Privacy Threshold Assessment, Adjudicated

Privacy-FAA-CAMI UAS Market Survey-PTA-01.15.21-Adjudicated.pdf

Unmanned Aircraft Systems (UAS) Market Survey

Privacy Threshold Assessment, Adjudicated

OMB: 2120-0803

Document [pdf]
Download: pdf | pdf
U.S. Department of Transportation 

 

 
 

 

 

 
Office of the Chief Information Officer (OCIO)
Privacy Threshold Assessment (PTA)
Federal Aviation Administration (FAA)
Office of Aviation Safety (AVS)
Unmanned Aircraft System (UAS) Market Survey

KARYN
MARIE
GORMAN

1

Digitally signed
by KARYN MARIE
GORMAN
Date: 2021.03.01
15:44:21 -05'00'

U.S. Department of Transportation 

 

 

Privacy	Threshold	Assessment	(PTA)	
The	Privacy	Threshold	Assessment	(PTA)	is	an	analytical	tool	used	to	determine	the	scope	
of	privacy	risk	management	activities	that	must	be	executed	to	ensure	that	the	
Department’s	initiatives	do	not	create	undue	privacy	risks	for	individuals.	
The Privacy Threat Assessment (PTA) is a privacy risk management tool used by the
Department of Transportation (DOT) Chief Privacy Officer (CPO). The PTA determines
whether a Department system1 creates privacy risk for individuals that must be further
analyzed, documented, or mitigated, and determines the need for additional privacy
compliance documentation. Additional documentation can include Privacy Impact
Assessments (PIAs), System of Records notices (SORNs), and Privacy Act Exemption
Rules (Exemption Rules).
The majority of the Department’s privacy risk emanates from its direct collection, use,
storage, and sharing of Personally Identifiable Information (PII),2 and the IT systems
used to support those processes. However, privacy risk can also be created in the
Department’s use of paper records or other technologies. The Department may also
create privacy risk for individuals through its rulemakings and information collection
requirements that require other entities to collect, use, store or share PII, or deploy
technologies that create privacy risk for members of the public.
To ensure that the Department appropriately identifies those activities that may create
privacy risk, a PTA is required for all IT systems, technologies, proposed rulemakings,
and information collections at the Department. Additionally, the PTA is used to alert
other information management stakeholders of potential risks, including information
security, records management and information collection management programs. It is
also used by the Department’s Chief Information Officer (CIO) and Associate CIO for IT
Policy and Governance (Associate CIO) to support efforts to ensure compliance with
other information asset requirements including, but not limited to, the Federal Records
Act (FRA), the Paperwork Reduction Act (PRA), the Federal Information Security
Management Act (FISMA), the Federal Information Technology Acquisition Reform Act
(FITARA) and applicable Office of Management and Budget (OMB) guidance.
Each Component establishes and follows its own processes for developing, reviewing,
and verifying the PTA prior to its submission to the DOT CPO. At a minimum, the PTA
must be reviewed by the Component business owner, information system security
                                                            
1

For the purposes of the PTA the term “system” is used throughout document but is not limited to traditional
IT systems. It can and does refer to business activity and processes, IT systems, information collection, a
project, program and/or technology, and proposed rulemaking as appropriate for the context of the assessment.
2
The term “personally identifiable information” refers to information which can be used to distinguish or trace
an individual's identity, such as their name, social security number, biometric records, etc. alone, or when
combined with other personal or identifying information which is linked or linkable to a specific individual,
such as date and place of birth, mother’s maiden name, etc.
1

U.S. Department of Transportation 

 

manager, general counsel, records officers, and privacy officer. After the Component
review is completed, the Component Privacy Office will forward the PTA to the DOT
Privacy Office for final adjudication. Only PTAs watermarked “adjudicated” and
electronically signed by the DOT CPO are considered final. Do NOT send the PTA
directly to the DOT PO; PTAs received by the DOT CPO directly from program/business
owners will not be reviewed.
If you have questions or require assistance to complete the PTA please contact your
Component Privacy Officer or the DOT Privacy Office at [email protected]. Explanatory
guidance for completing the PTA can be found in the PTA Development Guide found on
the DOT Privacy Program website, www.dot.gov/privacy.
	

2

U.S. Department of Transportation 

 

PROGRAM	MANAGEMENT	
SYSTEM	name: Unmanned Aircraft Systems (UAS) Market Survey	
Cyber	Security	Assessment	and	Management	(CSAM)	ID:	Not applicable	
SYSTEM	MANAGER	CONTACT	Information:	
Name:	Ashley Awwad
Email: [email protected]	
Phone	Number: 1-816-786-5716
Is	this	a	NEW	system?
☒	 Yes	(Proceed to Section 1)	
☐	 No		
☐	Renewal		
☐	Modification		
Is	there	a	PREVIOUSLY	ADJUDICTED	PTA	for	this	system?	
☐	 Yes:
Date: 					
☒	No

1 SUMMARY	INFORMATION	
1.1

System	TYPE	
☐	 Information	Technology	and/or	Information	System		
Unique	Investment	Identifier	(UII):		
Cyber	Security	Assessment	and	Management	(CSAM)	ID:		 
☐	 Paper	Based:		
☐	 Rulemaking		
Rulemaking	Identification	Number	(RIN):		
	 Rulemaking	Stage:	
☐	 Notice	of	Proposed	Rulemaking	(NPRM)
☐	 Supplemental	NPRM	(SNPRM):
☐	 Final	Rule: 	
Federal	Register	(FR)	Notice:			

3

U.S. Department of Transportation 

 

☒ Information	Collection	Request	(ICR)3
☒	 New	Collection	In progress. The 60-day public comment period for the ICR
ends January 19, 2021.
☐	 Approved	Collection	or	Collection	Renewal	
☐	 OMB	Control	Number:			
☐	 Control	Number	Expiration	Date:			
☐	 Other: Survey
1.2

System	OVERVIEW:
The Unmanned Aircraft System (UAS) Market survey has been constructed by a
team of researchers at the Federal Aviation Administration’s (FAA’s) Civil
Aerospace Medical Institute (CAMI). The purpose of the survey is to receive
feedback from experts in industry and academia on UAS, such as common fatiguerelated practices; minimum knowledge, skills, abilities (KSAs) to operate UAS;
testing; and staffing procedures required for operating UAS. The survey will gain
insight from those involved or plan to be involved in UAS air carrier operations, in
particular UAS engineers, operators, instructors, and managers. The industry leaders
will be able to provide insight to current and future policies from their companies to
conduct UAS air carrier operations. The results from this survey will be used to
inform rulemaking activities, and a new PTA for the rulemaking process will be
conducted at that time. The FAA Office of Aviation Safety (AVS) Office of
Aerospace Medicine (AAM) oversees the UAS Market Survey Program at the Mike
Monroney Aeronautical Center (MMAC) in Oklahoma City, Oklahoma.
The Sample Pool of Survey Participants
The sample pool consists of UAS engineers, operators, instructors, and managers
who have submitted Part 107 Waivers relating to rules governing UAS, or been
identified in academia as a UAS instructor4. The initial distribution list contains 381
individuals, but should increase because the FAA routinely updates the publicly
accessible Part 107 Waivers database, and because academic institutions are
continually developing new UAS programs. The survey will collect responses from
180 participants. To ensure the representativeness of the sample, the 180 respondents
will be distributed across quotas that are set based on occupational duties as reported
by the respondent (pilot/operator = 40, cargo/sensor operator = 40, supervisor = 40,
instructors = 40, engineers = 10, other = 10).

                                                            
3

See 44 USC 3201-3521; 5 CFR Part 1320
The information for members of academia is collected from Centers of Excellence. FAA has relationships
with academics who offer UAS training.
4

4

U.S. Department of Transportation 

 

The information from survey participants processed to create the sample pool comes
from publicly available dockets in the Federal Register identifying corporations who
received blanket waivers from Part 107; the FAA’s publicly available Part 107
Waivers website (which identifies individuals who have been granted waivers from
Part 107 relating to rules for operating UAS); Google searches5; and names provided
by the research sponsors and contractors, and it includes: the individual’s name,
company name, and email address (business and/or personal, depending on the email
the user submitted with the FAA during the wavier submission process). FAA’s inhouse contractor, Cherokee Nation 3S LLC (CN3S), creates the sample pool by
pulling this information together from the above mentioned sources. FAA uses this
variety of sources to help ensure the representativeness of the drawn sample.
The sample pool list of potential respondents is stored on an FAA Network shared
drive that requires PIV card credentials via MyAccess6 and is only accessible by
CN3S staff with a need to know.
Survey Administration
The survey will be active for 90 days or completion of the 180-respondent limit,
whichever comes first, and will no longer be accessible by participants after the
survey closes. The survey includes questions with open text boxes, however, the
questions do not lead the participant to respond with PII. If a respondent
inadvertently provides PII in a text box, CN3S contractor staff will delete the PII
before providing results to the FAA.
The FAA’s UAS Market Survey Program has a contract in place with online survey
development software Qualtrics7 to administer the survey. CN3S uses Qualtrics to
create the survey, collect data and create survey item reports. CN3S staff will use
their FAA email address to create a Qualtrics user account to login with username
and password.
CN3S staff sends an email to the sample pool it compiled (noted above) containing
the URL for the survey.8 Members of the sample pool receiving the survey may
choose to take the survey or not, and they have the ability to forward the survey to a
                                                            
5

CN3S uses Google searches in an effort to ensure the contact information drawn from the Part 107 Waivers
website is current, since the individual’s contact information may have changed between the submission of the
Waiver and FAA’s sending of the survey.
6
MyAccess (CSAM ID: 2009) and has an adjudicated PTA dated December 20, 2016. A new PTA is under
development.
7
In April 2018, Qualtrics achieved International Standards Organization (ISO) 27001 certification and is
Federal Risk and Authorization Management Program (FedRAMP) authorized.
8
The URL for the survey will be active once the ICR is approved and the OMB Control Number granted.

 
5

U.S. Department of Transportation 

 

colleague for their participation.9 Recipients in the original sample pool are also able
to opt out of further communication. Unless the recipient opts-out, the recipients will
receive a reminder email approximately halfway through the data collection period.
Once the respondent accesses the link, they receive the informed consent notice10,
which provides an overview of the study, its voluntary nature and ability to opt-out,
informs them about the purposes of the study, and how FAA will use the results. All
participants receive the informed consent prior to taking the survey. Participants
must provide their consent before continuing with the survey. As part of providing
their consent, participants provide their name (first and last) and email address. The
Informed Consent states that this PII will not be associated with the individual’s
survey responses.
When a respondent clicks the link to access the survey, Qualtrics automatically
assigns a unique ID to each survey response record. The survey records in Qualtrics
also include the PII collected via the informed consent – name and email address. At
the conclusion of the survey, CN3S staff logs into Qualtrics with their username and
password and downloads the survey responses to an FAA PIV-protected drive with
access limited to CN3S contractors. CN3S de-identifies the survey responses by
removing the name and email address from the response record. CN3S does not
share this PII with FAA. Likewise, although the individual survey responses are
located on an FAA server, access to these individual responses is restricted to CN3S
only. In addition, CN3S removes any unsolicited PII that respondents may have
provided, unprompted, in open text boxes. CN3S then aggregates the survey
responses for reporting.
Lastly, survey respondents are compensated for their participation. The survey
includes a direct link to a secure website for a third-party FAA contractor, Neese
Personnel, to directly collect personally identifiable information to facilitate
payment, including the respondent’s name, mailing address, phone, and email
address. CN3S verifies the participant’s names with Neese via email, and Neese
facilitates payment by mailing a check to the respondent. The information Neese
Personnel collects will not be shared with FAA.
Neese Personnel will maintain the information associated with payments for three
years to meet requirements set forth by the Fair Labor Standards Act (FLSA). Neese
Personnel stores hard copy documents in locked, access-controlled cabinets, and
electronic data is stored in password- and firewall-protected systems. At the end of
                                                            
9

The survey contains a question to exclude individuals that are outside of the targeted population noted above.
An Informed Consent notice is a legal and ethical requirement for research involving human participants.

10

6

U.S. Department of Transportation 

 

the three-year retention period, any hard copy documents are shredded and electronic
files are deleted.
Neither the survey data nor the analysis will be made available to companies or
organizations outside of the FAA. After the survey is closed, CN3S will destroy all
files containing the link between names, addresses, and unique identifiers. After the
survey is closed, CN3S will download Informed Consent documents to FAA-owned
servers with access limited to certain CN3S contractor staff and FAA Management
(but not Primary Investigators11), as required per Institutional Review Board (IRB)
approval and per IRB compliance requirements12. CN3S will provide the Informed
Consent information to the FAA IRB upon its request.
The record schedule for survey records in is progress, as such, all survey records will
be maintained as permanent records until the NARA approves the record schedule.
FAA will maintain on servers the respondent information, but access will be limited
to CN3S personnel.

2 INFORMATION	MANGEMENT	
2.1

SUBJECTS	of	Collection	
Identify the subject population(s) for whom the system collects, maintains, or
disseminates PII. (Check all that apply)
☒	 Members	of	the	public:
☒	 Citizens	or	Legal	Permanent	Residents	(LPR)	
☐	 Visitors	
☐	Members	of	the	DOT	Federal	workforce
☒	Members	of	the	DOT	Contract	workforce	
☐	System	Does	Not	Collect	PII.	If the system does not collect PII, proceed
directly to question 2.3.

2.2

What	INFORMATION	ABOUT	INDIVIDUALS	will	be	collected,	used,	retained,	
or	generated?		
PII collected to administer the survey: PII collected directly from survey respondents

                                                            
11

The Primary Investigators are the FAA employees sponsoring the research.

12

See the attached PDF for details on the IRB.

AAM-CAMI-004-IRB-P
roc.pdf

7

U.S. Department of Transportation 

 

for consent purposes: name (first and last) and email address. PII about individuals
in the sample pool includes: name, company name, and email address. In addition,
Qualtrics automatically generates a unique identifier for each survey response when
the participant clicks on the survey link.
PII collected for payment purposes: Neese Personnel collects the following directly
from survey participants: name (first and last), mailing address, phone number, and
email address. No bank information is collected, as Neese Personnel will mail
physical checks to the participants.
	
2.3

Does	the	system	RELATE	to	or	provide	information	about	individuals?	
☒	 Yes:		First, FAA contractors (CN3S) use their FAA email addresses to establish
user accounts for the Qualtrics software used to facilitate the surveys. Secondly,
CN3S creates a sample pool for the survey by gathering publically available PII
about UAS operators (names, company name, and email addresses) from the Federal
Register, the FAA’s Part 107 Waivers website, and other sources as described above.
Lastly, an FAA contractor, Neese Personnel, collects name, mailing address, phone
number, and email address from survey participants to facilitate their compensation.
☐	No

If the answer to 2.1 is “System	Does	Not	Collect	PII” and the answer to 2.3 is “No”,
you may proceed to question 2.10.
If the system collects PII or relate to individual in any way, proceed to question 2.4. 
 

2.4

Does	the	system	use	or	collect	SOCIAL	SECURITY	NUMBERS	(SSNs)?	(This	
includes	truncated	SSNs)		
☐	 Yes:
Authority:		 	
Purpose:		
☒	 No: The system does not use or collect SSNs, including truncated SSNs.
Proceed to 2.6.
8

U.S. Department of Transportation 

 

2.5

Has	an	SSN	REDUCTION	plan	been	established	for	the	system?	
☐	Yes:	
☐	No:	 	

2.6

Does	the	system	collect	PSEUDO‐SSNs?		
☐	Yes:	
☒	 No: The system does not collect pseudo-SSNs, including truncated SSNs.

2.7

Will	information	about	individuals	be	retrieved	or	accessed	by	a	UNIQUE	
IDENTIFIER	associated	with	or	assigned	to	an	individual?		
☐	 Yes
Is	there	an	existing	Privacy	Act	System	of	Records	notice	(SORN)	for	the	
records	retrieved	or	accessed	by	a	unique	identifier?	
☒	Yes:	
SORN:		DOT/ALL 13, Internet/Intranet Activity and Access Records, 67 FR
30757 (May 7, 2002).
☐	 No:		
Explanation:			
Expected	Publication:			
☐	Not	Applicable:	Proceed to question 2.9	

2.8

Has	a	Privacy	Act	EXEMPTION	RULE	been	published	in	support	of	any	
Exemptions	claimed	in	the	SORN?	
☐	Yes		
Exemption	Rule:			
☐	No	
Explanation:		 	
Expected	Publication:		
☐	Not	Applicable:	SORN does not claim Privacy Act exemptions.	

2.9

Has	a	PRIVACY	IMPACT	ASSESSMENT	(PIA)	been	published	for	this	system?	
☐	 Yes:		
☒	 No: This is a new survey project.
☐	Not	Applicable:	The most recently adjudicated PTA indicated no PIA was
required for this system.	

9

U.S. Department of Transportation 

 

2.10

Does	the	system	EXCHANGE	(receive	and/or	send)	DATA	from	another	
INTERNAL	(DOT)	or	EXTERNAL	(non‐DOT)	system	or	business	activity?	
☒	 Yes:		
	
Internal Exchange(s):
There are no internal data exchanges.
External Exchange(s):
Qualtrics: CN3S sends its FAA email address (as username) and password to
Qualtrics for system access. In addition CN3S receives survey responses and
respondent name and email (captured from the informed consent) from Qualtrics.
There is a contract in place to govern this exchange.
Neese Personnel: CN3S sends to Neese Personnel names of survey participants
collected via informed consent to allow Neese to verify their participation and
facilitate payment to them. CN3S sends participant names via encrypted emails.
There is a contract in place to govern this exchange.
☐	 No

2.11

Does	the	system	have	a	National	Archives	and	Records	Administration	
(NARA)‐approved	RECORDS	DISPOSITION	schedule	for	system	records?	
☒	Yes:	
	
Schedule	Identifier:	National Archives and Records Administration, General
Records Schedule 3.2, approved January 2017, Information System Security
Records, item 30 System access records.	
	
Schedule	Summary:		Temporary. Destroy when business use ceases. (DAAGRS-2013-0006-0003).
☒	In	Progress:		The FAA Records Officer is engaged with NARA to create a
retention schedule for its survey records.
☐	 No:		

10

U.S. Department of Transportation 

 

3 SYSTEM	LIFECYCLE	
The systems development life cycle (SDLC) is a process for planning, creating,
testing, and deploying an information system. Privacy risk can change
depending on where a system is in its lifecycle.
3.1

Was	this	system	IN	PLACE	in	an	ELECTRONIC	FORMAT	prior	to	2002?	

☐	

The E-Government Act of 2002 (EGov) establishes criteria for the types of
systems that require additional privacy considerations. It applies to systems
established in 2002 or later, or existing systems that were modified after 2002.
Yes: 	
☒Not	Applicable: System is not currently an electronic system. Proceed to
Section 4.
☐		No:

3.2

Has	the	system	been	MODIFIED	in	any	way	since	2002?	
☐	Yes: The system has been modified since 2002.
☐	 Maintenance.
☐	 Security.		
☐	Changes	Creating	Privacy	Risk: 	
☐	Other:
☐	No: The system has not been modified in any way since 2002.

3.3

Is	the	system	a	CONTRACTOR‐owned	or	‐managed	system?	
☐ Yes: The system is owned or managed under contract.
	

Contract	Number:		 	

	

Contractor:	 	

☐	 No: The system is owned and managed by Federal employees.
3.4

Has	a	system	Security	Risk	CATEGORIZATION	been	completed?	
The DOT Privacy Risk Management policy requires that all PII be protected
using controls consistent with Federal Information Processing Standard
Publication 199 (FIPS 199) moderate confidentiality standards. The OA Privacy
Officer should be engaged in the risk determination process and take data types
into account.
☐	Yes: A risk categorization has been completed.
Based on the risk level definitions and classifications provided above,
indicate the information categorization determinations for each of the
following:
11

U.S. Department of Transportation 

 

Confidentiality:

☐ Low

☐ Moderate

☐ High

☐ Undefined

Integrity:

☐ Low

☐ Moderate

☐ High

☐ Undefined

Availability:

☐ Low

☐ Moderate

☐ High

☐ Undefined

Based on the risk level definitions and classifications provided above,
indicate the information system categorization determinations for each of
the following:
Confidentiality:

☐ Low

☐ Moderate

☐ High

☐ Undefined

Integrity:

☐ Low

☐ Moderate

☐ High

☐ Undefined

Availability:

☐ Low

☐ Moderate

☐ High

☐ Undefined

☐	 No:	A risk categorization has not been completed.	Provide date of
anticipated completion.
3.5

Has	the	system	been	issued	an	AUTHORITY	TO	OPERATE?	
☐ Yes:
Date	of	Initial	Authority	to	Operate	(ATO):	
Anticipated	Date	of	Updated	ATO:								
☐ No:						
☐	Not	Applicable: System is not covered by the Federal Information Security
Act (FISMA).

4 COMPONENT	PRIVACY	OFFICER	ANALYSIS	
The Component Privacy Officer (PO) is responsible for ensuring that the PTA is as
complete and accurate as possible before submitting to the DOT Privacy Office for
review and adjudication.
COMPONENT	PRIVACY	OFFICER	CONTACT	Information		
Name:		Essie	L.	Bell
Email: [email protected]
Phone	Number: 202-267-6034
COMPONENT	PRIVACY	OFFICER	Analysis		
This is the initial PTA for FAA’s Unmanned Aircraft Systems (UAS) Market Survey. The
purpose of the survey is to receive feedback from experts in industry and academia on
aspects of operating UAS. Respondents are selected because they are employees of
organizations that operate UAS or academic institutions that provide UAS training.
The survey will gain insight from those involved or plan to be involved in UAS air carrier
operations, in particular UAS engineers, operators, instructors, and managers. The results
12

U.S. Department of Transportation 

 

from this survey will be used to inform rulemaking activities, and a new PTA for the
rulemaking process will be conducted at that time.
The UAS Market Survey is privacy-sensitive as FAA contractor CN3S processes PII from
members of the public, such as the individual’s name, company name, and business or
personal email address to create a sample pool of survey recipients, while a second FAA
contractor, Neese Personnel, collects name, mailing address, phone number, and email
address to facilitate payments to respondents for their participation in the survey.
SORN coverage is not required for the survey, because the responses are not retrieved by
PII. Once CN3S downloads the survey responses, it de-identifies the data, removing the
name and email addresses from the survey responses. The survey responses are then
aggregated for reporting. SORN coverage for the FAA network access records is under
DOT/ALL 13, Internet/Intranet Activity and Access Records, 67 FR 30757 (May 7, 2002).
The RMO has determined that a new retention schedule is required to cover the survey
responses. This retention schedule is in progress. Additionally, the IT access records are
covered under National Archives and Records Administration, General Records Schedule
3.2, approved January 2017, Information System Security Records, item 30 System access
records, which are temporary records that may be destroyed when business use ceases under
DAA-GRS-2013-0006-0003.
Lastly, the following Plan of Action & Milestones (POAMs) are recommending to
remediate the following privacy risks:


DM-2 Data Retention & Disposal
o Issue: A new retention schedule for the substantive survey records is in
progress.
o Requirement: Maintain all survey records as permanent until schedule is
approved by NARA.
o Issue: An FAA contractor, Neese Personnel, maintains the PII of survey
participants for 3 years to meet legal requirements. No corresponding record
schedule was identified for these records.
o Requirement: Identify or create a record schedule for the compensation
records associated with the survey, and establish a process to verify the
destruction of these records.

5 COMPONENT	REVIEW	
Prior to submitting the PTA for adjudication, it is critical that the oversight offices
within the Component have reviewed the PTA for completeness, comprehension and
accuracy.
Component	Reviewer	

Name	

13

Review	Date	

U.S. Department of Transportation 

 

Business Owner

Ashley Awwad

1/13/2021

General Counsel

Sarah Leavitt

2/19/2021

Information System
Security Manager (ISSM)

None

None

Privacy Officer

Essie L. Bell

2/11/2021

Records Officer

Kelly Batherwich

1/5/2021

Table 1 - Individuals who have reviewed the PTA and attest to its completeness, comprehension and accuracy. 

 
 
 
 

 

14

U.S. Department of Transportation 

 

Control 
# 

Control Name 

Primary PTA Question 

AP‐1 

Authority to 
Collect 

1.2 ‐ Overview 

Satisfied  Other 
N/A 
than 
Satisfied 
 
X 
  

DOT CPO Notes 

POA&M: PRA Package must be approved before 
collection.  
Note: recommend updating DOT/FAA 847 to 
include participation in research.  
Recommend updating DroneZone portal to have 
explicit opt in to participate in surveys/research.  
Survey responses will be de‐identified and not 
retrieved by a unique identifier associated with a 
respondent. Substantive records do not require 
SORN coverage. 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 

AP‐2 
AR‐1 

AR‐2 

Purpose 
Specification 
Governance and 
Privacy Program 
Privacy Impact 
and Risk 
Assessment 

1.2 ‐ Overview 

X 

Common Control 

X 

Program Management 

 

  

  

Purpose defined. 

  

Addressed by DOT CPO. 

  

POA&M 
Issue: Information collection involves members of 
the public. Requirement: submit and receive 
approval of Privacy Impact Assessment (PIA) from 
DOT CPO. PIA should cover all phases of the study 
and tools to collect and analyze data. Timeline: 

  
X 

1

U.S. Department of Transportation 

 

Control 
# 

Control Name 

Primary PTA Question 

Satisfied  Other 
N/A 
than 
Satisfied 

DOT CPO Notes 

Prior to study activities involving members of the 
public.  
 

Privacy 
Requirements for 
Contractors and 
Service Providers 

AR‐4 

Privacy 
Common Control 
Monitoring and 
Auditing  
Privacy Awareness  Common Control 
and Training 

X 

  

  

POA&M 
Issue: unclear whether contract includes standard 
language and procedures for data retention 
timelines. Requirement: review contracts and 
update accordingly. Timeline: prior to collection. 
See DM‐2. 
 
Addressed by DOT CPO. 

X 

  

  

Addressed by DOT CPO. 

AR‐6 
AR‐7 

Privacy Reporting 
Privacy‐Enhanced 
System Design 
and Development 

Common Control 
2.5 ‐ SSN Reduction 

X 

  
  

  

Addressed by DOT CPO. 
SSN not collected. 
 
Business owner is responsible for ensuring DOT 
Privacy Risk Management Policy and the FIPPs are 
applied to all data holdings and systems. 

AR‐8 

Accounting of 
Disclosures 

2.7 ‐ SORN 

AR‐5 

3.3 ‐ Contractor 
System 

 

AR‐3 

  
  

X 

X 

  

X 

2

Not maintained in SOR. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 

U.S. Department of Transportation 

 

Control 
# 

Control Name 

Primary PTA Question 

Satisfied  Other 
N/A 
than 
Satisfied 

DI‐1 

Data Quality 

1.2 ‐ System Overview 

  

  

X 

Not maintained in SOR. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 

DI‐2 

Data Integrity and 
Data Integrity 
Board 
Minimization of 
PII 

3.4 ‐ Security Risk 
Categorization 

  

  

X 

Activity does not constitute sharing covered by the 
CMA. 

2.2 – Information 
About Individuals 

X 

  

  

Data collection consistent with purpose. 
 

DM‐2 

Data Retention 
and Disposal 

2.11 ‐ Records 
Disposition Schedule 

X 

  

  

DM‐3 

Minimization of 
PII Used in 
Testing, Training, 
and Research  
Consent 

2.2 – Information 
About Individuals 

Cross reference with AR‐3.  
 
POA&M 
Issue: it is unclear if there are established 
protocols/timelines for data retention timelines. 
Requirement: establish protocols and data 
retention timleines, and if already established, 
include in PIA. Timeline: prior to collection. 
 
System not used for testing, training, research. 

DM‐1 

IP‐1 

2.7 ‐ SORN 

  

  

X 

DOT CPO Notes 

X 

 

  

3

Participants receive informed consent notice. 
Participation is voluntary. 
 
 

U.S. Department of Transportation 

 

Control 
# 

Control Name 

Primary PTA Question 

Satisfied  Other 
N/A 
than 
Satisfied 

DOT CPO Notes 

IP‐2 

Individual Access 

2.8 – Exemption Rule 

  

  

X 

IP‐3 

Redress 

2.7 ‐  SORN 

  

  

X 

IP‐4 

Complaint 
Management 

Common Control 

X 

SE‐1 

Inventory of PII 

Common Control 

X 

SE‐2 

Privacy Incident 
Response 

Common Control 

X 

TR‐1 

Privacy Notice 

2.7 ‐ SORN 

TR‐2 

System of Records  2.7 ‐ SORN 
Notices and 
Privacy Act 
Statements 

Not maintained in SOR. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 
Not maintained in SOR. 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 
Addressed by DOT CPO. 
Not IT system under FISMA. 
 
 
Addressed by DOT CPO. 

X 

 

4

X

Not maintained in SOR. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 
Not maintained in SOR. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 

U.S. Department of Transportation 

 

Control 
# 

Control Name 

Primary PTA Question 

TR‐3 

Dissemination of 
Privacy Program 
Information 

Common Control 

UL‐1 

Internal Use 

2.10 ‐ Internal and 
External Use 

UL‐2 

2.10 ‐ Internal and 
Information 
Sharing with Third  External Use 
Parties 

Satisfied  Other 
N/A 
than 
Satisfied 

DOT CPO Notes 

X 

Addressed by DOT CPO. 

 

X

X

 

5

No internal data exchange. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13 
Information not authorized for disclosure beyond 
DOT/DOT‐contractors. 
 
Records created for the purposes of account 
creation, logging, auditing, etc. are covered by 
DOT/ALL‐13. 
 

U.S. Department of Transportation 

 

 

1


File Typeapplication/pdf
File TitleMicrosoft Word - Privacy-FAA-CAMI UAS Market Survey-PTA-01.15.21-Adjudicated.docx
Authorkaryn.gorman
File Modified2021-03-01
File Created2021-03-01

© 2024 OMB.report | Privacy Policy