DEPARTMENT OF TRANSPORTATION
Federal Aviation Administration
Privacy Impact Assessment
Enforcement Information System (EIS) Modernization
July 31, 2009
The Federal Aviation Administration (FAA) within the Department of Transportation (DOT) has been given the responsibility of civil aviation safety. The FAA is responsible for:
- Regulating civil aviation to promote safety;
- Encouraging and developing civil aeronautics, including new aviation technology;
- Developing and operating a system of air traffic control and navigation for both civil and military aircraft;
- Developing and carrying out programs to control aircraft noise and other environmental effects of civil aviation; and
- Regulating U.S. commercial space transportation.
The safety of the nations flying public depends, in large part, on the aviation industry's compliance with safety regulations and the Federal Aviation Administration's (FAA) enforcement of those regulations when violations occur. FAA has a variety of enforcement mechanisms that it may use to respond to violations including administrative actions (such as issuing a warning notice or a letter of correction that includes the corrective actions the violator must take) and legal sanctions (such as levying a fine or suspending or revoking a pilot or other FAA-issued certificate). FAA plans to revise how it uses these enforcement tools over the next several years to target the type of enforcement actions so that they will be based on an assessment of the intent of the violator and the risks to safety.
The modernized EIS system would use a web interface for all of the above components, and also support the Paperwork Reduction and E-Government Act priorities. EIS modernization is in the early planning stages.
Privacy management is an integral part of the EIS system. DOT/FAA has retained the services of privacy experts to help assess its privacy management program, utilizing proven technology, sound policies and procedures, and proven methodologies.
The privacy management process is built upon a methodology that has been developed and implemented in leading companies around the country and globally. The methodology is designed to help ensure that DOT and FAA will have the information, tools, and technology necessary to manage privacy effectively and employ the highest level of fair information practices, while allowing FAA to achieve its mission of protecting and enhancing a most important U.S. transportation system. The methodology is based upon the following:
Personally Identifiable Information (PII) and EIS
The Enforcement Information System (EIS) is the FAA's primary database for tracking and reporting information about enforcement actions for statutory or regulatory violations. The current system, which is already Privacy Act compliant, is being modernized. The modernization effort provides for migrating the current EIS from the mainframe to a web-enabled system with functionality for data capture, validation, and verification as well as automated processing and data sharing across multiple FAA lines of business (LOBs). The goal of the EIS modernization project is to provide for a new web enabled EIS system that will reside on servers housed at AQS-250 in Oklahoma City, OK.
Plans for the modernized EIS require the system to incorporate nine basic functions, using designated aviation industry employees to perform these functions:
- Offer automatic data feeds into other related systems/databases to eliminate duplicate data entry.
- Provide a basic analytical module that can easily be modified to respond to the needs of each LOB.
- Supply required documentation, to include On-line User Guide and System documentation.
- Restrict and protect areas that are important to only one LOB and/or Legal.
- Provide edit checking and data validation for all appropriate data fields. Related field validation (i.e., Date 1st known should not be before the date of the violation) and verification that the regulation cited is appropriate for the violation.
- Collect user feedback.
- Afford automatic updates to Federal Aviation Regulations (FAR) tables when regulatory changes are made.
- Grant access to each LOB impacted, to include data sharing and a continuous evaluative process.
- Offer automated process workflow with future capability to fully automate a paper case file.
The EIS system contains PII pertaining to Enforcement actions as needed to determine corrective actions or liability in enforcement actions. In addition, EIS contains non-PII on businesses/organizations involved in aviation. Rather, EIS combines information that FAA already collects, authorized through Paperwork Reduction Act OMB control number 2120-0033 and regulated by the Privacy Act of 1974, as stated in DOT/FAA 830 Representatives of the Administrator and DOT/FAA 847 Aviation Records on Individuals 847 System of Records Notices. For an individual's PII to be included in EIS, that individual must been notified of an enforcement action initiated by FAA, or have had her/his name submitted as a reference or contact in an enforcement action as a witness/complaint/comment pertaining to an enforcement action. PII that EIS may contain includes the following: Name, Address, telephone number, and certificate number (which may contain the person's Social Security Number).
Why EIS Collects Information
The FAA mission is to provide the safest aviation system in the world. FAA must gather information concerning violations in all areas affecting the safe operation of aircraft. The areas include, but are not limited to, the following: drug abatement, hazardous material, Airman Medical, manufacturing of aircraft, and operations of aircraft and airlines.
EIS supports restricted access functionality to all parts of the system. Therefore, EIS may also contain usernames and passwords, and associate those data with individuals accessing EIS.
Legal Authority for Information Collection
The legal authority for collection of this information is Title 49, USC, Section 44702.
How EIS Uses Information
EIS is primarily an internal tool to provide tracking of enforcement and compliance cases and their outcome, and uses PII only for these purposes. Witness and Defendant PII represents all or most of the PII planned for the modernized EIS, and FAA will use this PII in the same privacy-sensitive manner it does now to communicate with potential/current witnesses and defendants, monitor and control enforcement and compliance cases processes, and maintain quality of designee activities.
How EIS Shares Information
In some cases, FAA may need to share some information in EIS with other elements of FAA, or perhaps other government agencies. Routine sharing of this nature will be provided for and monitored through Memorandums of Understanding that define protocols, recipients, security, authorized uses, and other protections. FAA does not normally share PII from EIS outside of the Federal government. FAA will also provide the minimum information necessary in these data transfers and regulate user access according to job function and business need.
How EIS Provides Notice and Consent
How EIS Ensures Data Accuracy
EIS receives all enforcement and compliance data directly through forms submitted by FAA safety inspectors, or through additional contact or interaction. The length of time a record remains on the EIS system is governed by Federal guidelines, and where applicable, FAA maintains a retention policy that addresses system data retention and destruction. FAA assigns for each component of EIS a data steward, who will be responsible for reviewing data integrity and accuracy; applying retention and data quality procedures. FAA enforcement and compliance records are expunged in accordance with the records and EIS policy.
Under the provisions of the Privacy Act and Freedom of Information Act (FOIA), individuals may request searches of EIS to determine if any records have been added that may pertain to them. This is accomplished by sending a written request directly to:
Federal Aviation Administration
Manager, AFS620, Aviation Data Systems Branch
6500 South MacArthur Blvd.
Oklahoma City, Oklahoma 73125
The request must contain the name, certificate number, and information regarding the request. FAA does not currently allow public access to information stored in the EIS. If there is a limited public access site developed, there will be no PII provided in the site.
How EIS Provides Redress
How EIS Secures Information
EIS takes appropriate security measures to safeguard PII and other sensitive data. EIS applies DOT security standards including, but not limited to, routine scans and monitoring, back-up activities, and background security checks of FAA employees and contractors. In addition, access to EIS PII is limited according to job function. FAA controls access privileges according to the minimum necessary rule, with the most sensitive data, such as social security number, accessible only to one or more system administrators as necessary.
The following access safeguards are also implemented:
- Passwords expire after a set period.
- Accounts are locked after a set period of inactivity.
- Minimum length of passwords is eight characters.
- Passwords must be a combination of letters, numbers, and special characters.
- Accounts are locked after a set number of incorrect attempts.
The following matrix describes the levels of access and safeguards around each of these roles as they pertain to PII.
|User (Level 3)|
|User (Level 2)|
|Site Administrator (Level 1)|
How Long EIS Retains Information
In order to provide historical information on Enforcement actions, EIS keeps the names of individuals that have not been expunged indefinitely. The electronic records generated by EIS are currently unscheduled with the National Archives and Records Administration (NARA). Until they are scheduled, the electronic records will be maintained indefinitely, as required by 36 CFR 1228.26(a)(1) and (2).
System of Records
EIS contains information that is part of an existing system of records subject to the Privacy Act, because it is searched by name and possibly other unique identifier.
FAA certifies and accredits the security of EIS in accordance with DOT standard requirements.