PHMSA logo
PIPELINE AND HAZARDOUS MATERIALS SAFETY ADMINISTRATION
PRIVACY IMPACT ASSESSMENT
Hazardous Materials Information System (HMIS)

March 29, 2006

Overview of Pipeline and Hazardous Materials Safety Administration (PHMSA) privacy management process for HMIS

The Pipeline and Hazardous Materials Safety Administration (PHMSA), within the Department of Transportation (DOT), is the federal agency charged with the safe and secure movement of almost 1 million daily shipments of hazardous materials by all modes of transportation. The agency also overseas the nation's pipeline infrastructure which accounts for 64 percent of the energy commodities consumed in the United States. The Office of Hazardous Materials Safety (OHMS) is the federal safety authority for the transportation of hazardous materials by air, rail, highway and water.

This website includes OHMS guidance documents, hazmat carriers' special permits and approvals information, reports and incidents summaries, penalty action reports, registration information and forms, the Emergency Response Guidebook for First Responders, Freedom of Information Act requests, and the Hazardous Materials Emergency Preparedness (HMEP) grants program. This site also provides the ability for the public to use electronic filing to reduce the amount of data entered manually from paper submissions, improve data quality, and speed the process for requests for information.

In order to manage and analyze the complex data associated with these responsibilities, PHMSA has developed the Hazardous Materials Information System (HMIS). The system maintains and provides access to comprehensive information on hazardous materials incidents, exemptions and approvals, enforcement actions, and other elements that support the regulatory program. Types of information fall within one of the following categories: incidents involving hazardous materials, approvals and exemptions pertaining to safety regulations, outreach services, enforcement of hazardous materials regulations, and registration of carriers/shippers.

Privacy management is an integral part of the HMIS project. DOT/PHMSA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.

The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and PHMSA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing PHMSA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:

•     Establish priority, authority, and responsibility. Appoint a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
•     Assess the current privacy environment. This involves interviews with key individuals involved in the HMIS system and the development of a data flow map to ensure that all uses of personally identifiable data, along with the risks involved with such use, are identified and documented.
•     Organize the resources necessary for the project's goals. Internal DOT/PHMSA resources, along with outside experts, are involved in reviewing the technology, data uses and associated risks. They are also involved in developing the necessary redress systems and training programs.
•     Develop the policies, practices, and procedures. The resources identified in the paragraph immediately above work to develop an effective policy or policies, practices and procedures to ensure that fair information practices are complied with. The policies effectively protect privacy while allowing DOT/PHMSA to achieve its mission.
•     Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who will have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the PHMSA project.
•     Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures will be required.
•     Manage exceptions and/or problems with the policies, practices, and procedures. This step involved the development and implementation of an effective redress and audit system to ensure that any complaints are effectively addressed and corrections made if necessary.

Personally-identifiable information and HMIS

The HMIS system both contains Personally Identifiable Information (PII) and nonpersonally identifiable information pertaining to the hazardous materials activities listed previously. This means all individuals with PII in HMIS have been involved in a hazardous materials incident, registered as a carrier/shipper, requested outreach information, applied for an approval or exemption, or been the subject of an enforcement activity. HMIS includes the following PII: name, contact information, credit card number (Registration and Outreach programs only), medical notes, and death certificate information (Incident Reports only).

PHMSA receives HMIS data in several ways.

•     Designated PHMSA staff and support contractors enter data into HMIS directly.
•     Carriers are required to report a hazardous materials incident. The HMIS is used for entering and storing information from the 5800.1forms that are submitted via US Mail, Web or XML submissions. In these cases, the HMIS contains name and contact information for the individual reporting the incident.
•     The on-line Registration system is used to file registrations electronically. The on-line system allows the filer to make payments and receive the certificate of registration.
•     E-hazmat on-line services allow the public to order outreach materials, pay fines, and make payments on FOIA requests.
•     The National Response Center transmits data pertaining to incidents involving hazardous materials.

PHMSA must also manage user access by federal, State, and local government employee/contractors to HMIS. As a result, HMIS contains PII on federal, State, and local government employees and contractors that require access to HMIS. These users may:

•     Set up and change a password for continued access to the HMIS.
•     E-HAZMAT electronic services customers access and update information online.

Why HMIS collects information

HMIS collects PII in order to analyze hazardous materials data, as well as to perform and track approval/exemption/enforcement/registration activities pertaining to hazardous materials. Federal, State, and local officials use HMIS as part of normal official activities. In addition, PHMSA provides some reports to individuals or organizations. These reports may include contact information.

Individuals and organizations may request incident reports from PHMSA. In these cases, PHMSA collects contact name and information in order to fulfill the request.

In addition, PHMSA uses PII to identify federal, State, and local users with access to the HMIS system and manage permissions.

How HMIS uses information

PHMSA uses PII within HMIS to contact individuals to fulfill requests and meet regulatory requirements. PHMSA uses HMIS to perform risk analyses, create aggregated reports, create summary reports with no PII, and provide to businesses incident reports pertaining to that business. HMIS provides training materials and facilitates registration of carriers and shippers, including the payment process through credit card.

It is the task of PHMSA's inspection and enforcement staff to determine compliance with the safety and training standards by inspecting entities that offer hazardous materials for transportation; and that manufacture, re-qualify, rebuild, repair, recondition, or retest packaging (other than cargo tanks and tank cars) used to transport hazardous materials. PHMSA's hazardous materials inspection and enforcement program is carried out by the Office of Hazardous Materials Enforcement (OHME), which is under the general direction of the Associate Administrator for Hazardous Materials Safety. OHME uses PII to enforce the following carrier/shipper requirements: (1) to have valid authority when operating under a DOT exemption or approval; (2) to be registered with PHMSA as a shipper or carrier of hazardous materials; and (3) to submit a telephonic and/or written report (DOT Form 5800.1) following the unintentional release of hazardous materials in transportation.

PHMSA also uses contact information of individuals or organizations requesting specialized reports in order to fulfill the request. In addition, for those federal, State, and local employees/contractors who require direct access to HMIS, PHMSA uses PII on those individuals to manage and control access and permissions to HMIS.

How HMIS shares information

PHMSA shares HMIS data through its Web site. These reports do not include PII. Individuals or organizations can request incident reports from PHMSA. These incident reports include name and contact information. Designated federal, State, and local officials access HMIS data to perform job functions and meet regulatory requirements. PHMSA HMIS Headquarters staff access data to detect trends and perform regulatory requirements. HMIS users access HMIS through the DOT network.

In addition, individuals and organizations can request additional reports that do not contain PII through a special request. In these cases, PHMSA uses the voluntarily-provided PII of requestors to fulfill these requests. PHMSA does not share or use PII of requestors for any other purpose outside of fulfillment.

The HMIS is used by DOT, other Federal agencies, state and local governments, industry, researchers, the media, and the public. HMIS data supports regulatory evaluation and policy making, training programs, the better understanding of hazardous materials transportation incidents, and identification of possible safety problems.

Only designated federal, State and local officials have access to PII in the HMIS system, which is provided through a password-protected network server. Only HMIS headquarters and field Enforcement staff have access to National Response data.

In order to manage these accesses and permissions, PHMSA collects and maintains some PII on those individuals requiring access. PHMSA does not share any PII for persons requiring access to the system, nor does PHMSA share HMIS PII in any other way.

How HMIS provides notice and consent

The HMIS system provides visible links to a Privacy Policy that describes privacy practices and information uses.  In the future, HMIS may provide links to Web sites outside of DOT/PHMSA. In these cases, HMIS will provide a pop-up window that informs a user that he or she is leaving the site and that different privacy practices may apply.

How HMIS ensures data accuracy

HMIS provides some internal field validation functionality, and it forces some fields to be completed. Data entry representatives are responsible for ensuring data accuracy.The on-line system has business rules built into the form which allows for quality checks on required and standardized information.

Registration customers can request PII changes through a separate online system. HMIS users may request changes to PII through PHMSA.

How HMIS provides redress

At any time, a federal, State or local HMIS user may request information on or change to profile information by contacting PHMSA HMIS headquarters staff. Individuals on whom HMIS may contain PII due to involvement in PHMSA related activities (i.e. incidents, approvals, exemptions, registration, enforcement actions) must contact PHMSA HMIS headquarters staff to address data accuracy or privacy concerns. The Web site additionally provides privacy contact information.

How HMIS secures information

The HMIS system is currently housed in the Department of Transportation in Washington, DC. Physical access to the HMIS system is limited to appropriate personnel through building key cards and room-access key pads. Personnel with physical access have all undergone and passed DOT background checks.

In addition to physical access, electronic access to PII in HMIS is limited according to job function. PHMSA verifies and authenticates new users before providing HMIS access by requiring written or email verification of an official source of the request. PHMSA manages privileges according to the following roles:

•     Federal/State/Local HMIS users
•     HMIS Headquarters and Regional Staff
•     HMIS IT Support

The following matrix describes the privileges and safeguards around each of these roles as they pertain to PII.

System of records

HMIS is a system of records subject to the Privacy Act. PHMSA has certified and accredited HMIS in accord with DOT requirements.