ML20227A297

From kanterella
Jump to navigation Jump to search
Radiation Protection Computer Code Analysis & Maintenance Program (Ramp) Privacy Impact Assessment 2020
ML20227A297
Person / Time
Issue date: 08/07/2020
From: Natalya Bobryakova
NRC/OCIO/GEMSD/CSB
To:
Natalya Bobryakova, 301-287-0671
References
PIA Template (04-2019)
Download: ML20227A297 (14)
v  d  e


Text

PIA Template (04-2019) Page 1 of 14 U.S. Nuclear Regulatory Commission Privacy Impact Assessment Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements.

Radiation Protection Computer Code Analysis & Maintenance Program (RAMP) Website Date: August 7, 2020 A. GENERAL SYSTEM INFORMATION

1. Provide a detailed description of the system:

Radiation Protection Computer Code Analysis and Maintenance Program (RAMP) is a Nuclear Regulatory Commission (NRC) program with the purpose of developing, distributing, maintaining, and providing training for NRC-sponsored radiation protection computer codes. The RAMP website is the online repository for the Office of Nuclear Regulatory Research (RES) RAMP computer codes and related documents. Only registered members have access to the RAMP computer codes, online training, and meeting materials. Users access the website via https://ramp.nrc-gateway.gov.

RAMP runs on a Federal Risk and Authorization Management Program (FedRAMP) authorized web-based platform-as-a-service supplied by Acquia Inc.

The Acquia Drupal platform relies on the physical infrastructure provided by the Amazon Web Services East/West US Public Cloud.

RAMP is a subsystem of the OCIO Third Party System (TPS). TPS provides a framework for managing cybersecurity compliance for various external Information Technology services used by NRC. TPS and its subsystems have no technical components on the NRC infrastructure.

2. What agency function does it support?

RAMP supports the agency licensing, inspection, and emergency response functions through development, maintenance, and distribution of the radiation protection computer codes.

3. Describe any modules or subsystems, where relevant, and their functions.

The RAMP website utilizes a Platform-as-a-Service provided by Acquia.

Configurations are implemented through Drupal 7 (migrating to Drupal 9 by 2021) which provides management modules to properly structure and place content.

PIA Template (04-2019) Page 2 of 14

4. What legal authority authorizes the purchase or development of this system?

The regulations in 10 Code of Federation Regulations (CFR) Part 20, titled:

Standards for Protection Against Radiation, requires all licensees to meet dose limits. The computer codes in RAMP calculate different scenarios for dose limits.

If the computer code printout determines the dose is below the limits in 10 CFR Part 20, the licensee meets the requirement. If the doses are above the limit, the licensee is required to implement processes to bring the doses below the limit.

5. What is the purpose of the system and the data to be collected?

The purpose of RAMP is to support the development, maintenance, and distribution of the NRC's vast array of radiation protection, dose assessment, and emergency response computer codes, as well as periodic training on the codes.

6. Points of

Contact:

Office/Division/Bran Project Manager Telephone ch Vered Shaffer RES/DSA/RPB 301-415-3911 Business Project Office/Division/Bran Telephone Manager ch Vered Shaffer RES/DSA/RPB 301-415-3911 Technical Project Office/Division/Bran Telephone Manager ch James Wiedeman Leidos 240-403-4280 Office/Division/Bran Executive Sponsor Telephone ch Raymond Furstenau RES 301-415-1902 Office/Division/Bran TPS ISSO Telephone ch OCIO/GEMSD/CSB/I Natalya Bobryakova 301-287-0671 AT Office/Division/Bran Subsystem Owner/User Telephone ch Raymond Furstenau RES 301-415-1902

PIA Template (04-2019) Page 3 of 14

7. Does this privacy impact assessment (PIA) support a proposed new system or a proposed modification to an existing system?
a. New System X Modify Existing System Other
b. If modifying or making other updates to an existing system, has a PIA been prepared before?

Yes.

(1) If yes, provide the date approved and Agencywide Documents Access and Management System (ADAMS) accession number.

ML18025B499 (2) If yes, provide a summary of modifications or other changes to the existing system.

The PIA is modified to use a new PIA Template and update Points of Contact information.

The RAMP website is in transition to Drupal 9, which is set for completion by November 2021.

8. Do you have an NRC system Enterprise Architecture (EA)/Inventory number?

No. The RAMP website is an externally hosted application.

a. If yes, please provide Enterprise Architecture (EA)/Inventory number.
b. If, no, please contact EA Service Desk to get Enterprise Architecture (EA)/Inventory number.

B. INFORMATION COLLECTED AND MAINTAINED These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals.

PIA Template (04-2019) Page 4 of 14

1. INFORMATION ABOUT INDIVIDUALS
a. Does this system maintain information about individuals?

Yes.

(1) If yes, identify the group(s) of individuals (e.g., Federal employees, Federal contractors, licensees, general public (provide description for general public (non-licensee workers, applicants before they are licenses etc.))).

Federal employees, federal contractors, licensees, and individuals from the general public, such as non-licensee workers and applicants.

(2) IF NO, SKIP TO QUESTION B.2.

b. What information is being maintained in the system about an individual (be specific - e.g. Social Security Number, Place of Birth, Name, Address)?

The RAMP website stores first and last names, the organization that the user belongs to, codes requested, and membership type (foreign or domestic).

Country of citizenship, business email address, and business telephone number are collected in a non-disclosure agreement form, but this information is not maintained in the RAMP system. The non-disclosure agreement form is stored in ADAMS and is protected as personally identifiable information (PII).

c. Is information being collected from the subject individual?

Yes, the information is collected in a non-disclosure agreement form.

(1) If yes, what information is being collected?

First and last names, the organization that the user belongs to, business email address, business mailing address, and country of citizenship.

d. Will the information be collected from individuals who are not Federal employees?

Yes.

(1) If yes, does the information collection have the Office of Management and Budget (OMB) approval?

Yes.

PIA Template (04-2019) Page 5 of 14 (a) If yes, indicate the OMB approval number:

The approval number is 3150-0240.

e. Is the information being collected from existing NRC files, databases, or systems?

No.

(1) If yes, identify the files/databases/systems and the information being collected.

f. Is the information being collected from external sources (any source outside of the NRC)?

No, only from the individual.

(1) If yes, identify the source and what type of information is being collected?

g. How will information not collected directly from the subject individual be verified as current, accurate, and complete?

All information will be collected from the subject individual.

h. How will the information be collected (e.g. form, data transfer)?

The user will download a non-disclosure agreement form from the website. The user will fill out the form and eFax or email the form to RAMP@nrc.gov.

2. INFORMATION NOT ABOUT INDIVIDUALS
a. Will information not about individuals be maintained in this system?

Yes.

(1) If yes, identify the type of information (be specific).

NRC-sponsored radiation protection computer codes (RASCAL, GENII, MiLDOS, DandD, SNAP/RADTRAD, HABIT, GALE, RADTRAN, NRCDose, VARKSIN, Radiological Toolbox, PiMAL, PAVAN, and ARCON96) and related documents. Only registered members have access to download codes and related documents.

The related documents contain information on how to run the computer codes and training materials.

PIA Template (04-2019) Page 6 of 14

b. What is the source of this information? Will it come from internal agency sources and/or external sources? Explain in detail.

RES maintains and develops the RAMP suite of codes. The codes are housed on the RAMP website for download. User log in is required for a user to be able to obtain the codes.

C. USES OF SYSTEM AND INFORMATION These questions will identify the use of the information and the accuracy of the data being used.

1. Describe all uses made of the data in this system.

The codes are run by the users for emergency response for radiation dosage, consequence analysis, decontamination, and other functions.

1. Is the use of the data both relevant and necessary for the purpose for which the system is designed?

Yes.

2. Who will ensure the proper use of the data in this system?

The RES RAMP Program Manager approves users who have submitted a non-disclosure agreement to RAMP@nrc.gov.

3. Are the data elements described in detail and documented?

No.

a. If yes, what is the name of the document that contains this information and where is it located?
4. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?

No.

Derived data is obtained from a source for one purpose and then the original information is used to deduce/infer a separate and distinct bit of information that is aggregated to form information that is usually different from the source information.

Aggregation of data is the taking of various data elements and then turning it into a composite of all the data to form another type of data (i.e. tables or data arrays).

a. If yes, how will aggregated data be maintained, filed, and utilized?
b. How will aggregated data be validated for relevance and accuracy?

PIA Template (04-2019) Page 7 of 14

c. If data are consolidated, what controls protect it from unauthorized access, use, or modification?

See the RAMP System Security Plan (SSP), ML18338A473, for all security controls.

5. How will data be retrieved from the system? Will data be retrieved by an individuals name or personal identifier (name, unique number or symbol)?

(Be specific.)

Users must login to the RAMP website with a user ID and password to be able to download codes. No information about individuals is retrieved from the system.

a. If yes, explain, and list the identifiers that will be used to retrieve information on the individual.
6. Has a Privacy Act System of Records Notice (SORN) been published in the Federal Register?

No.

a. If Yes, provide name of SORN and location in the Federal Register.
7. If the information system is being modified, will the SORN(s) require amendment or revision?

No.

8. Will this system provide the capability to identify, locate, and monitor (e.g.,

track, observe) individuals?

No.

a. If yes, explain.

(1) What controls will be used to prevent unauthorized monitoring?

9. List the report(s) that will be produced from this system.

None.

a. What are the reports used for?
b. Who has access to these reports?

PIA Template (04-2019) Page 8 of 14 D. ACCESS TO DATA

1. Which NRC office(s) will have access to the data in the system?

RES RAMP program managers, RES management, and Leidos RAMP contractors only.

(1) For what purpose?

For input and maintenance of the system.

(2) Will access be limited?

Access will be limited to only those whose job it is to maintain the system.

2. Will other NRC systems share data with or have access to the data in the system?

No.

(1) If yes, identify the system(s).

(2) How will the data be transmitted or disclosed?

3. Will external agencies/organizations/public have access to the data in the system?

Yes.

(1) If yes, who?

Members of the public who have signed a non-disclosure agreement, been vetted by the NRC RAMP Program Manager, and assigned a user identifier (ID).

(2) Will access be limited?

Yes. They will only have access to the codes and related documents they are approved for, based on the approved non-disclosure agreement.

(3) What data will be accessible and for what purpose/use?

The codes and related documents that the user has been approved for.

(4) How will the data be transmitted or disclosed?

The data will be downloaded from the website by the user.

PIA Template (04-2019) Page 9 of 14 E. RECORDS AND INFORMATION MANAGEMENT (RIM) - RETENTION AND DISPOSAL The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and NARA statutes (44 U.S.C., 36 CFR). Under 36 CFR 1234.10, agencies are required to establish procedures for addressing records management requirements, including recordkeeping requirements and disposition, before approving new electronic information systems or enhancements to existing systems. The following question is intended to determine whether the records and data/information in the system have approved records retention schedule and disposition instructions, whether the system incorporates RIM and NARAs Universal Electronic Records Management requirements, and if a strategy is needed to ensure compliance.

1. Can you map this system to an applicable retention schedule in NRCs Comprehensive Records Disposition Schedule (NUREG-0910), or NARAs General Records Schedules?

No.

This system will need to be scheduled; therefore, NRC records personnel will need to work with staff to develop a records retention and disposition schedule for records created or maintained. Until the approval of such schedule, these records and information are Permanent. Their willful disposal or concealment (and related offenses) is punishable by fine or imprisonment, according to 18 U.S.C., Chapter 101, and Section 2071. Implementation of retention schedules is mandatory under 44 U.S. 3303a (d), and although this does not prevent further development of the project, retention functionality or a manual process must be incorporated to meet this requirement.

a. If yes, please cite the schedule number, approved disposition, and describe how this is accomplished (then move to F.1).

For example, will the records or a composite thereof be deleted once they reach their approved retention or exported to an approved file format for transfer to the National Archives based on their approved disposition?

b. If no, please contact the Records and Information Management (RIM) staff at ITIMPolicy.Resource@nrc.gov.

RES is working with the Records Retention group to identify which retention schedules are applicable to RAMP. The retention schedule should be in place by November 2021 to support the RAMP website redesign.

PIA Template (04-2019) Page 10 of 14 F. TECHNICAL ACCESS AND SECURITY

1. Describe the security controls used to limit access to the system (e.g., passwords).

See the RAMP SSP (ML18338A473) for all security controls.

2. What controls will prevent the misuse (e.g., unauthorized browsing) of system data by those having access?

RAMP utilizes password-based authentication and role-based access controls.

The RAMP SSP details the current system security controls used to prevent the misuse of data.

3. Are the criteria, procedures, controls, and responsibilities regarding access to the system documented?

Yes.

(1) If yes, where?

See the RAMP SSP for all security controls as well as the Acquia Cloud FedRAMP documentation.

4. Will the system be accessed or operated at more than one location (site)?

No.

a. If yes, how will consistent use be maintained at all sites?
5. Which user groups (e.g., system administrators, project managers, etc.)

have access to the system?

Administrators and users.

6. Will a record of their access to the system be captured?

Yes.

a. If yes, what will be collected?

A log contains the user ID, allowed codes for access, start date of membership, and last login date and time.

7. Will contractors be involved with the design, development, or maintenance of the system?

Yes.

PIA Template (04-2019) Page 11 of 14 If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or PII contract clauses are inserted in their contracts.

Federal Acquisition Regulation (FAR) clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function.

PII clause, Contractor Responsibility for Protecting Personally Identifiable Information (June 2009), in all contracts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII.

8. What auditing measures and technical safeguards are in place to prevent misuse of data?

See the RAMP SSP (ML18338A473) for all security controls.

9. Is the data secured in accordance with Federal Information Security Management Act (FISMA) requirements?

Yes, data is secured in accordance with FISMA requirements. RAMP relies on the FedRAMP authorized Acquia Cloud to secure system data.

a. If yes, when was Certification and Accreditation last completed?

August 26, 2019.

PIA Template (04-2019) Page 12 of 14 PRIVACY IMPACT ASSESSMENT REVIEW/APPROVAL (For Use by OCIO/GEMSD/CSB Staff)

System Name: Radiation Protection Computer Code Analysis & Maintenance Program (RAMP) Website Submitting Office: RES A. PRIVACY ACT APPLICABILITY REVIEW X Privacy Act is not applicable.

Privacy Act is applicable.

Comments:

RAMP system does not contain PII information. The RAMP website stores first and last names, the organization that the user belongs to, and membership type (foreign or domestic) and user id.

Reviewers Name Title Signed by Hardy, Sally on 09/03/20 Privacy Officer B. INFORMATION COLLECTION APPLICABILITY DETERMINATION No OMB clearance is needed.

OMB clearance is needed.

X Currently has OMB Clearance. Clearance No. 3150-0240 Comments:

Reviewers Name Title Signed by Cullison, David on 08/26/20 Agency Clearance Officer

PIA Template (04-2019) Page 13 of 14 C. RECORDS RETENTION AND DISPOSAL SCHEDULE DETERMINATION No record schedule required.

Additional information is needed to complete assessment.

X Needs to be scheduled.

Existing records retention and disposition schedule covers the system - no modifications needed.

Comments:

This system will need to be scheduled; therefore, NRC records personnel will need to work with staff to develop a records retention and disposition schedule for records created or maintained. Until the approval of such schedule, these records and information are Permanent. Their willful disposal or concealment (and related offenses) is punishable by fine or imprisonment, according to 18 U.S.C., Chapter 101, and Section 2071.

Implementation of retention schedules is mandatory under 44 U.S. 3303a (d), and although this does not prevent further development of the project, retention functionality or a manual process must be incorporated to meet this requirement.

Reviewers Name Title Signed by Dove, Marna on 09/02/20 Sr. Program Analyst, Electronic Records Manager D. BRANCH CHIEF REVIEW AND CONCURRENCE X This IT system does not collect, maintain, or disseminate information in identifiable form from or about members of the public.

This IT system does collect, maintain, or disseminate information in identifiable form from or about members of the public.

I concur in the Privacy Act, Information Collections, and Records Management reviews:

Signed by Brown, Cris on 09/04/20 Chief Cyber Security Branch Governance and Enterprise Management Services Division Office of the Chief Information Officer

PIA Template (04-2019) Page 14 of 14 TRANSMITTAL OF PRIVACY IMPACT ASSESSMENT/

PRIVACY IMPACT ASSESSMENT REVIEW RESULTS TO: Raymond Furstenau, Director, Office of Nuclear Regulatory Research Name of System: Radiation Protection Computer Code Analysis & Maintenance Program (RAMP) Website Date CSB received PIA for review: Date CSB completed PIA review:

August 17, 2020 September 3, 2020 Noted Issues:

RAMP system does not contain PII information. The RAMP website stores first and last names, the organization that the user belongs to, and membership type (foreign or domestic) and user ID.

The non-disclosure agreement form (NDR) is used for granting/vetting access to the RAMP system. Country of citizenship, business email address, and business telephone number are collected in NDR. The NDR is stored in ADAMS and is not maintained in the RAMP system.

Chief Signature/Date:

Cyber Security Branch Governance and Enterprise Management Signed by Brown, Cris Services Division on 09/04/20 Office of the Chief Information Officer Copies of this PIA will be provided to:

Thomas G. Ashley, Jr.

Director IT Services Development and Operations Division Office of the Chief Information Officer Jonathan R. Feibus Chief Information Security Officer (CISO)

Office of the Chief Information Officer

Retrieved from "https://kanterella.com/w/index.php?title=ML20227A297&oldid=2945476"