Privacy Impact Assessment for the Enforcement Action Response System
On this page:
- I. Data in the System
- II. Access to the Data
- III. Attributes of the Data
- IV. Maintenance of Administrative Controls
I. Data in the System
Describe what data/information will be collected/contained in the system.
The Enforcement Action Response System (EARS) maintains data relating to Potentially Responsible Parties (PRP) for hazardous waste sites, including:
- Contact information (general information about the party, any contacts for that party and any additional businesses associated with the party),
- Waste transaction information (party’s waste transaction information. All waste transaction information using enforcement evidence, or references (manifests, drivers logs, invoices, etc. that are gathered by the Superfund case team)), and
- Liability determination information (information describing the level of liability that is or should be assigned to the party, according to EPA, the party and other interviewees. It specifically displays the Owner/Transporter/Generator party status, the party’s defense to liability, the operational history (from cradle to grave) of any facility or corporation associated with the party, any citations to EPA policy, any leads and any interviews with the party or persons having knowledge of the party).
Personal Identifiable Information (PII) contained in the system includes PRP contact information (last and first name, surname, title, mailing address, phone and fax numbers, and business affiliation).
What are the sources and types of the data/information in the system?
The primary source of the information EARS maintains is from Section 104 (e) letters of the Comprehensive Environmental Response, Compensation, and Liability Act of 1980. In addition to the Section 104 (e) letters, general notice letters and special notice letters generate information related to:
- PRP contact Information and updates to existing information that the agency may already have on file.
- Waste transaction information.
- Liability determination information.
How will the data be used by the Agency?
EARS facilitates the production of a volumetric ranking report by tracking the waste transaction information for parties associated with a Superfund site. Additionally, EARS facilitates the legal action against Potentially Responsible Parties (PRP) by generating and tracking various correspondence, including 104(e) letters, general notice letters, and special notice letters.
Why is the information being collected? (Purpose)
The information in EARS is needed to assist EPA Region 1 Superfund Enforcement Team in the execution of the numerous steps of the Superfund enforcement process. EARS information assists the regional enforcement team in tracking various types of information relating to Potentially Responsible Party (PRP) investigations from the PRP Search phase through the Post General Notice Letter (GNL) phase.
II. Access controls for the Data
Who will have access to the data/information in the system (internal and external parties)? If contractors, are the Federal Acquisition Regulations (FAR) clauses included in the contract (24.104 Contract clauses; 52.224-1 Privacy Act Notification; and 52.224-2 Privacy Act)?
The EARS is a client/server application and resides on the region’s application and database servers. Access to the system is restricted to EPA Region 1 users only. Access levels are controlled by user roles through the application. The role determines the level of data access available. In addition, due to the sensitivity of the data that may be tracked by the system, access to EARS is limited to Region 1 Enforcement Specialists and attorneys, their supervisors, and their support personnel including on-site support contractors. The standard privacy FAR clauses are in the contract.
User logins are schema specific and EARS has the ability to make logins site-specific to allow multiple sites to be kept in the same schema without the potential of unauthorized access across sites. Users can have logins for any/all sites on a database, but also, it is possible to restrict access to only one site. Users may be granted or denied access to the following actions.
- Log-in to the system
- Add new PRPs to the system
- Modify existing PRP data
- Delete existing PRPs from the system
- View PRPs that were not created by the user
- Add or remove PRPs from a group
- Create or delete a group
- Add, delete or modify items in the Reference Maintenance Tables
- Generate mailing labels
- Generate letters to WordPerfect files
- Run reports
- Print reports
How have you educated those having authorized access about the misuse of PII data?
Annual security awareness training with a section on data privacy is mandatory for all EPA Region 1 employees and contractors. In addition, the Regional EARS Security Officer ensures that the application users are provided training to address their security roles and responsibilities prior to accessing the application.
Do other systems share or have access to data/information in this system? If yes, explain who will be responsible for protecting the privacy rights of the individuals affected by the interface? (i.e., System Administrators, System Developers, System Managers)
Will other agencies, state or local governments share or have access to data/information in this system (includes any entity external to EPA.)? If so, what type of agreement was issued? (i.e., ISA, MOU, etc.)
Is the data and /or processes being consolidated? If so, are the proper controls in place to protect the data from unauthorized access or use?
III. Attributes of the Data
Explain how the use of the data is both relevant and necessary to the purpose for which the system is being designed.
The data is integral to EPA’s Superfund enforcement efforts to establish liability among potentially responsible parties (PRPs), to encourage PRP participation in the settlement process, to verify existing information that the agency may already have on file, and to prepare a waste list to assist in the allocation of liability and costs among PRPs.
How is the system designed to retrieve information by the user? Will it be retrieved by personal identifier more than 50% of the time? If yes, explain. (A personal identifier is a name, Social Security Number, or other identifying symbol assigned to an individual, i.e. any identifier unique to an individual.)
The data in the system is retrieved by logging into the system with a valid user ID and password. Each PRP is assigned a system generated Party ID. Data can be retrieved by a combination of Site and Party ID. Records are not retrieved by any PRP contact information.
Do individuals have the opportunity to decline to provide information or to consent to particular uses of the requested information? If yes, how is notice given to the individual? (Privacy policies must clearly explain where the collection or sharing of certain information may be optional and provide users a mechanism to assert any preference to withhold information or prohibit secondary use.)
N/A. This system is not accessible via Web, it is only available as a client/server application.
IV. Maintenance of Administrative Controls
Has a record control schedule been issued for the records in the system? If so, provide the schedule number. (You may check with the record liaison officer (RLO) for your AA-ship or Tammy Boulware (Headquarters Records Officer) to determine if there is a retention schedule for the subject records.)
Yes, EPA Records Schedule Number 089 – Information Tracking Systems.
While the data are retained in the system, what are the requirements for determining if the data are still sufficiently accurate, relevant, timely, and complete to ensure fairness in making determinations?
Updates are determined through Section 104 (e) letters, general notice letters and special notice letters to the PRPs.
Will this system provide the capability to identify, locate, or monitor individuals? If yes, explain.
Does the system use any persistent tracking technologies?
- Under which System of Records (SOR) notice does the system operate? Provide the name of the system and its SOR number if applicable. For reference, please view this list of Agency SORs. (A SOR is any collection of records under the control of the Agency in which the data is retrieved by a personal identifier.)
N/A. EARs record is not retrieved by using a personal identifier.