Download:
pdf |
pdfOMB 0584-0074, APPENDIX F
Privacy Impact Assessment
SNAP-QCS
Supplemental Nutrition Assistance Program-Quality Control System
Version: 1.4
Date: June 13, 2014
Prepared for: USDA OCIO TPA&E
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
Abstract
Supplemental Nutrition Assistance Program - Quality Control System (SNAP-QCS). The
SNAP-QCS consists of State agencies performing QC reviews of a statistically valid
sample of cases, which are further sub-sampled and reviewed by USDA reviewers, to
ensure the validity of state findings. A PIA is being conducted due to the content within
SNAP-QCS and the controls protecting that data.
Overview
The Supplemental Nutrition Assistance Program (SNAP) is one of fifteen domestic
nutrition assistance programs operated by USDA to provide benefits to low-income
families to purchase healthy and nutritious food. The SNAP program is authorized by the
Food and Nutrition Act of 2008, hereafter referred to as the “Act”. The Act also mandates
that USDA operates a quality control system to monitor State Agency performance to
ensure that only those eligible receive program benefits, and that they only receive the
correct amount authorized by law. Monitoring program performance is further supported
by Improper Payments Information Act of 2002 (IPIA), which is essential to ensuring
program integrity and safeguarding the investment of the American taxpayer.
The SNAP is monitored through its quality control (QC) system. The current SNAP QC
system, which has been in existence since the 1970s, has been singled out by OMB as the
benchmark for compliance with the IPIA. The SNAP QC system consists of State
agencies performing QC reviews of a statistically valid sample of cases, which are further
sub-sampled and reviewed by USDA reviewers, to ensure the validity of state findings.
The process includes monitoring the State QC sampling and reporting process, performing
validation reviews, reporting to and negotiating review results with States, supporting the
arbitration process, running regression and reporting the results to USDA.
SNAP-QCS does not collect data from customers. However, with the introduction of the
FNS-380 Quality Control Worksheet and the ability to manage digital copies of case file
documents, the SNAP-QCS production database now contains personally identifiable
information (PII). In addition, SNAP-QCS contains Certification Case Number (CCN)
supplied by the Supplemental Nutrition Assistance Program (SNAP) State Agencies.
Some State Agencies embed the SSN in their CCNs. CCNs are used by SNAP-QCS as a
reference number relating back to the State Agency.
Section 1.0 Characterization of the Information
Page 4
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
The following questions are intended to define the scope of the information requested and/or
collected as well as reasons for its collection as part of the program, system, rule, or
technology being developed.
1.1
What information is collected, used, disseminated, or maintained in
the system?
SNAP-QCS contains Certification Case Number (CCN) supplied by the Supplemental
Nutrition Assistance Program (SNAP) State Agencies. For some states, this CCN
contains a social security number. SNAP-QCS treats this number as a unique
identifier in order to assist in following up with State Agencies on particular records.
Only a limited number of states use the social security number in their CCNs. Privacy
information is contained in the FNS-380 Quality Control Worksheet and in the various
case file documents uploaded to the SNAP-QCS database.
1.2
What are the sources of the information in the system?
SNAP State Agencies supply all data. No data is directly collected from the customer
or USDA agencies.
1.3
Why is the information being collected, used, disseminated, or
maintained?
The USDA is required by the Food and Nutrition Act of 2008 to operate a quality
control system.
1.4
How is the information collected?
SNAP State Agencies supply all data.
1.5
How will the information be checked for accuracy?
SNAP-QCS does not have its own mechanism to check for data accuracy. Through
the SNAP QC process, the data are evaluated for accuracy by state and federal SNAP
QC reviewers.
1.6
What specific legal authorities, arrangements, and/or agreements
defined the collection of information?
Authorized by the Food and Nutrition Act of 2008
1.7
Privacy Impact Analysis: Given the amount and type of data
collected, discuss the privacy risks identified and how they were
mitigated.
Page 5
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
SNAP-QCS does not collect data from customers. SNAP-QCS collects data from State
Agencies. Some State Agencies embed the SSN in their CCNs. CCNs are used by SNAPQCS as a reference number relating back to the State Agency. Privacy information is
contained in the FNS-380 Quality Control Worksheet and in the various case file documents
uploaded to the SNAP-QCS database. This data is encrypted during transfer and at rest. Only
those state and federal employees with eAuth Level 2 credentials and who have been
authorized through the FNS-674 process to access SNAP-QCS, may use the system and
perform work that is directly related to SNAP QC.
Section 2.0 Uses of the Information
The following questions are intended to delineate clearly the use of information and the
accuracy of the data being used.
2.1
Describe all the uses of information.
The data are used as part of the SNAP QC review process.
2.2
What types of tools are used to analyze data and what type of data
may be produced?
All data are held within a Microsoft SQL Server.
2.3
If the system uses commercial or publicly available data please
explain why and how it is used.
Not Applicable
2.4
Privacy Impact Analysis: Describe any types of controls that may be
in place to ensure that information is handled in accordance with the
above described uses.
e-Authentication (Level 2) is used by authorized users to access the system. Users are
assigned roles and constraints within the system that limit their access to data.
Section 3.0 Retention
The following questions are intended to outline how long information will be retained after
the initial collection.
3.1
How long is information retained?
Page 6
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
Permanent. Transfer a copy of the database in an approved NARA format (ASCII,
flat file) immediately after approval of this schedule. Thereafter, transfer a copy of
database in accordance with NARA specifications at the end of the calendar year.
3.2 Has the retention period been approved by the component records
officer and the National Archives and Records Administration (NARA)?
Yes. Disposition Authority N1-462-09-11.
3.3
Privacy Impact Analysis: Please discuss the risks associated with the
length of time data is retained and how those risks are mitigated.
There are no risks associated with the length of time data is retained.
Section 4.0 Internal Sharing and Disclosure
The following questions are intended to define the scope of sharing within the United States
Department of Agriculture.
4.1
With which internal organization(s) is the information shared, what
information is shared and for what purpose?
Office of Research and Analysis (ORA) – the information shared is the information
provided by the State Agencies for the QC review that was completed. This
information is used for data-mining purposes.
4.2
How is the information transmitted or disclosed?
The data is extracted from the SNAP-QCS database and provided to ORA via disk on
an annual basis.
4.3
Privacy Impact Analysis: Considering the extent of internal
information sharing, discuss the privacy risks associated with the
sharing and how they were mitigated.
State agencies input the required information into SNAP-QCS and it contains PII data.
Access is restricted to authorized users and the data are encrypted at rest. SNAP-QCS
does not share PII data.
Section 5.0 External Sharing and Disclosure
The following questions are intended to define the content, scope, and authority for information
sharing external to USDA which includes Federal, state and local government, and the private sector.
Page 7
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
5.1
With which external organization(s) is the information shared, what
information is shared, and for what purpose?
State agencies will conduct QC reviews to measure the validity of the SNAP cases at a
given time (the review date). Reviews will be conducted on a random sample of active
and negative cases. The results of the State QC reviews will be recorded in the SNAPQCS State System.
5.2
Is the sharing of personally identifiable information outside the
Department compatible with the original collection? If so, is it
covered by an appropriate routine use in a SORN? If so, please
describe. If not, please describe under what legal mechanism the
program or system is allowed to share the personally identifiable
information outside of USDA.
Not applicable. State agencies input the required information into SNAP-QCS.
SNAP-QCS does not share PII data.
5.3
How is the information shared outside the Department and what
security measures safeguard its transmission?
State agencies submit required information through the system directly (HTTPS).
5.4
Privacy Impact Analysis: Given the external sharing, explain the
privacy risks identified and describe how they were mitigated.
State agencies input the required information into SNAP-QCS and it contains PII data.
Access is restricted to authorized users and the data are encrypted at rest. SNAP-QCS
does not share PII data.
Section 6.0 Notice
The following questions are directed at notice to the individual of the scope of information
collected, the right to consent to uses of said information, and the right to decline to provide
information.
6.1
Was notice provided to the individual prior to collection of
information?
SNAP-QCS does not collect data from customers. SNAP-QCS collects data from
State Agencies. SNAP-QCS data are subject to the controls defined by State Agencies
and those federal privacy controls applicable to the federal users of SNAP-QCS.
Page 8
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
6.2
Do individuals have the opportunity and/or right to decline to provide
information?
Not Applicable
6.3
Do individuals have the right to consent to particular uses of the
information? If so, how does the individual exercise the right?
Not Applicable
6.4
Privacy Impact Analysis: Describe how notice is provided to
individuals, and how the risks associated with individuals being
unaware of the collection are mitigated.
Not Applicable
Section 7.0 Access, Redress and Correction
The following questions are directed at an individual’s ability to ensure the accuracy of the
information collected about them.
7.1
What are the procedures that allow individuals to gain access to their
information?
This would be a State Agency concern. Not Applicable to SNAP-QCS
7.2
What are the procedures for correcting inaccurate or erroneous
information?
This would be a State Agency concern. Not Applicable to SNAP-QCS
7.3
How are individuals notified of the procedures for correcting their
information?
This would be a State Agency concern. Not Applicable to SNAP-QCS
7.4
If no formal redress is provided, what alternatives are available to the
individual?
This would be a State Agency concern. Not Applicable to SNAP-QCS
Page 9
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
7.5
Privacy Impact Analysis: Please discuss the privacy risks associated
with the redress available to individuals and how those risks are
mitigated.
This would be a State Agency concern. Not Applicable to SNAP-QCS
Section 8.0 Technical Access and Security
The following questions are intended to describe technical safeguards and security measures.
8.1
What procedures are in place to determine which users may access
the system and are they documented?
See FNS Security Office for how users gain access to any FNS system. Each user
must submit an FNS-674 form signed by their supervisor, the system owner, and FNS
security officer before they are allowed access. Access is then granted through a user
management process internal to SNAP-QCS where appropriate roles and constraints
are assigned.
8.2
Will Department contractors have access to the system?
Contractors will have access to the system as needed.
8.3
Describe what privacy training is provided to users either generally
or specifically relevant to the program or system?
Privacy training is part of the annual security awareness training that all employees
and contractors must complete prior to being granted access to any FNS system.
8.4
Has Certification & Accreditation been completed for the system or
systems supporting the program?
All FNS systems must undergo Certification and Accreditation prior to being put into
production. The last C&A was completed on June 5, 2014; the ATO is dated June 5,
2014.
8.5
What auditing measures and technical safeguards are in place to
prevent misuse of data?
Users of the system are audited at least annually. FNS-674 forms must be on file and
their need to access the system is validated at least annually.
Page 10
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
8.6
Privacy Impact Analysis: Given the sensitivity and scope of the
information collected, as well as any information sharing conducted
on the system, what privacy risks were identified and how do the
security controls mitigate them?
By controlling who has access and ensuring that they are given the least privileges
needed to perform their job, FNS ensures that only valid users have access.
Section 9.0 Technology
The following questions are directed at critically analyzing the selection process for any
technologies utilized by the system, including system hardware and other technology.
9.1
What type of project is the program or system?
SNAP-QCS helps determine error rates of each state’s SNAP compliance.
9.2
Does the project employ technology which may raise privacy
concerns? If so please discuss their implementation.
No
Section 10.0 Third Party Websites/Applications
The following questions are directed at critically analyzing the privacy impact of using third
party websites and/or applications.
10.1 Has the System Owner (SO) and/or Information Systems Security
Program Manager (ISSPM) reviewed Office of Management and
Budget (OMB) memorandums M-10-22 “Guidance for Online Use of
Web Measurement and Customization Technology” and M-10-23
“Guidance for Agency Use of Third-Party Websites and
Applications”?
Yes
10.2 What is the specific purpose of the agency’s use of 3rd party websites
and/or applications?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
Page 11
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
10.3 What personally identifiable information (PII) will become available
through the agency’s use of 3rd party websites and/or applications.
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.4 How will the PII that becomes available through the agency’s use of
3rd party websites and/or applications be used?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.5 How will the PII that becomes available through the agency’s use of
3rd party websites and/or applications be maintained and secured?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.6 Is the PII that becomes available through the agency’s use of 3rd party
websites and/or applications purged periodically?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.7 Who will have access to PII that becomes available through the
agency’s use of 3rd party websites and/or applications?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.8 With whom will the PII that becomes available through the agency’s
use of 3rd party websites and/or applications be shared - either
internally or externally?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.9 Will the activities involving the PII that becomes available through
the agency’s use of 3rd party websites and/or applications require
either the creation or modification of a system of records notice
(SORN)?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.
10.10 Does the system use web measurement and customization technology?
No
Page 12
Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
10.11 Does the system allow users to either decline to opt-in or decide to
opt-out of all uses of web measurement and customization
technology?
Not Applicable
10.12 Privacy Impact Analysis: Given the amount and type of PII that
becomes available through the agency’s use of 3rd party websites
and/or applications, discuss the privacy risks identified and how they
were mitigated.
Not Applicable. SNAP-QCS does not use 3rd party websites or applications
Responsible Officials
________________________________
John Coulter
FNS/OITD/PMB
United States Department of Agriculture
Approval Signature
________________________________
Patrick Lucrezio
System Owner/Chief, Quality Control Branch
Food and Nutrition Service
United States Department of Agriculture
QCS_PIA_FY14_SP.p
df
Page 13
File Type | application/pdf |
File Title | Microsoft Word - SNAPQCS PIA_FY15_1411 |
Author | SWorkman |
File Modified | 2016-05-25 |
File Created | 2014-11-15 |