|
06.3 HHS PIA Summary for Posting (Form) / AHRQ CERTS (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jun 27, 2006
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: www.certs.hhs.gov
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Carmen Kelly
10. Provide an overview of the system: This is not a collection system . The site provides information on the Centers for Education and Research on Therapeutics. CERTs. Congress authorized the CERTs demonstration program as part of the Food and Drug Administration Modernization Act of 1997.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: N/A
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Darius Maddox, PIA Reviewer
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Dec 27, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Electronic Preventive Services Selector (ePSS) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Oct 25, 2006
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Electronic Preventive Services Selector
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Therese Miller
10. Provide an overview of the system: The Electronic Preventive Services Selector (ePSS) is a quick hands-on tool designed to help primary care clinicians identify the screening, counseling, and preventive medication services that are appropriate for their patients.
The ePSS is available both as a PDA application and a web-based tool. It is based on current recommendations of the U.S. Preventive Services Task Force and can be searched by specific patient characteristics, such as age, sex, and selected behavioral risk factors.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): This system does not share or disclose IIF.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: E-Mail address is the only piece of information that is collected/stored by the system. This information is only used for providing automatic notification of system updates to end-users. Submission of personal information is completely voluntary and users may unsubscribe to this service at any time.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: Individuals who voluntarily provide IIF will not be affected by system changes or updates. Use of IIF will only be used for the stated intended purpose and will be destroyed prior to any changes that result in any data use changes. See question #26 for consent and sharing information.
Individuals will be given a notice of consent through a Privacy Policy statement/link and a machine readable P3P privacy policy.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Information is both physically and electronically secured. The hardware supporting this Web site is located in a controlled environment with physical locks and restricted access as well as intrusion detection/alarm systems. The data also resides within a firewall, NAT configuration with limited/controlled access to those required to maintain and backup the hardware and supporting systems.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Darius Maddox, PIA Reviewer
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Dec 26, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ HCUPnet (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jun 5, 2006
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): http://hcup.ahrq.gov/
7. System Name: HCUPnet Web site
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Anne Elixhauser
10. Provide an overview of the system: The Healthcare Cost and Utilization Project (HCUP) is a family of health care databases and related software tools and products developed by the Agency for Healthcare Research and Quality (AHRQ) within the Department of Health and Human Services, with the cooperation of state and private data organizations. HCUP databases contain health care information that data organizations collect from health care providers and transmit to AHRQ. AHRQ maintains the HCUP databases, which create a national resource of health care information that includes the largest collection of hospital discharge data in the United States. HCUP databases enable public health activities related to improving the quality of health care and health services delivery, as well as research on a broad range of policy issues including cost and quality of health services, medical practice patterns, access to health care programs, and outcomes of treatments at the national, state, and local levels. Under the Healthcare Research and Quality Act of 1999, 42 U.S.C. §299 et seq., AHRQ is authorized to collect data for the purpose of enhancing the quality, efficiency, and effectiveness of health services, and access to health services. AHRQ fulfills this mission in part by engaging in public health activities such as promoting improvements in clinical and health system practices, including practices aimed at the prevention of disease and other health conditions. For example, AHRQ is authorized to develop and disseminate information to consumers and professionals regarding health care quality, technology assessment, and the scientific evidence supporting health practices. Congress has also authorized AHRQ to undertake initiatives that advance public and private efforts to improve health care quality nationwide. AHRQ has been designated the lead Federal agency for quality of care research, charged with the responsibility of coordinating all Federal health services research. Under the Healthcare Research and Quality Act, AHRQ conducts and funds studies of the quality, appropriateness, and effectiveness of health care services and the organization, financing, and delivery of these services. HCUPnet is a Web-based tool for identifying, tracking, analyzing, and comparing statistics on hospitals at the national, regional, and State level.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): This system does not collect, share, or disclose IIF.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: HCUPnet does not collect or contain any personally identifiable information within any databases, records, or files hosted by the system.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: This system does not collect, share, or disclose IIF.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Darius Maddox, PIA Reviewer
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Feb 21, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Knowledge Transfer Registration Database (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Sep 24, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: NA
4. Privacy Act System of Records (SOR) Number: PENDING
5. OMB Information Collection Approval Number: NA
6. Other Identifying Number(s): NA
7. System Name: AHRQ Knowledge Transfer Registration Database
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Steven L. Seitz
10. Provide an overview of the system: The purpose of this database is to maintain the names and contact information of event registrants and participants to enable event managers to:
1. Manage events to ensure that sufficient logistical resources are available and that appropriate presentation content are presented in formats that meet audience needs, including arranging for sufficient supplies and program resources, collecting needs assessment information to appropriately plan presentations and formats, as well as arranging for small group and team-based activities.
2. Communicate with participants about event requirements and changes such as login information, schedules, locations, and agendas.
3. Send information requested by event participants about future events and event-related resources.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: Yes
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): NA
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: This database does contain IIF. The purpose of the database is to maintain the names and contact information of event registrants and participants to enable event managers to:
1. Manage events to ensure that sufficient logistical resources are available and that appropriate presentation content are presented in formats that meet audience needs, including arranging for sufficient supplies and program resources, collecting needs assessment information to appropriately plan presentations and formats, as well as arranging for small group and team-based activities.
2. Communicate with participants about event requirements and changes such as login information, schedules, locations, and agendas.
3. Send information requested by event participants about future events and event-related resources.
The information collected includes: First Name, Middle Initial, Last Name, Title, Organization, Department, Address, City, State, Zip code, Phone Number, Email address, Event Food Preferences. Submission of this information is mandatory.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: NA
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: All file and database servers are maintained in controlled-access-only areas secured with proximity cards or access codes and are secured behind firewalls at each location. A system security plan is maintained including policies concerning authentication controls, procedures for ensuring that only authorized users have access to data, and procedures for removing individual access. Employees with database access permission are issued network user ID’s and passwords that allows them to access drives and files as needed.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Desiree Morales
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Nov 19, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Medical Expenditure Panel Survey - Data Collection (MEPS-DC) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Mar 15, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: NA
4. Privacy Act System of Records (SOR) Number: NA
5. OMB Information Collection Approval Number: NA
6. Other Identifying Number(s): NA
7. System Name: Medical Expenditure Panel Survey - Data Collection (MEPS-DC)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Eric Colombel
10. Provide an overview of the system: This PIA is for MEPS DC which is a component of the MEPS system
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): The agency does not share the collected IIF information. Only non IIF information is shared.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The information collected is: the age, race, and sex of each family member; Health conditions; Current Health status; Visits to health care providers (doctors, dentists, hospital, etc.); Charges and Payments for Health Care; Medications; Employment; Health Insurance. It is collected through a team of interviewers and the information submission is voluntary. The information is used to generate statistical data that is used to spot trend in health care spending.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: The information is gathered through a face-to-face interview process with the selected participants. Prior to the interview process it is explained to the participants what data is being collected, why, and how the data is shared and protected.
32. Does the system host a website?: No
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: The IIF information is secured on a protected network , data is encrypted, and is only accessable from specific terminals. This network has no access to the Internet.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Secure One HHS Migration
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Mar 15, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Medical Expenditure Panel Survey (MEPS) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jan 16, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: 009-33-01-04-01-0011-00; (009-33-01-04-01-0011-00-110-218; 009-33-01-04-01-0011-00-202-070)
4. Privacy Act System of Records (SOR) Number: 09-35-0002
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: Medical Expenditure Panel Survey (MEPS)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Eric Colombel
10. Provide an overview of the system: Data collection and dissemination
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: Yes
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): The agency does not share the IIF. Only non-IIF information is shared.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The information collected is: the age, race, and sex of each family member; Health conditions; Current Health Status; Visits to health care providers (doctors, dentists, hospitals, etc.); Charges and Payments for Health Care; Medications; Employment; Health Insurance. It is collected through a team of interviewers and the information submission is voluntary. The information is used to generate statistical data that is used to spot trends in health care spending.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: The information is gathered through a face-to-face interview process with the selected participants. Prior to the interview prosses it is explained to the participants what data is being collected, why, and how the data is shared and protected.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: The IIF information is secured on a protected network that only accessible from specific terminals. This network has no access to the Internet or any other network. For COOP purposes the data is mirrored to an off-site host and is only accessible via VPN or at recovery facility.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Secure One HHS MigrationSr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jan 10, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ National Guidelines Quality Measures Clearinghouse (NGQMC) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Oct 31, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: NA
4. Privacy Act System of Records (SOR) Number: NA
5. OMB Information Collection Approval Number: NA
6. Other Identifying Number(s): NA
7. System Name: AHRQ National Guidelines and Quality Measures Clearinghouse (NGC/NQMC)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mary P. Nix
10. Provide an overview of the system: AHRQ National Guidelines Quality Measures Clearinghouse is composed of the AHRQ National Guidelines Clearinghouse and the AHRQ National Quality Measures Clearinghouse. AHRQ National Guidelines Clearinghouse (NGC) is a public resource for evidence-based clinical practical guidelines. NGC is an initiative of the Agency for Healthcare Research and Quality (AHRQ). The NGC Website is a public website hosted by ECRI at Voicenet. No sensitive information is collected. AHRQ National Quality Measures Clearinghouse (NQMC) is a public repository for evidence-based quality measures and measure sets. The AHRQ National Quality Measures Clearinghouse (NQMC) Website is also hosted by ECRI at Voicenet.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): NA
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: NA
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: NA
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: NA The system does not collect IIF.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Ryan Tappis
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Oct 31, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ National Healthcare Disparities Report Net Data Query Tool (NHDRnet) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Apr 29, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ National Healthcare Disparities Report Net Data Query Tool (NHDRnet)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Jeff Brady
10. Provide an overview of the system: NHDRnet is an online query system that provides access to national data on the quality of and access to health care from scientifically credible measures and data sources. The data sources and measures are the same as those used for the National Healthcare Quality and Disparities Reports.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The tools enable users to:
Display estimates from national tables that are specific to particular subpopulations (e.g., particular age ranges).
Track and display trends over time for national estimates of nearly 50 measures, including dimensions of health care quality, stages of health care, clinical conditions, settings of care, and access to health care.
Access and download individual national and State data tables from the NHQR and NHDR Tables Appendices.
The system does not contain or collect IIF or PII.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Apr 29, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ National Healthcare Quality Report Net Data Query Tool (NHQRnet) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Apr 29, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number:
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: National Healthcare Quality Report Net Data Query Tool (NHQRnet)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Jeff Brady
10. Provide an overview of the system: NHQRnet is a publicly available online, query system that will provide access to the most recent data that is included in the National Healthcare Quality Report.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The tools enable users to:
Display estimates from national tables that are specific to particular subpopulations (e.g., particular age ranges).
Track and display trends over time for national estimates of nearly 50 measures, including dimensions of health care quality, stages of health care, clinical conditions, settings of care, and access to health care.
Access and download individual national and State data tables from the NHQR and NHDR Tables Appendices.
The system does not contain or collect IIF or PII.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Apr 29, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Portal System (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jan 26, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ National Resource Center for HealthIT
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Steve Bernstein
10. Provide an overview of the system: Portal system is comprised of the Extranet web site, public web site, and a search function that are available from the Internet. The Extranet requires a username and password to log on. The public web site and search function are available to anyone on the web.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): Does not share IIF
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The administrators collect three peices of mandatory information: first name, last name, and e-mail address, for the Extranet web site. These three peices of information are used to generate a user id and password. A user may supply, if the elect to do do, a phone number and mailing address that is put into a profile that only that user and the administrator can see.
On the public web site a user may supply, if submitting a comment or suggestion, if the elect to do so, any of or none these three peices of IIF: first name, last name, or e-mail address.
The search function does not collect IIF.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: On the Extranet web site community administrators compile a spreadsheet of IIF and sign a waiver allowing AHRQ administrators use of IIF.
On the public web site the IIF is not shared. This IIF is only maintained long enough to respond to questions or suggestions submitted by the user.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Defense in depth strategy includes, but not limited too: access controls lists, badge reader controlled computer room, armed guards, firewalls, IDS, enterprise management, etc.
To enter the building an individual must present a photo ID to an armed guard. They must pass through a metal detector and send luggage through an x-ray machine. They must they use a simple key card to pass through an entryway, next to the guard's station, and use the elevator to leave the first floor. A closed-circuit television system monitors the parking lot, entries, and server room. Internal doors have cipher locks that require knowledge of the proper code to enter controlled access rooms. The server room also requires that non-authorized entrants must be accompanied by an authorized user and sign the log sheet for entry.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Tim Erny
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jan 2, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Publications Clearinghouse
(eORDERS) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Jan 8, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: PENDING
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Publications Clearinghouse (eORDERS)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Randie Siegel
10. Provide an overview of the system: AHRQ operates a national publications clearinghouse to meet the ever-increasing demand for its publications. Requests for AHRQ publications and general information about the Agency and its programs can be made 24 hours a day by calling the clearinghouse's toll-free number, writing to the AHRQ Publications Clearinghouse, or by using an online order form (AHRQ Publications Clearinghouse - eOrders) to order select publications. The publications made available through this system describe AHRQ programs and present research findings. The online ordering system will be expanded in the future to include additional publications and products as well as provide a mechanism to download PDF publications and posters.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to
21. Is the system subject to the Privacy Act?: Yes
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): This system does not share or disclose IIF.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Mailing and Email Addresses are collected for delivery of AHRQ publications and products (including First Name, Middle Initial, Last Name, Organization, Department, Address, City, State, Zip, Country, E-Mail address). First Name, Last Name, and Mailing Adress are mandatory fields used for the sole purpose of delivering publications and products. Customer information is retained in the eOrders system for future order requests. Information retained in the system is never shared, distributed, or reviewed by any other external party or agency.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: Individuals who provide IIF will not be affected by system changes or updates. Use of IIF will only be used for the stated intended purpose and will be destroyed prior to any changes that result in any data use changes. See question #26 for consent and sharing information.
Individuals will be given a notice of consent through a Privacy Policy statement/link and a machine readable P3P privacy policy.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Information is both physically and electronically secured. The hardware supporting this Web site is located in a controlled environment with physical locks and restricted access as well as intrusion detection/alarm systems. The data also resides within a firewall, NAT configuration with limited/controlled access to those required to maintain and backup the hardware and supporting systems.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Darius Maddox, PIA Reviewer
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Dec 26, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ QualityTools (QT) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jul 24, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: QualityTools (QT)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mary P. Nix, MS, MT(ASCP)SBB10. Provide an overview of the system: AHRQ QualityTools is a clearinghouse for practical, ready-to-use tools for measuring and improving the quality of healthcare. QualityTools website is public and hosted by Westat
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: N/A
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Tim Erny
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jul 24, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ SQI (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jan 28, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Support for Quality Indicators System and Website
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mamatha Pancholi, MS
10. Provide an overview of the system: Support for Quality Indicators, under AHRQ Contract 290-04-0020. Includes website as well as management of user support contacts and integration of user support needs with AHRQ Quality Indicator strategic planning. The Support for Quality Indicators Contract was implemented in June of 2002 to provide support for users of the AHRQ Quality Indicators to facilitate their implementation and ease the translation of research into practical applications. The support system is accessed by the user via an e-mail address or calling an 800 number. The user controls any and all information provided. The website of the Quality Indicators Support system is publicly accessible. It provides public access to all information related to the AHRQ Quality Indicators (QIs) which are measures of health care quality that make use of readily available hospital inpatient administrative data. Software and a user guide are available for download within this Web site that will help users apply the Quality Indicators to their own data
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The user support system and website are maintained as a public service to provide support to individuals interested in use of the AHRQ Quality Indicators and information on healthcare research and quality from our Agency. No personal information is collected by this Web site. Users of the Web site may subscribe to a mailing list (listserv) to receive official announcements regarding QI updates and software releases. Users of the system may seek individualized assistance through contact to the user support e-mail address or telephone support. Information is collected only by either subscribing to the listserv or sending an E-mail message requesting assistance from the AHRQ help system to the Web site mailbox. The information is used only to respond to the users request message or to fulfill the stated purpose of the communication. (ie. Listserv subscription or help desk support)
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: No processes are in place. The information is not to be shared now or in the future. For additional information please consult the privacy notice is http://www.ahrq.gov/news/privacy.htm.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Information is both physically and electronically secured. The hardware supporting this Web site is located in a controlled environment with physical locks and restricted access as well as intrusion detection/alarm systems. The data resides within a firewall, NAT configuration with limited/controlled access to those required to maintain and backup the hardware and supporting systems. Only the Quality Indicators support team members (contractors and the AHRQ Project Officer) have access to the user support system which is controlled by use of individual passwords.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Ryan Tappis, PIA Reviewer
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jan 28, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ State Snapshots (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Apr 29, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: State Snapshots
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Jeff Brady
10. Provide an overview of the system: The State Snapshots web tool provides state-specific health care quality information including strengths, weaknesses, and opportunities for improvement. The goal is to help State officials and their public- and private-sector partners better understand health care quality and disparities in their State. State-level information used to create State Snapshots is based on data collected for the National Healthcare Quality Report (NHQR).
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The State Snapshots web tool provides state-specific health care quality information including strengths, weaknesses, and opportunities for improvement. State-level information used to create State Snapshots is based on data collected for the National Healthcare Quality Report (NHQR). The system does not contain or collect IIF or PII.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Apr 29, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Value Driven Healthcare (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Mar 20, 2007
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A - Not applicable to privacy act
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Value Driven Healthcare
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mark Handelman
10. Provide an overview of the system: In cooperation with America's largest employers and the medical profession, the Value-Driven Health Care initiative is laying the foundation for pooling and analyzing information about procedures, hospitals and physician services. When this data foundation is in place, regional health information alliances will turn the raw data into useful information for consumers.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): AHRQ shares IIF data with the Office of the Assistant Secretary for Planning and Evaluation (ASPE) for validation and verification purposes.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Name, mailing address, phone number, and e-Mail address are the only pieces of information that are collected/stored by the system. This information is only used for contacting the user and coordinating activities related to Value-Driven Health Care. Submission of personal information is completely voluntary and users may request that their information be removed at any time.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: Individuals who voluntarily provide IIF will not be affected by system changes or updates. Use of IIF will only be used for the stated intended purpose and will be destroyed prior to any changes that result in any data use changes. See question #26 for consent and sharing information.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Information is both physically and electronically secured. The hardware supporting this Web site is located in a controlled environment with physical locks and restricted access as well as intrusion detection/alarm systems. The data also resides within a firewall, NAT configuration with limited/controlled access to those required to maintain and backup the hardware and supporting systems.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Mark Handelman
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Mar 21, 2007
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ WEB (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: No
If this is an existing PIA, please provide a reason for revision: PIA Validation
1. Date of this Submission: Jun 14, 2006
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: OMB 0935-0106
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Web Site
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Gerri Michael Dyer
10. Provide an overview of the system: Information dissemination and customer feedback/inquiries. AHRQ Web site is a communications system for information dissemination that provides a customer feedback: mechanism for inquiries and comments. AHRQ was reauthorized in the Healthcare Research and Quality Act of 1999.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): With whom and for what purposes: Handled in a confidential manner within the Agency; referred to the appropriate staff to respond to message or to fulfill the stated purpose of the communication. Web site mailbox inquiries are handled in a confidential manner within the Agency. Specific inquiries are routed to the appropriate staff for response or to fulfill the stated purpose of the communication. IIF data is shared with other Agencies only when the user has a question that is directed toward another agency.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Users are given the option of contacting the site operator for the limited purposes of providing feedback or obtaining additional information. They may provide name, address, phone number, e-mail address, and Web URLs for Agency response to comments and inquiries.
To respond to inquiries and comments.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: A customer feedback mechanism is provided on the Web site for users and can be linked through the Contact Us button on the site. An Electronic Privacy Policy Notice is posted on the Web site home page and all directories/subdirectories of the site. Information provided is on a voluntary basis.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: User inquiries are handled in a confidential manner and secured in an electronic archive that is behind the network fiirewall. Only the system administrators have access.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Darius Maddox, PIA Reviewer
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jan 8, 2008
Date Published: Jun 26, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Consumer Assessment of Healthcare Providers and Systems/Survey on Patient Safety (CAHPS/SOPS) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Apr 25, 2008
2. OPDIV Name: AHRQ
3. Unique Project: Unknown
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: Unknown
6. Other Identifying Number(s): Contract HHSA 290200710024C
7. System Name: Consumer Assessment of Healthcare Providers and Systems / Survey on Patient Safety (CAHPS/SOPS)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Christine Crofton
10. Provide an overview of the system: The system includes applications and information management processes developed for both the CAHPS and SOPS programs, and those that support the merged CAHPS/SOPS program. It includes a number of web-based data submission applications supporting a public web site. Data collected through and managed by the CAHPS/SOPS submission applications contain survey data that are collected using standard CAHPS/SOPS survey instruments. These survey data are collected at the person level but do not contain any information in identifiable form. Only a unique record level identifier along with survey responses to individual survey items is provided in the survey data files. In addition to survey data, the applications also collect administrative and characteristic data such as measurement year, health care organization name, sample size, frame size, survey methodology and response rate.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Data collected through and managed by the CAHPS/SOPS submission applications contain survey data that are collected using standard CAHPS/SOPS survey instruments. These survey data are collected at the person level but do not contain any information in identifiable form. Only a unique record level identifier along with survey responses to individual survey items is provided in the survey data files. In addition to survey data, the applications also collect administrative and characteristic data such as measurement year, health care organization name, sample size, frame size, survey methodology and response rate.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Ryan Tappis
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jun 12, 2008
Date Published: September 8, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Healthcare Innovations Exchange (HCIE) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Jun 30, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Healthcare Innovations Exchange (HCIE)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mary Nix
10. Provide an overview of the system: A database and web site of innovations and tools used to improve health care quality.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): The web site portion of the system displays IIF of innovators to the public audience to facilitate communication between potential adopters and the innovators.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: The information the agency will collect, maintain, and disseminate consists of details describing innovative activities and tools used in health care quality improvement initiatives around the country. The details of innovations (not of tools) could include IIF, voluntarily submitted, if the innovator would like his/her contact information provided for potential adopters to contact him/her with questions about the innovation.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: Individuals that desire IIF information to be placed on the web site, must first certify their consent prior to the information being published.
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Individuals that desire IIF information to be placed on the web site must first certify their consent prior to the information being published. This information will remain (retention) on the web site until the individual contacts Westat and requests that the IIF be removed (destruction). The information or Web content will then be promptly removed. In addition annual recertification will be required. Technical and physical controls are in place including review and approval of content that may contain voluntary IIF information. Physical controls include the content media for publication which is physically delivered and only employees with proper credentials for access (passwords, badges, least privilege rights etc.) can publish the certified and approved content to the site.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jul 22, 2008
Date Published: September 8, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Patient Safety Organization (PSO) Privacy Protection Center (PPC) (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Jun 30, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): Contract # HHSA-290-2007-10032-C, AHRQ-07-10032
7. System Name: AHRQ Patient Safety Organization (PSO) Privacy Protection Center (PPC)
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Amy Helwig
10. Provide an overview of the system: To support the Patient Safety and Quality Improvement Act (PL 109-41), the PSO PPC provides PSOs information on PPC services, submission formats and the ability to submit patient safety event information.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Current web page functions include viewing and in some cases download ability for: FAQs, fact sheets and release notes, common format documents, specification manuals, user guides, clinical defintions, and protocols for receiving information (cycles, deadlines).
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: No
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jul 9, 2008
Date Published: September 8, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Talking Quality (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Jul 8, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number: N/A
4. Privacy Act System of Records (SOR) Number: N/A
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: AHRQ Talking Quality Web Site
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Gerri Michael Dyer
10. Provide an overview of the system: The AHRQ Talking Quality Web Site was designed for people and organizations trying to educate consumers about health care quality, in particular, those who are providing consumers with information on the performance of health plans and providers.
13. Indicate if the system is new or an existing one being modified: New
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: No
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: No
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Talking Quality provides research and publications to assist in the communication of health care quality to consumers.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared: N/A
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?: No
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?: Yes
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sr. Official for Privacy Name: Tim Erny
Sign-off Date: Jul 16, 2008
Date Published: September 8, 2008
|
|
06.3 HHS PIA Summary for Posting (Form) / AHRQ Medical Expenditure Panel Survey (MEPS) Enclave (Item)
|
|
PIA SUMMARY AND APPROVAL COMBINED
|
|
Is this a new PIA 2008?: Yes
If this is an existing PIA, please provide a reason for revision:
1. Date of this Submission: Oct 7, 2008
2. OPDIV Name: AHRQ
3. Unique Project Identifier (UPI) Number:
4. Privacy Act System of Records (SOR) Number: Pending
5. OMB Information Collection Approval Number: N/A
6. Other Identifying Number(s): N/A
7. System Name: MEPS Enclave
9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Doris Lefkowitz
10. Provide an overview of the system: The MEPS Enclave collects demographic information, healthcare use data, health care expenses, health insurance coverage data and the quality of medical care and preventive services received by the households data. In addition, as part of the survey, the system acquires and processes case information from medical providers. Participating households authorize the project (in writing) to request information from those doctors, hospitals, pharmacies, and other medical providers from which they receive service. Data, collected through MEPS Enclave, is used for the construction of analytical variables and files which are delivered to AHRQ for publication.
13. Indicate if the system is new or an existing one being modified: Existing
17. Does/Will the system collect, maintain (store), disseminate and/or pass through IIF within any database(s), record(s), file(s) or website(s) hosted by this system?: Yes
Note: This question seeks to identify any, and all, personal information associated with the system. This includes any IIF, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation
Note: If no IIF is contained in the system, please answer questions 21, 23, 30, 31, 37, 50 and 54, then promote the PIA to the Sr. Privacy Official who will authorize the PIA.
If this system contains IIF, all remaining questions on the PIA Form Tabs must be completed prior to signature and promotion.
21. Is the system subject to the Privacy Act?: Yes
23. If the system shares or discloses IIF please specify with whom and for what purpose(s): AHRQ processes public use files to provide nationally representative estimates for the US civilian non-institutional population.
30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) In this description, indicate whether the information contains IIF; and (4) whether submission of personal information is voluntary or mandatory: Respondent data includes demographic information, healthcare use, cost of services, sources of payment and insurance coverage, containing IIF. The MEPS Enclave provides data to create nationally representative estimates for the US civilian non-institutionalized population. Submission of personal information is voluntary except for name and address.
31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose IIF is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); and (2) notify and obtain consent from individuals regarding what IIF is being collected from them and how the information will be used or shared:
1) Changes in disclosure and/ or data uses not anticipated.
2) Contact via letter or phone call
32. Does the system host a website?: Yes
37. Does the website have any information or pages directed at children under the age of thirteen?:
50. Are there policies or guidelines in place with regard to the retention and destruction of IIF?:
54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Only authorized personnel have access to the data. The data is encrypted when stored and transmitted.
PIA Reviewer Approval: Promote
Comments:
PIA Reviewer Name: Danielle Shostal
Sr. Official for Privacy Approval: Promote
Comments:
Sign-off Date: Nov 12, 2008
Date Published: Nov 28, 2008
|
|
|
Print
Download Reader
HHS Home|HHS News|About HHS
