Appendix H - SNAPQCS PIA for 0074

H- SNAPQCS PIA.pdf

RIN 0584-AE79 Reform Provisions for the Supplemental Nutrition Assistance Program’s Quality Control System

Appendix H - SNAPQCS PIA for 0074

OMB: 0584-0692

Document [pdf]
Download: pdf | pdf
Appendix H- OMB 0584-NEW for AE79
SNAPQCS Privacy Impact Analysis

Privacy Impact Assessment
SNAP-QCS
Policy, E-Government and Fair Information Practices

Version: 1.7
Date: July 1,2019
Prepared for: USDA OCIO TPA&E

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Privacy Impact Assessment for the
Supplemental Nutrition Assistance Program Quality Control System
(SNAP-QCS)
July 1, 2019
Contact Point
Ambur Daley
FNS/OIT/PMB
(703) 305-2125

Reviewing Official
Michael Short
Acting FNS Privacy Officer
United States Department of Agriculture
(703) 605-0796

Page 3

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Document Review
System Privacy
Officer Name

Signature

Date

Jennifer Weatherly

s/Jennifer Weatherly

11/13/14

Michael Short

Comments (if any)
FY15 Review; POC number update
only (editorial)

signed by MICHAEL SHORT
MICHAEL SHORT Digitally
Date: 2019.07.23 14:10:06 -04'00'

Page 4

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Abstract
Supplemental Nutrition Assistance Program - Quality Control System (SNAP-QCS). The
SNAP-QCS consists of State agencies performing QC reviews of a statistically valid
sample of cases, which are further sub-sampled and reviewed by USDA reviewers, to
ensure the validity of state findings. A PIA is being conducted due to the content within
SNAP-QCS and the controls protecting that data.

Overview
The Supplemental Nutrition Assistance Program (SNAP) is one of fifteen domestic
nutrition assistance programs operated by USDA to provide benefits to low-income
families to purchase healthy and nutritious food. The SNAP program is authorized by the
Food and Nutrition Act of 2008, hereafter referred to as the “Act”. The Act also mandates
that USDA operates a quality control system to monitor State Agency performance to
ensure that only those eligible receive program benefits, and that they only receive the
correct amount authorized by law. Monitoring program performance is further supported
by Improper Payments Information Act of 2002 (IPIA), which is essential to ensuring
program integrity and safeguarding the investment of the American taxpayer.
The SNAP is monitored through its quality control (QC) system. The current SNAP QC
system, which has been in existence since the 1970s, has been singled out by OMB as the
benchmark for compliance with the IPIA. The SNAP QC system consists of State
agencies performing QC reviews of a statistically valid sample of cases, which are further
sub-sampled and reviewed by USDA reviewers, to ensure the validity of state findings.
The process includes monitoring the State QC sampling and reporting process, performing
validation reviews, reporting to and negotiating review results with States, supporting the
arbitration process, running regression and reporting the results to USDA.
SNAP-QCS does not collect data from customers. However, with the introduction of the
FNS-380 Quality Control Worksheet and the ability to manage digital copies of case file
documents, the SNAP-QCS production database now contains personally identifiable
information (PII). In addition, SNAP-QCS contains Certification Case Number (CCN)
supplied by the Supplemental Nutrition Assistance Program (SNAP) State Agencies.
Some State Agencies embed the SSN in their CCNs. CCNs are used by SNAP-QCS as a
reference number relating back to the State Agency.

Page 5

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Section 1.0 Characterization of the Information
The following questions are intended to define the scope of the information requested and/or
collected as well as reasons for its collection as part of the program, system, rule, or technology
being developed.

1.1

What information is collected, used, disseminated, or maintained in
the system?
Privacy information is contained in the FNS-380 Quality Control Worksheet and in
the various case file documents uploaded to the SNAP-QCS database.
Personal Identification Number – Unique identifiers are used by the States to
differentiate unique SNAP benefit cases and QC reviews. SNAP QC case documents
may include a copy of the applicant’s Social Security Card. SNAP-QCS contains a
Certification Case Number (CCN) supplied by the States. For some states, this CCN
contains a social security number. SNAP-QCS treats this number as a unique
identifier in order to assist in following up with State Agencies on particular records.
Financial Data – Financial information is captured by the State case worker to
determine SNAP eligibility and allotment. This information is part of the SNAP QC
case review and is analyzed by both State and federal QC reviewers.
Health Data – Medical expenses are part of the SNAP eligibility and allotment
calculation process. Related health care information may be included on expenserelated documents such as bills or receipts from health care providers and prescription
services.
Employment History – Current employment information is necessary to make a proper
determination of SNAP eligibility and allotment amount. Generally, this takes the
form of a pay stub or W2, which may also contain employer information and dates of
employment.
Miscellaneous Identification Number – Other numbers from contributing sources such
as bank account numbers, public utility customer numbers, invoice numbers, etc. may
be present on various documents used for SNAP eligibility and benefit allotment
calculation.
Photographic Image/Identifying Characteristics – Identity verification is an important
aspect of the SNAP eligibility process. Copies of applicant driver’s licenses are
routinely made and included in the case file as proof of identity including age,
physical characteristics, and address.
Handwriting or an Image of the Signature – As noted above, a driver’s license or other
form of government-issued identification, such as a passport, are a key part of SNAP
eligibility determination. These forms of identification include original and digitized
signatures of the bearer. Signatures may also be found on lease agreements (proof of
housing expense) or other legal documents.
Page 6

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Other – Each SNAP case is unique and many different kinds of information and
supporting documents may be relevant to benefit determination including household
composition, location, any policy waivers in place, age, and education.

1.2

What are the sources of the information in the system?
SNAP State Agencies supply all data. No data is directly collected from the customer
or USDA agencies.

1.3

Why is the information being collected, used, disseminated, or
maintained?
The USDA is required by the Food and Nutrition Act of 2008 to operate a quality control
system.

1.4

How is the information collected?
SNAP State Agencies collects and supply all data.

1.5

How will the information be checked for accuracy?
SNAP-QCS does not have its own mechanism to check for data accuracy. Through
the SNAP QC process, the data are evaluated for accuracy by State and Federal SNAP
QC reviewers.

1.6

What specific legal authorities, arrangements, and/or agreements
defined the collection of information?
Authorized by the Food and Nutrition Act of 2008

1.7

Privacy Impact Analysis: Given the amount and type of data
collected, discuss the privacy risks identified and how they were
mitigated.
SNAP-QCS does not collect data from customers. SNAP-QCS collects data from State
Agencies. Some State Agencies embed the SSN in their CCNs. CCNs are used by
SNAP-QCS as a reference number relating back to the State Agency. Privacy
information is contained in the FNS-380 Quality Control Worksheet and in the various
case file documents uploaded to the SNAP-QCS database. This data is encrypted during
transfer and at rest. Only those state and federal employees with eAuth Level 2
credentials and who have been authorized through the FNS-674 process to access
SNAP-QCS may use the system and perform work that is directly related to SNAP QCS.

Page 7

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Section 2.0 Uses of the Information
The following questions are intended to delineate clearly the use of information and the
accuracy of the data being used.

2.1

Describe all the uses of information.
The data are used as part of the SNAP QC review process.

2.2

What types of tools are used to analyze data and what type of data
may be produced?
All data are held within a Microsoft SQL Server.

2.3

If the system uses commercial or publicly available data please
explain why and how it is used.
Not Applicable

2.4

Privacy Impact Analysis: Describe any types of controls that may be
in place to ensure that information is handled in accordance with the
above described uses.
e-Authentication (Level 2) is used by authorized users to access the system. Users are
assigned roles and constraints within the system that limit their access to data.

Section 3.0 Retention
The following questions are intended to outline how long information will be retained after the
initial collection.

3.1

How long is information retained?
Permanent. Transfer a copy of the database in an approved NARA format (ASCII, flat
file) immediately after approval of this schedule. Thereafter, transfer a copy of database
in accordance with NARA specifications at the end of the calendar year.

3.2

Has the retention period been approved by the component records
officer and the National Archives and Records Administration
(NARA)?
Yes. Disposition Authority N1-462-09-11.

Page 8

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

3.3

Privacy Impact Analysis: Please discuss the risks associated with the
length of time data is retained and how those risks are mitigated.
There are no risks associated with the length of time data is retained.

Section 4.0 Internal Sharing and Disclosure
The following questions are intended to define the scope of sharing within the United States
Department of Agriculture.

4.1

With which internal organization(s) is the information shared, what
information is shared and for what purpose?
Office of Research and Analysis (ORA) – the information shared is the information
provided by the State Agencies for the QC review that was completed. This information
is used for data-mining purposes.

4.2

How is the information transmitted or disclosed?
The data is extracted from the SNAP-QCS database and provided to ORA via a
password protected CD and is sent on an as-needed basis.

4.3

Privacy Impact Analysis: Considering the extent of internal
information sharing, discuss the privacy risks associated with the
sharing and how they were mitigated.
State agencies input the required information into SNAP-QCS and it contains PII data.
Access is restricted to authorized users and the data are encrypted at rest and in transit.
SNAP-QCS does not share PII data.

Section 5.0 External Sharing and Disclosure
The following questions are intended to define the content, scope, and authority for information
sharing external to USDA which includes Federal, state and local government, and the private sector.

5.1

With which external organization(s) is the information shared, what
information is shared, and for what purpose?
State agencies will conduct QC reviews to measure the validity of the SNAP cases at a
given time (the review date). Reviews will be conducted on a random sample of active
and negative cases. The results of the State QC reviews will be recorded in the SNAPQCS State System.

Page 9

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

5.2

Is the sharing of personally identifiable information outside the
Department compatible with the original collection? If so, is it
covered by an appropriate routine use in a SORN? If so, please
describe. If not, please describe under what legal mechanism the
program or system is allowed to share the personally identifiable
information outside of USDA.
Not applicable. Information is not shared outside the Department. SNAP-QCS is under the
FNS-5 SORN.

5.3

How is the information shared outside the Department and what
security measures safeguard its transmission?
Not applicable. Information is not shared outside the Department.

5.4

Privacy Impact Analysis: Given the external sharing, explain the
privacy risks identified and describe how they were mitigated.
Not applicable. Information is not shared and therefore there is no privacy risks related
to external sharing.

Section 6.0 Notice
The following questions are directed at notice to the individual of the scope of information collected,
the right to consent to uses of said information, and the right to decline to provide information.

6.1

Does this system require a SORN and if so, please provide SORN
name and URL.
SNAP-QCS is under the FNS-5 SORN.

6.2

Was notice provided to the individual prior to collection of
information?
SNAP-QCS does not collect data from customers. SNAP-QCS collects data from State
Agencies. SNAP-QCS data are subject to the controls defined by State Agencies and
those federal privacy controls applicable to the federal users of SNAP-QCS.

6.3

Do individuals have the opportunity and/or right to decline to provide
information?
Not Applicable

Page 10

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

6.4

Do individuals have the right to consent to particular uses of the
information? If so, how does the individual exercise the right?
Not Applicable

6.5

Privacy Impact Analysis: Describe how notice is provided to
individuals, and how the risks associated with individuals being
unaware of the collection are mitigated.
Not Applicable

Section 7.0 Access, Redress and Correction
The following questions are directed at an individual’s ability to ensure the accuracy of the
information collected about them.

7.1

What are the procedures that allow individuals to gain access to their
information?
This would be a State Agency concern. Not Applicable to SNAP-QCS

7.2

What are the procedures for correcting inaccurate or erroneous
information?
This would be a State Agency concern. Not Applicable to SNAP-QCS

7.3

How are individuals notified of the procedures for correcting their
information?
This would be a State Agency concern. Not Applicable to SNAP-QCS

7.4

If no formal redress is provided, what alternatives are available to the
individual?
This would be a State Agency concern. Not Applicable to SNAP-QCS

7.5

Privacy Impact Analysis: Please discuss the privacy risks associated
with the redress available to individuals and how those risks are
mitigated.
This would be a State Agency concern. Not Applicable to SNAP-QCS

Section 8.0 Technical Access and Security
Page 11

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
The following questions are intended to describe technical safeguards and security measures.

8.1

What procedures are in place to determine which users may access
the system and are they documented?
See FNS Security Office for how users gain access to any FNS system. Each user
must submit an FNS-674 form signed by their supervisor, the system owner, and FNS
security officer before they are allowed access. Access is then granted through a user
management process internal to SNAP-QCS where appropriate roles and constraints
are assigned.

8.2

Will Department contractors have access to the system?
Contractors will have access to the system as needed.

8.3

Describe what privacy training is provided to users either generally
or specifically relevant to the program or system?
Privacy training is part of the annual security awareness training that all employees and
contractors must complete prior to being granted access to any FNS system.

8.4

Has Certification & Accreditation been completed for the system or
systems supporting the program?
All FNS systems must undergo Assessment & Authorization prior to being put into
production. The last C&A was completed on 08/23/2018; the ATO is dated 03/28/2020.

8.5

What auditing measures and technical safeguards are in place to
prevent misuse of data?
Users of the system are audited at least annually. FNS-674 forms must be on file and
their need to access the system is validated at least annually.

8.6

Privacy Impact Analysis: Given the sensitivity and scope of the
information collected, as well as any information sharing conducted
on the system, what privacy risks were identified and how do the
security controls mitigate them?
By controlling who has access and ensuring that they are given the least privileges
needed to perform their job, FNS ensures that only valid users have access.

Section 9.0 Technology
Page 12

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)
The following questions are directed at critically analyzing the selection process for any technologies
utilized by the system, including system hardware and other technology.

9.1

What type of project is the program or system?
SNAP-QCS helps determine error rates of each State’s SNAP compliance.

9.2

Does the project employ technology which may raise privacy
concerns? If so please discuss their implementation.
No

Section 10.0 Third Party Websites/Applications
The following questions are directed at critically analyzing the privacy impact of using third
party websites and/or applications.

10.1 Has the System Owner (SO) and/or Information Systems Security
Program Manager (ISSPM) reviewed Office of Management and
Budget (OMB) memorandums M-10-22 “Guidance for Online Use of
Web Measurement and Customization Technology” and M-10-23
“Guidance for Agency Use of Third-Party Websites and
Applications”?
Yes

10.2 What is the specific purpose of the agency’s use of 3rd party websites
and/or applications?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.3 What personally identifiable information (PII) will become available
through the agency’s use of 3rd party websites and/or applications.
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.4 How will the PII that becomes available through the agency’s use of
3rd party websites and/or applications be used?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.5 How will the PII that becomes available through the agency’s use of
3rd party websites and/or applications be maintained and secured?
Page 13

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.6 Is the PII that becomes available through the agency’s use of 3rd party
websites and/or applications purged periodically?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.7 Who will have access to PII that becomes available through the
agency’s use of 3rd party websites and/or applications?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.8 With whom will the PII that becomes available through the agency’s
use of 3rd party websites and/or applications be shared - either
internally or externally?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

10.9 Will the activities involving the PII that becomes available through
the agency’s use of 3rd party websites and/or applications require
either the creation or modification of a system of records notice
(SORN)?
Not Applicable. SNAP-QCS does not use 3rd party websites or applications. SNAPQCS is under the FNS-5 SORN.

10.10 Does the system use web measurement and customization technology?
No

10.11 Does the system allow users to either decline to opt-in or decide to
opt-out of all uses of web measurement and customization
technology?
Not Applicable.

10.12 Privacy Impact Analysis: Given the amount and type of PII that
becomes available through the agency’s use of 3rd party websites
and/or applications, discuss the privacy risks identified and how they
were mitigated.
Not Applicable. SNAP-QCS does not use 3rd party websites or applications.

Page 14

Privacy Impact Assessment
Supplemental Nutrition Assistance Program (SNAP) –
Quality Control System (SNAP-QCS)

Responsible Officials
Digitally signed by
AMBUR
AMBUR DALEY
Date: 2019.08.06
DALEY
12:56:33 -04'00'
________________________________
Ambur Daley
FNS/OIT/PMB
United States Department of Agriculture

Approval Signature
signed by
STEPHANIE Digitally
STEPHANIE PROSKA
Date: 2019.08.16 09:59:13
PROSKA
-04'00'
________________________________
Stephanie Proska
System Owner/Chief, Quality Control Branch
Food and Nutrition Service
United States Department of Agriculture

Page 15


File Typeapplication/pdf
Authordlochte-henley
File Modified2023-09-28
File Created2019-07-23

© 2024 OMB.report | Privacy Policy