Safety and Fitness Electronic Records (SAFER)

June 2009

Overview of FMCSA Privacy Management Process for SAFER

The Federal Motor Carrier Safety Administration (FMCSA) within the U.S. Department of Transportation (DOT) has been given the mission of reducing crashes, injuries, and fatalities involving large trucks and buses (motor carriers). In carrying out its safety mandate, FMCSA:

Develops and enforces data-driven regulations that balance motor carrier safety with industry efficiency
Employs safety information systems to focus on higher risk motor carriers in enforcing safety regulations
Targets educational messages to motor carriers, commercial drivers, and the public

To meet these goals, FMCSA partners with stakeholders—including federal, state, and local enforcement agencies; the motor carrier industry; safety groups; and organized labor—on efforts to reduce crashes involving motor carriers. Since the first step towards reducing accidents is to understand them, FMCSA collects and maintains commercial vehicle safety data as well as a national inventory of motor carriers and shippers subject to Federal Motor Carrier Safety Regulations (FMCSR) and Federal Hazardous Materials Regulations (FHMR). Safety and Fitness Electronic Records (SAFER) is a major application that helps FMCSA manage this data.

SAFER is a data sharing system that facilitates the interoperability of several federal and state information systems managed by FMCSA, including state information systems operating under the Commercial Vehicle Information Systems and Networks (CVISN) Program, roadside applications operated by law enforcement officers, and other federal information systems [Motor Carrier Management Information System (MCMIS), Licensing and Insurance (L&I) System, and SAFETYNET]. SAFER resides at the John A. Volpe National Transportation Systems Center (Volpe Center) in Cambridge, Massachusetts and is currently in the operations and maintenance phase of the system life cycle.

Privacy management is an integral part of SAFER. DOT/FMCSA has retained the services of privacy experts to assess its Privacy Management Program through the use of proven technologies, sound policies and procedures, and established methodologies:

Establishing appropriate authorities, responsibilities, and controls for information management with input from systems architecture, technology, security, legal, and other disciplines
Identifying, documenting, and addressing privacy risks
Developing and implementing appropriate policies and procedures and updating them when necessary
Monitoring compliance with applicable laws, regulations, policies, and procedures
Providing training to all DOT employees and contractors with access to PII
Effectively maintaining the privacy protection principles of:

Openness
Individual Participation
Purpose Specification
Collection Limitation
Use Limitation
Data Quality and Integrity
Security Safeguards
Accountability and Auditing

Privacy is a significant consideration in the operation of the FMCSA SAFER system.

Personally Identifiable Information (PII) and SAFER

This Privacy Impact Assessment (PIA) was conducted because SAFER processes and stores the following PII from commercial motor vehicle (CMV) drivers:

Name
Commercial Driver’s License Number (CDL)
Carrier Tax Identification Number which is Social Security Number (SSN) in some cases
Vehicle Identification Number (VIN)

Why SAFER Collects Information

SAFER provides motor carrier safety data and related services to various industry groups and the general public via the Internet.

Information in SAFER is organized according to the following categories:

Inspection Data - Roadside inspections check for driver, vehicle, and hazardous material (HM) safety violations. Most inspection records are collected by state inspectors and maintained locally by individual SAFETYNET systems. All uploaded interstate inspection records are processed in order to verify that they have been identified with the correct USDOT Number. A subset of uploaded intrastate inspection records, including all inspection records for intrastate HM shippers, is processed in the same manner.
Compliance Review Data - Approximately 12,000 onsite motor carrier and HM shipper safety reviews are conducted annually by FMCSA field and state investigators to ensure compliance with federal regulations. These reviews also allow FMCSA field and state investigators to document updated carrier registration information and provide this information to MCMIS. SAFER receives updated carrier registration information daily from MCMIS and provides this information to other FMCSA systems.
Carrier Census Data - SAFER distributes carrier census data to SAFETYNET and to systems participating in the CVISN Program. This information includes safety ratings, prioritization scores, and other summary data for motor carriers and HM shippers.
Vehicle Credential Data - Vehicle credential data are transmitted between CVISN state systems and SAFER via the SAFER FTP server or SAFER web services. Vehicle credential data include vehicle registrations, e-screening authorizations, vehicle transponder transactions, the International Fuel Tax Agreement (IFTA), the International Registration Plan (IRP), and the IRP Fleet.

How SAFER Uses Information

Information in SAFER is used by roadside inspectors to select drivers and vehicles for inspection. The roadside inspectors determine which drivers and vehicles to inspect based on safety and credential histories and the number of previous inspections. SAFER information is also used by FMCSA personnel to increase intrastate and interstate commercial vehicle safety operations and by insurance companies to improve safety performance. The following groups have access to SAFER:

Law Enforcement - Users access SAFER via roadside applications that query the database and upload inspection and investigation reports. Users can also access the SAFER website via the FMCSA Portal.
State Transportation Departments - Users access SAFER via the Commercial Vehicle Information Exchange Window (CVIEW), SAFETYNET, ASPEN and other third-party state applications.
Federal Agencies - FMCSA and U.S. Customs and Border Protection personnel access SAFER to enter inspection reports and retrieve safety data.
Third-Party Contractors - Users access SAFER to develop CVIEW-equivalent applications for state clients.
System Administrators and Developers - System administrators and developers at the Volpe Center access SAFER in order to perform their assigned roles and responsibilities.
General Public - Users, including insurance companies and motor carriers, access SAFER via the SAFER website to obtain safety rating and other safety information, inspection and crash data, and general motor carrier information. Users can also subscribe to receive electronic copies of motor carrier data stored on SAFER.

SAFER allows users to search FMCSA databases, register for USDOT Numbers, pay fines online, order company safety profiles, challenge FMCSA data using the DataQs system, access the National Hazardous Materials Route Registry (NHMRR), obtain National Motor Carrier Crash Rates and National Inspection Out of Service (OOS) Percentage Rates for the Hazardous Materials Safety Permit (HMSP) Program, download printable registration forms, and obtain information about other FMCSA systems.

How SAFER Uses Information

SAFER is interconnected with many other FMCSA and State systems, and information stored in SAFER is shared with state and federal agencies. SAFER is a data sharing system, which facilitates the interoperation of a number of Federal and State information systems under the auspices of FMCSA. This includes state information systems operating under the CVISN program, roadside applications operated by law enforcement officers, and other Federal Information Systems including MCMIS, L&I and SAFETYNET. The information is used by roadside inspectors to select vehicles and / or drivers for inspection based on the number of prior carrier inspections, as well as carrier, vehicle and driver safety and credential historical information, FMCSA personnel to enhance the intrastate and interstate commercial vehicle safety operations use data. Insurance companies analyze the data to enhance safety performance. SAFER facilitates data sharing with Commercial Vehicle Information Enforcement Window (CVIEW) and Performance and Registration Information Systems Management Program (PRISM) states.

For system interfaces managed by FMCSA, a Memorandum of Agreement (MOA) or Memorandum of Understanding (MOU) is not required for ensuring system interoperability. FMCSA management establishes MOAs and MOUs with state agencies as appropriate. The FMCSA Rules of Behavior for Information Technology Systems must be read, understood, and signed by each user.

How SAFER Provides Notice and Consent

SAFER does not collect PII directly from individuals. SAFER only stores PII that has been collected through other FMCSA systems. MCMIS is the authoritative source for information stored in SAFER.

How SAFER Ensures Data Accuracy

SAFER does not collect PII directly from individuals. SAFER only stores PII that has been collected through other FMCSA systems. MCMIS is the authoritative source for information stored in SAFER.

How SAFER Provides Redress

The SAFER website includes links to the FMCSA Privacy Policy and the DataQs system (https://dataqs.fmcsa.dot.gov/login.asp). The Privacy Policy describes FMCSA information practices related to the online collection and use of PII. DataQs is an electronic means for filing concerns about federal and state data released to the public by FMCSA. Individuals can use DataQs to challenge information included in their records. Motor carriers, state agencies, and FMCSA offices can use DataQs to challenge information concerning crashes, inspections, compliance reviews, safety audits, enforcement actions, vehicle registrations, operating authorities, insurance policies, and consumer complaints. After a challenge has been submitted, DataQs automatically forwards the challenge to the appropriate office for resolution and allows the party that submitted the challenge to monitor its status.

DataQs cannot be used to challenge safety ratings or civil actions managed under 49 CFR 385.15 (Administrative Review) or 49 CFR 385.17 (Change to Safety Rating Based upon Corrective Actions). Any challenges to information provided by state agencies must be resolved by the appropriate state agency.

How SAFER Secures Information

User access controls were developed to ensure that the number of individuals with access to restricted information in SAFER was kept to a minimum and was restricted to only those with a “need to know.” This strategy improves data confidentiality and integrity. These access controls were developed in accordance with Federal Information Processing Standards (FIPS) Publication 200, Minimum Security Requirements for Federal Information and Information Systems dated March 2006 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Rev. 2, Recommended Security Controls for Federal Information Systems dated December 2007. Audit provisions were also included to ensure that SAFER is used appropriately by authorized users and monitored for unauthorized usage.

The data center in which SAFER operates is a restricted access facility. Except for a small list of personnel with trusted access privileges, DOT personnel and contractors are required to sign in and sign out, give the purpose and estimated time of their visit, and be escorted by someone with trusted access privileges. SAFER requires FMCSA and State enforcement personnel to be authenticated with a valid user name and password, except for users of the public web application. The general public access is unrestricted via https://safer.fmcsa.dot.gov/. A certification and accreditation (C&A) is performed every three years to ensure that SAFER meets FMCSA and federal security requirements. SAFER also undergoes an additional C&A whenever a major change occurs to the system. SAFER is assessed in accordance with the Office of Management and Budget (OMB) Circular A-130 Appendix III, Security of Federal Automated Information Resources and the DOT Certification and Accreditation Guidance.

Additional activities are performed more frequently to ensure that SAFER complies with regulatory requirements. Continuous monitoring activities are also performed at least annually to provide ongoing oversight of security controls and to detect misuse of information stored in SAFER. The FMCSA Continuous Monitoring Program includes the following activities:

Configuration management and configuration control processes
Security impact analyses on changes to the information system
Regular assessments of select security controls in the information system
Security status reports to appropriate agency officials

How Long SAFER Retains Information

SAFER retains and disposes of information in accordance with applicable NARA retention schedule N1-557-05-07 Item #6. Length of retention time for SAFER documents depends on whether the information falls under inputs, master data files, documentation, or outputs.

System of records

Personal identifiers are not used to search for information in SAFER. Therefore, SAFER is not a Privacy Act system and does not require a System of Records Notice (SORN).