Download:
pdf |
pdfPrivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify
information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.
Privacy Threshold Analysis – IC/Form
Page 1 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis (PTA)
Specialized Template for
Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number:
TSA Forms 412 and 417
Form Title:
TSA Form 412 – Travel Support Request
TSA Form 417 – Screening Assistance Request
Military Severely Injured
Transportation Security Office:
Joint Support Operations
Administration (TSA)
Component:
Center/Travel Protocol
Office
IF COVERED BY THE PAPERWORK REDUCTION ACT:
Collection Title:
Military Severely Injured Joint Support Operations Center
(MSIJSOC) and Travel Protocol Office (TPO) Programs
Click here to enter a
OMB Control
1652-NEW
OMB Expiration
date.
Number:
Date:
Collection status:
New Collection
Date of last PTA (if
Click here to enter
applicable):
a date.
PROJECT OR PROGRAM MANAGER
Name:
Daryush Mazhari
Office:
OSO
Title:
Branch Manager
[email protected]
Phone:
703-603-1560
Email:
Name:
Office:
Phone:
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Kenneth Corgan
ORCA
Title:
Program Analyst
[email protected]
571-227-3330
Email:
Privacy Threshold Analysis – IC/Form
Page 2 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
SPECIFIC IC/Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form
a. Describe the purpose of the information collection or form. Please provide a
general description of the project and its purpose, including how it supports the DHS
mission, in a way a non-technical person could understand (you may use
information from the Supporting Statement).
If this is an updated PTA, please specifically describe what changes or upgrades are
triggering the update to this PTA.
The purpose of this collection is to enable TSA personnel to assist through airport
security screenings severely injured or disabled active-duty service members and
veterans; US accredited ambassadors; foreign dignitaries; and others whose presence at
a screening checkpoint may pose undue risk or distraction to other travelers and the
screening process.
b. List the DHS (or component) authorities to collect, store, and use this information.
If this information will be stored and used by a specific DHS component, list the
component-specific authorities.
Under the Aviation & Transportation Security Act (PL 107-71) TSA is responsible
for security in all modes of transportation including screening operations for
passenger air transportation and for carrying out such other duties relating to the
transportation security as it considers appropriate.
The Helping Heroes Fly Act (P.L. 113-27) directs TSA to “develop and implement a
process to support and facilitate the ease of travel and to the extent possible
provide expedited passenger screening services for severely injured or disabled
members of the Armed Forces and severely injured or disabled veterans
through passenger screening.”
2. Describe the IC/Form
a. Does this form collect any
Personally Identifiable
Information” (PII1)?
☒ Yes
☐ No
1
Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Page 3 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
b. From which type(s) of
individuals does this form
collect information?
(Check all that apply.)
☒ Members of the public
☒ U.S. citizens or lawful permanent
residents
☒ Non-U.S. Persons. (Form 412 only)
☐ DHS Employees
☐ DHS Contractors
☐ Other federal employees or contractors.
c. Who will complete and
submit this form? (Check
all that apply.)
☐ The record subject of the form (e.g., the
individual applicant).
☐ Legal Representative (preparer, attorney,
etc.).
☐ Business entity.
If a business entity, is the only
information collected business contact
information?
☐ Yes
☐ No
☐ Law enforcement.
☒ DHS employee or contractor.
☐ Other individual/entity/organization that is
NOT the record subject. Please describe.
Click here to enter text.
d. How do individuals
complete the form? Check
all that apply.
☐ Paper.
☒ Electronic. (ex: fillable PDF)
☐ Online web form. (available and submitted via
the internet)
Provide link:
e. What information will DHS collect on the form? List all PII data elements on the
form. If the form will collect information from more than one type of individual,
please break down list of data elements collected by type of individual.
TSA Form 412: Passenger’s Full Name; Official Title; Nationality (for foreign dignitaries);
Passenger’s Travel Coordinator Name and Title; Passenger’s Travel Coordinator Email
and Phone Number; Complete Flight Itinerary (Dates and Times of Travel; Airline; Flight
Privacy Threshold Analysis – IC/Form
Page 4 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Number; Departure & Arrival Airport); First and Last Names and additional traveling
passengers; the Number of Family Members and Staff Members in traveling party.
TSA Form 417: Passenger’s Name; Branch of Service; Rank; Phone Number/s; Email
Address; Names and Number of Adults and Children in traveling party; Passenger’s Case
Manager Name and Phone Number; Complete Flight Itinerary (Dates and Times of
Travel; Airline; Flight Number; Departure & Arrival Airport); and special traveling needs.
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? Check all that
apply.
☐ Social Security number
☐ DHS Electronic Data Interchange
Personal Identifier (EDIPI)
☐ Alien Number (A-Number)
☐ Social Media Handle/ID
☐ Tax Identification Number
☐ Known Traveler Number
☐ Visa Number
☐ Trusted Traveler Number (Global
☐ Passport Number
Entry, Pre-Check, etc.)
☐ Bank Account, Credit Card, or other
☐ Driver’s License Number
financial account number
☐ Biometrics
☐ Other. Please list:
g. List the specific authority to collect SSN or these other SPII elements.
NA
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
NA
i.
Are individuals
provided notice at the
time of collection by
DHS (Does the records
subject have notice of
the collection or is
Privacy Threshold Analysis – IC/Form
☒ Yes. Please describe how notice is provided.
Information is collected directly from the travelers or
their representative when they voluntarily contact the
Travel Protocol Office for assistance.
☐ No.
Page 5 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
form filled out by
third party)?
3. How will DHS store the IC/form responses?
a. How will DHS store
☐ Paper. Please describe.
the original,
Click here to enter text.
completed IC/forms?
☒ Electronic. Please describe the IT system that will
store the data from the form. Local Travel Protocol
Program Office Network Drive
☐ Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Click here to enter text.
b. If electronic, how
does DHS input the
responses into the IT
system?
☒ Manually (data elements manually entered). Please
describe. Electronic forms are completed by TPO
personnel and saved to local drive.
☐ Automatically. Please describe.
Click here to enter text.
c. How would a user
search the
information
submitted on the
forms, i.e., how is the
information
retrieved?
☒ By a unique identifier.2 Please describe. If
information is retrieved by personal identifier, please
submit a Privacy Act Statement with this PTA.
Forms are retrieved by name of traveler and date
of travel.
☐ By a non-personal identifier. Please describe.
Click here to enter text.
Forms older than three years from the travel date are
deleted in accordance with NARA N1-560-10-001,
Item 5/TSA File Code 5000.26.
d. What is the records
retention
schedule(s)? Include
the records schedule
number.
2
Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Page 6 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
e. How do you ensure
Network folder is reviewed annually and forms older
that records are
than three years are deleted.
disposed of or deleted
in accordance with
the retention
schedule?
f. Is any of this information shared outside of the original program/office? If yes,
describe where (other offices or DHS components or external entities) and why.
What are the authorities of the receiving party?
☒ Yes, information is shared with other DHS components or offices. Please describe.
This information is shared with arrival & departure airports to coordinate
screening assistance.
☐ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
Click here to enter text.
☐ No. Information on this form is not shared outside of the collecting office.
Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.
Privacy Threshold Analysis – IC/Form
Page 7 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:
Jennifer L. Schmidt
Date submitted to component Privacy
Office:
Date submitted to DHS Privacy Office:
July 31, 2017
Have you approved a Privacy Act
Statement for this form? (Only
applicable if you have received a
waiver from the DHS Chief Privacy
Officer to approve component Privacy
Act Statements.)
August 14, 2017
☒ Yes. Please include it with this PTA
submission. See below.
☐ No. Please describe why not.
Click here to enter text.
Component Privacy Office Recommendation:
Please include recommendation below, including what existing privacy compliance
documentation is available or new privacy compliance documentation is needed.
TSA Privacy Office recommends approval of this PTA. SORN coverage is provided by
DHS/TSA-001, Transportation Security Enforcement Record System (TSERS). PIA
coverage is provided by DHS/TSA/PIA-043, Travel Protocol Office Program.
Privacy Act Statement to be included on both Forms 412 & 417:
AUTHORITY: 49 USC § 114(f)(15); 49 USC § 44927.
PRINCIPAL PURPOSE(S): This information is used to coordinate and provide airport
security screening assistance to eligible travelers.
ROUTINE USE(S): This information may be shared in accordance with the Privacy
Act of 1974, 5 USC § 552(a), or for routine uses identified in the TSA system of
records, DHS/TSA-001, Transportation Security Enforcement Record System.
DISCLOSURE: Furnishing this information is voluntary; however, failure to provide
the requested information may prevent TSA from providing assistance through
airport security screenings to eligible travelers.
Privacy Threshold Analysis – IC/Form
Page 8 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:
Sean McGuinness
PCTS Workflow Number:
Date approved by DHS Privacy Office:
PTA Expiration Date
1148733
August 16, 2017
August 16, 2020
DESIGNATION
Privacy Sensitive IC or
Form:
Yes If “no” PTA adjudication is complete.
Determination:
☐ PTA sufficient at this time.
☐ Privacy compliance documentation determination in
progress.
☐ New information sharing arrangement is required.
☐ DHS Policy for Computer-Readable Extracts Containing SPII
applies.
☒ Privacy Act Statement required.
☒ Privacy Impact Assessment (PIA) required.
☒ System of Records Notice (SORN) required.
☐ Specialized training required.
☐ Other. Click here to enter text.
DHS IC/Forms Review:
DHS PRIV has not received this ICR/Form.
Date IC/Form Approved Click here to enter a date.
by PRIV:
IC/Form PCTS Number: Click here to enter text.
Privacy Act
Choose an item.
Statement:
Privacy Act Statement approved concurrently with this PTA
PTA:
No system PTA required.
Click here to enter text.
PIA:
System covered by existing PIA
Privacy Threshold Analysis – IC/Form
Page 9 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
If covered by existing PIA, please list: DHS/TSA/PIA-043 Travel
Protocol Office Program
If a PIA update is required, please list: Click here to enter text.
SORN:
System covered by existing SORN
If covered by existing SORN, please list: DHS/TSA-001 Transportation
Security Enforcement Record System December 9, 2013, 78 FR 73868
If a SORN update is required, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
DHS Privacy Office finds that the TSA forms, TSA Form 412 – Travel Support Request and
TSA Form 417 – Screening Assistance Request, are privacy sensitive as they collect PII from
members of the public (U.S. citizens or lawful permanent residents and Non-U.S. Persons.
PII from Non-U.S. Persons is collected on TSA Form 412 only).
The purpose of these forms is to collect necessary PII to provide expedited passenger
screening services for severely injured or disabled members of the Armed Forces and
severely injured or disabled veterans and foreign dignitaries through passenger screening.
PRIV agrees with TSA Privacy that PIA coverage is provided under DHS/TSA/PIA-043
Travel Protocol Office Program. DHS/TSA/PIA-043 outlines how the TSA Travel Protocol
Office (TPO) supports and facilitates the movement of eligible travelers (in this case
members of the U.S. Armed forces or Veterans that have been severely injured or disabled
and foreign dignitaries) whose presence at a security screening checkpoint may distract
other travelers and/or reduce the efficiency of the screening process. It is TSA’s
prerogative to collect limited PII on these individuals in order to facilitate airport transit
and to conduct security screening operations.
PRIV agrees with TSA Privacy that SORN coverage is provided under DHS/TSA-001
Transportation Security Enforcement Record System. DHS/TSA-001 outlines how TSA
maintains an enforcement and inspections system for all modes of transportation for
which TSA has security-related duties and to maintain records related to the investigation
or prosecution of violations or potential violations of Federal, State, local, or international
criminal law.
A Privacy Act Statement is required as this form collects PII via personal identifier. The
Privacy Act Statement is being approved concurrently with this PTA. PRIV understands
that both forms are still in draft and do not currently have the Privacy Act Statement on
Privacy Threshold Analysis – IC/Form
Page 10 of 11
Version number: 04-2016
Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
them. The Privacy Act Statement must be added to both forms before they can be used for
this program.
Privacy Threshold Analysis – IC/Form
Page 11 of 11
Version number: 04-2016
File Type | application/pdf |
File Modified | 2017-08-16 |
File Created | 2017-08-16 |