Privacy Threshold Assessment

Download: docx | pdf

­­

Privacy Threshold Assessment (PTA)

The Privacy Threshold Assessment (PTA) is an analytical tool used to determine the scope of privacy risk management activities that must be executed to ensure that the Department’s initiatives do not create undue privacy risks for individuals.

The Privacy Threshold Assessment (PTA) is a privacy risk management tool used by the Department of Transportation (DOT) Chief Privacy Officer (CPO). The PTA determines whether a Department system¹ creates privacy risk for individuals that must be further analyzed, documented, or mitigated, and determines the need for additional privacy compliance documentation. Additional documentation can include Privacy Impact Assessments (PIAs), System of Records notices (SORNs), and Privacy Act Exemption Rules (Exemption Rules).

The majority of the Department’s privacy risk emanates from its direct collection, use, storage, and sharing of Personally Identifiable Information (PII),² and the IT systems used to support those processes. However, privacy risk can also be created in the Department’s use of paper records or other technologies. The Department may also create privacy risk for individuals through its rulemakings and information collection requirements that require other entities to collect, use, store or share PII, or deploy technologies that create privacy risk for members of the public.

To ensure that the Department appropriately identifies those activities that may create privacy risk, a PTA is required for all IT systems, technologies, proposed rulemakings, and information collections at the Department. Additionally, the PTA is used to alert other information management stakeholders of potential risks, including information security, records management and information collection management programs. It is also used by the Department’s Chief Information Officer (CIO) and Associate CIO for IT Policy and Governance (Associate CIO) to support efforts to ensure compliance with other information asset requirements including, but not limited to, the Federal Records Act (FRA), the Paperwork Reduction Act (PRA), the Federal Information Security Management Act (FISMA), the Federal Information Technology Acquisition Reform Act (FITARA) and applicable Office of Management and Budget (OMB) guidance.

Each Component establishes and follows its own processes for developing, reviewing, and verifying the PTA prior to its submission to the DOT CPO. At a minimum the PTA must be reviewed by the Component business owner, information system security manager, general counsel, records officers, and privacy officer. After the Component review is completed, the Component Privacy Office will forward the PTA to the DOT Privacy Office for final adjudication. Only PTAs watermarked “adjudicated” and electronically signed by the DOT CPO are considered final. Do NOT send the PTA directly to the DOT PO; PTAs received by the DOT CPO directly from program/business owners will not be reviewed.

If you have questions or require assistance to complete the PTA please contact your Component Privacy Officer or the DOT Privacy Office at [email protected]. Explanatory guidance for completing the PTA can be found in the PTA Development Guide found on the DOT Privacy Program website, www.dot.gov/privacy.

PROGRAM MANAGEMENT

SYSTEM name: Fueling Aviation’s Sustainable Transition (FAST) Grant Program

Cyber Security Assessment and Management (CSAM) ID: This is a new information collection, not an Information Technology (IT) system.

SYSTEM MANAGER CONTACT Information:

Name: Christopher Dorbian

Email: [email protected]

Phone Number: 202-267-8156

Is this a NEW system?

☒ Yes (Proceed to Section 1)

☐ No

☐ Renewal

☐ Modification

Is there a PREVIOUSLY ADJUDICATED PTA for this system?

☐ Yes:

Date:

☐ No

1. SUMMARY INFORMATION

1. System TYPE

☐ Information Technology and/or Information System

Unique Investment Identifier (UII):

Cyber Security Assessment and Management (CSAM) ID:

☐ Paper Based:

☐ Rulemaking

Rulemaking Identification Number (RIN):

Rulemaking Stage:

☐ Notice of Proposed Rulemaking (NPRM)

☐ Supplemental NPRM (SNPRM):

☐ Final Rule:

Federal Register (FR) Notice: Click here to enter text.

☒ Information Collection Request (ICR)³

☒ New Collection Currently going through the PRA process since this is a new collection. The 60-day comment period closes on July 24. OMB control number will be available once the ICR is approved by OMB.

☐ Approved Collection or Collection Renewal

☐ OMB Control Number:

☐ Control Number Expiration Date:

☐ Other:

1.2 System OVERVIEW:

This is an initial Privacy Threshold Assessment for the Federal Aviation Administration (FAA) Office of Environment and Energy (AEE) Fueling Aviation’s Sustainable Transition (FAST) Grant Program, as required by the Inflation Reduction Act (P.L. 117-169, Section 40007). The purpose of the information collection is to collect project proposals from applicants for the Fueling Aviation’s Sustainable Transition Grant Program. FAST Grant Program project proposals are accessed and maintained on the Knowledge Services Network (KSN)/ Government-Furnished Equipment (GFE). Eligible applicants include state and local governments, airports, air carriers, academic and research institutions, other aviation industry entities, and nonprofits. This information collection is planning to go live on September 15, 2023.

Users and Access:

Federal employee and contractor access:

• FAA Employees/contractors/FAST Evaluation Team members access the KSN via a user name and password provided by the FAA FAST Program Team.

• The FAA FAST Program Team will provide access credentials to the FAST KSN site to members of the FAST Evaluation Team via email.

• Applications will be stored on the FAA KSN site.

Members of the public (define) :

• No members of the public will have access. However there is members of the public PII contained in the system when they apply through Grants.gov, however, that process is out of the scope of this PTA.

System Functionality: FAST is a competitive grant program for eligible entities to carry out projects located in the United States that produce, transport, blend, or store sustainable aviation fuel, or develop, demonstrate, or apply low-emission aviation technologies. The FAA is seeking to establish this new grant program and collect project proposals via a Notice of Funding Opportunity (NOFO).

The NOFO will be posted on Grants.gov.⁴ This is also where applicants will submit their application packages. Grants.gov is a Federal system under the governance of the Office of Management and Budget that provides a centralized location for grant seekers to find and apply for federal funding opportunities. The only Personally Identifiable Information (PII) that is collected via the NOFO is business contact information of applicants. Eligible applicants include state and local governments, airports, air carriers, academic and research institutions, other aviation industry entities, and nonprofits. The bulk of the application consists of non-PII project-related information. Applying for FAST grants is voluntary. The PII collected in FAST includes the following:

• Applicant Points of Contact (POC) name

• POC business address

• POC business phone number

• POC business email address

Note: Applicants submit their application packages to Grants.Gov, and the FAST Grants Officer will manually move the application packages from Grants.Gov to the KSN.

Once the application period closes, the FAA FAST Team reviews the application packages on the KSN. The FAST Grants Officer will retrieve applications from Grants.gov and upload them to the KSN site. Members of the FAST Evaluation Team will access the KSN site, enter their credentials, and download application packages to their personal GFE for review. Once the FAST Evaluation Team completes its review, evaluators will be asked to delete the applications from their GFE. The application packages will be retained on the KSN site until TBD.

Reports: N/A

Audit logs: N/A

2. INFORMATION MANAGEMENT

2.1 SUBJECTS of Collection

Identify the subject population(s) for whom the system collects, maintains, or disseminates PII. (Check all that apply)

☒ Members of the public:

☒ Citizens or Legal Permanent Residents (LPR)

☐ Visitors

☒ Members of the DOT Federal workforce

☒ Members of the DOT Contract workforce

☐ System Does Not Collect PII. If the system does not collect PII, proceed directly to question 2.3.

2. What INFORMATION ABOUT INDIVIDUALS will be collected, used, retained, or generated?

Members of the Public (collected from eligible entities who apply for program grants; eligible entities include state and local governments, airports, air carriers, academic and research institutions, other aviation industry entities, and nonprofits):

• Applicant Points of Contact (POC) name

• POC business address

• POC business phone number

• POC business email address

2. Does the system RELATE to or provide information about individuals?

☒ Yes: The system relates to employees/POCs of elgibile entities who apply for grants from the FAST Grant Program; eligible entities include state and local governments, airports, air carriers, academic and research institutions, other aviation industry entities, and nonprofits.

☐ No

2. Does the system use or collect SOCIAL SECURITY NUMBERS (SSNs)? (This includes truncated SSNs)

☐ Yes:

Authority:

Purpose:

☒ No: The system does not use or collect SSNs, including truncated SSNs. Proceed to 2.6.

2. Has an SSN REDUCTION plan been established for the system?

☐ Yes:

☐ No:

2. Does the system collect PSEUDO-SSNs?

☐ Yes:

☒ No: The system does not collect pseudo-SSNs, including truncated SSNs.

2. Will information about individuals be retrieved or accessed by a UNIQUE IDENTIFIER associated with or assigned to an individual?

☐ Yes

Is there an existing Privacy Act System of Records notice (SORN) for the records retrieved or accessed by a unique identifier?

☐ Yes:

SORN:

DOT/ALL 13, Internet/Intranet Activity and Access Records, 67 FR 30757 (May 7, 2002). Covers access and authentication records.

☒ No:

Explanation: Records are not retrieved by PII. They are retrieved by entity name, thus, no SORN is required (e.g., business or university name).

Expected Publication:

☐ Not Applicable: Proceed to question 2.9

2. Has a Privacy Act EXEMPTION RULE been published in support of any Exemptions claimed in the SORN?

☐ Yes

Exemption Rule:

☐ No

Explanation:

Expected Publication:

☒ Not Applicable: SORN does not claim Privacy Act exemptions.

2. Has a PRIVACY IMPACT ASSESSMENT (PIA) been published for this system?

☐ Yes:

☒ No: New information collection

☐ Not Applicable: The most recently adjudicated PTA indicated no PIA was required for this system.

2. Does the system EXCHANGE (receive and/or send) DATA from another INTERNAL (DOT) or EXTERNAL (non-DOT) system or business activity?

☒ Yes:

There are no internal or external system to system data exchanges.

Manual data exchange:

Grants.gov: Once the application period closes, the FAA FAST Grants Officer (GO) will collect application packages from Grants.gov and place them on the FAA Knowledge Services Network (KSN) site for ease of access by the FAST Evalution Team. The GO will download the application packages—consisting of Microsoft Word and Adobe PDF files—onto their Government Furnished Equipment (GFE) computer, then will upload the files to the KSN. The FAST Evaluation Team will then download the files from the KSN to their GFE computers for review. The program has been advised that a PII Sharing Agreement is required for this manual data exchange.

☐ No

2. Does the system have a National Archives and Records Administration (NARA)-approved RECORDS DISPOSITION schedule for system records?

☒ Yes:

Schedule Identifier: National Archives and Records Administration (NARA)

General Record Schedule (GRS) 1.2 Grant and Cooperative Agreement Records, approved September 2016.  

Schedule Summary: Item 020, Grant and Cooperative Agreement Program Management Records. Successful Applications. Temporary. Destroy 10 years after final action is taken on file, but longer retention is authorized if required for business use. DAA-GRS-2013-0008-0001. Note: If an agency believes certain case files warrant permanent retention, it must submit a records schedule to NARA to cover these records. Exclusion: Records related to financial transactions stemming from activities of agency grant and cooperative agreement programs. Such financial transaction records are covered by NARA GRS 1.1.

☐ In Progress:

☐ No:

2. SYSTEM LIFECYCLE

The systems development life cycle (SDLC) is a process for planning, creating, testing, and deploying an information system. Privacy risk can change depending on where a system is in its lifecycle.

1. Was this system IN PLACE in an ELECTRONIC FORMAT prior to 2002?

The E-Government Act of 2002 (EGov) establishes criteria for the types of systems that require additional privacy considerations. It applies to systems established in 2002 or later, or existing systems that were modified after 2002.

☐ Yes:

☐No

☒Not Applicable: System is not currently an electronic system. Proceed to Section 4. This is an information collection, not an actual system. The program will begin to collect this information on approximately September 15, 2023.

2. Has the system been MODIFIED in any way since 2002?

☐ Yes: The system has been modified since 2002.

☐ Maintenance.

☐ Security.

☐ Changes Creating Privacy Risk:

☐ Other:

☐ No: The system has not been modified in any way since 2002.

3. Is the system a CONTRACTOR-owned or -managed system?

☐ Yes: The system is owned or managed under contract.

Contract Number:

Contractor:

☐ No: The system is owned and managed by Federal employees.

4. Has a system Security Risk CATEGORIZATION been completed?

The DOT Privacy Risk Management policy requires that all PII be protected using controls consistent with Federal Information Processing Standard Publication 199 (FIPS 199) moderate confidentiality standards. The OA Privacy Officer should be engaged in the risk determination process and take data types into account.

☐ Yes: A risk categorization has been completed.

Based on the risk level definitions and classifications provided above, indicate the information categorization determinations for each of the following:

Confidentiality: ☐ Low ☐ Moderate ☐ High ☐ Undefined

Integrity: ☐ Low ☐ Moderate ☐ High ☐ Undefined

Availability: ☐ Low ☐ Moderate ☐ High ☐ Undefined

Based on the risk level definitions and classifications provided above, indicate the information system categorization determinations for each of the following:

Confidentiality: ☐ Low ☐ Moderate ☐ High ☐ Undefined

Integrity: ☐ Low ☐ Moderate ☐ High ☐ Undefined

Availability: ☐ Low ☐ Moderate ☐ High ☐ Undefined

☐ No: A risk categorization has not been completed. Provide date of anticipated completion. Click here to enter text.

5. Has the system been issued an AUTHORITY TO OPERATE?

☐ Yes:

Date of Initial Authority to Operate (ATO):

Anticipated Date of Updated ATO:

☐ No: <<Provide the anticipated ATO date.>>

☐ Not Applicable: System is not covered by the Federal Information Security Act (FISMA).

3. COMPONENT PRIVACY OFFICER ANALYSIS

The Component Privacy Officer (PO) is responsible for ensuring that the PTA is as complete and accurate as possible before submitting to the DOT Privacy Office for review and adjudication.

COMPONENT PRIVACY OFFICER CONTACT Information

Name: Click here to enter text.

Email: Click here to enter text.

Phone Number: Click here to enter text.

COMPONENT PRIVACY OFFICER Analysis

See privacy analysis below:

3. COMPONENT REVIEW

Prior to submitting the PTA for adjudication, it is critical that the oversight offices within the Component have reviewed the PTA for completeness, comprehension and accuracy.

Component Reviewer	Name	Review Date
Business Owner	Chris Dorbian	 
General Counsel	Click here to enter text.	 
Information System Security Manager (ISSM)	None	None
Privacy Officer	Dwoyne Lewis	 
Records Officer	Amy Poore	7/12/2019

Table 1 - Individuals who have reviewed the PTA and attest to its completeness, comprehension and accuracy.

Control #	Control Name	Primary PTA Question	Satisfied	Other than Satisfied	N/A	Component PO Assessment	DOT CPO Assessment
AP-1	Authority to Collect	1.2 - Overview			X	P.L. 117-169, Section 40007 Control is N/A. Substantive records are not retrieved by an identifier linked to an individual and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
AP-2	Purpose Specification	1.2 - Overview	X			Purpose defined. The purpose of the information collection is to collect project proposals from applicants for the Fueling Aviation’s Sustainable Transition Grant Progrm. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
AR-1	Governance and Privacy Program	Common Control	X			Addressed by DOT CPO.
AR-2	Privacy Impact and Risk Assessment	Program Management	X			The PII maintained in the system relates to POCs from business entities applying for grant and relates solely to internal government operations, thus a Privacy Impact Assessment (PIA) is not required.
AR-3	Privacy Requirements for Contractors and Service Providers	3.3 - Contractor System			X	The system is owned and managed by Federal employees.
AR-4	Privacy Monitoring and Auditing	Common Control	X			Addressed by DOT CPO.
AR-5	Privacy Awareness and Training	Common Control	X			Addressed by DOT CPO.
AR-6	Privacy Reporting	Common Control	X			Addressed by DOT CPO.
AR-7	Privacy-Enhanced System Design and Development	2.5 - SSN Reduction			X	SSNs are not collected or maintained in the system.
AR-8	Accounting of Disclosures	2.7 - SORN			X	Control is N/A. Substantive records are not retrieved by an identifier linked to an individual and the records are not about individuals and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
DI-1	Data Quality	1.2 - System Overview	X			Data quality is determined by OA information system owners.
DI-2	Data Integrity and Data Integrity Board	3.4 - Security Risk Categorization			X	Activity does not constitute sharing covered by the CMA.
DM-1	Minimization of PII	2.2 – Information About Individuals	X			Collection of PII commensurate with purpose of the system. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13..
DM-2	Data Retention and Disposal	2.11 - Records Disposition Schedule	X			Records Schedule established.
DM-3	Minimization of PII Used in Testing, Training, and Research	2.2 – Information About Individuals			X	System not used for testing, training, research.
IP-1	Consent	2.7 - SORN			X	Substantive records are not retrieved by an identifier linked to an individual and the records are not about individuals and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
IP-2	Individual Access	2.8 – Exemption Rule			X	Control is N/A. Substantive records are not retrieved by an identifier linked to an individual and the records are not about individuals and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
IP-3	Redress	2.7 - SORN			X	Control is N/A. Substantive records are not retrieved by an identifier linked to an individual and the records are not about individuals and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
IP-4	Complaint Management	Common Control	X			Addressed by DOT CPO.
SE-1	Inventory of PII	Common Control	X			This is an information collection that will not be assessed. The Adjudicated PTA or copy of controls/POA&Ms should be included in the risk acceptance package for the system. The Adjudicated PTA should be uploaded into CSAM as evidence that the required privacy analysis for this system has been completed. Any POA&Ms resulting from assessment must be entered in CSAM. The PTA should be updated not later than the next security assessment cycle and must be approved by the DOT CPO prior to the authorization decision. Component policy or substantive changes to the system may require that the PTA be updated prior to the next security assessment cycle.
SE-2	Privacy Incident Response	Common Control	X			Addressed by DOT CPO.
TR-1	Privacy Notice	2.7 - SORN			X	Control is N/A. Substantive records are not retrieved by an identifier linked to an individual and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
TR-2	System of Records Notices and Privacy Act Statements	2.7 - SORN			X	Control is N/A. Substantive records are not retrieved by an identifier linked to an individual and are therefore not protected by the Privacy Act. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
TR-3	Dissemination of Privacy Program Information	Common Control	X			Addressed by DOT CPO.
UL-1	Internal Use	2.10 - Internal and External Use		X		POA&M Issue: Program has a manual data exchange with Grants.Gov, but does not have a PII Sharing Agreement Requirement: Develop sharing agreement. Timeline: 365 days or prior to next assessment cycle. Records created for the purposes of account creation, logging, auditing, etc. are covered by DOT/ALL-13.
UL-2	Information Sharing with Third Parties	2.10 - Internal and External Use			X	There is no external sharing and no external sharing is authorized.

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
File Title	PTA Template November 2019
Author	Shams-Ramsey, Maria CTR (OST)
File Modified	0000-00-00
File Created	2023-08-18