Documenting NASA Forms in PCAT. 2 What is an IPTA?  An Initial Privacy Threshold Analysis records general information about a collection and determines.

Slides:

Advertisements

Similar presentations

June 27, 2005 Preparing your Implementation Plan.

Advertisements

MONITORING OF SUBGRANTEES

AmeriCorps is introducing a new online payment system for the processing of AmeriCorps forms

Privacy Reporting and Investment Certification TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Review Questions Business 205

Washington Headquarters Services Executive Services Directorate Information Management Division OMB Collection Number Paperwork Reduction Act – DoD Public.

Protecting Client Data HIPAA, HITECH and PIPA Part 1A

General Ledger and Journals. Financial Services - GL and Journals presentation What are journals? A journal [document] is used to record accounting.

HMIS Homeless Management Information System. MISSION To provide standardized and timely information to improve access to housing and services, and strengthen.

Essential Ingredients for Acquiring Resources Jennifer Downey The University of Southern Mississippi College of Health Dean’s Office.

Data Classification & Privacy Inventory Workshop

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Grants Management Overview 2013 Minority Fellowship Program Grantee Meeting April 23-24, 2013 Salvador Ortiz; Maria Martinez;

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Application Process USAJOBS – Application Manager USA STAFFING ® —OPM’S AUTOMATED HIRING TOOL FOR FEDERAL AGENCIES.

November 2009 Copyright © 2009 Mississippi Department of Education Quarterly Special Education Meeting American Recovery and Reinvestment Act November.

Sole Source Training.

Supporting Statement Outline. A.JUSTIFICATION 1.Need for the Information Collection: – Describe the information collection activity under review. – Explain.

DEFENSE PRIVACY & CIVIL LIBERTIES OFFICE Privacy Foundations Samuel P. Jenkins Director for Privacy Defense Privacy and Civil Liberties Office Identity.

CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.

PRIVACY SAFEGUARDS ANNUAL TRAINING FY 2011 previous next Office of Management Privacy, Information and Records Management Services Privacy Safeguards Division.

Office of Acquisition and Property Management Completing an Effective Project Data Sheet (PDS)

System for Administration, Training, and Educational Resources for NASA SATERN Overview for Learners May 2006.

Free Application for Federal Student Aid (FAFSA)

0 Electronic Subcontracting Reporting System (eSRS) Department of Defense Government Training.

December 2009 Copyright © 2009 Mississippi Department of Education American Recovery and Reinvestment Act December 2009.

E-P RAGUE AND THE P ROSPECTS OF E-G OVERNMENT : D ISCUSSION P ANELS James Melitski, PhD and Tony Carrizales, PhD E-governance Institute National Center.

1 Department of Veterans Affairs Debt Management Center (DMC) School Tuition Debt Payment Procedures Nicole Haselberger Julie Lawrence.

Family Educational Rights and Privacy Act. From the moment a child enters the school system, sensitive information is collected about the child (and even.

2006 SISO Executive Conference Legal Issues in Using Mailing Lists: The CAN-SPAM ACT The Junk Fax Prevention Act The National Do Not Call Registry.

Privacy in computing Material/text on the slides from Chapter 10 Textbook: Pfleeger.

SUNY Oswego Human Subjects Committee Last Revised 10/28/2011.

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

How to Submit An Amendment Tips from the 21 st CCLC Unit Updated September 17, 2009.

Understanding the Privacy Impact Assessment (PIA) Introduction The PIA is a checklist or tool to ensure that new or modified electronic collections of.

NYS Division of Homeland Security And Emergency Services (DHSES) E-Grants Tutorial Creating an Application for the EOC RFP To access DHSES E-Grants you.

Setting up a Public Information Coordinator (PIC) System Lauren Downey, Office of the Attorney General Cary Grace, City of Austin Bob Davis, Texas Department.

Research & Economic Development Office of Grants and Contracts Administration Data Security Presented by Debbie Bolick September 24, 2015.

Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process A course for the Department of Commerce contracting and contracting.

0 Electronic Subcontracting Reporting System (eSRS) Department of Defense Government Training Submitting a SSR – Commercial Plan.

Presented by Eliot Christian, USGS Accessibility, usability, and preservation of government information (Section 207 of the E-Government Act) April 28,

FOIA Processing and Privacy Awareness at NOAA Prepared by Mark H. Graff NOAA FOIA Officer OCIO/GPD (301)

Indiana’s Public Access Laws Heather Willis Neal Indiana Public Access Counselor Indiana Association of Cities and Towns Red Flag and Sunshine Workshop.

1 BSO Welcome. 2 General Login Attestation 3 BSO Login.

Proper Internet and Social Media Usage Internet Usage While on Premise Board Policy GBEAA (The Internet Acceptable Use Policy): “Employees will.

Component D: Activity D.3: Surveys Department EU Twinning Project.

1 Department of Veterans Affairs Debt Management Center (DMC) School Certifying Officials Workshop Presentation Julie Lawrence.

ADRC of Oregon Call Module Introduction. Today’s Agenda: Welcome and Introductions Slide Presentation Demo Videos Information Only Call Referral With.

Welcome to Workforce 3 One U.S. Department of Labor Employment and Training Administration Webinar Date: Thursday, October 23, 2014 Presented by: Division.

Denise Chrysler, JD Director, Mid-States Region

How Can NRCS Clients Use the Conservation Client Gateway

Supervisor Training.

Post Award Peer Review Briefing Slides

Responding to a Data Breach 360° of IT Compliance

Creating and Using Your FSA ID: An Overview

USAJOBS – Application Manager

How to be Sure Your State-Based Financial Aid Review is Complete*

Orders & Shipment Tracking

Red Flags Rule An Introduction County College of Morris

NOTE TO PRESENTER This presentation provides information on the FSA ID that can be used in outreach to students and parents. The presentation was created.

Mandatory Coordination

Mathew Norman, Policy & Public Affairs Officer, RLA Wales

Preparing for a Kick-Off Meeting

Evergreen Valley College NCLEX Application Review

The FAFSA is a Free Federal Application for Student Aid

Privacy Requirements and HSPD-12

What does that have to do with me?

Post Award Peer Review Briefing Slides

Presentation transcript:

Documenting NASA Forms in PCAT

2 What is an IPTA?  An Initial Privacy Threshold Analysis records general information about a collection and determines if the collection requires a PIA or is subject to any other collection laws.  ITS-HBK : “An IPTA is required for all new collections, applications, websites, and/or systems as well as all pre-existing collections, applications, websites, and/or systems that have not been previously assessed.”

3 IPTA – Initial Registration General identification information

4 IPTA – Initial Registration Be very clear and specific when providing an overview for question It should be extremely clear to someone outside of your organization, or outside of NASA, to understand exactly what the form does for your office, mission, or center. Do not use uncommon acronyms or jargon. Examples: Not good: Contractor reporting of estimated and incurred costs Good: The NASA Contractor Financial Management Report is the basic financial medium for contractor reporting of estimated and incurred costs, providing essential data for projecting costs and hours to ensure that contractor performance is realistically planned and supported by dollar and labor resources. The data provided by these reports is an integral part of the Agency accrual accounting and cost-based budgeting systems required under 31 U.S.C

5 IPTA – Initial Registration See NIST Special Publication Volume II for the entire list and description of types of federal information. *Recommend opening the Publication and doing “ctrl+f” to search for a specific information types. Contact Marion Meissner or Angela Vazzana if you have any questions.

6 IPTA – Initial Analysis Provide citation for why the information must be protected. If you are unsure, enter “e-Government Act, Federal Information Security Management Act (FISMA),” as that applies to all federal information. *Note that the Privacy Act is not necessarily the answer simply because your collection contains privacy data! See Privacy Act slide for more details.

7 IPTA – Initial Analysis These questions determine what other privacy or collection laws apply and which PCAT modules are triggered. See next slides…

8 Privacy Act  2.3 Records on individuals are or will be routinely retrieved from the system by using individual's name or other unique identifier (e.g., personal account number, UUPIC, SSN, etc. is used to locate information about an individual in the application/website/information system/paper record). In other words, if you routinely (as part of normal business processes) enter a unique identifier (name, UUPIC, address, etc.) to pull up more records about an individual, then the answer should be yes. If you have the capability of using a unique identifier (name, UUPIC, address, etc.) to pull up more records about an individual, but you do not do it routinely (as part of normal business processes), the answer should be no. If yes, the collection is considered a System of Records and is subject to the Privacy Act of The collection requires a System of Records Notice. NASA Privacy Act Officer: Patti Stockman

9 Paperwork Reduction Act  2.5 The record/application/website/information system collects information (PII, IIF or any other information), in a standard way (via forms, surveys, questionnaires, etc.), from 10 or more persons (e.g., members of the public, NASA contractors, grantees or other). If yes, the collection may be subject to the Paperwork Reduction Act (PRA). Continue to the PRA module in PCAT to determine what actions should be taken. NASA PRA Officer: Fran Teel

10 Federal Records  2.6 The system contains Federal Records. This will almost always be Yes. If yes, continue to the Records Management module in PCAT to list the Records Retention Schedule. NASA HQ Records Manager: Pat Southerland

11 Privacy Impact Assessment (PIA)  Three reasons why a collection may require a PIA: 1.The collection contains information in identifiable form (IIF)* from members of the public – this may apply to NASA forms. 2.The collection is subject to the Paperwork Reduction Act – this may apply to NASA forms. 3.The collection is conducted using a third party application/website – this will not apply to NASA forms. *Information in Identifiable Form (IIF) is “is information in an IT system or online collection: (i) that directly identifies an individual (e.g. name, address, social security number or other identifying number or code, telephone number, e ‐ mail address, etc.) or (ii) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification. (These data elements may include a combination of gender, race, birth date, geographic indicator, and other descriptors).” (OMB Memorandum 03-22). In other words, it is electronic PII that can be narrowed down to one individual.

12 Tips for Submitting Your IPTA  Answer all questions in complete sentences, free of jargon or uncommon acronyms (e.g., “NASA” is acceptable; “ARMD” is not).  Answer questions in a manner that would be clear to a person who has never heard of your form (i.e., a non-NASA employee).  Where possible, use the comment box to explain your response using clear language.  Click on the orange “?” icon located next to each question number for additional information about the question. Using these tips will reduce the amount of effort and follow-up actions needed after your IPTA is initially submitted!