Complete this document and send it to your Office or Bureau Privacy Officer. Upon receipt, your Privacy Officer will review the document, may request additional information, and determine if a full Privacy Impact Assessment (PIA) is required.
1, Office or Bureau: OCC
2. Date Submitted for Review:
3. Name of Project: OLCC (Online Consumer Complaint form)
4. OMB Unique Identifier: 1557-0232
5. Type of Project/Program
☐ Information Technology |
☐ Government-owned web site |
☒ Information System |
☐ Other Project/Program (type) _____________ |
☐ Information Collection subject to the PRA |
☐ Other Project/Program (type) _____________ |
Provide a general description of the project or system and its purpose in non-technical terms.
The customer complaint form was developed as a courtesy for those that contact the Office of the Comptroller of the Currency’s (OCC) Customer Assistance Group (CAG) and wish to file a formal, written complaint. The form allows the consumer to focus their issues and provide a complete picture of their concerns, but is entirely voluntary. It is designed to prevent having to go back to the consumer for additional information, which delays the process. Completion of the form allows the CAG to process the complaint more efficiently.
This collection of information is solicited pursuant to the Federal Trade Commission Act, 15 U.S.C. 57a(f)(1), the purpose of which is to prevent unfair or deceptive acts or practices in or affecting commerce, including acts or practices which are unfair or deceptive to consumers by banks. Agencies must establish a separate division of consumer affairs to receive and take appropriate action upon complaints with respect to such acts or practices by banks subject to its jurisdiction.
The Customer Assistance Group will use the information to create a record of the consumer’s contact, including capturing information that can be used to resolve the consumer’s issues and provide a database of information that is incorporated into the OCC’s supervisory process.
Developmental Stage of System/Project
☐ This is a new development effort |
☒ This is an existing project
|
Date first developed: 2009
Date PIA/PCLIA last updated: See the CAG Remedy PIA dated September 5, 2012.
Information Collected, Maintained, Used or Disseminated by the system or project.
Please select the appropriate boxes below to identify the types or groupings of information collected by the IT system/project. If the IT system/project uses groupings or information that are not listed below, please add them using the additional spaces provided.
Biographical/General Information Regarding Individuals |
||
☒ Name |
☐ Gender |
☐ Group/Organization Membership |
☐ Birth Date |
☐ Race/Ethnicity |
☐ Military Service Information |
☒ Home Physical Mailing Address |
☐ Citizenship |
☐ Marital Status |
☒ Personal Cell Number |
☐ Nationality |
☐ Mother’s Maiden Name |
☒ Personal Home Phone or Fax Number |
☐ Country of Birth |
☐ Spouse Information |
☒ Personal e-mail address |
☐ City or County of Birth |
☐ Children Information |
☐ Alias (including nickname) |
☐ Immigration Status |
☐ Information about other relatives. |
☐ Education Information |
☐ Religion/Religious Preference |
☐ References or other information about an individual’s friends, associates or acquaintances. |
☒ Personal Financial Information (including loan information) |
☐ Passport Information |
☐ Global Positioning System (GPS)/Location Data |
☐ Sexual Orientation |
☐ User names, avatars etc. |
☐ Secure Digital (SD) Card or Other Data stored on a card or other technology |
☐ Cell tower records (e.g., logs. user location, time etc.) |
☐ Contact lists and directories |
☐ Other (please describe) ----------------------- |
☐ Network communications data |
☐ Device settings or preferences (e.g., security level, sharing options, ringtones). |
☐ Other (please describe) ----------------------- |
Identifying Numbers Assigned to Individuals |
|
☒ Full Social Security Number |
☒ Personal Bank Account Number |
☒ Truncated Social Security Number (e.g., last 4 digits) |
☐ Health Plan Beneficiary Number |
☐ Employee Identification Number |
☒ Credit Card Number |
☐ Taxpayer Identification Number |
☐ Patient ID Number |
☐ File/Case ID Number |
☐ Vehicle Identification Number |
☐ Alien Registration Number |
☐ Driver’s License Number |
☐ Personal device identifiers or serial numbers |
☐ License Plate Number |
☐ Internet Protocol (IP) Address (where known to belong to an individual or unknown whether the IP address belongs to an individual or organization) |
☐ Professional License Number |
☐ Other (please describe):___________________ |
|
Medical/Emergency Information Regarding Individuals |
||
☐ Medical/Health Information |
☐ Worker’s Compensation Act Information |
☐ Patient ID Number |
☐ Mental Health Information |
☐ Disability Information |
☐ Emergency Contact Information (e.g., a third party to contact in case of emergency) |
☐ Other (please describe): ____________________________________________________ |
||
Biometrics/Distinguishing Features/Characteristics of Individuals |
||
☐ Physical description/ characteristics (e.g. hair, eye color, weight, height, sex, gender etc.) |
☐ Signatures |
☐ Vascular scans |
☐ Fingerprints |
☐ Photos |
☐ Retina/Iris Scans |
☐ Palm prints |
☐ Video |
☐ Dental Profile |
☐ Voice audio recording |
☐ Scars, marks, tattoos |
☐ DNA Sample or Profile |
☐ Other (please describe): ______________________ |
☐ Other (please describe): ______________________ |
☐ Other (please describe): ______________________ |
Specific Information/File Types That Include Information Regarding Individuals |
||
☐ Taxpayer Information/Tax Return Information |
☐ Law Enforcement Information |
☐ Security Clearance Information |
☐ Civil/Criminal History Information/Police Records |
☐ National Security/Classified Information |
☐ Bank Secrecy Act Information |
☐ Protected Information (as defined in Treasury Directive 25-10) |
☐ Case files |
☐ Personnel Files |
☐ Information provided under a confidentiality agreement |
☐ Information subject to the terms of an international or other agreement |
☐ Other (please describe): ______________________ |
Audit Log and Security Monitoring Information |
||
☐ User ID assigned to a user of Treasury IT |
☐ Date and time an individual accesses a facility, system, or other IT |
☐ Files accessed by a user of Treasury IT |
☐ Passwords generated by a user of Treasury IT |
☐ Internet or other queries run by a user of Treasury IT |
☐ Contents of files accessed by a user of Treasury IT |
☐ Video of individuals derived from security cameras |
☐ Biometric information used to access Treasury facilities or IT |
☐ Public Key Information. |
☐ Information revealing an individual’s presence in a particular location as derived from security token/key fob, employee identification card scanners or other IT or devices |
☐ Still photos of individuals derived from security cameras. |
☐ Other (please describe): _____________________________ |
Other |
|
☐ Other (please describe: ________________ |
☐ Other (please describe: ________________ |
☐ Other (please describe: ________________ |
☐ Other (please describe: ________________ |
What is the current status of the system or project with respect to its collection, maintenance, use or dissemination of PII?
(Please read all options and select “Yes” for each statement that is true and “No” for each statement that is false) (all boxes must be completed)
☐ Yes ☒ No The project is in the process of developing or procuring IT systems or projects that collect, maintain, or disseminate PII from or about members of the public, including government personnel, interns, and/or government contractors and consultants |
☐ Yes ☒ No This is an existing system or project that previously did not collect, maintain, use or disseminate PII, but is undergoing a system or process modification that will require the collection, maintenance, use, or dissemination of PII |
☐ Yes ☒ No The system or project is initiating, consistent with the Paperwork Reduction Act (PRA), a new collection of PII for 10 or more persons (excluding agencies, instrumentalities, or employees of the federal government) |
☒ Yes ☐ No The system or project is government-run public websites where the user is asked to provide information for purposes other than merely providing feedback (e.g., questions or comments) or obtaining additional information from Treasury |
☐ Yes ☒ No The system or project is a national security system (as defined in TD P 25-07) that contains PII |
☒ Yes ☐ No The system or project maintains, uses, and/or disseminates PII after it is collected from a Treasury website |
☐ Yes ☒ No The system or project is a government-run website that collects or maintains PII about members of the general public, government personnel, or government contractors and consultants |
☐ Yes ☒ No The system or project collects, maintains, uses, and/or disseminates PII related to internal government operations. |
☒ Yes ☐ No The system or project is a Federal information system that collects or maintains PII about members of the general public, government personnel, or government contractors and consultants |
☒ Yes ☐ No The system or project involves the collection, maintenance, use or dissemination of PII, and all elements of a PCLIA are not covered in another agreement or document |
☒ Yes ☐ No The system or project is a Treasury IT system, that collects or maintain PII about members of the general public, government personnel, or government contractors and consultants |
☐ Yes ☒ No The system or project is undergoing major modifications or other modifications that may create new privacy risks (this could occur when adding news types of PII that create new risks [e.g., health information], converting from paper to electronic, collecting information from new sources [including commercial sources], merging information from new databases, altering user-authentication technology, expanding access to new groups of users) |
☐ Yes ☒ No The system or project is part of a cross-agency initiative (including those that further electronic government) in which a Treasury bureau or office is the lead agency. |
☐ Yes ☒ No The system or project maintains records describing how an individual exercises rights guaranteed by the First Amendment (including, but not limited to information regarding religious and political beliefs, freedom of speech and of the press, and freedom of assembly and petition)." |
Has this system acquired certification and accreditation/Security Assessment and Authorization?
☐ Yes |
☐ No |
☒ Do not know |
Please indicate the determinations for each of the following:
Confidentiality |
☐ Low |
☒ Moderate |
☐ High |
☐ Undefined |
Integrity: |
☐ Low |
☒ Moderate |
☐ High |
☐ Undefined |
Availability: |
☐ Low |
☒ Moderate |
☐ High |
☐ Undefined |
Please answer the following questions regarding the system or project:
Was a PIA or PCLIA previously conducted for this system or project? |
☐ Yes ☒ No |
If yes, on what date was the previous PIA/PCLIA completed? |
Date: |
Was a system of records notice (SORN) (if required under the Privacy Act) published in the Federal Register with respect to any of the information maintained by the system or project? |
☒ Yes ☐ No |
If yes, please provide a Federal Register citation for the SORN. |
Federal Register Citation: 77 FR 37475 |
(To be completed by the Office or Bureau Privacy Officer)
Date Reviewed: _______________________
Privacy Officer Name: ___________________________________
ADDITIONAL COMMENTS:
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | OPTR |
| File Modified | 0000-00-00 |
| File Created | 2021-01-13 |