DEPARTMENT OF TRANSPORTATION
Federal Motor Carrier Safety Administration
PRIVACY IMPACT ASSESSMENT
ELECTRONIC DOCUMENT MANAGEMENT SYSTEM (EDMS)
June 6, 2006
Table of Contents
Overview of Federal Motor Carrier Safety Administration (FMCSA) privacy management process for EDMS
Personally-identifiable information and EDMS
Why EDMS collects information
How EDMS uses information
How EDMS shares information
How EDMS provides notice and consent
How EDMS ensures data accuracy
How EDMS provides redress
How EDMS secures information
System of records
The Federal Motor Carrier Safety Administration (FMCSA), within the Department of Transportation (DOT), has been given the responsibility to reduce crashes, injuries, and fatalities involving large trucks and buses. In carrying out its safety mandate, the FMCSA:
- Develops and enforces data-driven regulations that balance motor carrier (truck and bus companies) safety with industry efficiency;
- Harnesses safety information systems to focus on higher risk carriers in enforcing the safety regulations; and
- Targets educational messages to carriers, commercial drivers, and the public.
To meet these goals, the FMCSA partners with stakeholders, including Federal, State, and local enforcement agencies, the motor carrier industry, safety groups, and organized labor on efforts to reduce bus and truck-related crashes. Since a first step to reduce accidents is to understand them, FMCSA collects and maintains commercial vehicle safety data, as well as a national inventory of motor carriers and shippers subject to the Federal Motor Carrier Safety Regulations and Hazardous Materials Regulations. EDMS is a tool that helps the FMCSA manage data.
The main purpose of the system is to provide FMCSA personnel with a centralized document repository application for the purpose of storing, archiving and retrieving documents relevant to FMCSA business processes. A small workflow capability has also been implemented in select border States to manage border applications and inspection reports.
Privacy management is an integral part of the EDMS project. DOT/FMCSA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.
The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and FMCSA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices while allowing FMCSA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:
- Establish priority, authority, and responsibility. Appoint a cross-functional privacy management team to ensure input from systems architecture, technology, security, legal, and other disciplines necessary to ensure that an effective privacy management program is developed.
- Assess the current privacy environment. This involves interviews with key individuals involved in the EDMS system to ensure that all uses of personally identifiable data, along with the risks involved with such use, are identified and documented.
- Organize the resources necessary for the project's goals. Internal DOT/FMCSA resources, along with outside experts, are involved in reviewing the technology, data uses and associated risks. They are also involved in developing the necessary redress systems and training programs.
- Develop the policies, practices, and procedures. The resources identified in the paragraph immediately above work to develop an effective policy or policies, practices and procedures to ensure that fair information practices are complied with. The policies effectively protect privacy while allowing DOT/FMCSA to achieve its mission.
- Implement the policies, practices, and procedures. Once the policies, practices, and procedures are developed, they must be implemented. This involves training of all individuals who will have access to and/or process personally identifiable information. It also entails working with vendors to ensure that they maintain the highest standard for privacy while providing services to the FMCSA project.
- Maintain policies, practices, and procedures. Due to changes in technology, personnel, and other aspects of any program, effective privacy management requires that technology and information be available to the privacy management team to ensure that privacy policies, practices, and procedures continue to reflect actual practices. Regular monitoring of compliance with privacy policies, practices, and procedures will be required.
- Manage exceptions and/or problems with the policies, practices, and procedures. This step involves the development and implementation of an effective redress and audit system to ensure that any complaints can be effectively addressed and corrections made if necessary.
Information in EDMS pertains to operators of interstate commercial motor vehicles and Federal Motor Carrier Safety Administration employees.
Records in this system include carrier-related documentation, employee records, and FMCSA policy documentation.
EDMS collects PII in order to track safety-related data in the hopes of recognizing trends that can be useful when making policy and other changes.
All information collected is done so for the purpose of carrying out the day-to-day operations of both enforcement and compliance of motor carriers, and for storage and retrieval of documents relating to the business of FMCSA. Any types of documents containing any type of information may be uploaded to this system by the users. PII data is collected for enforcement and/or compliance and that data is used for compliance review, safety audit, and enforcement cases. The data is used by field staff, Freedom of Information Act (FOIA) staff, and Headquarters staff.
For individuals with direct access to EDMS, the FMCSA also collects necessary PII to authenticate users and restrict permissions, and EDMS associates these individuals with user-created user IDs and passwords.
This information is used by FMCSA personnel according to the business needs of the Federal Motor Carrier Safety Administration in the performance of those functions where access to the documentation stored on EDMS may be required. Only FMCSA employees and authorized contractors have access to information stored on this system; it is not available to the public.
Records maintained in the system are used for two purposes: Carrier documentation is stored as the official record of contact with the carriers. This information may include MCS-150's, Compliance Reviews, Inspection Reports, and other carrier-related documentation for use in cases brought against the carrier, or for historical purposes. Administrative records maintained in this system pertain to FMCSA personnel and FMCSA business processes and projects.
Users of this system are FMCSA personnel and authorized contractors who require access to project information stored on the system. This system gives FMCSA personnel and specified contractors the ability to easily and efficiently search for documents, and eases the current burden of manually filing documents. The FMCSA personnel and/or contractors upload documents to EDMS with required index information, and documents are then available to personnel who have access to the individual library where the documents are stored.
Designated and approved State and local compliance officials and data entry representatives have direct access to EDMS data. Different individuals receive different rights in EDMS according to their job role and State. Designated FMCSA staff members also have direct access to EDMS, with different individuals receiving different rights according to their job roles.
FMCSA may also share with other federal agencies PII in EDMS to assist with national security or other compliance activities. The FMCSA evaluates each request on an individual basis and oversees the process to ensure all Privacy Act procedures are followed.
EDMS contains PII for drivers of commercial vehicles, contacts for commercial carriers and shippers, and State and local officials requiring access to the system. Drivers and commercial carrier representatives are required by law to provide PII as part of the inspection and crash data collection process and EDMS does not provide additional notice or options for consent.
The EDMS system provides some internal data quality and completeness checks. Sources of information, such as State police departments or other officials, are responsible for inputting correct information.
Individuals who must submit PII in order to obtain direct access to EDMS submit this information directly. These individuals may contact their approving supervisor for any corrections to submitted information.
Physical access to the EDMS system is limited to appropriate personnel through applicable physical security requirements of the agency. FMCSA and contract support personnel with physical access have all undergone and passed DOT background checks.
The electronic records uploaded to EDMS are stored in one location on a secure web-based system. EDMS is protected through the use of Hyper Text Transfer Protocol System and Secure Socket Links. Files are classified as sensitive and are accessible only by designated employees within FMCSA, and specific support contractors. Access to the system is allowed only to users within the FMCSA network, or from specific IP addresses of authorized contractors.
All users of the system are required to obtain a user name through FMCSA Technical Support, the support group which provides technical support to the majority of FMCSA Information Technology systems. All applications for accounts must first be in the form of an Account Request Form, and approved by the FMCSA Organizational Coordinator for the area in which the user works. All requests are then reviewed by FMCSA Technical Support to ensure conformance with FMCSA's security standards. Once a user is approved, FMCSA Technical Support contacts the user via email and requests that the user call FMCSA Technical Support to obtain their temporary password to the system. User identification is verified over the telephone via the correct answering of a secret question by the user. Each user is given a unique user ID and temporary randomly generated password, which must be changed upon first login. The user's new password is valid for 90 days and must follow all current DOT guidelines on password security. After 90 days, the user's password must be changed. In addition, users are only granted access to those areas of EDMS which contain the files needed in the performance of their jobs.
With very few exceptions, Internet access to the application is restricted to allowing access only to users within the FMCSA network IP address range. The exceptions to this rule include development support staff at the Volpe Center, and FMCSA contractor support staff in Washington, D.C. Firewall rules on the FMCSA network allow only those two specific IP address ranges external to FMCSA to access EDMS.
In addition to physical access, electronic access to PII in EDMS is limited according to job function. FMCSA controls access privileges according to the following roles:
- Technical Support
The following matrix describes the privileges and safeguards around each of these roles as they pertain to PII.
|User||Variable, determined by State and job role||Access approved by higher authority.
The following safeguards apply:
||The following safeguards apply:
EDMS is a system of records subject to the Privacy Act, 5 U.S.C. 552a. The System of Records Notice is named DOT/FMCSA 007, Electronic Document Management System.