Pia

Save

Privacy Impact Assessment Form
v 1.47.4
Status Draft

Form Number

F-49638

Form Date

Question

Answer

1

OPDIV:

CDC

2

PIA Unique Identifier:

P-8762442-963903

2a Name:

6/10/2020 1:51:54 PM

Community Based Survey Supports for Healthy Eating and
Active Living (CBS SHEAL)
General Support System (GSS)
Major Application

3

Minor Application (stand-alone)

The subject of this PIA is which of the following?

Minor Application (child)
Electronic Information Collection
Unknown

3a

Identify the Enterprise Performance Lifecycle Phase
of the system.

Development
Yes

3b Is this a FISMA-Reportable system?

4

Does the system include a Website or online
application available to and for the use of the general
public?

5

Identify the operator.

6

Point of Contact (POC):

7

Is this a new or existing system?

8

Does the system have Security Authorization (SA)?

8b Planned Date of Security Authorization

No
Yes
No
Agency
Contractor
POC Title

ISSO

POC Name

Cindy Allen

POC Organization NCCDPHP
POC Email

[email protected]

POC Phone

770-488-5388
New
Existing
Yes
No
August 14, 2020
Not Applicable

Page 1 of 8

Save
Community Based Survey Supports for Healthy Eating and
Active Living (CBS SHEAL) is designed to collect survey
responses via web-based and telephone from an identified
nationally representative baseline database on local
government policies and practices to support healthy eating
and active living.
11 Describe the purpose of the system.

The survey will contribute for a better understanding of
Complete Street policies, shared use agreements between
municipalities and public schools, and nutrition standards in
municipal government buildings. Also, it provides a national
data point to determine trends in community-based support
for healthful eating and physical activity for further data
collection for jurisdictions to help improve the health of their
communities.
CBS SHEAL Survey is a web portal that collects specific
community-wide planning documents, policies or standards
that support physical activity within the community, zoning
and design or development codes, transportation policies, the
availability of healthy food options, and policies related to
employee breastfeeding.

Participants communications include the survey invitation
letter, reminder letters, and reminder emails and personalized
with respondent name, web survey link and individual PIN, as
well as a link to the letter of support. If the name of the
appropriate official is not publicly available, the contractor will
Describe the type of information the system will
address the official by title. It also includes the basic
collect, maintain (store), or share. (Subsequent
12
questions will identify if this information is PII and ask information such as community name, mailing address, phone
number, and email address for the sampled individuals, as well
about the specific data elements.)
as other information needed for tracking response rates by
sample batch and sampling strata.
The study is administered by a indirect contractor of CDC
whose staff access their corporate network with 2-factor
authentication prior to being able to access the system. The
system collects and maintains information (name, email
address, and phone number) for those staff to be used to issue
their user credentials (username and password) for system
authentication purposes. CDC users are authenticated via
Active Directory (AD). AD is a separate system covered by a
separate PIA.

Page 2 of 8

Save
CBS SHEAL is designed to collect and store specific
community-wide planning documents, policies or standards
that support physical activity within the community, zoning
and design or development codes, transportation policies, the
availability of healthy food options, and policies related to
employee breastfeeding and baseline data on local
government policies and practices to support healthy eating
and active living.
The system is composed of a commercially available software
(VOXCO) which used to conduct and house web-based and
telephone questionnaires.

Provide an overview of the system and describe the
13 information it will collect, maintain (store), or share,
either permanently or temporarily.

Participants communications include the survey invitation
letter, reminder letters, and reminder emails and personalized
with respondent name, web survey link and individual PIN, as
well as a link to the letter of support. If the name of the
appropriate official is not publicly available, the contractor will
address the official by title. It also includes the basic
information such as community name, mailing address, phone
number, and email address for the sampled individuals, as well
as other information needed for tracking response rates by
sample batch and sampling strata.
Authorization to the data will be given only to those who work
on the project. Data will be stored for the amount of time as
specified in the contract for the project. The study is
administered by a indirect contractor of CDC whose staff
access their corporate network with 2-factor authentication
prior to being able to access the system. The system collects
and maintains information (name, email address, and phone
number) for those staff to be used to issue their user
credentials (username and password) for system
authentication purposes. CDC users are authenticated via
Active Directory (AD). AD is a separate system covered by a
separate PIA.

14 Does the system collect, maintain, use or share PII?

Yes
No

Page 3 of 8

Save

15

Indicate the type of PII that the system will collect or
maintain.

Social Security Number

Date of Birth

Name

Photographic Identifiers

Driver's License Number

Biometric Identifiers

Mother's Maiden Name

Vehicle Identifiers

E-Mail Address

Mailing Address

Phone Numbers

Medical Records Number

Medical Notes

Financial Account Info

Certificates

Legal Documents

Education Records

Device Identifiers

Military Status

Employment Status

Foreign Activities

Passport Number

Taxpayer ID
User credentials
Personal Identification Number (PIN)

Employees
Public Citizens
16

Business Partners/Contacts (Federal, state, local agencies)

Indicate the categories of individuals about whom PII
is collected, maintained or shared.

Vendors/Suppliers/Contractors
Patients
Other

17 How many individuals' PII is in the system?
18 For what primary purpose is the PII used?
19

Describe the secondary uses for which the PII will be
used (e.g. testing, training or research)

500-4,999
PII will be used to contact respondents
There are no secondary uses for PII.

20 Describe the function of the SSN.

N/A

20a Cite the legal authority to use the SSN.

N/A

21

Identify legal authorities governing information use Public Health Service Act, Section 301, "Research and
and disclosure specific to the system and program.
Investigation" (42 U.S.C. 241).

22

Are records on the system retrieved by one or more
PII data elements?

Yes
No

Page 4 of 8

Save
Directly from an individual about whom the
information pertains
In-Person
Hard Copy: Mail/Fax
Email
Online
Other
Government Sources
23

Within the OPDIV
Other HHS OPDIV
State/Local/Tribal
Foreign
Other Federal Entities
Other

Identify the sources of PII in the system.

Non-Government Sources
Members of the Public
Commercial Data Broker
Public Media/Internet
Private Sector
Other
23a

Identify the OMB information collection approval
number and expiration date.

24 Is the PII shared with other organizations?
Describe the process in place to notify individuals
25 that their personal information will be collected. If
no prior notice is given, explain the reason.
26

Is the submission of PII by individuals voluntary or
mandatory?

In progress
Yes
No
The participants are informed that personal information would
be collected prior to consent to do interview. At the time of
screening all participants, interviewers will include information
about how the data will be used.
Voluntary
Mandatory

Describe the method for individuals to opt-out of the
collection or use of their PII. If there is no option to
Individuals can opt-out of the collection or use of their PII by
27
object to the information collection, provide a
refusing to participate in the study.
reason.
Describe the process to notify and obtain consent
from the individuals whose PII is in the system when
major changes occur to the system (e.g., disclosure
28 and/or data uses have changed since the notice at
the time of original collection). Alternatively, describe
why they cannot be notified or have their consent
obtained.
Describe the process in place to resolve an
individual's concerns when they believe their PII has
29 been inappropriately obtained, used, or disclosed, or
that the PII is inaccurate. If no process exists, explain
why not.

Electronic or regular mail is sent when there are any major
changes to the system. No major changes that would affect
the rights or interests of individuals is anticipated.

Any issues experienced by research participants would be
resolved through the contractor's Institutional Review Board
(IRB).

Page 5 of 8

Save
Describe the process in place for periodic reviews of
PII contained in the system to ensure the data's
30
integrity, availability, accuracy and relevancy. If no
processes are in place, explain why not.

This is a one time study therefore no process for periodic
review is established.

Users

Administrators
31

Identify who will have access to the PII in the system
and the reason why they require access.

Developers

Contractors

Authorized in-direct contractor
leadership and program managers for
internal management purposes only,
including reviewing project
Selected, authorized personnel require
access to manage, maintain, and
support the overall system and
information collected via the study.
Developers are needed to validate and
test the application's functionality.
In-direct contractor have access
develop, validate and test the
application's functionality.

Others
Describe the procedures in place to determine which The contractor implements access on the least privilege
32 system users (administrators, developers,
method. Only people whose jobs require access to the data
contractors, etc.) may access PII.
are granted the appropriate level of access.

Describe the methods in place to allow those with
33 access to PII to only access the minimum amount of
information necessary to perform their job.

Administrative- and program-level access to the system by the
contractor's leadership, managers, and program project
officers is determined by the level of information needed to
monitor project, program, and contractor-wide performance
information, i.e., project officers only have access to
information on the grantees and grant programs that they
manage. For contractual staff, those with access to the system
and to PII via the system are limited to those who assist in
managing, securing, developing, operating, and otherwise
supporting the system, or who assist grantee users as they
navigate the system or need to update their own PII. All access
is granted through Active Directory. Individual Active
Directory groups are created for each project and only staff
requiring access to the specific project information are added
to the project group.

Identify training and awareness provided to
personnel (system owners, managers, operators,
contractors and/or program managers) using the
34
system to make them aware of their responsibilities
for protecting the information being collected and
maintained.

All contractor employees are required to take Security
Awareness, Data Governance and Privacy training, as well as
Ethics training upon hire and annually thereafter.

Describe training system users receive (above and
35 beyond general security and privacy awareness
training).

None

Do contracts include Federal Acquisition Regulation
36 and other appropriate clauses ensuring adherence to
privacy provisions and practices?

Yes
No

Page 6 of 8

Save

Describe the process and guidelines in place with
37 regard to the retention and destruction of PII. Cite
specific records retention schedules.

The retention and disposition of any PII included in CBS SHEAL
data and any reports generated from such data conforms with
requirements outlined in General Records Schedule (GRS) 1.2
for Grant and Cooperative Agreement Records (see NARA
Transmittal 29, dated December 2017).
The specific records retention schedules are identified in Item
010, DAA-GRS-2013-0008-0007 and in Item 021, DAAGRS-2013-0008-0006.
Disposal methods include erasing computer tapes, burning or
shredding paper materials or transferring records to the
Federal Records Center when no longer needed for evaluation
and analysis.
Administrative controls include a system security plan,
contingency plan, regular back up of files and storage of
backups off site, role-based security awareness training, least
privilege access enforced through Active Directory groups,
separate user and privileged accounts for administrators,
policies and procedures in place for retention and destruction
of PII.

Describe, briefly but with specificity, how the PII will
38 be secured in the system using administrative,
technical, and physical controls.

Technical controls include identification and authentication
using unique user IDs, passwords, and smart cards, use of
firewalls and intrusion detection/prevention systems, virus
scanning software on all computers, and a security information
and event management (SIEM) solution.
Physical controls include security guards, identification
badges, key cards, and closed circuit TV.

39 Identify the publicly-available URL:
40 Does the website have a posted privacy notice?

TBD-in development
Yes
No

40a

Is the privacy policy available in a machine-readable
format?

Yes

41

Does the website use web measurement and
customization technology?

Yes

42

Does the website have any information or pages
directed at children under the age of thirteen?

Yes

43

Does the website contain links to non- federal
government websites external to HHS?

Yes

No
No

No

No

General Comments

Page 7 of 8

Save
OPDIV Senior Official
for Privacy Signature

signed by Jarell
Jarell Oshodi Digitally
Oshodi -S
Date: 2020.06.23 22:40:59
-S
-04'00'

Page 8 of 8