Page History
Viewable by the world
...
| Anchor |
|---|
...
| id | Privacy Monitoring |
|---|
|
|
...
Privacy |
...
Publication date: |
...
10/ |
...
27/2021 |
Effective date: |
...
10/ |
...
27/ |
...
2021 |
BRIEF
| Anchor | ||||
|---|---|---|---|---|
|
...
This policy describes Lawrence Berkeley National Laboratory's (Berkeley Lab
...
's) approach to managing privacy risks.
| Anchor | ||||
|---|---|---|---|---|
|
...
- Employees and affiliates
- Other users of Berkeley Lab IT, including collaborators and visitors
| Anchor | ||||
|---|---|---|---|---|
|
The POLICY tab on this wiki page
| Anchor | ||||
|---|---|---|---|---|
|
...
Laboratory Privacy Officer
Information Technology Division
...
Privacy@lbl.gov
...
Title: | Privacy |
...
Publication date: |
...
10/ |
...
27/2021 |
Effective date: |
...
10/ |
...
27/ |
...
2021 |
POLICY
A. Purpose
To further the secure and acceptable use of Berkeley Lab IT and information at Berkeley Lab, this policy:
- Defines no expectation of privacy in use
- Establishes authority to monitor and consent to monitoring
- Establishes policies and procedures for Access without Consent and
- Seeks to ensure that Access without Consent is consistent with the value of privacy in individual activity and behavior that is consistent with the scientific mission of Berkeley Lab
B. Persons Affected
This policy applies to employees and affiliates as well as casual users of Berkeley Lab IT and resources, including collaborators and visitors.
C. Exceptions
Not applicable
D. Policy Statement
...
- No Expectation of Privacy: Users have no expectation of privacy when they use Berkeley Lab IT, subject to applicable state, federal, Department of Energy (DOE), and University of California laws and regulations.
...
- Authority: System administrators have limited authority to monitor systems for availability and security; however, only the Chief Information Officer, Laboratory Director, or Deputy Director for Operations may grant broad authority to monitor content and transactions on Berkeley Lab IT for security purposes and acceptable use.
- Minimal Access: Employees engaged in monitoring must access the minimum amount of information necessary to accomplish any monitoring task and must treat information in a confidential manner as appropriate.
- Notice of Monitoring: This policy serves as Notice of Monitoring. Systems with external users must provide notice to these users. Acceptable ways of providing notice include but are not limited to requiring users to sign an agreement or linking to the Berkeley Lab Privacy and Security Notice.
- Exceptions: The monitoring or recording of telephone conversations is illegal without the consent of all parties.
...
- Consent: Use of Berkeley Lab IT constitutes consent to monitoring. Any or all uses of Berkeley Lab IT may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized University of California, DOE, and law-enforcement personnel. Some Berkeley Lab services are provided by third-party providers or monitored by external parties. Where applicable, employees and affiliates acknowledge monitoring by Berkeley Lab, the third-party provider, or external party. Authorized investigative agencies may access any DOE computer used during the period of access to information on a DOE computer, and for a period of three years thereafter.
- Written Consent: Use of Berkeley Lab IT serves as written consent to the requirements and policies of the Berkeley Lab Privacy and Security Notice for that system and all other DOE systems. In addition, SEC 0203 Notice of External Monitoring serves as written consent of external monitoring by third-party providers or external parties.
...
Individual Access: The table below defines the authorization required for individual access for operational access and changes. The Access without Consent Procedure contains the list of privacy implicating services.
...
Employee or Affiliate Status
...
Operational Access
...
Operational Changes
...
Non-privacy implicating
...
Privacy implicating
...
Active or On Leave
...
Supervisor or equivalent
...
Division director or designee
...
Supervisor or equivalent if the individual is unavailable
...
Terminated
...
Supervisor or equivalent
...
Division director or designee
...
Supervisor or equivalent
...
| Anchor | ||||
|---|---|---|---|---|
|
| Anchor | ||||
|---|---|---|---|---|
|
Lawrence Berkeley National Laboratory (Berkeley Lab) has an interest in ensuring the privacy of its workforce members, research subjects, and visitors is respected consistent with University of California and Department of Energy (DOE) policy, the California Constitution, and state and federal privacy laws and regulations. This policy articulates Berkeley Lab's policy position on privacy and how workforce members must handle personal information gathered and used in furtherance of the Laboratory's mission. It also serves to ensure that Berkeley Lab complies with applicable data protection laws, regulations, and contractual obligations, and adequately protects the information of staff, customers, and research and business partners.
| Anchor | ||||
|---|---|---|---|---|
|
This policy applies to employees, affiliates, and casual users of Berkeley Lab IT and resources, including collaborators and visitors as to processing of personal information.
| Anchor | ||||
|---|---|---|---|---|
|
Not applicable.
| Anchor | ||||
|---|---|---|---|---|
|
Risk-Based Approach. All personal information is not created equal and therefore should not all be protected the same way. This policy requires the Privacy Officer to develop processes and controls for identifying, assessing, and managing privacy risks proactively. The Privacy Officer shall work cross-functionally with Laboratory Management to coordinate implementation of these controls consistently and commensurably with the risks certain business processes pose to individual autonomy or information privacy. To the greatest extent possible, controls shall be built into business processes by design.Anchor _17dp8vu _17dp8vu
Individual Autonomy and Expectations of Privacy by Berkeley Lab Workforce. The Privacy Officer shall coordinate the implementation of controls addressing end users' expectations of privacy, monitoring, and/or surveillance of Berkeley Lab staff activities and use of Laboratory IT, and limitations on access to Laboratory IT without express consent by the end user consistent with the following:Anchor _3rdcrjn _3rdcrjn
Expectations of Privacy. Users have no expectation of privacy when using Laboratory IT, subject to limitations set by law and regulations, University Policy, and Department of Energy Orders as implemented into the Prime Contract.Anchor _26in1rg _26in1rg
Acceptable Use. Subject to limitations set by Berkeley Lab policy, end users are permitted to make incidental personal use of Laboratory IT. However, incidental personal use of Laboratory IT is not subject to greater privacy protection than that of routine business use of Laboratory IT.Anchor _lnxbz9 _lnxbz9
Monitoring, Surveillance, and Access to Information About or Held by Berkeley Lab staff. The unauthorized monitoring and surveillance of Berkeley Lab staff is strictly prohibited. Authorization will be granted by Laboratory Management in consultation with Laboratory Counsel only where necessary to carry out a legitimate Laboratory function, be subject to appropriate oversight, be appropriately limited in time, place, manner, and scope, and be documented in writing.Anchor _35nkun2 _35nkun2
Information Privacy. The Privacy Officer shall coordinate the implementation of controls addressing the appropriate processing of personal information in connection with furthering the Laboratory's mission consistent with the following:Anchor _1ksv4uv _1ksv4uv
Governance. Berkeley Lab's Privacy Program is supported by the following:Anchor _44sinio _44sinio - Laboratory Privacy Officer. The Deputy Director of Operations shall appoint a Laboratory Privacy Officer to work cross-functionally with Laboratory Management on carrying out the intent of this policy. The Privacy Officer shall be a subject-matter expert capable of exercising independent and sound judgment, represent the Laboratory in internal and external fora, champion cross-functional projects, and conduct duties as assigned to ensure the Laboratory remains in compliance with applicable laws, regulations, policies, and contractual requirements.
- Privacy Committee. The Laboratory Privacy Officer may chair a Privacy Committee charged with coordinating activities related to advancing Berkeley Lab's Privacy Program objectives consistent with this policy. The Laboratory Privacy Officer may also lead specialized and cross-functional working groups composed of subject-matter experts in specific areas. Additional standards, implementation specifications, and guidance issued by these groups shall serve as extensions of this policy.
Program Documentation, Review, and Authorization. The Laboratory Privacy Officer shall document the Privacy Program consistent with applicable requirements and periodically revise the documentation to ensure it remains current and in compliance with Berkeley Lab's legal, regulatory, contractual, and policy obligations.Anchor _2jxsxqh _2jxsxqh
Minimization. Berkeley Lab Workforce must limit the collection, use, disclosure, or storage of personal information to that which is relevant and necessary to accomplish the Laboratory's mission and as required or authorized by the California Constitution or statute, or mandated by the federal government.Anchor _z337ya _z337ya
Proper Basis for Processing of Personal Information. Berkeley Lab Management must process personal information only where the processing is supported by a proper basis. Proper basis includes:Anchor _3j2qqm3 _3j2qqm3
Consent. Where practicable or legally required, Berkeley Lab Workforce may process personal information pursuant to the appropriate consent given by the relevant data subject. Appropriate consent is that which is reasonable under the specific circumstances of the information processing and, where applicable, complies with applicable laws and regulations. Examples of appropriate consent include implied and express (in writing or electronically signed).Anchor _1y810tw _1y810tw
Contract Performance. Berkeley Lab Workforce may process personal information to the extent necessary to perform a contract to which the individual is a party.Anchor _4i7ojhp _4i7ojhp
Where Legally Permitted or Required. Berkeley Lab Management and workforce members may process personal information to the extent necessary to comply with legal or regulatory obligations, as required under the DOE Prime Contract, or as permitted under California or federal law. This includes processing personal information in the course of internal investigations, in connection with lawsuits or as directed by a tribunal with appropriate jurisdiction, for the proper functioning of the Laboratory, to protect the safety and well-being of individuals or the Laboratory community, and as otherwise permitted or required by law, University Policy, or Department of Energy directive.Anchor _2xcytpi _2xcytpi
Specific Prohibitions on Processing of Personal Information. The following uses of personal information are prohibited without approval by the Privacy Officer.Anchor _1ci93xb _1ci93xb
Use of Protected Personal Information as a personal identifier;Anchor _3whwml4 _3whwml4
Transmission or storage of Protected Personal Information (including DOE-owned personally identifiable information (PII)) via email, cloud storage, or other unsecure means;Anchor _2bn6wsx _2bn6wsx
Sale or transfer of ownership rights of records containing personal information for any consideration.Anchor _qsh70q _qsh70q
Notice. Berkeley Lab Management and workforce members must give appropriate notice to individuals regarding personal information about them which Berkeley Lab collects, permitted uses and disclosures of personal information, and guidance on how individuals may contact Berkeley Lab to make specific requests related to that information. The notice must be approved by the Privacy Officer and comply with requirements arising under applicable laws, regulations, or contract. The processing of personal information contrary to or in excess of what is disclosed via the notice is prohibited.Anchor _3as4poj _3as4poj
Training and Awareness. The Privacy Officer shall maintain an education, training, and awareness program designed to inform employees of the requirements identified under this policy, build knowledge and skills to enable staff to protect personal information, and change behaviors towards focusing attention on the protection of personal information. To the greatest extent possible, this program should be tailored for roles based on the degree to which the individual is expected to process personal information in connection with Berkeley Lab business processes. Laboratory Management remains responsible for ensuring that all members of the laboratory workforce receive appropriate training to the extent necessary and appropriate for them to carry out their required job functions.Anchor _1pxezwc _1pxezwc
Third-Party Risk Management. Where a third party is to process personal information on behalf of the Laboratory, Laboratory Management shall ensure that the third party will agree in writing to comply with the requirements under this policy. This may be accomplished through implementation of standard contractual clauses approved by the Privacy Officer and/or the Office of the Laboratory Counsel.Anchor _49x2ik5 _49x2ik5
Information Security. The Privacy Officer shall coordinate with the Chief Information Security Officer to ensure that physical, technical, and administrative controls adequately ensure that personal information remains appropriately protected throughout its lifecycle.Anchor _2p2csry _2p2csry
Privacy Incident Management. The Privacy Officer shall maintain procedures to ensure the adequate management of privacy incidents resulting in unauthorized disclosure of, or access to, personal information according to contractual, legal, and regulatory obligations.Anchor _147n2zr _147n2zr
Compliance. The Privacy Officer shall coordinate and collaborate with Berkeley Lab Management and workforce members to ensure compliance with applicable laws and regulations, University of California policies, and Department of Energy directives related to Privacy with Laboratory Management.Anchor _3o7alnk _3o7alnk
Review and Assessment. The Privacy Officer shall coordinate assessments of the effectiveness of controls implemented pursuant to this policy. This assessment may be conducted by internal or external parties and will serve to guide the organization on the effectiveness of the overall program.Anchor _23ckvvd _23ckvvd
| Anchor | ||||
|---|---|---|---|---|
|
All members of the Laboratory community have responsibilities and remain accountable for complying with this policy. This section outlines specific responsibilities that attach to members of the Laboratory community based on their role and/or job duties.
Role | Responsibilities |
Berkeley Lab Workforce: all employees, affiliates, trainees, volunteers, and other entities or persons who perform work for the Laboratory or use Laboratory IT or resources. This includes other roles identified under this policy. |
|
Laboratory Privacy Officer: individual appointed to oversee the Privacy Program |
|
Laboratory Management: Division directors or delegates authorized pursuant to Laboratory Policy to accept risks associated with processing personal information on behalf of the Laboratory. |
|
| Anchor | ||||
|---|---|---|---|---|
|
| Anchor | ||||
|---|---|---|---|---|
|
Term | Definition |
Personal Information | Any information that is maintained by the Laboratory in furtherance of Laboratory business that identifies or describes an individual, including, but not limited to, his or her name, Social Security number, physical description, home address, home telephone number, education, financial matters, and medical or employment history. This includes:
|
Protected Personal Information | A highly sensitive subset of personal information that is subject to legal, regulatory, or contractual requirements, or which, if accessed or acquired without authorization, could cause harm to data subjects. This designation applies to UC-owned records containing any of the below:
|
Federally- Owned Personally Identifiable Information (PII) | Federally-owned information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. The definition of PII is not anchored to any single category of information or technology. Rather, it requires a case-by-case assessment of the specific risk that an individual can be identified. |
Prudent to Protect Personal Information | UC-owned information that can be used to identify or describe an individual, but which is not identified as Protected Personal Information or Public Personal Information or which has not been de-identified |
Public Personal Information | Information processed by Berkeley Lab staff in support of official Laboratory business which relates to or describes an identifiable individual, but that is lawfully publicly available or about which individuals do not have objectively reasonable expectations of privacy |
De-identified personal information | Information related to individuals but from which all personally identifiable information (PII) has been removed and which cannot trivially be attributed to specific individuals through inference or aggregation of other publicly available information |
Processing | Any activity performed by Berkeley Lab as to personal information throughout its life cycle, including creating, copying, transmitting, destroying, and providing access |
Monitoring and Surveillance | Terms generally used to describe a variety of activities intended to track, survey, observe, record, or otherwise monitor activities of specific individuals. Monitoring and surveillance can occur for a variety of reasons and to different extents, such as to protect confidential information from unauthorized disclosure or in connection with an internal investigation. |
| Anchor | ||||
|---|---|---|---|---|
|
None
| Anchor | ||||
|---|---|---|---|---|
|
...
E. Roles and Responsibilities
Employees engaged in monitoring or Access without Consent must adhere to the provisions of this policy. This policy also emphasizes the following roles and responsibilities:
...
Role
...
Responsibility
...
Deputy Director for Operations
...
Approves requests for Access without Consent for purposes of investigating wrongdoing; ensures that requests are fair and reasonable
...
Laboratory Counsel
...
Approves requests for Access without Consent for legal purposes and to investigate wrongdoing; ensures that requests are fair and reasonable; ensures that requests adhere to applicable laws and policies
...
eDiscovery
...
Provides and/or coordinates the provision of Access without Consent for investigation of wrongdoing or legal requests; assists with identifying the least-intrusive means possible, including advising service providers, for operational access or changes; coordinates Laboratory approach to e-Discovery at the direction of Laboratory Counsel
...
IT Policy Manager
...
Helps to ensure that the provision of Access without Consent is fair and reasonable and supports autonomy privacy despite no expectation of privacy in the use of Berkeley Lab IT; determines the list of privacy implicating services
...
Division directors
...
Ensure that operational access is not for investigatory purposes and that requested access is necessary to accomplish the function; assess if a request for Access without Consent may lead to an investigation and routes the request to the appropriate authorizer
...
Supervisors, system owners, other authorizers, or other requestors for Operational Access without Consent
...
Ensures that a good-faith effort is made to obtain consent from the individual before requesting operational access or changes; ensures that operational access or changes are not for investigatory purposes and that requested access is necessary to accomplish the function
F. Definitions/Acronyms
Term | Definition |
Berkeley Lab IT | Berkeley Lab-managed information technology, including computing devices, networks, services, and accounts |
Access without Consent | Individual Access without Consent is access, without a user's permission, to Laboratory Information that is normally available to only that user. This access occurs for either investigations or operational necessity and exceeds normal monitoring activities; Data Access without Consent is access to Laboratory Information, which is not normally available to the requestor, which provides individually identifiable information or recordings regarding the activities, actions, or behaviors of employees, affiliates, and other users of Berkeley Lab IT or resources |
Investigation of wrongdoing | Access to identify or detect suspected wrongdoing; examples include examining an employee's e-mail for indication of violations of policy, searching through network-level records for indications of "time wasting," or to access data from card reader systems to investigate an incident |
Legal requests | Legally enforceable requests, such as a subpoena, search warrant, court order, national security letter, or public records request, and requests for voluntary disclosure of information |
Operational access | Access to gather operational information or provide continuity of service; for example, a work document in an individual account |
Operational changes | Access required to modify an operational feature; examples include changing/activating a vacation message for an employee, or changing outgoing voice mail |
G. Recordkeeping Requirements
...
Document Number | Title | Type |
...
10.01.005.001
...
Letter granting broad authority to monitor the Computer Protection Program
...
Letter
...
10.01.005.002
...
Instructions for using the Berkeley Lab Privacy and Security Notice
...
Instructions
...
10.01.005.003
...
...
Notice
...
10.01.005.004
...
Access without Consent Procedure
...
Procedure
N/A | Manual | |
N/A | Website |
| Anchor | ||||
|---|---|---|---|---|
|
Laboratory Privacy Officer
Information Technology Division
[email protected]
| Anchor | ||||
|---|---|---|---|---|
|
Date | Revision | By Whom | Revision Description | Section(s) Affected | Change Type |
11/1/2021 | 0 | R. Elias | New Policy | All | New |
Date | Revision | By Whom |
I. Contact Information
Information Technology Policy Manager
Information Technology Division
[email protected]
J. Revision History
...
Date
...
Revision
...
Revision Description | Section(s) |
...
Affected |
...
| |||||
1/2/2012 | 1 | J. Bonaguro | Rewrite for wiki | All | Minor |
2/4/2014 | 2 | J. Bonaguro | Edit | All | Major |
3/6/2017 | 2.1 | M. Stoufer | "Chief Operating Officer" position title updated to "Deputy Director for Operations" | All | Editorial |
3/30/2017 | 2.2 | S. Lau | Minor editorial edits | All | Minor |
12/17/2020 |
| D. Soustin | Updated Contract 31 I clause numbers as per mod 1105 | Source Requirement Documents | Editorial |
6/15/2021 | 2.2 | A. Sultan | Periodic review. Minor formatting. No changes. |
...
All | Editorial | ||||
11/1/2021 | 0 | R. Elias | Major revision | All | Major |
ment
...
Information
DOCUMENT INFORMATION
Title: | Privacy |
...
Policy | |
Document number | 10.01.005.000 |
Revision number |
...
3 |
Publication date: |
...
10/ |
...
27/2021 |
Effective date: |
...
10/ |
...
27/ |
...
2021 |
Next review date: |
...
10/ |
...
27/2024 | |
Policy Area: | Information Technology |
RPM Section (home) | Information Management |
...
RPM Section (cross-reference)
...
Section 9.01
Functional Division | Information Technology |
...
Prior reference information (optional)
| Anchor | ||||
|---|---|---|---|---|
|
...
...
- UC-DOE Prime Contract No. DE-AC02-05CH11231 (Contract 31), Clause H-7, Privacy Act Records
- Contract 31, Clause I.67 – FAR 52.224-1, Privacy Act Notification (APR 1984
...
...
Implementing Documents
...
Document Number
...
Title
...
Type
...
10.01.005.001
...
Letter granting broad authority to monitor the Computer Protection Program
...
Letter
...
10.01.005.002
...
Instructions for using the Berkeley Lab Privacy and Security Notice
...
Instructions
...
10.01.005.003
...
...
Notice
...
10.01.005.004
...
Access without Consent Procedure
...
Procedure
- 68 – FAR 52.224-2,Privacy Act (APR 1984)
- Contract 31, Clause I.69 – FAR 52.224-3, Privacy Training (JAN 2017)
- Contract 31, Clause I.124 – DEAR 970.5204-3, Access to and Ownership of Records (OCT 2014)
- Contract 31, Appendix I – DOE Directives/List B, DOE O 206.1 Chg1, Department of Energy Privacy Program
- UC Privacy Principles
- UC Policy BFB-RMP-7: Protection of Administrative Records containing Personally Identifiable Information
- UC Policy BFB-IS-3: Electronic Information Security
| Anchor | ||||
|---|---|---|---|---|
|
Document Number | Title | Type |
N/A | Manual | |
N/A | Website |
...
| group | rpm2-admins |
|---|
...
ADDITIONAL INFORMATION
Title: | Privacy |
...
Document number | 10.01.005.000 |
Revision number |
...
3 |
Publication date: |
...
10/ |
...
27/2021 |
Effective date: |
...
10/ |
...
27/ |
...
2021 |
Next review date: |
...
10/ |
...
27/2024 | |
Policy Area: | Information Technology |
RPM Section (home) | Information Management |
RPM Section (cross-reference) | none |
Functional Division | Information Technology |
Author name/contact info |
...
Rainier Elias | |
| |
Revision 0 publication date |
...
12/ |
...
01/ |
...
11 | |
Retirement date | n/a |
Prior reference information (optional) |
|
|
|
Inputs from more than one Functional Area? | No |
List additional Functional Areas & contacts |
|
|
|
Inputs from more than one Policy Area? | No |
List additional Policy Areas & contacts |
|
|
|
30-day notification needed? | No |
30-day start date | n/a |
30-day end date | n/a |
|
|
LDAP protected? | No |
|
|
Need TABL reminders? | No |
Frequency | n/a |
Brief reminder text: | n/a |
...
Brief reminder text:
...
n/a
|
|
Approval Sheet for this revision received (date) |
...
[Note: author is responsible} |
| ]]></ac:plain-text-body></ac:structured-macro> |
Key labels/
...
tags:
- (Policy Area 1), (Policy Area 2), (Section)
...
New terms that need to be added to Glossary/Acronym list:
- (list items not found and context (Policy Area name) – full definition would be included in Policy)
Implementing Documents restricted to department/functional use
(optional – these will be used for tracing between requirements and associated documents)
Document |
...
number | Title |
|
|
|
|
Side bars:
Side bar 1 location (cite by Policy Section # - for example: Section D.2.a)
Sidebar 1 text:
Sidebar 2 location
Sidebar 2 text:
Sidebar 3 location
Sidebar 3 text:
Remove this text after establishing wiki tabs End Additional Information
Overview
Community Forums
Content Tools
