DEPARTMENT OF TRANSPORTATION
Federal Highway Administration

PRIVACY IMPACT ASSESSMENT

National Highway Institute Web Portal (NHI Web Portal)

August 18, 2004

Table of Contents

Overview of Federal Highway Administration (FHWA) privacy management process for NHI Web Portal
Personally identifiable information and NHI Web Portal
Why NHI Web Portal collects information
How NHI Web Portal uses information
How NHI Web Portal shares information
How NHI Web Portal provides notice and consent
How NHI Web Portal ensures data accuracy
How NHI Web Portal provides redress
How NHI Web Portal secures information
System of records

Overview of National Highway Institute privacy management process for NHI Web Portal

The Federal Highway Administration (FHWA), within the Department of Transportation (DOT), has been given the responsibility of enhancing the highway movement of people and goods, while also ensuring the safety of the traveling public, promoting the efficiency of the transportation system, and protecting the environment.[1] One vital component involved in reaching those goals is providing training pertaining to highway activities, making sure that professionals and members of the public have access to the best, most accurate information. Towards this goal, the National Highway Institute (NHI) within FHWA develops and implements applicable training programs. To manage this increasingly complex task and to make the training process more accessible and useful, NHI is currently planning an automated online training management tool – the NHI Web Portal. This system is in the early planning and development phases, and all references to NHI in this document are subject to changes as the planning progresses.

The NHI Web Portal system will be part of a publicly available web site, www.nhi.fhwa.dot.gov, available to members of the public who take applicable NHI-developed training. Through this system, members of the public will be able to sign up for and take NHI-developed training, link to a separate government web site to pay for that training, schedule and participate in a Web conference, track their training history, and request transcripts necessary for certification. In addition, the NHI Web Portal system will offer the ability to purchase course materials.

Privacy management is an integral part of the NHI Web Portal project. DOT/ FHWA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and FHWA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing FHWA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:

Establish priority, authority, and responsibility. Appoint a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
Assess the current privacy environment. This involves interviews with key individuals involved in the NHI Web Portal system to ensure that all uses of personally identifiable data, along with the risks involved with such use, are identified and documented.
Organize the resources necessary for the project’s goals. Internal DOT/FHWA resources, along with outside experts, are involved in reviewing the technology, data uses, and associated risks. They are also involved in developing the necessary redress systems and training programs.
Develop the policies, practices, and procedures. The resources identified in the paragraph immediately above work to develop an effective policy or policies, practices, and procedures to ensure that fair information practices are complied with. The policies effectively protect privacy while allowing DOT/FHWA to achieve its mission.
Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the NHI project.
Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures will be required.
Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints can be effectively addressed and corrections made if necessary.

Personally identifiable information (PII) and NHI Web Portal

The NHI Web Portal system uses both PII and non-PII data from and about members of the public who take highway-related training. NHI Web Portal participants, using the publicly available NHI Web Portal, may:

Register and create a training profile.
View available training.
Take training.
Change profile information.
Track, view, and print training history and transcripts.
Order training materials.

As a result, the NHI Web Portal system may contain the following PII on training participants: name, last four digits of social security number, contact information, and training history information. NHI uses PII submitted through the NHI Web Portal to administer training and deliver requested information.

In addition, identified NHI staff has access to NHI Web Portal data, with system rights and privileges managed by user names and passwords. Therefore, the NHI Web Portal system will also contain some NHI staff passwords and logon information and associate those data with individuals.

Why NHI Web Portal collects information

In general, the NHI Web Portal system collects PII in order to communicate with students, and track and manage the training process for individuals who have taken or will take NHI courses.

Specifically, the NHI Web Portal collects:

Name, Date of Birth, Last Four of Social Security Number

To uniquely identify a user.
To associate a user with training history and requests for training.

Mailing Address, Phone Numbers, E-mail Address

To communicate with the user.
To fulfill student requests for training and materials.

Education Records

To provide users with training history for professional certification purposes and maintenance of licensures.

Though students are able to purchase NHI training and materials online, the e-commerce transaction is fulfilled through a link to www.pay.gov.

How NHI Web Portal uses information

Information in an identifiable form is used to provide NHI and NHI students with an enhanced, efficient training process. NHI does not use PII in the NHI Web Portal for any purposes outside of the training management process, except as may be authorized by law.
The NHI Web Portal system collects PII only with express permission of users, and only for activities associated with the training process. NHI does not use NHI Web Portal PII in any other way, except as may be authorized by law.

How NHI Web Portal shares information

Appropriate NHI staff may have access to NHI Web Portal data to fulfill requests and implement training. Also, NHI Web Portal system passes authentication and purchase request information to the government e-commerce site, www.pay.gov, to allow for online payment of training and materials. Otherwise, NHI does not share NHI Web Portal PII, except as may be authorized by law. However, students may access, print, or otherwise share their own PII as they wish. For example, the NHI Web Portal system allows a student to access and print his or her transcript, which he or she may share with a professional association or certifying agency when applying for a certification or maintenance of licensure.

How NHI Web Portal provides notice and consent

NHI Web Portal provides a “layered” system of notices. First, the NHI Web Portal system provides visible links to a Privacy Policy that describes privacy practices and information uses. NHI Web Portal may provide links to web sites outside of DOT/FWHA, such as to the government payment site. In these cases, NHI Web Portal will provide a pop-up window that informs a user that he or she is leaving the site and that different privacy practices may apply.

As an applicant is creating a profile, the NHI Web Portal provides the opportunity for the applicant to select his or her notification preferences.

In addition, this system is a Privacy Act System of Records and will conform to the statements in its Privacy Act System of Records Notice.

How NHI Web Portal ensures data accuracy

NHI Web Portal collects most PII directly from students, and it allows students to access PII, change that information, and request removal of their account access from the NHI Web Portal database at any time. Students access their own PII through the NHI Web Portal, which authenticates applicants through their first initial, last name, last four digits of their social security number and password.

If an applicant has provided a non-functional email address or other contact information, a designated NHI staff member contacts that applicant by phone or postal letter, requesting that he or she update the email address. In addition, if during the training process a NHI staff member realizes that an item of PII is incorrect, he or she may request that the student change the information online, or may make the change him or herself.

How NHI Web Portal provides redress

At any time, a user may request, through email, to request that privacy practices be reviewed. This contact information is provided in the Privacy Policy, posted visibly on the web site. In addition, this system is a Privacy Act System of Records and conforms to the statements made in its Privacy Act System of Records Notice.

How NHI Web Portal secures information

The NHI Web Portal system is housed at FHWA headquarters in Washington DC, in a facility run by FHWA staff. Physical access to the NHI Web Portal system (Web server) is limited to appropriate personnel through building key cards and room-access key pads.

In addition to physical access, electronic access to PII in NHI Web Portal is limited according to job function. NHI controls access privileges according to the following roles:

Student
NHI Administrator

The following matrix describes the privileges and safeguards around each of these roles as they pertain to PII.

ROLE	ACCESS	SAFEGUARDS
Student	Creates own profile Accesses and changes own profile information Changes own password	First initial, last name, last four digits of social security number and user-set password: Minimum 5-character length for password Secret question to change or recall password
NHI Administrator	Views/changes some profile data of students, depending on need and job role.	Administrators are designated FHWA employees or contractors who are set up with management approval to the system. The following safeguards apply: Passwords expire after a set period. Accounts are locked after a set period of inactivity. Minimum length of passwords is eight characters. Passwords must be a combination of uppercase, lowercase, and special characters. Accounts are locked after a set number of incorrect attempts.

ROLE

ACCESS

SAFEGUARDS

Student

Creates own profile
Accesses and changes own profile information
Changes own password

First initial, last name, last four digits of social security number and user-set password:

Minimum 5-character length for password
Secret question to change or recall password

NHI Administrator

Views/changes some profile data of students, depending on need and job role.

Administrators are designated FHWA employees or contractors who are set up with management approval to the system.

The following safeguards apply:

Passwords expire after a set period.
Accounts are locked after a set period of inactivity.
Minimum length of passwords is eight characters.
Passwords must be a combination of uppercase, lowercase, and special characters.
Accounts are locked after a set number of incorrect attempts.

System of records

The NHI Web Portal is a Privacy Act System of Records, as it is searched by name and unique identifier. NHI is currently going through the process of documenting and protecting the system in accordance with Privacy Act requirements. NHI will be certified and accredited for the NHI Web Portal under DOT information technology security requirements.

[1] Fiscal 2003 Performance Plan; http://www.fhwa.dot.gov/reports/2003plan/index.htm