PRIVACY POLICY AND PRIVACY IMPACT ASSESSMENT For
The FSAdownload Website

You can visit the Website at: www.FSAdownload.ed.gov.

2. What Information is Being Collected on the FSAdownload Website and How Is It Used?
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data. Instead of collecting privacy protected information, the Website is a repository of announcements, software, and other written reference materials which can be reviewed or downloaded to the FAA's personal computer.

Non-personal Information We Record - (Use of Cookies)
No cookies (small text files that generally are placed on your hard drive whenever you access a given domain) or other tracking technology are used on the Website.

If you do nothing during your visit but browse through the Website, read pages, or download information, our Website's operating system will automatically record some general information about your visit.

During your visit, our web operating system will record:

• The Internet domain for your Internet service, such as "xcompany.com" or "xcompany.net" if you use a private Internet access account, or "yourinstitution.edu" if you connect from a college or university domain;
  
• The type of browser (such as "Netscape version x" or "Internet Explorer version x") that you are using;
  
• The type of operating system that you use (such as Macintosh, Unix, or Windows);
  
• The date and time you visit our site, and the web pages that you visit on our site;
  
• The address of the previous website you were visiting, if you reached our Website through a link from another website rather than reaching our Website directly.
  

Personal information that could identify the user is not collected on this Website.

Security and Intrusion Detection
To maintain system security and to make sure the information that we provide on this Website remains available to all users, we use special software programs for monitoring network traffic to identify unauthorized attempts by users to change information in our system, or to otherwise cause damage to this government computer system. The security and intrusion detection programs do not collect personally identifiable information, but they do collect information that could help us identify someone attempting to tamper with this Website.

Except for authorized law enforcement investigations, we make no other attempts to identify individual users or their usage habits. We only use raw monitoring data logs for determining trends in usage patterns and for diagnosing system problems.

Links to Other Sites
Our policy discloses the privacy practices for the FSAdownload Website. Our Website provides links to other websites. When you leave FSAdownload, you will be going to other sites that are beyond our control. These other sites may send their own cookies to users, collect data, or solicit personal information. The privacy policies and procedures described here for FSAdownload will not apply to any external links. We encourage you to read the privacy policies of any site you link to from ours, especially before you share any personal information. Be informed. You are the person best qualified to protect your own privacy.

3. FSA Authority for the Collection of SSN and Other Privacy Protected Information for the FSAdownload Website.
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data.

4. Rights Under the Privacy Act or Other Applicable Law.
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data. No personal data is being disclosed to any other system or entity.

5. Voluntary Collection of SSN and Other Privacy Protected Information.
FSAdownload does not collect privacy protected information on a voluntary basis or otherwise.

7. Security
The completion of system security plans is a requirement of the Office of Management and Budget (OMB) Circular A-130, "Management of Federal Information Resources," Appendix III, "Security of Federal Automated Information Resources," and Public Law 100-235, "Computer Security Act of 1987." The Central Processing System's (CPS) security plan, which includes the FSAdownload Website, demonstrates the Website's compliance with the Information Technology (IT) requirements mandated by Federal law and policy. The security plan contains details regarding the Risk Assessment conducted for the Website, as well as the security controls (hardware/software/facilities/personnel) in place to mitigate any identified risks to the information collected on the Website. Management, operational, and technical security controls are in place for the Website, encompassing personnel, physical environment access, contingency plans, disaster recovery, and identification and authentication procedures. The Website is currently in the operations/maintenance phase of the life cycle. As such, the following functions are being performed: security operations and administration, operational assurance, audits, and monitoring. The System Security Officer (SSO) for the Website is Mal Chernow, Management and Program Analyst, (202) 377-3351.

INTRODUCTION TO PRIVACY IMPACT ASSESSMENT

Section 208 of the E-Government Act of 2002 (P.L. 107-347) requires FSA to complete a Privacy Impact Assessment (PIA) for each system that collects information from the public through the Internet.
During the Definition Phase of the FSA Solution Lifecycle, the SSO ensures that the team completes the attached PIA Questionnaire, has it reviewed by the Chief Information Officer or equivalent official, and files the completed form in the system's Security Notebook as part of the system's documentation. This PIA must also be made available to the public.

Privacy Impact Assessment Questionnaire
System Name: The FSAdownload Website
System Owner: William Leith
Privacy Impact Assessment Questionnaire Author: Marya Dennis
Date: [fill-in]

Officials and organizational components involved in the analysis and review of the Privacy Impact Assessment included the following: Department of Education (ED), Federal Student Aid (FSA), FSA CIO, and the SSO for the FSAdownload Website.

1. What Privacy Protected Information Will Be Collected For The System?
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data.

Non-personal Information We Record - (Use of Cookies)
No cookies (small text files that generally are placed on your hard drive whenever you access a given domain) or other tracking technology are used on the Website.
If you do nothing during your visit but browse through the Website, read pages, or download information, our Website's operating system will automatically record some general information about your visit.

During your visit, our web operating system will record:

• The Internet domain for your Internet service, such as "xcompany.com" or "xcompany.net" if you use a private Internet access account, or "yourinstitution.edu" if you connect from a college or university domain;
  
• The type of browser (such as "Netscape version x" or "Internet Explorer version x") that you are using;
  
• The type of operating system that you use (such as Macintosh, Unix, or Windows);
  
• The date and time you visit our site, and the web pages that you visit on our site;
  
• The address of the previous website you were visiting, if you reached our Website through a link from another website rather than reaching our Website directly.
  
  

Personal information that could identify the user is not collected on this Website.

Security and Intrusion Detection
For security purposes and to make sure this service remains available to all users, we use special software programs for monitoring network traffic to identify unauthorized attempts to upload or change information, or to otherwise cause damage to this government computer system. These programs collect no personally identifiable information, but they do collect information that could help us identify someone attempting to tamper with the Website.

Except for authorized law enforcement investigations, we make no other attempts to identify individual users or their usage habits. We only use raw monitoring data logs for determining trends in usage patterns and in diagnosing system problems.

Links to Other Sites
Our policy discloses the privacy practices for the FSAdownload Website. But, the Website provides links to other websites. When you leave the Website, you will be going to sites that are beyond our control. We try to ensure that links that leave our site are clearly labeled. These other sites may send their own cookies to users, collect data, or solicit personal information. The privacy policies and procedures described here for FSAdownload will not apply to any external links. We encourage you to read the privacy policies of any site you link to from ours, especially if you share any personal information. Be informed. You are the person best qualified to protect your own privacy.

The user is not identified in the collection of non-personal information.