Download:
pdf |
pdfU.S. DEPARTMENT OF
HOUSING AND URBAN DEVELOPMENT
PRIVACY THRESHOLD ANALYSIS (PTA)
2019 American Housing Survey
Office of Policy Development and Research
Instruction & Template
1/28/2019
Note to ISSO: The American Housing Survey is funded
by HUD and administered by the U.S. Census Bureau.
The data collected by the Census Bureau is maintained in
a Census Bureau System of Records. As such, it is the
Census Bureau’s responsibility to conduct a Privacy
Impact Assessment.
PRIVACY THRESHOLD ANALYSIS
The Privacy Threshold Analysis (PTA) is a compliance form developed by the Privacy Branch to
identify, across the Department, the use of Personally Identifiable Information (P11). The PTA is
the first step in the PIT verification process, which focuses on these areas of inquiry:
•
Purpose for the information
•
Type of information
•
Sensitivity of the information
•
Use of the information
•
The risks to the information
Please use the attached form to determine whether a Privacy Impact Assessment (PTA) is
required under the E-Government Act of 2002 or a System of Records Notice (SORN) is
required under the Privacy Act of 1974, as amended.
Complete the form and send it to your program Privacy Liaison Officer (PLO). If you have no
program Privacy Liaison Officer, please send the PTA to John Bravacos, Chief Privacy Officer,
Privacy Branch, U.S. Department of Housing and Urban Development, 451 7th Street, SW,
Room 10139, Washington, DC 20410 or [email protected].
Upon its receipt from your program PLO, the HUD Privacy Branch will review the completed
form. If it determines that a PTA or SORN is required, the HUD Privacy Branch will send you a
copy of the PIA and SORN templates to complete and return to the Branch.
PRIVACY THRESHOLD ANALYSIS (PTA)
SUMMARY INFORMATION
Projector
Program Name:
2019 American Housing Survey
Program:
Policy Development and Research (PD&R)
CSAM Name (if
applicable):
N/A
CSAM Number
(if applicable):
N/A
Form or other Information
Collection
Project or
program
status:
Existing
January 2$, 2019
Pilot launch
date:
n/a
N/A
Pilot end date:
n/a
Not started
ATO
expiration date
(if applicable):
n/a
.
Type of Project or
Program:
.
Date first
developed:
Date of last PTA
update:
.
.
ATO Status (if
applicable)
.
PROJECT OR PROGRAM MANAGER
Name:
Shawn Bucholtz
Office:
PD&R
Title:
Director,
Phone:
202-402-5538
Email:
Shawn.j .bticholtz@ hud.gov
HDAI)
INFORMATION SYSTEM SECURITY OFFICER (ISSO) (IF APPLICABLE)
Name:
N/A
Phone:
N/A
Email:
N/A
SPECIFIC PTA QUESTIONS
1. Reason for submitting the PTA: Choose an item.
Please provide a general description of the project cmcl its purpose so a nontechniccit person cotitct
understand. If tI?is is an updated PTA, please describe the changes and/or upgrades triggering the
update to this PTA. If this is a renewal, please state whether there were any changes to the project,
program, or system since the last version.
The American Housing Survey (AHS) is a survey funded by HUD and administered by the U.S. Census
Bureau. The results of the survey are communicated to the public via the internet. No P11 is provided to
the public. Information is collected from the general public by the Census Bureau. The Census Bcireau
collects this data on behalf of HUD. They information collected in the AHS is stored in a Census SOR.
2. Does this system employ the following
technologies?
If yott are using these technologies and want
coverage tmcter the respective PtA Jr that
technology, please stop here and contact the HUD
Privacy Branch forfurther guidance.
Social Media
.
Web portal I (e.g., SharePoint)
Contact Lists
Public website (e.g., A website operated by
HUD, contractor, or other organization on behalf
of HUD)
None of these
3.
From whom does the project or
program collect, maintain, use, or
disseminate information?
Please check all that apply.
.
.
This program collects no personally identifiable
information.
.
-,
Members of the public
fl
E
HUD employees/contractors (list programs)
Contractors working on behalf of HUD
Employees of other Federal agencies
Other (e.g., business entity)
4.
What specific information about individuals is collected, generated, or retained?
Informational and collaboration-based portals in operation at MUD, and its programs that collect, use, maintain, and share limited
personally identifiable information (P11) about individuals who are “members” of the portal or “potential members” who seek to
gain access to the portal.
2
HUD defines personal information as “personally identifiable information,” or P11, as any information that permits the identity of
an individual to he directly or indirectly inferred, including any inft)rmation that is linked or linkable to that individual, regardless
of whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S.. or employee or contractor to the
Department. “Sensitive P11’ is P11, which if lost. compromised. or disclosed without authorization, could result in substantial harm.
embarrassment, inconvenience, or unfairness to an individual. For the purposes of this PTA. SF11 and P11 are treated the same.
Please provide a sj,ectfic description of information collected, generated, or retained (site/i cisfti/l names,
maiden name, mother’s maiden name, alias, Social Security ,zumber, passport nuunther, c/river’s license
nunther, taxpayer identification number, patient ictentification ,zuinther, fincincial account, credit card
,zimiber, street ac/dress, internet protocol, media access control, telephone nmnber, mobile ntinther,
business ,ztunber, photograph image, x-ravs, fingerprints, biometric image, temptcite c/cite (e.g., retain
scan, well-defined group ofpeople], vehicle registration ntunber, title izumber, and information about an
individual that is linked or linkabte to one of the above (e.g., date of birth, place of birth, race, religion,
weight, activities, geographical inclictors, employment information, medical information, ectttcation
information, financial information, etc.
The Census Bit reati collects the name, ac/ctress, antI telephone number oft/ic respondent.
HUD ‘s legal authority to sponsor the survey is Title 12, U.S.C’, Sections 1 701z-I and Title 12, U.S. C,
Section 17O]z-2(g).
Census’s legal authority to conduct surveys on behalf of sponsors in found in Title 13, Section 1535.
4(a) Does the project, program, or system
retrieve information about U.S. Citizens or
lawfully admitted permanent resident
.
.
.
No. Please continue to the next qUestion.
Yes. If yes, please list all personal identifiers
used:
.
aliens using personal identifiers?
No. Please continue to the next question.
Yes. If yes, provide the system name and
number, and the Federal Regi.ster citation(s)
for the most recent complete notice and any
subsequent notices reflecting amendment
to the system
4(b) Does the project, program, or system
have an existing System of Records Notice
(SORN), that has already been published in
the federal Register that covers the
information collected?
COMMERCE/CENSUS-3, Individual and
Hotiseholci Statistical Surveys and Special
Studies Records.” rThe notice of proposed
amendment to this system of records was
ptiblished in the Federal Register on January
26, 2012 (77 FR 4002).
Please miote this SOl?N resides with
Dcpartnieitt tf Comnmnc’icc
4(c) Has the project, program, or system
undergone any significant changes since the
SORN?
4(d) Does the project, program, or system
use Social Security numbers (SSN)?
.
.
liii
No. Please continue to the next question.
Yes. If yes, please describe.
.
fl
No.
Yes.
4(e) If yes to 4(d), please provide the
specific legal authority and purpose for the
N/A
collection of SSNs.
4(f) If yes to 4(d), please describe the uses of
the SSNs within the project, program, or
N/A
system.
No, Please continue to next question.
Yes, If a log of communication traffic is kept,
please provide that information here.
4(g) If this project, program, or system is
an information technology/system, does it
relate solely to infrastructure?
For example, is the system a Local Areci
Network (LAN) or Wide Area Network
(WAN)?
NOT APPLICABLE
4(h) If header or payload data3 is stored in the communication traffic log, please detail the data
elements stored.
N/A
5.
6.
Does this project, program, or system
connect, receive, or share P11 with any
other HUD programs or systems?
Does this project, program, or system
connect, receive, or share P11 with any
external (non-HUD) partners or
systems?
No.
Yes. If yes, please list:
NOT AIPL1CABLE
D
No.
Yes. If yes, please list:
NOT APPLICABLE
ENo.
Yes. If yes, please choose from the dropdown
6(a)
Is this external sharing pursuant to a
new or existing information sharing
access agreement (MOU, MOA, etc.)?
menu below:
Choose an item.
Please describe applicable information sharing
governance in place:
NOT APPLICABLE
7. Does the project, program, or system
provide role-based training for
personnel who have access, in addition
No.
Yes. If yes, please list:
Header: Information that is placed before the actual data. The header normally contains a small number of bytes of
control information, which is used to communicate important facts about the data that the message contains and how
it is to be interpreted and used. It serves as the communication and control link between protocol elements on different
devices.
Payload data: The actual data to he transmitted, often called the payload of the message (metaphorically borrowing a
term from the space industry!). Most messages contain some data of one form or another, hut some actually contain
none: they are used only for control and communication purposes. For example, these may be used to set up or
terminate a logical connection before data is sent.
to the annual privacy training required
of all HUD personnel?
8.
Per NIST SP 800-53 Rev. 4, Appendix
J, does the project, program, or system
maintain an accounting of disclosures
of P11 to individuals/agencies who have
requested access to their P11?
.
.
.
.
NOT APPLICABLE
No. What steps will be taken to develop and
maintain the accounting:
Yes. In what format is the accounting
maintained:
NOT APPLiCABLE
9.
Is there a FIPS 199 determination?4
,
‘
.
.
Unknown.
ENo.
Yes, Please indicate the determinations for each
of the following:
Confidentiality:
Low
Moderate
High
Integrity:
Moderate
High
Low
Availability:
Low
Moderate
High
.
NOT APPLICABLE
PRIVACY THRESHOLD ANALYSIS REVIEW
(TO BE COMPLETED BY PROGRAM PLO)
Program Privacy Liaison Reviewer:
Ronald Hill
Date submitted to Program Privacy
Office:
January 28, 2019
Date submitted to HUD Privacy Branch:
January 2$, 2019
Program Privacy Liaison Officer Recommendation:
Please inciticle recommendation below, including what new privacy compliance cloc’tiinentation is needed.
Please review and approve. PTA should be sufficient at this time. Data resides with Department of
Commerce and not with HUD. Information is collected from the general public by the Census_Bureau.
FIPS 199 (Federal Information Processine Standard Publication 199, Standards for Security Categorization of Federal Information
and Information Systems) is used to establish security categories of information systems.
The Census Bureau collects this data on behalf of HUD. The SOR that stores the survey information is a
Census SOR.
(TO BE COMPLETED BY THE HUD PRIVACY BRANCH)
HUD Privacy Branch Reviewer:
CONIQUE KEY
Date approved by HUD Privacy Branch:
February 28, 2019
PTA Expiration Date:
EVERY THREE YEARS
DESIGNATION
Privacy Sensitive System:
Choose an item.
Category of System:
Choose an item.
If “other” is selected, please describe: Click here to enter text.
Determination:
If “no” PTA adjudication is complete.
PTA sufficient at this time.
Privacy compliance documentation determination in progress.
New information-sharing arrangement is required.
HUD Policy for Computer-Readable Extracts Containing Sensitive PIT
applies.
Privacy Act Statement required.
Privacy Impact Assessment (PIA) required.
System of Records Notice (SORN) required.
Paperwork Reduction Act (PRA) Clearance may be required. Contact
your program PRA Officer.
A Records Schedule may be required. Contact your program Records
Officer.
Choose an item.
If covered by existing PTA, please list: Click here to enter text.
Choose an item.
SORN•
If covered by existing SORN, please list: Click here to enter text.
HUD Privacy Branch Comments:
Please describe ratio,zalefr priiacy compliance determination above.
Data that’s being collected will not be stored in HUD system the data belongs to Census Bureau.
PIA
DOCUMENT ENDORSEMENT
DATE REVIEWED:
PRIVACY REVIEWING OFFICIAL’S NAME:
By signing below, you attest that the content captured in this document is accurate and complete
and meet the requirements of applicable Federal regulations and HUD internal policies.
S S11File Type | application/pdf |
File Modified | 2019-03-08 |
File Created | 2019-02-28 |