Privacy Act Checklist

Privacy Act Checklist

OMB No. 0920-0920

Generic ICR: Data Collection Through Web Based Surveys for Evaluating Act Against AIDS Social Marketing Campaign Phases Targeting Consumers

Does the data collection involve collecting sensitive or personally identifiable information?

Depending on the target audience for the campaign phase, the study screener will vary, but some sensitive questions must be asked to identify the intended audience. The sample study screener (Attachment 6) will include questions that assess whether individuals have ever tested positive for HIV and when they first tested positive. Furthermore, because our campaign materials are targeted to various populations, screening questions may address sexual orientation, sexual behavior, and/or HIV status of sexual partners.

The sample survey items (Attachment 3) will also include sensitive questions about respondents’ perceived risk for HIV, sexual behavior, and use of pre- and post-exposure prophylaxis. Inclusion of these items will allow us to examine transmission behaviors among respondents who have and have not been exposed to AAA campaign messages and to determine whether change in these measures is related to exposure status.

The data collection does not involve collecting personally information in identifiable form (IIF).

Describe how personal information will be maintained and who will have access to it.

The online survey panel vendors will maintain the names of and contact information for (e.g., addresses, telephone numbers, and email addresses) panel members who are invited to take part in a survey. The vendors will also track survey completion. The vendors will use this information to invite participation, remind nonresponders to complete the survey, and determine who should receive and to disburse the token of appreciation (see Attachment 5).

Although CDC will own the data, neither CDC nor the evaluation contractor will have access to respondents’ names and contact information. This information is maintained separately by the vendor and is not part of the survey system. Additionally, the vendor will not have access to screener or survey responses (‘survey’ hereafter). Thus, survey responses cannot be linked to individuals’ names, email addresses, or telephone numbers.

Some online survey panel vendors also collect IP addresses to reduce the likelihood of ‘ballot box stuffing’ which is when the same individual attempts to take the same survey more than once for financial gain. If this feature is available through a vendor, recording IP addresses (which is considered information in identifiable form [IIF]) is a requirement of individuals’ participation in the panel. IP addresses will be automatically included in the data file that is downloaded by the evaluation contractor if this is the case. The evaluation contractor will delete the IP addresses from the data file immediately upon download. CDC will only have access to the deidentified data file. When working with a survey panel vendor that records IP addresses, the consent form will inform individuals that this is the case and the reason why this is necessary. Individuals who do not agree to this condition can decline to take the survey.

The online survey panel vendors take the following security measures to ensure separation between respondents’ identity and their survey data.

1. The survey instrument (which also includes the screener) will not include IIF maintained by the survey panel vendors.

2. Although the survey invitation method will inherently include IIF (e.g., email addresses), this information will not be combined with survey responses; thus, there is no link between individuals’ names and contact information and survey responses.

3. Although some survey panel vendors record IP addresses and include them in the data file, the evaluation contractor will delete this information when they download the data file. Therefore, the data file maintained by the contractor will not include IIF.

4. The vendor will provide screener data for all panelists, regardless of whether they qualify for the study. However, they will not retain screener data for those who are deemed ineligible for any other purpose outside the scope of this project.

5. The vendors will retain study records for the duration of the study. Upon final delivery of data files to the evaluation contractor and completion of the project, the vendors will destroy all study records, including data files, upon request.

The evaluation contractor will maintain restricted access to all project data. Data are kept on a network drive behind the contractor’s firewall that requires multi-factor authentication to access. Within the contractor’s firewall, access to the folder with data are restricted to only select users who need access to carryout project work.

How long will sensitive or personal information be maintained? This information is crucial. If sensitive information is maintained for even one day, the Privacy Act will apply and we will have to provide language in the clearance package.

All IIF will be destroyed by the online survey panel vendors after the data collection is complete. The evaluation contractor will delete IIF from the data file when they download the data; thus, IIF will not be stored in the data file. When the project ends, the evaluation contractor will transfer all project data to its secure storage facility for three years, after which point it will be destroyed.

Will the collected information be covered by the appropriate CDC Assurance of Confidentiality?

The consent form assures respondents that their information will be used for the purposes of the specified research and kept secure to the extent allowable by law; that their answers to screener and survey questions will not be shared with anyone else; and that their personal information cannot be linked to their answers and will not be used in any reports. The consent form also advises individuals of steps they can take to protect their privacy (i.e., take the survey in a private location, such as their own home and/or in a room with a door, to prevent others from seeing their answers and to close their broswer window when they are finished of they decide to withdraw). The consent form is shown in Attachment 4.

If identifiable information will be filed and retrieved by the name of the individual:

Neither CDC nor the evaluation contractor will have access to respondents’ names, and the online survey panel vendors will not have access to survey responses. Therefore, it is not possible to link survey answers to specific respondents.