Privacy Impact Assessment for the Emergency Management Portal
On this page:
- I. Data in the System
- II. Access to the Data
- III. Attributes of the Data
- IV. Maintenance of Administrative Controls
I. Data in the System
Generally describe what data/information will be collected in the system.
This system collects data that support Emergency Management (prevention, preparedness, and response). This includes removal and ER cleanup site data, equipment warehouse management data, personnel readiness data (training and experience) and technical information in support of field personnel.
What are the sources and types of the information in the system?
Data is entered by On Scene Coordinators, National Decontamination Team experts, equipment warehouse managers and Response Support Corp volunteers. The types of data include site identification and location, results from sampling and monitoring, results from hazardous debris and facilities recon, decision support documents, images, equipment identification and tracking, technical support information including health and safety, risk and toxicology, decontamination and containment methods, documents and links to other information sources for field personnel, names and phone numbers of responders, emergency contact information for responders, training and experience records of responders.
How will the data be used by the Agency?
Data will be used to manage removal and remedial sites, track readiness, measure progress toward meeting Agency goals.
Why is the information being collected? (Purpose)
Manage removal and remedial sites, track readiness, improve the effectiveness of OSCs, measure progress toward meeting Agency goals.
II. Access to the Data
Who will have access to the data/information in the system (internal and external parties)? If contractors, are the Federal Acquisition Regulations (FAR) clauses included in the contract (24.104 Contract clauses; 52.224-1 Privacy Act Notification; and 52.224-2 Privacy Act)?
All of the data accept individual readiness records and site records restricted by the OSC are available to all EPA employees. The readiness records can be viewed by the employee (his/her own record), the Health and Safety Officer/Response Support Corp Coordinator in each Region (for that region only) and the program manager at HQ (all records).
Trusted partners (regional START contractors, state government employees, other Federal Agency employees) are permitted read access to technical information, equipment information and any sites the the OSC releases for viewing. They are not permitted to see readiness records (training and contact information). Systems development contractors may have these data briefly while migrating it from legacy systems to the new system. The FAR for privacy are included in these contracts.
How have you educated those having authorized access about the misuse of PII data?
Employees have taken the PII training offered by the Agency. PII will be discussed during the training being developed for the Field Readiness module. PII handling is discussed with systems development contractors as part the development of security for EMP.
Do other systems share data or have access to data/information in this system? If yes, explain who will be responsible for protecting the privacy rights of the individuals affected by the interface? (i.e., System Administrators, System Developers, System Managers)
Will other agencies, state or local governments share or have access to data/information in this system (includes any entity external to EPA.)? If so, what type of agreement was issued? (i.e., ISA, MOU, etc.)
Trusted partners (regional START contractors, state government employees, other Federal Agency employees) are permitted read access to technical information, equipment information and any sites the the OSC releases for viewing. They are not permitted to see readiness records (training and contact information). Systems development contractors may have these data briefly while migrating it from legacy systems to the new system. The FAR for privacy are included in these contracts. All external users must register with Web Access Management and have a user ID and password
5. Is the data and /or processes being consolidated? If so, are the proper controls in place to protect the data from unauthorized access or use?
EMP does not consolidate or change the relationships between data or processes currently used.
III. Attributes of the Data
Explain how the use of the data is both relevant and necessary to the purpose for which the system is being designed.
EMP is being designed to support EPA employees and their partners in the performance of Emergency Management activities. The data concerning sites, responder readiness, equipment and technical support information is data used every day by those engaged in this work.
How is the system designed to retrieve information by the user? Will it be retrieved by personal identifier more than 50% of the time? If yes, explain. (A personal identifier is a name, Social Security Number, or other identifying symbol assigned to an individual, i.e. any identifier unique to an individual.)
EMP readiness data is retrieved by name. EMP does not contain Social Security Numbers. EMP contains the unique employee ID assigned by the agency to allow EMP to retrieve data from the master person database managed by the EPA Portal. EMP data cannot be retrieved by that number, nor is it displayed on the screen
Do individuals have the opportunity to decline to provide information or to consent to particular uses of the requested information? If yes, how is notice given to the individual? (Privacy policies must clearly explain where the collection or sharing of certain information may be optional and provide users a mechanism to assert any preference to withhold information or prohibit secondary use.)
A privacy notice is displayed on the screen when users are given the opportunity to enter emergency contact information. This information is not required.
On the screen where data entry would occur
IV. Maintenance of Administrative Controls
Has a record control schedule been issued for the records in the system? If so, provide the schedule number. (You may check with the record liaison officer (RLO) for your AA-ship or Tammy Boulware (Headquarters Records Officer) to determine if there is a retention schedule for the subject records.)
Records Schedule: 006a Program Management
Readiness Records are kept as long as the record subject is affiliated with EPA and has emergency responsibilities.
While the data are retained in the system, what are the requirements for determining if the data are still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?
Personnel have access to their own records to ensure that they are accurate. Readiness reports are produced regularly, which cause regular checking and update of data to ensure the accuracy of the reports.
Will this system provide the capability to identify, locate, or monitor individuals? If yes, explain.
On Scene Coordinators and Response Support Corps volunteers will have records in this system. They or the Health and Safety Officer in each Region/AAship will enter data concerning emergency contacts, training, certifications, skill, and experience. Their training/experience is tracked in this database. OSCs are required to maintain a certain level of training. In addition the Agency needs to show its overall readiness, so reports the number (not the individuals) of people trained in certain leadship positions.
Does the system use any persistent tracking technologies?
Under which System of Records (SOR) notice does the system operate? Provide the name of the system and its SOR number if applicable. For reference, please view this list of Agency SORs. (A SOR is any collection of records under the control of the Agency in which the data is retrieved by a personal identifier.)