skip navigation nih record
Vol. LIX, No. 10
May 18, 2007

previous story

next story

Complying with HSPD-12
High-Tech ID Cards Coming to NIH

On the front page...

For the thousands of NIH’ers whose ID badges will expire between now and October, their upcoming renewal process may be different this time: both more comprehensive and more sensitive. To comply with Homeland Security Presidential Directive (HSPD) 12, signed in 2004, all federal executive departments and agencies must put in place a standard for “secure and reliable” identification for employees, contractors and affiliates.

According to OMB guidelines, by October 2008, every federal employee and contractor is to have completed the HSPD-12 process known as personal identity verification (PIV).


NIH’s current effort is focusing on badges set to expire between now and October, which will affect approximately 5,500 employees, contractors and volunteers. In security-speak, NIH is now in the first phase, PIV-1, when personal information is collected, verified and adjudicated. Adjudication, according to OMB guidelines, “determines whether the applicant is suitable to receive a credential, based on results obtained from the OPM background investigation.”

PIV-1 entails fingerprinting, photographing and checking current I-9 documents (photo ID). Fingerprints are run through the Office of Personnel Management to identify any criminal history. Following this initial identity verification and fingerprint check, applicants receive their new ID badge.

“Our to protect our people and to secure the science. We want to be able to say that our workplace is safe.”

But the process does not end there. PIV then requires filling out a personnel investigation form with information including Social Security number; date and place of birth; citizenship; employment, education and references over the past 5 years; and law enforcement records for the last 3 years.

The information itself is kept in a restricted area, where all staff members have a clearance level of at least secret and as high as top secret. A “Background Investigation Tracking System NIH Database” will be maintained by NIH’s Info Tech Branch and transmitted to OMB via the OPM portal’s Personnel Information Processing System.

Coordinating the new ID card program are (from l) Paul Perez, DPSAC chief, Alex Salah, Access Control Branch chief, and Nikole Smith, HSPD-12 program manager.

Up to 90 percent of staff are in non-sensitive positions and will have the basic background check, covering their last 5 years of personal history. However, some individuals, such as those conducting sensitive research or major procurement, may require a higher level investigation that could include a credit history check.

A position-sensitivity worksheet is being developed by the personnel security working group to help ICs determine “the level of classification sensitivity based on the duties and responsibilities of an employee in his or her position,” says Paul Perez, director of the Division of Personnel Security and Access Control, ORS. Perez and his three branch leaders—Alex Salah, Nikole Smith and Barbara Hardy—have been tasked with implementing HSPD-12 for NIH.

For those working in NIH’s off-campus locations, there is a mobile PIV-1 processing unit that can travel to your site so you don’t have to visit the main campus. Mobile-unit visits should be coordinated via the ICs; supervisors should help organize staff into groups of at least 25. Whether on or off-campus, the ICs cover the processing costs, using their CAN numbers.

For those on the main campus, the Personnel Security Branch is located in Bldg. 31, Rm. 1B03.

“By following the government-wide identity standards of HSPD-12, we will, at a minimum, be able to quickly identify who is trying to gain authorized access to our facilities,” says Perez, who moved from the Department of Homeland Security to NIH last November. “NIH is accountable during major events. We must be able to answer the questions ‘Who’s on your property? Where are they?’ We’re trying to create a safe working environment for all employees.”

HSPD-12 evolved out of 9/11, he explains, as well as Hurricanes Katrina, Rita and Wilma, when chaos hampered conclusive and swift identification among colleagues in the field.

As for the new badges—variously called “smart cards,” or “PIV-2 cards”—the production contract has been awarded to Oberthur Card Systems, where the product is currently being tested. When HHS approves the new technology, NIH will enter HSPD-12’s next phase: Personal Identity Verification phase 2, or PIV-2.

Meanwhile, the existing ID cards will be used. Once approved, PIV cards will contain imprinted personal information and could operate across federal agencies.

But let’s say you got into trouble a long time ago, and were nonetheless hired. Must you, a loyal employee, reveal your background history?

“You have a right to say no,” says Perez. “How that affects your employment is something else.” Per Executive Order 10450 and HSPD-12, background investigations are a requirement for federal employment.

So—about that DWI incurred while driving home from your sister’s wedding when you were 19...?

“Everybody gets in trouble when they’re young,” says Perez. “We look at the whole person. We review the criminal history, any charges, pending or resolved; how old those charges are; the age of the person at the time; the severity and the conditions.” The Division of Personnel Security and Access Control adjudicators are taught to use best judgment and refer questionable cases to management. Perez himself is a seasoned, certified protection professional. The staff handling NIH’ers’ personal information are “professional and credible themselves; they take all safeguards and follow all regulations and directives.

“We want employees to know our mission,” says Perez. “It is to protect our people and to secure the science. We want to be able to say that our workplace is safe.”

Procedural steps are outlined for expiring badge holders, new employees and new contractors at If your badge is expiring, work with your executive officer or other IC representative to schedule a badge-renewal appointment.

For more information on the PIV-1 process, call the HSPD-12 help desk at (301) 402-9755, or email NIH Record Icon

Summary of Homeland Security Presidential Directives

On Oct. 8, 2001, President Bush established the Office of Homeland Security to assist federal efforts to combat terrorism and maintain the domestic security of the United States. On Oct. 29, 2001 he issued the first of a new series of Homeland Security Presidential Directives (HSPDs) governing the full spectrum of national security, domestic preparedness and nationwide response plans. So far, they include:

HSPD-1 Organization & Operation of the Homeland Security Council, Oct. 29, 2001

HSPD-2: Combating Terrorism through Immigration Policies, Oct. 29, 2001

HSPD-3: Homeland Security Advisory System, Mar. 11, 2002

HSPD-4: National Strategy to Combat Weapons of Mass Destruction, Sept. 17, 2002

HSPD-5: Management of Domestic Incidents, Feb. 28, 2003

HSPD-6: Integration and Use of Screening Information, Sept. 16, 2003

HSPD-7: Critical Infrastructure Identification, Prioritization and Protection, Dec. 17, 2003

HSPD-8: National Preparedness, Dec. 17, 2003

HSPD-9: Defense of United States Agriculture and Food, Jan. 30, 2004

HSPD-10: BioDefense for the 21st Century, Apr. 28, 2004

HSPD-11: Comprehensive Terrorist-Related Screening Procedures, Aug. 11, 2004

HSPD-12: Policy for a Common Identification Standard for Federal Employees and Contractors, Aug. 27, 2004

HSPD-13: Maritime Security Policy, Dec. 21, 2004

HSPD-14: Domestic Nuclear Detention, Apr. 20, 2005

HSPD-15: [Classified; intended to clarify roles and responsibilities on the war on terror and to improve government coordination], Mar. 8, 2006

HSPD-16: Aviation Strategy and Security, June 22, 2006

HSPD-17: [Classified]

HSPD-18: Medical Countermeasures Against Weapons of Mass Destruction, Jan. 31, 2007

HSPD-19: Combating Terrorist Use of Explosives in the United States, Feb. 12, 2007

back to top of page