Privacy Impact Assessment
(PIA)
GSM Export Credit Guarantee Systems
(GSM!Web!PC)
Revision: Final
Farm Service Agency
Page ii
Date: November lO, 2009
�USDA
Privacy Impact Assessment for GSM Export Credit Guarantee Systems
(GSMANeb/PC)
Document Information
Name
Angela Sieg
Contact Number
E-mail Address
(816) 926- ! 568
Angela.Sieg@kcc.usda.gov
Revision
Draft v.01
Final
Page iii
Date
1 I/10/2009
11/12/2009
11/24/2009
Document Revision and History
Comments
Author
[
T. Ostrander
Initial
Reviewed and released for signatures
S. Timbrook, ECS
Revised and added comments J.
S. Timbrook, ECS
Underwood sections 4,5.2,5.3,6,20
released for final signature.
Date: November 10, 2009
�USDA
Privacy Impact Assessment for GSM Export Credit Guarantee Systems
(GSM/VVeb/PC)
Table of Contents
1
PURPOSE OF DOCUMENT ................................................................................................
1
2
~....2
SYSTEM INFORMATION ..............................................................................................
3 DATA INFORMATION ........................................................................................................3
3.i Data Collection ....................................................................................................................3
3.2 Data Use ...............................................................................................................................4
3.3 Data Retention .....................................................................................................................6
3.4 Data Sharing ........................................................................................................................6
3.5 Data Access ..........................................................................................................................7
3.6 Customer Protection .......................................................~ ...................................................8
4
SYSTEM OF RECORD .........................................................................................................1
5
TECHNOLOGY .....................................................................................................................1
6
COMPLETION INSTRUCTIONS .......................................................................................2
Page iv
Date: November 10, 2009
�1 Purpose of Document
USDA DM 3515-002 states: "Agencies are responsible for initiating the PIA in the early stages
of the development of a system and to ensure that the PIA is completed as part of the required
System Life Cycle (SLC) reviews. Systems include data from applications housed on
mainframes, personal computers, and applications developed for the Web and agency databases.
Privacy must be considered when requirements are being analyzed and decisions are being made
about data usage and system design. This applies to all of the development methodologies and
system life cycles used in USDA.
Both the system owners and system developers must work together to complete the PIA. System
owners must address what data are used, how the data are used, and who will use the data.
System owners also need to address the privacy implications that result from the use of new
technologies (e.g., caller identification). The system developers must address whether the
implementation of the owner’s requirements presents any threats to privacy."
The Privacy Impact Assessment (PIA) document contains information on how the GSM Export
Credit Guarantee Systems (GSM/Web/PC) affects the privacy of its users and the information
stored ~vithin. This assessment is in accordance with NIST SP 800-37 Guide for the Security
Certification and Accreditation of Federal Information Systems.
Page 1
Date: November 10, 2009
�USDA
Privacy Impact Assessment for GSM Export Credit Guarantee Systems
(GSM/VVeb/PC)
2 System Information
Agency:
Farm Service Agency
System Name:
GSM Export Credit Guarantee Systems (GSM/Web/PC)
System Type:
[] M~or Application
[] General Support System
[] Non-maj or Application
System Categorization
(per FIPS 199):
[] High
[] Moderate
[] Low
Description of System:
The General Sales Manager Export Credit Guarantee System is an
application-based system that supports both the USDA Farm Service
Agency (FSA) and the Foreign Agricultural Service (FAS). The
application’s mission is to provide reporting of financial and GSM-102
program data to the FSA Financial Management Division (FMD) via the
General Sales Manager Data Mart (GSMDM) and to provide application
operational support for FSA.
Who owns this system?
(Name, agency, contact
information)
Angela Sieg
United States Department of Agriculture (USDA)
Farm Service Agency (FSA)
6501 Beacon Drive
Ka ~.~ Cily MC 64
(816) 926-1568
An~ela.Sie~@kcc.usda.gov
Brian Davies
Information System Security Program Manager (ISSPM)
U.S. Department of Agriculture
Farm Service Agency
!400 Independence Avenue SW
Washington, D.C. 20250
(202) 720-2419
brian.davies~wdc.nsda.~ov
Who is the security
contact for this system?
(Name, agency, contact
information)
Page 2
Date: November 10, 2009
�USDA
Privacy Impact Assessment for GSM Export Credit Guarantee Systems
(GSM/VVeb/PC)
Who completed this
document? (Name,
agency, contact
information)
Chris Caruthers
U.S. Department of Agriculture
Farm Service Agency
6501 Beacon Drive
Kansas City, MO 64133
816) 926-6848
Christophor.carnthers@kcc.usda.gov
3 Data Information
3.1 Data Collection
No. t
Question
1
Generally describe the data to be used in the Customer data: evidence of export, notice of
default, notice of assignment, claims,
system.
recoveries, fees, guarantee bank name,
payment bank name and payment bank account
number.
2
Does the system collect Social Security
Numbers (SSNs) or Taxpayer Identification
Numbers (TINs)?
[] Yes
[] No If NO, go to question 3.
collection of this information.
3
4
4.1
Page 3
[] Yes
ls the use of the data both relevant and
necessary to the purpose for which the system [] No
is being designed? In other words, the data is
absolutely needed and has significant and
demonstrable bearing on the system’s purpose
as required by statute or by Executive order of
the President.
Sources of the data in the system.
Customer, banks, Treasury Department,
Foreign Agricultaral Service (FAS), Farm
Service Agency (FSA), Financial Management
Division.
What data is being collected from the
customer?
Customer data: evidence of export, notice of
default, notice of assignment, claims,
recoveries, fees, guarantee bm~k name,
payment bank name and payment bank account
number.
Date: November 10, 2009
�USDA
Privacy Impact Assessment for GSM Expor~ Credit Guarantee Systems
(GSM/VVeb/PC)
Question
Response
Foreign Agricultural Service (FAS), Farm
Service Agency (FSA) Financial Management
Division
4.2
What USDA agencies are providing data for
use in the system?
4.3
What state and local agencies are providing NONE
data for use in the system?
Frnm whnt nthor third nnr’~v SOUrCeS is data
being collected?
5
5.1
5.2
5.3
Will data be collected from sources outside [] Yes
your agency? For example, customers, USDA [] No - lfNO, go to question 6.
sources (i.e., NFC, RD, etc.) or Non-USDA
sources.
Reconciliation and Review by Farm Service
How will the data collected from customers
Agency
(FSA) Financial Management
be verified for accuracy, relevance,
Division (FMD) The validations are
timeliness, and completeness?
accomplished by implementing field, module
and system level validation against user data
inputs
How will the data collected from USDA
sources be verified for accuracy, relevance, Reconciliation and Review by Farm Service
timeliness, and completeness?
Agency (FSA) Financial Management
Division (FMD)
How will the data collected from non-USDA
sources be verified for accuracy, relevance, Reconciliation and Review by Farm Service
fimel ,ess ,q~ d com~ etene~?
Division (FMD)
3.2 Data Use
~No.
6
Question
Response
Individuals must be informed in writing of theTo streamline the reporting process by
principal purpose of the information being implementing a common computing
collected from them. What is the principal procedure that accommodates the
purpose of the data being collected?
programming team in performing
maintenance of the financial data collected by
the GSM Web PC application"
7
Will the data be used for any other purpose? [~] Yes
[] No - If NO, go to qnestion 8.
7.1
What are the other pnr-poses?
Page 4
Date: November 10, 2009
�USDA
Privacy Impact Assessment for GSM Export Credit Guarantee Systems
(GSM/VVeb/PC)
8
Is the use of the data both relevant and
[] Yes
necessary to the purpose for which the system [] No
is being designed? In other words, the data is
absolutely needed and has significant and
demonstrable bearing on the system’s purpose
as required by statute or by Executive order of
the President
9
Will the system derive new data or create
[] Yes
previously unavailable data about an individual
[] No - If NO, go to question 10.
through aggregation from the information
collected (i.e., aggregating farm loans by zip
codes in which only one farm exists.)?
Will the new data be placed in the individual’s[] Yes
record (customer or employee)?
[] No
9.1
9.2
9.3
Can the system make determinations about
customers or employees that would not be
)ossible without the new data?
[] Yes
[] No
How will the new data be verified for relevance
and accuracy?
Individuals must be informed in writing of theTo streamline the reporting process by
routine uses of the information being collected implementing a common computing
from them. What are the intended routine uses procedure that accommodates the
of the data being collected?
programming team in performing
by the GSM Web PC appiicadon"
11
Will the data be used for any other uses (routine
[] Yes
or otherwise)?
[] No- If NO, go to question 12.
11,1
What are the other uses?
12
Automation of systems can lead to the
[] Yes
consolidation of data bringing data from
[] No If NO, go to question 13.
multiple sources into one central
location/system - and consolidation of
administrative controls. When administrative
controls are consolidated, they should be
evaluated so that all necessary privacy controls
remain in place to the degree necessary to
continue to control access to and use of the
data. Is data being consolidated?
12.l
What controls are in place to protect the data
and prevent unauthorized access?
Page 5
Date: November 10, 2009
�USDA
Privacy Impact Assessment for GSM Export Credit Guarantee Systems
(GSM/VVeb/PC)
Response .....
13 Are processes being consolidated?
13.1
What controls are in place to protect the data
and prevent unauthorized access?
No. [
Question
Is the data periodically purged from the
system?
14
[] Yes
[] No - If NO, go to question 14.
Response
[] Yes
[] No If NO, go to question 15.
How long is the data retained whether it is on
~aper, electronic, in the system or in a backup?
14.2 What are the procedures for purging the data at
the end of the retention period?
14.3 Where are these procedures documented?
t4.1
15
16
While the data is retained in the system, what Agreements, payment schedules, exports,
shipments, disbursements, and cash receipts
are the requirements for determining if the data
is still sufficiently accurate, relevant, timely, are reviewed for accuracy, relevancy,
and complete to ensure fairness in making timeliness and completeness upon initial entry
determinations?
into the system and when any required updates
are made.
I-!s the data ret~i,~ed ia*he ~vstera the mir~im~m [ [~] Yes
’,ecessgay for’~he piopei pei~bra, aace of a
documented agency function?
~1 No
3.4 Data Sharing
NO. ~
Question
Response
17
Will other agencies share data or have access to [] Yes
data in this system (i.e., international, federal, [] No - If NO, go to question 18.
state, local, other, etc.)?
17.1
How will the data be used by the other agency?The data will be used by the Office of Foreign
Assets Control ("OFAC") of the U.S. Treasury
Department. The OFAC office ensures that
terrorist, interaational narcotics traffickers and
other restricted persons are not allowed to
participate in U.S. Government programs such
as GSM.
Page 6
Date: November 10, 2009
�USDA
Privacy impact Assessme~ [ for GSM Export Credit Guarantee Systems
":, (GSMANeb/PC)
Question.
17.2
Who is responsible for assuring the other
agency properly uses the data?
Response
The data recipient is responsible for the proper
use of the data. Al! data that is forwarded
contains the following statement. This e-mai!
and any attachments may contain sensitive
data. It is your responsibility to adhere to
USDA policies and notices in the internal and
external use and protection of sensitive data.
If you authorize the release of this information
you must ensure the recipient is notified that
the data is sensitive and that the recipient is
responsible for securing and protecting the
data.
[] Yes
~ No - If NO, go to question 19.
18
ls the data transmitted to another :~gency or an
independent site?
18.1
MOU bet~veen NITC and Treasury 11/2009
Is there appropriate agreement"
in -~ace to
document the interconnection an~!I ensure the
PII and/or Privacy Act data is ap~::)priately
3rotected?
19
Is the system operated in more tl?ai~ one site? [] Yes
[] No lfNO, go to question 20.
19.1 J How will consistent use of the sss:em and dataAdministrative controls and procedures are
established to maintain consistent system use
[ be maintained in all sites?
3.5 Data Access
NO.
20
Who will have access to the data !n the system Customers, USDA employees have Update
(i.e., users, managers, system ad~., nistrators, Access, Exporters may submit data online and
developers, etc.)?
by request through FAS or FSA, OtG and
Congress may receive reports. WDC Users.
21 How will user access to the data
[ determined?
_:.
21,1 [ Are criteria, procedures, controls, :.nd
~ responsibilities regarding user access
[ documented?
Page 7
Access must be requested through FSA-13A
security forms with .justification
[] Yes
[] No
Date: November 10, 2009
�USDA
No,
Privacy Impact Assessme :t for GSM Export Credit Guarantee Systems
. (GSM/Web/PC)
Response
Question ....
Ho~v will user access to the data ~i, restricted?
Users are restricted through role-based
security within the application. Other users
are restricted by based on id level security
granted through eAuth~AS and database
administrators. Once access has been properly
granted, there are no restrictions to viewing
The data. Uodate caoabilities are restricted by
User ID.
[] Yes
E No
Does the system employ security ’~’ontrols to [~ Yes
make information unusable to unauthorized [] No
individuals (i.e., encryption, stror.~v.
authentication procedures, etc ~?~’÷
Are procedures in place to detect~ r deter
brmvsing or unauthorized user acbess?
3.6 Customer Protection
Question
Response
USDA Privacy Office
Who will be responsible for protcc~lng the
privacy rights of the customers an. employees
affected by the interface i.e.. of{q.,, person.
departmental position, etc.)?
25 I How can customers and employe, c4 contact the FSA National Help Desk at (800)-255-2434 or
office or person responsible for pr,!~tecting theirthe Centralized Help Desk at 800-457-3642 or
)rivacy rights?
By contacting John W. Underwood, Privacy
Officer. at
FSA Privacy Act Officer / FSA PIt Officer
USDA - Farm Service Agency
Beacon Facility - Mai! Stop 8388
9240 Troost Avenue
Kansas City, Missouri 64131-3055
Phone: 816-926-6992
Cell: 816-564-8938
Fax: 816-448-5833
mailto:iohn.underwood~kcc.usda.gov
~] Yes - lfYES, go zo question 27.
26 A "breach" refers ro a situation ~t’;~re data
and/or information assets are unda~iy exposed. [] No
Is a breach notification policy in u~ace for this
system?
26.1 If NO, please enter the Plan of A,’::*,0n and
M estones (POA&M) number w)h the
I estimated completion date. "
Page 8
Date: November 10, 2009
�USDA
Privacy Impact Assessm,~ t for GSM Export Credit Guarantee Systems
’ (GSMNVeb/PC)
Question i~
Response
Consider the following:
[] Yes
[] No - If NO, go to question 28.
Consolidation and linkage of ~ies and
systems
Derivation of data
Accelerated information proce:~sing and
decision making
Use of new technologies
Is there a potential to deprive act: tomer of due
process rights (fundamental rules cf famness).
27.1 Explain how this will be mitigate~ii?
Implementing a common computing procedure
28 How will the system and its use en!3ure
will be accomplished in the same manner for
equ tab e treatment of customers~,
all customers
27
Is there any possibility of treatin~i ~mstomers or [] Yes
employees differently based upon heir
[] No - If NO, go to question 30
individual or group characteristics?
29.1 Explain
Page 9
Date: November 10, 2009
�4 System of Record
Can the data be retrieved by a per.~ ~nal
identifier? In other words, does the system
actually retrieve data by the name of an
individual or by some other uniqu~ number,
symbol, or identifying attribute o he
individual?
.. ’_
30.1
Response
Question
No.
[] Yes
[] No - If NO, go to question 3I
How will the data be retrieved? I~.i~ther words,
what is the identifying attribute (4. employee
number, social security number,
30.2 Under which Systems of Record (~SOR) notice
does the system operate? Provide ~umber,
name and publication date. (SORs can be
viewed at ~wvw.access.GPO.gov,)..
30,3 If the system is being modified, ~i’!l the SOR
require amendment or revision?
[] Yes
[] No
5 Technology
No.
Question ""
Is the system using technologies ways not [] Yes
previously employed by the agent (e.g.,
[] No - If NO, the questionnaire is complete.
Caller-ID)?
"
31.1 How does the use of this technok( y affect
31
customer privacy?
Page 1
Date: November 10, 2009
�USDA
Privacy Impact Assessme~ t for GSM Export Credit Guarantee Systems
,:,. (GSM/VVeb/PC)
USDA
Page 3
Page 3
Privacy Impact Asses~m 3nt for GSM Ex~ort Credit Guarantee Systems
~ {GSMNVeb/PC)
Date: November t0, 2009
Date: November 10, 2009
�
