Download:
pdf |
pdfPrivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify
information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 1 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis (PTA)
Specialized Template for
Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number:
CG 4918
Form Title:
Campaign Update Report
Component:
U.S. Coast Guard (USCG)
Office:
CG-BSX-23
IF COVERED BY THE PAPERWORK REDUCTION ACT:
U.S. Coast Guard safety standards and regulations under the authority of 46
Collection Title:
OMB Control
Number:
Collection status:
U.S.C. Chapter 43
1625-0010
Extension
OMB Expiration
Date:
Date of last PTA (if
applicable):
April 30, 2019
N/A
PROJECT OR PROGRAM MANAGER
Name:
Office:
Phone:
Mr. Kerry L. Freese
Title:
Email:
CG-BSX-23
202-372-1072
Tech. Writer / Editor
[email protected]
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Name:
Office:
Phone:
Mr. Anthony Smith
Title:
Email:
CG-612
202-475-3532
Privacy Threshold Analysis – IC/Form
PRA Coordinator
[email protected]
Version number: 04-2016
Page 2 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
SPECIFIC IC/Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form
According to 33 CFR 179.15(a), a manufacturer who makes an initial report required by 33 CFR
179.13 shall send to the Commandant of the Coast Guard a follow-up report within 60 days after the
initial report. The follow-up report must contain at least the following information:
"(1) A positive identification of the initial report;
(2) The number of units in which the defect was discovered as of the date of the follow-up report;
(3) The number of units in which corrective action has been completed as of the date of the follow-up
report;
(4) The number of first purchasers not notified because of an out of date name or address or both; and
(5) An updating of the information required by Section 179.13."
Section 179.15 also states "Each manufacturer shall submit any additional follow-up reports requested
by the Commandant." The Recreational Boating Product Assurance Branch furnishes the manufacturer
with CG-4918 forms for supplying the information.
Per an agreement with OMB, the first Campaign Update Report form (CG-4918) must be submitted
within 60 days after the manufacturer submits the Defect Noncompliance Report. Additional CG-4918
forms must be submitted within 90-day intervals thereafter, until the recall campaign reaches an
acceptable level of completion.
The authorities for this collection are 46 U.S.C. Chapter 43; 46 U.S.C. 4310; 33 CFR 179.15; 33 CFR
179.13; and 33 CFR 179.03.
2. Describe the IC/Form
a. Does this form collect any
Personally Identifiable
Information” (PII1)?
b. From which type(s) of
individuals does this form
collect information?
(Check all that apply.)
☒ Yes
☐No
☒ Members of the public
☒ U.S. citizens or lawful permanent
residents
☐Non-U.S. Persons.
☐DHS Employees
☐DHS Contractors
1
Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 3 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
☐Other federal employees or contractors.
c. Who will complete and
submit this form? (Check
all that apply.)
☐The record subject of the form (e.g., the
individual applicant).
☐Legal Representative (preparer, attorney, etc.).
☒ Business entity.
If a business entity, is the only
information collected business contact
information?
☒ Yes
☐No
☐Law enforcement.
☐DHS employee or contractor.
☐Other individual/entity/organization that is
NOT the record subject. Please describe.
Click here to enter text.
d. How do individuals
complete the form? Check
all that apply.
☒ Paper.
☒ Electronic. (ex: fillable PDF)
☐Online web form. (available and submitted via
the internet)
Provide link:
e. What information will DHS collect on the form?
Signature of preparer, business name and address.
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? No
☐ Social Security number
☐ DHS Electronic Data Interchange
Personal Identifier (EDIPI)
☐ Alien Number (A-Number)
☐ Social Media Handle/ID
☐ Tax Identification Number
☐ Known Traveler Number
☐ Visa Number
☐ Trusted Traveler Number (Global
☐ Passport Number
Entry, Pre-Check, etc.)
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 4 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
☐ Bank Account, Credit Card, or other
financial account number
☐ Other. Please list:
☐ Driver’s License Number
☐ Biometrics
g. List the specific authority to collect SSN or these other SPII elements.
N/A
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
N/A
i.
Are individuals
provided notice at the
time of collection by
DHS (Does the records
subject have notice of
the collection or is
form filled out by
third party)?
☒ Yes. Please describe how notice is provided.
Privacy Act Statement is on the form.
☐ No.
3. How will DHS store the IC/form responses?
a. How will DHS store
☐Paper. Please describe.
the original,
Click here to enter text.
completed IC/forms?
☒ Electronic. Please describe the IT system that will
store the data from the form.
All forms are stored on the Coast Guard server which
holds the Recreational Boating Production Assurance
Branch (CG-BSX-23) digital folder.
☒ Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Paper forms that are received are scanned and stored on
the Coast Guard server which holds the CG-BSX-23
digital folder.
b. If electronic, how
does DHS input the
☒ Manually (data elements manually entered). Please
describe.
Forms are saved to a folder on a Coast Guard server.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 5 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
responses into the IT
system?
c. How would a user
search the
information
submitted on the
forms, i.e., how is the
information
retrieved?
☐ Automatically. Please describe.
Click here to enter text.
☐ By a unique identifier.2 Please describe. If
information is retrieved by personal identifier, please
submit a Privacy Act Statement with this PTA.
Click here to enter text.
☒ By a non-personal identifier.
Each campaign is identified by a campaign number issued
upon initiation of a recall campaign i.e., XXX 16R5721S.
Information is retrieved by the campaign number.
These forms are retained for life and are kept for case
management and historic purposes. N1-026-05-005.
d. What is the records
retention
schedule(s)? Include
the records schedule
number.
Forms are not disposed or deleted, they are maintained as
e. How do you ensure
historic files. Files are transferred to Federal Records Center
that records are
after 3 years and to the National Archives and Records
disposed of or deleted
Administration when 20 years old.
in accordance with
the retention
schedule?
f. Is any of this information shared outside of the original program/office?
☐ Yes, information is shared with other DHS components or offices. Please describe.
Click here to enter text.
☐ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
Click here to enter text.
☒ No. Information on this form is not shared outside of the collecting office.
2
Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 6 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 7 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:
Robert Herrick
Date submitted to component Privacy
Office:
Date submitted to DHS Privacy Office:
June 19, 2018
Have you approved a Privacy Act
Statement for this form? (Only
applicable if you have received a
waiver from the DHS Chief Privacy
Officer to approve component Privacy
Act Statements.)
September 6, 2018
☒ Yes. Please include it with this PTA
submission.
Although not technically required as this information is
not retrieved by personal identifier, USCG will work with
the sponsor to update the Privacy Act Statement.
☐No. Please describe why not.
Click here to enter text.
Component Privacy Office Recommendation:
The Campaign Update Report form is used to satisfy the requirements of 33 CFR 179.15(a). According
to 33 CFR 179.15(a), a manufacturer who makes an initial report required by 33 CFR 179.13 shall send to
the Commandant of the Coast Guard a follow-up report within 60 days after the initial report. The
follow-up report must contain at least the following information:
(1) A positive identification of the initial report;
(2) The number of units in which the defect was discovered as of the date of the follow-up report;
(3) The number of units in which corrective action has been completed as of the date of the follow-up
report;
(4) The number of first purchasers not notified because of an out of date name or address or both; and
(5) An updating of the information required by Section 179.13.
The form collects the following information: signature of preparer, business name and business address.
DHS/USCG/PIA-008 Marine Information for Safety and Law Enforcement (MISLE) and DHS/USCG013 Marine Information for Safety and Law Enforcement (MISLE) provide coverage for this form.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 8 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:
Riley Dean
PCTS Workflow Number:
Date approved by DHS Privacy Office:
PTA Expiration Date
Click here to enter text.
September 6, 2018
September 6, 2021
DESIGNATION
Privacy Sensitive IC or
Form:
Yes If “no” PTA adjudication is complete.
Determination:
☐PTA sufficient at this time.
☐Privacy compliance documentation determination in progress.
☐New information sharing arrangement is required.
☐DHS Policy for Computer-Readable Extracts Containing SPII
applies.
☐Privacy Act Statement required.
☒ Privacy Impact Assessment (PIA) required.
☐System of Records Notice (SORN) required.
☐Specialized training required.
☐Other. Click here to enter text.
DHS IC/Forms Review:
Choose an item.
Date IC/Form Approved Click here to enter a date.
by PRIV:
IC/Form PCTS Number: Click here to enter text.
Privacy Act
e(3) statement not required.
Statement:
Because information is not retrieved by personal identifier, a Privacy Act
Statement nor SORN coverage are required.
PTA:
Choose an item.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 9 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Click here to enter text.
PIA:
System covered by existing PIA
If covered by existing PIA, please list: DHS/USCG/PIA-008 Marine
Information for Safety and Law Enforcement (MISLE)
If a PIA update is required, please list: Click here to enter text.
SORN:
Choose an item.
If covered by existing SORN, please list: Click here to enter text.
If a SORN update is required, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
USCG is submitting this PTA to discuss the Campaign Update Report, Form CG 4918,
which is associated with the U.S. Coast Guard safety standards and regulations under
the authority of 46 U.S.C. 43 and OMB Control Number 1625-0010. The Recreational
Boating Product Assurance Branch (BSX 23) in the Office of Boating Safety develops
and enforces compliance with Coast Guard safety standards and regulations.
Compliance enforcement includes monitoring defect notification and recall
campaigns which boat and engine manufacturers conduct for failures to comply with
applicable Coast Guard safety standards or regulations, and for defects which in the
words of the Federal statutes, "create a substantial risk of personal injury to the
public."
The manufacturer provides USCG with an initial report about the defect notification
and recall campaign being conducted. The manufacture is required to send USCG a
follow-up report within 60 days after the initial report (Defect/Noncompliance
Report, Form CG 4917). The follow-up report must contain at least the following
information:
A positive identification of the initial report;
The number of units in which the defect was discovered as of the date of the
follow-up report;
The number of units in which corrective action has been completed as of the
date of the follow-up report;
The number of first purchasers not notified because of an out of date name or
address or both; and
An updating of the information required by Section 179.13.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 10 of 11
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
The form is then completed by the manufacturer. The form is then submitted to
USCG. All forms are stored digitally by BSX 23.
The DHS Privacy Office finds that this form is privacy-sensitive, requiring PIA
coverage.
PIA coverage is provided by DHS/USCG/PIA-008 MISLE, which outlines the risks of
capturing information required to support the Coast Guard’s marine safety, security,
environmental protection and law enforcement programs. SORN coverage is not
technically required as the information is collected and therefore not retrieved by a
unique identifier. However, DHS/USCG-013 MISLE does provide notice of this type of
information collection. Additionally, a Privacy Act Statement is not required.
Privacy Threshold Analysis – IC/Form
Version number: 04-2016
Page 11 of 11
�
| File Type | application/pdf |
| File Modified | 2018-09-06 |
| File Created | 2018-09-06 |