Download:
pdf |
pdfPrivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 1 of 9
PRIVACY THRESHOLD ANALYSIS (PTA)
This form is used to determine whether
a Privacy Impact Assessment is required.
Please use the attached form to determine whether a Privacy Impact Assessment (PIA) is required under
the E-Government Act of 2002 and the Homeland Security Act of 2002.
Please complete this form and send it to your component Privacy Office. If you do not have a component
Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this form. If a
PIA is required, the DHS Privacy Office will send you a copy of the Official Privacy Impact Assessment
Guide and accompanying Template to complete and return.
A copy of the Guide and Template is available on the DHS Privacy Office website,
www.dhs.gov/privacy, on DHSConnect and directly from the DHS Privacy Office via email:
[email protected], phone: 202-343-1717.
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 2 of 9
PRIVACY THRESHOLD ANALYSIS (PTA)
SUMMARY INFORMATION
Project or
Program Name:
Ombudsman Customer Satisfaction and Needs Assessment Survey
Component:
Management (MGMT)
Office or
Program:
DHS HQ CISOMB
Xacta FISMA
Name (if
applicable):
N/A
Xacta FISMA
Number (if
applicable):
N/A
Type of Project or
Program:
Form or other Information
Collection
Project or
program
status:
Development
Date first
developed:
Date of last PTA
update
March 1, 2015
Pilot launch
date:
N/A
March 1, 2015
Pilot end date:
N/A
ATO Status (if
applicable)
Not started
ATO
expiration date
(if applicable):
N/A
PROJECT OR PROGRAM MANAGER
Name:
Gary Merson
Office:
DHS HQ CISOMB
Title:
Deputy Director
Phone:
202-357-8103
Email:
[email protected]
INFORMATION SYSTEM SECURITY OFFICER (ISSO) (IF APPLICABLE)
Name:
Raymond Mills (ISSO Liaison for CISOMB with DHS HQ CIO)
Phone:
202-731-5356
Email:
[email protected]
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 3 of 9
SPECIFIC PTA QUESTIONS
1. Reason for submitting the PTA: Choose an item.
The Citizenship and Immigration Services (CIS) Ombudsman was created under section 452 of the
Homeland Security Act of 2002 (Public Law 107-296) to: (1) assist individuals and employers in
resolving problems with the U.S. Citizenship and Immigration Services (USCIS); (2) to identify areas in
which individuals and employers have problems in dealing with USCIS; and (3) to the extent possible,
propose changes in the administrative practices of USCIS to mitigate problems. This survey will be used
by the general public to obtain feedback that will be used to assess the needs of customers to improve
Ombudsman services.
1. How will people receive the survey? Will they get an email?
The survey will be handed out at outreach events or be able to download the PDF online, fill it out and send it to us
electronically as an email attachment or mail it in. An online fillable form will be developed in the future similar to
the phased development approach that we used with the 7001. The distribution of surveys via email would not be
an option if we are to maintain anonymity of respondents as that would mean we have an email address list that
may contain PII.
2. How does CISOMB determine who will receive a survey?
The general public can participate in the survey on a voluntary basis.
3. Will user responses be anonymized? If so, how?
There is no provision for supplying or collecting identifying information when responding to or completing the
survey and this will be clearly stated in the instructions for participants. Any PII will be redacted and/or destroyed
upon receipt of a survey containing such information. These instructions will be provided to our survey intake data
collectors.
2. Does this system employ any of the
following technologies:
If you are using any of these technologies and
want coverage under the respective PIA for that
technology please stop here and contact the DHS
Privacy Office for further guidance.
1
Closed Circuit Television (CCTV)
Social Media
Web portal 1 (e.g., SharePoint)
Contact Lists
Informational and collaboration-based portals in operation at DHS and its components that collect, use, maintain, and share
limited personally identifiable information (PII) about individuals who are “members” of the portal or “potential members” who
seek to gain access to the portal.
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 4 of 9
None of these
3. From whom does the Project or
Program collect, maintain, use, or
disseminate information?
Please check all that apply.
This program does not collect any personally
identifiable information 2
Members of the public
DHS employees/contractors (list components):
Contractors working on behalf of DHS
Employees of other federal agencies
4. What specific information about individuals is collected, generated or retained?
The following narrative explains the survey:
Office of the Citizenship & Immigration Services Ombudsman
Customer Satisfaction and Needs Assessment Survey
1)
Have you used any of the Ombudsman’s services or interacted with the Ombudsman’s Office
during the past year?
o
Yes
o
No
o
Aware/Don’t use
o
Unaware/Don’t use
2)
o
o
o
o
o
o
o
o
2
If you have used the Ombudsman services, which have you used during the past year?
Made a request for case assistance
Asked for general information (other than case assistance)
Notified the Ombudsman of an issue or concern (other than case assistance)
Attended an Ombudsman teleconference or webinar
Attended a local community event with the Ombudsman
Attended the Ombudsman Annual Conference
Read an Ombudsman recommendation
Read the Ombudsman Annual Report to Congress
DHS defines personal information as “Personally Identifiable Information” or PII, which is any information that permits the
identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual,
regardless of whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to
the Department. “Sensitive PII” is PII, which if lost, compromised, or disclosed without authorization, could result in substantial
harm, embarrassment, inconvenience, or unfairness to an individual. For the purposes of this PTA, SPII and PII are treated the
same.
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 5 of 9
3)
o
Do you use the Ombudsman's Online Case Assistance system to submit request(s) for assistance?
Yes
o
No
o
Aware/Don’t use
o
Unaware/Don’t use
4)
If you did use the Ombudsman's Online Case Assistance, how would you rate the overall online
experience?
o
Poor o
Fair o
Good o
Very Good
o
Excellent
5)
Was your issue with USCIS resolved after seeking assistance from the Ombudsman's Office?
o
Yes
o
No
o
Other (please explain)
_____________________________________________________________________
6)
o
How would you rate the quality of the communications from the Ombudsman's Office?
Poor o
Fair o
Good o
Very Good
o
Excellent
7)
a.
o
b.
o
c.
o
d.
o
How do you rate the Ombudsman’s website?
Ease of use:
Poor o
Fair o
Good o
Very Good
Content on the website is written in clear and simple language:
Poor o
Fair o
Good o
Very Good
I found what I was looking for quickly and easily.
Poor o
Fair o
Good o
Very Good
Overall website experience.
Poor o
Fair o
Good o
Very Good
8)
o
How well do you speak English?
Not at all
o
Not well
9)
o
o
o
What other language do you speak besides English? Please select from the list below.
Arabic o
Chinese
o
French o
Korean
Japanese
o
German
o
Russian o
Vietnamese
Spanish o
Punjabi o
Other (List)__________________
10)
o
o
o
o
o
What Ombudsman products would you like translated into other languages?
Recommendations to USCIS
Annual Report to Congress
Online Case Assistance website
Ombudsman DHS Form 7001and Instructions
Ombudsman Teleconference transcripts
o
Well
o
o
Excellent
o
Excellent
o
Excellent
o
Excellent
Very well
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 6 of 9
11)
o
Overall how would you rate your experience seeking assistance from the Ombudsman?
Poor o
Fair o
Good o
Very Good
o
Excellent
CIS Ombudsman does intend to employ the use of statistics or the publication thereof for this collection
of information.
CIS Ombudsman will display the expiration date for OMB approval of this information collection.
CIS Ombudsman does not request an exception to the certification of this information collection. Please
complete this section if you are an attorney, a representative of an organization, an accredited
representative, or anyone else preparing this form on behalf of the individual or employer encountering
difficulties with USCIS. Please attach copy of your Form G-28
12.
Consent: Please note that if you are the beneficiary of an immigration petition, consent of the
individual or employer that submitted the petition on your behalf is required. The petitioner must sign.
4(a) Does the project, program, or system
retrieve information by personal identifier?
4(b) Does the project, program, or system
use Social Security Numbers (SSN)?
4(c) If yes, please provide the specific legal
basis and purpose for the collection of
SSNs:
4(d) If yes, please describe the uses of the
SSNs within the project, program, or
system:
4(e) If this project, program, or system is
an information technology/system, does it
relate solely to infrastructure?
No. Please continue to next question.
Yes. If yes, please list all personal identifiers
used:
No.
Yes.
Click here to enter text.
Click here to enter text.
No. Please continue to next question.
Yes. If a log kept of communication traffic,
please answer the following question.
For example, is the system a Local Area Network
(LAN) or Wide Area Network (WAN)?
4(f) If header or payload data 3 is stored in the communication traffic log, please detail the data
elements stored.
3
When data is sent over the Internet, each unit transmitted includes both header information and the actual data being sent. The
header identifies the source and destination of the packet, while the actual data is referred to as the payload. Because header
information, or overhead data, is only used in the transmission process, it is stripped from the packet when it reaches its
destination. Therefore, the payload is the only data received by the destination system.
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 7 of 9
Click here to enter text.
5. Does this project, program, or system
connect, receive, or share PII with any
other DHS programs or systems 4?
No.
Yes. If yes, please list:
DHS USCIS
6. Does this project, program, or system
connect, receive, or share PII with any
external (non-DHS) partners or
systems?
6(a) Is this external sharing pursuant to
new or existing information sharing
access agreement (MOU, MOA, LOI,
etc.)?
7. Does the project, program, or system
provide role-based training for
personnel who have access in addition
to annual privacy training required of
all DHS personnel?
8. Per NIST SP 800-53 Rev. 4, Appendix
J, does the project, program, or system
maintain an accounting of disclosures
of PII to individuals who have
requested access to their PII?
9. Is there a FIPS 199 determination? 4
No.
Yes. If yes, please list:
Click here to enter text.
Choose an item.
Please describe applicable information sharing
governance in place:
No.
Yes. .
No. What steps will be taken to develop and
maintain the accounting:
Yes. In what format is the accounting
maintained:
Unknown.
No.
Yes. Please indicate the determinations for each
of the following:
Confidentiality:
4
PII may be shared, received, or connected to other DHS systems directly, automatically, or by manual processes. Often, these
systems are listed as “interconnected systems” in Xacta.
4
FIPS 199 is the Federal Information Processing Standard Publication 199, Standards for Security Categorization of Federal
Information and Information Systems and is used to establish security categories of information systems.
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 8 of 9
Low
Moderate
High
Undefined
Moderate
High
Undefined
Availability:
Low
Moderate
High
Undefined
Integrity:
Low
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:
Click here to enter text.
Date submitted to Component Privacy
Office:
Click here to enter a date.
Date submitted to DHS Privacy Office:
Click here to enter a date.
Component Privacy Office Recommendation:
Please include recommendation below, including what new privacy compliance documentation is needed.
Click here to enter text.
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:
Lindsay Lennon
PCTS Workflow Number:
1068981
Date approved by DHS Privacy Office:
March 26, 2015
PTA Expiration Date
March 26, 2018
DESIGNATION
Privacy Sensitive System:
Category of System:
No
If “no” PTA adjudication is complete.
Choose an item.
If “other” is selected, please describe: Click here to enter text.
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis
Version number: 01-2014
Page 9 of 9
Determination:
PTA sufficient at this time.
Privacy compliance documentation determination in progress.
New information sharing arrangement is required.
DHS Policy for Computer-Readable Extracts Containing Sensitive PII
applies.
Privacy Act Statement required.
Privacy Impact Assessment (PIA) required.
System of Records Notice (SORN) required.
Paperwork Reduction Act (PRA) Clearance may be required. Contact
your component PRA Officer.
A Records Schedule may be required. Contact your component Records
Officer.
PIA:
SORN:
Choose an item.
If covered by existing PIA, please list: Click here to enter text.
Choose an item.
If covered by existing SORN, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
CISOMB will conduct a customer satisfaction survey. This survey will be handed out at outreach events
and will be available to download and mail or email back to CISOMB. The survey will not solicit PII and
any PII inadvertently collected will be redacted or destroyed upon receipt.
File Type | application/pdf |
File Title | DHS PRIVACY OFFICE |
Author | marilyn.powell |
File Modified | 2015-08-13 |
File Created | 2015-03-26 |