DEPARTMENT OF TRANSPORTATION
Federal Motor Carrier Safety Administration (FMCSA)

PRIVACY IMPACT ASSESSMENT

For

Medical Exemption Program

February 8, 2011

Overview of FMCSA Privacy Management Process for Medical Exemption Program

The mission of the Federal Motor Carrier Safety Administration (FMCSA), an Operating Administration within the U.S. Department of Transportation (DOT), is to reduce crashes, injuries, and fatalities involving large trucks and buses (motor carriers). To carry out its safety mandate, FMCSA partners with stakeholders—including Federal, State, and local enforcement agencies; the motor carrier industry; safety groups; and organized labor—on efforts to reduce crashes involving motor carriers. Since the first step towards reducing accidents is to understand them, FMCSA collects and maintains motor carrier and commercial driver safety data as well as a national inventory of motor carriers and shippers subject to the Federal Motor Carrier Safety Regulations (FMCSR) and Hazardous Materials Regulations (HMR).

The Motor Carrier Safety Act of 1984 [49 U.S.C. 31136(e)] and the Transportation Equity Act for the 21st Century (TEA-21) (49 U.S.C. 31315) allow FMCSA to grant medical exemptions for commercial motor vehicle (CMV) drivers if such exemptions would be in the public interest and would be likely to achieve a level of safety that is equivalent to, or greater than, the level of safety that would be achieved in the absence of the exemption.

FMCSA has established the Medical Exemption Program to support the paper-based Federal Vision Exemption Program (FVEP), the paper-based Federal Diabetes Exemption Program (FDEP), and the web-based Med-Ex application managed by the FMCSA Office of Medical Programs. The mission of the FMCSA Office of Medical Programs is to improve the safety of U.S. roadways by disseminating and implementing the medical regulations, guidelines, and policies that ensure CMV drivers engaged in interstate commerce are physically qualified to do so.

FVEP includes a database that stores Personally Identifiable Information (PII), including sensitive health information, received from CMV drivers applying for a vision exemption from the Federal vision standard [49 CFR 391.41(b)(10)] via mail, email, and fax prior to the launch of Med-Ex. There are no external users of this database. FDEP also includes a database that stores PII, including sensitive health information, received from CMV drivers applying for a diabetes exemption from the Federal diabetes standard [49 CFR 391.41(b)(3)] via mail, email, and fax. There are no external users of this database.

Med-Ex is a web-based application that collects and stores PII, including sensitive health information, from CMV drivers applying for a vision exemption from the Federal vision standard [49 CFR 391.41(b)(10)] via hardcopy applications mailed to FMCSA and electronic applications submitted through the Med-Ex website.

Information stored in FVEP and FDEP databases is used to make determinations concerning the eligibility of CMV drivers for exemptions from the vision and diabetes standards included in the FMCSR. FVEP and FDEP also facilitate responses to exemption applicants concerning the status of their applications and allow the FMCSA Office of Medical Programs to track CMV driver compliance with the provisions of their exemptions.

Med-Ex allows CMV drivers to expedite the vision exemption application process by submitting applications online. The Med-Ex website does not currently support online submission of diabetes exemption applications. Med-Ex performs the following in support of the submission, review, and management of all online vision exemption applications:

Provides CMV drivers with the option of applying for a vision exemption electronically in order to expedite the exemption application process;
Allows FMCSA to electronically process and manage vision exemption applications sent electronically or by mail;
Allows FMCSA to update CMV drivers with their application status and to electronically request additional information; and
Archives all program records.

Vision and diabetes exemptions remain in effect for a maximum of two years. CMV drivers may reapply for these exemptions by submitting an updated application with supporting documentation to Medical Exemption Program.

Medical Exemption Program is currently administered by MANILA Consulting Group, Inc. (MANILA), an FMCSA contractor located in McLean, VA. MANILA is responsible for processing all electronic and hardcopy exemption applications and determining if an application is complete or if more information is needed. When an application is complete, the FMCSA Office of Medical Programs determines if the applicant qualifies for an exemption. MANILA then forwards exemption approval and denial notifications to CMV drivers, FMCSA officials, and appropriate State agencies. FMCSA publishes the names of the individuals granted an exemption, the provisions from which the individuals are exempt, the effective period, and all terms and conditions of the exemption in the Federal Register. FMCSA also publishes the names of the individuals denied an exemption and the reasons for the denial (49 U.S.C. 31315).

Maintaining the privacy of PII concerning CMV drivers is a paramount consideration in the operation of Medical Exemption Program. The DOT/FMCSA privacy management process is built upon a methodology that enables DOT/FMCSA to effectively protect PII while allowing FMCSA to achieve its mission. The methodology includes the following:

Establishing appropriate authorities, responsibilities, and controls for information management with input from systems architecture, technology, security, legal, and other disciplines.
Identifying, documenting, and addressing privacy risks.
Developing and implementing appropriate policies and procedures and updating them when necessary.
Monitoring compliance with applicable laws, regulations, policies, and procedures.
Providing training to all DOT employees and contractors with access to PII.
Effectively maintaining the privacy protection principles of:

Openness.
Individual Participation.
Purpose Specification.
Collection Limitation.
Use Limitation.
Data Quality and Integrity.
Security Safeguards.
Accountability and Auditing.

The Privacy Act of 1974 (5 U.S.C. 552a) governs the means by which the United States Government collects, maintains, and uses PII in a system of records. A “system of records” is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish a System of Records Notice (SORN) in the Federal Register identifying and describing each system of records the agency maintains, including the purposes for which the agency uses PII in the system, the routine uses for which the agency discloses such information outside the agency, and how individuals to whom a Privacy Act record pertains can exercise their rights under the Privacy Act (e.g., to determine if the system contains information about them). Since Medical Exemption Program uses personal identifiers to retrieve information about individuals, Medical Exemption Program is subject to the Privacy Act of 1974. FMCSA is in the process of developing the Medical Exemption Program SORN for publication in the Federal Register.

Neither MANILA, nor any subsequent contractor for Medical Exemption Program, is authorized to provide information to any individuals outside DOT other than CMV drivers seeking a copy of their own exemption information. Only authorized DOT personnel with a specific “need to know” can access CMV driver exemption information in Medical Exemption Program. FMCSA performs routine audits of Medical Exemption Program to ensure that privacy and security objectives are met.

Personally Identifiable Information (PII) and Medical Exemption Program

The Medical Exemption Program collects the following PII or information containing PII from CMV drivers as part of the vision exemption application process:

a. Applicant Information

Name.
Home address.
Home/mobile phone number.
Gender.
Date of birth.
Social Security Number (SSN).

b. CMV Driver Information

Driver license number and issuing State.
Driver license classification code.
Driver license date of issuance and expiration date.
Restrictions and endorsements.
Copy of valid driver license.
List of all licenses held to operate CMVs in last three years.
Copy of motor vehicle record (MVR) covering last three years (Florida drivers must supply official copy of complete driving record from State of Florida due to State citation and accident reporting requirements. Indiana drivers must supply copies of accident reports from State police in addition to MVR due to State accident reporting requirements.)

c. Employment Information

Current employer name, address, and phone number.
If employed by or leased to companies, driving history and name, address, and phone number for each company for past three years.
If self-employed, all customer names, addresses, and phone numbers for past three years.
Dates of employment.

d. Medical Information

Optometrist/ophthalmologist letter stating the following:

Date of examination.
Nature, duration, and stability of vision deficiency.
Corrected and uncorrected visual acuity for each eye.
Field of vision test results for each eye.
Color vision information.
Medical opinion regarding ability to operate CMVs with diagnosed visual deficiency.

The Medical Exemption Program collects the following PII or information containing PII from CMV drivers as part of the diabetes exemption application process:

a. Applicant Information

Name.
Home address.
Home/mobile phone number.
Gender.
Date of birth.
SSN.

b. Driving Information

Copy of valid driver license.
Copy of MVR from official State agency.
List of waivers, exemptions, and skill performance evaluation certificates.

c. Employment Information

Current employer name, address, and phone number.

d. Medical Information

Medical Examination Report.
Medical Examiner’s Certificate.
Endocrinologist Evaluation Checklist.
Vision Evaluation Checklist.

Why Medical Exemption Program Collects PII Information

The Medical Exemption Program primarily collects CMV driver information during the exemption application process to determine if an applicant is eligible for an exemption from the Federal vision standard [49 CFR 391.41(b)(10)] or the Federal diabetes standard [49 CFR 391.41(b)(3)] in the FMCSR and to ensure that FMCSA is complying with provisions in the Transportation Equity Act for the 21st Century (TEA-21). However, some of the CMV driver information that is collected during the exemption application process is used to ensure that duplicate applications are not submitted. The Medical Exemption Program also collects quarterly and annual medical monitoring information to determine if CMV drivers that have received a diabetes exemption are in compliance with the conditions of the exemption. During the exemption renewal process, updated application information is compared to application information stored in the Medical Exemption Program to determine if CMV drivers remain eligible for a vision or diabetes exemption.

How Medical Exemption Program Uses Information

CMV drivers use the web-based Med-Ex application to electronically submit vision exemption applications and application renewals to the FMCSA Office of Medical Programs. FMCSA employees and contractors use FVEP to convert hardcopy vision exemption applications and application renewals into electronic records, review vision exemption applications, provide application status updates to CMV drivers, request additional information from CMV drivers, and archive all program records prior to the launch of Med-Ex. FMCSA employees and contractors use FDEP to convert hardcopy diabetes exemption applications and application renewals into electronic records, review diabetes exemption applications, provide application status updates to CMV drivers, request additional information from CMV drivers, and archive all program records. After the application review process is completed, exemption approval and denial notifications are forwarded to CMV drivers, FMCSA officials, and appropriate State agencies. Information in the Medical Exemption Program will not be used to develop new information about individuals or to create previously unavailable information through aggregation. The Medical Exemption Program obtains information from the following sources:

CMV drivers applying for a diabetes or vision exemption.
Commercial Driver’s License Information System (CDLIS).
State licensing agencies.
Physicians (Medical Examiners, Optometrists or Ophthalmologists, and Endocrinologists).
Employers (commercial motor carriers).
Customers of self-employed CMV drivers.

How Medical Exemption Program Shares Information

FMCSA does not share information collected as part of the Medical Exemption Program with other information systems. However, FMCSA is required to publish some applicant information (name, age, basic information related to applicant’s medical condition, and current driver license class) in the Federal Register in a notice requesting public comment upon receipt of an exemption request (49 U.S.C. 31315).

The Medical Exemption Program may also be required to share information in the following situations:

Information may be shared with Federal, State, and local government agencies for the
purpose of enforcing regulatory requirements related to driver safety.

How Medical Exemption Program Provides Notice and Consent

Immediately after applicants login to the web-based Med-Ex system, the “Authorization for Release of Personally Identifiable Information” is displayed. The authorization notifies applicants that they are agreeing to allow FMCSA to disclose medical information related to their CMV driving duties as part of the vision exemption application process and that the authorization complies with the provisions of the Privacy Act of 1974.

Applicants have the option to accept or decline the authorization. Accepting the authorization allows applicants to continue with the application process, while declining discontinues the application process. Hardcopy exemption application forms provide an official letter to CMV drivers outlining the PII that must be submitted to FMCSA in order to be considered for a medical exemption. The letter clearly states that “Any misinformation or required information not submitted may result in the denial of exemption request.” The Medical Exemption Program does not provide additional notice or options for consent since the information submitted as part of the exemption application process is voluntarily provided by CMV drivers.

How Medical Exemption Program Ensures Data Accuracy

CMV drivers submitting online vision exemption applications are able to edit their information until the application is uploaded to Med-Ex for processing. CMV drivers submitting hardcopy vision or diabetes exemption applications are responsible for ensuring that their information is accurate prior to mailing the application to FMCSA. During processing, application information is compared with supporting documentation in order to identify discrepancies. Whenever possible, incorrect or outdated information in Med-Ex is rectified immediately. However, some discrepancies may require MANILA application processors to request clarification and/or additional information from applicants.

How Medical Exemption Program Provides Redress

When CMV drivers believe that they have been denied an exemption due to incorrect or outdated information, an appeal may be submitted in writing to FMCSA, 1200 New Jersey Avenue SE, Washington, DC 20590, Attn: Federal Medical Exemption Program. The request must include the requester’s name, mailing address, telephone number and/or e-mail address, a description and the location of the incorrect or outdated information, an explanation of the redress being sought, and verification of identity (such as a statement, under penalty of perjury, that the requester is the individual who he or she claims to be). If a CMV driver finds there is erroneous information on his/her medical exemption certificate, he or she must notify the Medical Exemption Program at the address above or fax the correction to 703-448-3077. FMCSA will then correct the information and issue a new certificate.

How Medical Exemption Program Secures Information

All PII collected as part of the Medical Exemption Program is protected from unauthorized access through appropriate administrative, physical, and technical safeguards. Vision exemption applications submitted via the web-based Med-Ex application are stored in a database in a secured area within the Volpe National Transportation Systems Center (Volpe Center) located in Cambridge, MA. Hardcopy vision and diabetes exemption applications submitted via mail, email, or fax are entered and scanned into the FVEP and FDEP databases housed on a server inside a certified data center (SAS 70 Type II) located at MANILA. These databases protect electronic records generated from hardcopy applications via encryption. All hardcopy vision and diabetes exemption applications are stored in locked file cabinets. MANILA destroys these hardcopy applications after FMCSA completes the disposition of the application. The databases at the Volpe Center and MANILA are secured by passwords, firewalls, and operating systems to which only authorized FMCSA employees and contractors have access. Physical access to the Volpe Center and MANILA is restricted to authorized personnel.

The Medical Exemption Program is subject to routine audits by DOT/FMCSA privacy officials and the FMCSA IT Security Team to ensure compliance with the Privacy Act of 1974 and all other applicable Federal laws, regulations, and requirements. User access controls have been developed to ensure that the number of individuals with access to restricted information in the Medical Exemption Program is kept to a minimum and is limited to only those individuals with a “need to know.” Audit provisions are also included to ensure that the information is used appropriately by authorized users and monitored for unauthorized usage.

Access to information in the Medical Exemption Program is determined by permission levels, and the system employs role-based access controls. User access rights are authorized by designated officials at the FMCSA Office of Medical Programs. Users are required to authenticate with a valid user identifier and password in order to gain access to Medical Exemption Program records. This strategy improves data confidentiality and integrity. These access controls were developed in accordance with Federal Information Processing Standards (FIPS) Publication 200, Minimum Security Requirements for Federal Information and Information Systems dated March 2006 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Rev. 2, Recommended Security Controls for Federal Information Systems dated December 2007. Audit provisions were also included to ensure that A&I Online is used appropriately by authorized users and monitored for unauthorized usage.

Each of the following user groups has access to Medical Exemption Program:

System Administrators -- Authorized FMCSA employees and contractors with a “need to know” have full access rights to PII collected as part of the Medical Exemption Program for system development and maintenance and the management of user accounts.
FMCSA Management -- Designated officials at the FMCSA Office of Medical Programs have read and write privileges to applicant and reviewer screens on the web-based Med-Ex application and approval and denial rights for paper-based vision and diabetes exemptions.
Application Processors -- Designated MANILA personnel are responsible for entering information from hardcopy applications into the FDEP and FVEP databases as well as processing all vision and diabetes exemption applications and renewal requests. Read and write privileges to applicant and reviewer screens on the web-based Med-Ex application are authorized based on user roles and responsibilities.
Applicants -- CMV drivers that submit their vision exemption applications online are able to access their own application information.

How Long Medical Exemption Program Retains Information

The proposed Medical Exemption Program records schedule has been submitted to the U.S. National Archives and Records Administration (NARA) and is pending approval. The Medical Exemption Program applications with a status of accepted are assigned a disposition date of 10 years. All other applications are assigned a disposition date of 3 years after the application date or 30 days after a status change to deceased, whichever occurs first. The Medical Exemption Program applications are destroyed at the end of each calendar year following the disposition date. Hardcopy documents that have been entered and scanned into the Med-Ex application are assigned a 30-day disposition date following the disposition date assigned to the electronic record and destroyed at the end of the calendar year.

System of Records

Medical Exemption Program is subject to the Privacy Act of 1974. FMCSA is in the process of developing the Medical Exemption Program SORN for publication in the Federal Register.