Privacy Threshold Analysis (PTA)

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 1 of 7

PRIVACY THRESHOLD ANALYSIS (PTA)
This form is used to determine whether
a Privacy Impact Assessment is required.

Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under
the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a component
Privacy Office, please send the PTA to the DHS Privacy Office:
Rebecca J. Richards
Senior Director of Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717

[email protected]

Upon receipt from your component Privacy Office, the DHS Privacy Office will review this form. If a
PIA is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment
Guide and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website,
www.dhs.gov/privacy, on DHSConnect and directly from the DHS Privacy Office via email:
[email protected], phone: 202-343-1717.

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 2 of 7

PRIVACY THRESHOLD ANALYSIS (PTA)
SUMMARY INFORMATION
Project or
Program Name:

Tribal Homeland Security Grant Program (OMB No. 1660-0113)

Component:

Federal Emergency
Management Agency (FEMA)

Office or
Program:

Office of Protection and
National Preparedness (PNP)

TAFISMA Name:

Click here to enter text.

TAFISMA
Number:

Click here to enter text.

Type of Project or
Program:

Form or other Information
Collection

Project or
program
status:

Operational

PROJECT OR PROGRAM MANAGER
Name:

LaTanya Watson

Office:

Grant Programs Directorate

Title:

Program Specialist

Phone:

202-786-9540

Email:

[email protected]

INFORMATION SYSTEM SECURITY OFFICER (ISSO)
Name:

Click here to enter text.

Phone:

Click here to enter text.

Email:

ROUTING INFORMATION
Date submitted to Component Privacy Office:

March 25, 2013

Date submitted to DHS Privacy Office:

May 15, 2013

Date approved by DHS Privacy Office:

May 29, 2013

Click here to enter text.

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 3 of 7

SPECIFIC PTA QUESTIONS
1. Please describe the purpose of the project or program:
Please provide a general description of the project and its purpose in a way a non-technical person could
understand.
The Federal Emergency Management Agency (FEMA) Office of Protection and National Preparedness
(PNP) Grant Programs Directorate (GPD) collects Federal grant application information to determine
eligibility of tribes to receive federal funding as authorized by OMB ICR 1660-0113. This PTA is being
conducted as part of the collection renewal process. FEMA’s Tribal Homeland Security Grant Program
(THSGP) (formerly the State Homeland Security Program (SHSP) – Tribal) is authorized by Sections
2004 and 2005 of the Homeland Security Act of 2002, as amended by Section 101, Title I of the
Implementing Recommendations of the 9/11 Commission Act of 2007, Pub. Law No. 110-53, (6 U.S.C.
§§ 605 and 606). THSGP provides supplemental funding to eligible tribes to help strengthen the Nation
against risks associated with potential terrorist attacks. THSGP supports building and sustaining
capabilities through planning, equipment, training, and exercise activities.
THSGP applicants apply for the grant using the U.S. Department of Health and Human Services (HHS)
grants.gov site and then THSGP grant application information is transferred to the FEMA Non Disaster
(ND) Grants system for award processing. FEMA’s ND Grants system is currently adjudicated under the
DHS/FEMA/PIA-013 - Grant Management Programs Privacy Impact Assessment (PIA). THSGP
grantees are tribes within the United States. THSGP applicants self-certify that they are eligible to apply
for funding by using an Eligibility Certification Form that is part of the excel-based Investment
Justification template. The Investment Justification template is divided into 3 sections, 1) Introduction, 2)
Eligibility Certification Form, and 3) Investment Justification. When completing the Eligibility
Certification Form, tribes provide the personally identifiable information (PII) of a point of contact (POC)
for the investment/grantee. This PII is used for the sole purpose of contacting grantees regarding
continued eligibility of federal grant funds and compliance with federal statutes and regulations. All other
information collected is non-PII and is for the purpose of determining funding eligibility through the
THSGP.

2. Project or Program status
December 1, 2004
Date first developed:
February 16, 2012
Date last updated:
3. From whom does the Project or
Program collect, maintain, use or
disseminate information?
Please check all that apply.

Existing
Pilot launch date:
Pilot end date:

Click here to enter a date.
Click here to enter a date.

DHS Employees
Contractors working on behalf of DHS

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 4 of 7

Members of the public
This program does not collect any personally
identifiable information1

4. What specific information about individuals could be collected, generated or retained?
Please provide a specific description of information that might be collected, generated or retained such
as names, addresses, emails, etc.
Applicants under the Tribal Homeland Security Grant Program complete standard application forms and
an Investment Justification template. The forms and template request a point of contact name, phone
number and e-mail in case there are any questions during the application processing.

Does the Project or Program use Social
Security Numbers (SSNs)?
If yes, please provide the legal authority for
the collection of SSNs:
If yes, please describe the uses of the SSNs
within the Project or Program:

5. Does this system employ any of the
following technologies:

No
Click here to enter text.
Click here to enter text.

Closed Circuit Television (CCTV)
Sharepoint-as-a-Service

If project or program utilizes any of these
technologies, please contact Component Privacy
Officer for specialized PTA.

Social Media
Mobile Application (or GPS)
Web portal2

1

DHS defines personal information as “Personally Identifiable Information” or PII, which is any information that permits the
identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual,
regardless of whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to
the Department. “Sensitive PII” is PII, which if lost, compromised, or disclosed without authorization, could result in substantial
harm, embarrassment, inconvenience, or unfairness to an individual. For the purposes of this PTA, SPII and PII are treated the
same.

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 5 of 7

None of the above
If this project is a technology/system, does
it relate solely to infrastructure?
For example, is the system a Local Area Network
(LAN) or Wide Area Network (WAN)?

No. Please continue to next question.
Yes. If a log kept of communication traffic,
please answer the following question.

If header or payload data3 is stored in the communication traffic log, please detail the data
elements stored.
Click here to enter text.

6. Does this project or program connect,
receive, or share PII with any other
DHS programs or systems4?

No.
Yes. If yes, please list:
Non-Disaster (ND) Grants System

7. Does this project or program connect,
receive, or share PII with any external
(non-DHS) partners or systems?

No.
Yes. If yes, please list:
Grants.gov

Is this external sharing pursuant to new
or existing information sharing access
agreement (MOU, MOA, LOI, etc.)?

Choose an item.
Please describe applicable information sharing
governance in place.
Click here to enter text.

2

Informational and collaboration-based portals in operation at DHS and its components which collect, use,
maintain, and share limited personally identifiable information (PII) about individuals who are “members” of the
portal or who seek to gain access to the portal “potential members.”
3

When data is sent over the Internet, each unit transmitted includes both header information and the actual data
being sent. The header identifies the source and destination of the packet, while the actual data is referred to as the
payload. Because header information, or overhead data, is only used in the transmission process, it is stripped from
the packet when it reaches its destination. Therefore, the payload is the only data received by the destination system.
4 PII may be shared, received, or connected to other DHS systems directly, automatically, or by manual processes.
Often, these systems are listed as “interconnected systems” in TAFISMA.

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 6 of 7

PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:

LeVar J. Sykes

Date submitted to DHS Privacy Office:

Click here to enter a date.

Component Privacy Office Recommendation:
Please include recommendation below, including what new privacy compliance documentation is needed.
PIA: DHS/FEMA/PIA-013 - Grant Management Programs
SORN: DHS/FEMA-004 Grant Management Information Files (August 7, 2009 74 FR 39705)
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:

Dayo Simms

Date approved by DHS Privacy Office:

May 29, 2013

PCTS Workflow Number:

981506
DESIGNATION

Privacy Sensitive System:

Yes

If “no” PTA adjudication is complete.

Other
Category of System:

Determination:

If “other” is selected, please describe: Program/ Information
Collection
PTA sufficient at this time.
Privacy compliance documentation determination in progress.
New information sharing arrangement is required.
DHS Policy for Computer-Readable Extracts Containing Sensitive PII
applies.
Privacy Act Statement required.
Privacy Impact Assessment (PIA) required.
System of Records Notice (SORN) required.

PIA:
SORN:

System covered by existing PIA
If covered by existing PIA, please list: Grant Management Programs, July 14, 2009
System covered by existing SORN
If covered by existing SORN, please list: DHS/FEMA-004 Grant Management Information

The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 7 of 7

Files August 7, 2009 74 FR 39705
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
PRIV agrees with the FEMA Privacy Office recommendation that The Tribal Homeland Security Grant
Program is privacy sensitive and is covered by the following PIA and SORN:
DHS/FEMA/PIA-013 Grant Management Programs: This covers the collection of limited PII to facilitate
the adjudication of FEMA grant applications.
DHS/FEMA-004- Grant Management Information Files: which also covers the collection of limited
contact information for grant processing.
We also approve the attached e(3) statement for this information collection.