PRIVACY IMPACT ASSESSMENT

Knowledge Management

August 12, 2004

Table of Contents

Overview of Federal Highway Administration (FHWA) privacy management process for Knowledge Management
Personally-identifiable information and Knowledge Management
Why Knowledge Management collects information
How Knowledge Management uses information
How Knowledge Management will share information
How Knowledge Management provides notice and consent
How Knowledge Management ensures data accuracy
How Knowledge Management provides redress
How Knowledge Management secures information
System of records

Overview of Federal Highway Administration (FHWA) privacy management process for Knowledge Management

Federal Highway Administration (FHWA), within the Department of Transportation (DOT), has been given the responsibility for enhancing the highway movement of people and goods, while also ensuring the safety of the traveling public, promoting the efficiency of the transportation system, and protecting the environment.[1] As one step towards accomplishing these goals, FHWA is sponsoring Web-based communities of practice (CoPs) to promote free and open knowledge exchange on such topics as environment and planning, air quality, high performance concrete, and transportation asset management.

This “Knowledge Management” system is a publicly available Web site through which the highway community discusses, collaborates, and exchanges ideas and practices on a wide range of interesting and timely topics on one of the FHWA Knowledge Communities. Also, the Knowledge Management system provides access to FHWA expertise through the Resource Center Expertise Locator (EL), enabling the public to quickly and easily identify a person or person(s) to answer inquiries on a variety of highway-related technical and program issues.

Knowledge Management is a narrowly focused, volunteer-based information access point. Knowledge Management serves as a central point of communication that increases efficiency and effectiveness by connecting the country’s most important resource – human knowledge.

Privacy management is an integral part of the Knowledge Management project. DOT/ FHWA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and FHWA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing FHWA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:

Establish priority, authority and responsibility. Appointing a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal and other disciplines necessary to ensure that an effective privacy management program is developed.
Assess the current privacy environment. This involved interviews with key individuals involved in the Knowledge Management system to ensure that all uses of personally identifiable data, along with the risks involved with such use, are identified and documented.
Organize the resources necessary for the project’s goals. Internal DOT/FHWA resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks. They also are involved in developing the necessary redress systems and training programs.
Develop the policies, practices, and procedures. The resources identified in the paragraph immediately above will work to develop an effective policy or policies, practices, and procedures to ensure that fair information practices are complied with. The policies will effectively protect privacy while allowing DOT/FHWA to achieve its mission.
Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who will have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the FHWA project.
Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures will be required.
Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints can be effectively addressed and corrections made if necessary.

Personally-identifiable information (PII) and Knowledge Management

The Knowledge Management system uses both PII and non-PII data from volunteer Web site users. Using the Knowledge Management Web site, users may:

Voluntarily provide name, FWHA-specific interests, free-form discussion input, email address, and other contact information to Knowledge Management through Web forms. With user permission, the Knowledge Management Web site shares this information with other users, helping to coordinate the sharing of ideas and information.
Request, through Web forms, email updates on user-identified topics and discussions.
Access any provided personal information and change profile information, including changing contact information, un-subscribing from emails, and eliminating posting/participation in Web site activities.

Though the Knowledge Management Web site publicly posts personal information and discussions on user request, FHWA does not use these data for other purposes or share the information with other organizations/agencies. FWHA also does not employ data mining technologies or activities to track discussions, topics, or people.

Why Knowledge Management collects information

Knowledge Management’s goal of linking together interested parties across the highway community demands some degree of information collection and sharing, by definition. With this in mind, participants volunteer to share information with one another, through the Knowledge Management Web site.

How Knowledge Management uses information

Information in an identifiable form is used to provide volunteer participants with enhanced access to highways-specific information, other volunteer professionals in the field, and discussion topics.

The Knowledge Management system collects personally identifiable information only with express permission of users, and only for the purpose of enhancing information sharing across the highways community. FHWA does not use personal information in the Knowledge Management system in any other way. At any time, a user may elect to withdraw from participation in the online community, emails, or any other Knowledge Management activity.

How Knowledge Management will share information

Knowledge Management information, with permission of the user, may be posted on the Knowledge Management, publicly-available Web site. At any time, a user may decline to provide information and request that his or her personal information be removed from the Knowledge Management databases and public posting. FWHA does not share Knowledge Management personally-identifiable information in any other way.

How Knowledge Management provides notice and consent

Knowledge Management provides a “layered” system of notices. First, the Knowledge Management system provides visible links to both a Privacy Statement and Terms of Service agreement that describe privacy practices and information use. Knowledge Management provides links to Web sites outside of DOT/FWHA. In these cases, Knowledge Management provides a pop-up window that informs a user that he or she is leaving the site and that different privacy practices may apply.

If a user volunteers to join discussions, lists him or herself in the directory, and/or requests email notification service, the Knowledge Management Web site provides options for that user to select which provided personal information the Web site will post and which not. The user can change those options online at any time, including withdrawing altogether from participation.

How Knowledge Management ensures data accuracy

Knowledge Management allows users to access personal information, change that information, and request complete deletion from the Knowledge Management database at any time. Users access personal information through the Knowledge Management Web site, which authenticates users through user-selected user name and password.

If a user has signed up for email service and the email address does not appear to be a valid address, a Site/System Administrator may delete the entire profile from the database.

How Knowledge Management provides redress

At any time, a user may request, through email, answers to questions on Knowledge Management. Additional contact information is provided in the Privacy Statement and Terms of Service documents, posted visibly on the Web sites.

How Knowledge Management secures information

The Knowledge Management system is housed at the Department of Energy’s (DOE) Oak Ridge National Laboratories, a facility run by contractors. Physical access to the Knowledge Management system (Web server) is limited to appropriate personnel through building key cards and room-access key pads. Personnel with physical access have all undergone security checks mandated by and in compliance with DOE requirements.

In addition to physical access, electronic access to personally-identifiable information in Knowledge Management is limited according to job function. FHWA controls access privileges according to the following roles:

User
Topic Facilitator
Site Administrator
System Administrator

The following matrix describes the privileges and safeguards around each of these roles as they pertain to personally-identifiable information.

ROLE	ACCESS	SAFEGUARDS
User	Create own profile Access and change own profile information	User-set user name and password. Privileges set by system administrator.
Topic Facilitator	Create own profile Access and change own profile information Edit discussion items, references, and works-in-progress	User-set user name and password. Privileges set by system administrator. User-set user name and password (Internal (FHWA) Facilitators) User-provided user name and password (External Facilitators) Minimum 8 character length for password Contain at least two numeric (0-9) and two non-numeric (A-Z and spaces) characters Be different from passwords used before Privileges set by system administrator
Site Administrator	Search and view user names Delete profiles (without viewing full profile information)	User-set user name and password (Internal (FHWA) Facilitators) User-provided user name and password (External Facilitators) Minimum 8 character length Contain at least two numeric (0-9) and two non-numeric (A-Z and spaces) characters Be different than passwords used before Privileges set by system administrator.
System Administrator	View and search all information in database Change passwords and user names Change and delete profile information Change and delete other data in system	User-set user name and password, according to DOT standards: Minimum 8-character length Use upper and lower case Regular forced password change Must access system from limited number of computers, each of which also has user name/password access control.

System of records

Knowledge Management is not a Privacy Act System of Records, as it is not searched by name or unique identifier. FHWA has certified and accredited Knowledge Management in accordance with DOT requirements.

[1] Fiscal 2003 Performance Plan; http://www.fhwa.dot.gov/reports/2003plan/index.htm