Pia 048

privacy-pia-fema-048-nfipdirect-october2017.pdf

Elevation Certificate/Floodproofing Certificate

PIA 048

OMB: 1660-0008

Document [pdf]

Download: pdf | pdf

Privacy Impact Assessment
for the

National Flood Insurance Program (NFIP)
Direct Servicing Agent (NFIP Direct) System
DHS/FEMA/PIA-048
October 31, 2017
Contact Point
Freddy Valdivia, System Owner
Direct Services Branch
Federal Insurance and Mitigation Administration (FIMA)
(202) 391-6342
Reviewing Official
Philip S. Kaplan
Chief Privacy Officer
Department of Homeland Security
(202) 343-1717

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 2

Abstract
The Department of Homeland Security (DHS), Federal Emergency Management Agency
(FEMA), Federal Insurance and Mitigation Administration (FIMA), National Flood Insurance
Program (NFIP) manages the NFIP Direct Servicing Agent (NFIP Direct) and the associated IT
system (NFIP Direct System). NFIP Direct is a FEMA program that assists in issuing flood
insurance policies under the NFIP in communities designated by FEMA and delivers policies and
payment of claims for losses as prescribed by and at the discretion of FEMA. The Government
cloud-based (GovCloud) NFIP Direct System is a new system that manages and accounts for key
NFIP aspects including policy issuance, claims processing, and financial accounting. FEMA uses
the NFIP Direct System to manage the flood insurance underwriting and claims operations for
flood policies issued through NFIP Direct. FEMA is conducting this Privacy Impact Assessment
(PIA) because the agency collects and maintains the personally identifiable information (PII) of
individuals during the flood insurance policy issuance and claims process.

Overview
Congress created the NFIP through the National Flood Insurance Act of 1968, as amended
(NFIA),1 to, among other things, respond to the rising cost of taxpayer-funded disaster relief for
flood victims. The NFIA grants FEMA the authority to establish and carry out a national flood
insurance program to enable interested persons to purchase flood insurance. Communities across
the United States and its territories participate in the NFIP. Based on the communities’ compliance
with the NFIP’s minimum floodplain management regulations, the NFIP makes flood insurance
available to property owners and renters in participating communities.
Property owners can purchase an individual NFIP flood insurance policy, also known as
the Standard Flood Insurance Policy (SFIP), either (1) from NFIP Direct through an insurance
agent or insurance broker (“agent”), or (2) from a participating Write Your Own (WYO) insurance
company2 through the WYO Program. The SFIPs set out the terms and conditions of insurance.
FIMA’s Federal Insurance Directorate (FID) serves flood insurance customers directly through
NFIP Direct, which uses NFIP Direct System to administer flood insurance policies.
The NFIP Direct System collects, stores, manages, and accounts for flood insurance policy
issuance, claims processing, and financial accounting information. The NFIP Direct System
collects and uses PII to service SFIPs;3 Group Flood Insurance Policies (GFIP);4 and Severe
1

42 U.S.C. § 4001 et seq. Available at https://www.fema.gov/media-library-data/20130726-1545-204909247/frm_acts.pdf.
2
WYOs are private insurance companies that sell and service FEMA SFIPs under their own names.
3
NFIP Direct issues SFIPs directly to a property owner.
4
GFIPs are issued in a state’s name and cover groups of property owners who are affected by a presidentially-

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 3

Repetitive Loss (SRL) policies.5 NFIP Direct also collects and uses sensitive PII (SPII) to process
commission payments to insurance agents who facilitate the purchase of the aforementioned
policies. Additionally, SPII such as Social Security number (SSN) may be included on an
individual’s proof of primary residency6 document provided to his or her insurance agent. FEMA
does not need or request the SSN.
The NFIP Direct System is a Government cloud-based IT system used to carry out the
duties of NFIP Direct with several multi-directional exchanges with external entities, which
streamline processes, minimize the amount of effort required from the users of the system, and
enhance the customer experience. For instance, FEMA’s exchange with the Department of
Treasury’s pay.gov website (www.pay.gov)7 allows policyholders to pay electronically through
Treasury’s pay.gov website, which in turn, sends NFIP Direct System notification of successful
payment. Through a similar exchange, FEMA also meets its legal requirements to report income
for tax-related purposes to the Internal Revenue Service (IRS). This exchange includes the sharing
of tax identification numbers (TIN), which may be the SSN of insurance companies or agents that
issue flood insurance policies.
Issuing a New SFIP
Typically, a SFIP begins with an individual or organization, such as a home owner, renter,
mortgage lender, or owner of a commercial property, who is interested in or required to have flood
insurance. Should the interested party choose an insurance agent that issues through NFIP Direct,
the individual or organization requests flood insurance by completing the FEMA Form (FF) 0860-1, Flood Insurance Application8 (Office of Management and Budget (OMB) No. 1660-0006).
Through the application, the agent acquires detailed information about the prospective
policyholder and the property such as name, address, and supporting documents. Supporting
documentation such as Driver’s License, Homestead Tax Credit Form for Primary Residence, and
documents showing where children attend school are used to validate address and property
information on FF 086-0-1. The agent submits the completed FF 086-0-1 and supporting
documentation to NFIP Direct by mail, fax, or by electronic submission through a secure web
portal into the NFIP Direct System (www.NFIPDirect.fema.gov). If the agent submits the
application via hard copy, a NFIP Direct employee scans all paper documents received, including
declared disaster and do not have SFIPs.
5
SRL are policies issued directly by NFIP Direct that provide coverage to property owners for properties that have a
repetitive flood loss and NFIP claims history. These SRL policies generally involve higher premiums and require
additional burden to maintain and process.
6
The Homestead Tax Credit Form differs by state, but most contain SSN. The form is one of several accepted forms
of proof of primary residence. It is at the policyholder’s discretion which acceptable form of proof they provide to
FEMA. FEMA does not use the SSN on the form, and NFIP Direct redacts the SSN during the processing of the
document.
7
The PIA for Pay.gov is accessible at https://www.fiscal.treasury.gov/fsreports/rpt/fspia/paygov_pia.pdf.
8
https://www.fema.gov/media-library/assets/documents/154.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 4

both the application and any supporting documentation, into the secure web portal as attachments
to the electronic file within NFIP Direct System. NFIP Direct redacts files that contain SPII, such
as the Homestead Tax Credit Form for Primary Residence, which contains SSN, during the
scanning process.
The NFIP Direct System maintains a list of Specially Designated Nationals and Blocked
Persons from the Treasury’s Office of Foreign Assets Control (OFAC).9 The NFIP Direct System
cross references an individual or organization seeking flood insurance against this list. If there is
a match, then the Treasury prohibits the NFIP Direct from issuing the individual or organization a
flood insurance policy.
The NFIP requires premium payment along with an application in order to issue a policy.
The insured pays the premium via paper check, credit or debit card, automated clearing house
(ACH), or electronic check (e-check). The insurance agent collects the payment and submits it to
NFIP Direct. If paying via paper check, the agent submits the check directly to the financial
institution servicing the account of NFIP Direct for processing. If the agent submits payment via
credit or debit card, ACH, or e-check, the agent selects a link within the NFIP Direct System that
directs the agent to the Treasury’s pay.gov for payment processing. Upon completion, the Treasury
pay.gov website electronically notifies the NFIP Direct System of either successful or unsuccessful
payment.
Once the NFIP Direct System receives the notification of successful premium payment, the
system runs a series of automated data validations. For instance, when an agent enters an address,
the system automatically compares the address with U.S. Postal Service (USPS) data from a thirdparty vendor to ensure it is a valid address and to standardize the address within the system (e.g.,
abbreviating “Terrace” as “Terr.”). The standardized address helps to identify an SRL property.
An underwriter, who is a NFIP contractor, also reviews the application when necessary and if
NFIP Direct requires more information, the underwriter requests the additional information from
the agent by system notification, email, phone, or letter. Additional information often includes a
flood zone determination10 and an elevation certificate, both of which the agent must obtain
through a third-party vendor. Once the application and all supporting documentation meets
regulatory requirements for flood insurance policies, FEMA underwrites the policy and approves
the application in the system, queuing the policy for issuance.
The NFIP Direct System then generates and delivers a declaration page and a copy of the
SFIP to the policyholder, with courtesy copies going to the insurance agent and to any mortgagee.
9

More information about the Specially Designated Nationals and Blocked Persons is accessible at
https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/consolidated.aspx.
10
The DHS/FEMA/PIA–045 Hazard Mitigation Planning and Flood Mapping Products and Services Support
System PIA provides more information about flood zone determinations, see
https://www.dhs.gov/sites/default/files/publications/privacy-pia-fema-045-floodmapping-june2017.pdf.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 5

The NFIP Direct System delivers the declaration page and SFIP to the insured, agent, and
mortgagees in real-time for download to those that have access to the record in the secure web
portal of the system. Access to records is on a need-to-know basis only. As is currently mandated
by the NFIP, the system also triggers a physical copy of the declaration page and SFIP to print
upon issuance of the policy, via nightly batch processing, and NFIP Direct mails the information
to the policyholder, agent, and mortgagees.
Compensating Insurance Agents
As part of issuing a new or renewed policy, insurance agents earn a commission in
connection with policies of flood insurance placed with NFIP Direct.11 In order to do so, NFIP
Direct collects PII, including SPII, specifically TIN/SSN, from agents to issue commission
payments and Form 1099 earning statements at the end of the calendar year. The NFIP Direct
System processes a commission statement and a commission payment monthly to the insurance
agent by way of either ACH to the agent’s bank account or by paper check. FEMA reports these
payments to Treasury’s IRS for tax-related purposes.
Issuing a New GFIP
NFIP Direct issues GFIPs in the name of a state under certain situations in response to a
Presidential major disaster declaration. When homeowners or renters who live in a special flood
hazard area and do not have an active flood insurance policy receive Individuals and Households
Program (IHP) assistance from FEMA’s Individual Assistance (IA) program, they each become
part of a GFIP and receive a GFIP certificate as part of the IHP assistance. FEMA IA notifies NFIP
Direct to issue the group policy certificates under that state’s Presidential major disaster
declaration number for up to three years, depending on the policy certificate issuance date. NFIP
Direct issues the policy within the NFIP Direct System in the state’s name, with eligible
individuals being named as beneficiaries. Should ownership or occupancy change, the GFIP is
transferable to the new owners or occupants as long as the named individual properly notifies NFIP
Direct of the change. As GFIP has a fixed coverage and premium, requiring no underwriting
services, there is a limited set of PII, including property address and contact information of the
IHP assistance recipient involved in the collection of data for the GFIP and there is no insurance
agent involvement on these policies. Once the GFIP expires, the individual or organization covered
by the GFIP needs to obtain an SFIP under his or her name.
Transferring SFIP to SRL Policies
If FEMA determines that a property has met the criteria to designate it as an SRL property,
based on claims history, FEMA must convert the SFIP policy to an SRL policy. FEMA designates
11

See 44 C.F.R. § 62.6 (2017) (This regulation sets a minimum commission to be issued to the agent or broker of a
policy), available at https://www.ecfr.gov/cgi-bin/textidx?SID=ed9d70bc74872c98956fe58d374dc62b&mc=true&node=se44.1.62_16&rgn=div8.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 6

a property as an SRL property if there is an established history of frequent or high-value flood
claims for an individual property. The current servicer of a policy must transfer any policy and its
related records that meets the SRL criteria, as discussed in the Flood Insurance Manual (FIM),12
to NFIP Direct. The NFIP Direct System notifies affected policyholders, their agents or brokers,
and their lenders that the policy is ineligible for coverage outside of an SRL policy, and that NFIP
Direct will issue the subsequent renewal. Concurrent to the notifications, NFIP Direct contacts the
current servicer of the policy to obtain all relevant documentation related to the policy and the
property’s claim history. As part of the renewal process, NFIP Direct underwrites the policy as a
SRL policy.
SFIP/SRL Policy Renewal
SFIP and SRL policies are both one-year policies, requiring the policyholder to renew the
policy annually in order to retain coverage. Prior to the expiration of a policy, the NFIP Direct
System confirms that FEMA has not made any changes to area maps, that the structure continues
to be in an eligible community, and that the policyholder has made no updates to the structure that
would affect the rate of the policy. Once this confirmation is complete, the system issues a renewal
notice to the payee with courtesy copies to all other relevant parties. For notices sent to mortgagees,
NFIP Direct employs a third-party billing service to generate a consolidated notice containing
renewal information for all policies where that mortgagee has an interest.
The renewal notice contains instructions for submitting the premium payment, and the
process for premium payment and processing is the same as the process for an SFIP.
The policyholder has a thirty-day grace period from the date of expiration to provide
premium payment for the renewal. If NFIP Direct does not receive the premium payment prior to
the completion of the thirty-day grace period, the policy expires and the renewal is effectively null.
Processing Claims Against Flood Insurance Policies
After a loss of a building or its contents with coverage under a flood policy, a policyholder
informs NFIP Direct directly or through his or her agent. The policyholder has the option to notify
NFIP Direct via the secure web portal to the NFIP Direct System, a phone call, or in writing. The
agent, if notified, or a customer service representative from NFIP Direct aids in the completion of
FF 086-0-11, Notice of Loss13 (OMB 1660-0005). NFIP Direct then uses the NFIP Direct System
to assign an adjuster to assess the damage. The adjuster visits the property and assesses the damage,
taking pictures, and completing a series of reports (FFs 086-0-13, 086-0-14, and 086-0-15
reviewed as part of OMB 1660-0005) to submit to NFIP Direct via the secure web portal
Additional worksheets from the OMB 1660-0005 collection may also be required depending on

12
13

Available at https://www.fema.gov/flood-insurance-manual.
Form is available at https://www.fema.gov/media-library/assets/documents/9367.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 7

the situation. The adjuster also populates FF 086-0-9, Proof of Loss14 (OMB 1660-0005). The
system then sends the completed Proof of Loss form to the policyholder for signature to formally
agree to the claim amount. Once the policyholder signs the Proof of Loss and the NFIP Direct
claims staff reviews the final claim, the system issues payment to the policyholder via paper check
and FEMA mails the check to the policyholder.
Compensating Claim Adjusters/Adjusting Firms
The NFIP Direct System compensates adjusters for their work on the claim by payment
according to FEMA’s NFIP Adjuster Fee Schedule.15 In order to do so, NFIP Direct collects PII,
including SPII, specifically TIN/SSN, from the adjusters to issue fee payments and Form 1099
earning statements at the end of the calendar year. The system processes a fee payment at the
conclusion of each claim to the adjuster or firm by way of either ACH to his or her bank account
or by paper check. FEMA reports these payments to Treasury’s IRS.
NFIP Direct System Access
The NFIP grants access to the NFIP Direct System and its data to FEMA employees,
FEMA contractors and sub-contractors involved in the processing and administering of NFIP
Direct policies, the insurance agent of record, assigned claims adjusters, and policyholders on a
need-to-know basis. Access to the system is role-based, meaning permissions and rights are
granted based on a user’s NFIP responsibilities, and consequently users are limited to relevant
information (i.e., an insurance agent has access only to the agent’s book of business, adjusters have
access only to the claims assigned to them, policyholders have access only to their policy
information).

Section 1.0 Authorities and Other Requirements
1.1

What specific legal authorities and/or agreements permit and
define the collection of information by the project in question?

The NFIP receives legal authority to collect information through 42 U.S.C. § 4001 et seq.16
This code is a combination of several laws, including the following: the National Flood Insurance
Act of 1968,17 the Flood Insurance Protection Act of 1973,18 the National Flood Insurance Reform

Available at https://www.fema.gov/media-library/assets/documents/9343.
Available at https://www.fema.gov/media-library/assets/documents/17539.
16
Available at https://www.gpo.gov/fdsys/pkg/USCODE-2010-title42/pdf/USCODE-2010-title42-chap50sec4001.pdf.
17
Pub. L. 90-448, 82 Stat. 572 (1968).
18
Pub. L. 93-234, 87 Stat. 975 (1973).
15

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 8

Act of 1994,19 the Flood Insurance Reform Act of 2004,20 the Biggert-Waters Flood Insurance
Reform Act of 2012,21 the Consolidated Appropriations Act of 2014,22 and the Homeowner Flood
Insurance Affordability Act of 2014.23 Additionally, Section 6109 of the Internal Revenue Code24
requires a payee to provide the payee’s TIN to NFIP Direct, who are required to file information
returns with the IRS to report income paid to the payee.

1.2

What Privacy Act System of Records Notice(s) (SORN(s)) apply
to the information?

The following SORNs apply to the information within the NFIP Direct System:


The DHS/FEMA-003 National Flood Insurance Program Files System of Records25

applies to flood insurance policy and insurance agent information that FEMA maintains
in the NFIP Direct System.



The DHS/ALL-004 General Information Technology Access Account Records System
(GITAARS)26 applies to information FEMA maintains to allow individuals access to
the NFIP Direct System.



The DHS/ALL-007 Accounts Payable System of Records27 applies to information
FEMA maintains and shares for the purpose of processing payments such as
commission compensation to insurance agencies and insurance agents.



The DHS/ALL-008 Accounts Receivable System of Records28 applies to information
FEMA maintains and shares for insurance premium debt collection purposes.



The Treasury-009 Treasury Financial Management Systems SORN29 applies to
payment information an individual provides to Treasury through Pay.gov.

Pub. L. 103-325, Title V, 108 Stat. 2160, 2255-87 (1994).
Pub. L. 108-264, 118 Stat. 712 (2004).
21
Pub. L. 112-141, §§ 100201-100249, 126 Stat. 405, 916-69 (2012).
22
Pub. L. 113-76, 128 Stat. 5 (2014).
23
Pub. L. 113-89, §§ 3-4, 128 Stat. 1020, 1021-22 (2014).
24
26 U.S.C § 6109.
25
DHS/FEMA-003 National Flood Insurance Program Files System of Records, 79 FR 28747 (May 19, 2014),
available at https://www.gpo.gov/fdsys/pkg/FR-2014-05-19/html/2014-11386.htm.
26
DHS/ALL-004 General Information Technology Access Account Records System, 77 FR 70792 (November 27,
2012), available at https://www.gpo.gov/fdsys/pkg/FR-2012-11-27/html/2012-28675.htm.
27
DHS/ALL-007 Accounts Payable System of Records, 80 FR 58286 (September 28, 2015), available at
https://www.gpo.gov/fdsys/pkg/FR-2015-09-28/html/2015-24587.htm.
28
DHS/ALL-008 Accounts Receivable System of Records, 80 FR 58289 (September 28, 2015), available at
https://www.gpo.gov/fdsys/pkg/FR-2015-09-28/html/2015-24588.htm.
29
Treasury-009 Treasury Financial Management Systems, 81 FR 78279 (November 7, 2016), available at
https://www.gpo.gov/fdsys/pkg/FR-2016-11-07/pdf/2016-26662.pdf.
20

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 9

1.3

Has a system security plan been completed for the information
system(s) supporting the project?

The NFIP Direct System is subject to, and concurrently seeking, an Authority to Operate
(ATO). As part of the ATO process, a system security plan is required. FEMA is currently
finalizing the system security plan, with coordination and input from the multiple FEMA offices
including the Office of the Chief Information Officer (OCIO) and NFIP Direct within FID.

1.4

Does a records retention schedule approved by the National
Archives and Records Administration (NARA) exist?

The NFIP Direct System must adhere to guidance from DHS and FEMA with regard to
records retention. As referenced in FEMA Manual 141-1-1b, several records schedules were
approved by the FEMA Records Officer and NARA with respect to the NFIP.
In accordance with NARA Authority N1–311–86–1, Item 2A13a(2), FEMA retains policy
records as long as the property owner maintains enrollment in the flood insurance program and
pays the policy premiums. FEMA cuts off records when the policy becomes inactive, and policy
records are destroyed five years after the cutoff.
In accordance with NARA Authority N1–311–86–1, Item 2A12a(2), FEMA retains claim
records for six years and three months after final action.
In accordance with NARA Authority GRS 1.1, Item 010, FEMA retains official records of
financial information for six years from final payment or cancelation. However, longer retention
is authorized if required for business use, in which case destruction occurs when the business use
ceases. FEMA destroys all other copies of financial information records when the business use
ceases, in accordance with NARA Authority GRS 1.1, Item 011.
In accordance with NARA Authority GRS 1.1, Item 001, FEMA retains accounting
administrative information, including workload and personnel management information, for three
years. However, longer retention is authorized if required for business use, in which case
destruction occurs when the business use ceases.

1.5

If the information is covered by the Paperwork Reduction Act
(PRA), provide the OMB Control number and the agency number
for the collection. If there are multiple forms, include a list in an
appendix.

Appendix A contains a list of related information collections and OMB-approved forms
that have coverage under the PRA.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 10

Section 2.0 Characterization of the Information
2.1

Identify the information the project collects, uses, disseminates, or
maintains.

The NFIP Direct System collects the following information from individuals or business
policyholders who request a flood insurance policy for purposes of properly underwriting the
policy, calculating premiums in accordance with the FIM, and ensuring appropriate contact
information is available to service the policy:


Individual’s Full Name



Company Name



Company Number



Property and Mailing Address(es)



Legal Description of Property



Email Address(es)



Telephone Number(s)



Fax Number(s)



Primary Residency Status



Primary Residence Verification (including any one of the following):
o Signed Affidavit
o Driver’s License
o Automobile Registration
o Proof of Insurance for a Vehicle
o Voter’s Registration
o Homestead Tax Credit Form for Primary Residence30
o Documents Showing Where Children Attend School
o Mortgage Information
o Property Occupancy Type


30

Geographical Locations

This form may differ by state; however, most contain SSN. FEMA does not use the SSN on the form.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 11



Community Information



City Name of Where the Property is Located



U.S. Fish & Wildlife (USF&W) Case Number (in support of the Coastal Barrier
Resources System (CBRS)31 determinations)32



In CBRS/Out CBRS of Area Determination by U.S. Fish & Wildlife



Name of the CBRS from U.S. Fish & Wildlife



U.S. Fish & Wildlife Version of the Target Property Address



CBRS Area/Unit Number (Area Number on U.S. Fish & Wildlife’s Map)



CBRS Area Declaration/Effective Date



Contact Information of the U.S. Fish & Wildlife Representative



Map Panel and Suffix



Zone Determination Data



Flood Zone Data



Elevation Certificate Data



Building Attributes



Replacement Cost Value of the Structure



Property Loss History



Insurance Agent/Broker Name



Coverage and Rating Information



Billing Address



Payment Information (Bank Account Information, Check Number)



Premium Receipt

The Coastal Barrier Resources Act of 1982, as amended, removes the Federal Government from financial
involvement associated with building and development in undeveloped portions of designated coastal barriers.
These areas were mapped and designated as Coastal Barrier Resources System units or “otherwise” protected areas,
and properties within a CBRS area require more robust flood management safeguards in order to be eligible for
flood insurance. For more information, see https://www.fema.gov/coastal-barrier-resources-system.
32
U.S. Fish & Wildlife runs the Coastal Barrier Resources System, which tracks where building is prohibited. As
part of an agreement between USF&W and FEMA, FEMA checks to ensure a policy is not issued to a property
where building is discouraged or prohibited. For cases where it is not abundantly obvious, a case is opened with the
USF&W to ensure compliance before the policy is issued.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 12



Signature



Policy Cancellation Reason



Cancellation Supporting Documentation. May include: Property sale documentation,
copy of new insurance declarations page, bank notice of non-payment, credit card
notice of non-payment, tax records, mortgagee statements, Residential Condominium
Building Association Policy (RCBAP) bylaws, maps, and Letter of Map Amendment
(LOMA) or Letter of Map Revision (LOMR).

The system collects the following information from insurance brokers, agents, and
companies for commission payments and tax reporting purposes:


Agent SSN (Only when used as TIN)



Agent Name (First, Middle, and Last)



Agency Name



Agency TIN



Agency Relationships (i.e., Managing General Agent)



Mailing Address



Phone Number



Fax Number



Email address



Commission Rates



Commission Amounts



Commissions Paid



Bank Name



Bank Account Number



Bank Routing Number



Federal Tax Classification



IRS W-9 Form



NFIP Direct System Users



NFIP Direct System User IDs

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 13



Insurance Data (production reports, business in force, policies with claims, etc.)



Documents Related to Agency Mergers and Acquisitions



Agency Training Documentation



Signature

The system collects the following information from individuals/business policyholders
who file a claim against a flood insurance policy for purposes of assessing and documenting the
damages:


Date of Loss



Flood-Policy Number



Other Insurance Policy Number (e.g., Home Owners, Renters, Wind)



Individual’s Full Name



Property and Mailing Address(es)



Email Address(es)



Telephone Number(s)



Policy Type



Policy Period



Insurance Agent/Broker Name



Insurance/Claims Data



Insurance Rate(s)



Claim Amounts



Effective Date



Disaster Assistance Information



Property Photographs



Property Loss Information



Loss Photographs



Loss Contents/Inventory Lists



Loss Valuations

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 14



Loss Settlement/Payment Amounts



Adjuster Reports



Engineering Reports

The system collects the following information from adjusting firms and adjusters:


Adjusting company name



Adjusting Company TIN



Adjuster SSN (Only when used as TIN)



Adjuster Name (First, Middle, and Last)



Mailing Address



Phone number



Fax number



Email address



Loss Adjustment Expense Paid



Adjusting Fees Paid



Bank Name



Bank Account Number



Bank Routing Number



Federal Tax Classification



IRS Form 1099 statements



NFIP Direct System Users



NFIP Direct System User IDs



Documents Related to Adjusting Firm Mergers and Acquisitions



Adjuster Training Documentation



Signature

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 15

NFIP Direct collects the following information from individuals requesting or requiring
access to NFIP Direct System in order to create a user account and ensure FEMA properly assigns
permissions and rights in the system:


Name



Agency Identification Number, if applicable



Agency Name



User Name



Password



Address



Phone



Email address



User Class

The NFIP Direct System may also receive additional information from other systems that
FEMA uses to complete and validate the other information received. The FEMA iService
Enterprise Environment (iSEE) system provides the NFIP Direct System with lists of properties
that are either ineligible for coverage or have a loss history that affects the rates on the policy. The
NFIP Direct System cross-references the property address on flood insurance applications with
this information as part of the underwriting process.
Treasury’s Office of Foreign Assets Control (OFAC) makes available the list of individuals
and companies who are barred from doing business with the U.S. Government, such as terrorists
and narcotics traffickers, for cross referencing an individual or organization seeking to purchase
flood insurance.33 The NFIP Direct System uses this list to ensure that flood insurance policies are
not issued to individuals or organizations on this list.
Treasury’s Pay.gov website provides the NFIP Direct System with electronic confirmation
when an applicant makes a payment within Treasury’s system. The NFIP Direct System uses this
confirmation as validation that FEMA has received the premium payment.
Additionally, FEMA receives standardized postal addresses, as well as the latitude and
longitude of an address, from third party service provider. The NFIP Direct System uses the
standardized address and geo-location of policyholder-provided mailing and property addresses as
part of a data validation on each policy prior to issuance.

https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/consolidated.aspx.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 16

2.2

What are the sources of the information and how is the
information collected for the project?

The NFIP Direct System collects information primarily from policyholders. This is done
in coordination with the insurance agent or company who represents the individual or organization
seeking a flood insurance policy (OMB 1660-0004, OMB 1660-0006, OMB 1660-0008, OMB
1660-0033, OMB 1660-0040, and OMB 1660-0086) and at a time of loss through claims
processing (OMB 1660-0005). Generally, policyholders complete NFIP policy and claims forms
with the help of the agent who then submits the form to the NFIP Direct System. In addition, NFIP
Direct collects data directly from insurance adjusters who examine a property after a loss (OMB
1660-0005). The system receives the above-mentioned data and supporting documents through
several channels, including by mail, fax, phone, or by electronic submission through the secure
web portal. NFIP Direct scans mailed or faxed documents into electronic files and uploads to the
NFIP Direct System.
The NFIP Direct System also receives data from other FEMA systems or programs.
Additional sources include the CBRS report, Section 131634 report, and other community
information from the FEMA iSEE through a secure File Transfer Protocol (sFTP) site for use in
identifying non-qualifying properties and properly rating properties, and IHP information for GFIP
issuance from the FEMA IA Program via a Microsoft Excel spreadsheet. In addition to FEMA
systems or programs, state emergency management agencies in certain states that receive Other
Needs Assistance (ONA) provide NFIP Direct with a list of individuals eligible for a GFIP after
each presidentially-declared disaster in place of the FEMA IA Program. The NFIP Direct System
also receives information from other Federal Government agencies, including the Treasury’s
OFAC, which provides via FTP site publicly-available lists of individuals and companies35 who
are barred from doing business with the U.S. Government, such as terrorists and narcotics
traffickers, for cross referencing an individual or organization seeking flood insurance, and
Treasury’s pay.gov website, which provides, through encrypted link over a secure website,
verification that the website completed the processing of a premium payment.
Additionally, NFIP Direct receives information from third-party and commercial vendors.
Using web services, FEMA is capable of receiving flood zone determinations and elevation
certificates from various vendors on behalf of the policyholder, and confirms the correct address
and geo-location of policyholder provided mailing and property addresses as part of a data
validation on each policy prior to issuance.
34

Section 1316 of the National Flood Insurance Act of 1968, as amended, provides for the denial of flood insurance
coverage for any property that the Administrator finds has been declared by a duly constituted state or local
authority to be in violation of state or local floodplain management regulations. For more information, see
https://www.fema.gov/section-1316.
35
See https://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/consolidated.aspx.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 17

2.3

Does the project use information from commercial sources or
publicly available data? If so, explain why and how this
information is used.

The NFIP Direct System uses commercial sources and publicly-available data such as zone
determinations, elevation certificates, and postal addressing data validation services. Flood Zone
Determination companies36 rely on FEMA’s NFIP maps, the NFIP Community Status Book, and
other supporting documentation to determine37 which flood zone is applicable to the property.
Surveyors, engineers, and architects authorized by law complete elevation certificates38 to certify
building elevations. The NFIP Direct System uses postal address data to validate data received
from other sources and to standardize property addresses to ensure all records related to a property
have consistent addressing.

2.4

Discuss how accuracy of the data is ensured.

The NFIP Direct System receives policy and claims information directly from the potential
or current policyholder. As part of the policyholder data collection, FEMA requires policyholders,
those seeking insurance, or insurance agents to sign certain FEMA forms acknowledging accuracy
of information. The system accepts signature by way of a traditional “wet signature” or an
electronic signature within the secure web portal of the NFIP Direct System. Additionally, the
system includes automated data validation checks as well as data cross-checks with other data in
the system during data entry. The system also uses a standardized address third-party service to
validate addresses provided. When possible, NFIP Direct obtains supporting data via automated
mechanisms such as collecting flood zone determinations and elevation certificates via secure web
service integrations with various vendors. NFIP Direct underwriting staff also review the records
to ensure accuracy. If there is questionable or inconsistent information, NFIP Direct contacts the
agent or policyholder for verification or correction. FEMA’s NFIP Information Technology
Systems (ITS) Transaction Record Reporting and Processing (TRRP) cycle,39 performed at the
end of each month, further checks information outputs from the NFIP Direct System. FEMA
further assures data accuracy through internal audit processes and regular operation reviews.
FEMA performs these audits and reviews for underwriting, claims, and financial information.40

See https://www.fema.gov/flood-zone-determination-companies.
This determination is made using FF 086-0-32, available at https://www.fema.gov/medialibrary/assets/documents/225.
38
See https://www.fema.gov/media-library/assets/documents/160.
39
See DHS/FEMA/PIA-011 National Flood Insurance Program Information Technology Systems (NFIP ITS),
available at https://www.dhs.gov/sites/default/files/publications/privacy_pia_fema_nfipits_10122012_0.pdf.
40
See DHS/FEMA/PIA–039 Federal Insurance and Mitigation Administration Risk Insurance Underwriting and
Claims Operations Review Tool (U-CORT), available at
https://www.dhs.gov/sites/default/files/publications/privacy-pia-fema-039-u-cort-august-2014.pdf.
37

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 18

2.5

Privacy Impact Analysis: Related to Characterization of the
Information

Privacy Risk: FEMA may collect more information than is necessary for flood insurance
policy setup and claims processing.
Mitigation: FEMA partially mitigates this risk by only collecting information required to
comply with federal statute, regulations, and policy for underwriting and processing claims against
flood insurance policies. Additionally, FEMA continually reviews data collection to ensure the
need for data elements collected for insurance purposes. FEMA frequently makes modifications
to the NFIP via FEMA Bulletins that either add or remove data elements.
In the case of proof of residency, FEMA incidentally collects more information than is
needed; however, FEMA does not use the additional information. For instance a property owner
applying for a SFIP may choose to provide a Homestead Tax Credit form or declaration as proof
of residency. The Homestead Tax Credit form will provide proof of residency, but the form may
also contain the property owner’s as well as their dependents’ SSN. FEMA does not use the SSN,
but if the policyholder provides the form as proof of residency, the NFIP Direct System stores the
form with the SSNs redacted. FEMA NFIP Direct will redact the SSNs after the documents are
received from the agent and during initial scanning or uploading into the NFIP Direct System.
FEMA may accept these forms with redacted SSN as FEMA does not need the SSN to process the
property owner’s policy, claims, or verify identity.
Privacy Risk: NFIP may collect inaccurate or incomplete information for flood insurance
policy processing or issuance, which can lead to a less favorable rate or complications at the time
of a claim.
Mitigation: FEMA partially mitigates this risk by obtaining information whenever
possible directly from the policyholder, requiring signature from the policyholder, and crossreferencing the information with reputable third-party data to verify accuracy. Additionally, the
NFIP Direct System uses automated data validations within the system, underwriting staff reviews,
monthly TRRP error outputs, internal audits, and regular operational reviews.

Section 3.0 Uses of the Information
3.1

Describe how and why the project uses the information.

The NFIP Direct System collects information from individual or business policyholders
who file a request for flood insurance or those involved in normal flood business processes (i.e.,
mortgagee, agent, policyholder) for the purpose of processing and issuing an insurance policy.
Uses of the information include properly communicating with each entity, assessing risk,

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 19

determining if purchase of flood insurance is mandatory, rating the policy, issuing an invoice and
processing payments, canceling policies, processing claims filed against a flood insurance policy,
and assessing and documenting damages.
The NFIP Direct System collects information from agents, adjusting firms, and adjusters
for the purpose of calculating and processing commission payments to insurance brokers as an
incentive to market the NFIP and initiate flood insurance policies directly with FEMA and to flood
insurance claim adjusters to facilitate the processing of flood insurance claims against properties
covered by a flood insurance policy.
NFIP Direct collects information from individuals requesting or requiring access to the
NFIP Direct System in order to create a user account and ensure FEMA properly assigns
permissions and rights in the system.

3.2

Does the project use technology to conduct electronic searches,
queries, or analyses in an electronic database to discover or locate
a predictive pattern or an anomaly? If so, state how DHS plans to
use such results.

FEMA does use Business Intelligence41 to discover and locate patterns, trends, or
anomalies in order to be more proactive in addressing survivor support and in understanding loss
potential for pending disasters. Additionally, FEMA analyzes this information to find better ways
to ensure better coverage of at-risk properties by the NFIP product offerings and to potentially
identify fraud or potential errors. In certain cases, FEMA also uses this information to identify the
impact of certain program changes or regulations. However, FEMA does not use Business
Intelligence in determining total payment of claims.

3.3

Are there other components with assigned roles and
responsibilities within the system?

No other DHS components have assigned roles and responsibilities within the NFIP Direct
System.

3.4

Privacy Impact Analysis: Related to the Uses of Information

Privacy Risk: Individuals could use information collected and maintained in the NFIP

Business Intelligence (BI) is a technology-driven process for analyzing data and presenting timely and actionable
information to help corporate executives, business managers, and other end users make more informed business
decisions. BI encompasses a wide variety of tools, applications, and methodologies that enable organizations to
collect data from internal systems and external sources, prepare it for analysis, develop and run queries against the
data, and create reports, dashboards, and data visualizations to make the analytical results available to corporate
decision makers as well as operational workers.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 20

Direct System for purposes other than their intended purpose.
Mitigation: FEMA mitigates this risk by carefully controlling access to the information
and the sharing of any information. Access to the system is role-based, need-to-know access to
avoid users from accessing information not vital to their purpose. NFIP Direct also limits the risk
of inappropriate use of information by not allowing other DHS components to access the NFIP
Direct System. Additionally, NFIP Direct enters into Service Level Agreements (SLA) with all
third-party vendors that prohibit the use of the information without written consent from FEMA.

Section 4.0 Notice
4.1

How does the project provide individuals notice prior to the
collection of information? If notice is not provided, explain why
not.

FEMA provides notice by way of this PIA, the DHS/FEMA/PIA-011 NFIP ITS PIA, the
SORNs mentioned in section 1.2, the Privacy Notices associated with the approved forms listed in
Appendix A, and the Privacy Notice within the NFIP Direct System.

4.2

What opportunities are available for individuals to consent to
uses, decline to provide information, or opt out of the project?

Individuals that are required by either the NFIA, their respective state, or their mortgage
company to purchase flood insurance policies may not have an option to opt out of purchasing or
obtaining flood insurance for a property. Individuals, whether required to obtain or voluntarily
obtaining flood insurance, consent to FEMA’s use of their information upon accepting the Privacy
Act statement within the NFIP Direct System and submission of their information to their
insurance agent for flood insurance issuing and servicing. If submission is by mailed or faxed by
hard copy, the signature on OMB-approved forms constitutes acceptance. Failure to provide the
information the NFIP requires may prevent property owners or renters from acquiring flood
insurance or processing a claim against their policy. Additionally, failure to provide information
that is required to create a new user account in the NFIP Direct System will prevent access to the
system.
The NFIP Direct System also offers flood zone determinations through third-party vendors
within the system. Before engaging these third-parties, the NFIP Direct System user must accept
a prompt that states that these services are through a third-party and are solely for their
convenience. These services are not required within the NFIP Direct System and the agent is free
to seek these services outside of the NFIP Direct System, if preferred. Any engagement between

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 21

the NFIP Direct System and third-party vendors and commercial services is covered under SLA
and privacy policies by the entities to ensure no further uses are permitted.

4.3

Privacy Impact Analysis: Related to Notice

Privacy Risk: The individuals applying for flood insurance may not be aware of FEMA’s
collection, use, maintenance, and dissemination of their information.
Mitigation: FEMA mitigates this privacy risk by providing notice by way of this PIA, the
DHS/FEMA/PIA-011 NFIP ITS PIA, the SORNs in Section 1.2, the Privacy Notices associated
with the approved forms listed in Appendix A, and the Privacy Notice within the NFIP Direct
System.

Section 5.0 Data Retention by the project
5.1

Explain how long and for what reason the information is retained.

FEMA retains policy records as long as the property owner maintains enrollment in the
flood insurance program and pays the policy premiums. FEMA cuts off records when the policy
becomes inactive. Policy records are destroyed five years after the cutoff in accordance with
NARA Authority N1–311–86–1, Item 2A13a(2).
FEMA retains claim records for six years and three months after final action. Records are
disposed in accordance with NARA Authority N1–311–86–1, Item 2A12a(2).
FEMA retains official records of financial information for six years from final payment or
cancelation in accordance with NARA Authority GRS 1.1, Item 010. However, longer retention is
authorized if required for business use, in which case destruction occurs when the business use
ceases. FEMA destroys all other copies of financial information records when the business use
ceases in accordance with NARA Authority GRS 1.1, Item 011.
FEMA retains accounting administrative information, including workload and personnel
management information, for three years in accordance with NARA Authority GRS 1.1, Item 001.
However, longer retention is authorized if required for business use, in which case destruction
occurs when the business use ceases.

5.2

Privacy Impact Analysis: Related to Retention

Privacy Risk: FEMA may retain information for longer than necessary.
Mitigation: FEMA partially mitigates this risk by requiring that records are maintained
within the NFIP Direct System in accordance with FEMA Records Management Branch approved
retention schedule and NARA Authorities.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 22

Section 6.0 Information Sharing
6.1

Is information shared outside of DHS as part of the normal
agency operations? If so, identify the organization(s) and how the
information is accessed and how it is to be used.

FEMA routinely shares information maintained by NFIP Direct with: federal, state, local,
and tribal government agencies, and established voluntary organizations in performing the duties
of the NFIP Direct; Claims Adjuster firms so that damage can be assessed and a claim processed;
Commercial Standardized Address companies so that NFIP Direct can validate addresses and
geographic locations; Flood Zone Determination companies to validate the flood zone of a
property; Elevation Certificate providers so that an elevation certificate can be obtained; Insurance
Industry Exchange vendors so that agents can effectively manage their book of business; Lockbox
service providers so that the handling of mail and paper checks is handled securely; third-party
billing companies to consolidate mailings sent to mortgagees and save on postage costs; and the
financial institution servicing the account of NFIP Direct so that premium payments can be
accepted and payments to agents (commission) and survivors (claims) can be disbursed.
Additionally, FEMA shares information with the Treasury so that the IRS may track and report
tax-related payments to agents and adjusters.

6.2

Describe how the external sharing noted in 6.1 is compatible with
the SORN noted in 1.2.

Routine Use S of the NFIP Files SORN42 allows FEMA to share TIN and financial
information of insurance agents with a financial institution for purposes of issuing commission
payments to the insurance agent to share their cost of marketing and selling a flood insurance
policy. This is compatible with the original collection because the information is being shared to
manage policy marketing and issuance.
Routine Use F of the same SORN allows FEMA to share NFIP information with
contractors and their agents, experts, consultants, and others performing or working on a contract,
service, grant, cooperative agreement, or assignment for DHS, when necessary to accomplish an
agency function related to the NFIP Files system of records. This includes Claims Adjuster firms,
Commercial Standardized Address companies, Flood Zone Determination companies, Elevation
Certificate providers, Insurance Industry Exchange vendors, Lockbox service providers, and thirdparty billing companies. This is compatible with the purpose for the original information collection
because NFIP Direct requires a variety of information to help determine flood insurance eligibility
and administer policies.

DHS/FEMA-003 National Flood Insurance Program Files, 79 FR 28747 (May 19, 2014).

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 23

Additionally, Routine Use J of the DHS Accounts Payable Records SORN43 allows FEMA
to share TIN and other tax-related information about insurance agents with the Department of the
Treasury for the purpose of tax-related reporting of reimbursable commission payments to
insurance agents.
Any individuals provided information under these routine uses are subject to the same
Privacy Act requirements and limitations on disclosure as are applicable to DHS officers and
employees.

6.3

Does the project place limitations on re-dissemination?

Yes. FEMA limits re-dissemination of information maintained in the NFIP Direct
System. Routine Use Letters accompany shared information which expressly state the allowable
uses and restrictions set forth by FEMA. Additionally, SLAs between the NFIP Direct and thirdparty vendors prohibit vendors from re-dissemination without consent. Also, federal agencies
within the Executive Branch that FEMA shares information with must comply with the Privacy
Act (PA) and can only share information pursuant to their appropriate routine use(s) in
accordance with the applicable SORN.

6.4

Describe how the project maintains a record of any disclosures
outside of the Department.

NFIP Direct maintains all emails and file transfer logs corresponding to disclosed
information to maintain the capability to reconstruct the record if necessary. The NFIP Direct
System documents policy and claim disclosure documentation, which the NFIP Direct System
stores as memos. These records include letters sent to interested parties. Disclosures of information
such as declaration of policy and claims information are maintained in system of under the
respective policy record. Additionally, the FEMA Disclosure Branch maintains an accounting of
all disclosure of PII pursuant to any Freedom of Information Act (FOIA)/PA request.

6.5

Privacy Impact Analysis: Related to Information Sharing

Privacy Risk: FEMA may inappropriately share flood insurance policyholder, adjuster, or
agent information outside of DHS.
Mitigation: FEMA mitigates this risk by only sharing information within the NFIP Direct
System with organizations and individuals pursuant to the routine uses within the SORNs
mentioned in Section 1.2 of this PIA. NFIP reviews information requests to ensure that the sharing
of information is related to the NFIP program and consistent with the purpose of the appropriate
SORNs mentioned in Section 1.2 of this PIA. For instance while FEMA NFIP may contain address
information of policyholders, FEMA will not release such information if the request is for another
43

DHS/ALL-007Accounts Payable System of Records, 80 FR 58286 (September 28, 2015).

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 24

purpose covered by another FEMA program such as for a state public assistance grant.
Additionally, FEMA provides written notice to recipients of NFIP Direct data that further sharing
of information is not permitted.

Section 7.0 Redress
7.1

What are the procedures that allow individuals to access their
information?

Individuals with user accounts can access their information via a secure web portal within
the NFIP Direct System. Access is role-based and granted on a need-to-know basis.
Individuals may also follow procedures outlined in the SORNs mentioned in Section 1.2.
Individuals requesting their personal information must make the request in writing, clearly marked
as a “Privacy Act Request” for U.S. Citizens and Lawful Permanent Residents (LPR), or as
“Freedom of Information Act Request” for all other members of the public. Requests must clearly
indicate the name of the requester, the nature of the record sought, and the verification of identity
elements required.44 Requests made on behalf of third parties with a demonstrable interest in the
information stored in the system must include documentation asserting the intent of the interested
party, and authenticating that party’s identity.
Interested parties should send requests to: Chief, Disclosure Branch, Information
Management Division, Office of the Chief Administrative Officer, Federal Emergency
Management Agency, Department of Homeland Security, 500 C Street SW, Washington, D.C.,
20472.

7.2

What procedures are in place to allow the subject individual to
correct inaccurate or erroneous information?

U.S. Citizens and LPRs may use the procedures outlined in the Agency’s SORNs
mentioned in Section 1.2 or those noted in Section 7.1 of this PIA to correct erroneous information
using the DHS/FEMA Privacy Act request process. Also, all policyholders regardless of
citizenship can contact their insurance agent to update their information or make updates in the
NFIP Direct System user profile for the individual. Additionally, individuals’ information
collected by Pay.gov is accessible in accordance with the Treasury-009 Financial Management
System SORN.

Pursuant to 6 CFR § 5.21(d), required elements are: full name, current address, and date and place of birth and
signature either notarized or submitted under penalty of perjury as a substitute for notarization.

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 25

7.3

How does the project notify individuals about the procedures for
correcting their information?

Determinations with a potential to negatively impact policyholders and other interested
parties prompt the system to send a notification letter to all affected parties. Instructions on how
to address problems with this information are included in the letters. Also, generally, insurance
agents and brokers provide their own notice to flood insurance applicants and policyholders on
how to correspond with them to correct information that they have received or that was provided
to NFIP Direct. Additionally, this PIA and the SORNs mentioned in Section 1.2 of this PIA provide
notification to individuals on accessing and correcting their information in the NFIP Direct
System.

7.4

Privacy Impact Analysis: Related to Redress

Privacy Risk: Individuals may not be able to access or correct erroneous information in
their records within the NFIP Direct System.
Mitigation: FEMA mitigates this risk by providing several ways for individuals to access
and correct their information, regardless of citizenship. These methods include a request to their
insurance agent or broker and directly to FEMA. The insurance agent or broker can access and
enter the information directly into the NFIP Direct System, or send the information to FEMA.
FEMA must rely on the relationship and interactions between the policyholder and the insurance
agent for accuracy of the policyholder’s information. The policyholder can contact FEMA any
time to ensure their information was updated and accurate.
Privacy Risk: There is also a risk that individuals are not aware of the procedures for
accessing and correcting their information within the NFIP Direct System.
Mitigation: FEMA and insurance agents mitigate this risk by providing instructions to
policyholders for correcting their information via letters directly to policyholders, publication of
this PIA, and the SORNs mentioned in Section 1.2 of this PIA.

Section 8.0 Auditing and Accountability
8.1

How does the project ensure that the information is used in
accordance with stated practices in this PIA?

FEMA conducts biennial audits of all program participants, selecting an appropriate
number of records to examine based on the number of records kept in the system at the time of
audit. Audits validate the accuracy of the information, conformity to program rules, validation of

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 26

notifications required by the program, and the accuracy of financial transactions associated with
the inspected records.
NFIP Direct reports all inappropriate access of PII to the FEMA Cyber Security, Office of
the Chief Security Officer (OCSO) or Privacy Office for investigation. FEMA provides mitigation
plans to include Privacy Act awareness and compliance training and other remedial actions in
accordance with federal regulations, statues, and policies. Inappropriate handling of PII by NFIP
Direct may result in disciplinary action, including access revocation and possible legal action.
Additionally, FEMA will consider any inappropriate sharing of information or the lack of timely
reporting of inadvertent disclosures of PII by FEMA contractors as a breach of contract with
FEMA and subject to remedial actions prescribed by the Federal Acquisition Regulations (FAR)
and the Homeland Security Acquisition Regulations (HSAR).

8.2

Describe what privacy training is provided to users either
generally or specifically relevant to the project.

All FEMA employees and contractors must participate in DHS/FEMA-approved privacy
awareness training prior to accessing DHS/FEMA information and complete annual privacy
awareness refresher training. Additional training includes protection of financial data, ethical
considerations, information disclosures, information classification, and cyber security training.
Each individual is required to take and pass a test on the material presented, the results of which
FEMA retains and audits.

8.3

What procedures are in place to determine which users may
access the information and how does the project determine who
has access?

NFIP Direct, through the direction of FEMA’s Contracting Officer Representative (COR),
grants systematic role-based access to users according to their responsibilities within the NFIP
Direct System and their need-to-know. Role-based user accounts allow for tailored access to the
information. The NFIP Direct System groups users according to job function. Personnel are
assigned access rights by way of a template containing the base level of access for the individual’s
job function, to which additional access can be added by a system administrator after the creation
of the profile. This can be further restricted through the use of read-only and read-write restrictions.
Likewise, FEMA grants external users (i.e., insurance agents, adjusters, and policyholders) access
to system resources on a need-to-know basis according to role. The COR approves all other access
to the NFIP Direct System, such as view-only information to an auditor.
In accordance to DHS and other federal regulations, all FEMA employees and contractors
(including sub-contractors) must successfully obtain a minimum background investigation (MBI)
and participate in DHS/FEMA-approved privacy awareness training before accessing DHS/FEMA

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 27

information. They must also complete IT Security and Privacy Awareness training and have a
Non-Disclosure Agreement (NDA) on file with FEMA before accessing the NFIP Direct System.

8.4

How does the project review and approve information sharing
agreements, MOUs, new uses of the information, new access to the
system by organizations within DHS and outside?

FEMA’s process for reviewing and approving Memorandum of Understanding (MOU) and
Information Sharing Access Agreements involve FEMA’s IT Security Branch, FEMA Privacy
Officer, and the Office of Chief Counsel, as well as the appropriate authorities from the other
agency or organization to the agreement. FEMA reviews these agreements on an annual basis and
reviews appropriate security documents for any newly identified risks. FEMA mitigates any newly
identified risks between the partnering agencies in accordance with applicable laws.

Responsible Officials
William H. Holzerland
Privacy Officer
Federal Emergency Management Agency
U.S. Department of Homeland Security

Approval Signature
Original, signed copy on file with the DHS Privacy Office
________________________________
Philip S. Kaplan
Chief Privacy Officer
Department of Homeland Security

Privacy Impact Assessment
DHS/FEMA-048
NFIP Direct Serving Agent (NFIP Direct) System
Page 28

Appendix A - OMB Collection & FEMA Forms Associations

OMB
Control
Number

Collection

Title

FEMA
Form
Number

1660-0004

Application for Participation in
the National Flood Insurance
Program (NFIP)

Application

FF 086-0-30

1660-0004

Application for Participation in
the National Flood Insurance
Program (NFIP)

Floodplain Development Documentation

1660-0005