Privacy Act Applicability

Save

Privacy Impact Assessment Form
v 1.47.4
Status Draft

Form Number

F-53600

Form Date

Question

Answer

1

OPDIV:

CDC

2

PIA Unique Identifier:

P-9157206-947559

2a Name:

8/2/2018 2:14:08 PM

DVP Partners Portal (DPP)
General Support System (GSS)
Major Application

3

Minor Application (stand-alone)

The subject of this PIA is which of the following?

Minor Application (child)
Electronic Information Collection
Unknown

3a

Identify the Enterprise Performance Lifecycle Phase
of the system.

Implementation
Yes

3b Is this a FISMA-Reportable system?

4

Does the system include a Website or online
application available to and for the use of the general
public?

5

Identify the operator.

6

Point of Contact (POC):

7

Is this a new or existing system?

8

Does the system have Security Authorization (SA)?

8b Planned Date of Security Authorization

No
Yes
No
Agency
Contractor
POC Title

Information System Security
Officed

POC Name

Daniel Wade

POC Organization CDC/ONDIEH/NCIPC
POC Email

[email protected]

POC Phone

770-488-4152
New
Existing
Yes
No
November 2, 2018
Not Applicable

Page 1 of 3

Save

11 Describe the purpose of the system.

DVP Partners Portal (DPP) allows CDC's Division of Violence
Prevention (DVP) and its Prevention Practice & Translation
Branch to administer their programmatic initiatives by
providing monitoring and evaluation support to funded
programs. There are four programs which require grantee
reporting and monitoring. One component of program
monitoring includes collecting information from funded
program recipients (i.e., grantees) on an annual basis and
analyzing and reporting that data to various stakeholders, such
as CDC Leadership and program recipients. The system is
being implemented to enable DVP’s Public Health Partners to
securely submit/modify annual reports via an EXCEL upload
function and via a web-based user interface for DVP Program
Managers to then analyze.

DPP has been designed to collect and store information about
funded State, local and Territorial Health departments and
partners annual goals, objectives, progress, and performance
towards overall cooperative agreement purpose and
strategies. Information collected is limited to organization
names and relevant organizational activities that impact the
decrease of risk factors in communities that may lead to
intimate partner violence, and that increase protective factors
that prevent intimate partner violence. Consequently, the
Describe the type of information the system will
types of information collected are mostly textual answers
collect, maintain (store), or share. (Subsequent
identifying goals, objectives, and milestones, dates on those
12
questions will identify if this information is PII and ask items, and the occasional numeric value to capture a
about the specific data elements.)
population size or ratio. Drop-down lists are also used in
conjunction with textual answers to help identify different data
points.
User access is validated by a separate system, CDC's Secure
Access Management System (SAMS), and no user credentials
are collected by DPP. It should be noted that SAMS has its
own Privacy Impact Assessment (PIA).

Page 2 of 3

Save
There are 4 programs which require grantee reporting and
monitoring, which are: Rape Prevention Education (RPE),
Preventing Teen Dating and Youth Violence by Addressing
Shared Risk and Protective Factors (1605), Domestic Violence
Prevention Enhancement and Leadership Through Alliances
(DELTA), and Essentials for Childhood (Essentials). One
component of program monitoring includes collecting
information from funded program recipients (i.e., grantees) on
an annual basis and analyzing and reporting data to various
stakeholders, such as CDC Leadership and program recipients.
DPP enables its Public Health Partners to securely submit/
modify annual reports via an EXCEL upload function and via a
web-based user interface for DVP Program Managers to then
analyze.

Provide an overview of the system and describe the
13 information it will collect, maintain (store), or share,
either permanently or temporarily.

The types of data collected are mostly textual answers
identifying goals, objectives, and milestones, dates on those
items, and the occasional numeric value to capture a
population size or ratio. Drop-down lists are also used in
conjunction with textual answers to help identify different data
points. DPP will collect and store information about funded
State, local and Territorial Health departments and partners
annual goals, objectives, progress, and performance towards
the overall cooperative agreement purpose and strategies.
Only names of the organizations for whom the DELTA Impact
recipients provide sub-awards will be collected.
Collected data will be shared with funded State, local and
Territorial Health departments and partners to facilitate their
reporting. This collected data will also be shared with nonprofits and with the CDC. None of the information collected or
shared is sensitive or personally identifiable. All information
provided will be limited to the organization itself (i.e.,
organization names and related organizational activities).
User access is validated by a separate system, CDC's Secure
Access Management System (SAMS); therefore, no user
credentials are collected by DPP. It should be noted that
SAMS has its own Privacy Impact Assessment (PIA).

14 Does the system collect, maintain, use or share PII?

Yes
No

General Comments

OPDIV Senior Official
for Privacy Signature

Beverly E.
Walker -S

Digitally signed by
Beverly E. Walker -S
Date: 2018.08.08 15:34:07
-04'00'

Page 3 of 3