2
Section 1: Introduction
PCLIAs are required for all systems and projects that collect, maintain, or disseminate personally
identifiable information (PII). The system owner completed this assessment pursuant to Section 208 of
the E-Government Act of 2002 (“E-Gov Act”), 44 U.S.C. § 3501, Office of the Management and Budget
(OMB) Memorandum 03-22, “OMB Guidance for Implementing the Privacy Provisions of the E-
Government Act of 2002,” and Treasury Directive 25-07, “Privacy and Civil Liberties Impact Assessment
(PCLIA),” which requires Treasury Offices and Bureaus to conduct a PCLIA before: (1) developing or
procuring information technology (IT) systems or projects that collect, maintain or disseminate PII from
or about members of the public, or (2) initiating a new collection of information that: (a) will be collected,
maintained, or disseminated using IT; and (b) includes any PII permitting the physical or online
contacting of a specific individual, if identical questions have been posed to, or identical reporting
requirements imposed on, 10 or more persons (not including agencies, instrumentalities, or employees of
the federal government).
It is the policy of the Department of the Treasury (“Treasury” or “Department”) and its Bureaus to
conduct a PCLIA when PII is maintained in a system or by a project. This PCLIA provides the following
information regarding the system or project: (1) an overview of its purpose and functions; (2) a
description of the information collected; (3) a description of the how information is maintained, used, and
shared; (4) an assessment of whether the system or project is in compliance with federal requirements that
support information privacy; and (5) an overview of the redress/complaint procedures available to
individuals who may be affected by the use or sharing of information by the system or project.
Section 2: System Overview
Section 2.1: System/Project Description and Purpose
The Department of the Treasury’s (“Treasury” or “the Department”) Enterprise Content
Management Cloud (ECM Cloud), formerly Enterprise Content Management (ECM) Program,
provides an architectural framework to manage unstructured content/data. ECM Cloud supports
the use of strategies, tools, and applications to collect, store, preserve, manage, and distribute
documents within Treasury throughout the lifecycle of the content. ECM Cloud is based on
Microsoft SharePoint and offers Infrastructure as a Service (IaaS), Platform as a Service (PaaS)
and Software as a Service (SaaS) solutions. Rather than deploying software on an in-house
network, users access the applications and their data online. The SharePoint platform serves as
enterprise collaboration and communication solution, eliminating additional investments in
duplicative collaborative technologies, leveraging economies of scale, and connecting separate
Bureaus/Offices using the same platform in an integrated environment.
ECM Cloud creates, implements, and maintains SharePoint-based Information Technology (IT)
solutions, including the Treasury Intranet (MyTreasury), Bureau Intranets, Collaboration Sites,
Records Center (for records management), Enterprise Federation (to allow access to the ECM
Cloud applications for users external to Treasury) and various shared services. In accordance
with the Office of Management and Budget (OMB) Shared First initiative, ECM Cloud provides
a common platform for Treasury and non-Treasury users to collaborate with a common set of
tools. The ECM Cloud resides within the Departmental Offices (DO), Office of the Chief
Information Officer (OCIO), Enterprise Business Solutions (EBS) organization.