Fingerprints and mental health checks

Here is an e-mail I just received from the Executive Director of the American Educational Research Association (AERA). Definitely worth a read if you’re interested in privacy issues…

April 6, 2007

Dear AERA Members:

As final bags and boxes are being closed for the 2007 AERA Annual Meeting, I

want to update you on an important matter for education researchers working

under federal contracts. Over the course of this past year, the U.S. Department

of Education has taken new steps to implement security clearance procedures for

contractor employees. Several AERA members informed the Association and

expressed serious concern that the process is intrusive and unwarranted for

non-classified research. Articles on the topic have appeared recently in

The

New York Times and

Education Week (www.edweek.org/ew/articles/2007/02/21/24checks.h26.html).

Over many months, AERA has been investigating this situation and pressing for

greater understanding. Since September, we have been engaged in discussions with

numerous federal officials at the Department of Education and other federal

agencies as well as working with other research organizations (in particular

with the American Association for the Advancement of Science) and individuals in

the scientific community to scrutinize this issue and learn as much as we can.

President Eva Baker described some of these activities in the January/February

2007 issue of

Educational Researcher (http://er.aera.net/).

The actual clearance procedures required of contractual personnel vary by the

risk level assigned to a position, but minimally require employees on contracts

who are designated low risk to submit fingerprints. Low risk positions include

those on a contractor’s research team who conduct statistical analyses, but have

no access to personally-identifiable information. Contractor employees in

moderate-risk positions must provide a release for credit information and may

also be asked to sign a release allowing investigators to ask specific questions

of an individual’s health care provider regarding prior mental health

consultations. Researchers who collect or have access to personally-identifiable

information or sensitive, but unclassified information are considered moderate

risk under current Department of Education Directive OM:5-101, Contractor

Employee Personnel Security Screenings.

Our goal has been to understand the authority underlying the changes,

determine whether the situation is unique to the Department of Education, and to

effectuate change where needed. Our efforts in the fall, for example, led the

Department of Education to indicate that the directive would be revised and its

implementation examined. Most recently, the Department of Education also

confirmed that the medical/mental health release was not required for

moderate-risk positions (at least as an initial step). At our urging, agency

officials agreed to add an instruction to this effect so that contracting

officers and contractors would be aware of this at the onset.

An overarching concern is about the appropriate scope of security clearance

procedures. The security measures being implemented by the Department of

Education may reach beyond what was originally intended under Presidential

Directive HSPD-12, the key authority often cited by federal officials as

extending security clearance procedures to contractors. Both the Directive and

the Office of Management and Budget guidance for implementing the Directive

focus on contractors who access federal facilities and critical information

systems, not researchers who are engaged in primary data collection or use of

these data in the field. We are seeking an interpretation from senior federal

officials regarding the intended reach of the Presidential Directive and

anticipate receiving clarification quite soon.

Our fact gathering thus far indicates that security clearance procedures vary

by agency. The National Science Foundation, for example, does not typically

require security clearance screenings for contractors who collect data or

prepare analytical products for the agency. At the National Institute of

Justice, only those contractors who need access to federal buildings or

information systems must generally undergo security clearances. Currently, the

U.S. Department of Education – relying on Directive OM:5-101 – requires a security

screening process for all contractors employed for 30 days or more. Although, as

noted above, this Directive is currently in the final stages of revision,

Department officials have indicated that the changes are directed to clarifying

the intent of the policy as it is currently being practiced – that is, that it

covers all contracts.

We remain concerned about the collection of credit information and

fingerprints for researchers who work in the field and have no access to federal

facilities or information systems. While we recognize and appreciate the renewed

efforts of federal officials to provide the best protections possible for

personally identifiable information collected by researchers – and indeed, we as

an Association are continuously engaged in exercises and initiatives to improve

privacy and confidentiality protections – the measures must be balanced and

appropriate to the circumstances.

In a post 9-11 world, there could be a reasoned need for those performing

work for the federal government in federal facilities or on federal data bases

to undergo security clearances at a level appropriate to the types of access.

The issue of the appropriateness of security clearance procedures that are

broader in scope ultimately hinges on whether there is a compelling basis to do

so. The federal government has an interest in supporting research and attracting

researchers – whether working under grants or contracts – of the highest quality and

creativity. We take the view that any constraints need to be the minimum

necessary to achieve legitimate goals. Thus, we await clarification of the scope

of the security clearance requirements and the rationale underlying them. Our

next steps depend on what we learn.

For now, I want to keep you, our members, informed and to let you know that

this topic – as a matter of sound research policy – is very much on the active

agenda of staff and of strong interest to AERA Council and the AERA Government

Relations (GR) Committee. Both Council and the GR Committee have this topic on

their business agendas at the Annual Meeting. Meanwhile, please e-mail me if you

have knowledge or experiences that we should be aware of as we continue to

address the issue of security clearances for contractual research employees.

I look forward to seeing many of you in Chicago.

Warm regards,

Felice

Felice J. Levine, PhD
Executive Director