DHS, DISA look to clouds for FOIA management
Connecting state and local government leaders
Both the Department of Homeland Security and the Defense Information Systems Agency are considering cloud-based systems that will help them improve the way they manage Freedom of Information Act requests.
The Department of Homeland Security's Privacy Office is looking for an enterprisewide cloud-based workflow solution to help its DHS process Freedom of Information Act requests and improve data reliability and consistency.
According to a July 31 solicitation, DHS receives more FOIA requests than any federal agency -- approximately 385,000 FOIA, privacy and other requests -- almost 40% of all requests within the federal government, with the scope of each search ranging from one page to one terabyte of records. While DHS was able to substantially increased the number of requests processed over the last 10 years, however, it has not been able to keep pace with the growth in demand, according to its March 2020 Backlog Reduction Plan: 2020 - 2023.
Given the volume and complexity of the matters that are handled, the Privacy Office is looking for an e-discovery and FOIA software-as-a-service workflow solution.
The configurable service must provide end-to-end FOIA case processing, tracking and support for at least 500 simultaneous users with the capability to increase beyond 2,000 users. The easy-to-use interface must allow users to identify and remove duplicate data, search and track documents and ensure metadata is tagged throughout the FOIA processing lifecycle. It must be hosted in a cloud authorized by the Federal Risk and Authorization Management Program.
For government users, the Privacy Office is asking for the ability to track and organize FOIA and privacy requests through intake, processing and completion as well as the ability to automatically and manually assign and transfer cases among employees and automatically notify employees when work is available. The data, metadata and cases must be fully searchable. And the system must support review of mixed media formats and allow users to find, redact, strike through or highlight one or many documents simultaneously.
For the public, the system must have a browser-based interface from which FOIA records, documents and correspondence can be uploaded, tracked, reviewed and exchanged via secured account-based services. It must also compute fees associated with a given FOIA request and include fee and invoice transaction management via Pay.gov as applicable.
Offers are due Aug. 18.
The Defense Information Systems Agency’s Development and Business Center is also looking for a cloud-based workflow tool for its privacy and FOIA areas of practice.
In a July 30 request for information, DISA describes a Department of Defense Privacy/Freedom of Information Act Information Management System (DPIMS) as an enterprise platform that will replace its existing homegrown, custom solutions. The system is expected to unify four lines of business -- breach reporting, system of record notices, computer matching agreements and FOIA processing -- into a single solution that enhances case management and annual reporting.
DPIMS would be accessible worldwide and be available to authorized users on the Non-classified Internet Protocol Router Network Impact Level 4, Secret Internet Protocol Router Network Impact Level 6 and the Joint Worldwide Intelligence Communications networks.
The single enterprise commercial-off-the shelf product can be fielded incrementally, or multiple COTS products for each line of business in a software-as-a-service model. All four LOBs must be accessible via a unified single sign-on web portal for consolidation and reporting.
Responses are due Aug. 17.
NEXT STORY: CISA, NIST issue cloud security guidance