Pia

Attach3 PIA.pdf

Formative Research, Pretesting, and Customer Satisfaction of NCI's Communication and Education Resources (NCI)

PIA

OMB: 0925-0046

Document [pdf]
Download: pdf | pdf
06.3 HHS PIA Summary for Posting (Form) / NIH NCI OCE Office of Market
Research and Evaluation Surveys
PIA SUMMARY AND APPROVAL COMBINED
PIA Summary
Is this a new PIA 2011? No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: 7/29/2011
2. OPDIV Name: NIH
3. Unique Project Identifier (UPI) Number:
4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN
number is required for Q.4): N/A
5. OMB Information Collection Approval Number: 0925-0046
6. Other Identifying Number(s): N/A
7. System Name (Align with system Item name): OCE's Office of Market Research and
Evaluation Surveys
9. System Point of Contact (POC). The System POC is the person to whom questions about
the system and the responses to this PIA may be addressed: Holly A. Massett, Ph.D.
10. Provide an overview of the system: The system is comprised of a web-based interface and
associated backend database, plus necessary programmatic functionality to store and retrieve
data, a portion of which may be provided by OMRE for a given task, and the majority of which
is provided by the individual users. The primary purpose of the system is to store, compile,
analyze, and output user data on a per-task/project basis; the system does not store data
pertaining to individual projects past a short period following their completion.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through PII
within any database(s), record(s), file(s) or website(s) hosted by this system? (Note: This
question seeks to identify any, and all, personal information associated with the system.
This includes any PII, whether or not it is subject to the Privacy Act, whether the
individuals are employees, the public, research subjects, or business partners, and whether
provided voluntarily or collected by mandate. Later questions will try to understand the
character of the data and its applicability to the requirements under the Privacy Act or
other legislation. Does/Will the system collect, maintain (store), disseminate and/or pass
through PII within any database(s), record(s), file(s) or website(s) hosted by this system?):
No
21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21
must be Yes and a SORN number is required for Q.4): No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s):
No PII in the system. Personal information outside of work context is not colleted.
30. Please describe in detail: (1) the information the agency will collect, maintain, or
disseminate; (2) why and for what purpose the agency will use the information; (3) in this

description, explicitly indicate whether the information contains PII; and (4) whether
submission of personal information is voluntary or mandatory: (1). The system may store
any or all of the following information: names, business email, mailing address of clinic or
partner organization, business phone or fax information, organization name and individual's
position within that organization.
(2). This information may be tied to data collected via survey or questionnnaire within the
system for which the individual has previously identified to be given access and from whom
specific responses are needed.
(3). This information collected may include any of the data listed in (1). and does not constitute
PII as defined by this form as all data in question is business-related contact information.
(4). No PII is collected. Submission is voluntary and user may opt-out of data collection.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from
the individuals whose PII is in the system when major changes occur to the system (e.g.,
disclosure and/or data uses have changed since the notice at the time of the original
collection); (2) notify and obtain consent from individuals regarding what PII is being
collected from them; and (3) how the information will be used or shared.
(Note: Please describe in what format individuals will be given notice of consent [e.g.,
written notice, electronic notice, etc.]) (1). N/A - No PII in the system.
(2). N/A - No PII in the system.
(3). A written privacy notice is posted at the entry point of each system interface. This privacy
statement states the type of data collected, how it will be used, and how data will be reported
(e.g. user-specific, aggregate, etc). OMB numbers are provided where applicable and the ability
of opt-out and remove all data is available to each user at any point within the system.
32. Does the system host a website? (Note: If the system hosts a website, the Website
Hosting Practices section is required to be completed regardless of the presence of PII):
Yes
37. Does the website have any information or pages directed at children under the age of
thirteen?:
50. Are there policies or guidelines in place with regard to the retention and destruction of
PII? (Refer to the C&A package and/or the Records Retention and Destruction section in
SORN):
54. Briefly describe in detail how the IIF will be secured on the system using
administrative, technical, and physical controls.: No PII in the system. Web-baded access to
the system may include (encrypted) passwords, unique urls, SSL, and other one-time login
indentifiers. Privacy notices alert the individuals accessing the system what types of information
are stored and how they will be used; individuals may opt-out of data collection at any point and
remove all data previously input. Servers and physical backup hardware are stored in a secure
data center.
PIA Approval
PIA Reviewer Approval: Promote
PIA Reviewer Name: Suzy Milliard
Sr. Official for Privacy Approval: Promote


File Typeapplication/pdf
File Modified2012-11-13
File Created2012-11-13

© 2024 OMB.report | Privacy Policy