Privacy Threshold Analysis (PTA)

DHS PRIVACY OFFICE PTA 072012.docx

Federal Emergency Management Agency Housing Inspection Services Customer Satisfaction Survey.

Privacy Threshold Analysis (PTA)

OMB: 1660-0102

⚠️ Notice: This form may be outdated. More recent filings and information on OMB 1660-0102 can be found here:

2016-10-25 - No material or nonsubstantive change to a currently approved collection

Document [docx]

Download: docx | pdf

T he Privacy Office

U.S. Department of Homeland Security

Washington, DC 20528

703-235-0780, [email protected]

www.dhs.gov/privacy

Privacy Threshold Analysis

Version date: July 7, 2012

Page 5 of 5

PRIVACY THRESHOLD ANALYSIS (PTA)

This form is used to determine whether
a Privacy Impact Assessment is required.

Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under the E-Government Act of 2002 and the Homeland Security Act of 2002.

Please complete this form and send it to your component Privacy Office. If you do not have a component Privacy Office, please send the PTA to the DHS Privacy Office:

Rebecca J. Richards

Senior Director of Privacy Compliance

The Privacy Office

U.S. Department of Homeland Security

Washington, DC 20528

Tel: 703-235-0780

[email protected]

Upon receipt from your component Privacy Office, the DHS Privacy Office will review this form. If a PIA is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment Guide and accompanying Template to complete and return.

A copy of the Guide and Template is available on the DHS Privacy Office website, www.dhs.gov/privacy, on DHSConnect and directly from the DHS Privacy Office via email: [email protected], phone: 703-235-0780.

PRIVACY THRESHOLD ANALYSIS (PTA)

Summary Information

Project or Program Name:	FEMA Inspection Services Customer Satisfaction Surveys-Collection #1660-0102
Component:		Office or Program:	Contract Management/Housing Inspection Services
TAFISMA Name:	N/A	TAFISMA Number:	Click here to enter text.
Type of Project or Program:		Project or program status:

PROJECT OR PROGRAM MANAGER

Name:	Michael Hockman
Office:	Contract Management/Housing Inspection Services	Title:	Supervisory Program Specialist
Phone:	540-686-3802	Email:	[email protected]

INFORMATION SYSTEM SECURITY OFFICER (ISSO)

Name:	Earnest Poindexter
Phone:	202-212-5290	Email:	[email protected]

ROUTING INFORMATION

Date submitted to Component Privacy Office:	November 19, 2013
Date submitted to DHS Privacy Office:	Click here to enter a date.
Date approved by DHS Privacy Office:	Click here to enter a date.

Specific PTA Questions

Please describe the purpose of the project or program:

Please provide a general description of the project and its purpose in a way a non-technical person could understand.

Click here to enter text.

FEMA Housing Inspection Services inspectors (Contracted by FEMA) meet with individuals who applied for assistance due to a federally declared disaster to assess damages to their primary residences to help FEMA determine if they may be eligible for Federal assistance. In order to assess the level of customer service provided by the inspectors to the applicants during the inspection, FEMA has contracted with J&E Associates of Silver Spring, MD to mail, collect, and analyze paper based post inspection customer service surveys to be completed by the applicants. The contractor treats the list of disaster survivors who have registered with FEMA as the universe of survivors for whom the contractor is estimating the level of satisfaction with housing inspection services. The list of disaster survivors is provided by FEMA. If it is a small group (1,100 or fewer), the entire universe is sampled; if it is larger, a random sample is drawn and just those individuals are surveyed. The sample frame is pulled from the database of FEMA Housing Inspections which is maintained electronically in the National Emergency Management Information System (NEMIS) Individual Assistance (IA) Module. The data fields which are extracted and given to the contractor are the disaster number, registration ID number of the applicant, last and first name of the applicant, primary language, current address and primary phone number of the applicant. J&E Associates does not ever use the phone numbers to contact the individuals surveyed. When J&E submits the Excel spreadsheet with the list of 15 individuals whose comments appear in a disaster final report, the telephone number fields are included in the spreadsheet for the convenience of FEMA management in case management wants to follow up with a respondent regarding a comment. J&E does not need or use the phone numbers.

The survey data is entered into the contractor’s database which consists of excel files (one for each survey mailing-initial, second, third) stored in a password protected dedicated drive on one server; the FEMA survey data base consists of SSPS files (one for each disaster containing the survey responses in a password protected dedicated drive on a different server. Survey data are entered into a separate stand-alone database that contains only the identifier number (different from the registration ID #. Each individual respondent is assigned an identifier number used for recording information in mailing/tracker database so that follow ups will not be sent to respondents. FEMA registration ID # does not appear on survey materials or in the survey database.). The two databases are never integrated. All data are aggregated for reporting to FEMA in the form of a HIS Customer Service Survey Final Report of Disaster, which is a hard copy word document with no personally identifying information included. Through these safeguards, respondents’ and non-respondents’ privacy is protected.

FEMA Inspection Services Managers and Task Monitors use the survey results to measure disaster inspector customer service and make improvements to disaster services to increase customer satisfaction and program effectiveness. The survey results are shared with Regional staff specific to the federal declaration for which the survey is conducted.

Project or Program status
Date first developed:	January 8, 1996	Pilot launch date:	Click here to enter a date.
Date last updated:	April 5, 2010	Pilot end date:	Click here to enter a date.

From whom does the Project or Program collect, maintain, use or disseminate information?

Please check all that apply.

DHS Employees

Contractors working on behalf of DHS

x Members of the public

This program does not collect any personally identifiable information¹

What specific information about individuals could be collected, generated or retained? Please provide a specific description of information that might be collected, generated or retained such as names, addresses, emails, etc.
Click here to enter text. No demographic information is collected
Does the Project or Program use Social Security Numbers (SSNs)?
If yes, please provide the legal authority for the collection of SSNs:	Click here to enter text.
If yes, please describe the uses of the SSNs within the Project or Program:	Click here to enter text.

Does this system employ any of the following technologies:

If project or program utilizes any of these technologies, please contact Component Privacy Officer for specialized PTA.

Closed Circuit Television (CCTV)

Sharepoint-as-a-Service

Social Media

Mobile Application (or GPS)

Web portal²

None of the above

If this project is a technology/system, does it relate solely to infrastructure?

For example, is the system a Local Area Network (LAN) or Wide Area Network (WAN)?

x No. Please continue to next question.

Yes. If a log kept of communication traffic, please answer the following question.

If header or payload data³ is stored in the communication traffic log, please detail the data elements stored.

Click here to enter text.

Does this project or program connect, receive, or share PII with any other DHS programs or systems⁴?

No.

x Yes. If yes, please list:

NEMIS IA module

Does this project or program connect, receive, or share PII with any external (non-DHS) partners or systems?

x No.

Yes. If yes, please list:

Click here to enter text.

Is this external sharing pursuant to new or existing information sharing access agreement (MOU, MOA, LOI, etc.)?

Please describe applicable information sharing governance in place.

Click here to enter text.

PRIVACY THRESHOLD REVIEW

(To be Completed by COMPONENT PRIVACY OFFICE)

Component Privacy Office Reviewer:	Click here to enter text.
Date submitted to DHS Privacy Office:	Click here to enter a date.
Component Privacy Office Recommendation: Please include recommendation below, including what new privacy compliance documentation is needed.
Click here to enter text.

(To be Completed by the DHS Privacy Office)

DHS Privacy Office Reviewer:	Click here to enter text.
Date approved by DHS Privacy Office:	Click here to enter a date.
PCTS Workflow Number:	Click here to enter text.

DESIGNATION

Privacy Sensitive System:		If “no” PTA adjudication is complete.
Category of System:		If “other” is selected, please describe: Click here to enter text.
Determination: PTA sufficient at this time. Privacy compliance documentation determination in progress. New information sharing arrangement is required. DHS Policy for Computer-Readable Extracts Containing Sensitive PII applies. Privacy Act Statement required. Privacy Impact Assessment (PIA) required. System of Records Notice (SORN) required.
PIA:	If covered by existing PIA, please list: Click here to enter text.
SORN:	If covered by existing SORN, please list: Click here to enter text.
DHS Privacy Office Comments: Please describe rationale for privacy compliance determination above.
Click here to enter text.

1 DHS defines personal information as “Personally Identifiable Information” or PII, which is any information that permits the identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual, regardless of whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department. “Sensitive PII” is PII, which if lost, compromised, or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. For the purposes of this PTA, SPII and PII are treated the same.

2 Informational and collaboration-based portals in operation at DHS and its components which collect, use, maintain, and share limited personally identifiable information (PII) about individuals who are “members” of the portal or who seek to gain access to the portal “potential members.”

3 When data is sent over the Internet, each unit transmitted includes both header information and the actual data being sent. The header identifies the source and destination of the packet, while the actual data is referred to as the payload. Because header information, or overhead data, is only used in the transmission process, it is stripped from the packet when it reaches its destination. Therefore, the payload is the only data received by the destination system.

4 PII may be shared, received, or connected to other DHS systems directly, automatically, or by manual processes. Often, these systems are listed as “interconnected systems” in TAFISMA.

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
File Title	DHS PRIVACY OFFICE
Author	ljohnso3
File Modified	0000-00-00
File Created	2021-01-28