ML18025B499

From kanterella
Jump to navigation Jump to search
Radiation Protection Computer Code Analysis & Maintenance Program (RAMP)- Privacy Impact Analysis 2018
ML18025B499
Person / Time
Issue date: 06/05/2018
From: Anna Mcgowan
NRC/OCIO
To:
References
Download: ML18025B499 (13)
v  d  e


Text

ADAMS ML18025B499 U.S. Nuclear Regulatory Commission Privacy Impact Assessment Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements.

Radiation Protection Computer Code Analysis

& Maintenance Program (RAMP)

Date: January 25, 2018 A.

GENERAL SYSTEM INFORMATION

1.

Provide a detailed description of the system:

RAMP is a new program at the NRC with the purpose of developing, distributing, maintaining, and providing training for NRC-sponsored radiation protection codes. The RAMP website is the repository of RES RAMP computer codes (RASCAL, SNAP/RADTRAD, HABIT, GALE, Radiological Toolbox, PiMAL, DandD, GENII, MiLDOS, XOQDOQ, PAVAN, VARKSIN, ATM and ARCON96) and related documents. Only registered members have access to download codes, on-line training, and meeting materials. Users access the website via https://www.usnrc-ramp.com/. Registered users must enter a username and password to access the restricted information.

2.

What agency function does it support?

RAMP supports emergency response with codes for radiation dosage, consequence analysis, decontamination, and other functions.

3.

Describe any modules or subsystems, where relevant, and their functions.

There are modules that are used to design the website, but there are no subsystems. The RAMP website uses Drupal modules covering the following areas; managing and displaying RAMP content, user registration and user input.

4.

What legal authority authorizes the purchase or development of this system?

The regulations in 10 Code of Federation Regulations (CFR) Part 20, titled:

Standards for Protection Against Radiation, requires all licensees to meet dose limits. The computer codes in RAMP calculate different scenarios for dose limits.

If the computer code printout determines the dose is below the limits in 10 CFR Part 20, the licensee meets the requirement. If the doses are above the limit, the

licensee is required to implement process to bring the doses below the limit.

5.

What is the purpose of the system and the data to be collected?

The purpose of RAMP is developing, distributing, maintaining, and providing training for NRC-sponsored radiation protection codes.

6.

Points of

Contact:

Project Manager Office/Division/Branch Telephone Stephanie Bush-Goddard RES/DSA/RPB 301-415-0755 Business Project Manager Office/Division/Branch Telephone Stephanie Bush-Goddard RES/DSA/RPB 301-415-0755 Technical Project Manager Office/Division/Branch Telephone Wendy Chinchilla Leidos 240-753-0185 Executive Sponsor Office/Division/Branch Telephone Michael Weber RES 301-415-1902

7.

Does this privacy impact assessment (PIA) support a proposed new system or a proposed modification to an existing system?

a.

X New System Modify Existing System Other (Explain)

b.

If modifying an existing system, has a PIA been prepared before?

(1)

If yes, provide the date approved and ADAMS accession number.

N/A (2)

If yes, provide a summary of modifications to the existing system.

N/A B.

INFORMATION COLLECTED AND MAINTAINED

These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals.

1.

INFORMATION ABOUT INDIVIDUALS

a.

Does this system maintain information about individuals?

Yes (1)

If yes, identify the group(s) of individuals (e.g., Federal employees, Federal contractors, licensees, general public).

Federal employees and members of the public.

(2)

IF NO, SKIP TO QUESTION B.2.

b.

What information is being maintained in the system about an individual (be specific)?

The RAMP website stores first and last names, the organization that the user belongs to, and membership type (foreign or domestic).

Country of citizenship, business email address, and business telephone number are collected in a non-disclosure agreement form, but are not maintained in the RAMP system. The non-disclosure agreement form is stored in ADAMS.

c.

Is information being collected from the subject individual?

Yes, the information is collected in a non-disclosure agreement form.

(1)

If yes, what information is being collected?

First and last names, organization that the user belongs to, business email address, business mailing address, and country of citizenship.

d.

Will the information be collected from 10 or more individuals who are not Federal employees?

Yes.

(1)

If yes, does the information collection have OMB approval?

No it is not necessary because Management Directive on the Information Collection Program MD 3.54 list several things that are exempt from the Paperwork Reduction Act because they are

generally not information. We are using exemption 2(h) highlighted below:

Offices seeking to collect information using social media should contact OCIO to confirm that the proposed collection is exempt from OMB clearance requirements. The following are examples of exempt uses of social media:

(a) General or undifferentiated online suggestion boxes, which do not include specific questions; (b) General, open-ended requests for comments on a report or proposed initiative, or for ideas, comments, suggestions, or anything else that might improve the program; (c) Agency publication of an e-mail address to which respondents may send general suggestions; (d) Subscriptions to agency notifications or publications that require the collection of only name, address, and/or e-mail address; (e) Online account creation tools that are limited to e-mail address, username, password, and geographic location (e.g.,

State, region, or ZIP code) for account registration; (f) Interactive meetings that are conducted in a manner that is equivalent to in-person public meetings (public conference calls, webinars, blogs, discussion boards, forums, message boards, chat sessions, social networks, and online communities);

(g) Ratings and rankings of postings or comments by Web site users, including voting on, flagging, labeling, or similarly assessing the value of ideas, solutions, suggestions, questions, and comments posted by other Web site users; (h) Information that is necessary to conduct a voluntary commercial transaction, related to the selection, payment, or delivery of an item, or to identify the person ordering an item; and (i) Agency-sponsored contests, if no additional information is collected for the contest beyond what is necessary to contact the entrants and no structured questions are asked.

a) If yes, indicate the OMB approval number:

e.

Is the information being collected from existing NRC files, databases, or systems?

No.

(1)

If yes, identify the files/databases/systems and the information being collected.

f.

Is the information being collected from external sources (any source outside of the NRC)?

No.

(1)

If yes, identify the source and what type of information is being collected?

g.

How will information not collected directly from the subject individual be verified as current, accurate, and complete?

All information will be collected from the subject individual.

h.

How will the information be collected (e.g. form, data transfer)?

The user will download a non-disclosure agreement form from the website. The user will fill out the form, and eFAX or email the form to RAMP@nrc.gov.

2.

INFORMATION NOT ABOUT INDIVIDUALS

a.

Will information not about individuals be maintained in this system?

Yes.

(1)

If yes, identify the type of information (be specific).

NRC-sponsored radiation protection codes computer codes (RASCAL, SNAP/RADTRAD, HABIT, GALE, Radiological Toolbox, PiMAL, DandD, GENII, MiLDOS, XOQDOQ, PAVAN, VARKSIN, ATM and ARCON96) and related documents. The related document contain information on how to run the computer codes and training materials.

b.

What is the source of this information? Will it come from internal agency sources and/or external sources? Explain in detail.

These codes come from the NRC Office of Nuclear Regulatory Research (RES).

1) USES OF SYSTEM AND INFORMATION These questions will identify the use of the information and the accuracy of the data being used.

(i)

Describe all uses made of the data in this system.

The codes are run by the users for emergency response for radiation dosage, consequence analysis, decontamination, and other functions.

b)

Is the use of the data both relevant and necessary for the purpose for which the system is designed?

Yes.

c)

Who will ensure the proper use of the data in this system?

RES will vet users who have submitted a non-disclosure agreement.

d)

Are the data elements described in detail and documented?

No.

i)

If yes, what is the name of the document that contains this information and where is it located?

e)

Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?

No.

Derived data is obtained from a source for one purpose and then the original information is used to deduce/infer a separate and distinct bit of information that is aggregated to form information that is usually different from the source information.

Aggregation of data is the taking of various data elements and then turning it into a composite of all the data to form another type of data (i.e. tables or data arrays).

i)

If yes, how will aggregated data be maintained, filed, and utilized?

ii)

How will aggregated data be validated for relevance and accuracy?

iii)

If data are consolidated, what controls protect it from unauthorized access, use, or modification?

See RES RAMP FY17 System Security Plan for all security controls.

f)

How will data be retrieved from the system? Will data be retrieved by an individuals name or personal identifier? (Be specific.)

User must login to the RAMP website with a userid and password and then download files. Once logged in to the website, an administrator, via the database, can access the administer functions that allows search of user accounts with first and last name or business email. If a user had to be deleted then the RAMP administrator will log in and disable the user account.

g)

Will this system provide the capability to identify, locate, and monitor (e.g.,

track, observe) individuals?

No.

i)

If yes, explain.

(1)

What controls will be used to prevent unauthorized monitoring?

h)

List the report(s) that will be produced from this system.

None.

i)

What are the reports used for?

ii)

Who has access to these reports?

2) ACCESS TO DATA a)

Which NRC office(s) will have access to the data in the system?

RES and Leidos admins.

(1)

For what purpose?

Maintenance of the system.

(2)

Will access be limited?

Access will be limited to only those whose job it is to maintain the system.

b)

Will other NRC systems share data with or have access to the data in the system?

No (1)

If yes, identify the system(s).

(2)

How will the data be transmitted or disclosed?

c)

Will external agencies/organizations/public have access to the data in the system?

Yes.

(1)

If yes, who?

Members of the public who have signed a non-disclosure agreement, been vetted by NRC RES, and assigned a userid.

(2)

Will access be limited?

Yes. They will only be granted to the codes and related documents they are approved for.

(3)

What data will be accessible and for what purpose/use?

The codes and related documents that the user has been approved for.

(4)

How will the data be transmitted or disclosed?

The data will be downloaded from the website by the user.

3) RECORDS RETENTION AND DISPOSAL The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and are required under 36 CFR 1234.10. The following questions are intended to determine whether the records in the system have an approved records retention schedule or if one will be needed.
1.

Can you map this system to an applicable retention schedule in NUREG-0910, or the General Records Schedules at http://www.archives.gov/records-mgmt/grs ?

No.

a.

If yes, please cite the schedule number, approved disposition, and describe how this is accomplished. For example, will the records or a composite thereof be deleted once they reach their approved retention or exported to a file for transfer based on their approved disposition?

b.

If the answer to question E.1 is yes, skip to F.1. If the response is no, complete question E.2 through question E.7.

2.

If the records cannot be mapped to an approved records retention schedule, how long do you need the records? Please explain.

We will need to retain records as long as the person is using the computer code and it varies from individual to individual. Once a person notifies us that they no longer use the code, we will delete the record. At the moment, we will keep for as long as the person is using the code.

3.

Would these records be of value to another organization or entity at some point in time? Please explain.

No. Organizations who find value in these records will submit a NDA to obtain access.

4.

How are actions taken on the records? For example, is new data added or updated by replacing older data on a daily, weekly, or monthly basis?

The computer codes are updated on an as needed basis.

5.

What is the event or action that will serve as the trigger for updating, deleting, removing, or replacing information in the system? For example, does the information reside in the system for three years after it is created and then is it deleted?

Updates are made when new methods for radiation protection are developed.

Related documents are updated as needed.

6.

Is any part of the record an output, such as a report, or other data placed in ADAMS or stored in any other location, such as a shared drive or MS SharePoint?

The non-disclosure agreement is stored in ADAMS.

7.

Does this system allow for the deletion or removal of records no longer needed and how will that be accomplished?

RAMP Admins will delete records that are no longer needed at the direction of RES. Organizations that no longer require a userid will email RAMP@nrc.gov and the admins will be directed to disable the accounts.

4) TECHNICAL ACCESS AND SECURITY
1. Describe the security controls used to limit access to the system (e.g.,

passwords).

A: See RES RAMP FY17 System Security Plan for all security controls.

2. What controls will prevent the misuse (e.g., unauthorized browsing) of system data by those having access?

See RES RAMP FY17 System Security Plan for all security controls.

3. Are the criteria, procedures, controls, and responsibilities regarding access to the system documented?

Yes

a. If yes, where?

See RES RAMP FY17 System Security Plan for all security controls.

4. Will the system be accessed or operated at more than one location (site)?

No.

a. If yes, how will consistent use be maintained at all sites
5. Which user groups (e.g., system administrators, project managers, etc.) have access to the system?

Admins and users.

6. Will a record of their access to the system be captured?

Yes.

a. If yes, what will be collected?

A log contains the userid, allowed codes for access, start date of membership, last login date and time.

7. Will contractors be involved with the design, development, or maintenance of the system?

Yes.

If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or PII contract clauses are inserted in their contracts.

FAR clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function.

PII clause, Contractor Responsibility for Protecting Personally Identifiable Information (June 2009), in all contracts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII.

8. What auditing measures and technical safeguards are in place to prevent misuse of data?

See RES RAMP FY17 System Security Plan for all security controls.

9. Are the data secured in accordance with FISMA requirements?

Yes. See RES RAMP FY17 System Security Plan for all security controls.

a)

If yes, when was Certification and Accreditation last completed?

Currently in progress.

PRIVACY IMPACT ASSESSMENT REVIEW/APPROVAL (For Use by OCIO/GEMS/ISB Staff)

System Name: Radiation Protection Computer Code Analysis & Maintenance Program (RAMP)

Submitting Office: Office of Nuclear Regulatory Research A.

PRIVACY ACT APPLICABILITY REVIEW X

Privacy Act is not applicable.

Privacy Act is applicable.

Comments:

RAMP system does not contain PII information. The RAMP website stores first and last names, the organization that the user belongs to, and membership type (foreign or domestic) and userid.

Reviewers Name Title Date Sally A. Hardy Privacy Officer 5/25/2018 B.

INFORMATION COLLECTION APPLICABILITY DETERMINATION No OMB clearance is needed.

X OMB clearance is needed.

Currently has OMB Clearance. Clearance No.

Comments:

The RES NDA for code distribution which is used by RAMP requires an OMB clearance.

Several questions in the NDA are covered by the Paperwork Reduction Act. OCIO will be working with RES to develop a clearance package Reviewers Name Title Date David Cullison Agency Clearance Officer 4/25/2018

C.

RECORDS RETENTION AND DISPOSAL SCHEDULE DETERMINATION No record schedule required.

Additional information is needed to complete assessment.

X Needs to be scheduled.

Existing records retention and disposition schedule covers the system - no modifications needed.

Comments:

This system will need to be scheduled; therefore, NRC records personnel will need to work with the Research office and subject matter experts to develop a records retention and disposition schedule for records created or maintained. Until the approval of such schedule, these records and information are permanent. Their willful disposal or concealment (and related offenses) is punishable by fine or imprisonment, according to 18 U.S.C., Chapter 101, and Section 2071.

Implementation of retention schedules is mandatory under 44 U.S. 3303a (d), and although this does not prevent further development of the project, retention functionality or a manual process must be incorporated to meet this requirement.

Reviewers Name Title Date Marna B. Dove Sr. Program Analyst, Electronic Records Manager 2/7/2018 D.

BRANCH CHIEF REVIEW AND CONCURRENCE X

This IT system does not collect, maintain, or disseminate information in identifiable form from or about members of the public.

This IT system does collect, maintain, or disseminate information in identifiable form from or about members of the public.

I concur in the Privacy Act, Information Collections, and Records Management reviews:

/RA/ Date June 5, 2018 Anna T. McGowan, Chief Information Services Branch Governance & Enterprise Management Services Division Office of the Chief Information Officer

TRANSMITTAL OF PRIVACY IMPACT ASSESSMENT/

PRIVACY IMPACT ASSESSMENT REVIEW RESULTS TO: Michael Weber, Director, Office of Nuclear Regulatory Research Name of System: Radiation Protection Computer Code Analysis & Maintenance Program (RAMP)

Date ISB received PIA for review:

January 25, 2018 Date ISB completed PIA review:

May 25, 2018 Noted Issues:

RAMP system does not contain PII information. The RAMP website stores first and last names, the organization that the user belongs to, and membership type (foreign or domestic) and userid.

The NDR is used for granting/vetting access to the RAMP system. Country of citizenship, business email address, and business telephone number are collected in a non-disclosure agreement form (NDR). The non-disclosure agreement form is stored in ADAMS and is not maintained in the RAMP system.

Anna T. McGowan, Chief Information Services Branch Governance & Enterprise Management Services Division Office of the Chief Information Officer Signature/Date:

/RA/ June 5, 2018 Copies of this PIA will be provided to:

Tom Rich, Director IT Services Development & Operation Division Office of the Chief Information Officer Jonathan Feibus Chief Information Security Officer (CISO)

Governance & Enterprise Management Services Division Office of the Chief Information Officer

Retrieved from "https://kanterella.com/w/index.php?title=ML18025B499&oldid=5036689"