Privacy Impact Assessment

Save

Privacy Impact Assessment Form
v 1.21
Status

Form Number

Form Date

Question

Answer

1

OPDIV:

CDC

2

PIA Unique Identifier:

0920-22CX

2a Name:

Preferences for Longer-Acting Preexposure Prophylaxis (PrEP) M
General Support System (GSS)
Major Application

3

Minor Application (stand-alone)

The subject of this PIA is which of the following?

Minor Application (child)
Electronic Information Collection
Unknown

3a

Identify the Enterprise Performance Lifecycle Phase
of the system.

Implementation
Yes

3b Is this a FISMA-Reportable system?

4

Does the system include a Website or online
application available to and for the use of the general
public?

5

Identify the operator.

6

Yes
No
Agency
Contractor

Point of Contact (POC):

7

Is this a new or existing system?

8

Does the system have Security Authorization (SA)?

8a Date of Security Authorization
10

No

Describe in further detail any changes to the system
that have occurred since the last PIA.

POC Title

COR

POC Name

Dawn K. Smith

POC Organization CDC
POC Email

[email protected]

POC Phone

404-639-5166
New
Existing
Yes
No

01/14/2022
N/A

Page 1 of 7

Save

11 Describe the purpose of the system.

The Choice for PrEP (C4P) Study is a research study to
understand how different features of HIV prevention services
affect people’s decisions to use PrEP, or pre-exposure
prophylaxis, for HIV prevention. PrEP is medicine people can
take to prevent getting HIV from sex or injection drug use. The
study seeks to understand how access to new, long-acting PrEP
products will affect people’s decisions. The study will include
about 1400 people.

Describe the type of information the system will
Information collected consist of; First name, Last name, Email,
collect, maintain (store), or share. (Subsequent
Phone number, Age – NOT date of birth, Address, State/
12
questions will identify if this information is PII and ask County, Race, HIV status, Gender
about the specific data elements.)
Name, email, and telephone are used to contact possible
respondents and provide information on the study and how to
take part. Address is used if the respondent chooses to receive
an incentive via US Mail. HIV status, race, gender, are used in
data analysis.

Provide an overview of the system and describe the
13 information it will collect, maintain (store), or share,
either permanently or temporarily.

Respondents will answer questions through the Voxco Online
software installed on secure servers in RTI Internationals
Federal Information Processing Standards (FIPS) Moderate
network to ensure secure data collection and programming
support. Voxco is a commercial software product hosted at RTI
in a CDC-approved network environment. Data passes through
the Voxco interface directly into the FIPS Moderate
environment and into a database specifically set up for the
project. The database makes use of current Windows operating
system software and a current commercial database software SQL Server. The environment is maintained by RTI's Global
Technology Solutions (GTS) and implements NIST 800-53
security controls at the FIPS Moderate level to ensure data is
stored securely.
Yes

14 Does the system collect, maintain, use or share PII?

Indicate the type of PII that the system will collect or
15
maintain.

No
Social Security Number

Date of Birth

Name

Photographic Identifiers

Driver's License Number

Biometric Identifiers

Mother's Maiden Name

Vehicle Identifiers

E-Mail Address

Mailing Address

Phone Numbers

Medical Records Number

Medical Notes

Financial Account Info

Certificates

Legal Documents

Education Records

Device Identifiers

Military Status

Employment Status

Foreign Activities

Passport Number

Taxpayer ID

Gender

Age - not birth date

HIV status

Race

Other...

Page 2 of 7

Save
Employees
Public Citizens
16

Business Partners/Contacts (Federal, state, local agencies)

Indicate the categories of individuals about whom PII
is collected, maintained or shared.

Vendors/Suppliers/Contractors
Patients
Other

17 How many individuals' PII is in the system?

18 For what primary purpose is the PII used?

19

Describe the secondary uses for which the PII will be
used (e.g. testing, training or research)

500-4,999
Name, email, and telephone are used to contact possible
respondents and provide information on the study and how to
take part. Address is used if the respondent chooses to receive
an incentive via US Mail. HIV status, race, gender, are used in
data analysis.
N/A

20 Describe the function of the SSN.

N/A

20a Cite the legal authority to use the SSN.

N/A

Public Health Service Act, Section 301, Research and
Investigation, (42 U.S.C. 241); and Sections 304, 306 and 308(d)
Identify legal authorities governing information use which discuss authority to maintain data and provide
21
assurances of confidentiality for health research and related
and disclosure specific to the system and program.
activities (42 U.S.C. 242 b, k, and m(d)).Information use and
disclosure is governed under Departmental regulations, 5 USC
301.)
22

Yes

Are records on the system retrieved by one or more
PII data elements?

Identify the number and title of the Privacy Act
System of Records Notice (SORN) that is being used
22a
to cover the system or identify if a SORN is being
developed.

No
Published:

N/A

Published:

N/A

Published:

N/A
In Progress

Page 3 of 7

Save
Directly from an individual about whom the
information pertains
In-Person
Hard Copy: Mail/Fax
Email
Online
Other
Government Sources
23

Within the OPDIV
Other HHS OPDIV
State/Local/Tribal
Foreign
Other Federal Entities
Other

Identify the sources of PII in the system.

Non-Government Sources
Members of the Public
Commercial Data Broker
Public Media/Internet
Private Sector
Other
23a

Identify the OMB information collection approval
number and expiration date.
Yes

24 Is the PII shared with other organizations?

No
Within HHS
Other Federal
Agency/Agencies
State or Local
Purpose
Agency/Agencies

Identify with whom the PII is shared or disclosed and
24a
for what purpose.

Private Sector
Describe any agreements in place that authorizes the
information sharing or disclosure (e.g. Computer
24b Matching Agreement, Memorandum of
N/A
Understanding (MOU), or Information Sharing
Agreement (ISA)).
24c

Describe the procedures for accounting for
disclosures

Describe the process in place to notify individuals
25 that their personal information will be collected. If
no prior notice is given, explain the reason.

26

Is the submission of PII by individuals voluntary or
mandatory?

N/A
When respondents access the survey, they must read and
acknowledge banners that explain the study and their rights as
a respondent providing information. The information notes
that "Participation in this study is completely voluntary. You
may choose not to take part in the study or leave the study at
any time without any consequences."
Voluntary
Mandatory

Page 4 of 7

Save
Describe the method for individuals to opt-out of the
Participation in this study is completely voluntary. The
collection or use of their PII. If there is no option to
27
respondent may choose not to take part in the study or leave
object to the information collection, provide a
the study at any time without any consequences.
reason.
Describe the process to notify and obtain consent
from the individuals whose PII is in the system when
major changes occur to the system (e.g., disclosure
28 and/or data uses have changed since the notice at
the time of original collection). Alternatively, describe
why they cannot be notified or have their consent
obtained.

No process is in place because no changes are planned or are
viable for the survey and no changes are planned or allowed by
contract to the use of the data.
No individual’s PII will ever be used for a purpose materially
different from that given at the time of collection.

Describe the process in place to resolve an
individual's concerns when they believe their PII has
29 been inappropriately obtained, used, or disclosed, or
that the PII is inaccurate. If no process exists, explain
why not.

The personally identifying information (e.g., name, email
address) will be kept separate from answers to survey
questions and can only be accessed by the research staff at RTI
International. If a respondent has concerns about their PII, they
can contact the Principal Investigator at RTI listed in the
introductory material.

Describe the process in place for periodic reviews of
PII contained in the system to ensure the data's
30
integrity, availability, accuracy and relevancy. If no
processes are in place, explain why not.

The data is reviewed initially on input to the survey by the
Voxco software, which is programmed to detect out of range
items and other anomalies. The data is then reviewed by data
analysts to ensure that it is accurate, available, and relevant
and that the integrity is protected within RTI's network. As the
data is used over the course of the study, it is reviewed
multiple times before final submission to CDC.
Users
Administrators

31

Identify who will have access to the PII in the system
and the reason why they require access.

Developers

Data Analysts to review data and
perform study related analysis.
Have access to be able to carry out
maintenance and updates of the
To perform initial programming of
survey questions and skip patterns

Contractors
Others
RTI institutes the National Institute of Standards and
Technology (NIST) 800-53 Rev 4 controls, including the
Personnel Security controls, to ensure that users are
Describe the procedures in place to determine which appropriately identified, undergo requisite background
screening, and are cleared for the risk level and sensitivity level
32 system users (administrators, developers,
required for their roles. RTI personnel are identified at the
contractors, etc.) may access PII.
project level by role, and only appropriate personnel with the
requisite skills and knowledge are assigned to the project in
the required role. System users and administrators are given
access based on the principles of least privilege.
Describe the methods in place to allow those with
33 access to PII to only access the minimum amount of
information necessary to perform their job.

RTI project team members are assigned by skills needed on the
project and are assigned access privileges through RTI's Global
Technology Solutions (GTS) only the minimum access needed
to carry out their assigned duties on the project.

Page 5 of 7

Save
Identify training and awareness provided to
personnel (system owners, managers, operators,
contractors and/or program managers) using the
34
system to make them aware of their responsibilities
for protecting the information being collected and
maintained.

RTI provides specific training for network users upon hire and
annually thereafter. This training provides specific instruction
on data security, insider threats, and preventing and reporting
data security incidents.

Describe training system users receive (above and
35 beyond general security and privacy awareness
training).

RTI project team members take CDC specific security
awareness training annually when assigned to a CDC project.

Do contracts include Federal Acquisition Regulation
36 and other appropriate clauses ensuring adherence to
privacy provisions and practices?

Yes
No

Describe the process and guidelines in place with
37 regard to the retention and destruction of PII. Cite
specific records retention schedules.

The records are maintained under RTI's Policy 1.9, RTI Records
Retention Schedule, which provides for the retention and
destruction of project records and also maintained under any
contractual requirements that may supersede or supplement
RTI's policy.

Describe, briefly but with specificity, how the PII will
38 be secured in the system using administrative,
technical, and physical controls.

Administrative: Records are maintained according to specific
records control schedules and policy as determined under the
contract and by RTI. PII is secured administratively by rolebased access that limits information visibility only to those
authorized to see it.
Technical: The PII is secured using Secure Socket Layer (SSL)
during transmission and form authentication with role-based
access specific to the authenticated user.
Physical: Access to RTI servers is protected via multi-level key
card and code access. Access to RTI physical campus is
protected via key card and code access.

REVIEWER QUESTIONS: The following section contains Reviewer Questions which are not to be filled out unless the user is an OPDIV
Senior Officer for Privacy.

Reviewer Questions
1

Are the questions on the PIA answered correctly, accurately, and completely?

Answer
Yes
No

Reviewer
Notes
2

Does the PIA appropriately communicate the purpose of PII in the system and is the purpose
justified by appropriate legal authorities?

Yes

Do system owners demonstrate appropriate understanding of the impact of the PII in the
system and provide sufficient oversight to employees and contractors?

Yes

No

Reviewer
Notes
3

No

Reviewer
Notes
4

Does the PIA appropriately describe the PII quality and integrity of the data?

Yes
No

Reviewer
Notes

Page 6 of 7

Save
Reviewer Questions
5

Is this a candidate for PII minimization?

Answer
Yes
No

Reviewer
Notes
6

Does the PIA accurately identify data retention procedures and records retention schedules?

Yes
No

Reviewer
Notes
7

Are the individuals whose PII is in the system provided appropriate participation?

Yes
No

Reviewer
Notes
8

Does the PIA raise any concerns about the security of the PII?

Yes
No

Reviewer
Notes
9

Is applicability of the Privacy Act captured correctly and is a SORN published or does it need
to be?

Yes
No

Reviewer
Notes
10

Is the PII appropriately limited for use internally and with third parties?

Yes
No

Reviewer
Notes
11

Does the PIA demonstrate compliance with all Web privacy requirements?

Yes
No

Reviewer
Notes
12

Were any changes made to the system because of the completion of this PIA?

Yes
No

Reviewer
Notes

General Comments

OPDIV Senior Official
for Privacy Signature

Jarell
Oshodi -S

Digitally signed by Jarell
HHS Senior
Oshodi -S
Agency Official
Date: 2022.09.14
for Privacy
11:42:23 -04'00'

Page 7 of 7