Privacy Impact Assessment Questionnaire
MSHA Standardized Information System (MSIS) FY2016
MSHA Standardized Information System (MSIS) is a major application owned by MSHA's Directorate of Program Evaluation and Information Resources (PEIR) (DOL Unique Identifier DOL-MSHA-MSIS-MA-001) is supported by the E-Gov a subsystem with module web interface; which is itself a collection of forms that is collected from the general public for dissemination and distribution once authenticated and approved. There are three levels of internal review prior to any submitted record being uploaded into the MSIS databases.
MSIS is an n-tier, Web-enabled database application, integrating several major MSHA MIS applications (Penalty Assessment, Coal and Metal/Non-metal Enforcement and Qualification & Certification) into a single platform and common database. The system is designed to provide thin-client access to a central database through an application server for all authorized MSHA users to conduct transactions for data entry and data retrieval, with the exception of eGov information which is sent through an approval staging process.
The primary function of MSIS is to support the DOL Quality Workplace Outcome Goal to Reduce Workplace Injuries, Illnesses, and Fatalities by providing information management support for enforcement activities conducted to achieve MSHA's mission in protecting the safety and health of the nation's miners.
MSIS collects and maintains information about mines, mine operations, miner and instructor qualifications and certifications, mine inspections, coal dust sampling management, infractions of mandatory safety and health standards, in accordance with mandatory standards, and provides information to assess alleged violations against mine operators and independent contractors. The application is accessible to many of the MSHA program area offices via agency's intranet.
MSIS is also providing the information to the US Treasury from the MSIS application such as Penalty Assessment, Coal and Metal/Non-metal Enforcement and Qualification & Certification. The US Treasury updates are completed through the use of FTPS activities after verification and validation of the information within MSIS has been completed.
Characterization of the Information
The following questions are intended to define the scope of the information requested and/or collected as well as reasons for its collection as part of the program, system, or technology being developed.
Specify whether the system collects personally identifiable information (PII) on DOL employees, other federal employees, contractors, members of the public (U.S. citizens), foreign citizens, or minor children.
MSIS collects and maintains information about mines, mine operations, miner and instructor qualifications and certifications, mine inspections, coal dust sampling management, infractions of mandatory safety and health standards, in accordance with mandatory standards, and provides information to assess alleged violations against mine operators and independent contractors.
What are the sources of the PII in the information system?
Social Security Administration, MSHA Training Facility, US Mining Community
What is the PII being collected, used, disseminated, or maintained?
MSIS collects Name, Date of Birth, Social Security Number (or other number originated by a government that specifically identifies and individual), Mailing Address, Phone Numbers (e.g., Phone, Fax and Cell), Certificates (e.g., Birth, death, and Marriage), Email Address, Education Records, Tax ID, Employer ID, Authorized Representative #, Right of Entry #. The information is used in the determination and assessment of alleged violations against mine operators and independent contractors.
How is the PII collected?
On line, i.e., webpage submission of form, faxed in of these forms, or mailed in forms that have to be entered into the MSIS manually by an MSHA authorized employee.
See E-Gov a subsystem with module web interface consists of forms that can be viewed at http://www.msha.gov/forms/forms.asp of which there are four (4) forms that have PII data collected. The following is listing of the four (4) forms:
- Legal Identity Report (2000-7)
- Mine ID Request (7000-51)
- Certificate of Electrical/Noise Training (5000-1)
- Health Activity Certification or Hoisting Engineers Qualification Request Form (5000-41)
How will the information be checked for accuracy?
Prior to any information being inserted into the database, a staging series of authorizations takes place.
What specific legal authorities, arrangements, and/or agreements defined the collection of information?
Privacy Impact Analysis
There are security controls in place to prevent database contamination should nefarious acts be taken against the front-end website. The information has to be reviewed by at least three approving authorities prior to it being introduced and or uploaded into the appropriate database for further analysis and data manipulation. Data extracts are redacted of the PII prior to being released for public consumption.
Uses of the PII
The following questions are intended to clearly delineate the use of information and the accuracy of the data being used.
Describe all the uses of the PII
As part of the Mine Act and 30 CFR, MSHA uses the MSHA Standardized Information System (MSIS) to gather and manage some PII data. The collection and management of this PII data is required in order to execute responsibilities delineated in the following sections of 30 CFR. These include Part 48, Part 49, Part 50, Part 90, and Part 100. Part 48 and 49 pertain to training, certification and qualification of miners for performing specified duties, both in Coal and Metal/Non-Metal mines. Part 50 pertains to miner accident and injury reporting. Part 90 involves identification and management of miners that have contracted black lung disease. Part 100 involves assessment of civil penalties against violators. In the case of Part 100, the collection of PII data pertains only to instances where the violator (mine operator or contractor) is a sole proprietor. Collection of this information for assessment of civil penalties is also justified under the Debt Collection Act.
What types of tools are used to analyze data and what type of data may be produced?
MSIS provides reporting and query facilities for users. Access to the reports and queries are restricted to certain specified roles. Roles are assigned to users with the approval of the Delegated Requestor who reviews the job description and current responsibilities of the individual to ensure that the roles being requested are consistent and justified. The reports are generated through online reports as well as batch reports. A separate reporting tool is also used for some reports and queries. In all cases, access to the PII data is restricted to authorized individuals. When reports are generated, MSIS does log the user name and report as required by OMB 06-16. Data produced is in the form of printed reports, online reports, and data.
Will the system derive new data, or create previously unavailable data, about an individual through aggregation of the collected information?
If the system uses commercial or publicly available data, please explain why and how it is used.
MSIS collects and maintains information about mines, mine operations, miner and instructor qualifications and certifications, mine inspections, coal dust sampling management, infractions of mandatory safety and health standards, in accordance with mandatory standards, and provides information to assess alleged violations against mine operators and independent contractors
Privacy Impact Analysis
There are submitting controls in place on the online forms themselves starting with the user community has to have an authenticated user ID and password in order to submit a form for consideration into the staging area, i.e., the approval process for upload to the database. The compensating controls have not allowed any direct access of the data into the backend database queries to take place. Only after the final authorized approval does data get loaded into the database. The three stages of review and approval have to be accomplished before upload of that record is permitted. No sequel injection into the backend database is directly possible through the staging of the data process that has been implemented. No direct data extracts from the database is allowed either. As the data is routed through approving authorities to ensure the recipient is permitted to receive the data in question.
The following questions are intended to outline how long information will be retained after the initial collection.
How long is information retained in the system?
7 years and in some cases for longer periods of time if the information is related to a litigation hold.
Has the retention schedule been approved by the DOL agency records officer and the National Archives and Records Administration (NARA)?
We are currently in the process of updating the retention schedule and obtaining approval for archiving MSIS data
How is it determined that PII is no longer required?
PII data would not be required if it was no longer necessary to maintaining the integrity and accuracy of the database or if it was no longer associated with a critical business process that was part of the Mine Act, MINER Act or 30CFR.
What efforts are being made to eliminate or reduce PII that is collected, stored or maintained by the system if it is no longer required?
MSHA has reduced the repeated request for PII information by implementing the MIIN (Miner Individual Identification Number). This enables miners to submit their PII data once to register themselves with MSHA. Thereafter miners are required only to provide their MIIN number. MSHA currently only collects PII data that is required to carry out its mission.
Privacy Impact Analysis
Data is retained in back up at the approved offsite storage location under contract with a facility approved of by GSA for data retention of Federal records. The transport, distribution and rejuvenation of the data have been tested in accordance with Department policy as well as agency requirements to meet the Federal guidelines in this area.
Internal Sharing and Disclosure
The following questions are intended to define the scope of sharing within the Department of Labor.
With which internal organization(s) is the PII shared, what information is shared, and for what purpose?
Currently no PII data is shared with any other agencies within the Department of Labor.
How is the PII transmitted or disclosed?
Privacy Impact Analysis
External Sharing and Disclosure
The following questions are intended to define the content, scope, and authority for information sharing external to DOL which includes federal, state and local government, and the private sector.
With which external organization(s) is the PII shared, what information is shared, and for what purpose?
Organization: Dept of Treasury
Purpose: Debt collection
Is the sharing of PII outside the Department compatible with the original collection? If so, is it covered by an appropriate routine use in a SORN? If so, please describe. If not, please describe under what legal mechanism the program or system is allowed to share the PII outside of DOL.
The Debt Collection Act covers collection of this data. MSHA transfers outstanding delinquent debt for payment of penalties to Dept of Treasury for collection. Specifically, in the case of sole proprietorship mine operators and mine contractors, the tax ID number used would be the individual's SSN.
How is the information shared outside the Department and what security measures safeguard its transmission?
The data is transferred via secure FTP (SFTP) to Department of Treasury. Treasury provides certification of transfer and processing. The data is then handled consistently with other privacy data managed by that department.
Privacy Impact Analysis
MSHA transfers this data securely via SFTP. Treasury sends a notification that the data has been transferred safely and that it has been processed into their system.
The following questions are directed at notice to the individual of the scope of PII collected, the right to consent to uses of said information, and the right to decline to provide information.
Was notice provided to the individual prior to collection of PII?
Yes, there is a Privacy notice on the webpage as well as instructions for filling out of the forms prior to submitting; in one of four ways: online, facsimile, mail, or in person.
Do individuals have the opportunity and/or right to decline to provide information?
Do individuals have the right to consent to particular uses of the information? If so, how does the individual exercise the right?
30 CFR Part 48 and Part 49 require miners to get a certification in order to perform certain activities such as electrical work. In order to qualify for these certifications, MSHA also requires miners to provide PII data. Individuals submitting information and requesting certification are consenting to the propose use of their PII in order to obtain the certification.
30 CFR Part 90 is the authority used to solicit privacy information from individuals who chose to participate in the Part 90 program. This program is entirely voluntary.
30 CFR Part 100 and the Debt Collection Act is the legal authority under which MSHA collects PII data from individuals who are sole proprietors as mine operators or contractors.
The forms (paper and online) have clearly the privacy act notices displayed for all users to access and determine their individual rights in submitting PII data.
Privacy Impact Analysis
The privacy act notice is clearly displayed both in MSIS and online forms for external users.
Access, Redress, and Correction
The following questions are directed at an individual's ability to ensure the accuracy of the information collected about them.
What are the procedures that allow individuals to gain access to their information?
Website access to the submitting party of the information they have on file is permitted and if the information of the user has a valid ID and selects Change online filing registration information. This provides the user a pop up form for entering their user name and password for accessing the information they previously submitted for correction.
What are the procedures for correcting inaccurate or erroneous information?
Electronic filers may correct their information online as described above. MSIS Data management staff conduct regular quality reviews to identify and correct erroneous information. There are three stages of review prior to actual data going into the database and most if not every error is caught at one of these three levels.
How are individuals notified of the procedures for correcting their information?
Once external individuals log in to the system, they do have the ability to change their PII information if they so choose. Whenever individuals receive mailings from the system, they are furnished with instructions regarding contact information if data is incorrect. This applies to both recipients of civil penalties and those receiving certifications or qualifications from MSHA
If no formal redress is provided, what alternatives are available to the individual?
Privacy Impact Analysis
Users have the ability to correct their privacy data online through the eGov registration process. For information such as certifications that are provided to individuals, instructions are furnished with the mailings that specify who to contact when corrections are necessary. Typically this would rely on contact over the phone or through the mail.
Technical Access and Security
The following questions are intended to describe technical safeguards and security measures.
What procedures are in place to determine which users may access the system and are they documented?
A valid user name and password is used in the Active Directory, which is authenticated across the Domain to prevent those from other Domains from breeching the security of the system through the web interface. Suspicious activity reports are generated and reviewed which track failed logon attempts.
Will Department contractors have access to the system?
Describe what privacy training is provided to users, either generally or specifically relevant to the program or system?
As annual PII training is provided through department, the user community is also given periodic updates through e-mails from the CIO reminding them of their responsibility in the area of privacy and privacy issues. MSHA also provides initial awareness and training before setting up new access account and requires that the end user provide validation of the their taking of the initial training which is kept on file.
What auditing measures and technical safeguards are in place to prevent misuse of data?
All authenticated and should the unlikely event a user acquires sign on privileges their activities are logged while they are on the system. Each entry into the system does not automatically get loaded into the backend databases. There are intermediate steps and precautionary steps, compensating controls in place to prevent the misuse of the system and infecting or disrupting of the system by nefarious acts of unauthorized or malicious users who are authorized to use the system.
Privacy Impact Analysis
Given the three stage process prior to data upload, no direct access to the database by the external user community, the logging of user's actions once they have been authenticated the controls are in place and function to ensure adequate measures have been taken to protect the PII of this system.
The following questions are directed at critically analyzing the selection process for any technologies utilized by the system, including system hardware, RFID, biometrics, and other technology.
What stage of development is the system in, and what project development life cycle was used?
The system is in a mixed phase. Some features of the system are DME (Development Modernization and Enhancement) which other established functions are in Operations & Maintenance Phase. The DOL System Development Lifecycle Management Manual is used for the project development. `
Does the project employ technology which may raise privacy concerns? If so please discuss their implementation?
As a result of performing the PIA, what choices has the agency made regarding the information technology system and collection of information?
MSHA has completed the PIA for MSHA Standardized Information System (MSIS) which is currently in operation. MSHA has determined that the safeguards and controls for this moderate system adequately protect the information.
MSHA has determined that it is collecting the minimum necessary information for the proper performance of a documented agency function.