PRIVACY IMPACT ASSESSMENT (PIA) For the

Similar documents
LSU HEALTH SHREVEPORT NOTICE OF PRIVACY PRACTICES FOR PROTECTED HEALTH INFORMATION

Archive and Destruction of Patient Records

MEDI-CAL (MC051) ERA ENROLLMENT INSTRUCTIONS

For purposes of this Security Agreement, the use of the terms you and your includes both the Oil and Gas Operator and the EFA when appropriate.

Choose Pharmacy Application Frequently Asked Questions (FAQs)

Voluntary Pre-Offer Self-Identification of Protected Veteran Status

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the

TRAINING PLAN FOR STEM OPT STUDENTS

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

Key Points for Approving Officers Regarding Electronic Filing

Security Force Assistance Brigade (SFAB) Frequently Asked Questions (V.1)

NOTICE OF PRIVACY PRACTICES

DOCUMENT TITLE: Clarification of Bureau of Primary Health Care Credentialing and Privileging Policy outlined in Policy Information Notice

Residential Mental Health Treatment for Children and Adolescents

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

Original Date: January 27, 2010 Reviewed/Last Modified Date: September 15, 2015

Yes, USERRA Applies to 12304b Duty

Institutional Policy Manual

CHAPTER 6 NETWORK REQUIREMENTS

NOTE: The first appearance of terms in bold in the body of this document (except titles) are defined terms please refer to the Definitions section.

OLTL Transition Plan CMS HCBS Regulations. Introduction

PRIVACY IMPACT ASSESSMENT (PIA) For the

Guidelines for Analysis of Credentials to be Included on COOL

EXPLANATORY NOTES. (applicable from 1 July 2015) STAGE 1 DESKTOP ASSESSMENT. for the RECOGNITION OF OVERSEAS OCCUPATIONAL THERAPY QUALIFICATIONS

COMSEC Custodian Quick Reference Guide

AGENCY NAME - Crisis Stabilization Services

PRIVACY IMPACT ASSESSMENT (PIA) For the

Medical Assistance in Dying: Update Stakeholder Presentation

PRIVACY IMPACT ASSESSMENT (PIA) For the

Who is authorized to give consent (substitute decision makers) Health Care Consent Act

2019 IGP Faculty Research Initiation Grant

April 2, Jennifer Kent Director California Department of Health Care Services 1501 Capitol Avenue Sacramento, CA 95814

SECTION A: Patient s name: Last: First: MI: Date of birth: Phone number: Medical Record Number:

PRIVACY IMPACT ASSESSMENT (PIA) For the

p so January 16, 2014

Home Modifications Enrolment Form

PRIVACY IMPACT ASSESSMENT (PIA) For the. Business Information Management System (BIMS)

Quincy University Grants Development & Management Guide

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the

DoD Plain Writing Act Compliance Report April 13, 2018

Frequently asked questions about health identifiers August 2015

CITY OF MELBOURNE APPLICATION FOR DOWNTOWN MELBOURNE CRA RETAIL CORE COMMERCIAL LIGHTING PROGRAM

H-1B PETITION EMPLOYEE QUESTIONNAIRE

PAPER FOR NHS LUTON COMMUNITY SERVICES BOARD MEETING HELD ON 21 ST APRIL 2010

PRIVACY IMPACT ASSESSMENT (PIA) For the

Practice Improvement Network (PIN) Project Application

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the

Wood Windows and Doors Application

PRIVACY IMPACT ASSESSMENT (PIA) For the

Financial Officer 18 Applicant Inventory

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the

Bulletin. Required Activity: Admission to Medicaid-Certified Nursing Facilities and 90-day Redetermination TOPIC PURPOSE CONTACT SIGNED

Growing Enterprise ERDF GRANT FUNDING PROCEDURES

Administration of First Aid Policy

PRIVACY IMPACT ASSESSMENT (PIA) For the

CMS Change Request User Guide. Required April 1, Consolo Services CMS Change Request 8358 User Guide P a g e 1

Denver Public Schools. Financial Services. Financial Services Manual. Grants

February 11, 2011 Volume 16 Number 2 Infection Control F441

Instructions. Important Dates. Application Deadline: May 15, 2013 at 5:00 p.m. Grant Awards Announced: July 15, 2013

Admission Agreement (SMOKE FREE CAMPUSES)

Work Instruction Patient Visits

PRIVACY IMPACT ASSESSMENT (PIA) For the

'i'~~~ DEPARTMENT OF DEFENSE OFFICE OF FREEDOM OF INFORMATION 1155 DEFENSE PENTAGON WASHINGTON, DC OCT 2015.

CITY OF MELBOURNE APPLICATION FOR OLDE EAU GALLIE RIVERFRONT CRA FAÇADE IMPROVEMENT PROGRAM

Directions & Instructions for Filing an Application to the Radiologic Technology Program

Guide to Complete the Steps for Foreign-Trained Nurses to Obtain the Maryland Registered Nurse (RN) License

GRANT APPLICATION. Sustainable Agricultural Land Strategy Grants SUSTAINABLE AGRICULTURAL LANDS CONSERVATION PROGRAM

Resident Assistant Application

Inter-Service Transfer of Army Commissioned Officers on the Active Duty List

PRIVACY IMPACT ASSESSMENT (PIA) For the

PRIVACY IMPACT ASSESSMENT (PIA) For the

Who is responsible for establishing standards of practice for the profession

Terminating the Provider- Patient Relationship. Provided by Coverys Risk Management

About this guide 5 Section 1: Meeting VET sector requirements 7

PRIVACY IMPACT ASSESSMENT (PIA) For the

BEHAVIORAL HEALTH STAFF COVERAGE PROTOCOL. Psychiatrist and Psychologist Coverage Plan...4. Telemedicine.7

Environment, Health and Safety Policy Appendix B: Environment, Health and Safety Responsibilities

PRIVACY IMPACT ASSESSMENT (PIA) For the

GRANT GUIDELINES FOR ORGANIZATIONS 2017 CYCLE

JOB DESCRIPTION. Training Programme Director. Health Education Wessex. Head of School. Secondment. Consultant Contract

SEQOHS Accreditation Assessor Job Description

PRIVACY IMPACT ASSESSMENT (PIA) For the

IHSS In Home Support Services

PRIVACY IMPACT ASSESSMENT (PIA) For the

Military Medical Student Association (MMSA) Constitution

CANADA-JERUSALEM CO-DEVELOPMENT AND CO-PRODUCTION INCENTIVE GUIDELINES 2017

PRIVACY IMPACT ASSESSMENT (PIA) For the

Meeting Minutes: Radioactive Materials Unit March 6, 2018

Instructions for Preparing a Servicemembers Opportunity Colleges Degree Network System Student Agreement

PRIVACY IMPACT ASSESSMENT (PIA) For the

Obtain an official copy of your PN transcript to submit with this packet.

WHAT IS CAL MEDICONNECT? Cal MediConnect is a health plan that combines all of the benefits you now get from Medicare and Medi-Cal into a single plan.

Oregon Registry. Infant Toddler Professional Credential. Overview. Oregon Center for Career Development in Childhood Care and Education

PRIVACY IMPACT ASSESSMENT (PIA) For the

State of Florida Department of Children and Families

Transcription:

PRIVACY IMPACT ASSESSMENT (PIA) Fr the Medical Bards Online Tracking System (MEDBOLTS) Department f the Navy - TMA DHP Funded System SECTION 1: IS A PIA REQUIRED? a. Will this Department f Defense (000) infrmatin system r electrnic cllectin f infrmatin (referred t as an "electrnic cllectin" fr the purpse f this frm) cllect, maintain, use, andlr disseminate PII abut members f the public, Federal persnnel, cntractrs r freign natinals emplyed at U.S. military facilities internatinally? Chse ne ptin frm the chices belw. (Chse (3) fr freign natinals). D (1) Yes, frm members f the general public. [g] D D (2) Yes, frm Federal persnnel' and/r Federal cntractrs. (3) Yes, frm bth members f the general public and Federal persnnel and/r Federal cntractrs. (4) N * "Federal persnnel" are referred t in the DD IT Prtfli Repsitry (DITPR) as "Federal emplyees." b. If "N," ensure that DITPR r the authritative database that updates DITPR is anntated fr the reasn(s) why a PIA is nt required. If the 000 infrmatin system r electrnic cllectin is nt in DITPR, ensure that the reasn(s) are recrded in apprpriate dcumentatin. c. If "Yes," then a PIA is required. Prceed t Sectin 2. DO FORM 2930 NOV 2008 Pagelf17

SECTION 2: PIA SUMMARY INFORMATION a. Why is this PIA being created r updated? Chse ne: New DD Infrmatin System New Electrnic Cllectin Existing DD Infrmatin System Existing Electrnic Cllectin Significantly Mdified DD Infrmatin System b. Is this DD infrmatin system registered in the DITPR r the 000 Secret Internet Prtcl Ruter Netwrk (SIPRNET) IT Registry? Yes, DITPR Enter DITPR System Identificatin Number 1141 ============ Yes, SIPRNET Enter SIPRNET Identificatin Number N c. Des this 000 infrmatin system have an IT investment Unique Prject Identifier (UPI), required by sectin 53 f Office f Management and Budget (OMB) Circular A-11? Yes N If "Yes," enter UPI 1007-97-01-15-02-0096-00 If unsure, cnsult the Cmpnent IT Budget Pint f Cntact t btain the UPI. d. Des this 000 infrmatin system r electrnic cllectin require a Privacy Act System f Recrds Ntice (SORN)? A Privacy Act SORN is required if the infrmatin system r electrnic cllectin cntains infrmatin abut U.S. citizens r lawful permanent U.S. residents that is retrieved by name r ther unique identifier. PIA and Privacy Act BORN infrmatin shuld be cnsistent. Yes N If "Yes," enter Privacy Act SORN Identifier ILN_0_6_15_0_-_2 _ DD Cmpnent-assigned designatr, nt the Federal Register number. Cnsult the Cmpnent Privacy Office fr additinal infrmatin r access DD Privacy Act SORNs at: http://www.defenselink.mil/privacy/ntices/ r Date f submissin fr apprval t Defense Privacy Office Cnsult the Cmpnent Privacy Office fr this date. DD FORM 2930 NOV 2008 Page 2 f 17

e. Des this 000 infrmatin system r electrnic cllectin have an OMS Cntrl Number? Cntact the Cmpnent Infrmatin Management Cntrl Officer r DD Clearance Officer fr this infrmatin. This number indicates OMB apprval t cllect data frm 10 r mre members f the public in a 12-mnth perid regardless f frm r frmat. DYes Enter OMS Cntrl Number Enter Expiratin Date [gj N f. Authrity t cllect infrmatin. A Federal law, Executive Order f the President (EO), r 000 requirement must authrize the cllectin and maintenance f a system f recrds. (1) If this system has a Privacy Act SORN, the authrities in this PIA and the existing Privacy Act SORN shuld be the same. (2) Cite the authrity fr this DD infrmatin system r electrnic cllectin t cllect, use, maintain and/r disseminate PII. (If multiple authrities are cited, prvide all that apply.) (a) Whenever pssible, cite the specific prvisins f the statute and/r EO that authrizes the peratin f the system and the cllectin f PII. (b) If a specific statute r EO des nt exist, determine if an indirect statutry authrity can be cited. An indirect authrity may be cited if the authrity requires the peratin r administratin f a prgram, the executin f which will require the cllectin and maintenance f a system f recrds. (c) DD Cmpnents can use their general statutry grants f authrity ("internal husekeeping") as the primary authrity. The requirement, directive, r instructin implementing the statute within the DD Cmpnent shuld be ideniified. System f Recrd Authrities: 5 U.S.C. 301, Departmental Regulatins; 10 U.S.C. 1095, Cllectin frm Third Party Payers Act; 10 U.S.C. 5131 (as amended); 10 U.S.C. 5132; 44 U.S.C. 3101; 10 CFR part 20, Standards fr Prtectin Against Radiatin; and, E.O. 9397 (SSN) Additinal Authrities: Manual f the Medical Department (MANMED), NAVMED P-117, Chapter 18, Medical Evaluatin Bards DD FORM 2930 NOV 2008 Page 3 f 17

g. Summary f 000 infrmatin system r electrnic cllectin. Answers t these questins shuld be cnsistent with security guidelines fr release f infrmatin t the public. (1) Describe the purpse f this DD infrmatin system r electrnic cllectin and briefly describe the types f persnal infrmatin abut individuals cllected in the system. MEDBOLTS prvides its users with a rbust, web-applicatin fr perfrming the fllwing functins: maintain demgraphic infrmatin assciated with military persnnel, administer and maintain medicai bards, and t generate assciated medical bard frms, etc. MEDBOLTS is a Web-based system accessible t thse Medical Treatment Facilities MTF(s) with Cnvening Authrity t perfrm Medical Evaluatin Bards (MEB). A MEB evaluates a patient and prduces a Medical Evaluatin Bard Reprt (MEBR) n that patient's cnditin. MTF Cnvening Authrities may cnvene a MEB t evaluate and prepare an MEBR n any member f the military. MEBR(s) are used fr tw purpses: 1) Placing a patient n Temprary Limited Duty (TLD) r Limited Duty (L1MDU); r 2) Referring a patient t the Physical Evaluatin Bard (PEB) fr a determinatin f the patient's fitness fr cntinued Naval service. MEDBOLTS captures and shares data glbally, allwing all MTF(s) with Cnvening Authrity t research, fr any patient referred t an MEB, bth the cntemprary bard activity as well as histrical referrals t any MEB. These histrical checks are vital t assisting service headquarters and parent cmmands with ensuring apprpriate persnnel cmmunity management acrss the Navy and Marine Crps, and prper ruting f Medical Evaluatin Bard Reprts. PII cllected abut individuals include: name, SSN, date f birth, gender, marital status, hme address, military recrds, security clearance and emplyment, medical and disability infrmatin. (2) Briefly describe the privacy risks assciated with the PII cllected and hw these risks are addressed t safeguard privacy. All systems are vulnerable t "insider threats." MEDBOLTS managers are vigilant t this threat by limiting system access t thse individuals wh have a defined need t access the infrmatin. There are defined criteria t identify wh shuld have access t MEDBOLTS. These individuals have gne thrugh extensive backgrund and emplyment investigatins. Data in MEDBOLTS is maintained in accrdance with HIPAA requirements. Only users with apprpriate access and need-ta-knw are authrized t manage data in this system. The level f access and authrizatin fthese users is detailed in the MEDBOLTS System Security Authrizatin Agreement. All users have backgrund investigatin and are apprved ADP II clearances prir t being granted access t MEDBOLTS. The MEDBOLTS system has a thrugh Audit lg t track the activities f any user when lgged in t the system. These prcedures mitigate any risk f cmprmise f PII. h. With whm will the PII be shared thrugh data exchange, bth within yur 000 Cmpnent and utside yur Cmpnent (e.g., ther 000 Cmpnents, Federal Agencies)? Indicate all that apply. I:Sl Within the 000 Cmpnent. PII is shared within MEDBOLTS, Navy Medicine Infrmatin Systems Supprt Activity (NAVMISSA), Bureau f Medicine and Surgery (BUMED) Claimancy, BUPERS and Marine Crps authrized users. Individuals are authrized t view MEDBOLTS fr their specific cmmands. Data is als utilized by the Navy, Marine Crps and NAVMISSA fr infrmatin reprting statistics. DD FORM 2930 NOV 2008 Page 4 f 17

Other 000 Cmpnents. Other Federal Agencies. State and Lcal Agencies. Cntractr (Enter name and describe the language in the cntract that safeguards PII.) Other (e.g.' cmmercial prviders, clleges). i. D individuals have the pprtunity t bject t the cllectin f their PII? DYes I:><J N (1) If "Yes," describe methd by which individuals can bject t the cllectin f PII. (2) If "N," state the reasn why individuals cannt bject. NAVMED P-117 (Manual f Medicine) requires an evaluatin fsuitability fr cntinued service fr all members remved frm full duty fr medical reasns within the Department f the Navy. As such, the service member is required t prvide the apprpriate PII. All PII available in MEDBOLTS is able t be reviewed via the Medical Bard Office in the Patient Administratin Department fthe Military Treatment Facility where the case is being managed. j. D individuals have the pprtunity t cnsent t the specific uses f their PII? DYes I:><J N (1) If "Yes," describe the methd by which individuals can give r withhld their cnsent. DD JRIVI 2930 NOv 2008 Page 5 f 17

(2) If "N," state the reasn why individuals cannt give r withhld their cnsent. NAVMED P-117 (Manual f Medicine) requires an evaluatin f suitability fr cntinued service fr all members remved frm full duty fr medical reasns within the Department f the Navy. As such, the service member is required t prvide the apprpriate PII. All PII available in MEDBOLTS is able t be reviewed via the Medical Bard Office in the Patient Administratin Department f the Military Treatment Facility where the case is being managed. k. What infrmatin is prvided t an individual when asked t prvide PII data? Indicate all that apply. ~ Privacy Act Statement D Privacy Advisry ~ Other D Nne Describe A pre-printed Department f Defense (DD) Frm 2005, "Privacy Act Statement - Health Care each Recrds" is prvided t the patient at the pint f care fr review and signature and it is placed in the applicable patient's medical recrd. frmat. All members wh have PII entered in MEDBOLTS are interviewed by Medical Bard Office staff members prir t and during the data cllectin prcess. The prcess f the cllectin and evaluatin f the data is verbally explained t each member. The privacy f the infrmatin is detailed t the member and member signature- is required prir t the data being frwarded t the evaluatin bard. DD FORM 2930 NOV 2008 Page 6 f 17

, NOTE: Sectins 1 and 2 abve are t be psted t the Cmpnent's Web site. Psting f these Sectins indicates that the PIA has been reviewed t ensure that apprpriate safeguards are in place t prtect privacy. A Cmpnent may restrict the publicatin f Sectins 1 and/r 2 if they cntain infrmatin that wuld reveal sensitive infrmatin r raise security cncerns. DD FORM 2930 NOV 2008 Page 7 f 17

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback