency Privacy Act Officer, to determine if there is a retention schedule for the subject records.)

    Yes. EPA General Records Schedule 129, 24/6b. Inactive records/files are deleted 6 years after user account is terminated.

  2. While the data are retained in the system, what are the requirements for determining if the data are still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?

    Employee data updated each pay period based on an interface with Payroll/HR system.

  3. Will this system provide the capability to identify, locate, and monitor individuals? If yes, explain.


  4. Does the system use any persistent tracking technologies?


  5. Under which System of Records (SOR) notice does the system operate? Provide the name of the system and its SOR number if applicable. For reference, please view this list of Agency SORs. (A SOR is any collection of records under the control of the Agency in which the data is retrieved by a personal identifier. The Privacy Act Officer will determine if a SOR is necessary for your system.)

    EPA Travel, Other Accounts Payable, and Account - SOR 29

Top of Page