FAQs: Cybersecurity Modernization Initiative

Pausing our work allowed us to expedite our review. Without users in the system, our IT Specialists could focus on modernizing and securing our data, applications, and systems without interruption.

Some program work continued during the pause. For example, we continued to process SEC petitions and dose reconstructions that were already in our system. NIOSH paused the processing of new SEC petitions and dose reconstructions until we were able to receive dosimetry data from DOE again.

This pause lasted about four months (May 3, 2021 – September 15, 2021). Some program work continued during the pause, such as processing SEC petitions and dose reconstructions already in our system.

From May 3, 2021, through September 15, 2021, there was a pause in some data transfers between DCAS, DOL, and the Department of Energy (DOE) as we proceeded with the important cybersecurity modernization.

This includes a hold on:

• receiving new or rework case referrals from DOL,
• returning completed dose reconstructions to DOL, and
• receiving individual and site-specific dosimetry information from DOE.

During this pause, we continued to process SEC petitions and dose reconstructions already in our system. Most of the program’s core functions have resumed.  NIOSH is actively processing new SEC petitions and dose reconstructions.

NIOSH continuously evaluates our IT systems for necessary updates. However, recent cybersecurity breaches have highlighted the threat of external attacks on federal government data systems. For this reason, we conducted a comprehensive review. We saw this as an opportunity to update our data, applications, and systems that serve our claimants. This review ensured the continued protection of sensitive personal data. Protecting our sensitive data is a top priority. Our efforts will enhance our data security for many years to come.

No, there was no data breach of NIOSH’s data systems.

Yes, all PII/claimant information is protected under the Privacy Act of 1974 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These Acts protect records that contain personally identifiable information (PII).

For more information on PII, please see our Privacy Act and Personally Identifiable Information (PII) section on our Handling Sensitive Data website page.

On April 30 and May 3, 2021, we:

1. Announced this pause publicly on our website on the DCAS Headlines page, under “May 3: Cybersecurity Modernization Initiative”

2. Added a notification banner on all pages of our website

3. Sent an email to DCAS website subscribers

4. Sent an email to claimant advocates

On September 3, 2021 we:

1. Announced status updates about the pause on the DCAS Headlines page

2. Updated the notification banner on all pages of our website

3. Sent an email to DCAS website subscribers

4. Sent an email to claimant advocates

On September 15, 2021, we:

1. Announced the end of the pause on the DCAS Headlines page

2. Updated the notification banner on all pages of our website

3. Sent an email to DCAS website subscribers

4. Sent an email to claimant advocates

No, the pause did not affect the work done on the Savannah River Site SEC designation.

NIOSH will focus on improvements for the data, applications, and systems needed to process dose reconstructions to make the process as efficient as possible. NIOSH is reassigning staff and bringing in new resources to ensure the backlog of claims is completed as quickly as possible. Dose reconstructions for terminally ill claimants are always the highest priority, and other claims are processed on a first come, first serve basis.

You can obtain the status of your case in one of the following ways:

Mail:
Department of Health and Human Services
National Institute for Occupational Safety and Health (NIOSH)
Robert A. Taft Laboratories, MS-C45
1090 Tusculum Avenue Cincinnati, OH 45226

Phone:
ORAU Toll Free 800-790-ORAU (1-800-790-6728)

Direct: 513-533-6800

Toll-free: 1-877-222-7570

Bypass the phone directory and contact a NIOSH Program Analyst directly. Program Analysts oversee the processing of cancer cases filed under Part B of the Act that are forwarded to NIOSH for dose reconstruction by the Department of Labor. They are assigned to cases based upon the Department of Labor (DOL) District Office where you originally filed your claim:

• Jacksonville, FL: (513) 533-8425
• Cleveland, OH: (513) 533-8423
• Denver, CO: (513) 533-8426
• Seattle, WA: (513) 533-8424

E-mail: dcas@cdc.gov

On May 12, 2021, the President signed an Executive Order on Improving the Nation’s Cybersecurity. This Executive Order “calls for federal agencies to work more closely with the private sector to share information, strengthen cybersecurity practices, and deploy technologies that increase reliance against cyberattacks.” It directs all Federal Information Systems to meet or exceed the standards and requirements for cybersecurity included in the order.