The agency will
not publish the data it receives and will not use this data to form
a justification for policy decisions using statistical
methods.
Inventory as of this Action
Requested
Previously Approved
04/30/2021
6 Months From Approved
166
0
0
111
0
0
0
0
0
The COVID-19 Contact Tracing Reporting
Form is a voluntary form that CISA will advertise through our
Regional Offices and during our frequent engagements with our
stakeholders. This collection is designed to allow affected parties
to voluntarily submit relevant evidence about their contact tracing
program. The information will allow the agency to develop best
practices and guidance on how to employ digital contact tracing
tools while mitigating security risks.
On April 16, 2020, the
White House issued “Opening Up America Again,” a set of Federal
guidelines for reopening the US economy with a three-phased
approach. One core State preparedness responsibility is the need
for contact tracing of individuals who test positive for, or are
symptomatic of, COVID-19. Digital Contact Tracing Tool (DCTT)
applications if not properly secured can pose a great threat to the
privacy, the personally identifiable information (PII), and
personal health information (PHI) of individuals and can pose an
equal threat to the computer systems of those operating those
tools. CISA under the Cybersecurity Information Sharing Act of 2015
and the Homeland Security Act, “is to provide best practices and
integrate relevant information, analysis, and vulnerability
assessments, regardless of whether the information, analysis, or
assessments are provided or produced by the Department, in order to
make recommendations, including prioritization, for protective and
support measures by the Department, other Federal Government
agencies, State, local, tribal, and territorial government agencies
and authorities, the private sector, and other entities regarding
terrorist and other threats to homeland security.” CISA cannot
advise on DCTT currently due to the patchwork nature of state and
business adoption of DCTT technologies and the lack of public
information available on the many DCTT applications. It is
imperative that cybersecurity best practices on the employment of
these new technologies be out while the use of DCTT is still
nascent.
On behalf of this Federal agency, I certify that
the collection of information encompassed by this request complies
with 5 CFR 1320.9 and the related provisions of 5 CFR
1320.8(b)(3).
The following is a summary of the topics, regarding
the proposed collection of information, that the certification
covers:
(i) Why the information is being collected;
(ii) Use of information;
(iii) Burden estimate;
(iv) Nature of response (voluntary, required for a
benefit, or mandatory);
(v) Nature and extent of confidentiality; and
(vi) Need to display currently valid OMB control
number;
If you are unable to certify compliance with any of
these provisions, identify the item by leaving the box unchecked
and explain the reason in the Supporting Statement.
Form DHS Form XXX (10/2 COVID-19 CONTACT TRACING REPORTING FORM
1670-NEW_COVID-19 Contact Tracing Reporting Form_2_ACTNMEM-v2.pdf
1670-NEW_COVID-19 Contact Tracing Reporting Form_1_SSA_v2.docx
COVID-19 CONTACT TRACING REPORTING FORM