Privacy Impact Assessment
National Agricultural Statistics Service, NASS UNIX MA
National Agricultural Statistics Service UNIX MA
October 11, 2011
Contact Point
Joel DeArmitt
National Agricultural Statistics Service
202-720-5275
Reviewing Official
Renato Chan
Chief, Security
National Agricultural Statistics Service
United States Department of Agriculture
2 02-720-4068
This document contains the Privacy Impact Assessment (PIA) of the National Agricultural Statistics Service (NASS) UNIX Major Application (UNIX MA). The NASS UNIX MA is a UNIX application farm that is comprised of a number of various applications. These applications generally support the mission of NASS.
The NASS is conducting this PIA on the UNIX MA because the system processes and stores personally identifiable Information of all participating farmers and ranchers in the US which include name, address, phone number, size of operation, gender, and race. In addition, the system processes and stores agribusiness information, including: Firm names, manager names, address, phone number, size of operation in various categories and tax EINs.
The NASS UNIX MA is hosted by the NASS Unix General Support System which is physically located at three separate locations, the NASS Headquarters (HQ) in Washington, D.C., the NASS Field Services Office in Lakewood, CO, and the USDA National Information Technology Center (NITC), in Kansas, City. The architecture consists of servers operating under both AIX and Linux Operating Systems. All Unix Major Applications are managed and maintained by various NASS System Administrators, Database Administrators and Developers located at NASS HQ and Colorado Field Office (FO).
The NASS Unix mid-range server environment is distributed in two locations, the NASS HQ in Washington, D.C., and the USDA NITC, in Kansas, City. The architecture consists of servers operating under both AIX and Linux operating systems. Our UNIX environment resides on IBM pSeries equipment. All UNIX servers are managed from NASS HQ.
Servers located at NASS HQ are more specialized since consolidation is not as far along at this facility. There are six production servers in NASS HQ supporting the following production processes 1) public agricultural statistics reports and geospatial data, 2) NASS intranet backup, 3) web data collection public front end, 4) web data collection back-end database, 5) auto-matching to build the list and sampling frame, 6) replication of data across enterprise databases.
NASS UNIX MA applications work from an enterprise transactional and analytical database environment to provide access to a database on UNIX GSS. NASS UNIX MA has a "census" processing system that is used every five years and consists of multiple components, i.e. data editing component, data analysis component, data tabulation/summary component, and a data disclosure review component. NASS UNIX MA also includes some isolated "survey" systems that are migrating to the UNIX environment, i.e. web data collection and livestock slaughter applications. NASS UNIX MA also has some "support" applications that service both the census and surveys, such as the sampling system, web public agricultural statistics, public special tabulations, geospatial application, electronic images of questionnaires, and an intranet application. Functions of the NASS UNIX MA applications are described in the following paragraphs.
ARMS III (Agricultural Resources Management Survey III): The annual Agricultural Resources Management Survey (ARMS) jointly sponsored with the Economic Research Service (ERS) is USDA’s primary vehicle for obtaining information on a broad range of issues about the farm sector financial conditions and agricultural resource use. ARMS provide the most definitive, annual description of the rapidly changing structure of the nation’s farms. While a smaller number of large farms account for a growing proportion of agricultural production, other farms maintain profitability by entering into production and marketing agreements with agri-businesses. ARMS provide an annual measure of the effect agri-business has on farm income through such contracts. Without the ARMS, important measures such as farm income, farm operator income, and farm household income would not be available. This program also provides the critical information to analyze the effect government programs, such as loan deficiency payments, are having on net farm income by size and type of farm. Equally important, ARMS data can be used to evaluate the possible effects of alternative government policies and programs such as formulating indices, cost estimates, and farm economic indicators. Data from the ARMS survey are the foundation for the body of research that has led to the recognition on the part of decision-makers of the diversity of the farm sector and the differential impact of alternative policies and programs across the farm sector and among farm families.
PRISM (Project to Reengineer and Integrate Statistical Methods): PRISM is a major reengineering and integration effort for the Census of Agriculture designed to streamline and improve the quality of census and survey processes.
CPCS (Crop Progress and Conditions Survey): The Crop Progress and Condition report is a weekly report on crop progress and conditions compiled from reports submitted from local experts throughout the country.
Livestock Slaughter: The purpose of Livestock Slaughter is to edit, analyze, summarize and publish Livestock Slaughter statistics on a monthly and annual basis. The Livestock Slaughter report is a monthly outline of animals that have been slaughtered in the U. S. This report provides the number of heads slaughtered, live weight, and dressed weight of cattle and calves. Similar statistics are reported for sheep, lamb, hogs and pigs. For federally inspected plants, statistics are reported by class and by state. In addition, total red meat production by species is reported by state and for the U. S.
Poultry Slaughter: The purpose of Poultry Slaughter is to edit, analyze, summarize and publish Poultry Slaughter statistics on a monthly and annual basis.
Dairy Product Prices: The purpose of Dairy Product Prices is to collect, edit, analyze, summarize and publish Dairy Product Price statistics on a monthly and annual basis.
Feith: Feith software is used to display questionnaire images, for use in data review. Through the use of Feith software, the image of a questionnaire can be easily retrieved to assist with the data review process, and navigation through the questionnaire using the software capabilities is relatively effortless. Feith uses an Oracle database running on a UNIX server under AIX for storing and retrieving the images, with very little downtime throughout the entire data review process.
Genesis (Generalized Enhanced Sampling and Information System): To replace all of the disparate sampling programs, NASS developed the Generalized Enhanced Sampling and Information System (GENESIS). As an internal tool to the NASS survey process, GENESIS has improved the quality of NASS samples. It has also improved the efficiency of the sampling process in terms of cost, staff time, and calendar time.
ELMO (Enhanced List Maintenance Operations): ELMO is a system which is used to manage the farm register database. The system allows the user: to search for records based on certain name and address information, to update name, address, and control data information either individually or in a batch mode, and to extract lists of records in different formats.
Record Linkage: NASS designed Record Linkage to make the record linkage process as simple and user friendly as possible. NASS developed record linkage system with AutoMatch as the core.
EDR (Electronic Data Reporting): NASS decided that a Web-based EDR with a secure environment would be the most suitable and effective method for NASS. It can be used appropriately for most NASS surveys and is considered technically superior to the other methods reviewed.
IRS: IRS supports the extraction of new farm data from IRS records. IRS data is received via tape and uploaded to a standalone server. This data is then compared against other NASS data to determine if there are additional farms to be added to the NASS statistical databases. NASS anticipates receiving information for over 2 million IRS records each year, which are handled under strict confidentiality requirements. No information is provided back to IRS from NASS. After record linkage processing, approximately 700,000 potential farms are added to our farm register. NASS treats information with utmost security and have several controls in place to ensure protection.
Quick Stats: Quick Stats is composed of two basic tools: 1) Quick Stats Query Tool LAN and 2) Quick Stats Web App. Quick Stats Query Tool LAN is an internal application designed to allow USDA employees to perform statistical queries on the Agricultural Statistics Data Base. Quick Stats Web App is a web-based publicly accessible read-only system that allows the public to view results from queries against the Agricultural Statistics Data Base.
The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, rule, or technology being developed.
Customer information – Information on all participating farmers and ranchers in the US which include name, address, phone number, size of operation, SSNs, gender, race.
Other – agribusiness – Firm names, manager names, address, phone number, size of operation in various categories, tax EINs.
All information collected and processed by this system, including personally identifiable information, is protected by US Code: Title 7, 2276 – Confidentiality of Information as well as the Confidential Information Protection and Statistical Efficiency Act (CIPSEA) of 2002 (Public Law 107-347).
The population of farmers, ranchers, agri-businesses, and other federal agencies (FSA, NRCS, RMA, IRS, Census [NPC], FSIS) and InfoUSA. Third party sources include InfoUSA, Universities (extension), commodity organizations, trade magazines.
FSA, NRCS, RMA, IRS, FSIS and Bureau of Census provide data for use in the system.
The information is used to support the Agency’s mission of providing timely, accurate, and useful statistics in service to U.S. agriculture.
Through interviews done by face-to-face or telephone using the following enumeration media: paper, wireless portable electronic devices, and on-line electronic data collection. A separate security risk assessment was conducted to ensure security of wireless enumeration activities.
FSA, NRCS, RMA and FSIS provide data that are entered into the system. These are done periodically through operator intervention (a business person with support from admin).
Criteria/Auditing questionnaires are provided to the individual under review asking them to fill in the specifics for them.
Name information is not verified by inference from a source. Instead that is used to start a questionnaire as identified above.
Title 7 United States Code (USC), Section 2204; Title 7 Chapter 55 Section 2204 (g) (Public Law 105-113) Authority of the Secretary of Agriculture to Conduct the Census of Agriculture; Title 7 USC, Chapter 55, Section 2276, Confidentiality of Data; Title 7 USC, Section 3601.1, General Statement of Public Information; Title 18, Chapter 93, Section 1905, Disclosure of confidential information; Title 44 USC, Section 3501; and the Confidential Information Protection and Statistical Efficiency Act (CIPSEA) of 2002 (Public Law 107-347).
There is always the risk of unauthorized disclosure. NASS requires all its employees and contractors sign confidentiality statements as well as take security awareness training on an annual basis. In addition, systems containing privacy information employs additional security mechanisms to mitigate potential risks.
The following questions are intended to delineate clearly the use of information and the accuracy of the data being used.
The data will only be used to support the Agency’s mission of providing timely, accurate, and useful statistics in service to U.S. agriculture.
The NASS Unix Major Application utilizes both transactional and analytical databases used in all Census, Survey, Support and Estimation and Dissemination applications used within the system and listed as follows: ELMO, Genesis, Record Linkage, PRISM, ARMS III, Quick Stats, CPCS, Livestock Slaughter, Poultry Slaughter, Dairy Product Prices, Feith, EDR.
Data are used only in support of creating statistical information for such purposes as are necessary for the publication of statistical reports.
Source Agencies: NASS, FSA, FSIS
Commercial and publicly available data is used to assist in identifying duplication of names between various probability list samples and NASS area frame surveys. They are also used when matching names currently on NASS list sampling frame with lists maintained by other governmental agencies as part of the NASS list building and maintenance process.
All authorized NASS users are required to sign a pledge of confidentiality that carries severe legal penalties for violating the pledge. NASS also requires all its employees and contractors take security awareness training on an annual basis. NASS employs physical security controls, logical access controls, technological controls, auditing and monitoring of controls.
The following questions are intended to outline how long information will be retained after the initial collection.
Data are retained as long as the information is needed for list building. Census data are generally retained for ten to fifteen years in electronic form. In some instances, data are retained longer when needed.
Yes
There is always the risk of unauthorized disclosure. NASS requires all its employees sign confidentiality statements on an annual basis. It also requires all its employees and contractors take security awareness training on an annual basis. In addition, systems containing privacy information employs additional security mechanisms to mitigate potential risks.
The following questions are intended to define the scope of sharing within the United States Department of Agriculture.
The USDA FSA, ERS, NRCS, RMA have limited access to some of the data stored in the system and are controlled by use of both hardware and software security controls.
Information is transmitted to/from the FSA, ERS and RMA through direct use of the system. User access is determined based on the person’s job role. Information is transmitted to/from NRCS through other secured electronic means.
There is always the risk of unauthorized disclosure. NASS requires all its employees and contractors sign confidentiality statements on an annual basis. It also requires all its employees and contractors take security awareness training on an annual basis. In addition, systems containing privacy information employs additional security mechanisms to mitigate potential risks.
The following questions are intended to define the content, scope, and authority for information sharing external to USDA which includes Federal, state and local government, and the private sector.
Name and address information is shared with the National Processing Center, Bureau of Census. Use of information is limited to printing address labels for mail outs.
Yes, sharing of information is compatible with the original collection. It is covered by the USDA/NASS-3, “Census of Agriculture Records” SORN.
Name and address information is shared through secured electronic file transfers.
Privacy risks are at a minimum as information shared are also publicly available from other sources, i.e. phonebook, Internet searches, etc. NASS requires all its employees and contractors sign confidentiality statements as we ll as take security awareness training on an annual basis.
The following questions are directed at notice to the individual of the scope of information collected, the right to consent to uses of said information, and the right to decline to provide information.
Notice is provided in most cases though there are instances where it is given at the time of the interview.
Census and Census follow on surveys are mandated by Title 7 Section 2204(g), but all other surveys are voluntary in nature.
No.
The collection process is covered by a SORN which is available to the individuals through the Federal Register. NASS requires all its employees and contractors sign confidentiality statements as well as take security awareness training on an annual basis.
The following questions are directed at an individual’s ability to ensure the accuracy of the information collected about them.
Any individual may request information as to whether the system contains records pertaining to him or her by contacting the system manager at the address specified on the SORN. The request for information should contain: name, address, System of Record name, and year that the agricultural survey questionnaire was completed.
A request is sent to the NASS Customer Service department.
By contacting the system manager listed on the SORN.
Not Applicable
There are no significant risks involved with the redress process. NASS requires all its employees and contractors sign confidentiality statements as well as take security awareness training on an annual basis.
The following questions are intended to describe technical safeguards and security measures.
Access to data is limited only to users authorized by NASS to modify, maintain and review the data. This includes authorized managers, system administrators and developers. Each user also signs a pledge of confidentiality that carries severe legal penalties for violating the pledge. Business function managers define the access need for the user based on user requirements. Local manager verifies the authenticity and veracity of the individual who is being approved for access. Access request as well as approval is documented accordingly by management and the Technical Services Branch. The Computer Security Staff audits access routinely.
No
All authorized NASS users are required to sign a pledge of confidentiality that carries severe legal penalties for violating the pledge. NASS also requires all its employees and contractors take security awareness training on an annual basis.
Yes.
NASS employs physical security controls, logical access controls, technological controls, auditing and monitoring of controls.
There is always the risk of unauthorized disclosure of privacy information. NASS restricts access to information to authorized users. NASS requires all its employees and contractors sign confidentiality statements and take security awareness training on an annual basis. In addition, systems containing privacy information employs additional security mechanisms to mitigate potential risks, to include logical access controls, technical controls and auditing.
The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware and other technology.
The NASS UNIX Major Application is an operational UNIX application farm and is comprised of a number of various applications. These applications generally support the mission of NASS.
The NASS UNIX MA employs wireless portable electronic devices in support of its Computer Assisted Personal Interviewing (CAPI) initiative. NASS has performed a security risk assessment on the collection and transmission of data. All identified risks have been mitigated in compliance with current FISMA requirements.
The following questions are directed at critically analyzing the privacy impact of using third party websites and/or applications.
This system does not employ third party website.
Page
File Type | application/msword |
Author | dlochte-henley |
Last Modified By | HancDa |
File Modified | 2011-10-14 |
File Created | 2011-10-14 |