Download:
pdf |
pdfThe Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 1 of 7
PRIVACY THRESHOLD ANALYSIS (PTA)
This form is used to determine whether
a Privacy Impact Assessment is required.
Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under
the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a component
Privacy Office, please send the PTA to the DHS Privacy Office:
Rebecca J. Richards
Director of Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 703-235-0780
[email protected]
Upon receipt from the component Privacy Office, the DHS Privacy Office will review this form. If a PIA
is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment Guide
and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website, www.dhs.gov/privacy,
on DHSConnect and directly from the DHS Privacy Office via email: [email protected], phone: 703-235-0780.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 2 of 7
PRIVACY THRESHOLD ANALYSIS (PTA)
SUMMARY INFORMATION
Date Submitted for Review: March 23, 2011
Name of Project: Implementation of Coastal Barrier Legislation (1660-0010)
System Name in TAFISMA: None
Name of Component: Federal Emergency Management Agency
Name of Project Manager: Mary Chang
Email for Project Manager: [email protected]
Phone Number for Project Manager: (202) 212-4712
Type of Project:
Information Technology and/or System. ∗
A Notice of Proposed Rule Making or a Final Rule.
Form or other Information Collection.
Other:
∗
The E-Government Act of 2002 defines these terms by reference to the definition sections of Titles 40 and
44 of the United States Code. The following is a summary of those definitions:
•“Information Technology” means any equipment or interconnected system or subsystem of
equipment, used in the automatic acquisition, storage, manipulation, management, movement,
control, display, switching, interchange, transmission, or reception of data or information. See 40
U.S.C. § 11101(6).
•“Information System” means a discrete set of information resources organized for the collection,
processing, maintenance, use, sharing, dissemination, or disposition of information. See: 44. U.S.C. §
3502(8).
Note: for purposes of this form, there is no distinction made between national security systems or
technologies/systems managed by contractors. All technologies/systems should be initially reviewed for
potential privacy impact.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 3 of 7
SPECIFIC QUESTIONS
1.
Describe the project and its purpose:
Section II of the Coastal Barrier Resources Act (P.L. 97-348) prohibits the sale of National Flood
Insurance Program (NFIP) policies for buildings that have been newly constructed or
substantially improved on undeveloped coastal barriers on or after October 1, 1983. FEMA
Regulation Title 44 of the Code of Feral Regulations, Section 71.4, requires documentation
indicating that a building is neither new construction nor substantial improvement. The Coastal
Barrier Resources Act of 1990 (P.L. 101-591) expands the areas encompassed by the Coastal
Barrier Resource System (CBRS).
When an application for flood insurance is submitted for buildings located in CBRS and/or
Otherwise Protected Area (OPA) communities, the following types of documentation must be
submitted as evidence of eligibility by the applicant’s insurance agent writing through the NFIP
Direct Servicing Agent (DSA):
1)
FEMA Flood Insurance Rate Map (FIRM) - For buildings built on or after the date the
insurance prohibition became effective, a legible copy of the current FEMA Flood Insurance Rate
Map (FIRM) panel showing that the building is not located in a CBRS area or OPA.
2)
Legally Valid Building Permit - For buildings in CBRS areas and OPAs, a permit is
needed, or, if the building permit was lost or destroyed, a written statement to this effect signed
by the community official responsible for the building permits will be accepted in lieu of the
building permit; and
3)
Written and Signed Statement from a Community Official - A statement by a
responsible community official that is written and signed and states that:
1. The walls and roof of the building were in place (1982 Act) or the start of construction
took place (1990 Act), before the date the insurance prohibition became effective, and
2. The building was not substantially improved or substantially damaged on or after the
date the insurance prohibition became effective.
3. For structures in OPAs only this also involves written certification from the
governmental body overseeing the area indicating that a building in an OPA is used in a
manner consistent with the purpose for which the area is protected may be submitted in
lieu of the above documentation.
All of these documents are submitted to the NFIP Bureau for tracking and transmittal purposes.
The Bureau sends the packet to the appropriate US Fish & Wildlife Field Office (F&WS) for an
official determination. Issuance of the policy (eligibility for coverage) is based on the US F&WS
determination.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 4 of 7
Tracking, by FEMA, is limited to the property addresses that are identified as being inside CBRS
areas or Otherwise Protected Areas (OPAs) and that information is only used to identify invalid
NFIP polices.
2.
Status of Project:
This is a new development effort.
This is an existing project.
Date first developed: The Coastal Barrier Resources Act (Public Law 97-348) was
enacted October 18, 1982.
Date last updated: 1990 -- The Coastal Barrier Resources Act of 1990 (P.L. 101-591)
included in the System additional areas along the Great Lakes, Puerto Rico, the
Florida Keys, the Virgin Islands, and secondary barriers within large embayments.
After a 1-year grace period, Federal flood insurance was prohibited on all "otherwiseprotected" lands.
3.
From whom do you collect, process, or retain information on: (Please check all that apply)
DHS Employees.
Contractors working on behalf of DHS.
The Public.
The System does not contain any such information.
4.
Do you use or collect Social Security Numbers (SSNs)? (This includes truncated SSNs)
No.
Yes. Why does the program collect SSNs? Provide the function of the SSN and the
legal authority to do so:
5.
What information about individuals could be collected, generated or retained?
The Legally Valid Building Permit and the Written and Signed Statement from a
Community Official may contain the following:
•
Property owner’s name
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 5 of 7
6.
•
Property address
•
Community Officials signature
If this project is a technology/system, does it relate solely to infrastructure? [For example, is
the system a Local Area Network (LAN) or Wide Area Network (WAN)]?
No. Please continue to the next question.
Yes. Is there a log kept of communication traffic?
No. Please continue to the next question.
Yes. What type of data is recorded in the log? (Please choose all that apply.)
Header.
Payload Please describe the data that is logged.
7.
Does the system connect, receive, or share Personally Identifiable Information with any other
DHS systems 1?
No.
Yes.
Please list:
8.
Is there a Certification & Accreditation record within OCIO’s FISMA tracking system?
Unknown.
No.
Yes. Please indicate the determinations for each of the following:
1
Confidentiality:
Low
Moderate
High
Undefined
Integrity:
Low
Moderate
High
Undefined
PII may be shared, received, or connected to other DHS systems directly, automatically, or by manual processes.
Often, these systems are listed as “interconnected systems” in TAFISMA.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 6 of 7
Availability:
Low
Moderate
High
Undefined
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
Date reviewed by the DHS Privacy Office: March 23, 2011
Name of the DHS Privacy Office Reviewer: Rebecca J. Richards
DESIGNATION
This is NOT a Privacy Sensitive System – the system contains no Personally Identifiable
Information.
This IS a Privacy Sensitive System
Category of System
IT System.
National Security System.
Legacy System.
HR System.
Rule.
Other: Form or other information collection
Determination
PTA sufficient at this time.
Privacy compliance documentation determination in progress.
PIA is not required at this time.
PIA is required.
System covered by existing PIA: National Flood Insurance Program
Information Technology Systems
New PIA is required.
PIA update is required.
SORN not required at this time.
SORN is required.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 7 of 7
System covered by existing SORN: DHS/FEMA 003 NFIP Files SORN
New SORN is required.
DHS PRIVACY OFFICE COMMENTS NO FORM IS USED FOR COLLECTION.
�
| File Type | application/pdf |
| File Title | DHS PRIVACY OFFICE |
| Author | pia |
| File Modified | 2011-03-23 |
| File Created | 2011-03-23 |