Initial Privacy Assessment Forms

IPA Forms.doc

Inspector Candidate Assessment Questionnaire

Initial Privacy Assessment Forms

OMB: 2577-0243

Document [doc]
Download: doc | pdf




U.S. DEPARTMENT OF

HOUSING AND URBAN DEVELOPMENT






INITIAL PRIVACY ASSESSMENT (IPA)



Inspector Candidate Assessment Questionnaire for

Physical Inspection Training


Instruction & Template





December 17, 2014


INTRODUCTION


What is an Initial Privacy Assessment?

An Initial Privacy Assessment (IPA) is designed to assess whether a Privacy Impact Assessment (PIA), a Privacy Act system of records notice (SORN), and/or other related privacy documents are required. The responses to the IPA will provide a foundation for determining if either a PIA or SORN or both will be required, and will also help to identify any policy concerns.


The IPA incorporates the matters previously addressed in the Department’s Privacy Identifiable Information (PII) Survey, and thus replaces the survey.


When should an IPA be completed?

An IPA should be completed for all information collection activities, whether the system is electronic or contains only records in paper form, and should be completed before commencement of any testing or pilot project of an information system or prior to implementing new information collections requests. Additionally, an IPA should be completed any time there is a change to the information system or collection to determine whether there are any privacy issues as a result of such a change.


Who should complete the IPA?

The IPA should be written and reviewed by a combination of the component’s (e.g., Privacy Act Officer, System Owner, Project Leaders, Paperwork Reduction Act Compliance Officers), and the program-specific office responsible for the system or information collections.


How is the IPA related to the Capital Planning, Certification and Accreditation, and Paperwork Reduction Act process?

Upon completion and approval of the IPA by the Privacy Officer the official document may be uploaded into the C&A tool, and provided as part of the IT Capital Planning, and Paperwork Reduction Act package as validation of the completed evaluation. The completed IPA demonstrates that the program components have consciously considered privacy and related requirements as part of the overall information activities. For an IT system that does not require a C&A, such as a minor application that runs on a system that does require a C&A, an IPA still should be completed to determine if other related privacy documentation are required for that system or project.


Where the completed IPA should be sent?

A copy of the completed IPA should be sent to the Office of Privacy Project Leads for review. The Privacy Officer will review the IPA and determine what additional privacy documentation is required, and then will advise the Program component accordingly.


Initial Privacy Assessment



SECTION I: INFORMATION ABOUT THE SYSTEM OR PROJECT


Date Submitted for Review:


Project Name/Acronym: Inspector Candidate Assessment Questionnaire (ICAQ)


System Owner/Contact information: Samuel Tuffour


Project Leader/Contact Information: Floyd A. Rooths


Which of the following describes the type of records in the system:




Paper-Only


Combination of Paper and Electronic


System/Project


Other: Please describe the type of project is the system or program, including paper based Privacy Act System of Records, Rules, or Technologies’.



Note: For this form purpose, there is no distinction made between technologies/systems managed by contractors. All technologies/systems should be initially reviewed for potential privacy impact.


Question 1: Provide a general description of the system or Project. The following questions are intended to define the scope of the information in the system, information collection, or project, specifically the nature of the information and the sources from which it is obtained.


  1. From whom is the information collected (i.e., government employees, contractors, or consultants, state, local government entities, or general public)?


The information is collected from individuals who are seeking to become inspectors of HUD properties certified in the UPCS inspection protocol and from state Housing Finance Agency (HFA) staff for information only.

HUD uses contract inspectors that are both trained in the HUD Uniform Physical Condition Standards (UPCS) protocol and certified to conduct the required inspections by the Office of Public and Indian Housing-Real Estate Assessment Center (PIH-REAC) to conduct physical condition inspections of HUD assisted and insured housing

To become a certified UPCS inspector, the individual must complete and submit the Inspector Candidate’s Assessment Questionnaire to HUD. HUD reviews and assesses the completed Questionnaire to assess the inspector candidate’s basic knowledge, skills and abilities to determine whether the inspector candidate meets the requirements to attend the UPSCS inspection training.



  1. What is the functionality of the system, information collection, or project and the purpose that the records and/or system serve?


This information collected is used by HUD to assess each inspector candidate’s basic

knowledge and inspection skills and abilities, which enables HUD staff to determine whether

an inspector candidate meets the requirements to attend the UPCS training.


c. How is information transmitted to and from the system, information collection, or project?


The Questionnaire is a WORD document that the inspector candidate completes and submits electronically to HUD.


d. What are the interconnections with other systems or projects?


None

QUESTION 2: Have the IPA been reviewed and approved by the Chief Privacy Officer


No


(If no, please contact component privacy official for official approval)







QUESTION 3: What is the Status of system, information collection, or project


  1. If this is a new system, information collection or project, specify expected production date.


This is not a new information collection.


  1. If an existing system, information collection, or project, specify date of production.

The information collection was approved by OMB in 2004, and has remained an active,

current collection through renewals and extensions. The collection number is 2577-0243.


QUESTION 4: Does this system, information collection, or project collect personal identifiers/sensitive information


YES


NO


Does the system, information collection, or project collect personal/sensitive information? (e.g. name, address, personal email address, gender/sex, race/ethnicity, income/financial data, employment history, medical history, Social Security Number, Tax Identification Number, Employee Identification Number, FHA Case Number). Includes PII that may be part of a registration process?


If yes, specific data sets collected or provided, and the legal authorities, arrangement, and/or agreement authorize the collection of information (i.e. must include authorities that cover all information collection activities, including Social Security Numbers)?


The following data sets are collected:


  1. Candidate’s name

  2. Candidate’s address

  3. Candidate’s email address

  4. Candidate’s telephone numbers - home, work, and cell

  5. Candidate’s identification number


QUESTION 5: Does the information about individuals identify particular individuals (i.e., is the information linked or linkable to specific individuals, often referred to as personally identifiable information?)


Yes, see the response to question 4. above


QUESTION 6: What type of Notice(s) are provided to the individual on the scope of information collected, the opportunity to consent to uses of said information, the opportunity to decline to provide information. (A notice may include a posted privacy policy, a Privacy Act notice on form(s), and/or a system of records notice published in the Federal Register.)


  1. Was any form of notice provided to the individual prior to collection of information? If yes, please provide a copy of the notice as an appendix. (A notice may include a posted privacy policy, a Privacy Act notice on form(s), and/or a system of records notice published in the Federal Register.) If notice was not published, why not?


No specific information is provided to the individuals prior to the collection.

Individuals who want to become HUD UPCS inspectors go the HUD website and after reading all of the information on the site they decide whether to complete and submit the Inspector Candidate Assessment Questionnaire. The required OMB Disclosure Statement and a Privacy Act Information statement are located at the top of each Questionnaire form:


They read as follows:

Public reporting burden for this collection of information is estimated to average 20 minutes per response, including the time for reviewing instructions, searching existing data sources and copying verifiable documentation, and completing and reviewing the collection. HUD may not collect this information, and you are not required to complete this form, unless it displays a currently valid OMB control number. The information collected does not lend itself to confidentiality. This information will be used by HUD to assess an inspector candidate’s basic knowledge and inspection skills and abilities, and to determine whether the inspector candidate meets the requirements to attend the HUD inspector training. The response to this information collection is voluntary.

Privacy Act Information: This collection is authorized by the U.S. Housing Act of 1937 (42 U.S.C. 1437 et seq.) and the Debt Collection Improvement Act of 1996 (31 U.S.C. 7701(c). Each inspector candidate (individual) must submit information to HUD for HUD to assess whether the individual has the qualifications, capacity, and experience to meet the requirements to attend the Uniform Physical Condition Standards (UPCS) inspector training. HUD will use the information to: (1) qualify the individual for the required training; (2) establish the composition of the training course; and (3) certify as UPCS inspectors those individuals who successfully complete the entire training program and provide them with a unique personal ID. This collection is voluntary, but it is required if an individual seeks to obtain and retain the benefits of a HUD UPCS inspector.



AND

Public reporting burden for this collection of information is estimated to average 15 minutes per response, including the time for reviewing instructions and completing and reviewing the collection of information. HUD may not collect this information, and you are not required to complete this form, unless it displays a currently valid OMB control number. The information collected does not lend itself to confidentiality. This information will be used by HUD to assess an inspector candidate’s basic knowledge and inspection skills and abilities, and to determine whether the inspector candidate meets the requirements to attend the HUD inspector training. The response to this information collection is voluntary.

Privacy Act Information: This collection is authorized by the U.S. Housing Act of 1937 (42 U.S.C. 1437 et seq.).. Each inspector candidate (individual) must submit information to HUD for HUD to establish the composition of the training course and certify as UPCS inspectors those individuals who successfully complete the entire training program and provide them with a unique personal ID. This collection is voluntary, but it is required if an individual seeks to obtain and retain the benefits of a HUD UPCS inspector.




  1. Do individuals have an opportunity and/or right to decline to provide information?


Yes. See the answer to question 6.a. above.

  1. Do individuals have an opportunity to consent to particular uses of the information, and if so, what is the procedure by which an individual would provide such consent?


See response to question 6.a. above.



QUESTION 7: Is there a Certification & Accreditation record for your system? (This question does not apply to Information Collection Requests)


N/A


Specify below the systems categorization. If not available identify the FISMA-reported system whose Certification and Accreditation covers this system.

Confidentiality

Low

Moderate

High

Undefined

Integrity

Low

Moderate

High

Undefined

Availability

Low

Moderate

High

Undefined



SECTION II - Existing System or Project

(Only complete Section II if this is an existing system, information collection, or project).


QUESTION 1: When was the system, information collection, or project developed?


The system of records was first developed in 2001. See the Federal Register Privacy Act notice, 66 FR 28192, dated May 22, 2001. This Notice covers all records and accompanying routine uses for all of the inspectors certified to conduct UPCS inspections.


As stated in the response to question 3, on page 5, the information collection titled “Inspector Candidate Assessment Questionnaire” was first approved in 2004.


QUESTION 2: If an existing system, information collection, or project, has the system or project undergone any changes since April 17, 2003?


Yes. The Questionnaire was implemented in 2004 and tool that assesses the Questionnaire was implemented in 2008.


QUESTION 3: Do the changes to the system, information collection, or project involve a change in the type of records maintained, the individuals on whom records are maintained, or the use or dissemination of information from the system?


Those changes:

  1. Implemented the tool that assesses the Questionnaire

  2. Implemented use of the Questionnaire to determine individuals qualified to attend the training

  3. Instituted maintaining information on individuals who submit a Questionnaire but are determined not to be qualified to attend the training and for individuals who attend the training but do not successfully complete the entire training program.


There were no changes to the use or dissemination of the information.


QUESTION 4: Please indicate if any of the following changes to the system or project have occurred: (Mark all boxes that apply.)

A conversion from paper-based records to an electronic system for some documents.

A change from information in a format that is anonymous or non-identifiable to a format that is identifiable to particular individuals.


A new use of an IT system, including application of a new technology that changes how information in identifiable form is managed. (For example, a change that would create a more open environment and /or avenue for exposure of data that previously did not exist.)

A change that results in information in identifiable form being merged, centralized, or matched with other databases.


A new method of authenticating the use of an access to information in the identifiable form by members of the public.


A systematic incorporation of databases of information in identifiable form purchased or obtained from commercial or public sources.

A new interagency use of shared agency function that results in new uses or exchanges of information in identifiable form.

A change that results in a new use of disclosure of information in identifiable form.

A change that results in new items of information in identifiable form being added into the system.



QUESTION 5: Does a PIA for the system or project already exist? If yes, please provide a copy of the notice as an appendix.


Yes As explained above, a Privacy Act Notice was issued on May 22, 2001 [66 FR 28192], for individuals who successfully complete the UPCS training and are certified as UPCS inspectors. The system of records and accompanying routine uses established by and covered under that Notice do not expressly cover individuals who submit the Questionnaire and after doing so either do not qualify for or successfully complete the UPCS training.


Privacy Office determination


(To be completed by the Privacy Office)


This is NOT a privacy sensitive system, information collection or project – the system, information collection, or project contains no personal identifiers/sensitive information



This IS a Privacy Sensitive Project



IPA sufficient at this time



A PIA is required



The existing PIA requires an update/deletion



A SORN is required



The existing SORN requires an update or should be deleted



Other


COMMENTS:













DOCUMENT ENDORSMENT



DATE REVIEWED:

REVIEWERS NAME:



By Signing below you attest that the content captured in this document is accurate and complete and meet the requirements of applicable federal regulations and HUD internal policies.










SYSTEM OR PROJECT OWNER

Samuel Tuffour



Date

PIH REAC, PASS















PROGRAM AREA MANAGER

Floyd A. Rooths


Date

PIH REAC, PASS














CHIEF PRIVACY OFFICER,

<<INSERT NAME>>


Date

Office of the Chief Information Officer



U. S. Department of Housing and Urban Development



12


File Typeapplication/msword
File TitleAttached for your immediate attention is the electronic copy of the SSN and PII memorandum distributed to Departmental Principle
AuthorNadine Craft
Last Modified ByREAC
File Modified2014-12-18
File Created2014-12-17
© 2024 OMB.report | Privacy Policy