Chapter 4: On-Site Inspections
The License authorizes representatives of IES to make unannounced and unscheduled
inspections of the licensee's facilities, including any associated computer center,
to evaluate compliance with the terms of the License and security procedures.
4.1 On-Site Inspection Procedures
Under the provisions of the License, IES may conduct unannounced
and unscheduled inspections of the License site to assess compliance
with the terms of the License.
Specifically, an IES-authorized security inspector will visit the licensee's facilities
to evaluate compliance in the following two areas, which are explained in detail
in this section:
- Operational Procedures
- Security Procedures and Security Plan
Appendix K contains the On-Site Inspection Guideline.
The IES inspector will review the project operations with the PPO, or the Senior
Official, at the licensee's facility. This review will focus on the agreements set
forth in the actual License (or Memorandum of Understanding).
This includes an inspection of the current status of the project:
- Record of License. The IES inspector will review the licensee's
file for a copy of the License, along with copies of all of the Affidavits of Nondisclosure, training certificates,
and a list of persons authorized to access the data.
- Affidavits of Nondisclosure. The
IES inspector will review the names and status of all project personnel. All project
personnel must have an executed Affidavit of Nondisclosure
on file with IES. This review is to confirm that IES has the most current information
on file for those individuals who have the authority to access the subject data.
- The Project Staff. The IES inspector will determine whether a copy
of the License and a copy of the Security Plan Form have been
reviewed by all members of the project staff. This is to ensure that all members
of the project team are aware of the procedures required for accessing and securing
The IES inspector will review with the licensee all aspects of the licensee's security
procedures for the restricted data. These procedures are documented in the
The IES inspector will also review the licensee's submitted Security
Plan Form, which is the on-site implementation document for the
The IES inspector will review these procedures for compliance. A basic outline of
these procedures, in the On-Site Inspection Guideline, is presented
in the next section below.
4.2 On-Site Inspection Guideline
The On-Site Inspection Guideline in Appendix K
presents a standard set of questions that will be asked by the IES inspector when
performing an on-site inspection. Since this is a guide, more License-specific questions
may be asked on a case-by-case basis.
The On-Site Inspection Guideline is provided here to ensure consistency
among interviews and to ensure that all appropriate questions and topics are covered
during the interview. A basic outline of the topics covered in the inspection guideline
The on-site inspection will also include a tour of the licensee's secure project
4.3 Violations, Penalties, and Prosecution
- Statement of Warning. If IES finds the licensee to be in noncompliance
in a manner that has not yet resulted in unauthorized disclosure, IES will send
a Statement of Warning to the Senior Official within six weeks (30 working days)
of the on-site inspection. (More serious violations may result in License revocation
or criminal prosecution. See below.)
The licensee has one month (20 working days) from receipt of the Statement of Warning
to provide IES a letter detailing what procedures have been implemented to restore
- Revocation of License. As stated in the License (Section IV, Penalties)
any violation of the terms and conditions contained in the License may subject the
licensee to immediate revocation of the License by IES. If violations are discovered,
IES will notify the licensee, in writing, of the factual basis and grounds for revocation.
The licensee has six weeks (30 working days) to submit a written argument and evidence
to IES indicating why the License should not be revoked. The IES Data Security Program
shall provide written notice of a decision to the licensee within nine weeks (45
working days) after receipt of the licensee's written argument. IES may extend this
time period for good cause.
List of Most Common Violations
- No three-minute shutdown when the computer is left on
- Lack of warning statement when restricted-use data are brought up on the screen
- Accessing restricted-use data from an off-site location
- The PPO not maintaining control over the restricted-use data
- The PPO neglecting to inform the IES Data Security Office of any project personnel
- Neglecting to return restricted-use data to the IES Data Security Office
- Neglecting to destroy all subsets of the data at the end of the project (the IES
Data Security Office must be informed that this has taken place via completion of the License Close-Out Certification Form)
- Restricted-use data leaving the licensed site
- Making a copy of the restricted-use data and allowing it to leave the licensed site
- Removing the warning label with the expiration date from the restricted-use data
- Not labeling any copies or sub-sets of the data with the warning label
- Not restricting access to the secure project office to License users only
Prosecution and Penalties
Alleged violations of the Privacy Act of 1974 or
IES-specific laws are subject to prosecution by the United States Attorney after
first making reasonable efforts to achieve compliance.
Any violation of this License may also be a violation of federal criminal law under
the Privacy Act of 1974, 5 U.S.C. 552a, and may result in a misdemeanor and a penalty
of up to $5,000.
Anyone violating the confidentiality provisions of Section 183 of the Education
Sciences Reform Act of 2002 (P.L. 107-279), or making an unauthorized disclosure,
when using the data shall be found guilty of a class E felony
and can be imprisoned up to five years, and/or
fined up to $250,000.
Penalties, fines and imprisonment, may be enforced for each occurrence of a specific