Download:
pdf |
pdfThe Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 1 of 21
PRIVACY THRESHOLD ANALYSIS (PTA)
This form is used to determine whether
a Privacy Impact Assessment is required.
Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under
the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a component
Privacy Office, please send the PTA to the DHS Privacy Office:
Rebecca J. Richards
Director of Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 703-235-0780
[email protected]
Upon receipt from the component Privacy Office, the DHS Privacy Office will review this form. If a PIA
is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment Guide
and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website, www.dhs.gov/privacy,
on DHSConnect and directly from the DHS Privacy Office via email: [email protected], phone: 703-235-0780.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 2 of 21
PRIVACY THRESHOLD ANALYSIS (PTA)
SUMMARY INFORMATION
Date Submitted for Review: September 15, 2010
Name of Project: Disaster Assistance Improvement Program (DAIP)
System Name in TAFISMA: Disaster Assistance Improvement Program (DAIP)
Name of Component: Federal Emergency Managment Agency
Name of Project Manager: William Prusch
Email for Project Manager: [email protected]
Phone Number for Project Manager: 540-722-8477
Type of Project:
Information Technology and/or System. ∗
A Notice of Proposed Rule Making or a Final Rule.
Form or other Information Collection.
Other:
∗
The E-Government Act of 2002 defines these terms by reference to the definition sections of Titles 40 and
44 of the United States Code. The following is a summary of those definitions:
•“Information Technology” means any equipment or interconnected system or subsystem of
equipment, used in the automatic acquisition, storage, manipulation, management, movement,
control, display, switching, interchange, transmission, or reception of data or information. See 40
U.S.C. § 11101(6).
•“Information System” means a discrete set of information resources organized for the collection,
processing, maintenance, use, sharing, dissemination, or disposition of information. See: 44. U.S.C. §
3502(8).
Note: for purposes of this form, there is no distinction made between national security systems or
technologies/systems managed by contractors. All technologies/systems should be initially reviewed for
potential privacy impact.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 3 of 21
SPECIFIC QUESTIONS
1.
Describe the project and its purpose:
On August 29, 2006, President Bush issued Executive Order #13411: Improving Assistance for
Disaster Victims, directing the Secretary of Homeland Security to lead an interagency task force with
the mission of improving the promptness and efficiency with which disaster victims obtain access to
eligible federal disaster assistance. The Executive Order required the Disaster Assistance Task Force
(DATF) to develop and, by March 31, 2007, deliver a plan outlining a coordinated, actionable strategy
to implement a consolidated and unified disaster assistance application capability no later than
December 31, 2008. After Executive Order: DAIP was approved by the President on September 14,
2007 and implementation of DAIP began two weeks later. To achieve this goal, the Secretary of
Homeland Security established a Disaster Assistance Task Force Executive Steering Committee (ESC),
led by the Federal Emergency Management Agency (FEMA), to devise a plan for improving
assistance and providing better access to disaster benefit programs for disaster victims. The DATF
devised an approach strategy known as the Disaster Assistance Improvement Plan (DAIP), which
defines the plan for executing against milestones and leveraging existing technologies that most
effectively meet the requirements of the Executive Order. The DAIP specifies: ʺThe fastest, most
cost‐effective method of achieving the objective of the Executive Order (a single application and
status‐access portal for Federal disaster assistance, complemented by an all‐sources assistance reference
library) will be through a technical collaboration of two existing systems, the Department of Labor’s
(DOL) GovBenefits.gov system and the Federal Emergency Management Agency’s National Emergency
Management Information System (NEMIS).ʺ This project implements FEMAʹs portion of the DAIP by
enhancing FEMA’s existing National Emergency Management Information System (NEMIS)
Disaster Assistance Center (DAC) module.
The program has been operational with a valid ATO since 12/15/2008. This is an update to the current
PTA published in 2008 during the initial release of DAIP. The following interfaces and enhancements will
be added:
•
•
State interfaces:
o
Disaster Supplementary Nutrition Assistance Program (DSNAP)
E.g. Florida (Food For Florida) and Louisiana
o
Other Needs Assistance (ONA) program
E.g. Texas (pilot)
o
Disaster Legal Services
o
FEMA Crises Counseling
o
Disaster Unemployment Assistance (DUA)
Federal entities:
o HUD (to enhance the existing interface in an effort to avoid the duplication of benefits)
o SBA (to enhance the existing interface in an effort to avoid the duplication of benefits)
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 4 of 21
DOJ (to build a real-time interface to NEMIS to allow law enforcement organizations the
ability to identify and locate criminals or to locate those who have used an emergency or
disaster to relocate and avoid detection or to perpetrate fraud)
o United States Postal Service (for change of address requests)
o Other United States Federal entities
Registration Intake Optimization for Smartphones (RIOS)
o FEMA form 90-69 converted into an accessible mobile platform (an exact replication of
fields found in the online and paper versions of the 90-69)
o Other future mobile initiatives
Profit/Non-Profit Entities (PNP)
o American Red Cross, CAN.org, United Way, Catholic Charities and other member
organizations of the National Voluntary Organization Active in Disaster (NVOAD)
Tribal Communities
Surge
o to develop a scalable capacity to support a number of simultaneous applications and,
concurrently, a number of simultaneous inquiries of applicant application status
o
•
•
•
•
2.
Status of Project:
This is a new development effort.
This is an existing project.
Date first developed: December 15, 2008
Date last updated: June 30, 2010
The Disaster Assistance Center (DAC) accepts GovBenefits.gov information and
creates a single ad hoc interview for multiple disaster assistance programs. The
information passed from DOL to FEMA includes the initial questionnaire answers
but no Personally Identifiable Information. An Memorandum of Understanding
(MOU) between DOL and FEMA will address the secure transmission of data. DAC
then forwards relevant data to each of the applied to Federal disaster assistance
program’s Agency Application Processing System for processing. Access to the
system is granted only to agencies that have established an MOU with FEMA. The
DAC Data Exchange Point will support the following types of transactions:
1. New application to external Agency Application Processing Systems from
the DAC.
2. New application to the DAC from an Agency Application Processing System.
3. Request for status of an application to an external Agency Application Processing
System from the DAC.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 5 of 21
4. Receive status of an application to the DAC from an external Agency Application
Processing System.
5. Update (e.g., change of mailing address) an application to an external Agency
Application Processing Systems from DAC.
6. Update of an application to the DAC from an external Agency Application
Processing System.
Initially, a citizen will be directed to the existing GovBenefits Internet portal, where a
series of non-personal interview questions will determine their initial eligibility for
any forms of disaster assistance. The answers to the GovBenefitsʹ questions together
with the citizen’s initial eligibility will accompany a transfer to FEMAʹs DAC
Module. An MOU and Interagency Security Agreement (ISA) will govern the secure
transfer of information. The DAC Module will use the information transferred by
GovBenefits to collect other information, including personally identifiable
information, required by FEMA and the other DAIP participating agenciesʹ forms of
assistance. DAC will exchange the collected information with the identified
participating agency or agencies and periodically receive updated status reports from
the participating agencies. These data exchanges will also be governed by an MOU
and ISA with each participating agency.
The first state-based interface will be the Food for Florida (FFF) program for the
DSNAP program (scheduled release is January 2011). This will be followed by USPS,
HUD, DOJ and other states (ONA and DSNAP) in 2011.
One of the DAIP requirements is to develop a scalable capacity to support a number
of simultaneous applications and, concurrently, a number of simultaneous inquiries
of applicant application status. Within the DAIP program, this scalable capacity
became known as the DAIP “Surge” requirement.
The Surge effort is to develop a prototype capability that can be shown to meet the
capacity requirements of DAIP and can successfully complete integration into the
FEMA Enterprise Architecture, while achieving FEMA Designated Approving
Authority Certification and Accreditation.
The Surge effort will provide tools, techniques, and subject matter expertise in
assisting the Government in the creation of a production surge capability to meet the
applicant intake and inquiry surge goals. Please
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 6 of 21
3.
From whom do you collect, process, or retain information on: (Please check all that apply)
DHS Employees.
Contractors working on behalf of DHS.
The Public.
The System does not contain any such information.
4.
Do you use or collect Social Security Numbers (SSNs)? (This includes truncated SSNs)
No.
Yes. Why does the program collect SSNs? Provide the function of the SSN and the
legal authority to do so:
SSNs are collected as an electronic analog of FEMA Form 90‐69 (OMB NO: 009-0-1)
and are used to prevent the duplication of disaster benefits among FEMA, Federal, and
state and local disaster agencies. The legal basis and authorization are The Robert T. Stafford
Disaster Relief and Emergency Assistance Act P.L. 93‐288 (42 U.S.C. 5121‐5206), as amended, and
44 Code of Federal Regulations (44 CFR) Subchapter D‐‐Disaster Assistance, Part 206‐‐Federal
Disaster Assistance for Disasters Declared on or After November 23, 1988, the Disaster Mitigation
Act of 2000.
5.
What information about individuals could be collected, generated or retained?
DAIP will support Application Submission, Application Updates, and Application Status Requests.
The application information may contain any combination of specific identifiable information
(depending on which programs an applicant elects to apply) including an individual’s name, home
address, Social Security number, home phone number, temporary address and phone numbers,
personal financial information including applicant’s bank name, bank account information, insurance
information, individual or household income, the home’s number of occupants, and the dollar
amount of their disaster losses. Please see Appendix A. No new data elements will be collected with
federal, state, PNP, tribal and mobile interfaces.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 7 of 21
6.
If this project is a technology/system, does it relate solely to infrastructure? [For example, is
the system a Local Area Network (LAN) or Wide Area Network (WAN)]?
No. Please continue to the next question.
Yes. Is there a log kept of communication traffic?
No. Please continue to the next question.
Yes. What type of data is recorded in the log? (Please choose all that apply.)
Header.
Payload Please describe the data that is logged.
7.
Does the system connect, receive, or share Personally Identifiable Information with any other
DHS systems 1?
No.
Yes.
Please list:
8.
Is there a Certification & Accreditation record within OCIO’s FISMA tracking system?
Unknown.
No.
Yes. Please indicate the determinations for each of the following:
1
Confidentiality:
Low
Moderate
High
Undefined
Integrity:
Low
Moderate
High
Undefined
Availability:
Low
Moderate
High
Undefined
PII may be shared, received, or connected to other DHS systems directly, automatically, or by manual processes.
Often, these systems are listed as “interconnected systems” in TAFISMA.
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 8 of 21
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
Date reviewed by the DHS Privacy Office: January 18, 2011
Name of the DHS Privacy Office Reviewer: Rebecca J. Richards
DESIGNATION
This is NOT a Privacy Sensitive System – the system contains no Personally Identifiable
Information.
This IS a Privacy Sensitive System
Category of System
IT System.
National Security System.
Legacy System.
HR System.
Rule.
Other:
Determination
PTA sufficient at this time.
Privacy compliance documentation determination in progress.
PIA is not required at this time.
PIA is required.
System covered by existing PIA: DAIP PIA
New PIA is required.
PIA update is required.
SORN not required at this time.
SORN is required.
System covered by existing SORN: DHS/FEMA-008 DRAFS
New SORN is required.
DHS PRIVACY OFFICE COMMENTS
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 9 of 21
APPENDIX A – Data Elements
The following tables contain the data elements for DAIP. There may be additional revisions to this
section which will be updated accordingly in this document as well as the PIA and SORN. IAC Shared
Data Identified below are data elements from the RI application intake that are already deleted will be
part of the current data exchange with SBA (or may originate from SBA). HUD and VA data elements
have not been defined at this writing of this PTA draft, but will include data elements from this table.
Table A.1: IAC Online Captured Data Elements
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
1.1
Prefix
CHAR(3)
Personal
Identification Prefix
Y
Both
1.2
First
Name
VARCHAR2(5
0)
Personal
Identification –
First Name
Y
Both
1.3
Middle
Name
VARCHAR2(1
5)
Personal
Identification –
MI
Y
Both
1.4
Last
Name
VARCHAR2(5
0)
Personal
Identification –
Last Name
Y
Both
1.5
SSN
CHAR(9)
Personal
Identification –
SSN
Y
Own system
1.6
Email
Address
VARCHAR2(2
54)
Personal
Identification –
Y
Both
Comments
SSN is a
unique id
number for
applicants
that SBA uses
to pull credit
reports.
Changing it
later in the
process could
have
significant
impact on loan
decisions
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 10 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Email Address
1.7
Date of
Birth
DATE
Personal
Identification –
Date of Birth
Y
Both
2.1
Primary
Phone
Area
Code
CHAR(3)
Contact Phone
Number –
Damaged
Phone: Area
Code
Y
Both
2.2
Primary
Phone
Number
CHAR(7)
Contact Phone
Number –
Damaged
Phone: Number
Y
Both
2.3
Primary
Phone
Area
Code
CHAR(3)
Contact Phone
Number –
Current Phone:
Area Code
Y
Both
2.4
Primary
Phone
Number
CHAR(7)
Contact Phone
Number –
Current Phone:
Number
Y
Both
2.5
Primary
Phone
Extensio
n
Number
CHAR(4)
Contact Phone
Number –
Current Phone:
Extension
Y
Both
2.6
Primary
Phone
Note
VARCHAR2(50)
Contact Phone
Number –
Current Phone:
Note
Y
Both
2.7
Alternat
e Phone
Area
Code
CHAR(3)
Contact Phone
Number – Cell
Phone: Area
Code
Y
Both
2.8
Alternat
e Phone
Number
CHAR(7)
Contact Phone
Number – Cell
Phone: Number
Y
Both
2.9
Alternat
e Phone
Area
Code
CHAR(3)
Contact Phone
Number –
Alternate Phone:
Area Code
Y
Both
Comments
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 11 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
2.10
Alternat
e Phone
Number
CHAR(7)
Contact Phone
Number –
Alternate Phone:
Number
Y
Both
2.11
Alternat
e Phone
Extensio
n
CHAR(4)
Contact Phone
Number –
Alternate Phone:
Extension
Y
Both
2.12
Alternat
e Phone
Note
VARCHAR2(50)
Contact Phone
Number –
Alternate Phone:
Note
Y
IAC
3.1.1
Dwelling
Address
Street
Name
VARCHAR2(60)
Damaged
Dwelling
Address - Street
Address
Y
Both
3.1.2
Dwelling
Address
City
Name
VARCHAR2(28)
Damaged
Dwelling
Address – City
Y
Both
3.1.3
Dwelling
State
Code
CHAR(2)
Damaged
Dwelling
Address – State
Y
Both
3.1.4
Dwelling
ZIP
Code
CHAR(5)
Damaged
Dwelling
Address – Zip
Y
Both
3.1.5
Dwelling
Address
ZIP
Extensio
n
Number
CHAR(4)
Damaged
Dwelling
Address – Zip+4
Y
Both
3.1.6
Dwelling CHAR(1)
Residenc
e Owned
Flag
VARCHAR2(60)
Mailing
Damaged
Dwelling
Address –
Own/Rent
Y
Both
Damaged
Dwelling
Address –
Mailing Address
– In care of
Y
Both
3.1.7
Address
Note
Text
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 12 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
3.1.8
Mailing
Address
Street
Name
VARCHAR2(60)
Damaged
Dwelling
Address –
Mailing Address
– Street Address
Y
Both
3.1.9
Mailing
Address
City
Name
VARCHAR2(28)
Damaged
Dwelling
Address –
Mailing Address
– City
Y
Both
3.1.10
Mailing
State
Code
CHAR(2)
Damaged
Dwelling
Address –
Mailing Address
– State
Y
Both
3.1.11
Mailing
ZIP
Code
CHAR(5)
Damaged
Dwelling
Address –
Mailing Address
– Zip
Y
Both
3.1.1
Mailing
Address
ZIP
Extensio
n
Number
CHAR(4)
Damaged
Dwelling
Address –
Mailing Address
– Zip+4
Y
Both
3.2.1
Place
Code
NUMBER(5)
Damaged
Dwelling
County/Parish/
Municipio
Y
Both
IS this based
on standard
FIPS county
codes?
4.1.1
Disaster
Number
NUMBER(5)
Disaster
Selection
Y
Own system
This has an
impact on
eligibility for
assistance
4.2.1
Damage
Type
VARCHAR2(2
00)
Damage Type Options:
Fire/Smoke/Soo
t, Flood,
Hail/Rain/Wind
Driven Rain,
Ice/Snow,
Power
Y
Both
* Checkbox
list
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 13 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
Surge/Lightning
, Seepage,
Sewer Backup,
Earthquake,
Other Damage,
Tornado/Wind,
Other Damage
Text
5.1
Home
Damage
Flag
CHAR(1)
Disaster Related
Losses – Home
Damaged – Y/N
Y
Both
5.2
Personal
Property
Damage
Flag
CHAR(1)
Disaster Related
Losses –
Personal
Property – Y/N
Y
Both
5.3
Residenc CHAR(1)
e
Utilities
Flag
Disaster Related
Losses - Utilities
– Y/N
6.1.1
Current
Location
Type
Code
Damaged
Dwelling –
Current Location
Y
Both
We need the
codes
6.1.2
Residenc VARCHAR2(1
6)
e Type
Code
Damaged
Dwelling – Type
of Home
Y
Both
We need the
codes
6.1.3
Residenc CHAR(1)
e
Primary
Flag
Damaged
Dwelling –
Primary
Residence
Y
Both
6.1.4
Access
VARCHAR2(1
Restricte 6)
d Code
Damaged
Dwelling –
Access to
Residence
Y
6.2.1
Home
VARCHAR2(2
Insuranc 00)
e
Home Insurance
– Options (Y/N
and Company
Name):
Condo/Townhou
se, Contents
Only, Flood,
Homeowners,
Y
VARCHAR2(1
6)
Both
We need the
codes
Both
* Checkbox
list
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 14 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
Homeowners
with Sewer
Backup Rider,
Mobile Home,
NONE
7.1.1
Medical
Expense
Flag
CHAR(1)
Disaster Related
Expenses Medical
Expenses – Y/N
N
7.1.2
Dental
Expense
Flag
CHAR(1)
Disaster Related
Expenses Dental Expenses
– Y/N
N
7.1.3
Funeral
Expense
Flag
CHAR(1)
Disaster Related
Expenses Funeral
Expenses – Y/N
N
7.2.1
Other
Insuranc
e
7.3.1
Vehicle
Damage
Flag
CHAR(1)
Vehicle Damage
– Y/N
Y
Both
7.4.1
Model
Year
Number
NUMERIC
Update Vehicle –
Year
Y
Both
7.4.2
Make
Text
VARCHAR
Update Vehicle –
Make
Y
Both
7.4.3
Model
Text
VARCHAR
Update Vehicle –
Model
Y
Both
7.4.4
Damage
d Flag
VARCHAR
Update Vehicle –
Damaged – Y/N
Y
Both
7.4.5
Drivable
Flag
VARCHAR
Update Vehicle Driveable – Y/N
* Checkbox
list
Other Insurance
– Options (Y/N
and Company
Name):
Dental, Funeral
or Burial,
Health/Medical,
Medicaid/Title
XIX, NONE
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 15 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
7.4.6
Compreh VARCHAR
ensive
Insuranc
e Flag
Update Vehicle –
Comprehensive
Insurance – Y/N
Y
Both
7.4.7
VARCHAR
Liability
Insuranc
e Flag
Update Vehicle –
Liability
Insurance – Y/N
Y
Both
7.4.8
Register
ed Flag
VARCHAR
Update Vehicle Registered –
Y/N
Y
Both
8.1.1
Other
Expense
s Flag
CHAR(1)
Miscellaneous
Purchases – Y/N
N
9.1.1
Emergen CHAR(1)
cy Food
Flag
Emergen CHAR(1)
Emergency
Needs - Food –
Checkbox
N
Emergency
Needs –
Shelter–
Checkbox
N
9.1.2
cy
Shelter
Flag
9.1.3
Emergen
cy
Clothing
Flag
CHAR(1)
Emergency
Needs Clothing–
Checkbox
N
9.2.1
Special
Needs
Flag
CHAR(1)
Special Needs –
Y/N
Y
9.3.1
Mobility
Flag
CHAR(1)
Special Needs –
Mobility - Y/N
N
9.3.2
Mental
Flag
CHAR(1)
Special Needs –
Mental - Y/N
N
9.3.3
Ear Flag
CHAR(1)
Special Needs –
Hearing - Y/N
N
9.3.4
Eye Flag
CHAR(1)
Special Needs –
Vision - Y/N
N
9.3.5
Other
Flag
CHAR(1)
Special Needs –
Other - Y/N
N
9.4.1
Mobility
Options
List
VARCHAR2(2
00)
Special Needs
Specific
Categories –
N
Comments
Own System
* Checkbox
list
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 16 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
Mobility
Options:
Wheelchair,
Walker, Cane,
Lift, Bath Chair,
Personal Care
Attendant
9.4.2
Mental
Health
Options
List
VARCHAR2(2
00)
Special Needs
Specific
Categories –
Cognitive/Menta
l Health Options:
Personal Care
Attendant,
Other(text box)
N
* Checkbox
list
9.4.3
Hearing
Options
List
VARCHAR2(2
00)
Special Needs
Specific
Categories –
Hearing or
Speech Options:
Hearing Aid,
Sign Language
Interpreter,
TDD/TTY, Text
messaging
and/or other
communication
device
N
* Checkbox
list
9.4.4
Vision
Options
List
VARCHAR2(2
00)
Special Needs
Specific
Categories –
Vision Options:
Glasses, White
cane, Service
Animal, Braille,
Magnifier
N
* Checkbox
list
9.4.5
Other
Options
List
VARCHAR2(2
00)
Special Needs
Specific
Categories –
Other – Text
Box
N
10.1.1
Occupan
t Last
VARCHAR2(5
0)
Update
Occupant – Last
Y
Both
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 17 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Name
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
Name
10.1.2
Occupan
t First
Name
VARCHAR2(5
0)
Update
Occupant – First
Name
Y
Both
10.1.3
Occupan
t Middle
Name
VARCHAR2(1
5)
Update
Occupant –
Middle Initial
Y
Both
10.1.4
Occupan
t
Relation
ship
Type
Code
VARCHAR2(1
5)
Update
Occupant –
Relationship
Y
Both
10.1.5
Occupan
t Social
Security
Number
CHAR(9)
Update
Occupant –
Social Security
Y
Both
10.1.6
Occupan
t Age
NUMBER(3)
Update
Occupant - Age
Y
Both
10.2.1
Self
Employe
d Flag
CHAR(1)
Business
Damages – Self
Employment –
Y/N
Y
Both
10.2.2
Business
Damage
Flag
CHAR(1)
Business
Damages – Own
affected – Y/N
Y
Both
11.1.1
Number
of
Depende
nts
NUMBER(2)
Financial Info –
Number of
Dependents
Y
Both
11.1.2
Predisaster
gross
income
NUMBER(8)
Financial Info Pre-disaster
gross income
Y
Both
11.1.3
EFT
Participa
te Type
Code
CHAR(1)
Financial Info –
Electronic
Transfer – Y/N
N
11.2.1
EFT
VARCHAR2(2
Financial 5)
Instituti
EFT – Bank
Name
N
We need the
codes
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 18 of 21
IAC Data
Element
Name
of
Elemen
t
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
on Name
11.2.2
EFT
Account
Type
Code
CHAR(1)
EFT – Account
Type
N
11.2.3
EFT
Transit
Number
CHAR(8)
EFT – Routing
Number
N
11.2.4
EFT
Account
Number
VARCHAR2(2
0)
EFT – Account
Number
N
SBA Additional Data Elements:
Identified below are data elements from the RI application that are already be part of
the current data exchange with SBA but are not captured from the online interface.
The purpose of this section is to confirm your need to have these fields sent to your
application. Please use the Comments column to indicate any changes to data type or
format that is required.
Table A.1: IAC Additional Data Elements
IAC
Data
Eleme
nt
Name of
Element
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
12.1
Disaster
Number
Number(5)
FEMA Disaster
Number
Y
Both
12.2
Registrati
on
Identifier
Number(16)
FEMA
Registration
Number
Y
Both
12.3
Language
Code
Varchar2(16)
Y
Both
12.5
Business
Name
Varchar2(50)
Y
Both
Comments
Not currently
captured in
IAC
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 19 of 21
IAC
Data
Eleme
nt
Name of
Element
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
12.6
Applied
Date
Date
Date of
Registration
with FEMA
Y
Both
12.7
Package
Already
Mailed
Flag
Char(1)
Indicates if
applicant
already had
information
packet
Y
Both
12.8
SBA
Special
Handling
Flag
Char(3)
Y
Both
13.1
NFIRA
Required
Flag
Char(1)
Y
Both
13.2
NFIRA
Maintaine
d Flag
Char(1)
Identifies
possible rentals
and business
apps
Indicates that there
is a NFIRA
maintenance
requirement on the
property based on
HS interpretation of
NFIRA
Not used at this
time
Y
Both
13.3
NFIRA
Char(1)
Prior
Restricted
Flag
Not used at this
time
Y
Both
13.4
NFIRA
Verificati
on Flag
Char(1)
Y
Both
13.5
NFIRA In
Complian
ce Flag
Char(1)
Y
Both
13.6
NFIP
Active
Flag
Char(1)
Y
Both
14.1
Flood
Zone
Char(2)
Indicates that the
check against the
NFIRA database has
been performed
Indicates that the
applicant has an
active NFIP policy
that keeps him/her
in compliance with
NFIRA based on HS
interpretation of
NFIRA.
Indicates that there
is an active NFIP
policy on the
address
Flood zone of
damaged dwelling
Y
Both
Comments
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 20 of 21
IAC
Data
Eleme
nt
Name of
Element
Data Type
Description of
Element
Required
?
Should this
be
updatable in
IAC, Own
System or
Both?
14.2
Source
Type
Code
Varchar2(16)
Source of flood
plain mapping
information
Y
Both
14.3
Sanction
Char(1)
Communit
y Flag
Y
Both
14.4
Sanction
Number(10)
Communit
y Number
Indicates if the
damaged dwelling is
in a Sanctioned
Community
The SC number as
identified by FIA
Y
Both
14.5
Panel
Number
Number(5)
Y
Both
14.6
Effective
Date
Date
Y
Both
14.7
CBRA
Mapping
Char(1)
Y
Both
14.8
Damaged
Dwelling
in CBRA
Char(1)
Y
Both
14.9
Flood
Zone
Request
Date
Y
Both
15.1
HAPP
Flag
Char(1)
Y
Both
15.2
BAPP Flag
Char(1)
Panel Number of
the applicable flood
map
Effective date of
the flood map used
to determine flood
plain mapping
information
Indicates whether
the damaged
dwelling is located
in a county that
contains a CBRA
Zone and therefore
requires a mapping
to determine if it is
located within the
CBRA zone.
Indicates if the
damaged dwelling is
in a CBRA zone
based on a flood
plain mapping
Indicates if the
damaged dwelling is
in a CBRA zone
based on a flood
plain mapping
‘Y’ indicates create
the home predocketing data set.
(LCSDKFL
‘Y’ indicates create
the BUSINESS predocketing data set.
(LCSDKFL data file)
Y
Both
Comments
Code Validation
(A = Automatic,
M=Manual) – Not
implemented yet
�The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
703-235-0780, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version date: June 10, 2010
Page 21 of 21
SSA Additional Data Elements:
Table A.3: IAC Additional Data Elements
IAC
Data
Eleme
nt
Name of
Element
Data Type
Description of
Element
Required
?
1
Change
Effective
Date
Date
Immediate or as
of month/year
Y
2
Phone
Type
CHAR(1)
Type of Phone
N
Should this
be
updatable in
IAC, Own
System or
Both?
Comments
Format
(mm/dd/yyyy
)
Cannot be
greater than
90 days out
Must be able to
capture
additional phone
types such as:
•
H = Home
•
W = Work
A = Attorney
O = Other
D = DO NOT
HAVE
PHONE
�
| File Type | application/pdf |
| File Title | DHS PRIVACY OFFICE |
| Author | pia |
| File Modified | 2011-01-21 |
| File Created | 2011-01-21 |