Pia

PRIVACY IMPACT ASSESSMENT (PIA)
Prescribing Authority: Public Law 107-347, Section 208(b). Complete this form for Department of Housing
and Urban Development (HUD) information systems or electronic collections (referred to as "electronic
collections" for the purpose of this form) of information that collect, maintain, use, and / or disseminate
personally identifiable information (PII) about members of the public, Federal employees, and contractors. In the
case where no PII is collected, the PIA will serve as a conclusive determination that privacy requirements do not
apply to the system. Please be sure to use plain language and be as concise as possible.
For further information and instructions on how to fill out the PIA, please see the PIA Reference Guide.
HUD’s PIAs describe: (1) the legal authority that permits the collection of information; (2) the specific type of
information used by the system; (3) how and why the system uses the information; (4) whether the system
provides notice to individuals that their information is used by the system; (5) the length of time the system
retains information; (6) whether and with whom the system disseminates information; (7) procedures individuals
may use to access or amend information used by the system; and (8) physical, technical, and administrative
safeguards applied to the system to secure the information.

1. HUD INFORMATION SYSTEM: Capital Needs Assessment Electronic Tool (CNA e-Tool), P282
2. HUD DIVISON NAME:

Office of Multifamily Housing, Program Systems Management Office

3. CSAM ID:

1118

Section 1: PII Description Summary (For Public Release)

a. The PII is: (Check all that apply)
✔ From members of the general public

From Federal employees and / or Federal contractors
From vendors

From a third-party source
Not Collected (Please proceed to Section 4)
Other (Please specify in the box below)

b. The PII is in a / an: (Check one)
New HUD information system
Existing HUD information system
✔ Significantly modified HUD information system
(if selected, please describe the modification in
the box below)

c.

New collection
Existing collection

The application is being upgraded to the cloud based solution, the upgrade will also allow for a new user group and
full automation of the current excel based assessment tool. The SSN and TIN is only option to authenticate at the
organizational level and not at the individual level. Currently there's nothing in place to decipher between TIN and
SSN. The
between
the TIN and
SSN does
not exist.
Describe
thecapability
purposetoofdecipher
this HUD
information
system
or project,
including the types of personal

information collected in the system.
The system does Capital Needs and Physical Assessments for FHA insured and assisted Multifamily Properties
(Mortgage Insurance, Subsidized Housing, Mark-to-Market, and Rental Assistance Demonstration Programs).
Assessments are used to produce due diligence reporting commonly used in the multifamily industry to examine
current physical conditions at properties (buildings, units, utilities, and components (For example: Doorways,
Windows, Dryers, etc.)), specify repairs/replacements needed immediately and to budget for long-term capital
repairisand
needs
the life
anintended
asset. Several
the PII?
CNA tools
freely available
to the public
d. Why
thereplacement
PII collected
andduring
/ or what
isofthe
use ofofthe
(e.g. are
verification,
identification,
and may be used to prepare a CNA for any multifamily property no matter whether a HUD or a partnering agency
authentication,
data matching, mission-related use, administrative use)
financing or activity is contemplated. The information collected is needed to appropriately value a project/property,
to determine
financial
sustainability,
and to plan
funding of an escrow account to be used for capital repair and
The
PII is used
for verification,
identification,
andfor
authentication.
replacement needs during the estimate period. It is used by external parties, and HUD for valuation, underwriting,
and asset management purposes.

1
Additional, PII is collected on certain partner agency participants and is used to achieve second level of
authentication, which is required by CNA for the partner agency to verify that the same individual who’s created the
login account is, in fact, accessing the partner agency information and service. A typical transaction is completion
of digital forms to complete the assessment and required exhibits. Information is put in by the user in real time.

e. Do individuals have the opportunity to object to the collection of their PII?
If “Yes,” describe the method by which individuals can object to the PII collection.
If “No,” state the reason why individuals cannot object to the PII collection.

Yes

No

✔

The CNA eTool does not collect the SSN/TIN directly from the individuals, it is not the source system. The SSN/TIN
is transmitted electronically from the source systems (Active Partners Performance System (APPS) to the Secure
Systems (WASS) to the CNA e-Tool back end servers. The PII is not stored within CNA e-Tool

f. Do individuals have the opportunity to consent to the specific uses of their PII?

Yes

✔

No

If “Yes,” describe the method by which individuals can give or withhold their consent.
If “No,” state the reason why individuals cannot give or withhold their consent.
The CNA eTool does not collect the SSN/TIN directly from the individuals, it is not the source system. The SSN/TIN
is transmitted electronically from the source systems (Active Partners Performance System (APPS) to the Secure
Systems (WASS) to the CNA e-Tool back end servers. The PII is not stored within CNA e-Tool

g. When an individual is asked to provide PII, a Privacy Act Statement (PAS) and / or a Privacy
Advisory must be provided. (Check as appropriate and provide the actual wording)
☐ Privacy Act Statement
☐ Privacy Advisory
☐
✔ Not Applicable

h. With whom will the PII be shared through data exchange, both within your HUD Division and
outside your Division? (Check all that apply)
☐ Within the HUD Office / Division

✔ Other HUD Office(s) / Division(s)
☐
✔ Other federal agencies
☐

☐ State & local agencies

✔ Contractors (Include name of contractor and
☐

describe the language in the contract that safeguards
PII in the box below.)
☐ Other

HUD Office of the Chief Information Officer
United States Department of Agriculture (USDA)
TIN was only collected for testing purposes to
ensure the functionality would work for their future
on-boarding.
ticket was
already
opened to
Perspecta andAKPMG.
Privacy
Safeguards
FAR
permanently
delete
three
CNA's from the
52.239-1 Privacy
of their
Security
Safeguards
Production Database.

Needs Assessors. Look at ID.

i. Source(s) of the PII collected is / are: (Check all that apply & list all information systems if applicable)
☐ Databases
✔ Individuals
☐
☐ Publicly available data (e.g., obtained from
☐
✔ Existing HUD information systems
☐ Other Federal information systems

internet, news feeds, court records)

Individuals provide the information through Web Access Security Subsystem (WASS) that becomes accessible to
the CNA e-Tool. No paper records as this system automates that process.

j. How will the information be collected? (Check all that apply & list all Official Form Numbers if applicable)
☐ Email
☐ Face-to-face contact
☐ Fax
☐ Information sharing /system-to-system
✔
☐ Official form

☐ Telephone interview
✔ Website / e-form
☐
☐ Paper
☐ Other (if selected, enter information in the box )

Website / e-form has CNA data which has the name of the submitter (lenders and public housing agency).
Whereas information sharing / system-to-system does receive PII by the source systems. Here is the link to the
CNA e-Tool web page and attached is a screen shot of the CNA e-Tool data fields:
https://www.hud.gov/program_offices/housing/mfh/cna

2

k. Does this HUD information system or project require a Privacy Act System of Records Notice (SORN)?
A SORN is required if the information system or project contains information about U.S. citizens or lawful
permanent U.S. residents that is retrieved by name of another unique identifier. PIA and Privacy Act SORN
information must be consistent.
Yes

✔

No

If “Yes,” enter SORN System Identifier:
If a SORN has not yet been published in the Federal Register, enter date of submission for approval.
If "No," explain why the SORN is not required.
Information is not retrieved by PII.

l. What is the National Archive and Records Administration (NARA) approved, pending, or general
records schedule (GRS) disposition authority for the system or for the records maintained in the system?
(Please consult Office of Records Management to assure that the following information is accurate)
(1) NARA Job Number or GRS Authority: Appendix 10, item 7 & item 12; Appendix 12 item 9b; and Appendix
(2) If pending, provide the date the SF-115 was submitted to NARA: NA
(3) Retention instructions:
Appendix 10, item 7-Destroy 6 years after the Secretary ceases to have any liability and/or interest in the project;
Appendix 10, item 12-Destroy 3 years after the final audit; Appendix 12, item 9b-Cut off at end of the fiscal year in which
grant file is closed. Destroy 6 years and 3 month after cut off; Appendix 56, item 6b- Destroy 2 years after satisfactory
settlement of contract and close of final audit or cost certification.

m. What is the authority to collect information? A Federal law or Executive Order must authorize the
collection and maintenance of a system of records. For PII not collected or maintained in a system of
records, the collection or maintenance of the PII must be necessary to discharge the requirements of a statue
or Executive Order.
Title IV of the Housing and Community Development Act of 1992, as amended by the Multifamily Housing (MFH)
Property Disposition Reform of 1994 (P.L. 103-233); The Department of Housing and Urban Development (HUD)
regulations, at 24 CFR Part 401.450. The Housing Community Development Act of 1987, 42 U.S.C. 3543(a), requires as
a condition of program eligibility that applicants disclose his or her Social Security Number (SSN). 24 CFR, 401.450; 65
FR 15485, Mar. 22, 2000, as amended at 65, FR 53900; Housing Notice 2016-18; Mortgagee Letter 2016-26.
The Multifamily Accelerated Processing (MAP) Guide 4430G (Section 5G) outlines the program requirements.

n. Does this information system or project have an active and approved Office of Management and
Budget (OMB) Control Number?
This number indicates OMB approval to collect data from 10 or more members of the public in a 12-month
period regardless of form or format.
Yes No ✔ Pending
If “Yes,” list all applicable OMB Control Numbers, collection titles, and expiration dates.
If “No,” explain why OMB approval is not required in accordance with proper HUD authority.
If “Pending,” provide the date for the 60 and / or 30 day notice and the Federal Register citation.
OMB Control Number 2502-0505 - 08/31/2021. The 60 Day Notice published in the Federal Register at 85 FR 17596 on
March 30, 2020.
APPS also has an OMB Control Number 2502-0118 and that is their approved Paperwork Reduction Act (PRA). The
title is called Previous Participation Certification. (The PRA does not expire until 11-30-2022)

3

Section 2: PII Risk Review
a. What PII will be collected or maintained on the information system or project: (Check all that apply)
☐ Age
☐ Alias
☐ Audio Recordings
☐ Biometrical Identifiers (e.g.,
fingerpri nt(s), iris image)
☐ Certificates (e.g., birth, death,
marriage)
☐ Citizenship(s)
☐ Credit Card Number
☐ Criminal records information
☐ Date of Birth
☐ Device identifiers (e.g., mobile
devices)
☐ Drivers’ License / State ID
Number
☐ Education Records
✔
☐ Email Address(es)
☐ Employee Identification
Number

☐ Employment Status, History, or
Information (e.g., title, position)
☐ Fax Number
☐ Financial Information (e.g.,
credit report, account number)
☐ Foreign activities
✔
☐ Full Name
☐ Gender
☐ Geolocation Information
☐ Home Address
☐ Internet Cookie Containing PII
☐ Investigation Report or Database
☐ IP / MAC Address
☐ Legal Documents, Records
☐ Marital Status
☐ Military status or other
information
☐ Mother’s Maiden Name
☐ Passport Information

✔
☐ Phone Number(s)

☐ Photographic Identifiers (e.g.,
photograph, video, x-ray)
☐ Place of Birth
☐ Protected Health Information
(PHI)
☐ Race / Ethnicity
☐ Religion
☐ Salary
☐ Sex
✔
☐ Social Security Number
(SSN) (Full or in a ny form)
✔
☐ Taxpayer ID
✔
☐ User ID
☐ Vehicle Identifiers (e.g.,
license plate)
☐ Web uniform resource
locator(s)
✔
☐ Work Address
☐ Other (if selected, please
enter the information below)

b. If the SSN is collected, please list the proper HUD authority to do so.
The Housing Community Development Act of 1987, 42 U.S.C. 3543(a), requires as a condition of Mortgage
Insurance Program eligibility that applicants disclose his or her Social Security Number (SSN).

4

Section 3: PII Security Measures
a. How will the PII be secured? (Include any physical, administrative, technical controls, and other
controls place)
(1) Physical Controls. (Check all that apply)
Cipher locks
✔ Combination locks
✔ Key cards
✔ Security Guards

Closed Circuit TV
✔ Identification badges
Safes
✔ If Other, enter the information in the box below

The data center employs six layers of around-the-clock physical security: buffer zone, perimeter fencing, armed
security at all gates, roving armed guards, armed guards on data center floor space, and an access control system.

(2) Administrative Controls. (Check all that apply)
Backups Secured Off-Site
✔ Periodic Security Audits
Encryption of Backups
Regular Monitoring of Users' Security Practices
✔ Methods to Ensure Only Authorized
✔ If Other, enter the information in the box below
Personnel Access to PII
Access to PII is limited to individuals who have undergone pre-employment screening and who have demonstrated
need for access. Role-based security controls are assessed annually. The system accounts of users with access
to PII are reviewed quarterly and are re-certified annually.

(3) Technical Controls (Check all that apply)
Biometrics
Encryption of Data at Rest
✔ Firewall
✔ Role-Based Access Controls
Virtual Private Network (VPN)
✔ Encryption of Data in Transit
Used Only for Privileged (Elevated Roles)

Public Key Infrastructure Certificates
External Certificate Authority Certificates
✔ Least Privilege Access
✔ User Identification and Password
✔ PIV Card
Intrusion Detection System (IDS)
If Other, enter the information in the box below

Directory-based identity related authentication and authorization is used for all users accessing HUD's internal
network. Linux Security services employ system entry validation, individual accountability, and resource access
control to authenticate and authorize users accessing the system. The CNA e-Tool employs role-based access
b. What
/ safeguards
haveprivilege.
been put in place to address privacy risks for
controladditional
to achieve measures
separation of
duties and least

this information system or electronic collection?

Users are required to complete annual information security and privacy awareness training and sign a rules of
behavior before access or a role to CNA e-Tool will be granted. A ticket was already opened for Perspecta to
permanently delete USDA's three test CNA's out of the system which had only been entered for testing purpose to
ensureisthe
is in placewith
for their
on-boarding.
There
a risk that users may not fully understand
c. Where
PIIfunctionality
stored associated
thefuture
system?
(Check all
thatisapply)
that CNA is attempting to perform a second level identity proof on them so that they can access their information
✔ On a centralized
☐ In hard
copyTodocuments
☐
server
and services,
that this dataHUD
was used
as a part of the testing
process.
mitigate this risk, PII will no longer be
used☐
byOn
CNA
for testingHUD
purposes;
A ticket will be opened
for Perspecta
permanently
three tested CNA's
☐ Other
(Pleasetospecify
in the delete
box below)
individual
laptops
out of☐
the
Insystem
e-mailswhich had only been entered for testing purpose to ensure the functionality is in place for their
future on-boarding.

Please specify selection(s) made.

CNA e-Tool Infrastructure located on the Intranet, P282 and Azure Server (after the Production Environment is
created).

Indicate the assessment and authorization status:
✔ Authorization to Operate (ATO)

Date Granted: 11/25/19
Date Granted:
ATO with Conditions
Denial of Authorization to Operate (DATO) Interim Date Granted:
Date Granted:
Authorization to Test (ATT)

5

Section 4: Review and Approval Signatures
Completion of the PIA requires coordination by the System Manager, Information System Security Officer, Privacy Liaison Officer, Record Liaison Officer and HUD
Records Officer BEFORE it is sent to the HUD Privacy Office. HUD Privacy will review/forward to Senior Agency Official for Privacy for review/signature.

System Manager:
Name: Winfred Chan
Signature:

Digitally signed by: WINFRED CHAN
DN: CN = WINFRED CHAN C = US O = U.
S. Government OU = Department of
Housing and Urban Development, Office of
Housing
Date: 2020.03.26 13:23:36 -04'00'

WINFRED
CHAN
_____________________

Information System Security Officer:
Name: Joshua Curry

Signature:

Digitally signed by: JOSHUA CURRY
DN: CN = JOSHUA CURRY C = US O =
U.S. Government OU = Department of
Housing and Urban Development, Office
of Housing
Date: 2020.03.26 14:03:32 -04'00'

JOSHUA
CURRY
_____________________

3/26/20

Records Management Liaison Officer:
Name: Isaac Livingston

Signature:

Digitally signed by: ISAAC LIVINGSTON
DN: CN = ISAAC LIVINGSTON C = US O
= U.S. Government OU = Department of
Housing and Urban Development, Office
of Housing
Date: 2020.03.27 06:23:40 -04'00'

ISAAC
LIVINGSTON
___________________

3/27/20

Privacy Liaison Officer:
Name: Nadine Smith
Digitally signed by
NADINE
NADINE SMITH
Date: 2020.03.27
SMITH
Signature: _____________________
06:42:55 -04'00'

3/27/20

HUD Records Officer:
Name: Marcus Smallwood

Signature:

Digitally signed by: MARCUS SMALLWOOD
DN: CN = MARCUS SMALLWOOD C = US
O = U.S. Government OU = Department of
Housing and Urban Development, Office of
Administration
Date: 2020.03.27 08:02:32 -04'00'

MARCUS
SMALLWOOD
_____________________

3/27/20

HUD Chief Privacy Officer:
Name: LaDonne L. White

Signature:

Digitally signed by
LADONNE
LADONNE WHITE
Date: 2020.06.01 09:50:26
WHITE
-04'00'
_____________________

6/1/20

Senior Agency Official for Privacy or Designee:
Name: John Bravacos

Signature:

Digitally signed by JOHN
JOHN
BRAVACOS
2020.06.01 11:38:18
BRAVACOS Date:
-04'00'
_____________________

6/1/20

PIA NUMBER: HOU-2
PIA APPROVAL DATE 6/1/20
Once completed, only Section 1 of this PIA will be published to HUD's public website.

6