Privacy Impact Assessments (PIA) Collection
The Privacy Impact Assessment (PIA) is a decision tool to identify and mitigate privacy risks that notifies the public what Personally Identifiable Information (PII) DHS is collecting, why the PII is being collected and how the PII will be collected, used, accessed, shared, safeguarded and stored.
Use the “Filter” field to search PIAs by keyword and select a “Topic” to narrow results.
-
DHS-ALL-PIA-048 Foreign Access Management System
The Department of Homeland Security (DHS), Under Secretary for Management (USM), Office of the Chief Security Officer (OCSO), Center for International Safety and Security (CISS) manages the Foreign Access Management (FAM) program that vets foreign nationals,foreign entities, and certain United States Persons (USPER) that seek access to DHS personnel, information, facilities, programs, or systems. This Privacy Impact Assessment (PIA) update reflects the end of the Foreign Access Management Enterprise (FAME) Pilot program and the end of the agreement between OCSO/CISS and the Office of the Director of National Intelligence (ODNI) National Counterintelligence and Security Center (NCSC).
-
DHS-ICE-PIA-040 FALCON-Roadrunner
The U.S. Immigration and Customs Enforcement (ICE) Office of Homeland Security Investigations (HSI) has deployed a new information system called FALCON-Roadrunner, which is a module of the larger HSI FALCON environment. This system generates investigative leads and conducts trend analysis to identify illicit procurement networks, terrorist groups, and hostile nations attempting to illegally obtain U.S. military products; sensitive dual-use technology; weapons of mass destruction (WMD); or chemical, biological, radiological, and nuclear materials. FALCON-Roadrunner gives HSI investigators and analysts the ability to perform research, and generate leads for investigations of export violations within the jurisdiction of HSI. FALCON-Roadrunner analyzes trade, law enforcement, financial, and screening data across large, disparate datasets to identify statistically anomalous trade transactions that may warrant investigation of export violations. This Privacy Impact Assessment (PIA) was necessary because FALCON-Roadrunner accesses and stores Personally Identifiable Information (PII) retrieved from data systems owned by DHS and other government agencies, as well as commercially and publicly available data.
-
DHS-CBP-PIA-007 Electronic System for Travel Authorization
The Electronic System for Travel Authorization (ESTA) is an application and screening system used to determine whether citizens and nationals from countries participating in the Visa Waiver Program (VWP) are eligible to travel to the United States. The U.S. Department of Homeland Security (DHS), U.S. Customs and Border Protection (CBP) is publishing this Privacy Impact Assessment (PIA) update for ESTA to provide notice and assess the privacy risks associated with recent enhancements to ESTA, including (1) sharing national identifier numbers received from ESTA applicants with the country that issued the identification numbers, to obtain information about the ESTA applicant as part of the International Biometric Information Sharing (IBIS) Program; and (2) updates to the ESTA mobile application. April 2024
-
DHS-ALL-PIA-045 Loaned Executive Program
DHS’s Private Sector Office (PSO) manages the Department-wide Loaned Executive Program (LEP). The LEP is a special unpaid opportunity for executive-level private sector, academia, and cyber security experts to share their expertise with DHS. Through the LEP, DHS seeks innovative solutions to its homeland security challenges. DHS conducted this Privacy Impact Assessment because the LEP collects Personally Identifiable Information from members of the public.
-
DHS-CBP-PIA-022 Border Surveillance Systems (BSS)
The Department of Homeland Security (DHS) U.S. Customs and Border Protection (CBP) deploys Border Surveillance Systems (BSS) to provide comprehensive situational awareness along the United States border for border security and national security purposes, and to assist in detecting, identifying, apprehending, and removing individuals illegally entering the United States at and between ports of entry or otherwise violating U.S. law. BSS includes commercially available technologies such as fixed and mobile video surveillance systems, range finders, thermal imaging devices, radar, ground sensors, and radio frequency sensors.
-
DHS-FEMA-PIA – 039 Federal Insurance and Mitigation Administration Risk Insurance Division Underwriting and Claims Operation Review Tool
The Federal Emergency Management Agency (FEMA)’s Federal Insurance and Mitigation Administration (FIMA) Risk Insurance Division (RID) owns and operates the Underwriting and Claims Operation Review Tool (“U-CORT” or “Tool”). U-CORT is a modernization of previously manual oversight mechanisms to improve the management of the National Flood Insurance Program (NFIP) underwriting and claim loss adjustment process. This Privacy Impact Assessment (PIA) documents how U-CORT collects, uses, disseminates, and maintains Personally Identifiable Information (PII) of NFIP policy holders associated with underwriting and claim operation reviews.
-
DHS/ALL/PIA-014 Personal Identity Verification/Identity Management System (PIV/IDMS)
The Department of Homeland Security (DHS) is updating the Personal Identity Verification (PIV) Privacy Impact Assessment (PIA) Update, issued on June 18, 2009, to reflect changes in Departmental requirements and enhanced interoperability with US-VISIT Automated Biometric Identification System (IDENT) and the Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) Integrated Automated Fingerprint Identification System (IAFIS), DHS Component Physical Access Control Systems (PACS), DHS Component Active Directories, as well as issuance of PIV compatible credentials to visitors to DHS.
-
DHS-FEMA-PIA-015 Quality Assurance Recording System (QARS)
The Federal Emergency Management Agency (FEMA)’s Office of Response and Recovery (ORR), Recovery Directorate, National Processing Service Center (NPSC) Division operates the Quality Assurance Recording System (QARS). QARS captures telephone and computer screen recordings for the purpose of evaluating employee and contractor performance. These evaluations are designed to improve customer service to disaster assistance applicants requesting assistance under the Robert T Stafford Disaster Relief and Emergency Assistance Act. FEMA conducted this Privacy Impact Assessment (PIA) because QARS captures Personally Identifiable Information (PII) about Individual Assistance and Public Assistance applicants, as well as FEMA employees and contractors.
-
DHS-USSS-PIA-001 - Customer Proprietary Network Information (CPNI)
The US Secret Service (USSS) and the Federal Bureau of Investigation (FBI) co-sponsor and manage the Customer Proprietary Network Information (CPNI) reporting website, which is a tool for telecommunications carriers to report a breach of its customer proprietary network information to law enforcement. The USSS and the FBI conducted this Privacy Impact Assessment (PIA) because the CPNI reporting website contains personally identifiable information (PII).
-
DHS-TSA-PIA - 045 Security Threat Assessment for Conditional Access to Sensitive Security Information
The Transportation Security Administration (TSA) occasionally discloses Sensitive Security Information (SSI) to individuals so that they can assist with the design, implementation, or review of TSA security programs, techniques, or technology, or when needed to understand TSA functions. TSA may conclude that the individuals must undergo a security threat assessment (STA) as a condition of being granted access to the SSI. This Privacy Impact Assessment (PIA) was conducted because TSA will collect, maintain, and disseminate information in identifiable form on members of the public in order to conduct the STA.