Skip to page content
Office of the Chief Information Officer
Bookmark and Share

Privacy Impact Assessment Questionnaire

BLS – OSHS – FY13

Overview

The OSHS System annually processes information on the number and frequency of nonfatal injuries and illnesses and fatal injuries occurring in the workplace. In addition to these data, the system provides descriptive case information, including the demographic characteristics of the injured and ill workers, for the more serious incidents. Government policy-makers and regulators along with private industry corporations use OSHS data to help develop safety and health standards, to monitor work hazards, and to allocate resources for prevention and inspection.

System Users are located in the Bureau's National Office in the Postal Square Building, the BLS Regional Offices, and State occupational safety and health agencies. The Federal/State Cooperative Program grants participating States' users limited access to the OSHS system—using the system, State users conduct a number of processing activities, including sample maintenance activities, along with data entry, editing, and review.

State and Regional staff review the nonfatal data that are collected via mail, the BLS Internet Data Collection Facility (IDCF), e-mail, fax, and phone. A client-server application is used to enter, update, and edit the data. After data are entered in the local PC using the application, data are uploaded to a central database management system for further processing on an ongoing basis. Using the OSHS system, BLS national office users perform statistical analysis on data, prepare estimates, and generate publication tables, including press releases and summaries.

The information regarding fatal work-related injuries is collected from a number of source documents such as death certificates, medical examiner reports, coroner reports, workers' compensation forms, OSHA reports and other various sources.

Information on the death certificates is used to determine if a fatality is in scope for the census, and to code elements of the cases. For most States, the death certificates are retained in the State office. For four States the death certificates are retained by the BLS regional office. North Dakota and South Dakota death certificates are retained by the Chicago regional office, Florida death certificates are retained by the Atlanta regional office, and West Virginia death certificates are retained by the Philadelphia regional office.

Information on decedents is not covered by the Privacy Act.

The OSHS system does not connect directly to any other systems, except the internal BLS LAN.

The following components are included in this system:

  • OSH Sample Selection System
  • SOIIWeb Data Collection System
  • OSHSUM (Summary) Estimation System
  • Case and Demographic Characteristics (Case and Demo) Estimation System
  • Profiles System
  • CFOIWeb Collection System

Characterization of the Information

The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, or technology being developed.

Specify whether the system collects personally identifiable information (PII) on DOL employees, other federal employees, contractors, members of the public (U.S. citizens), foreign citizens, or minor children.

Name and date of birth of individuals that experienced nonfatal OSHA recordable work-related injuries and illnesses for the more serious incidents based on logs maintained by employers for the Occupational Safety and Health Administration.

What are the sources of the PII in the information system?

Employer (establishment) responses to mandatory nonfatal injury and illness survey questionnaire.

What is the PII being collected, used, disseminated, or maintained?

Name and date of birth.

How is the PII collected?

State and Regional staff review the data that are collected via mail, IDCF, e-mail, fax, and phone.

How will the information be checked for accuracy?

System edits ensure that a reasonable entry is made for both the employee name and the employee's date of birth or age. These data are further used to ensure duplicate cases are not submitted.

What specific legal authorities, arrangements, and/or agreements defined the collection of information?

The OSH Act and recordkeeping regulations in 29 CFR 1904.

Privacy Impact Analysis

The OSHS system is following normal DOL security requirements, it does contain some PII data, but the system does not use the data for processing, and records are not retrieved by personal identifier. The data is kept strictly as a statistical data base. No problems were identified with the system, and no mitigation actions are recommended or needed.

Uses of the PII

The following questions are intended to clearly delineate the use of information and the accuracy of the data being used.

Describe all the uses of the PII

Data validation. Date of Birth is used to derive and/or validate the demographic characteristic of age. Name is used to prevent duplicate cases from being included in survey estimates.

What types of tools are used to analyze data and what type of data may be produced?

Statistical analysis methods are used to review case and demographic characteristics for specific demographic strata or groups. The cases are tabulated, analyzed for adherence to BLS standards of reliability and confidentiality, and published.

Will the system derive new data, or create previously unavailable data, about an individual through aggregation of the collected information?

Data about the individual are not derived.

If the system uses commercial or publicly available data, please explain why and how it is used.

Not applicable.

Privacy Impact Analysis

The OSHS system is following normal DOL security requirements, it does contain some PII data, but the system does not use the data for processing, and records are not retrieved by personal identifier. The data is kept strictly as a statistical data base. No problems were identified with the system, and no mitigation actions are recommended or needed.

Retention

The following questions are intended to outline how long information will be retained after the initial collection.

How long is information retained in the system?

The data are intended to be removed from the system following the release of survey estimates. The PII must be retained until DOL Solicitors office allows BLS to delete the PII. At this time, Dates of birth, Names, and Social Security Numbers are being retained by the system on some records as a result of the case United States vs. Phillip Morris, Inc. and others. Social security numbers are only retained on historic files; they are no longer part of the system.

Has the retention schedule been approved by the DOL agency records officer and the National Archives and Records Administration (NARA)?

Yes.

What efforts are being made to eliminate or reduce PII that is collected, stored or maintained by the system if it is no longer required?

See answer under first bullet above.

How is it determined that PII is no longer required?

See answer under first bullet above.

Privacy Impact Analysis

The OSHS system is following normal DOL security requirements, it does contain some PII data, but the system does not use the data for processing, and records are not retrieved by personal identifier. The data is kept strictly as a statistical data base. No problems were identified with the system, and no mitigation actions are recommended or needed.

Internal Sharing and Disclosure

The following questions are intended to define the scope of sharing within the Department of Labor.

With which internal organization(s) is the PII shared, what information is shared, and for what purpose?

PII is not shared.

How is the PII transmitted or disclosed?

Not applicable.

Privacy Impact Analysis

Not applicable.

External Sharing and Disclosure

The following questions are intended to define the content, scope, and authority for information sharing external to DOL which includes federal, state and local government, and the private sector.

With which external organization(s) is the PII shared, what information is shared, and for what purpose?

PII is not shared.

Is the sharing of PII outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the PII outside of DOL.

Not Applicable.

How is the information shared outside the Department and what security measures safeguard its transmission?

Not Applicable.

Privacy Impact Analysis

Not Applicable

Notice

The following questions are directed at notice to the individual of the scope of PII collected, the right to consent to uses of said information, and the right to decline to provide information.

Was notice provided to the individual prior to collection of PII?

PII is not collected from an individual. Employers maintain records required by CFR 29 Part 1904. These records include PII necessary to identify an injured employee. State agencies collect the survey data from the employer's records. Part 1904 defines each employee's rights under part 1904 to review the records maintained by the employer and the survey does not collect any information that is not maintained as required by Part 1904. Advance notification is implied insofar as an employee can assume a surveyed employer will provide the information required by BLS.

Do individuals have the opportunity and/or right to decline to provide information?

Not applicable.

Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right?

Not applicable.

Privacy Impact Analysis

Not applicable.

Access, Redress, and Correction

The following questions are directed at an individual's ability to ensure the accuracy of the information collected about them.

What are the procedures that allow individuals to gain access to their information?

Individuals cannot gain access to PII.

What are the procedures for correcting inaccurate or erroneous information?

Not applicable.

How are individuals notified of the procedures for correcting their information?

Not applicable.

If no formal redress is provided, what alternatives are available to the individual?

Not applicable.

Privacy Impact Analysis

Not applicable.

Technical Access and Security

The following questions are intended to describe technical safeguards and security measures.

What procedures are in place to determine which users may access the system and are they documented?

User ID, Passwords, Firewall, Virtual Private Network (VPN), Encryption, Intrusion detection systems (IDS), Smart Cards, Public Key Infrastructure.

Will Department contractors have access to the system?

Yes.

Describe what privacy training is provided to users, either generally or specifically relevant to the program or system?

Rules of behavior are provided and signed by all users.

What auditing measures and technical safeguards are in place to prevent misuse of data?

User roles ensure least privilege.

Privacy Impact Analysis

The OSHS system is following normal DOL security requirements, it does contain some PII data, but the system does not use the data for processing, and records are not retrieved by personal identifier. The data is kept strictly as a statistical database. No problems were identified with the system, and no mitigation actions are recommended or needed.

Technology

The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics, and other technology.

What stage of development is the system in, and what project development life cycle was used?

The system is in Operations and maintenance stage.

Does the project employ technology which may raise privacy concerns? If so please discuss their implementation?

No.

Determination

As a result of performing the PIA, what choices has the agency made regarding the information technology system and collection of information?

The Bureau of Labor Statistics -- Office of Compensation and Working Conditions (BLS -- OCWC) has completed the PIA for Occupational Safety and Health Statistics (OSHS) system which is currently in operation. BLS – OCWC has determined that the safeguards and controls for this moderate system adequately protect the information.

The Bureau of Labor Statistics -- Office of Compensation and Working Conditions (BLS -- OCWC) has determined that it is collecting the minimum necessary information for the proper performance of a documented agency function.