Privacy Impact Assessment for the Partners Portal

Save

Privacy Impact Assessment Form
v 1.47.4
Status Draft

Form Number

F-64539

Form Date

Question

Answer

1

OPDIV:

CDC

2

PIA Unique Identifier:

P-7760520-746405

2a Name:

1/29/2018 12:06:49 PM

Partners Portal System (PPS)
General Support System (GSS)
Major Application

3

Minor Application (stand-alone)

The subject of this PIA is which of the following?

Minor Application (child)
Electronic Information Collection
Unknown

3a

Identify the Enterprise Performance Lifecycle Phase
of the system.

Development
Yes

3b Is this a FISMA-Reportable system?

4

Does the system include a Website or online
application available to and for the use of the general
public?

5

Identify the operator.

6

Point of Contact (POC):

7

Is this a new or existing system?

8

Does the system have Security Authorization (SA)?

8b Planned Date of Security Authorization

No
Yes
No
Agency
Contractor
POC Title

Computer Scientist

POC Name

Melvin Crum

POC Organization NCIPC/DARPI/SPEB
POC Email

[email protected]

POC Phone

(770) 488 3771
New
Existing
Yes
No
August 8, 2018
Not Applicable

Page 1 of 3

Save

11 Describe the purpose of the system.

The Partner's Portal System (PPS) provides data collection,
management, analysis, visualization, reporting, and sharing in
support of CDC's National Center for Injury Prevention and
Control’s (NCIPC) mission to prevent violence and injuries
through science and action. PPS addresses overarching
challenges related to each stage in the data lifecycle through
three main strategies:
(1) Validation: PPS provides electronic (web) forms with
validation processes to acquire partner data and track progress
towards programmatic goals;
(2) Automation: PPS enables automated, timely, and actionable
reports from partner data; and
(3) Communications: PPS facilitates communications regarding
task status between CDC and its partners, including
notifications to project teams when requested content has
been uploaded.

PPS collects, maintains and stores administrative and
programmatic (non-PII) data for CDC technical assistance staff
to validate and CDC scientists analyze. The data collections
consist of batched datasets being uploaded to data entry
screens (web forms) that capture record-level information from
state grantees, e.g., grantee strategies/sub-strategies, grantee
Describe the type of information the system will
metadata and annual progress reports. The system does not
collect, maintain (store), or share. (Subsequent
12
questions will identify if this information is PII and ask request nor require PII in its operations; that is to say, there is
no data field that requests or requires the entry of PII in order
about the specific data elements.)
to progress through its functions.
User ID's and passwords are not required to access PPS. Users
are authenticated through the Secure Access Management
Services (SAMS), a separate access control system with its own
PIA.

Page 2 of 3

Save
PPS enables data collection, management, analysis,
visualization, reporting, and sharing in support of CDC/NCIPC's
mission to prevent violence and injuries through science and
action. PPS will allow transmissions of various datasets to be
uploaded, validated, and routed to a file share for storage and
forms that capture various types of Grantee metadata to be
stored on a SQL database enabling reporting across NCIPC
programs. The data is owned by state grantees, healthcare
facilities, and CDC Partners who are willing to share the data
with CDC for analysis and reporting purposes.
Provide an overview of the system and describe the
13 information it will collect, maintain (store), or share,
either permanently or temporarily.

PPS will collect, maintain and store grantee strategies/substrategies and annual progress reports. Data elements that are
captured include the overview/description of each strategy;
Intermediate Indicators identifying the successful
implementation of each sub-strategy; previous and mid-year
progress made towards defined activities. Grantee metadata
includes information such as grantee (state) name, Notice of
Funding Opportunity Name, and submission date. The data
will be used to support NCIPC's research agenda enabling
violence and injury prevention through science and action
across the programs. There is no PII being collected or
requested regarding these state grantees.
There are no user ID's and passwords requested for access to
the system. Authentication occurs via CDC's SAMS, a separate
access control tool with its own PIA.

14 Does the system collect, maintain, use or share PII?

Yes
No

General Comments

OPDIV Senior Official
for Privacy Signature

Beverly E.
Walker -S

Digitally signed by
Beverly E. Walker -S
Date: 2018.07.30 17:02:45
-04'00'

Page 3 of 3