Privacy Threshold Analysis (PTA)

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify
information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.

Privacy Threshold Analysis – IC/Form

Page 1 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

Privacy Threshold Analysis (PTA)

Specialized Template for
Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number:
Form Title:
Component:

078-0-2 and 078-0-2A
National Fire Academy Long Term Evaluation
Federal Emergency
Office:
US Fire Administration
Management Agency
(USFA)/National Fire
(FEMA)
Academy (NFA)

IF COVERED BY THE PAPERWORK REDUCTION ACT:
Collection Title:
OMB Control
1660-0039
OMB Expiration
March 31, 2018
Number:
Date:
Collection status:
Extension
Date of last PTA (if
N/A
applicable):

Name:
Office:
Phone:

Name:
Office:
Phone:

PROJECT OR PROGRAM MANAGER
Dawn Long
National Fire Academy
Title:
Statistician
Email:
[email protected]
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Millicent Brown
OCAO
Title:
Information
Collection/Forms Manager
202-646-2814
Email:
[email protected]
ov

Privacy Threshold Analysis – IC/Form

Page 2 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

SPECIFIC IC/Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form
a. Describe the purpose of the information collection or form. Please provide a
general description of the project and its purpose, including how it supports the DHS
mission, in a way a non-technical person could understand (you may use
information from the Supporting Statement).
If this is an updated PTA, please specifically describe what changes or upgrades are
triggering the update to this PTA.
The National Fire Academy (NFA) is mandated under the Fire Prevention and Control Act
of 1974 (Public Law 93-498) to provide training and education to the Nation’s fire service
and emergency service personnel. The state-of-the-art programs offered by the NFA serve
as models of excellence and state and local fire service agencies rely heavily on the
curriculum to train their personnel.
The Long-Term Evaluation (LTE) form is used to maintain the quality of NFA training
programs. It is critical that courses be evaluated after students have had the opportunity
to apply the knowledge and skills gained from their training. NFA students are typically
state, local, tribal, and territorial firefighters. Evaluations are completed online by
students after a course, as well as government officials who are identified as supervisors
of NFA students. The NFA send students and supervisors a letter directing them to follow
a link to the evaluation, which is completed and submitted electronically. If an email
address is provided at registration, the NFA sends the letter electronically; otherwise, the
NFA sends the letter via postal mail.
The LTE form does not collect any PII. However, students and supervisors will have to log
on to USFA Web Farm to complete the form. USFA issue students’ and supervisors’
usernames and passwords in the aforementioned letter. Users are not prompted to
change the password, as each is a one-time use only. Once the evaluation is submitted, the
username and password become invalid. Email address and/or home address are linked
to the user for administrative use only, e.g., sending reminders. Only personnel with
evaluation access rights can view names and passwords. This information submitted by
the user is not linked to evaluation reports.
b. List the DHS (or component) authorities to collect, store, and use this information.
If this information will be stored and used by a specific DHS component, list the
component-specific authorities.

Privacy Threshold Analysis – IC/Form

Page 3 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

FEMA-USFA-NFA will collect this data in accordance with Public Law 93-498.

2. Describe the IC/Form
a. Does this form collect
any Personally
Identifiable Information”
(PII1)?
b. From which type(s) of
individuals does this
form collect
information? (Check all
that apply.)

c. Who will complete and
submit this form? (Check
all that apply.)

☐ Yes
☒ No

☒ Members of the public
☒ U.S. citizens or lawful permanent
residents
☐ Non-U.S. Persons.
☐ DHS Employees
☐ DHS Contractors
☐ Other federal employees or contractors.
☒ The record subject of the form (e.g., the
individual applicant).
☐ Legal Representative (preparer, attorney, etc.).
☐ Business entity.
If a business entity, is the only
information collected business contact
information?
☐ Yes
☐ No
☐ Law enforcement.
☐ DHS employee or contractor.
☐ Other individual/entity/organization that is
NOT the record subject. Please describe.
Click here to enter text.

1

Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form

Page 4 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

d. How do individuals
complete the form?
Check all that apply.

☐ Paper.
☐ Electronic. (ex: fillable PDF)
☒ Online web form. (available and submitted via
the internet)
Provide link:
https://apps.usfa.fema.gov/nfacourses/lte/signIn
e. What information will DHS collect on the form? List all PII data elements on the
form. If the form will collect information from more than one type of individual,
please break down list of data elements collected by type of individual.
The form only collects student feedback on a completed course or training. FEMA will
not collect any personally identifiable information in the LTE form.
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? Check all that
apply. No.
☐ Social Security number
☐ Alien Number (A-Number)
☐ Tax Identification Number
☐ Visa Number
☐ Passport Number
☐ Bank Account, Credit Card, or other
financial account number
☐ Other. Please list:

☐ DHS Electronic Data Interchange
Personal Identifier (EDIPI)
☐ Social Media Handle/ID
☐ Known Traveler Number
☐ Trusted Traveler Number (Global
Entry, Pre-Check, etc.)
☐ Driver’s License Number
☐ Biometrics

g. List the specific authority to collect SSN or these other SPII elements.
Click here to enter text.
N/A No SPII collected.
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
Click here to enter text.
N/A

Privacy Threshold Analysis – IC/Form

Page 5 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

i.

Are individuals
provided notice at
the time of collection
by DHS (Does the
records subject have
notice of the
collection or is form
filled out by third
party)?

☐ Yes. Please describe how notice is provided.
☒ No.

3. How will DHS store the IC/form responses?
a. How will DHS store
☐ Paper. Please describe.
the original,
Click here to enter text.
completed IC/forms?
☒ Electronic. Please describe the IT system that will
store the data from the form.
The Long-term evaluation form is stored in USFA
Web Farm.
☐ Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Click here to enter text.
b. If electronic, how
does DHS input the
responses into the IT
system?

c. How would a user
search the
information

☐ Manually (data elements manually entered). Please
describe.
Click here to enter text.

☒ Automatically. Please describe.
Once the respondent completes/submits the survey form
on-line, the data automatically transmits to the database
in the USFA Web Farm.
☐ By a unique identifier.2 Please describe. If
information is retrieved by personal identifier, please
submit a Privacy Act Statement with this PTA.

2

Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form

Page 6 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

submitted on the
forms, i.e., how is the
information
retrieved?
d. What is the records
retention
schedule(s)? Include
the records schedule
number.

Click here to enter text.
☒ By a non-personal identifier. Please describe.
Data is retrieved in aggregate form by the dates of
the courses.
In accordance with the FEMA Records Disposition
schedule (File Number TNG-8) training evaluation
records are TEMPORARY and are destroyed when
superseded or obsolete. NARA_Auth: N1-311-86-1,
Item 3A5.

e. How do you ensure
Records are reviewed annually for disposition of or
that records are
for deletion in accordance with the FEMA Records
disposed of or deleted
Retention Schedule. N1-311-86-1, Item 3A5
in accordance with
the retention
schedule?
f. Is any of this information shared outside of the original program/office? If yes,
describe where (other offices or DHS components or external entities) and why.
What are the authorities of the receiving party?
☐ Yes, information is shared with other DHS components or offices. Please describe.
☐ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
☒ No. Information on this form is not shared outside of the collecting office.

Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.
PRIVACY THRESHOLD REVIEW

Privacy Threshold Analysis – IC/Form

Page 7 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:

Christopher Rogers

Date submitted to component Privacy
Office:
Date submitted to DHS Privacy Office:

October 13, 2017

Have you approved a Privacy Act
Statement for this form? (Only
applicable if you have received a
waiver from the DHS Chief Privacy
Officer to approve component Privacy
Act Statements.)

Click here to enter a date.
☐ Yes. Please include it with this PTA
submission.
☒ No. Please describe why not.
No PII is collected in the LTE form.

Component Privacy Office Recommendation:
Please include recommendation below, including what existing privacy compliance
documentation is available or new privacy compliance documentation is needed.
FEMA Privacy recommends the LTE form be adjudicated as non-privacy sensitive.

Privacy Threshold Analysis – IC/Form

Page 8 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:

Hannah Burgess

PCTS Workflow Number:
Date approved by DHS Privacy Office:
PTA Expiration Date

1152979
November 14, 2017
November 14, 2020

DESIGNATION
Privacy Sensitive IC or
Form:

No If “no” PTA adjudication is complete.

Determination:

☒ PTA sufficient at this time.
☐ Privacy compliance documentation determination in
progress.
☐ New information sharing arrangement is required.
☐ DHS Policy for Computer-Readable Extracts Containing SPII
applies.
☐ Privacy Act Statement required.
☐ Privacy Impact Assessment (PIA) required.
☐ System of Records Notice (SORN) required.
☐ Specialized training required.
☐ Other. Click here to enter text.

DHS IC/Forms Review:

Choose an item.

Date IC/Form Approved Click here to enter a date.
by PRIV:
IC/Form PCTS Number: Click here to enter text.
Privacy Act
Choose an item.
Statement:
No Privacy Notice required
PTA:
Choose an item.
No system PTA required
Privacy Threshold Analysis – IC/Form

Page 9 of 10

Version number: 04-2016

Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy

PIA:

Choose an item.
If covered by existing PIA, please list: No PIA required
If a PIA update is required, please list: Click here to enter text.
SORN:
Choose an item.
If covered by existing SORN, please list: No SORN required
If a SORN update is required, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
FEMA is submitting this PTA to discuss the National Fire Academy (NFA) Long-Term
Evaluation survey. The survey is designed to collect feedback from students and
supervisors regarding the perceived value of NFA training programs once students
have had the opportunity to apply skills gained in the programs.
The survey is administered via a link sent by email or by mail, and the prior
collection of contact information in order to send the link for the survey is covered
by DHS/ALL/PIA-006 DHS General Contacts List and the DHS/ALL-002 DHS Mailing
and Other Lists SORN.
The survey itself does not collect any PII. The questions involve assessments of the
perceived value of NFA training as applied to the student’s current job performance.
Because no PII is collected through the survey itself, the DHS Privacy Office finds that
the NFA Long-Term Evaluation form is non-privacy sensitive. No further privacy
documentation is required.

Privacy Threshold Analysis – IC/Form

Page 10 of 10

Version number: 04-2016