Privacy Impact Assessment
DHS/ALL/PIA-063
Drug-Free Workplace Program
Page 1
Abstract
The Federal Drug-Free Workplace Program was established by Executive Order (EO)
12,564 on September 15, 1986, to address illegal drug use by federal employees. The Department
of Homeland Security (DHS) Office of the Chief Human Capital Officer (OCHCO) oversees the
departmental Drug-Free Workplace (DFW) program, and developed and implemented a
comprehensive DFW program that includes the Components developing their own DFW plans
that conform to DHS policies. This Privacy Impact Assessment (PIA) outlines the collection and
use of the personally identifiable information (PII) of current employees and applicants who are
selected for employment at DHS and subject to the requirements of the DHS DFW program.
Overview
As required by EO 12564, DHS OCHCO developed a Department-wide DFW plan, which
has been certified by the U.S. Department of Health & Human Services (HHS). Under the
Department plan, each Component has its own DFW plan that conforms to the overarching DHS
program. For most aspects of the program, including the anticipated enterprise contract for drug
testing services beginning in Fiscal Year (FY) 2018, there will be an overarching DHS contract,
with each Component holding a task order thereunder. This Privacy Impact Assessment (PIA)
outlines the organization and privacy risks of the DFW program at the enterprise level.
Components with current OCHCO-approved DFW plans are: U.S. Customs and Border
Protection (CBP), U.S. Citizenship and Immigration Services (USCIS), the Federal Emergency
Management Agency (FEMA), the Federal Law Enforcement Training Center (FLETC), DHS
Headquarters, U.S. Immigration and Customs Enforcement (ICE), the National Protection and
Programs Directorate (NPPD), Office of Inspector General (OIG), Transportation Security
Administration (TSA), and U.S. Secret Service (USSS). In FY 18, Components are scheduled to
fall under the enterprise contract.
Across the Department, Component drug testing services (collection, laboratory, and
Medical Review Officer [MRO] services) will be obtained through an enterprise contract. A
Department-wide contract vehicle allows for effective oversight, ensuring the services provided
are staffed by trained professionals who hold the appropriate certifications or credentials.
Likewise, the enterprise contract ensures that the same range of services is available to all
Components (e.g., drug testing outside the continental United States). By using the same contract
vehicle across the Department, it ensures that data systems used in the drug testing processes will
be the same. Because the data system(s) used under this contract are standard across the
Components, the information technology (IT) security review process is centralized to ensure all
IT security standards are met at the enterprise level. The Alere/eScreen data system (hereafter
Appendix A lists all of the Components that are under the enterprise contract.