Download:
pdf |
pdfPrivacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ANALYSIS (PTA)
This form serves as the official determination by the DHS Privacy Office to
identify the privacy compliance requirements for all Departmental uses of
personally identifiable information (PII).
A Privacy Threshold Analysis (PTA) serves as the document used to identify
information technology (IT) systems, information collections/forms, technologies,
rulemakings, programs, information sharing arrangements, or pilot projects that involve
PII and other activities that otherwise impact the privacy of individuals as determined by
the Chief Privacy Officer, pursuant to Section 222 of the Homeland Security Act, and to
assess whether there is a need for additional Privacy Compliance Documentation. A PTA
includes a general description of the IT system, information collection, form, technology,
rulemaking, program, pilot project, information sharing arrangement, or other Department
activity and describes what PII is collected (and from whom) and how that information is
used and managed.
Please complete the attached Privacy Threshold Analysis and submit it to your
component Privacy Office. After review by your component Privacy Officer the PTA is sent
to the Department’s Senior Director for Privacy Compliance for action. If you do not have a
component Privacy Office, please send the PTA to the DHS Privacy Office:
Senior Director, Privacy Compliance
The Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
Tel: 202-343-1717
[email protected]
Upon receipt from your component Privacy Office, the DHS Privacy Office will review this
form and assess whether any privacy compliance documentation is required. If compliance
documentation is required – such as Privacy Impact Assessment (PIA), System of Records
Notice (SORN), Privacy Act Statement, or Computer Matching Agreement (CMA) – the DHS
Privacy Office or component Privacy Office will send you a copy of the relevant compliance
template to complete and return.
Privacy Threshold Analysis – IC/Form
Page 1 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Privacy Threshold Analysis (PTA)
Specialized Template for
Information Collections (IC) and Forms
The Forms-PTA is a specialized template for Information Collections and Forms. This
specialized PTA must accompany all Information Collections submitted as part of the
Paperwork Reduction Act process (any instrument for collection (form, survey,
questionnaire, etc.) from ten or more members of the public). Components may use this PTA
to assess internal, component-specific forms as well.
Form Number:
CG-4423
Form Title:
Application for Marine Event
Component:
U.S. Coast Guard (USCG)
Office:
CG-WWM-1
IF COVERED BY THE PAPERWORK REDUCTION ACT:
Collection Title:
Click here to enter text.
OMB Control
Number:
Collection status:
Name:
Office:
Phone:
Name:
Office:
Phone:
Regattas and Marine
Parades
Extension
OMB Expiration
Date:
Date of last PTA (if
applicable):
October 31, 2020
November 4, 2016
PROJECT OR PROGRAM MANAGER
LT Urdley N. Smith Jr.
CG-WWM-1
Title:
Staff Officer
718-787-5135
Email:
[email protected]
COMPONENT INFORMATION COLLECTION/FORMS CONTACT
Albert Craig
CG-6P
Title:
PRA Coordinator
202-475-3528
Email:
[email protected]
Privacy Threshold Analysis – IC/Form
Page 2 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
SPECIFIC IC/Forms PTA QUESTIONS
1. Purpose of the Information Collection or Form
RENEWAL
Application for Marine Event (CG-4423) provides the Coast Guard with the minimum
information needed to identify the marine event and the event contact to consider
whether or not an event is likely to result in the loss of human life unless special
precautions are taken.
Marine events may actually block navigation channels or cause interference with
adjacent vessel traffic or with the ability of larger commercial vessels to safely navigate
designated shipping lanes. Also, adjacent vessel traffic may interfere with the safety or
conduct of the marine event.
CG Form 4423 contains basic business contact information which may include the name,
address, phone number, city and state of any event sponsor wishing to conduct activity
that may block, or impede safe navigation on the navigable waters of the United States.
14 U.S.C. § 505; 33 U.S.C. § 1233; 46 U.S.C. §§ 3717, 12501; 33 CFR 100 are the USCG
authorites for this collection.
Records are maintained in accordance with NARA record retention schedule: N1-026-05015.
2. Describe the IC/Form
a. Does this form
X Yes
collect any
☐ No
Personally
Identifiable
Information”
(PII1)?
1
Personally identifiable information means any information that permits the identity of an individual to be directly or indirectly inferred, including
any other information which is linked or linkable to that individual regardless of whether the individual is a U.S. citizen, lawful permanent resident,
visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Page 3 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
b. From which
type(s) of
individuals
does this form
collect
information?
(Check all that
apply.)
c. Who will
complete and
submit this
form? (Check
all that apply.)
d. How do
individuals
complete the
form? Check
all that apply.
XMembers of the public
X U.S. citizens or lawful permanent residents
☐ Non-U.S. Persons.
☐ DHS Employees
☐ DHS Contractors
☐ Other federal employees or contractors.
X The record subject of the form (e.g., the individual
applicant).
☐ Legal Representative (preparer, attorney, etc.).
☐ Business entity.
If a business entity, is the only information collected
business contact information?
☐ Yes
☐ No
☐ Law enforcement.
☐ DHS employee or contractor.
☐ Other individual/entity/organization that is NOT the
record subject. Please describe.
Click here to enter text.
x Paper.
x Electronic. (ex: fillable PDF)
x Online web form. (available and submitted via the
internet)
Provide link:
https://homeport.uscg.mil/Pages/MarineEventFormSubmission.aspx#
e. What information will DHS collect on the form? List all PII data elements on the
form. If the form will collect information from more than one type of individual,
please break down list of data elements collected by type of individual.
Name, address, phone number, and city and state any event sponsor wishing to conduct
activity that may block, or impede safe navigation on the navigable waters of the United
States.
Privacy Threshold Analysis – IC/Form
Page 4 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
f. Does this form collect Social Security number (SSN) or other element that is
stand-alone Sensitive Personally Identifiable Information (SPII)? Check all that
apply. N/A.
☐ Social Security number
☐ DHS Electronic Data Interchange Personal
Identifier (EDIPI)
☐ Alien Number (A☐ Social Media Handle/ID
Number)
☐ Tax Identification
☐ Known Traveler Number
Number
☐ Trusted Traveler Number (Global Entry, Pre☐ Visa Number
Check, etc.)
☐ Passport Number
☐ Driver’s License Number
☐ Bank Account, Credit
☐ Biometrics
Card, or other financial
account number
☐ Other. Please list:
g. List the specific authority to collect SSN or these other SPII elements.
N/A
h. How will this information be used? What is the purpose of the collection?
Describe why this collection of SPII is the minimum amount of information
necessary to accomplish the purpose of the program.
N/A
i.
Are
individuals
provided
notice at the
time of
collection by
DHS (Does the
records
subject have
notice of the
Privacy Threshold Analysis – IC/Form
x Yes. Please describe how notice is provided.
The Privacy Act Statement is placed on the bottom of Form
CG-4423.
☐ No.
Page 5 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
collection or
is form filled
out by third
party)?
3. How will DHS store the IC/form responses?
a. How will DHS store
☐ Paper. Please describe.
the original,
Click here to enter text.
completed IC/forms?
X Electronic. Please describe the IT system that will
store the data from the form.
Marine Information for Safety and Law
Enforcement (MISLE)
x Scanned forms (completed forms are scanned into
an electronic repository). Please describe the
electronic repository.
Scanned forms are entered into the USCG Marine
Information for Safety and Law Enforcement (MISLE)
database.
b. If electronic, how
does DHS input the
responses into the IT
system?
x Manually (data elements manually entered). Please
describe.
Authorized USCG personnel manually enters
scanned documents into the MISLE database.
☐ Automatically. Please describe.
Click here to enter text.
c. How would a user
search the
information
submitted on the
forms, i.e., how is the
information
retrieved?
X By a unique identifier.2 Please describe. If
information is retrieved by personal identifier, please
submit a Privacy Act Statement with this PTA.
Information is retrieved by the MISLE Activity
Number.
Click here to enter text.
☐ By a non-personal identifier. Please describe.
2
Generally, a unique identifier is considered any type of “personally identifiable information,” meaning any information that permits the identity
of an individual to be directly or indirectly inferred, including any other information which is linked or linkable to that individual regardless of
whether the individual is a U.S. citizen, lawful permanent resident, visitor to the U.S., or employee or contractor to the Department.
Privacy Threshold Analysis – IC/Form
Page 6 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
d. What is the records
N1-026-05-015.
retention
schedule(s)? Include
the records schedule
number.
e. How do you ensure
As records are maintained in the MISLE database,
that records are
disposal/deletion is in accordance with the business
disposed of or deleted
rules for the database.
in accordance with
the retention
schedule?
f. Is any of this information shared outside of the original program/office? If yes,
describe where (other offices or DHS components or external entities) and why.
What are the authorities of the receiving party?
x Yes, information is shared with other DHS components or offices. Please describe.
The information is not explicitly shared, but is accessible to MISLE users if they
choose to search for specific information regarding Marine Event Permits. The
form is typically scanned and uploaded to the corresponding MISLE activity
report.
☐ Yes, information is shared external to DHS with other federal agencies, state/local
partners, international partners, or non-governmental entities. Please describe.
Click here to enter text.
☐ No. Information on this form is not shared outside of the collecting office.
Please include a copy of the referenced form and Privacy Act Statement (if
applicable) with this PTA upon submission.
Privacy Threshold Analysis – IC/Form
Page 7 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD REVIEW
(TO BE COMPLETED BY COMPONENT PRIVACY OFFICE)
Component Privacy Office Reviewer:
A.L. Craig
Date submitted to component Privacy
Office:
Date submitted to DHS Privacy Office:
June 22, 2020
Have you approved a Privacy Act
Statement for this form? (Only
applicable if you have received a
waiver from the DHS Chief Privacy
Officer to approve component Privacy
Act Statements.)
October 26, 2020
X Yes. Please include it with this PTA
submission.
☐ No. Please describe why not.
Click here to enter text.
Component Privacy Office Recommendation:
Renewal
The USCG is renewing the Application for Marine Event (CG-4423) PTA.
Application for Marine Event (CG-4423) provides the Coast Guard with the minimum
information needed to identify the marine event and the event contact to consider whether
or not an event is likely to result in the loss of human life unless special precautions are
taken.
Marine events may actually block navigation channels or cause interference with adjacent
vessel traffic or with the ability of larger commercial vessels to safely navigate designated
shipping lanes. Also, adjacent vessel traffic may interfere with the safety or conduct of the
marine event.
CG Form 4423 contains basic business contact information which may include the name,
address, phone number, city and state of any event sponsor wishing to conduct activity that
may block, or impede safe navigation on the navigable waters of the United States.
14 U.S.C. § 505; 33 U.S.C. § 1233; 46 U.S.C. §§ 3717, 12501; 33 CFR 100 are the USCG
authorites for this collection.
Privacy Threshold Analysis – IC/Form
Page 8 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
Records are maintained in accordance with NARA record retention schedule: N1-026-05015.
CG-4423 is a privacy sensitive CG-Form with records maintained in the Marine Information
for Safety and Law Enforcement system. This collection is covered by DHS/USCG/PIA-008
and DHS/USCG-013.
Privacy Threshold Analysis – IC/Form
Page 9 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PRIVACY THRESHOLD ADJUDICATION
(TO BE COMPLETED BY THE DHS PRIVACY OFFICE)
DHS Privacy Office Reviewer:
Kattina Do
DHS Privacy Office Approver (if applicable):
PCTS Workflow Number:
Date approved by DHS Privacy Office:
PTA Expiration Date
Max Binstock
0014787
October 27, 2020
October 27, 2023
DESIGNATION
Privacy Sensitive IC or
Form:
Yes If “no” PTA adjudication is complete.
Determination:
☐ PTA sufficient at this time.
☐ Privacy compliance documentation determination in
progress.
☐ New information sharing arrangement is required.
☐ DHS Policy for Computer-Readable Extracts Containing SPII
applies.
☒☐ Privacy Act Statement required.
☒☐ Privacy Impact Assessment (PIA) required.
☒☐ System of Records Notice (SORN) required.
☐ Specialized training required.
☐ Other. Click here to enter text.
DHS IC/Forms Review:
DHS PRIV has approved this ICR/Form.
Date IC/Form Approved October 27, 2020
by PRIV:
IC/Form PCTS Number: CG-4423
Privacy Act
New e(3) statement is required.
Statement:
Click here to enter text.
PTA:
Choose an item.
Click here to enter text.
Privacy Threshold Analysis – IC/Form
Page 10 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
PIA:
System covered by existing PIA
If covered by existing PIA, please list:
• DHS/USCG/PIA-008 Marine Information for Safety and Law
Enforcement (MISLE)
If a PIA update is required, please list: Click here to enter text.
SORN:
System covered by existing SORN
If covered by existing SORN, please list:
• DHS/USCG-013 Marine Information for Safety and Law
Enforcement (MISLE), June 25, 2009 74 FR 30305
If a SORN update is required, please list: Click here to enter text.
DHS Privacy Office Comments:
Please describe rationale for privacy compliance determination above.
USCG is submitting this renewal PTA to discuss Application for Marine Event, Form
CG-4423. This provides the Coast Guard with the minimum information needed to
identify the marine event and the event contact to consider whether or not an event
is likely to result in the loss of human life unless special precautions are taken. CG4423 contains basic business contact information which may include the name,
address, phone number, city and state of any event sponsor wishing to conduct
activity that may block, or impede safe navigation on the navigable waters of the
United States.
The DHS Privacy Office (PRIV) agrees that this form is privacy-sensitive, requiring
PIA coverage because PII is collected from members of the public and U.S. citizens or
lawful permanent residents.
PRIV agrees with USCG Privacy that PIA coverage is provided by DHS/USCG/PIA-008
Marine Information for Safety and Law Enforcement (MISLE), which assess the
collection of information, including PII, associated with vessels as well as
investigatory information.
PRIV agrees with USCG Privacy that SORN coverage is required because information
is being retrieved by a unique identifier. PRIV also agrees with USCG Privacy that
SORN coverage is provided by DHS/USCG-013, which outlines the Coast Guard’s
collection and maintenance of records related to safety, security and law
enforcement performance history of vessels, facilities, people and organizations
engaged in marine transportation, including enforcement action, that can be used to
Privacy Threshold Analysis – IC/Form
Page 11 of 12
Version number: 04-2016
�Privacy Office
U.S. Department of Homeland Security
Washington, DC 20528
202-343-1717, [email protected]
www.dhs.gov/privacy
identify and address safety, security and environmental risks and to establish vessel
eligibility for documentation as a U.S. flag vessel.
PRIV requires USCG update the SORN as under OMB Memorandum M-17-12, the
SAOP shall ensure that all agency Privacy Act SORNs include routine uses for the
disclosure of information necessary to respond to a breach either of the agency’s PII
or, as appropriate, to assist another agency in its response to a breach.
USCG has also submitted a sufficient Privacy Act Statement with this PTA. However,
the Privacy Act Statement needs to be updated in the form (CG-4423).
Privacy Threshold Analysis – IC/Form
Page 12 of 12
Version number: 04-2016
�
| File Type | application/pdf |
| File Modified | 2020-10-27 |
| File Created | 2020-10-27 |