Privacy Act Checklist

Privacy Act Checklist.docx

Emerging Infections Program

Privacy Act Checklist

OMB: 0920-0978

⚠️ Notice: This form may be outdated. More recent filings and information on OMB 0920-0978 can be found here:

2023-12-29 - No material or nonsubstantive change to a currently approved collection
2023-09-12 - No material or nonsubstantive change to a currently approved collection

Document [docx]

Download: docx | pdf

Emerging Infections Program (0920-0978)

Privacy Act Checklist

This submission has been reviewed by NCEZID who determined that the Privacy Act does not apply.

Privacy Impact Assessment Information

Respondents are informed about the voluntary nature of their response.

For FluSurv-NET, consent forms are obtained from patients undergoing telephone interview for influenza vaccination history. Copies of the consent form will be retained at the participating site and will not be submitted to CDC. CDC only receives vaccine status information and does not receive any personally identifiable information.

For the medical review component of HAIC, consent is not applicable as EIP personnel perform review of existing medical record data in participating facilities or via remote access and submit these data to CDC in a secure manner, as described previously, without having any interaction with individual patients. Information received by CDC are stored in secure databases (certification and accreditation at appropriate level according to current information security procedures and standards) or will be uploaded by EIP site personnel to site-specific encrypted, secure CDC FTP sites or other secure sites meeting current information security requirements. Case-specific information received by CDC will be provided only to those individuals at CDC with a need to know.

Project case report forms maintained by each participating site will not be submitted to CDC, and will remain in a locked, secure location, available only to a minimum number of local project staff, and will not be reused or disclosed to any other person or entity except as required by law, for authorized oversight of the surveillance project, or for other research for which the use or disclosure of protected health information would be permitted. Each participating EIP site will destroy identifiers at the earliest opportunity, unless there is a public health justification for retaining the identifiers or are required to by law.

To comply with OMB’s terms of clearance from the September 13, 2018 change request, four Privacy Impact Assessments (Atts. 29, 30, 31, and 32)—one for each of the four activities—are included with this submission.

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
Author	Samuel, Lee (CDC/DDID/NCEZID/OD)
File Modified	0000-00-00
File Created	2021-01-13