Privacy Impact Assessment

Save

Privacy Impact Assessment Form
v 1.21
Status

Form Number

0920-1046

Form Date

Question

Answer

1

OPDIV:

CDC

2

PIA Unique Identifier:

TBD

2a Name:

08/21/18

National Breast and Cervical Cancer Early Detection Program (N
General Support System (GSS)
Major Application

3

Minor Application (stand-alone)

The subject of this PIA is which of the following?

Minor Application (child)
Electronic Information Collection
Unknown

3a

Identify the Enterprise Performance Lifecycle Phase
of the system.

Initiation
Yes

3b Is this a FISMA-Reportable system?

4

Does the system include a Website or online
application available to and for the use of the general
public?

5

Identify the operator.

6

Point of Contact (POC):

7

Is this a new or existing system?

8

Does the system have Security Authorization (SA)?

8b Planned Date of Security Authorization

No
Yes
No
Agency
Contractor
POC Title

Health Scientist

POC Name

Dara Schlueter

POC Organization NCCDPHP/DCPC
POC Email

[email protected]

POC Phone

404-498-1782
New
Existing
Yes
No

TBD
Not Applicable

Page 1 of 4

Save
8c

Briefly explain why security authorization is not
required

A separate PIA will be completed for the IT system once OMB
approval is granted.

10

Describe in further detail any changes to the system
that have occurred since the last PIA.

N/A. There is not a previously approved PIA.

11 Describe the purpose of the system.

CDC is required to monitor and evaluate processes and
outcomes related to the National Breast and Cervical Cancer
Early Detection Program (NBCCEDP). To fulfill this mandate,
information will be collected from the 70 grantee institutions
(states, territories, tribal organizations and the District of
Columbia) participating in the CDC-funded NBCCEDP.
This information will help to identify successful activities that
need to be maintained, replicated, or expanded, as well as
provide insight into areas needing improvement. It will also
strengthen CDC’s ability to accurately demonstrate program
processes and results to stakeholders.
In an annual survey, grantees will be asked about their: (1)
management, program, and evaluation challenges; (2)
program resources; (3) partnerships; (4) health systems change
for breast and cervical cancer screening delivery; (5) evidence
based intervention (EBI) implementation for health systems
change; and (6) use of other strategies for sustainable cancer
control.

Describe the type of information the system will
collect, maintain (store), or share. (Subsequent
12
questions will identify if this information is PII and ask
about the specific data elements.)
In addition, grantees will report on their clinical health systems
partners' use of evidence-based interventions, patient
population characteristics, and breast and cervical cancer
screening rates at primary care clinic sites.
No personally identifiable information will be collected.

Page 2 of 4

Save
In an annual survey, grantees will be asked about their: (1)
management, program, and evaluation challenges, (2)
program resources, (3) partnerships, (4) health systems change
for breast and cervical cancer screening delivery, (5) evidencebased intervention implementation for health systems change,
and (6) use of other strategies for sustainable cancer control.
In addition, grantees will report on their clinical health systems
partners' use of evidence-based interventions, patient
population characteristics, and breast and cervical cancer
screening rates at primary care clinic sites.
Provide an overview of the system and describe the
13 information it will collect, maintain (store), or share,
either permanently or temporarily.

These data items will be collected because the program has an
emphasis on health systems change to improve impact.
Descriptive (summary) statistics will be calculated separately
for breast and cervical cancer screening. This information will
be used by CDC to better understand the range of experiences
among grantees as an input into its programmatic decisionmaking. The summary findings will be reported back to the
grantees to help them identify successful implementation
models and focus networking for shared experiences, lessons
learned, and best practices.
No personally identifiable information will be collected.
The data sets will not be shared with other entities.

14 Does the system collect, maintain, use or share PII?

Yes
No

REVIEWER QUESTIONS: The following section contains Reviewer Questions which are not to be filled out unless the user is an OPDIV
Senior Officer for Privacy.

Reviewer Questions
1

Are the questions on the PIA answered correctly, accurately, and completely?

Answer
Yes
No

Reviewer
Notes
2

Does the PIA appropriately communicate the purpose of PII in the system and is the purpose
justified by appropriate legal authorities?

Yes

Do system owners demonstrate appropriate understanding of the impact of the PII in the
system and provide sufficient oversight to employees and contractors?

Yes

No

Reviewer
Notes
3

No

Reviewer
Notes
4

Does the PIA appropriately describe the PII quality and integrity of the data?

Yes
No

Reviewer
Notes

Page 3 of 4

Save
Reviewer Questions
5

Answer
Yes

Is this a candidate for PII minimization?

No

Reviewer
Notes
6

Does the PIA accurately identify data retention procedures and records retention schedules?

Yes
No

Reviewer
Notes
7

Are the individuals whose PII is in the system provided appropriate participation?

Yes
No

Reviewer
Notes
8

Does the PIA raise any concerns about the security of the PII?

Yes
No

Reviewer
Notes
9

Is applicability of the Privacy Act captured correctly and is a SORN published or does it need
to be?

Yes
No

Reviewer
Notes
10

Is the PII appropriately limited for use internally and with third parties?

Yes
No

Reviewer
Notes
11

Does the PIA demonstrate compliance with all Web privacy requirements?

Yes
No

Reviewer
Notes
12

Were any changes made to the system because of the completion of this PIA?

Yes
No

Reviewer
Notes

General Comments

OPDIV Senior Official
for Privacy Signature

This PIA reflects the described information collection only. See Item 8C

Beverly E.
Walker -S

Digitally signed by
Beverly E. Walker -S
Date: 2018.08.21
19:38:41 -04'00'

HHS Senior
Agency Official
for Privacy

Page 4 of 4