Contact Information Verification

Attachment B: Contact Information Verification

Form Approved

OMB No.0920-1030

Exp. Date 10/31/2017

NOTICE – Public reporting burden of this collection of information is estimated to average 5 minutes per response. An agency may not conduct or sponsor, and a person is not required to respond to a collection of information unless it displays a currently valid OMB control number. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to: CDC/ATSDR Reports Clearance Officer, 1600 Clifton Road, MS D-74, Atlanta, GA 30333, ATTN: PRA (0920-0912).

Assurance of Confidentiality – We take your privacy very seriously. All information that relates to or describes identifiable characteristics of individuals, a practice, or an establishment will be used only for statistical purposes. NCHS staff, contractors and agents will not disclose or release information in identifiable form without the consent of the individual or establishment in accordance with section 308(d) of the Public Health Service Act (42 USC 242m) and the Confidential Information Protection and Statistical Efficiency Act of 2002 (CIPSEA, Title 5 of Public Law 107-347). In accordance with CIPSEA every NCHS employee, contractor, and agent has taken an oath and is subject to a jail term of up to five years, a fine of up to $250,000, or both if he or she willfully discloses ANY identifiable information about you. In addition, NCHS complies with the Cybersecurity Enhancement Act of 2015. This law requires the Federal government to protect its information by using computer security programs to identify cybersecurity risks against federal computer networks.

The Cybersecurity Act of 2015 permits monitoring information systems for the purpose of protecting a network from hacking, denial of service attacks and other security vulnerabilities.¹ The software used for monitoring may scan information that is transiting, stored on, or processed by the system. If the information triggers a cyber threat indicator, the information may be intercepted and reviewed for cyber threats. The Cybersecurity Act specifies that the cyber threat indicator or defensive measure taken to remove the threat may be shared with others only after any information not directly related to a cybersecurity threat has been removed, including removal of personal information of a specific individual or other information that identifies a specific individual. Monitoring under the Cybersecurity Act may be done by a system owner or another entity the system owner allows to monitor its network and operate defensive measures on its behalf. 

-------------------

¹ “Monitor” means “to acquire, identify, or scan, or to possess, information that is stored on, processed by, or transiting an information system”; “information system” means “a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination or disposition of information”; “cyber threat indicator” means “information that is necessary to describe or identify security vulnerabilities of an information system, enable the exploitation of a security vulnerability, or unauthorized remote access or use of an information system”.

VERIFY CONTACT INFORMATION

• Hello, my name is ___________________ . I am calling regarding the National Study of Long-Term Care Providers that RTI International is conducting for CDC’s National Center for Health Statistics.

• I have some information that I would like to email to the following state government representative [name]. May I please verify this person’s name and title?

• I have the name of this state government representative as ______________________ SPELL IF NECESSARY. Is this correct?

• I have the address of the state government representative as _______________________. Is this correct? Is there a separate mailing address you would like to give me?

• The number I called is [xxx-xxx-xxxx]. Is this the correct number to reach ______________? REPEAT TO VERIFY

• What is [state government representative’s] email address? SPELL ALOUD TO VERIFY.

• Thank you. We will email this information in the near future. Have a good day. Good bye.