FMCSA PIA SafetyNet

Federal Motor Carrier Safety Administration Logo

DEPARTMENT OF TRANSPORTATION
Federal Motor Carrier Safety Administration

PRIVACY IMPACT ASSESSMENT

SAFETYNET

December 5, 2003

Table of Contents

Overview of Federal Motor Carrier Safety Administration (FMCSA) privacy management process for SAFETYNET
Personally-identifiable information and SAFETYNET
Why SAFETYNET collects information
How SAFETYNET uses information
How SAFETYNET shares information
How SAFETYNET provides notice and consent
How SAFETYNET ensures data accuracy
How SAFETYNET provides redress
How SAFETYNET secures information
System of records

Overview of Federal Motor Carrier Safety Administration (FMCSA) privacy management process for SAFETYNET

The Federal Motor Carrier Safety Administration (FMCSA), within the Department of Transportation (DOT), has been given the responsibility to reduce crashes, injuries, and fatalities involving large trucks and buses. In carrying out its safety mandate, the FMCSA:

Develops and enforces data-driven regulations that balance motor carrier (truck and bus companies) safety with industry efficiency;
Harnesses safety information systems to focus on higher risk carriers in enforcing the safety regulations; and
Targets educational messages to carriers, commercial drivers, and the public.[1]

To meet these goals, the FMCSA partners with stakeholders, including Federal, State, and local enforcement agencies, the motor carrier industry, safety groups, and organized labor on efforts to reduce bus and truck-related crashes. Since a first step to reduce accidents is to understand them, FMCSA collects and maintains commercial vehicle safety data, as well as a national inventory of motor carriers and shippers subject to the Federal Motor Carrier Safety Regulations and Hazardous Materials Regulations. SAFETYNET is a tool that helps the FMCSA manage these data.

SAFETYNET is a system designed to manage and provide appropriate access to crash data, roadside inspection history and data, and motor carrier and shipper identification information. To do this, SAFETYNET maintains records that include, but are not limited to, truck/bus driver name, social security number, license number, and date of birth, and truck/bus driver and company contact information, and vehicle identification numbers. The FMCSA receives these data from designated State officials, either directly into SAFETYNET through paper forms that State data entry representatives enter into the system, or through electronic data upload directly into SAFETYNET.

The FMCSA and other users access SAFETYNET data and functionality to complete inspections, track issues and trends, take non-compliance actions, and create reports from crash and inspection data.

Privacy management is an integral part of the SafetyNet project. DOT/FMCSA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and FMCSA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing FMCSA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:

Establish priority, authority, and responsibility. Appoint a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
Assess the current privacy environment. This involves interviews with key individuals involved in the SafetyNet system to ensure that all uses of personally identifiable data, along with the risks involved with such use, are identified and documented.
Organize the resources necessary for the project’s goals. Internal DOT/FMCSA resources, along with outside experts, are involved in reviewing the technology, data uses and associated risks. They are also involved in developing the necessary redress systems and training programs.
Develop the policies, practices, and procedures. The resources identified in the paragraph immediately above work to develop an effective policy or policies, practices and procedures to ensure that fair information practices are complied with. The policies effectively protect privacy while allowing DOT/FMCSA to achieve its mission.
Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who will have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the FMCSA project.
Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures will be required.
Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints can be effectively addressed and corrections made if necessary.

Personally-identifiable information and SAFETYNET

The SAFETYNET system uses both Personally Identifiable Information (PII) and non-personally identifiable information pertaining to crash and inspection data.

The SAFETYNET dataset that includes PII may contain PII such as truck/bus driver name, social security number, license number, and date of birth, and driver and company contact information, and vehicle identification number. Only designated State and local enforcement officials have access to SAFETYNET PII. SAFETYNET interfaces and sends data, including PII, to the FMCSA’s central repository, the Motor Carrier Management Information System (MCMIS). MCMIS shares some PII, including data that comes from SAFETYNET, with appropriate individuals and organizations. See the MCMIS Privacy Impact Assessment for additional details.

The SAFETYNET dataset that does not include PII is available to any individual on request through a Web-accessible site or mail-in form. FMCSA requires some PII from individuals requesting copies of reports in order to fulfill the requests. In order to fulfill these requests, FMCSA collects requestor PII such as name, telephone number, and mailing address.

Some designated individuals have direct access to SAFETYNET databases. In order to manage access and appropriate permissions, the FMCSA collects name, contact information, organization information, and other related information and maintains user IDs and passwords.

Why SAFETYNET collects information

SAFETYNET collects PII in order to track safety-related data in the hopes of recognizing trends that can be useful when making policy and other changes. SAFETYNET provides, through MCMIS, some or all of this information to companies, agencies, individuals, and other organizations in order to help facilitate communication needed to enhance truck/bus driver safety.

State and local enforcement officials use SAFETYNET to search for truck/bus driver history, review inspection results, record and track inspection and crash data, research compliance issues, and contact appropriate individuals or companies/organizations to request additional information or take compliance action.

For individuals with direct access to SAFETYNET, the FMCSA also collects necessary PII to authenticate users and restrict permissions, and SAFETYNET associates these individuals with user-created user IDs and passwords.

How SAFETYNET uses information

State and local compliance officials use SAFETYNET to record crashes and compliance activities, perform research associated with safety compliance, contact individuals associated with crash or compliance activities, and create reports to analyze trends. The FMCSA uses SAFETYNET data to identify trends in crashes and compliance activities, monitor and take compliance actions, and create reports. In addition, the FMCSA may share SAFETYNET information with other enforcement or security federal agencies as allowed by law.

The FMCSA also provides direct access to SAFETYNET for some designated users. In order to control access, the FMCSA maintains name, contact information, user ID, password, and organization information on these users. The FMCSA uses this PII to authorize or deny access, determine and set permissions, enable access, and contact users if concerns arise.

How SAFETYNET shares information

Designated and approved State and local compliance officials and data entry representatives have direct access to SAFETYNET data. Different individuals receive different rights in SAFETYNET according to their job role and State. Designated FMCSA staff members also have direct access to SAFETYNET, with different individuals receiving different rights according to their job roles.

As allowed by law, FMCSA may also share with other federal agencies PII in SAFETYNET to assist with national security or other compliance activities. The FMCSA evaluates each request on an individual basis and oversees the process to ensure all Privacy Act procedures are followed.

In order to obtain direct access to SAFETYNET, designated State and local officials share PII with a higher-level approval authority within his or her organization and with FMCSA staff. In most cases, the individual in question fills out a paper-based authorization form and sends that document to his or her supervisor. This supervisor approves or denies the request, and then sends any approvals to the FMCSA staff for action.

How SAFETYNET provides notice and consent

SAFETYNET contains PII for only drivers of commercial vehicles, contacts for commercial carriers and shippers, and State and local officials requiring access to the system. Drivers and commercial carrier representatives are required by law to provide PII as part of the inspection and crash data collection process and SAFETYNET does not provide additional notice or options for consent.

How SAFETYNET ensures data accuracy

The SAFETYNET system provides some internal data quality and completeness checks. Sources of information, such as State police departments or other officials, are responsible for inputting correct information.

Individuals who must submit PII in order to obtain direct access to SAFETYNET submit this information directly. These individuals may contact their approving supervisor for any corrections to submitted information.

How SAFETYNET provides redress

At any time, an individual, in writing or through email, may contact the SAFETYNET office and request that privacy practices be reviewed. This contact information is provided at the FMCSA website (http://www.fmcsa.dot.gov). The Privacy Policy is also posted visibly as a link at the bottom of the Web site home page.

How SAFETYNET secures information

Physical access to the SAFETYNET system is limited to appropriate personnel through applicable physical security requirements of the agency. FMCSA and contract support personnel with physical access have all undergone and passed DOT background checks.

In addition to physical access, electronic access to PII in SAFETYNET is limited according to job function. The FMCSA controls access privileges according to the following roles:

State and Local Official
FMSCSA staff

The following matrix describes the privileges and safeguards around each of these roles as they pertain to PII.

ROLE	ACCESS	SAFEGUARDS
State or Local Official	Variable, determined by state and job role. Some users can only see/change/add information for their State. Others are restricted to the actions they can take, such as view only, or change/add permissions.	Access approved by higher authority. The following safeguards apply: Passwords expire after a set period. Accounts are locked after a set period of inactivity. Minimum length of passwords is eight characters. Passwords must be a combination of letters, numbers, and special characters. Accounts are locked after a set number of incorrect attempts.
FMCSA SAFETYNET Staff	Variable, determined by job role. Some users can view and change all data in system. Some users can create and manage user profiles.	The following safeguards apply: Passwords expire after a set period. Accounts are locked after a set period of inactivity. Minimum length of passwords is eight characters. Passwords must be a combination of letters, numbers, and special characters. Accounts are locked after a set number of incorrect attempts.

ROLE

ACCESS

SAFEGUARDS

State or Local Official

Variable, determined by state and job role. Some users can only see/change/add information for their State. Others are restricted to the actions they can take, such as view only, or change/add permissions.

Access approved by higher authority.

The following safeguards apply:

Passwords expire after a set period.
Accounts are locked after a set period of inactivity.
Minimum length of passwords is eight characters.
Passwords must be a combination of letters, numbers, and special characters.
Accounts are locked after a set number of incorrect attempts.

FMCSA SAFETYNET Staff

Variable, determined by job role. Some users can view and change all data in system. Some users can create and manage user profiles.

The following safeguards apply:

Passwords expire after a set period.
Accounts are locked after a set period of inactivity.
Minimum length of passwords is eight characters.
Passwords must be a combination of letters, numbers, and special characters.
Accounts are locked after a set number of incorrect attempts.

Personnel with access to SAFETYNET receive yearly training that includes some privacy direction. All users receive customized Terms and Conditions of Use and/or Rules of Behavior that describe privacy responsibilities.

System of records

SAFETYNET feeds data to MCMIS, which is a system of records subject to the Privacy Act. The FMCSA has documented MCMIS and its “feeder systems,” such as SAFETYNET, as such, and it has completed the security certification and accreditation for both the SAFETYNET and MCMIS systems in FY-2003 in accordance with DOT requirements.

[1] http://www.fmcsa.dot.gov/aboutus/aboutus.htm