DHS plans IT employee records database

The Homeland Security Department is setting up a new records system to keep track of the names, passwords, citizenship information and other data on thousands of IT workers with access to the department's systems.

In a notice posted Dec. 29, DHS announced it is creating a new sensitive, but unclassified, database as part of its General Information Technology Access Account Records System. The department made the notice to comply with the Privacy Act of 1974, which regulates how the government collects and uses personal information.

The new database will collect personal information from IT employees, contractors, grantees and others, including people who serve on DHS advisory committees or are listed as points of contact for facilities.

The system will include names, user names, citizenship, business affiliation, contact information and passwords. It also will include home addresses, e-mail addresses and names and phone numbers of people listed as contacts.

The information will be routinely used by DHS contractors and consultants, facility operators, congressional offices, National Archives, Justice Department or other federal agencies conducting litigations or proceedings involving DHS.

The National Archives will access the database pursuant to records management inspections and there will be no disclosure to consumer reporting agencies, the notice stated. DHS plans to destroy the records six years after the user account becomes inactive, or when no longer needed for investigative or security purposes.