DEPARTMENT OF TRANSPORTATION

Federal Aviation Administration

PRIVACY IMPACT ASSESSMENT

Regulation and Certification Infrastructure for System Safety
(RCISS)

August 15, 2008

Table of Contents

Overview of the Federal Aviation Administration (FAA) RCISS Program
Overview of FAA Privacy Management Process for RCISS
Personally Identifiable Information (PII) and RCISS
Why RCISS Collects Information
How RCISS Uses Information
How RCISS Shares Information
How RCISS Provides Notice and Consent
How RCISS Ensures Data Accuracy
How RCISS Provides Redress
How Long RCISS Retains Information
System of Records

Overview of the Federal Aviation Administration (FAA) RCISS Program

The Federal Aviation Administration (FAA), within the Department of Transportation (DOT), has been given the responsibility to carry out safety programs.  The FAA is responsible for:

• Regulating civil aviation to promote safety;
• Encouraging and developing civil aeronautics, including new aviation technology;
• Developing and operating a system of air traffic control and navigation for both civil and military aircraft;
• Researching and developing the National Airspace System and civil aeronautics;
• Developing and carrying out programs to control aircraft noise and other environmental effects of civil aviation; and
• Regulating U.S. commercial space transportation.

One of the programs that will help fulfill this mission is the Regulation and Certification Infrastructure for System Safety (RCISS) program.   RCISS will provide the Information Technology (IT) infrastructure to the FAA’s Office of Aviation Safety (AVS) safety workforce so it will have access to safety data at the time and location needed to assess safety factors in real-time.

An infrastructure is the fundamental structure of a system and its architecture determines how it functions and how flexible it is to meet future requirements.  The most familiar infrastructure is an urban infrastructure, which describes the utilities and facilities such as roads, bridges, sewers, and sewer plants, water lines, power lines, fire stations, and other sites and facilities necessary to the functioning of an urban area.  An IT infrastructure consists of the equipment, systems, software, and services used in common across an organization, regardless of mission, program, or project.  The IT infrastructure also serves as the foundation upon which mission, program, and project specific systems and capabilities are built.   The RCISS infrastructure includes mobile and portable devices, workstations and server hardware, operating systems, and database management systems (DBMS) and is the foundation for airmen and aircraft data required for safety applications.  The RCISS infrastructure is viewed as everything that supports the flow and processing of aviation safety information.

The current legacy IT infrastructure supporting AVS is not capable of meeting evolving requirements created by the changes in the aviation and IT industries.  RCISS will redesign the current infrastructure to support data storage, data access, data integration, connectivity, availability, and disaster recovery.  The RCISS Program will support the safety workforce responsible for promoting aviation safety through regulation and oversight of the civil aviation industry.

AVS is the FAA organization responsible for the certification, production approval, and continued airworthiness of aircraft; and certification of pilots, mechanics, and others in safety-related positions.   The two largest offices within AVS are the Aircraft Certification Service and the Flight Standards Service.  The Aircraft Certification Service of the FAA is the office responsible for:

• Administering safety standards governing the design, production, and airworthiness of civil aeronautical products;
• Overseeing design, production, and airworthiness certification programs to ensure compliance with prescribed safety standards;
• Providing a safety performance management system to ensure continued operational safety of aircraft; and
• Working with aviation authorities, manufacturers, and other stakeholders to help them successfully improve the safety of the international air transportation system.

The Flight Standards Service promotes safe air transportation by setting the standards for certification and oversight of airmen, air operators, air agencies, and designees.  The office is responsible for:

• Accomplishing certification, inspection, surveillance, investigation, and enforcement;
• Setting regulations and standards; and
• Managing the system for registration of civil aircraft and all airmen records.

RCISS provides an infrastructure for the Aviation Safety Knowledge Management Environment (ASKME) program and the System Approach for Safety Oversight (SASO) applications.  The ASKME program provides Aircraft Certification Service aviation safety professionals with a repository of critical safety technical information and data, as well as with a set of knowledge management and analysis tools for knowledge collection, dissemination, and analysis. The ASKME environment includes a web-based knowledge management portal, collaboration, predictive safety data analysis, integrated data management and reporting, and Aircraft Certification Service process execution tools.  The SASO applications are changing the way Flight Standards Service and the aviation industry oversee and manage safety by realigning
25 independent FAA safety systems into a single System Safety-based enterprise architecture.  SASO applications will serve 4,800 FAA Aviation Safety employees, in eight regions, at more than 120 headquarters and field offices, and is capable of supporting more than 25,000 aviation industry professionals managing aviation safety throughout the United States and around the world.

Though still in the early implementation phase, RCISS will perform four high-level functions:

• Maximize information accessibility to the safety workforce;
• Support a more mobile and virtual workforce;
• Maximize the focus on business and functional requirements of the safety workforce; and
• Maximize information exchange with industry and government partners, including airlines; manufacturers of aircraft, rotorcraft, engines, propellers, and replacement parts; aviation medical examiners; designated airworthiness, engineering, and manufacturing inspection representatives; designated pilot, mechanic, and parachute rigger examiners; and the National Transportation Safety Board (NTSB).

Overview of FAA Privacy Management Process for RCISS

The RCISS infrastructure will use a web interface for most functions.  This also supports the Paper Work Reduction and E-Government Act priorities, and may include public web sites for some appropriate activities.

Privacy management is an integral part of RCISS.  DOT and FAA have retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.  In addition, the RCISS planning team includes participation by FAA’s Privacy Officer.  This individual assists the RCISS program in considering all fair information practices and applicable laws when making decisions that may affect privacy.
The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally.  The methodology is designed to help ensure that DOT and FAA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing FAA to achieve its mission of protecting and enhancing the U.S. transportation system.  The methodology is based upon the following:

• Establish priority, authority, and responsibility. Appointing a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
• Assess the current privacy environment.  This involves interviews with key individuals involved in the RCISS system to ensure that privacy risks are identified and documented.
• Organize the resources necessary for the project’s goals.  Internal DOT and FAA resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks.  They are also involved in developing the necessary redress systems and training programs.
• Develop the policies, practices, and procedures.  The resources identified in the paragraph above work to develop an effective policy or policies, practices, and procedures to ensure compliance with fair information practices.  The policies are designed to protect privacy effectively while allowing DOT and FAA to achieve their missions.
• Implement the policies, practices, and procedures.  Once the policies, practices, and procedures are developed, they must be implemented.  This involves training all individuals who will have access to and/or process personally identifiable information.  It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the FAA project.
• Maintain policies, practices, and procedures.  Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices.  Regular monitoring of compliance with privacy policies, practices, and procedures is required.
• Manage exceptions and/or problems with the policies, practices, and procedures.  This step involves the development and implementation of an effective redress and audit system to ensure that any complaints are effectively addressed and corrections made if necessary.

Personally Identifiable Information (PII) and RCISS

The RCISS system contains both Personally Identifiable Information (PII) and non-personally identifiable information pertaining to designees, pilots, mechanics, registered aircraft owners, aircraft dealers, and others.  PII contained within RCISS may include:

• Last, First, and Middle Name
• Social Security Number
• Date of Birth
• Place of Birth
• Home Address
• Home Telephone Number
• Citizenship
• Height
• Weight
• Hair Color
• Eye Color
• Sex
• Airmen Certificate Number
• Medical Information
• Criminal Convictions

RCISS may also contain information on manufacturers and other businesses or organizations involved in aviation.  In some cases, a business or organization (i.e., airlines; manufacturers of aircraft, rotorcraft, engines, propellers, and replacement parts) may submit an individual’s name and business contact information (e.g., business address and business telephone number) for inclusion in an RCISS database.  RCISS is not collecting new information, rather RCISS combines information (from SASO and ASKME applications) that the FAA was already authorized to collect  (Paperwork Reduction Act Office of Management and Budget control number 2120-0033).  This information is regulated by the Privacy Act of 1974, as stated in the Representatives of the Administrator System of Records DOT/FAA 830 and General Air Transportation Records on Individuals System of Records DOT/FAA 847.

Why RCISS Collects Information

RCISS collects PII to enable AVS staff to track certificates, monitor, and control designee activities; conduct safety investigations and inspections; and gain knowledge into flight surveillance measures.  AVS is responsible for regulation and oversight of civil aviation; therefore, AVS must review and take action on safety measures pertaining to individual certificate holders, i.e., pilots, navigators, mechanics, etc.  In addition, AVS uses designated aviation industry personnel known as “designees” in roles that include aviation medical examiners; designated airworthiness, engineering, and manufacturing inspection representatives; and designated pilot, mechanic, and parachute rigger examiners.  AVS must ensure that these individuals remain qualified and authorize their continued service in their respective roles.  RCISS receives all PII either directly through forms submitted by the individual, or through additional contact or interaction with the individual.

How RCISS Uses Information

RCISS is the “enabler” for ASKME and SASO applications, providing a communications infrastructure connecting individual members of the safety workforce to centralized databases and other resources.  RCISS is used by AVS, other parts of FAA, and other government agencies, e.g., NTSB, to analyze safety data; manage time-intensive processes such as airman certification, safety inspections, designee and equipment certificate activities; and share information with appropriate people and organizations.  These activities are described in Representatives of the Administrator System of Records DOT/FAA 830 and General Air Transportation Records on Individuals System of Records DOT/FAA 847 .

How RCISS Shares Information

The SASO and ASKME applications are primarily for the AVS safety workforce.  In some cases, AVS shares information in RCISS with other FAA organizations, or other government agencies, e.g., NTSB and federal, state, and local law enforcement agencies.  A description of how RCISS shares information is mentioned in the Aviation Records on Individuals System of Records Notice DOT/FAA 847 .  In addition, system connectivity will be authorized and monitored through Memorandums of Understanding that define the information to be transferred, protocols, recipients, security, authorized uses, and other protections.

How RCISS Provides Notice and Consent

The RCISS infrastructure will include several public web sites to facilitate online transactions.  RCISS will receive data directly through forms submitted by the individual.  The web sites that collect PII provide site-specific notice and consent information.  All web sites have a System Use Notification message to inform potential users that (a) they are accessing a United States Government information system; (b) system usage may be monitored, recorded, or subject to audit; (c) unauthorized use of the system is prohibited and subject to criminal and civil penalties; and (d) the use of the system indicates consent to monitoring and recording.  These web sites will also post an accurate privacy policy that contains all sections required by the E-Government Act of 2002.

How RCISS Ensures Data Accuracy

RCISS receives data either directly through forms submitted by the individual, or through additional contact or interaction with the individual.  The length of time a record remains within the RCISS system is governed by the National Achieves and Records Administration NARA retention schedule and, the FAA maintains a retention policy that addresses system data retention and destruction and applicable NARA-approved retention periods.

Under the Privacy Act, individuals may request searches of RCISS data to determine if any records pertain to them.  This is accomplished by any individual sending a request to:

Federal Aviation Administration
ATTN:  RCISS Program Manager, Room 738
800 Independence Avenue, SW
Washington, DC 20591

Individuals wanting to contest information about them that is contained in RCISS should make their requests in writing, detailing the reasons why the records should be corrected.  Requests should be submitted to the attention of the system owner at the above address.

How RCISS Provides Redress

As provided for by the Representatives of the Administrator System of Records Notice under the Privacy Act, individuals with questions about privacy and RCISS may contact the FAA directly at the below address.  If RCISS also includes a public website section, the posted privacy policy will provide additional contact information for FAA’s Privacy Officer.

Federal Aviation Administration
ATTN:  RCISS Program Manager, Room 738
800 Independence Avenue, SW
Washington, DC 20591

How RCISS Secures Information

RCISS will take appropriate security measures to safeguard PII and other sensitive data.  RCISS will apply DOT security standards, including but not limited to routine scans and monitoring, back-up activities, and background security checks of FAA employees and contractors.  RCISS will control access to information and limit the information collected and stored to the minimum necessary to accomplish the intended purpose.
The following matrix describes the levels of access and safeguards around the RCISS roles as they pertain to PII.

How Long RCISS Retains Information

RCISS retains and disposes of information in accordance with the approved records retention schedule as required by the National Archives and Records Administration (NARA).

System of Records

RCISS will contain information searched by name and other unique identifiers that is part of an existing system of records subject to the Privacy Act.  You can find applicable RCISS System of Records Notices at http://www.dot.gov/privacy/privacyactnotices/faa.htm; specifically DOT/FAA 830 and DOT/FAA 847.