Download:
pdf |
pdfNASA IT Privacy Impact Assessment (PIA) Analysis Worksheet
System Name:
LERCIP
(generally the name that the system is accessed by. www.nasa.gov, when Web
enabled, for example)
System Owner:
Person responsible for funding
System Manager:
Person responsible for technical operation
NASA Cognizant Official:
Susan Gott
Phone Number:216-433-3833
E-Mail:[email protected]
Irene Wirkus
Phone Number: 216-433-9399
E-Mail: [email protected]
NASA individual responsible for management of daily operations
SUSAN F. GOTT
Phone Number: 216.433.3833
E-Mail: [email protected]
Activity/Purpose of System:
LERCIP application processing
Mission Program/Project Supported:
Educational Programs Office - LERCIP Higher Ed
IT Security Plan Number:
OA-9999-M-GRC-2202
System Location:
Center:GRC
Street Address:21000 Brookpark Rd.
Building:142
City:Cleveland
State:OH
ZIP:44135
(Center or contractor office building, room, city and state)
Privacy Act System of Records (SOR) number:
NASA 10SPER Special Personnel Records
OMB Information Collection Approval Number and
Expiration Date:
Emergency PRA request to Walter Kit, HQ working with NASA Cognizant Official, Sue Gott
Other Identifying Numbers:
* An "Information System" is defined as discrete set of information resources organized for the collection, processing,
maintenance, use, sharing, dissemination, or disposition of information.
Page 1
Privacy Question Sets
Response
Comments
Section I - System Characterization and Data Categorization
Questions 1-18 must be completed for all systems as part of the IT Security Certification and Accreditation Process.
1. Is this a new system or has any of
the major changes listed in the
Comments column occurred to the
system since April 2003 or the conduct
of the last PIA?
Yes
No
This is a new system not in production
previously
This system has never previously been
assessed
Conversions
Anonymous to Non-Anonymous
Significant System Management Changes
Significant Merging
New Public Access
Commercial Sources
Internal Flow or Collection
New Interagency Use
Alteration in Character of Data
2. Does/will the system provide a new,
or modernize/enhance an existing
capability, service or function for
NASA?
Yes
Is over $500,000 in value.
No
Affects more than one Center.
NA
Affects more than 100 people.
Is a major investment requiring an OMB
300 (also called an exhibit 300).
Enterprise Architecture review of the
system has been directed by the Mission
Directorate CIO, Center CIOS, NASA CIO, or
Program/Project/Service Manager.
3. Does/will the system contribute to the
continuation or longevity of a previous
NASA investment for capability, service
or function?
Yes
Is over $500,000 in value.
No
Affects more than one Center.
NA
Affects more than 100 people.
Is a major investment requiring an OMB
300 (also called an exhibit 300).
Enterprise Architecture review of the
system has been directed by the Mission
Directorate CIO, Center CIOS, NASA CIO, or
Program/Project/Service Manager.
Page 2
Privacy Question Sets
4. Does the system represent some
balanced combination (50/50, 60/40,
70/30) of the previous 2 questions (e.g.,
developing a new capability, service or
function while contributing to the
continuation of a previous NASA
investment)?
Response
Yes
No
NA
Comments
Is over $1,000,000 in total lifecycle value
(Initial Development + Est. Lifecycle)
Affects more than one Center.
Affects more than 100 people.
Is a major investment requiring an OMB
300 (also called an exhibit 300).
Enterprise Architecture review of the
system has been directed by the Mission
Directorate CIO, Center CIOS, NASA CIO, or
Program/Project/Service Manager.
5. Does/Will the system contain Federal
records?
Yes
No
NA
6. If the system contains/will contain
Federal records, under which
disposition authority item in the NASA
Records Retention Schedules (NRRS)
or the General Records Schedules
(GRS) are/will the records be retained
and disposed of or archived?
7. Are the records in this system (or will
they be) generated in the process of
NASA program/project formulation,
design, development, or operation as
described in NPR 7120?
8. Are the records Vital records for the
organization?
NRRS
3.14 NASA Special Employment Files
GRS
None
Yes
No
NA
Yes
No
NA
9. Are backup files (tapes or other
media) being stored off-site?
Yes
No
NA
10. Does/will the system collect
information in a standard way (forms,
web enabled form, survey,
questionnaire, etc) from members of the
public (including contractors),
regardless of format (paper, electronic
or oral)?
11. Is the information collection
indicated above authorized by an OMB
Approval Number under the Paperwork
Reduction Act (PRA)? If yes, please
provide PRA Approval Number under
Comments.
Yes
Personal identifying information
No
Other (Describe):
NA
Yes
No
PRA OMB Approval Number: Emergency PRA
being prepared by Walter Kit, HQ
NA
Page 3
Privacy Question Sets
12. Does/Will the system contain (store)
information in identifiable form (IIF)
within any database(s), record(s), file(s)
or Web site(s) hosted by this system? If
yes, check all that apply in the
Comments column. If the category of
personal information is not listed,
please check Other and identify the
category.Please note: This question
seeks to identify all personal
information contained within the
system. This includes any IIF, whether
or not it is subject to the Privacy Act,
whether the individuals are employees,
the public, research subjects, or
business partners, and whether
provided voluntarily or collected by
mandate. Later questions will try to
understand the character of the data
and its applicability to the requirements
under the Privacy Act or other
legislation.
Response
Comments
Yes
Personal Information
No
Name
NA
Date of birth
Social Security Number (or other number
originated by a government that specifically
identifies an individual)
Photographic identifiers (e.g., photograph
image, x-rays, and video)
Driver license
Biometric identifiers (e.g., fingerprint and
voiceprint)
Mother maiden name
Vehicle identifiers (e.g., license plates)
Mailing address
Phone numbers (e.g., phone, fax, and cell)
Medical records numbers
Medical notes
Financial account information and/or
numbers (e.g., checking account number and
Personal Identification Numbers [PIN])
Certificates (e.g., birth, death, and
marriage)
Legal documents or notes (e.g., divorce
decree, criminal records, or other)
Device identifiers (e.g., pacemaker, hearing
aid, or other)
Web Uniform Resource Locators (URL)
E-mail address
Education records
Military status and/or records
Employment status and/or records
Foreign activities and/or interests
Other (Describe):
Page 4
Privacy Question Sets
13. Indicate all the categories of
individuals about whom IIF is or will be
collected.
Response
Yes
No
NA
Comments
Categories of individuals:
Employees
Members of the public (excluding
contractors and partners)
Patients
Business partners/contractors (including,
but not limited to federal, state, local agencies)
Vendors/Suppliers/Contractors
Other:
Page 5
Privacy Question Sets
14. Are records on the system (or will
records on the system be) retrieved by
one or more data elements?
Response
Comments
Yes
Personal Information
No
Name
NA
Date of birth
Social Security Number (or other number
originated by a government that specifically
identifies an individual)
Photographic identifiers (e.g., photograph
image, x-rays, and video)
Driver license
Biometric identifiers (e.g., fingerprint and
voiceprint)
Mother maiden name
Vehicle identifiers (e.g., license plates)
Mailing address
Phone numbers (e.g., phone, fax, and cell)
Medical records numbers
Medical notes
Financial account information and/or
numbers (e.g., checking account number and
Personal Identification Numbers [PIN])
Certificates (e.g., birth, death, and
marriage)
Legal documents or notes (e.g., divorce
decree, criminal records, or other)
Device identifiers (e.g., pacemaker, hearing
aid, or other)
Web Uniform Resource Locators (URL)
E-mail address
Education records
Military status and/or records
Employment status and/or records
Foreign activities and/or interests
Other (Describe):
15. Are/Will records on members of the
public or more individuals containing IIF
[be] maintained, stored or
transmitted/passed through this
system?
16. Is the system (or will it be) subject
to the Privacy Act?
Yes
No
NA
Yes
No
NA
Page 6
Privacy Question Sets
Response
17. Has a Privacy Act System of
Records (SOR) Notice been published
in the Federal Register for this system?
If no, choose the reason of why not or
specify other reason in the Comments
column.
Comments
Yes
No
NA
No IIF is contained in the system.
IIF is in the system, but records are not
retrieved by individual identifier.
Should have published an SOR, but was
unaware of the requirement.
System is required to have an SOR but is
not yet procured or operational.
Other (Describe):
18. If a SOR Notice has been
published, have major changes to the
system occurred since publication of
the SOR?
Yes
No
NA
Section II - Information Sharing Practices
Questions 19 through 32 concern the way in which information is used, transferred, stored, and processed. These questions
are especially critical to determining whether the use and operation of the system is consistent with federal law and
regulations.
19. Is the IIF in the system voluntarily
submitted (or will it be)?
Yes
No
NA
20. Does/Will the system collect IIF
directly from individuals?
Yes
No
NA
21. Does/Will the system collect IIF
from other resources (i.e., databases,
Web sites, etc.)?
Yes
No
NA
22. Does/Will the system populate data
for other resources (i.e., do databases,
Web sites, or other resources rely on
this system's data)?
Yes
Resource and Purpose:
No
1 Educational Programs Office -- Intranet;
Populating Reports, internship selections
NA
2
3
4
Other
23. Does/Will the system share or
disclose IIF with agencies external to
NASA, or other people or organizations
outside NASA?
Yes
With whom and for what purpose:
No
1
NA
2
3
4
Other
Page 7
Privacy Question Sets
24. If the IIF in the system is or will be
matched against IIF in one or more
other computer systems internal or
external to NASA, are (or will there be)
computer data matching agreement(s)
in place?
Response
Yes
No
Comments
Location of other systems involved in
matching:
Internal to NASA
NA
External to NASA
Other systems involved in matching:
25. Will the IIF be de-identified,
aggregated, or otherwise made
anonymous?
26. Is there a process, either planned or
in place, to notify organizations or
systems that are dependent upon the
IIF contained in this system when
changes occur (i.e., revisions to IIF,
when the system encounters a major
change, or is replaced)?
27. Is there a process, either planned or
in place, to notify and obtain consent
from the individuals whose IIF is in the
system when major changes occur to
the system (e.g., disclosure and/or data
uses have changed since the notice at
the time of the original collection?
28. Is there (or will there be) a process
in place for individuals to choose how
their IIF is used?
Yes
De-identified
No
Aggregated
NA
Anonymous
Yes
No
NA
Yes
No
NA
Yes
No
NA
29. Is there (or will there be) a
complaint process in place for
individuals who believe that their IIF has
been inappropriately obtained, used, or
disclosed, or that the IIF is inaccurate?
30. Are there (or will there be)
processes in place for periodic reviews
of IIF contained in the system to ensure
the data's integrity, availability,
accuracy, and relevance?
Process: Individuals are notified of intended
use when they are asked to provide the
information By Voluntarily providing the
information they give consent to its use as
described.
Yes
No
NA
Yes
No
NA
Page 8
Privacy Question Sets
Response
31. Are there (or will there be) rules of
conduct in place for access to IIF on the
system?
Comments
Yes
Users
No
Administrators
NA
Developers
Contractors
For what purpose:
1 Processing of submitted data
2 Data Integretity and Development
3
4
Other
32. Is there (or will there be) a process
in place to log routine and non-routine
disclosures and/or unauthorized
access?
Yes
Disclosures logged (check all apply):
No
Routine
NA
Non-routine
Public Internet (Describe):
Section III - Web Site Hosting Practices
Questions 33 through 46 concern systems that host Web sites. If a system hosts a Web site, system owners must comply
with requirements involving notice and information collection practices. If the system does not host a Web site, the majority of
these questions can be answered 'N/A'.
33. Does/Will the system have a Web
interface?
Yes
Type of site (check all apply):
No
Public Internet (Describe): It is an online
application for a summer internship program
NA
Internal NASA (Describe):
34. Is the Web site (or will it be)
accessible by the public or other entities
(i.e., federal, state, and local agencies,
contractors, third-party administrators,
etc.)?
Yes
1 Public
No
2
NA
3
4
35. Is the Agency Web site privacy
policy statement posted (or will it be
posted) on the Web site?
Yes
No
NA
36. Is the Web site's privacy policy in
machine-readable format, such as
Platform for Privacy Preferences
(P3P)?
Yes
Implementation Plan:
No
NA
Page 9
Privacy Question Sets
37. Does/Will the Web site employ
persistent tracking technologies?
Response
Comments
Yes
Session cookies
No
Persistent cookies
NA
Web bugs
Web beacons
Other (Describe):
Authorizing Official:
Authorizing Date:
38. Does/Will the Web site collect or
maintain personal information from or
about children under the age of 13?
Yes
No
NA
39. Does/Will the Web site collect or
maintain personal information from or
about children under the age of 13,
please indicate how the information is
collected?
NA
What Information is collected:
How the information is collected (check all
apply):
Actively directly from the child
Passively through cookies
40. If the Web site does/will collect or
maintain personal information from or
about children under the age of 13, is
the information shared with any
non-NASA organizations, grantees,
universities, etc.?
41. If the Web site does/will collect or
maintain personal information from or
about children under the age of 13,
specify what method is used for
obtaining parental consent?
Yes
Information is shared with:
No
NA
NA
Method used for obtaining parental consent
(check all apply):
No consent is obtained
Simple email
Email accompanied by digital signature
Signed form from the parent via postal mail
or facsimile
Accepting and verifying a credit card
number in connection with a transaction
Taking calls from parents, through a
toll-free telephone number staffed by trained
person
Page 10
Privacy Question Sets
42. Does/Will the Web site collect IIF
electronically from any individuals?
Response
Comments
Yes
Personal Information
No
Name
NA
Date of birth
Social Security Number (or other number
originated by a government that specifically
identifies an individual)
Photographic identifiers (e.g., photograph
image, x-rays, and video)
Driver license
Biometric identifiers (e.g., fingerprint and
voiceprint)
Mother maiden name
Vehicle identifiers (e.g., license plates)
Mailing address
Phone numbers (e.g., phone, fax, and cell)
Medical records numbers
Medical notes
Financial account information and/or
numbers (e.g., checking account number and
Personal Identification Numbers [PIN])
Certificates (e.g., birth, death, and
marriage)
Legal documents or notes (e.g., divorce
decree, criminal records, or other)
Device identifiers (e.g., pacemaker, hearing
aid, or other)
Web Uniform Resource Locators (URL)
E-mail address
Education records
Military status and/or records
Employment status and/or records
Foreign activities and/or interests
Other (Describe): Resume
Page 11
Privacy Question Sets
43. Does/Will the Web site provide a
PDF form to be completed with IIF from
any individuals and then mailed or
otherwise provided to NASA?
Response
Comments
Yes
Personal Information
No
Name
NA
Date of birth
Social Security Number (or other number
originated by a government that specifically
identifies an individual)
Photographic identifiers (e.g., photograph
image, x-rays, and video)
Driver license
Biometric identifiers (e.g., fingerprint and
voiceprint)
Mother maiden name
Vehicle identifiers (e.g., license plates)
Mailing address
Phone numbers (e.g., phone, fax, and cell)
Medical records numbers
Medical notes
Financial account information and/or
numbers (e.g., checking account number and
Personal Identification Numbers [PIN])
Certificates (e.g., birth, death, and
marriage)
Legal documents or notes (e.g., divorce
decree, criminal records, or other)
Device identifiers (e.g., pacemaker, hearing
aid, or other)
Web Uniform Resource Locators (URL)
E-mail address
Education records
Military status and/or records
Employment status and/or records
Foreign activities and/or interests
Other (Describe):
44. Does/Will the Web site share IIF
with other organizations within NASA,
agencies external to NASA, or other
people or organizations outside NASA?
Yes
With whom Information is shared:
No
1 Potential Mentors at the Center
NA
2
Other
Page 12
Privacy Question Sets
Response
45. Are rules of conduct in place (or will
they be in place) for access to IIF on
the Web site?
Comments
Yes
Users
No
Administrators
NA
Developers
Contractors
For what purpose:
1 Evaluation of Applications
2
3
4
Other
46. Does/Will the Web site contain links
to sites external to the Center that owns
and/or operates the system?
Yes
Disclaimer notice for all external links
No
NA
Section IV - Administrative Controls
Administrative controls are safeguards to ensure proper management and control of information and information systems.
These safeguards include policies, the PIA itself, and certification and accreditation (CA) programs. Questions 47 through 52
are relevant to the administrative controls that are in place to protect the IIF in the system in question.
47. Has the system been certified and
accredited (authorized to operate): 'y' or
'n'?
Yes
C&A Plan/Timeline: 12/2/2008
No
NA
48. Have personnel (system owners,
managers, operators, contractors
and/or program managers) using the
system been (or will they be) trained
and made aware of their responsibilities
for protecting the IIF being collected
and maintained?
Yes
No
NA
49. Who has/will have access to the IIF
on the system?
Check all that apply
Users
Administrators
Developers
Contractors
Others
50. If contractors operate or use the
system, do the contracts include
clauses ensuring adherence to privacy
provisions and practices?
Yes
No
NA
Page 13
Privacy Question Sets
Response
51. Are methods in place to ensure that
access to IIF is restricted to only those
required to perform their official duties?
Yes
No
Comments
Method(s): UserID and Passwords will be set
up for those that need access. Following OCIO
Recommended Practices.
NA
52. Are there policies or guidelines in
place for the retention and destruction
of IIF within the application/system?
Yes
No
Policies/Practices: NASA Glenn Records
Managment Policies are in place.
NA
Section V - Technical Controls
Technical controls are safeguards that the computer system generally executes. Technical safeguards include password
protection, firewalls, and cryptography. All of these items are covered in NASA Security plans that should be in place for
every system. Questions 53, 54, and 55 focus on the technical controls of the system.
53. Are technical controls in place to
minimize the possibility of unauthorized
access, use, or dissemination of the
data in the system (or will there be)?
Yes
No
NA
54. Are any of the password controls
listed in the Comments column in place
(or will there be)?
Yes
No
NA
Check all that apply:
Passwords expire after a set period of time.
Accounts are locked after a set period of
inactivity.
Minimum length of passwords is eight
characters.
Passwords must be a combination of
uppercase, lowercase, and special characters.
Accounts are locked after a set number of
incorrect attempts.
55. Is there (or will there be) a process
in place to monitor and respond to
privacy and/or security incidents?
Yes
No
NA
Section VI - Physical Controls
Physical controls are measures taken to protect systems, buildings, and related supporting infrastructure against threats
associated with their physical environment. These safeguards might include protections against fire, structural collapse,
plumbing leaks, physical access controls, and controls against the intercept of data. Question 56 concerns physical controls
applied to the system.
56. Are physical access controls in
place (or will they be)?
Yes
No
NA
Page 14
Privacy Impact Assessment (PIA) Summary
Date of this Submission: Nov 17, 2009
NASA Center: GRC
System Name: LERCIP
Is this application or information collection new or is an existing one being modified? Not New
Does this application collect, maintain, and/or disseminate information in identifiable form (IIF)? Yes
Mission Program/Project Supported: Educational Programs Office - LERCIP Higher Ed
Identifying Numbers (Use N/A, where appropriate)
Privacy Act System of Records Number: NASA 10SPER Special Personnel Records
OMB Information Collection Approval Number and Expiration Date: Emergency PRA request to Walter
Kit, HQ - working with NASA Cognizant Official, Sue Gott
Other Identifying Number(s): N/A
Description
1. Provide an overview of the application or collection and indicate the legislation authorizing
this activity:
The Lewis Educational and Research Collaborative Internship Program (LERCIP) application is a
web-based application that will provide college students the ability to submit an application and an
electronic resume to GRC / OAI to apply for the LERCIP Program. OAI and EPO will use the CWA
application to track the status of the submitted applications and related iinformation. Furthermore, they
will use the application to mentors who will be able to review limited information on the students to
identify candidates for the internship position. Administration options will be available to run selected
reports and also purge the database of previous applications and reports.
2. Describe the information the agency will collect, maintain, or disseminate and how the
agency will use the information. In this description, indicate whether the information contains
IIF and whether submission is voluntary or mandatory:
The information collected is information voluntarily submitted by users in order to apply for
participation in a summer internship program.
3. Explain how the IIF is collected, maintained, and/or disseminated is the minimum necessary
to accomplish the purpose for this effort:
In order to reduce paper used for this project, the bare minimum of information is collected via an
online application web interface.
4. Explain why the IIF is being collected, maintained, or disseminated:
The IIF is collected so that individual applications can be obtained and processed.
5. Identify with whom the agency will share the IIF:
Page 15
The IIF collected in this system is not being shared outside of the agency. However, persons with
proper access rights will be able to view this IIF during the application evaluation and selection
process.
6. Describe how the IIF will be obtained, from whom it will be collected, what the suppliers of
the information and the subjects will be told about the information collection, and how this
message will be conveyed to them (e.g. written notice, electronic notice if a Web-based
collection). Describe any opportunities for consent provided to individuals regarding what
information is collected and how the information will be shared:
The information will be collected via a web-based user interface. The target audience are student will
be starting their freshman year of college in the upcoming Fall semester. Upon the successful
submission of the online application, the user will receive an email stating that the submission prcess
was successful.
7. State whether the personal information will be collected from children under age 13 on the
Internet and, if so, how parental or guardian approval will be obtained. (Reference: Children's
Online Privacy Protection Act of 1998):
No information will be collected from children under the age of 13
8. Describe how the IIF will be secured:
Security plans have been written and certified. All persons with proper access rights are required to
annually take Information Security training.
9. Describe plans for retention and desctruction on IIF:
Follow guidelines set forth in NRRS Schedule 3/3300-14 NASA Special Employment Programs Files
10. Identify whether a system of records is being created under section 552a of Title 5, United
States Code (the Privacy Act), or identify the existing Privacy Act system of records notice
under which the records will be maintained:
NASA 10SPER Special Personnel Records
Point of contact to whom a member of the public can address questions concerning this
information system and the privacy concerns associated with it: Mike Wardeiner
Page 16
Concur:
Concur:
Concurrence Credentials on File
Concurrence Credentials on File
System Owner
SHIRLEY A. ANDERSON
Center Privacy Manager
Date: 03/24/2009
Date: 03/24/2009
Concur:
Approve:
Concurrence Credentials on File
Teresa M. Fryer
NASA Privacy Program Manager
BOBBY L. GERMAN
NASA CIO
Date: 03/24/2009
Date
Page 17
Document History
Date
Action
Message
06/22/09
Final approval by:Kevin Johnson
Signed by NASA's CIO, Bobby
German on April 1, 2009. The PIA
summary is posted on the internal and
external Privacy Websites.
03/24/09
Submitted to NASA CIO by:Kevin
Johnson
N/A
03/24/09
Submitted to Nasa Privacy Program
Manager by:SHIRLEY ANDERSON
N/A
03/24/09
Submitted to Center Privacy Manager N/A
by:SHIRLEY ANDERSON
03/24/09
Submitted to Application Owner
by:SHIRLEY ANDERSON
01/14/09
Delegated to:SHIRLEY ANDERSON Shirley, Looks good to me. I didn't see
any issues with the COPPA
questions. I changed the NASA CIO
to Bobby German for concurrence.
Let me know if you have any other
questions.
01/14/09
Delegated to:Teresa Fryer
12/10/08
Delegated to:SHIRLEY ANDERSON Q 39 and Q 41 need to be addressed
12/03/08
Delegated to:SUSAN GOTT
LERCIP has been approved by
Shirley Anderson
Teresa - Please review a first try of
the LERCIP PIA. I don't understand
this Enterprise Architecture review.
Also Q 39 and 41 we can't seem to
figure out. What does that mean. Let
me know your comments. Thanks for
all your help.
Sue, I have delegated to you the PIA
document that I started for LERCIP.
You might be getting a call from
Shirley Anderson regarding this. You
don't need to do anything with this
until you hear from Shirley.
An Enterprise Architecture review is required in accordance with NPR 2830.1
Page 18
File Type | application/pdf |
File Modified | 2009-11-17 |
File Created | 2009-11-17 |