5.15 Publishing Web Pages (TBP)

All BUMED Web sites will ensure that their web pages are in compliance with Section 508 of the Rehabilitation Act Amendments of 1998, Public Law 105-220, 29 U.S.C. 794d, http://www.section508.gov/docs/508law.html, providing access for people with disabilities.

5.15.1    Government Information Locator Service (GILS)

As part of the U.S. National Information Infrastructure and in compliance with the Paperwork Reduction Act of 1995, the federal government has established a Government Information Locator Service (GILS). A decentralized collection of agency-based information locators and associated information services, GILS identifies publicly available information resources throughout the federal government, describes the information in those resources, and helps individuals and organizations easily locate and access that information, regardless of form or medium.

BUMED and BUMED Web sites and those of activities in Claimancy 18 are required to be registered into the GILS. Registration will be accomplished by obtaining an approval through BUMED Code 03 and then reporting to the GILS by the Command Webmaster. All web sites will be forwarded to the GILS administrator at http://www.dtic.mil/index/form.html. Upon receipt of the GILS record, the GILS administrator will link the site to DefenseLINK.

THIS SECTION IS INCOMPLETE AND UNDER CONSTRUCTION.

5.16 Backup Copies of Critical Data

To protect BUMED 's information resources from loss or damage, microcomputer users are responsible for backing-up the information on their machines. For multi-user computer systems, the departmental Information Systems Security Officer (ISSO) is responsible for making periodic back-ups. If requested, the Directorate for Information Technology Services will install, or provide technical assistance for the installation of back-up hardware and/or software.

All sensitive ("restricted" or "confidential"), valuable, or critical information resident on BUMED computer systems and networks must be periodically backed-up. User department managers must define which information and which machines are to be backed-up, the frequency of back-up, and the method of back-up based on the following guidelines:

· If the system server supports more than one individual and contains data that is critical to the day-to-day operation within BUMED , backup is required daily.

· If the system server is used to support job related functions and contains key data critical to the day-to-day operation of that job, backup is required weekly.

· If the system is primarily used as a personal productivity tool and contains no data that would be classified as job or departmental in nature, backup is at the discretion of the individual user.

· Nothing in the timeframes for periodic backup mentioned immediately above restricts the generation of more frequent back-ups, as will occasionally be required for operational and business reasons.

BUMED requires the use of at least three (3) sets of back-up storage media (tapes or CDs) used in rotation. For multi-user machines, whenever systems software permits, back-ups should be performed without end-user involvement, over an internal network and during the night.

Storage of back-up tapes is the responsibility of the Computer Room. Media is stored in secure containers, at a separate location from the system being backed-up.

Whenever sensitive information is written to a floppy disk, magnetic tape, or other storage media, the storage media must be suitably marked with the highest relevant sensitivity classification. When not in use, this media must be stored in a secure safe, locked furniture, or a similarly secured location.

5.17 Contracting Language for Contactor Personnel Security Clause

CONTRACTOR PERSONNEL SECURITY CLAUSE

5.17.1  Access to sensitive or classified information:

Each ADP position under this contract will be assigned a position sensitivity level based upon the criteria in Appendix K to DOD 5200.2-R, "Department of Defense Personnel Security Program." Contractor personnel performing on unclassified automated information systems may be assigned to one of three position sensitivity designations: ADP Level I, ADP Level II, or ADP Level III. Contractor personnel requiring access to Sensitive But Unclassified (SBU) information must have, or be capable of obtaining, a favorable adjudication of an investigation into their background. The types of investigations are:

ADP-I Single Scope Background Investigation (SSBI) ADP-II DoD National Agency Check Plus Written Inquiries (DNACI), or National Agency Check Plus Written Inquiries (NACI) ADP-III National Agency Check (NAC), or Entrance National Agency Check (ENTNAC)

Some positions under this contract may be designated National Security Positions based upon the criteria in SECNAVINST 5510.30 series, "Department Of Navy Personnel Security Program," which is any position whose occupant could bring about, by virtue of the position, a material adverse effect on the national security. Contractor personnel requiring access to classified (Confidential, Secret, etc.) information must have or be capable of obtaining a security clearance after a favorable adjudication of an investigation into their background.

5.17.2  The NMIMC Personnel Security Officer or Director for Administration will determine the ADP position sensitivity level or security clearance. Requirements for Contractor access to sensitive or classified information will be included on Department of Defense Form DD-254, Contract Security Classification Specification, Department of Defense, as part of this contract.

5.17.3  For each position classified as sensitive or designated as requiring a security clearance, the Contracting Officer shall provide appropriate security investigation forms to the Contractor. One or more of the following forms may be required:

· National Security Position - Questionnaire SF86

· Public Trust Position - Questionnaire SF85P

· Selected Position - Questionnaire SF85P-S

· Spouse Single Agency Check (SAC) Shell

· Special Investigative Inquiry (SII) Shell

· DOD Request For Personnel Security Investigation DD Form 1879 and NAC Security Information Sheet

· Clearance Change Request Form - Form 562

· Fingerprint Card

All forms except the Fingerprint Card may be accessed and filled out online at www.dss.mil.

The Contractor shall be responsible for furnishing them to the employee(s) occupying, or proposed to occupy, the position(s) under this contract. Alternatively, the employee may be required to complete the forms online by accessing the Defense Security Service Internet site at www.dss.mil. The employee must complete the forms and deliver them in person within seven (7) working days from the date the forms are furnished to the Contractor to:

Naval Medical Information Management Center (NMIMC) Director for Administration, Code 05 8901 Wisconsin Avenue, Building 27 Bethesda, MD 20889-5605

5.17.4  Failure to return the completed security investigation forms in person within the seven (7) working days shall be cause for making a determination that the employee may not perform, or continue to perform in the case of contracts in effect at the date of issuance of this requirement, in any sensitive capacity under the contract, whether on-site or off-site. The employee may be eligible for reinstatement to the contract if the completed forms are submitted after the seven-day period, at the discretion of the NMIMC Personnel Security Officer.

5.17.5  Costs for conducting the required personnel investigation will be paid by the government. Investigations will be conducted in accordance with Department of Defense investigative requirements.

5.17.6  If an investigation report contains information that is deemed significant or derogatory, a determination will be made with regard to the employee's eligibility to serve in the sensitive position by the NMIMC Personnel Security Officer or Director for Administration, pending adjudication or other disposition of the case.

5.17.7  The Contractor is required to insert terms that conform substantially to the language of this clause, including this paragraph 5.17.7, in all subcontracts under this contract. The procedures for classifying subcontractor positions and obtaining clearance for subcontractor personnel shall be the same as those for contractor personnel.

5.18 Personal Digital Assistants

BUMEDINST 5230.XX BUMED-09D

BUMED INSTRUCTION 5230.XX

From: Chief, Bureau of Medicine and Surgery

Subj: USE OF PERSONAL DIGITAL ASSISTANTS (PDAS)

Ref: (a) FLTINFOWARCEN NORFOLK VA 131301Z JUL 00

(b) SECDEF memo of 14 Jul 00

(c) DON CIO memo of 8 Aug 00

(d) CNO WASHINGTON DC 272200Z APR 01

(e) Privacy Act of 1974

(f) Public Law 104-191; Health Information Portability and Accountability Act (HIPPA)

Encl: (1) Personal Digital Assistant (PDA) Use Agreement

1. Purpose. To promulgate policy on the use of PDAs and associated personal computing devices that connect to network automated information systems (AIS) in accordance with references (a) through (f).

2. Scope. This policy applies to Claimancy 18 personnel, including contractors, who operate PDAs connected to:

a. Bureau of Medicine and Surgery (BUMED) network.

b. Naval Medical Information Management Center (NMIMC) network.

c. Personal computers used within Claimancy 18.

d. Other network-connected AIS within the Claimancy.

3. Background

a. There are two basic classes of PDAs: those using the Palm Operating System (Palm Pilots, Handspring Visor, etc.); and those running Windows CE and Pocket PC (Compaq, HP Jornada, Casio, etc.). PDAs can have a wide variety of accessories, including modems, synchronization cables, wireless connections, and flash memory storage.

b. Both the Palm OS and Windows CE operating systems have software libraries with applications being developed and distributed through both the commercial and freeware/ shareware channels. As with any software developed by non-governmental/non-trusted sources, there is the possibility that some programs may contain Trojan Horse code, i.e., code hidden within an application without the user's knowledge. BUMEDINST 5230.XX

c. Reference (a) discusses security considerations that should be implemented prior to the use of PDAs. Reference (b) addresses the use and protection of personal computing devices. Reference (c) addresses the need for activities to review their policies and procedures for protecting and accounting for portable computing devices, particularly those devices used to process or store classified information. Reference (d) provides guidance for use of portable electronic devices in the Navy.

d. PDAs are another storage medium like hard drives, diskettes, and paper records. When these media contain sensitive but unclassified patient related data, they must be safeguarded against unauthorized disclosure, modification, or destruction in accordance with reference (e), the Privacy Act of 1974, which addresses the establishment of any Federal Agency national data bank that combines, merges, or links computerized information on individuals maintained in systems of record. In addition, reference (f), the HIPPA of 1996, established standards and requirements for the electronic transmission of health information.

e. Other vulnerabilities may exist when using PDAs attached to personal computers or other network connected AIS. The main risks associated with this usage are:

(1) A well-written Trojan Horse program could, among things, install a backdoor on host networks to permit hacker exploitation.

(2) A wireless palm connection can be used to transmit and receive data to and from a personal computer (PC) without the knowledge or permission of the user.

(3) Anti-virus products for handheld and mobile devices are not as well developed as PC anti-virus software because the use of PDAs has only recently become routine.

(4) Unlike desktop PCs, PDA operating systems do not limit malicious code from modifying system files.

(5) A PDA utilizes infrared transport technology, which allows users to transmit data to other PDA'S, thus circumventing Information Technology (IT) and physical security processes of an activity.

f. Other commercially available products such as the BlackBerry and Accompli are a subset of PDAs. While they do not have operating systems as described in 2.a. above, they possess many of the functions and capabilities of PDAs, and are subject to the same restrictions as set forth in this instruction and enclosure (1).

4. Policy

a. PDAs have the potential to provide business process improvements through the elimination of double entries of information ordinarily shared between PCs and PDAs. The Designated Approval Authority (DAA) serves as the senior AIS policy official. He/she may authorize the use of PDAs and the connection of PDAs to networked PCs if technical personnel BUMEDINST 5230.XX

review the vulnerabilities in paragraph 3, address the vulnerabilities that can be eliminated or mitigated, and list the risks and mitigation strategies associated with the remaining vulnera-bilities. The DAA may then elect to accept the vulnerabilities and authorize the use of PDAs.

b. Claimancy 18 commands will approve in writing the use of PDAs before they are connected to BUMED/NMIMC resources (computers, printers, monitors or the network).

c. Prospective PDA users will sign an agreement similar to enclosure (1).

d. It is strongly recommended that the following security measures be adopted for the use of PDAs that synchronize with computers on BUMED/NMIMC and all Claimancy 18 networks:

(1) Use only government and commercially-produced applications or applications developed by trusted sources.

(2) A PDA may not be used to enter passwords, combinations, PINs or classified information.

(3) In regards to PDA remote connectivity features:

(a) Allow no upload/download via wireless or infrared, while connected to a desktop PC, particularly a networked PC.

(b) Use infrared only for authorized Palm to Palm data transfers.

(4) PDAs can be used to carry data from a desktop workstation. This includes carrying schedules, contact information, notes, e-mail and other items from Microsoft Outlook.

(5) PDAs can be used to take notes, save information or write e-mails while away from a desktop PC, whether down the hall or out of the country.

(6) PDAs can be used to synchronize information with your desktop workstation using direct-connect cables or via an authorized infrared port.

(7) PDAs will not be used with commercial Internet Service Providers.

(8) PDAs will not be used with modems to exchange information with your desktop or other systems on the network.

(9) PDAs can connect to synchronize files between an authorized PDA and the designated PC or designated infrared port specified in enclosure (1). PDAs will not be used to synchronize files or devices across the network. All network synchronization features will be disabled before connecting to the network. BUMEDINST 5230.XX

(10) PDAs may not be used to arbitrarily download and load freeware or shareware software or enhancements. Such software is from untrustworthy sources and may contain malicious code.

(11) PDAs will not be left unattended when attached to a computer.

(12) PDAs will be secured when not in use.

(13) Command issued PDAs will only be used for official government business.

(14) Use of personally owned PDAs is discouraged, but may be approved by the local Designated Approval Authority (DAA) on a case-by-case basis.

e. All personally owned PDAs will conform to this policy. Failure to comply with this policy will result in loss of PDA use privileges.

5. Action. Chief Information Officers (CIOs) will ensure that the provisions of this instruction, and related guidance, are adhered to. This is rapidly developing technology with great potential to improve business efficiency, but with an equally great potential to endanger the privacy of patient data. Authorization to use PDAs in Claimancy 18 activities is not a privilege to be taken lightly.

Distribution: All Internal BUMED Codes SNDL

Available at: http://navymedicine.med.navy.mil/instructions/external.htm

Enclosure (1): PERSONAL DIGITAL ASSISTANTS (PDA) CERTIFICATION/ACCREDITATION WORKSHEET PDA Information

1. Manufacturer:______________________ Model:______________ Serial Number:_____________________________________

2. Software Installed on PDA:_________________________________________________________________________________

3. Department where PDA will be located/used:___________________________________________________________________

4. Navy Property Account Number of CPU on which PDA software will be installed:_____________________________________

PDA Policy

1. Personal Digital Assistants: a. will be secured when not in use. b. will only be connected to the Command Information System listed above. c. will conform to approved DOD standards of operation for Information Systems. d. may be used to carry information from a desktop workstation, including schedules, contact information, notes, and e-mail items from Microsoft Outlook. e. may be used to take notes, save information or write e-mails while away from PDA user's desk. f. may be used to synchronize information with PDA user's desktop workstation using direct connect cables.

2. Personal Digital Assistants will NOT be:

a. used to process or store classified information. b. connected to any classified Information System or network. c. used to connect to commercial Internet Service Providers. d. used with modems to exchange information with PDA user's desktop or other systems on the network. e. used to synchronize any equipment features or devices across any network. f. used to download and install freeware or shareware software enhancements to PDAs. Such software is from untrusted sources and may contain malicious code. g. left unattended while attached to a government Information System.

3. Please contact your Information Systems Security Manager (ISSM) if you have any questions or concerns regarding this policy.

PDA Use Agreement

1. I have read and understand the security guidelines in Personal Digital Assistant (PDA) use Policy. I further understand the necessity for safeguarding my personal data assistant and recognize the requirement for maintaining confidentiality of all data stored in it.

2. I agree to abide by the strict policy outlined above and understand that failure to comply will result in the loss of my PDA use privilege.

ISSM Information Date:_____________________________________________

Name:____________________________________________

Title:_____________________________________________

Signature:_________________________________________

USER Information Date:_________________________________________________

Name:________________________________________________

Title:_________________________________________________

Signature:_____________________________________________ Remember that your Personal Digital Assistant (PDA) is for OFFICIAL USE ONLY. If you are using personal owned PDA that has been approved by your Command for use at work, the Command and BUMED/NMIMC are not responsible for theft, inappropriate use, hardware or software failures of that PDA or any other incidental loss. All users of personal owned PDAs must follow all of the command's guidelines.

5.19 Remote Access and Work at Home

GUIDELINES FOR NMIMC TELEWORK PROGRAM

1. Basic Parameters

a. Teleworking provides employees the opportunity to work part of the week (generally on a regular basis) at an alternative work site away from the main work site. The alternative work site is the employees home or a satellite work center geographically convenient to the employee's home. Working at an alternative work site is called teleworking and such workers are called teleworkers.

b. Current GSA sponsored telecenters are located in Maryland, Virginia and West Virginia. For an up-to-date list of centers and procedures to contract for space, contact this Command's telework program coordinator.

c. Teleworking is a management option rather than an employee benefit and does not change the terms and conditions of appointment. Employee participation is voluntary and subject to management approval. An employee who teleworks must sign Appendix A. Cancelling an arrangement is up to either the employee or the supervisor, with appropriate notice.

d. Teleworking should not adversely affect the perform-ance of the employee or others in the workgroup.

e. Supervisors must properly certify time and attendance. Supervisors are accountable for and timekeepers must be aware of the work time and absence of employees for whom they are responsible. They must maintain an accurate time and attendance record daily. Timekeepers must have a copy of the telecommuter's work schedule. The following basis for recording time and attendance for telecommuters is acceptable:

(1) Occasional supervisory telephone calls to an employee during the times the employee is scheduled to be on duty, or

(2) Determining the reasonableness of work output for time spent.

2. Types of Telework

a. DoD offers two types of telework arrangements, "regular and recurring" and "ad hoc", based on the recognition that organizational and employee needs may vary considerably, and should be considered on a case-by-case basis. Some situations require occasional or infrequent arrangements while others are more conducive to longer periods or regularly scheduled arrangements. The intent in offering two types of telework is to provide supervisors, managers, and employees with maximum flexibility to establish an arrangement that is responsive to their particular situation. However, regular and recurring telework of at least one day per biweekly pay period should receive most support and approval from managers. b. Regular and recurring telework means an approved work schedule where eligible employees regularly work at least one day per biweekly pay period at an alternative worksite. Reasons for long-term regular and recurring telework arrangements include the recruitment and retention of high-quality employees; improved employee morale and a better balance of work and personal lives; reductions in commuting related stress and costs; improvements in access or as a reasonable accommodation for disabled employees; reductions in office space and associated costs; the need for convalescence from a short-term injury or illness, periods when the work office is not usable (e.g., during office renovation), or assignment to a special project. Regular and recurring telework may include "full time" telework (i.e., performing all official duties at an approved alternative worksite), including telework from geographic locations outside of the commuting area to the traditional worksite, e.g., within Continental United States or overseas. All eligible employees who telework on a regular and recurring basis are required to sign a Telework Agreement (Appendix A), Self Certification Safety Checklist (Appendix B), and a Supervisory-Employee Checkout List (Appendix C).

c. Ad hoc telework means approved telework performed at an alternative worksite on an occasional, one-time, or irregular basis. (Telework of less than one day per pay period is considered ad hoc). This provides an ideal arrangement for employees who, at infrequent times, have to work on projects or assignments that require intense concentration. Work assignments in this situation may include a specific project or report, such as drafting a local directive, preparing a brief or arguments, preparing an organization's budget submission, reviewing grant proposals, or preparing a research paper. Such situations may occur throughout the year or be a one-time event. Ad hoc telework may also cover short-term assignments, for example, for employees recovering from injury or illness. Supervisor approved web-based distance and continuous learning are excellent examples of ad hoc telework. The Command requires a formal Telework Agreement and safety checklist if the employee is teleworking from home, to be completed prior to the employee commencing telework. Approval for ad hoc telework, including signing of a Telework Agreement for ad hoc telework, does not confer eligibility for regular and recurring telework.

d. Directors/Supervisors are required to maintain a record of the number of employees who undertake approved ad hoc telework and the incidence of such telework.

3. Alternative Worksites a. Work-at-home telework means an approved arrangement whereby an employee performs his or her official duties in a specified work or office area of his or her home that is suitable for the performance of official Government business. The opportunity to participate in a work-at-home arrangement is offered with the understanding that it is the responsibility of the employee to ensure that a proper work environment is maintained (e.g. dependent care arrangements are maintained and do not interfere with the home office, personal disruptions such as non-business telephone calls and visitors are kept to a minimum).

(1) The employee and his/her family should understand that the home worksite is just that, a space set aside for the employee to work.

(2) Telework is not a substitute for dependent care. Before commencing teleworking, work-at-home teleworkers must complete and sign a safety checklist Appendix B, that proclaims their home safe for an official home worksite. The goal is to ensure that all the requirements to do official work are met in an environment that allows the tasks to be performed safely.

(3) Work-at-home telework arrangements may increase an employee's home utility costs. DoD assumes no responsibility for any operating costs associated with the employee using his or her personal residence as an alternative worksite, including home maintenance, insurance, or utilities (e.g., heating, electricity, water). Furthermore, employees on a work-at-home telework arrangement who are approved to use their own equipment, are responsible for the repair and maintenance of that equipment.

(4) For official Government business only, and specific to telework, NMIMC may use appropriated funds to install telephone lines in a private residence. This command may also issue a calling card (as for telecenter teleworkers) to charge long distance official calls in cases where a separate telephone line cannot be justified or installed. Alternatively, under 31 U.S.C. Section 1348, reimbursement of long-distance (domestic and international) telephone expenses is allowed if incurred as a result of official duties. Employees shall complete Standard Form (SF) 1164, Claim for Reimbursement for Expenditures on Official Business, and have it approved by their supervisor with a copy of the telephone charges.

(5) Maintenance of any Government-furnished equipment may require access by approved repairers to the employee's home, with advance notice of at least 24 hours. Alternatively, the Component may require the work-at-home teleworker to transport Government-furnished equipment to the traditional worksite for repairs. b. GSA Telecenters (National Capital Region) (1) DoD provides a limited central fund to underwrite the expenses associated with use of the GSA telecenters in the Washington, D.C., metropolitan region by the DoD Components for both civilian and military personnel. The central fund is managed by the Civilian Personnel Management Service and covers all costs (within allotted funds) associated with renting space, including equipment and utilities, at a telecenter. Components may provide employees with a calling card to cover long distance telephone charges. (2) Typically, GSA telecenters house employees of more than one agency and include work spaces and equipment common to a traditional office environment. All office accommodations (desks, computers with modems, conference areas, copy machines, fax machines) are provided based on a monthly service charge. Employees work at approved GSA telecenters primarily because the centers are closer to their home than their traditional worksite, not necessarily because they belong to the same work unit or organization. (3) The security requirements prescribed in the DoD telework policy apply to all employees who telework, including those who telework from GSA telecenters. A list of the GSA telecenters and their locations is provided at Appendix F. All centers are operated on a space available basis, and approval of telework /telecenter arrangements is based on availability of space and central funding. This Command has the option not to use the central fund and make other arrangements with the telecenters. (4) Procedures for applying to telework at a GSA telecenter are outlined at Appendix E. The Telecommuting Facility Reimbursement Information Sheet at Appendix E must be submitted to the Office of the Deputy Assistant Secretary of Defense (Civilian Personnel Policy) (ODASD(CPP)) for approval prior to employees beginning telework from the telecenters. Supervisors and employees should contact their Telework Coordinator for questions concerning use of telecenters.

c. Other Approved Worksites. Other approved worksites include any other worksite funded by the employee's Component from which the employee is approved to telework, including a facility established by state, local or county governments or private sector organizations for use by teleworkers, and including National Guard Bureau Distance Learning Centers.

4. Telework Agreement

a. Prior to the commencement of regular and recurring telework arrangements, supervisors and employees must complete and sign a Telework Agreement Appendix A, that outlines the terms and conditions of the arrangement.

b. The Telework Agreement prescribes the approved alternative worksite and telework schedule, and addresses personnel, security, and equipment issues. It also records the anticipated reduction in commuting miles for the teleworker.

c. The employee or supervisor may terminate the telework agreement by giving advance written notice. If, at any time, it is determined that an arrangement is having an adverse impact on work operations or performance, the supervisor will provide notice to the employee that the arrangement will be terminated. The transition back to the traditional worksite must be in accordance with established administrative procedures and collective bargaining agreements.

5. Personnel Policies/Procedures

a. Official Duty Station. A teleworkers official duty station continues to be the main duty station, not the alternative workplace. Periodic presence at this Command will minimize isolation and communication problems; give the teleworker access to equipment, services, etc., not available at the alternate workplace; facilitate integration of the employee with those in the main office; and, ease supervisory adjustment to the new work arrangement.

b. Hours of Duty. Existing rules for hours of duty apply to telecommuters. Supervisors determine employee work schedules consistent with the requirements of the work group and provisions of existing regulations, government-wide policy and applicable bargaining agreements. The Command shall approve alternative work schedules including compressed schedules for teleworkers. Teleworkers will be accessible to their on-site counterparts during their agreed upon regular business hours, despite work location. There are no limits on the number of teleworking days versus "in-office" days per week or pay period for teleworkers. Many arrangements provide for a minimum work time in the traditional worksite, e.g., 2 to 3 days per week, although this should not preclude approval of full-time (i.e., every workday) telework arrangements. Most teleworking employees spend part of the workweek in the traditional worksite to improve communication, minimize isolation, and use facilities not available off-site. Employees participating in short-term arrangements (e.g., recuperating from surgery, complications associated with pregnancy) typically do not have in-office days; they work a full- or part-time schedule from their home. Similarly, long-term teleworkers may be allowed to work their full schedules at the alternative worksite, particularly when the employee is physically unable to commute.

c. Pay and Leave. Existing rules on pay and leave apply to teleworkers. The location of an employee's work site has no impact on these rules. Pay and leave rules depend on the work schedule.

d. Overtime. The existing rules on overtime under Title V, U.S.C and the Fair Labor Standards Act (FLSA) apply to teleworkers. Supervisors should make sure that employees work overtime only with advance approval and should cancel teleworking privileges of employees who continue to work unapproved overtime.

e. Teleworking and Travel. The travel provisions that apply to employees working at a traditional worksite also apply to employees who are teleworking. A teleworker who is directed to travel to another worksite (including the traditional worksite) during his or her regularly scheduled basic tour of duty would have the travel hours credited as hours of work. Similarly, as for all employees, teleworkers who are directed to travel back to the traditional worksite after their regularly scheduled basic tour of duty for irregular or occasional overtime work, are entitled to at least 2 hours of overtime pay or compensatory time off (5 CFR 550.112(h) and 551.401(e)). Where an employee teleworks full-time from a location outside of the local commuting area of the traditional worksite, and his or her alternative worksite has been determined as his or her official duty station, management funds all work-related travel outside the employee's normal commuting area, including travel to the traditional worksite (refer to the guidance provided in section a). Management reserves the right to require employees to report to the traditional worksite on scheduled telework days, based on operational requirements.

f. Certification and Control of Time and Attendance. Supervisors must report time and attendance to ensure that teleworkers are paid only for the work performed and that absences from scheduled tours of duty are accounted for. The General Accounting Office (GAO) requires agencies with employees working at remote sites provide reasonable assurance that the employees are working when scheduled, for example, by determining the reasonableness of the work output for the time spent or by having the supervisor make occasional telephone calls during the employee's scheduled work time. The supervisor will determine the reasonableness of the work output for the time spent.Time spent in a teleworking status must be accounted for and reported in the same manner as if the employee reported for duty at the traditional worksite. Timekeepers will record the numbers of hours each individual spends in a teleworking status during the regular daily tour of duty by entering a type hour code "LX" into the automated time and attendance system. For instance, if an employee has a regular daily tour of duty of 8 hours and spends 8 hours in a teleworking status, 8 hours would be recorded using the "LX" code. Hours spent in a teleworking status that are outside of the regular daily tour must also be accounted for and reported. Employees in a teleworking status must adhere to their approved work schedules. Overtime work must be ordered and approved in advance by the supervisor.

g. Position Description and Performance Standards. Teleworking will seldom require major changes in position descriptions, but may affect factors such as supervisory controls or work environment. Performance standards for teleworkers should be results-oriented and should describe the quality of expected work products and the methods of evaluation. Teleworking performance will be monitored on a results-oriented basis. Generally, supervisors will use the same measures for teleworkers and employees who perform similar tasks in the main office. The supervisor must plan carefully and identify the nature and objective of the task, perhaps by establishing deadlines or arranging for progress reports and meetings. An employee must have a proven, or expected (for new employees), performance rating of "fully successful" or equivalent, to be eligible for participation, and for ongoing participation, in the Telework program.

h. Administrative Leave, Dismissals, and Emergency Closing. Emergency dismissal or closure procedures for employees (including employees teleworking from an alternative worksite) in Federal executive agencies located inside the Washington Capital Beltway are prescribed by OPM on an annual basis. These procedures apply not just in adverse weather conditions (snow emergencies, severe icing conditions, floods, earthquakes, and hurricanes), but in all kinds of emergency situations including air pollution, disruption of power and/or water, and interruption of public transportation. OPM's current policy in situations where it deems Federal agencies to be "closed" is that employees not designated as "emergency employees" (including teleworking employees at an alternative work site) are excused from duty without loss of pay or charge to leave. Consistent with this advice, teleworkers whose traditional worksite is inside the Washington DC Beltway will observe the same closedown arrangements as employees at the traditional worksite. For DoD agencies located outside the Washington DC beltway that are affected by emergency situations or closings, managers should determine action on a case-by-case basis. If a situation arises at the employee's alternative worksite that results in the employee being unable to continue working (e.g., power failure), the supervisor should determine action on a case-by-case basis. Depending on the particular circumstances, supervisors may grant the teleworker excused absence, offer the teleworker the option to take leave or use compensatory time off or credit hours, if applicable, or require the employee to report for work at the traditional worksite. If a similar occurrence (not covered by OPM emergency dismissal guidance) causes employees at the traditional worksite to be unable to continue working, e.g., part of a large organization is dismissed due to a lack of heat or cooling, employees who are teleworking would not be affected and would not need to be excused from duty. If the employee knows in advance of a situation that would preclude working at the alternative worksite, a change in work schedule, leave, or work at the employee's traditional worksite must be scheduled.

i. Cancellation. Because of the voluntary nature of this program, teleworkers and managers have the right to end the teleworking arrangement at anytime. The termination of a teleworking arrangement with a particular employee should not be confused with ending this Command's contractual arrangement, if any, with GSA and/or with the telecenter. If, at any time, it is determined that an arrangement is having an adverse impact on work operations or performance, the supervisor will provide notice to the employee that the arrangement will be terminated. The transition back to the traditional worksite must be in accordance with established administrative procedures and collective bargaining agreements. Although teleworking is not an employee entitlement or right, end of employees from the program must be done according to the union negotiated agreement, as applicable.

j. Employee Grievances. If an employee disputes the reason(s) given by a supervisor for not approving him or her for telework, or for terminating his or her telework agreement, the employee may submit a grievance using the agency administrative or negotiated grievance procedure, as appropriate.

6. Workers' Compensation and other Liabilities

Employees who are directly engaged in performing the duties of their jobs are covered by the Federal Employees Compensation Act (FECA), regardless of whether the work is performed on the agency's premises or at an alternative worksite. The following guidelines apply;

a. An employee on the workers' compensation rolls who is a candidate for vocational rehabilitation may upon approval by the Department of Labor (DOL), use telework as an option.

b. The employee must notify the supervisor immediately of any accident or injury at the alternative worksite, provide details of the accident or injury, and complete the DOL Form CA-1, Federal Employee's Notice of Traumatic Injury and Claim for Continuation of Pay/Compensation. c. For work at home arrangements, the employee is required to designate one area in the home as the official work station. The Government's potential exposure to liability is restricted to this official work station for the purposes of telework. Each employee with an approved Telework Agreement for work-at-home telework must sign a safety checklist Appendix B, that proclaims the home safe. Employees are responsible for ensuring that their homes comply with safety requirements.

d. The Government is not liable for damages to an employee's personal or real property while the employee is working at the approved alternative worksite, except to the extent the Government is held liable by the Federal Tort Claims Act or the Military and Civilian Employees Claims Act. Occupational Safety and Health Administration rules govern Federal employee workplace safety.

e. An employee on the workers' compensation rolls who is a candidate for vocational rehabilitation may use telework as an option. It is a management decision, however, as to whether a light duty position would be developed for an injured employee. If an employer wishes to provide a position suitable for telework, it cannot require the use of one's personal residence or resources to perform work. If an employee finds the home-based worksite not conducive to work, the teleworker would upon approval of the DOL generally be able to withdraw from the vocational rehabilitation trial and apply for a resumption of workers' compensation benefits.

7. Telework for Employees with Disabilities

Telework is excellent for accommodating employees with disabilities. For information on employing and accommodating employees with disabilities, both at home and at the traditional worksite, see the handbook, Managing End User Computing for Users With Disabilities, prepared by GSA's Clearinghouse on Computer Accommodation (COCA). GSA's Federal Information Resources Management Regulations, FIRMR Bulletin C-8, establish Government-wide guidelines for acquiring ADP equipment that helps disabled Federal employees.

8. Privacy Act Considerations

Records subject to the Privacy Act may not be disclosed to anyone except those author-ized access as a requirement of their official responsibilities. Supervisors should ensure that appropriate physical, administrative, and technical safeguards are used to protect the security and confidentiality of such records used at home or telecenters. Supervisors should revise their record system procedures as necessary to indicate that off-site system location is authorized.

9. Security Considerations The following paragraphs supplement, and should be read in conjunction with, the provisions on security for telework, as prescribed in the DoD Telework Policy. All files, records, papers, or machine-readable materials created while teleworking are the property of DoD. For policy advice on electronic security procedures, see FIRMR 41 C.F.R. section 201-7, Security of Personal Privacy; and Security of Personal Computer Systems; A Management Guide, NBS Special Publication 500-120, U.S. Department of Commerce, National Institute of Standards and Technology. Teleworkers are responsible for the security of all official data, protection of any Government-furnished equipment and property, and accomplishment of the mission of NMIMC at the alternative worksite.

10. Training

To facilitate the successful functioning of this program, it is important that teleworkers, their supervisors, and others with project responsibilities understand the basics of teleworking and telecenter operation. To achieve this goal all program participants, must complete telework training before participating in the program.

11. Equipment

The following paragraphs supplement, and should be read in conjunction with, the provisions on use of equipment for telework, as prescribed in the DoD telework policy.

The NMIMC shall determine the range of equipment required by a teleworker, the source of this equipment and responsibility for its installation, service, and maintenance subject to the following: a. providing and/or installing Government-furnished equipment, including separate phone lines, at alternative worksites is at the discretion of the command, and every effort should be made to provide the necessary equipment within budgetary constraints. Laptops and docking stations are useful options for teleworkers; b. supervisors should ensure that Government equipment assigned to teleworkers is properly accounted for; c. the employee continues to be bound by the Department of Defense standards of conduct while working at the alternative worksite and using Government-furnished equipment; d. this command shall be responsible for the service and maintenance of all Government-furnished equipment and software, and employees may be required to bring such equipment into the traditional worksite for maintenance; e. the employee must protect all Government-furnished equipment and software from possible theft and environmental damage. In cases of damage to unsecured equipment by non-employees, the employee will be held liable for repair or replacement of the equipment or software in compliance with applicable regulations on negligence; f. if the supervisor decides to approve Government-furnished equipment and does not have enough office equipment to support its teleworkers due to shortages, the requirement can often be satisfied through excess property (Refer to Part 101-43 of the Federal Procurement Management Regulation (FPMR) regarding "Utilization of Personal Property.") The Property manager for the Component should have knowledge concerning excess equipment availability. Excess property should be the first source of supply before considering purchasing equipment; g. Public Law 104-52 authorizes agencies to use funds to install telephone lines in private residences of employees authorized to telework, and to pay monthly phone charges for such lines, within budgetary constraints. Teleworkers should be provided with Federal calling cards if duties require making long distance calls on a regular basis; h. office supplies, such as paper, toner, printer ink etc., will be available to the teleworker for use at the alternative worksite in the same way as in the traditional workplace; and i. employees who use telecenters will be provided access to basic office equipment (e.g., computer, modem, telephone, fax, copier). Telecenters are responsible for the installation and maintenance of telecenter equipment. Employees are prohibited from using telecenter equipment for personal use.

5.20 Internal Controls, Audits, and Reporting (TBP)

To Be Provided (TBP)

5-15_to_5-20.html