ML17285A874

From kanterella
Revision as of 13:30, 29 October 2019 by StriderTol (talk | contribs) (Created page by program invented by StriderTol)
Jump to navigation Jump to search
Replacement Reactor Program System - Oct 2017 Pia
ML17285A874
Person / Time
Issue date: 10/19/2017
From: Olga Benjumea
NRC/NRR/DMPS/RISB
To:
Benjumea O, NRR/RISB, 415-5233
References
Download: ML17285A874 (15)


Text

ADAMS ML17285A874 U.S. Nuclear Regulatory Commission Privacy Impact Assessment Designed to collect the information necessary to make relevant determinations regarding the applicability of the Privacy Act, the Paperwork Reduction Act information collection requirements, and records management requirements.

Reactor Program System Date: October 19, 2017 A. GENERAL SYSTEM INFORMATION

1. Provide a detailed description of the system:

NRC staff and contractors use the Replacement Reactor Program System (RPS) for the following activities:

  • to track licensing of reactor operators
  • to plan, schedule, and track power and research test reactors inspections
  • to plan and track workload for facility licensing activities
  • to manage the Reactor Oversight Process, including Human Factors
  • to monitor operational experience and manage operational workload
  • to review and publish event status reports
2. What agency function does it support?

RPS tracks licensing of operators, provides planning, scheduling and reporting capabilities to support the NRC reactor licensing, inspection and oversight processes.

3. Describe any modules or subsystems, where relevant, and their functions.

N/A

4. What legal authority authorizes the purchase or development of this system?

42 U.S.C. 2201(d), 2201(p) (1996) and 42 U.S.C. 2137 and 2201(i) (1996).

1

5. What is the purpose of the system and the data to be collected?

Information in these records may be used:

a. To track the status of operator licensing candidates and licensed facility operators.
b. To provide reports and statistical evaluations related to selection, training, examination and licensing of facility operators and partial workload projections.
c. As a project management tool in various management records throughout the NRC.
6. Points of Contact:

Project Manager Office/Division/Branch Telephone Indu Konduri NRR/DMPS/RISB/ITT 301-415-8533 Business Project Manager Office/Division/Branch Telephone Angela Baxter NRR/DIRS/IOLB 301-415-1065 Bridget Curran/Ben Mabbott NRR/DIRS/IRIB 301-415-1003/301-415-2346 Richard Bright NRR/DORL/LPL3-2/MDAT 301-415-8086 Eric Thomas NRR/DIRS/IOEB 301-415-6772 John Hughey NRR/DRA/APHB 301-415-3204 Technical Project Manager Office/Division/Branch Telephone Sandra Caesar NRR/DMPS/RISB/ITT 301-415-8380 Executive Sponsor Office/Division/Branch Telephone Brian E. Holian NRR 301-415-1270

7. Does this privacy impact assessment (PIA) support a proposed new system or a proposed modification to an existing system?
a. New System X Modify Existing System Other (Explain)
b. If modifying an existing system, has a PIA been prepared before?

Yes.

(1) If yes, provide the date approved and ADAMS accession number.

ML092390130 (RPS), approved 2/3/2009; ML052550247 (RPS) approved 8/29/2005; and ML041910525 (OLTS) approved 5/28/2004 (2) If yes, provide a summary of modifications to the existing system.

The major modification has been that OLTS has been replaced by the new RPS. It is a web based system, capable of being agile 2

and flexible to business needs and processes; using open standard, and laying the groundwork for an enterprise workload planning solution.

B. INFORMATION COLLECTED AND MAINTAINED These questions are intended to define the scope of the information requested as well as the reasons for its collection. Section 1 should be completed only if information is being collected about individuals. Section 2 should be completed for information being collected that is not about individuals.

1. INFORMATION ABOUT INDIVIDUALS
a. Does this system maintain information about individuals?

Yes (1) If yes, identify the group(s) of individuals (e.g., Federal employees, Federal contractors, licensees, general public).

RPS maintains information about reactor operator candidates and operator licensees.

(2) IF NO, SKIP TO QUESTION B.2.

b. What information is being maintained in the system about an individual (be specific)?

To track licensing of reactor operators, the system maintains applicants/operators name, date of birth, home address, citizenship, military and work history, education, medical information, employer name and address, examination test scores, license type, fitness for duty and violations information.

c. Is information being collected from the subject individual?

Yes (1) If yes, what information is being collected?

Information being collected is name, home address, birth date, citizenship, education, military and employment history, medical information, and employer name and address, examination test scores, license type, fitness for duty and violations information.

d. Will the information be collected from 10 or more individuals who are not Federal employees?

Yes 3

(1) If yes, does the information collection have OMB approval?

Yes (a) If yes, indicate the OMB approval number:

3150-0090 (NRC Form 398); 0024 (NRC Form 396) with additional information covered by 3150-0018 (10 CFR Part 55).

(b) Is the information being collected from existing NRC files, databases, or systems?

No (2) If yes, identify the files/databases/systems and the information being collected.

N/A

e. Is the information being collected from external sources (any source outside of the NRC)?

Yes (1) If yes, identify the source and what type of information is being collected?

The candidate/operator provides information to the NRC that has been certified by an authorized representative of the facility licensee as required, by 10 CFR Part 55 on NRC Form 398 (10 CFR Part 55.31(4) Personal Qualification Statement-Licensee, and NRC Form 396 (10 CFR 55.23) Certification of Medical Examination.

f. How will information not collected directly from the subject individual be verified as current, accurate, and complete?

An authorized representative of the facility licensee certifies the accuracy of indirectly collected supporting information from the subject individual not submitted on the NRC Form 398.

g. How will the information be collected (e.g. form, data transfer)?

Operator licensing information is collected by hard copy or electronically transferred forms and letters.

4

2. INFORMATION NOT ABOUT INDIVIDUALS
a. Will information not about individuals be maintained in this system?

Yes (1) If yes, identify the type of information (be specific).

Planning, scheduling, inspecting and reporting for facility licensees is maintained by the system.

Workload records related to licensing and inspecting facility licensees are also maintained.

b. What is the source of this information? Will it come from internal agency sources and/or external sources? Explain in detail.

Facility licensee licensing and inspection activity is a workload plan developed internally by staff and entered into RPS.

C. USES OF SYSTEM AND INFORMATION These questions will identify the use of the information and the accuracy of the data being used.

1. Describe all uses made of the data in this system.

The system data is used to produce operator licensing status reports, inspection reports, safety evaluation reports, and performance/action matrix reports.

2. Is the use of the data both relevant and necessary for the purpose for which the system is designed?

Yes

3. Who will ensure the proper use of the data in this system?

RPS employs an access control mechanism that regulates access to content based on the users role and the permissions associated with that role (e.g., such as view, create, or modify).

4. Are the data elements described in detail and documented?

Yes

a. If yes, what is the name of the document that contains this information and where is it located?

5

The data elements are documented in the RPS Security Categorization and database design documents located in the project repository (Jazz).

5. Will the system derive new data or create previously unavailable data about an individual through aggregation from the information collected?

No, the derived or aggregation of data occurs outside of the system.

a. If yes, how will aggregated data be maintained, filed, and utilized?

N/A

b. How will aggregated data be validated for relevance and accuracy?

N/A

c. If data are consolidated, what controls protect it from unauthorized access, use, or modification?

N/A

6. How will data be retrieved from the system? Will data be retrieved by an individuals name or personal identifier? (Be specific.)

Operator licensing records are retrieved by name and docket number. All other records are retrieved by name, docket or report number.

7. Will this system provide the capability to identify, locate, and monitor (e.g.,

track, observe) individuals?

Yes, for operator licensing only.

a. If yes, explain.

Operator licensing records are retrieved by name and docket number. All other records are retrieved by name, docket or report number.

(1) What controls will be used to prevent unauthorized monitoring?

The security controls recommended by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, are applied to RPS to prevent the misuse of information.

Access to specific information is restricted to only individuals and/or user groups who have a need to know and have authorized access.

6

8. List the report(s) that will be produced from this system.

The following reports may be produced, but not limited to:

  • Examination of Grade Average
  • Activity Report
  • Exam Information
  • Quarterly/Activity Status
  • Medical Report
  • Active Operators Count
  • Active Applications
  • Licenses Due Within 60 Days
  • 3 Month, 6 Month and 1 Year Restriction
  • License Restriction
  • Number of Anticipated Renewals
  • Renewal Tracking Report
  • Proposed Denials/Appeals Status
  • Waiver Tracking Report
  • Expired Licenses Report
  • Amended Licenses Tracking Report
  • Inspection Activity Plan
  • Inspection Schedules
  • Reactor Oversight
  • Reactor Events
  • Inspection Reports
  • Licensing Milestone Report
a. What are the reports used for?

The reports are used for tracking licensing of operators, planning, scheduling, reporting, and analyzing inspection and facility licensing activities at nuclear power and research and test reactor facilities in the United States. They are used to monitor implementation of the policy and inspection guidance for programs assigned to the NRC headquarters and regional offices, and to assess the effectiveness and uniformity of agency-wide implementation of those programs.

b. Who has access to these reports?

Only Authorized users of RPS have access to the reports.

7

D. ACCESS TO DATA

1. Which NRC office(s) will have access to the data in the system?

Office of Nuclear Reactor Regulation (NRR), Office of Nuclear Material Safety and Safeguards (NMSS), Office of Nuclear Security and Incident Response (NSIR), Office of New Reactors (NRO), Region I, Region II, Region III, and Region IV. NMSS is included for ISFSI/Fuel Cycle and NSIR for security inspections.

Operator licensing data, access is limited to NRR and Regional Operator Licensing staff only.

Workload data access is defined by system roles.

(1) For what purpose?

To track licensing of reactor operators; to plan, schedule, and track power and research test reactors inspections; plan and track workload for facility licensing activities; manage the Reactor Oversight Process, including Human Factors; monitor operational experience and manage operational workload; and review and publish event status reports.

(2) Will access be limited?

Yes, for only those who have a need to know

2. Will other NRC systems share data with or have access to the data in the system?

Yes (1) If yes, identify the system(s).

RPS shares inspection and facility licensing data with the Master Data Management program (in development) to interface with downstream Systems, e.g., HRMS, FAIMIS, etc.

(2) How will the data be transmitted or disclosed?

Upon implementation of the Master Data Management program, RPS will electronically share information.

3. Will external agencies/organizations/public have access to the data in the system?

No 8

(1) If yes, who?

N/A (2) Will access be limited?

N/A (3) What data will be accessible and for what purpose/use?

N/A (4) How will the data be transmitted or disclosed?

N/A E. RECORDS RETENTION AND DISPOSAL The National Archives and Records Administration (NARA), in collaboration with federal agencies, approves whether records are temporary (eligible at some point for destruction/deletion because they no longer have business value) or permanent (eligible at some point to be transferred to the National Archives because of historical or evidential significance). These determinations are made through records retention schedules and are required under 36 CFR 1234.10. The following questions are intended to determine whether the records in the system have an approved records retention schedule or if one will be needed.

1. Can you map this system to an applicable retention schedule in NUREG-0910, or the General Records Schedules at http://www.archives.gov/records-mgmt/grs ?

No. Previously, the RPS retention schedule, N1-431-08-18, was approved by NARA on 2/3/09, ML092390130; however, the current PIA provides for additional functionality that was not present in the previously approved RPS. Thus, the previously approved RPS retention schedule must be revised to accommodate this functionality, and subsequently approved by NARA.

a. If yes, please cite the schedule number, approved disposition, and describe how this is accomplished. For example, will the records or a composite thereof be deleted once they reach their approved retention or exported to a file for transfer based on their approved disposition?
b. If the answer to question E.1 is yes, skip to F.1. If the response is no, complete question E.2 through question E.7.
2. If the records cannot be mapped to an approved records retention schedule, how long do you need the records? Please explain.

9

The system does not delete, remove, or replace existing information.

3. Would these records be of value to another organization or entity at some point in time? Please explain.

No.

4. How are actions taken on the records? For example, is new data added or updated by replacing older data on a daily, weekly, or monthly basis?

Data is updated and new date is added daily as the user(s) interact(s) with the system.

5. What is the event or action that will serve as the trigger for updating, deleting, removing, or replacing information in the system? For example, does the information reside in the system for three years after it is created and then is it deleted?

Any updates, or receipt of new information triggers updating. The system does not delete, remove, or replace existing information. It maintains a historical chronology.

6. Is any part of the record an output, such as a report, or other data placed in ADAMS or stored in any other location, such as a shared drive or MS SharePoint?

Yes, some of the output reports and inspections are placed in ADAMS.

7. Does this system allow for the deletion or removal of records no longer needed and how will that be accomplished?

Yes, the system allows for the deletion of data elements by employing a delete feature.

F. TECHNICAL ACCESS AND SECURITY

1. Describe the security controls used to limit access to the system (e.g.,

passwords).

Access is dependent upon a users role(s) and need-to-know. RPS roles and access will be reviewed and approved by the configuration control board, granted by the ISSO and executed by the designated database administrator.

RPS users are authenticated through the Integrated Windows Authentication with Kerberos for authentication security, in accordance with the NRC Identity, Credential, and Access Management (ICAM) Authentication Framework

2. What controls will prevent the misuse (e.g., unauthorized browsing) of system data by those having access?

10

The security controls recommended by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, are applied to RPS to prevent the misuse of information. Access to specific information is restricted to only individuals and/or user groups who have a need to know and have authorized access.

3. Are the criteria, procedures, controls, and responsibilities regarding access to the system documented?

RPS roles and access will be developed by the configuration control board.

(1) If yes, where?

The procedures are currently being developed and will be stored in ADAMS.

4. Will the system be accessed or operated at more than one location (site)?

Yes, the system will be accessed by the NRC Program Office (HQ), Regional Offices, and through CITRIX. The system will be operated at the Data Center in 3WFN.

a. If yes, how will consistent use be maintained at all sites?

The system is centrally located and will be accessible via the web.

5. Which user groups (e.g., system administrators, project managers, etc.)

have access to the system?

RPS roles and access will be developed by the configuration control board.

6. Will a record of their access to the system be captured?

Yes

a. If yes, what will be collected?

At a minimum, RPS will track user IDs when logging in.

7. Will contractors be involved with the design, development, or maintenance of the system?

Yes If yes, and if this system will maintain information about individuals, ensure Privacy Act and/or PII contract clauses are inserted in their contracts.

11

  • FAR clause 52.224-1 and FAR clause 52.224-2 should be referenced in all contracts, when the design, development, or operation of a system of records on individuals is required to accomplish an agency function.
  • PII clause, Contractor Responsibility for Protecting Personally Identifiable Information (June 2009), in all contracts, purchase orders, and orders against other agency contracts and interagency agreements that involve contractor access to NRC owned or controlled PII.
8. What auditing measures and technical safeguards are in place to prevent misuse of data?

The security controls recommended by NIST SP 800-53 will be implemented in RPS to prevent misuse of the data. LogLogic is in place in the data center for auditing purposes.

9. Are the data secured in accordance with FISMA requirements?

Yes

a. If yes, when was Certification and Accreditation last completed?

RRPS is a subsystem of the Business Application Support System (BASS) system. The BASS Authority to Operate (ATO) was received on January 7, 2016.

12

PRIVACY IMPACT ASSESSMENT REVIEW/APPROVAL (For Use by OCIO/GEMS Staff)

System Name: Reactor Program System Submitting Office: Office of Nuclear Reactor Regulation A. PRIVACY ACT APPLICABILITY REVIEW Privacy Act is not applicable.

X Privacy Act is applicable.

Comments:

The Reactor Program System (RPS) is expanding the scope of the information associated with RPS and is being combined with the Operator Licensee Record Files. NRC -16, Facility Operator Licensees Record Files (10 CFR Part 55) will cover this information.

Reviewers Name Title Date Sally A. Hardy Privacy Officer 3/7/2018 B. INFORMATION COLLECTION APPLICABILITY DETERMINATION No OMB clearance is needed.

OMB clearance is needed.

X Currently has OMB Clearance. Clearance Nos. 3150-0104, 3150-0024; 3150-0090; 3150-0011, 3150-0018; 3150-0095 Comments:

The Reactor Program System (RPS) stores information gathered under a number of OMB-approved information collections, including: NRC Form 366 (3150-0104), NRC Form 396 (3150-0024); NRC Form 398 (3150-0090), 10 CFR Part 50 (3150-0011), 10 CFR Part 55 (3150-0018);

and Voluntary reporting of performance indicators (Reactor oversight process) (3150-0095).

Reviewers Name Title Date David Cullison Agency Clearance Officer 2/16/18 13

C. RECORDS RETENTION AND DISPOSAL SCHEDULE DETERMINATION No record schedule required.

Additional information is needed to complete assessment.

X Needs to be scheduled.

Existing records retention and disposition schedule covers the system - no modifications needed.

Comments:

Reviewers Name Title Date Sr. Program Analyst, Electronic Records Marna B. Dove 3/6/18 Manager D. BRANCH CHIEF REVIEW AND CONCURRENCE This IT system does not collect, maintain, or disseminate information in identifiable form from or about members of the public.

X This IT system does collect, maintain, or disseminate information in identifiable form from or about members of the public.

I concur in the Privacy Act, Information Collections, and Records Management reviews:

/RA/ Date March 9, 2018 Anna T. McGowan, Chief Information Services Branch Governance & Enterprise Management Services Division Office of the Chief Information Office 14

TRANSMITTAL OF PRIVACY IMPACT ASSESSMENT/

PRIVACY IMPACT ASSESSMENT REVIEW RESULTS TO: Brian Holian, Acting Director, Office of Nuclear Reactor Regulation Name of System: Reactor Program System Date ISB received PIA for review: Date ISB completed PIA review:

October 13, 2017 March 7, 2018 Noted Issues:

The system notice for NRC -16, Facility Operator Licensees Record Files (10 CFR Part 55) will need to be updated and posted for comment in the Federal Register to cover the expanded scope of the information associated with RPS.

Anna T. McGowan, Chief Signature/Date:

Information Services Branch Governance & Enterprise Management /RA/ March 9, 2018 Services Division Office of the Chief Information Officer Copies of this PIA will be provided to:

Tom Rich, Director IT Services Development & Operation Division Office of the Chief Information Officer Jonathan Feibus Chief Information Security Officer (CISO)

Governance & Enterprise Management Services Division Office of the Chief Information Officer 15