[Insert Agency Name][Insert Date]
[Insert Project or System Name] Privacy Threshold Analysis
Privacy Compliance
The ESRMOpartners with privacy/security staff in each Agency to assess all new or proposed State programs, systems, technologies or rule-makingsfor privacy risks, and recommends privacy protections and alternative methods for handling personally identifiable information (PII) to mitigate privacy risks.
Privacy Threshold Analysis (PTA)
What is a PTA and whenis itrequired?
The compliance process begins with a PTA, a required document that serves as the official determination by our office as to whether a State program or system has privacy implications, and if additional privacy compliance documentation is required, such as a Privacy Impact Assessment (PIA). The PTA is built into the Enterprise Project Management Office processes for technology investments and security. PTAs expire and must be reviewed and re-certified every three years.
The purpose of a PTA is to:
- Identify programs and systems that are privacy-sensitive and contain confidential data per N.C.G.S. 132
- Demonstrate the inclusion of privacy considerations during the review of a program or system
- Provide a record of the program or system and its privacy requirements to the ESRMO
- Demonstrate compliance with privacy laws and regulations
Generally, a PTA is required before a program or system containing PII becomes operational. N.C.G.S. 132-1.10 establishes the reasons for conducting a PIA, which include:
- Government should collect the information only for legitimate purposes or when required by law.
- Social security numbers collected by an agency must be relevant to the purpose for which collected and shall not be collected until and unless the need for social security numbers has been clearly documented.
- Use the social security number for any purpose other than the purpose stated
Data Glossary
Health Insurance Portability and Accountability Act (HIPAA)
- Medical and substance abuse
Personally Identifiable Information (PII)
- Public (Non-Sensitive):
•Address information, such as street address or email address
•Mail lists
- Non-Public (Sensitive):
•SSN
•Driver’s License or State Identification Number
•Passport Number
•Alien Registration Number
•Financial Account Number
•Medical Information
•Mother maiden name
•Biometric data
Payment Card Industry (PCI)
•Primary Account Number (PAN)
•Cardholder Name
•Expiration Date
•Service Code
•Full track data (magnetic-stripe data or equivalent on an chip)
•CAV2/CVC2/CVV2/CID
•PINs/PIN blocks
•Personal characteristics, including photographic image (especially of face or other identifying characteristic), fingerprints, handwriting, or other biometric data (e.g., retina scan, voice signature, facial geometry)
Criminal Justice Information (CJI)
•Biometric Data—data derived from one or more intrinsic physical or behavioral traits of humans typically for the purpose of uniquely identifying individuals from within a population. Used to identify individuals, to include: fingerprints, palm prints, iris scans, and facial recognition data.
•Identity History Data—textual data that corresponds with an individual’s biometric data, providing a history of criminal and/or civil events for the identified individual.
•Biographic Data—information about individuals associated with a unique case, and not necessarily connected to identity data. Biographic data does not provide a history of an individual, only information related to a unique case.
•Property Data—information about vehicles and property associated with crime when accompanied by any personally identifiable information (PII).
•Case/Incident History—information about the history of criminal inc
Federal Tax Information (FTI)
•Information, including the return, that IRS obtained from any source or developed through any means that relates to the potential liability of any person under the IRC for any tax, penalty, interest, fine, forfeiture, or other imposition or offense
•Information extracted from a return, including names of dependents or the location of business
•The taxpayer’s name, address, and identification number
•Information collected by the IRS about any person’s tax affairs, even if identifiers, such as name, address, and identification number are deleted
•Status of whether a return was filed, under examination, or subject to other investigation or processing, including collection activities
•Information contained on transcripts of accounts
Family Educational Rights and Privacy Act (FERPA)
- Directory information such as a:
•Student's name
•Student address
•Student telephone number
•Date and place of birth
•Honors and awards
•Dates of attendance
Other Categories of sensitive data types:
- These are data types that have been defined by State law as not publically releasable without first being redacted:
•Security assessment reports
•Network/System vulnerabilities
Drafting a PTA
The Agency’sData Owner or Agency designee is responsible for completing the PTA in close cooperation with the component privacy/security officer. Once the PTA is complete, the component privacy/security officer will submit the PTA to ESRMO for review and determination.
To complete a PTA for an Agency’s program or system, download the template at TBDand follow the instructions
To obtain a Word version of the template, please e-mail
Privacy Threshold Analysis(PTA) for the
<ADD NAME>
<Agency/Department Acronym)>
<ADD Publication Date>
Contact Point <ADD Contact Person>
<ADD Program/Agency/Office>
<ADD Contact Phone>
Privacy Threshold Analysis (PTA)
Project or
System Name:
This form is used to determine whether a Privacy Impact Assessment is required.
Publication Date:
Contact Point
Contact Person:Agency and Division:
Contact Phone:
Contact E-mail:
Data Privacy/Security Point of Contact
Name of POC:Title of POC:
Agency and Division of POC:
The purpose of a Privacy Impact Assessment is to determine the privacy implications of collecting Personally Identifiable Information (PII), including why PII is collected and how it will be used and secured. PII is defined as "personally identifiable information" and is information that can be used directly or in combination with other information to identify a particular individual. It includes:
- a name, identifying number, symbol, or other identifier assigned to a person,
- any information that describes anything about a person,
- any information that indicates actions done by or to a person,
- any information that indicates that a person possesses certain personal characteristics.
Summary Information
Date submitted for review:Name of Project:
Name of Component:
Name of Project Manager:
E-mail for Project Manager:
Phone number for Project Manager:
SPECIFIC PTA QUESTIONS
1. Reason for submitting the PTA:
[Please provide a general description of the project and its purpose in a way a non-technical person could understand. If this is an updated PTA, please describe what changes and/or upgrades that are triggering the update to this PTA. If this is a renewal please state whether or not there were any changes to the project, program, or system since the last version.]2. Does the system employ any of the following technologies:
☐ Closed Circuit Television (CCTV)
☐ Social Media, Web portal1 (e.g., SharePoint)
☐ None of these
3. From whom does the Project or Program collect, maintain, use, or disseminate information?
☐ This program does not collect any personally identifiable information
☐ This program does not collect any HIPAA or PHI information
☐ This program does not collect any Payment Card Information
☐This program does not collect any Federal Tax Information
☐ This program does not collect any FERPA information
☐ This program disseminates to members of the public
☐ This program disseminates to Agency employees/contractors (list components):
☐ This program disseminates to Contractors working on behalf of the State
☐ This program disseminates to Employees of other federal or local government
4. What specific information about individuals is collected, generated or retained?
[Please provide a specific description of information that is collected, generated, or retained (such as names, addresses, emails, Tax ID etc.) for each category of individuals]
4 (a) Does the project, program, or system retrieve information by personal identifier?
☐ No. Please continue to next question.
☐ Yes. If yes, please list all personal identifiers used:
4(b)Does the project, program, or system use Social Security Numbers (SSN), HIPAA, FTI, PCI, PII, FERPA or CJI?
☐No
☐ Yes
4(c) If yes, please provide the specific legal basis and purpose for the collection of SSNs, HIPAA, FTI, CJI, FERPA or other non-public data types:
[Provide legal basis for collection of data.]
4(d) If yes, please describe the uses of the SSNs, HIPAA, FTI, PCI, CJI or FERPA within the project, program, or system:
[Provide Description]
4(e) If this project, program, or system is an information technology/system, does it relate solely to infrastructure?
[For example, is the system a Local Area Network (LAN) or Wide Area Network (WAN)?]
☐ No. Please continue to next question.
☐ Yes. If a log kept of communication traffic, please answer the following question.
4(f) If header or payload data is stored in the communication traffic log, please detail the data elements stored.
[Enter details]
5. Does this project, program, or system connect, receive, or share PII, HIPAA, FTI, PCI, CJI with any other State programs or systems? Check all applicable:
☐ First and last name
☐ Date of birth
☐ E-mail address
☐ Street address
☐ Internet protocol (IP) address
☐ Social Security Numbers (including truncated SSNs)
☐Federal Tax Identification Numbers
☐ Driver’s license numbers
☐ State identification card number issued under section 4507.50 of the Revised Code
☐ Financial information, ranging from account numbers, credit card numbers and debit card
numbers to credit history and credit scores
☐ Student identification numbers
☐ Health and medical information, ranging from medical account numbers and health plan
numbers to diagnoses, health conditions and drug prescriptions
☐ Certificate/license numbers
☐ Employment information
☐ Criminal Justice information
☐ Vehicle identifier including license plate?
☐ Biometric identifier (e.g., fingerprints)?
☐ Any other unique identifying number or characteristic that, when combined with any basic personally identifiable information, may cause serious harm in the wrong hands?
☐No sensitive data
6. Does this project, program, or system connect, receive, or share PII with any external (non-state) agencies or systems?
☐ No.
☐ Yes, if yes, please list below
6(a) Is this external sharing pursuant to new or existing information sharing access agreement (MOU/ MOA, BAA, SLAetc.)?
[Please describe applicable information sharing governance in place:]
7. Does the project, program, or system provide role-based training for personnel who have access in addition to annual privacy training required of all State personnel?
☐ No.
☐ Yes, if yes, please list
PRIVACY DETERMINATION
Privacy Threshold Review
Based on questions 1 – 6, does the project or system involve personally identifiable information and therefore warrant additional examination and documentation in the form of a Privacy Impact Assessment? [If you indicated that one or more of the examples from Question 5 are being collected by your agency, indicate “Yes” in the designation below. If Yes, the Agency CISO or security representative must conduct a security/privacy impact analysis to determine the level of compliance for the system hosting the sensitive information]
Identifiable Information (Add relevant data type(s)).
The following actions or designations apply (check all relevant boxes):
______
Agency CISO/Security Representative SignatureDate