ML18102A087: Difference between revisions
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
||
Line 15: | Line 15: | ||
=Text= | =Text= | ||
{{#Wiki_filter:}} | {{#Wiki_filter:Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements. | ||
These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals. | |||
These questions will identify the use of the information and the accuracy of the data being used. | |||
: 5. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected? | |||
Derived data is obtained from a source for one purpose and then the original information is used to de duce/infer a separate and distin ct bit of information that is aggregated to form information that is usually differen t from the source information. | |||
Aggregation of data is the taking of various data elements and then turning it into a composite of all the data to form another type of data (i.e. tables or data arrays). | |||
controlsretrieved | |||
The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and are required under 36 CFR 1234.10. The following questions are intended to determine whether the records in the system have an approved records retention schedule or if one will be needed. | |||
** | |||
If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or PII cont ract clauses are inserted in their contracts. | |||
*FAR clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function. | |||
*PII clause, "Contractor Responsibility for Protecting Personally Identifiable Information" (June 2009), in all cont racts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII. | |||
(For Use by OCIO/GEMS/ISB Staff) | |||
Copies of this PIA will be provided to: | |||
Tom Rich, Director IT Services Development & Operation Division Office of the Chief Information Officer Jonathan Feibus Chief Information Security Officer (CISO) Governance & Enterprise Management Services Division Office of the Chief Information Officer}} |
Revision as of 14:54, 21 September 2018
ML18102A087 | |
Person / Time | |
---|---|
Issue date: | 05/15/2018 |
From: | McGowan A T NRC/OCIO |
To: | |
References | |
Download: ML18102A087 (13) | |
Text
Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements.
These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals.
These questions will identify the use of the information and the accuracy of the data being used.
- 5. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?
Derived data is obtained from a source for one purpose and then the original information is used to de duce/infer a separate and distin ct bit of information that is aggregated to form information that is usually differen t from the source information.
Aggregation of data is the taking of various data elements and then turning it into a composite of all the data to form another type of data (i.e. tables or data arrays).
controlsretrieved
The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and are required under 36 CFR 1234.10. The following questions are intended to determine whether the records in the system have an approved records retention schedule or if one will be needed.
If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or PII cont ract clauses are inserted in their contracts.
- FAR clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function.
- PII clause, "Contractor Responsibility for Protecting Personally Identifiable Information" (June 2009), in all cont racts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII.
(For Use by OCIO/GEMS/ISB Staff)
Copies of this PIA will be provided to:
Tom Rich, Director IT Services Development & Operation Division Office of the Chief Information Officer Jonathan Feibus Chief Information Security Officer (CISO) Governance & Enterprise Management Services Division Office of the Chief Information Officer