The REAL ID Act and the States SEARCH Membership Group Meeting July 18, 2007.

Slides:



Advertisements
Similar presentations
Bill Roettger Feature Updates for HCV-ID. Overview For Patients Collect: - Patient Information - Insurance Cards - Acceptance of Data Privacy Policy -
Advertisements

pan Testing Centers I-9 Training
The detection and prevention of ID Fraud
PIV-I Issuing Procedures for Applicants (New Contractors) v1.1
Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.
Identification and Disposition of Official University Records University of Texas at Arlington Records Management.
VOTER REGISTRATION AND IDENTIFICATION
Alicia Albright, Spencer Ruch, Jim Knapp, Brian Holkeboer, Anthony Santilli.
Review Questions Business 205
Janice Kephart Director of National Security Policy, Center for Immigration Studies Heritage Foundation July 14, 2009.
Alicia Albright, Spencer Ruch, Jim Knapp, Brian Holkeboer, Anthony Santilli.
Department of Health and Human Services Personal Identity Verification Training APPLICANT.
International Business and Technology Consultants AMS confidential & proprietary Identification Security Meeting The New Challenge Barry Goleman American.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Employee Insurance Program Dependent Audit May 1, 2011 Laura Caldwell, Benefits Administrator.
VETERANS BENEFITS ADMINISTRATION AVECO July 14 – 18, 2014 Centralized Certification.
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
Department of Labor HSPD-12
The Name Equality Act of 2007 AB 102 (Chapter 567, Statutes of 2007)
PIV-I Issuing Procedures for Applicants (Current Contractors) v1.1.
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
PIV-I Issuing Procedures for Applicants (New Volunteers / Affiliates) v1.1.
DL/ID Card Design Specification Responsible Retailing Forum Rich Carter (AAMVA) 2004 Responsible Retailing Forum The Next Generation of State IDs.
PIV-I Issuing Procedures for Applicants (New Employees) v1.1.
Form I-9 Employment Eligibility Verification & E-Verify Information
By Garland Land NAPHSIS Consultant. Importance of Birth Certificates Needed for: Social Security Card School Enrollment Driver’s License Passport.
National Smartcard Project Work Package 8 – Security Issues Report.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
B O N N E V I L L E P O W E R A D M I N I S T R A T I O N 1 Network Operating Committee (NOC) June 12 th, 2014.
Meeting the Demands for Vital Statistics: The Challenges of Collecting, Preparing, and Promoting Baltimore, MD May 31 st – June 4 th, 2009 Vital Records.
Free Application for Federal Student Aid (FAFSA)
Driver Records News and Notes. FEDERAL REAL ID ACT.
Presented by: Jay Maxwell CIO, AAMVA The Driver’s License: Finally, National Standards Presented by: Jay Maxwell CIO, AAMVA.
NAPHSIS REAL ID Overview June 6, 2007 In support of this key requirement,
PIV-I Issuing Procedures for Applicants (Current Employee) v1.1.
Meet and Confer Rule 26(f) of the Federal Rules of Civil Procedure states that “parties must confer as soon as practicable - and in any event at least.
Real ID Vibhas Chandrachood, Executive Director Office of Application Development Commonwealth Office of Technology Commonwealth of Kentucky December 15,
Employment Eligibility Verification The I-9 Form Bluefield State College New River Community & Technical College.
© 2015 Universal Service Administrative Company. All rights reserved. Direct BEAR Payment Process E-rate Program Applicant Training Washington DC Tampa.
28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.
The Role of Vital Records in Driver’s License Administration Linda Lewis President and CEO, AAMVA.
1 HIPAA Administrative Simplification Standards Yesterday, Today, and Tomorrow Stanley Nachimson CMS Office of HIPAA Standards.
Workshop OAS/ICAO Bogota, Colombia November 10-12, 2008 Passport Canada Standards and Best Practices Debbie Richer District Manager, Edmonton.
DIGITAL SIGNATURE.
Intelligence Reform: The Process Begins National Association for Public Health Statistics and Information Systems June 7, 2005.
Hiring/Onboarding in Compliance Meetings with Supervisors.
HIPAA History March 3, HIPAA Ruling Health Insurance Portability Accountability Act Health Insurance Portability Accountability Act Passed by Congress.
An introduction to records management at Clemson University Records Center is located at the Library Depot 103 Clemson Research Blvd Anderson, S.C
DL/ID Card Design Specification 1 Rich Carter (AAMVA) Traffic Records Forum 2004 The DL/ID Card Design Specification Rich Carter (AAMVA)
1 AAMVA EVVE Pilot Project: Where We Are Walter Jackson AAMVA Project Manager June 5, 2006.
1 I-9 Completion for People Managers Hiring Manager Training Version January 2016.
AAMVA: Region 1 Conference License Security & Fraud Control Connecticut DMV Document Audit Web Application (“DAW”) Lynn C. Blackwell Division Chief July.
The REAL ID Act Minnesota Department of Public Safety Driver and Vehicle Services Division Driver and Vehicle Services Division.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
Rich Carter Director, Technology Standards and Programs
Transportation and Security
Electronic Records Management Program
Canadian Passport.
Red Flags Rule An Introduction County College of Morris
REAL ID Briefing for NEBTA
Handgun Licensing for Instructors: Renewal Certification 2017
Identity Theft Prevention Program Training
IUC Records Retention Tool: Zasio’s Versatile Retention
ELECTRONIC SIGNATURES
ELECTRONIC SIGNATURES
Colorado “Protections For Consumer Data Privacy” Law
The REAL ID Presentation to SEARCH
Presentation transcript:

The REAL ID Act and the States SEARCH Membership Group Meeting July 18, 2007

P.L Statute passed May 11, 2005 Repealed Intelligence Reform Act driver license provisions Contains May 11, 2008 deadline NPRM published March 1, 2007 Requires 245M people to “re-enroll” in 3 years and 4 months

Implementation Schedule October 1, 2007 –Deadline for requesting extensions to May 11, 2008 deadline –Maximum extension through December 31, 2009 –Submit Compliance Plan “no later than six months from the date on which the extension is granted” February 10, 2008 –Deadline for filing certification packages (if extension not granted) May 11, 2008 –DL/IDs not accepted “for Federal purposes” if States are not certified or granted extensions –Implementation target ►some [?] States issue REAL IDs January 1, 2010 –All States issue REAL IDs May 11, 2013 –Full compliance with REAL ID statute & regulations

Reality Cannot force 245 million people through the funnel in 40 months and 11 days Increased staff, facilities, hardware and software will be expensive Customer service disruptions will be inevitable

AAMVA-NGA-NCSL Recommendations Allow states to implement a 10-year re- enrollment period Allow reciprocity for persons already vetted by the federal government (e.g., U.S. passport, military ID, federal employee HSPD-12 identification credential)

Verification of Eligibility All-State DL/ID Records System Department of State U.S. Passport System EVVER (Electronic Verification of Vital Events Records) Birth Records SSOLV (Social Security On-Line Verification) SAVE (Systematic Alien Verification for Entitlements)

AAMVA-NGA-NCSL Recommendations Privacy and security of personal information must be an overriding guiding principle in system development and use. Verification system development must minimize the effect on state DMV processes and must be integrated into the AAMVAnet infrastructure. Any cost or development of any system must be borne by the federal government to meet this federal requirement. DHS should focus on verification systems that have the highest impact and best value for DMVs to address abuse and fraud in DL/ID issuance systems. DHS should view the implementation of verification systems through a phased and flexible approach, recognizing that some systems such as SSOLV and tools such as AAMVA’s digital image exchange capability have the highest value and risk mitigation. Re-enrollment verification must be left up to states based upon their own individual processes, computer system capabilities, as well as their own knowledge of risk mitigation and fraud prevention and detection.

Physical Security Features for DL/ID Cards Intricate, fine-line, multicolored design produced via offset lithography Optically variable feature providing adequate protection against copying Ultraviolet (UV) long wave responsive feature Variable data applied via laser engraving Card stock: -- UV dull or possess a controlled response to UV -- Use of printing methods to resist duplication or facsimile reproduction -- Security pattern resistant to counterfeiting by scanning, printing or copying

Machine Readable Technology on the DL/ID Card States must use PDF417 2D bar code standard with these data elements: –Expiration data –Holder’s name. At least 125 characters in MRZ to capture full name history, including full legal name and all name changes. –Issue date –DOB –Gender –Address –Unique ID number –Revision date, indicating the most recent change or modification to the visible format of the card –Inventory control number

DHS Sought MRZ Comments Whether the data elements currently proposed for inclusion in the MRZ should be reduced or expanded? Whether they should be encrypted for privacy reasons to protect the data from being harvested by third parties, and whether encryption would have any effect on LE’s ability to quickly read the data and identify the individual interdicted? What would it cost to build and manage the necessary IT infrastructure for State and Federal LE agencies to be able to access the information on the MRZ if the data were encrypted? How best to secure the data, or whether or not to employ protections for the data encoded on the 2D bar code needs to be protected at all, while permitting LE access and what technologies may be available to accomplish this balance? Whether a technology, such as the NLETS, or other system currently being used by LE, could be used by the States to provide LE ready access while maintaining the security of the information on the DL or ID card.

DHS Sought MRZ Comments What data elements should be included in the MRZ and the privacy considerations regarding the selection of such data elements and this technology? Whether a demonstrable LE need exists to include address in the MRZ portion of the REAL ID card, as currently proposed in the regulations? If a State chooses to produce DL and ID cards that are WHTI-compliant, whether citizenship could be denoted either on the face or machine-readable portion of the card, and more generally on the procedures and business processes a State DMV could adopt in order to issue a REAL ID DL or ID card that also included citizenship information for WHTI compliance? How States would or could incorporate a separate WHTI- compliant technology, such as an RFID-enabled vicinity chip technology, in addition to the PDF417 barcode requirement?

Data Retention and Storage States must retain copies of the application, declaration and source documents presented. States that choose to keep paper copies of source documents must retain the copies for a minimum of 7 years. States that choose to transfer information from paper copies to microfiche must retain the microfiche for a minimum of 7 years. States that choose to keep digital images of source documents must retain the images for a minimum of 10 years. States currently using black and white imagers must replace them with color imagers by December 31, 2011.

Data Retention and Storage States using digital imaging to retain source documents, must use the AAMVA digital image exchange program, or other standard that has interoperability with the AAMVA standard, so that the digital images are retained in electronic storage in a transferable format. Photo images must be stored in the Joint Photographic Experts Group (JPEG) 2000 standard for image compression, or a standard that is interoperable with the JPEG standard. Document and signature images must be stored in a compressed Tagged Image Format (TIF), or a standard that is interoperable with the TIF standard. All images must be linked to the applicant through the applicant’s unique identifier assigned by the DMV.

AAMVA-NGA-NCSL Recommendations States should not be required to capture and store documents presented by an applicant to verify address of principal residence. States, working together, should be able to determine what documents can and should be transferred between states and to determine the technical requirements. Color images should not be required. While a state may opt for the operational efficiencies associated with integrating the image storage with the driver file, it should not be required as long as the image is retrievable.

“Show Me the Money”! $23.1 billion – DHS estimate to implement $40 million – What Congress has appropriated so far $50 million – In the House Homeland Security Appropriations bill

Contact Information Tom Wolfsohn Chief Policy Officer AAMVA 4301 Wilson Blvd. Suite 400 Arlington, VA