Privacy Threshold Analysis (PTA)

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 1 of 8

PRIVACY THRESHOLD ANALYSIS (PTA)
This form is us e d to de te rmine whe the r
a Privacy Impact As s e s s me nt is re quire d.

Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under
the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a component
Privacy Office, please send the PTA to the DHS Privacy Office:
Rebecca J. Richards
Senior Director of Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]

Upon receipt from your component Privacy Office, the DHS Privacy Office will review this form. If a
PIA is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment
Guide and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website,
www.dhs.gov/privacy, on DHSConnect and directly from the DHS Privacy Office via email:
[email protected], phone: 202-343-1717.

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 2 of 8

PRIVACY THRESHOLD ANALYSIS (PTA)
SUMMARY INFORMATION
Project or
Program Name:

Environmental Planning and Historic Preservation (EHP)
Clearance/Screening Form (OMB 1660-0115)

Component:

Federal Emergency
Management Agency (FEMA)

Grant Programs Directorate
Environmental Planning and
Historic Preservation Branch

TAFISMA
Number:

TAFISMA Name:
Type of Project or
Program:

Office or
Program:

Form or other Information
Collection

Project or
program
status:

Operational

PROJECT OR PROGRAM MANAGER
Name:

Tom Harrington

Office:

GPD-EHP

Title:

Branch Chief

Phone:

202-786-9791

Email:

[email protected]

INFORMATION SYSTEM SECURITY OFFICER (ISSO)
Name:
Phone:

Email:

ROUTING INFORM ATION
Date submitted to Component Privacy Office:

February 27, 2013

Date submitted to DHS Privacy Office:

April 29, 2013

Date approved by DHS Privacy Office:

May 6, 2013

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 3 of 8

SPECIFIC PTA QUESTIONS
1. Please describe the purpose of the project or program:
Please provide a general description of the project and its purpose in a way a non-technical person could
understand.
The Federal Emergency Management Agency (FEMA) Office of Protection and National Preparedness
(PNP) Grant Programs Directorate (GPD) collects Environmental Planning and Historic Preservation
(EHP) screening information authorized by OMB ICR No. 1660-0115. This PTA is being conducted as
part of the collection renewal process. The National Environmental Policy Act (NEPA) requires that each
Federal agency examine the impact of its actions on the human environment, to look at potential
alternatives to that action, to inform both decision-makers and the public of those impacts through a
transparent process, and to pursue mitigation if necessary. It does not mandate necessarily that the
alternative with the least environmental impacts be selected. A NEPA compliance review process often
addresses compliance with other Federal regulations, including the National Historic Preservation Act
(NHPA), the Endangered Species Act (ESA), the Clean Water Act (CWA), the Migratory Bird Treaty Act
(MBTA), and other authorities to streamline the overall compliance review process.
Environmental Planning and Historic Preservation (EHP) compliance is the process by which the FEMA
GPD can ensure that projects that are funded through federal grants are compliant with existing laws and
regulations regarding the environment and historic preservation. In order to assure compliance, project
information must be provided by the grantee that describes what the action, how it would be
accomplished, and where it would take place. To simplify the collection of required information, and to
streamline compliance determinations with relevant laws, it was necessary to standardize the format in
which information is submitted to FEMA GPD. The GPD Environmental Screening Form (Screening
Form) provides a user-friendly format for collecting essential information.
The information collected by FEMA GPD from grant recipients via the Screening Form will be used for
EHP reviews that will examine the potential environmental, historic, and cultural impact of the projects
for which grant funding is requested before approving the project, as required by NEPA, NHPA, and
other Federal environmental and historic preservation laws and regulations. Grantee and subgrantees are
state, tribal, and local governments as well as eligible private non-profit organizations. The personally
identifiable information (PII) requested under this collection is limited to point of contact (POC)
information of Grantees and subgrantees. This PII is used for the sole purpose of contacting grantees and
subgrantees regarding continued eligibility of federal grant funds and compliance with federal statutes
and regulations.
FEMA GPD owns and uses the Project Information Management System (PIMS), at a headquarters level
as a repository for EHP Screening Form information and to assist in processing EHP compliance for
grants. PIMS is a Microsoft Access based database and is only accessible by FEMA staff.

2. Project or Program status
November 1,
Date first developed:
2009November 1,

Existing
Pilot launch date:

Click here to enter a date.

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 4 of 8

Date last updated:

2009
July 1, 2012

Pilot end date:

Click here to enter a date.

DHS Employees
3. From whom does the Project or
Program collect, maintain, use or
disseminate information?
Please check all that apply.

Contractors working on behalf of DHS
Members of the public
This program does not collect any personally
identifiable information 1

4. What specific information about individuals could be collected, generated or retained?
Please provide a specific description of information that might be collected, generated or retained such
as names, addresses, emails, etc.
FEMA may collect the following point of contact (POC) information from grantee and subgrantee of
awarded DHS Grants:
Name (First and last),
Title,
Mailing address,
Email address, and
Work phone number.
Does the Project or Program use Social
Security Numbers (SSNs)?
If yes, please provide the legal authority for
the collection of SSNs:
If yes, please describe the uses of the SSNs
within the Project or Program:

5. Does this system employ any of the
following technologies:
1

No
Click here to enter text.
Click here to enter text.

Closed Circuit Television (CCTV)

DHS defines personal information as “Personally Identifiable Information” or PII, which is any information that permits the
identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual,
regardless of whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to
the Department. “Sensitive PII” is PII, which if lost, compromised, or disclosed without authorization, could result in substantial
harm, embarrassment, inconvenience, or unfairness to an individual. For the purposes of this PTA, SPII and PII are treated the
same.

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 5 of 8

If project or program utilizes any of these
technologies, please contact Component Privacy
Officer for specialized PTA.

Sharepoint-as-a-Service
Social Media
Mobile Application (or GPS)
Web portal2
None of the above

If this project is a technology/system, does
it relate solely to infrastructure?
For example, is the system a Local Area Network
(LAN) or Wide Area Network (WAN)?

No. Please continue to next question.
Yes. If a log kept of communication traffic,
please answer the following question.

If header or payload data 3 is stored in the communication traffic log, please detail the data
elements stored.
Click here to enter text.

6. Does this project or program connect,
receive, or share PII with any other
DHS programs or systems 4 ?

No.
Yes. If yes, please list:
Click here to enter text.

7. Does this project or program connect,
receive, or share PII with any external
(non-DHS) partners or systems?

No.
Yes. If yes, please list:
Click here to enter text.

Is this external sharing pursuant to new Choose an item.
or existing information sharing access
Please describe applicable information sharing
agreement (MOU, MOA, LOI, etc.)?
governance in place.
2

Informational and collaboration-based portals in operation at DHS and its components which collect, use,
maintain, and share limited personally identifiable information (PII) about individuals who are “members” of the
portal or who seek to gain access to the portal “potential members.”

Whe n data is se nt over the Internet, e ach unit transmitted include s both he ader information and the actual data
be ing se nt. The he ader ide ntifie s the source and de stination of the packe t, while the actual data is re ferred to as the
payload. Be cause he ader information, or overhead data, is only use d in the transmission process, it is strippe d from
the packe t whe n it re aches its de stination. The refore, the payload is the only data re ceived by the de stination system.
4 PII may be shared, re ceived, or connected to othe r DHS syste ms dire ctly, automatically, or by manual proce sse s.
Ofte n, the se syste ms are liste d as “inte rconne cte d syste ms” in TAFISMA.
3

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 6 of 8

Click here to enter text.

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 7 of 8

PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:

LeVar J. Sykes

Date submitted to DHS Privacy Office:

Click here to enter a date.

Component Privacy Office Recommendation:
Please include recommendation below, including what new privacy compliance documentation is needed.
PIA: DHS/FEMA/PIA-013 - Grant Management Programs
SORN: DHS/FEMA-004 Grant Management Information Files (August 7, 2009 74 FR 39705)

(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:

Dayo Simms

Date approved by DHS Privacy Office:

May 6, 2013

PCTS Workflow Number:

979868
DESIGNATION

Privacy Sensitive System:

Yes If “no” PTA adjudication is complete.
Choose an item.

Category of System:
Determination:

If “other” is selected, please describe: Form/ Information
Collection
PTA sufficient at this time.
Privacy compliance documentation determination in progress.
New information sharing arrangement is required.
DHS Policy for Computer-Readable Extracts Containing Sensitive PII
applies.
Privacy Act Statement required.
Privacy Impact Assessment (PIA) required.
System of Records Notice (SORN) required.

PIA:
SORN:

System covered by existing PIA
If covered by existing PIA, please list: Grant Management Programs, July 14, 2009
System covered by existing SORN

The P rivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis
Version date: November 6, 2012
Page 8 of 8

If covered by existing SORN, please list: DHS/FEMA-004 Grant Management Information
Files August 7, 2009 74 FR 39705
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
PRIV agrees with the FEMA Privacy Office recommendation that the EHP Screening Form is privacy
sensitive and contains contact information from FEMA grantees and sub-grantees. This information is
covered under the Grant Management Programs PIA, which covers the collection of contact information
for grant applying agency contacts. Additionally, the Grant Management Information Files SORN covers
this collection of information.