Font Size Print Download Reader HHS Home|HHS News|About HHS

Agency for Healthcare Research & Quality Privacy Impact Assessments

06.3 HHS PIA Summary for Posting (Form) / AHRQ Consumer Assessment of Healthcare Providers and Systems/Survey on Patient Safety (CAHPS/SOPS)

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? Yes

If this is an existing PIA, please provide a reason for revision: -

1. Date of this Submission: Feb 12, 2009

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: Unknown

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): N/A

5. OMB Information Collection Approval Number: N/A

6. Other Identifying Number(s): Contract HHSA 290200710024C

7. System Name (Align with system Item name): Consumer Assessment of Healthcare Providers and Systems / Survey on Patient Safety (CAHPS/SOPS)

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Christine Crofton

10. Provide an overview of the system: The system includes applications and information management processes developed for both the CAHPS and SOPS programs, and those that support the merged CAHPS/SOPS program. It includes a number of web-based data submission applications supporting a public web site. Data collected through and managed by the CAHPS/SOPS submission applications contain survey data that are collected using standard CAHPS/SOPS survey instruments. These survey data are collected at the person level but do not contain any information in identifiable form. Only a unique record level identifier along with survey responses to individual survey items is provided in the survey data files. In addition to survey data, the applications also collect administrative and characteristic data such as measurement year, health care organization name, sample size, frame size, survey methodology and response rate.

13. Indicate if the system is new or an existing one being modified: New

17. Does/Will the system collect, maintain (store), disseminate and/or pass through PII within any database(s), record(s), file(s) or website(s) hosted by this system? (Note: This question seeks to identify any, and all, personal information associated with the system. This includes any PII, whether or not it is subject to the Privacy Act, whether the individuals are employees, the public, research subjects, or business partners, and whether provided voluntarily or collected by mandate. Later questions will try to understand the character of the data and its applicability to the requirements under the Privacy Act or other legislation. Does/Will the system collect, maintain (store), disseminate and/or pass through PII within any database(s), record(s), file(s) or website(s) hosted by this system?): No

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): No

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A

30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) in this description, explicitly indicate whether the information contains PII; and (4) whether submission of personal information is voluntary or mandatory: Data collected through and managed by the CAHPS/SOPS submission applications contain survey data that are collected using standard CAHPS/SOPS survey instruments. These survey data are collected at the person level but do not contain any information in identifiable form. Only a unique record level identifier along with survey responses to individual survey items is provided in the survey data files. In addition to survey data, the applications also collect administrative and characteristic data such as measurement year, health care organization name, sample size, frame size, survey methodology and response rate.

31. Please describe in detail any processes in place to: (1) notify and obtain consent from the individuals whose PII is in the system when major changes occur to the system (e.g., disclosure and/or data uses have changed since the notice at the time of the original collection); (2) notify and obtain consent from individuals regarding what PII is being collected from them; and (3) how the information will be used or shared.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) N/A - the system does not contain PII.

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: No

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): No

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: N/A

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Danielle Shostal

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Feb 12, 2009

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________

06.3 HHS PIA Summary for Posting (Form) / AHRQ Healthcare Innovations Exchange (HCIE)

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? Yes

If this is an existing PIA, please provide a reason for revision: -

1. Date of this Submission: Jun 30, 2008

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: N/A

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): N/A

5. OMB Information Collection Approval Number: N/A

6. Other Identifying Number(s): N/A

7. System Name (Align with system Item name): AHRQ Healthcare Innovations Exchange (HCIE)

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mary Nix

10. Provide an overview of the system: A database and web site of innovations and tools used to improve health care quality.

13. Indicate if the system is new or an existing one being modified: New

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): No

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): The web site portion of the system displays IIF of innovators to the public audience to facilitate communication between potential adopters and the innovators.

30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) in this description, explicitly indicate whether the information contains PII; and (4) whether submission of personal information is voluntary or mandatory: The information the agency will collect, maintain, and disseminate consists of details describing innovative activities and tools used in health care quality improvement initiatives around the country. The details of innovations (not of tools) could include IIF, voluntarily submitted, if the innovator would like his/her contact information provided for potential adopters to contact him/her with questions about the innovation.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) Individuals that desire IIF information to be placed on the web site, must first certify their consent prior to the information being published.

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: No

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): Yes

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Individuals that desire IIF information to be placed on the web site must first certify their consent prior to the information being published. This information will remain (retention) on the web site until the individual contacts Westat and requests that the IIF be removed (destruction). The information or Web content will then be promptly removed. In addition annual recertification will be required. Technical and physical controls are in place including review and approval of content that may contain voluntary IIF information. Physical controls include the content media for publication which is physically delivered and only employees with proper credentials for access (passwords, badges, least privilege rights etc.) can publish the certified and approved content to the site.

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Danielle Shostal

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Jul 22, 2008

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________

06.3 HHS PIA Summary for Posting (Form) / AHRQ Medical Expenditure Panel Survey (MEPS)

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? No

If this is an existing PIA, please provide a reason for revision: PIA Validation

1. Date of this Submission: Oct 30, 2008

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: 009-33-01-04-01-0011-00; (009-33-01-04-01-0011-00-110-218; 009-33-01-04-01-0011-00-202-070)

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): 09-35-0002

5. OMB Information Collection Approval Number: N/A

6. Other Identifying Number(s): N/A

7. System Name (Align with system Item name): Medical Expenditure Panel Survey (MEPS)

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Doris Lefkowitz

10. Provide an overview of the system: MEPS is used to provide national data on health care expenses of the civilian population living in the United States. Specifically, MEPS captures detailed statistics on the type of medical services used, how frequently they are used, the cost of those services, and how they are paid for, as well as health conditions and health insurance availability and coverage.

13. Indicate if the system is new or an existing one being modified: Existing

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): Yes

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): The agency does not share the IIF. Only non-IIF information is shared.

30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) in this description, explicitly indicate whether the information contains PII; and (4) whether submission of personal information is voluntary or mandatory: The information collected is: the age, race, and sex of each family member; Health conditions; Current Health Status; Visits to health care providers (doctors, dentists, hospitals, etc.); Charges and Payments for Health Care; Medications; Employment; Health Insurance. It is collected through a team of interviewers and the information submission is voluntary. The information is used to generate statistical data that is used to spot trends in health care spending.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) The information is gathered through an interview process with the selected participants and is provided on an voluntary basis. Prior to the interview process, it is explained to the participants what data is being collected, why, and how the data is shared and protected.

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: No

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): Yes

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: The IIF information is secured on a protected network that only accessible from specific terminals. This network has no access to the Internet or any other network. For COOP purposes the data is mirrored to an off-site host and is only accessible via VPN or at recovery facility.

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Secure One HHS Migration

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Feb 24, 2009

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________

06.3 HHS PIA Summary for Posting (Form) / AHRQ Medical Expenditure Panel Survey (MEPS) Enclave

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? Yes

If this is an existing PIA, please provide a reason for revision: -

1. Date of this Submission: Dec 8, 2008

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: -

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): Pending

5. OMB Information Collection Approval Number: N/A

6. Other Identifying Number(s): N/A

7. System Name (Align with system Item name): MEPS Enclave

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Doris Lefkowitz

10. Provide an overview of the system: The MEPS Enclave collects demographic information, healthcare use data, health care expenses, health insurance coverage data and the quality of medical care and preventive services received by the households data. In addition, as part of the survey, the system acquires and processes case information from medical providers. Participating households authorize the project (in writing) to request information from those doctors, hospitals, pharmacies, and other medical providers from which they receive service. Data, collected through MEPS Enclave, is used for the construction of analytical variables and files which are delivered to AHRQ for publication.

13. Indicate if the system is new or an existing one being modified: Existing

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): Yes

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): AHRQ processes public use files to provide nationally representative estimates for the US civilian non-institutional population.

30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) in this description, explicitly indicate whether the information contains PII; and (4) whether submission of personal information is voluntary or mandatory: Respondent data includes demographic information, healthcare use, cost of services, sources of payment and insurance coverage, containing IIF. The MEPS Enclave provides data to create nationally representative estimates for the US civilian non-institutionalized population. Submission of personal information is voluntary except for name and address.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) 1) Changes in disclosure and/ or data uses not anticipated.

2) Contact via letter or phone call

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: -

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): -

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Only authorized personnel have access to the data. The data is encrypted when stored and transmitted.

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Danielle Shostal

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Nov 12, 2008

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________

06.3 HHS PIA Summary for Posting (Form) / AHRQ National Guidelines Quality Measures Clearinghouse (NGQMC)

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? No

If this is an existing PIA, please provide a reason for revision: PIA Validation

1. Date of this Submission: Oct 31, 2007

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: NA

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): N

5. OMB Information Collection Approval Number: NA

6. Other Identifying Number(s): NA

7. System Name (Align with system Item name): AHRQ National Guidelines and Quality Measures Clearinghouse (NGC/NQMC)

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Mary P. Nix

10. Provide an overview of the system: AHRQ National Guidelines Quality Measures Clearinghouse is composed of the AHRQ National Guidelines Clearinghouse and the AHRQ National Quality Measures Clearinghouse. AHRQ National Guidelines Clearinghouse (NGC) is a public resource for evidence-based clinical practical guidelines. NGC is an initiative of the Agency for Healthcare Research and Quality (AHRQ). The NGC Website is a public website hosted by ECRI at Voicenet. No sensitive information is collected. AHRQ National Quality Measures Clearinghouse (NQMC) is a public repository for evidence-based quality measures and measure sets. The AHRQ National Quality Measures Clearinghouse (NQMC) Website is also hosted by ECRI at Voicenet.

13. Indicate if the system is new or an existing one being modified: Existing

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): No

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): NA

30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) in this description, explicitly indicate whether the information contains PII; and (4) whether submission of personal information is voluntary or mandatory: NGQMC consists of databases and web servers that collect evidence-based clinical practice guidelines and information on specific evidence-based health care quality measures and measure sets. The system mission is to provide physicians, nurses, and other health professionals, health care providers, health plans, integrated delivery systems, purchasers, and others an accessible mechanism for obtaining objective, detailed information on clinical practice guidelines and quality meastures to further their dissemination, implementation, and use. The system does not contain PII.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) N/A - the system does not contain PII.

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: No

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): No

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: NA The system does not collect IIF.

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Ryan Tappis

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Oct 31, 2007

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________

06.3 HHS PIA Summary for Posting (Form) / AHRQ Patient Safety Organization (PSO) Privacy Protection Center (PPC)

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? No

If this is an existing PIA, please provide a reason for revision: Significant System Management Changes

1. Date of this Submission: Feb 2, 2009

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: N/A

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): N/A

5. OMB Information Collection Approval Number: N/A

6. Other Identifying Number(s): Contract # HHSA-290-2007-10032-C, AHRQ-07-10032

7. System Name (Align with system Item name): AHRQ Patient Safety Organization (PSO) Privacy Protection Center (PPC)

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Amy Helwig

10. Provide an overview of the system: To support the Patient Safety and Quality Improvement Act (PL 109-41), the PSO PPC provides PSOs information on PPC services, submission formats and the ability to submit patient safety event information.

13. Indicate if the system is new or an existing one being modified: Existing

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): No

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): N/A

Information about registered Patient Safety Organizations, the Network of Patient Safety Databases, and AHRQ is collected and maintained for the purpose of providing technical assistance to the PSO program. This information does not contain PII and is not disseminated.

Information is collected and maintained on Patient Safety Organization personnel for the purpose of establishing and managing accounts on the PSO PPC Website. This information contains PII, but is not disseminated. Submission of the information is voluntary.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) Registered Patient Safety Organizations must have a Memorandum of Understanding (MOU) and a Data Use Agreement (DUA) on file before their personnel may register for an account on the PSO PPC Website. These documents contain language that advises how PII will be used. Should the need arise to change the usage or sharing of PII, the MOA and DUA will be updated and new agreements will be delivered to affected parties.

Individuals are given written notice.

Should the need arise to change the usage or sharing of PII, individuals will receive electronic notice on the PSO PPC Website as well as written notice.

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: No

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): No

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: 1. Technical controls include but are not limited to:

a. Passwords

b. Separation of duties

c. Data back up

d. Destruction of electronic information

e. Audit of events initiated by each individual user

f. Audit trails

2. Physical controls include but are not limited to:

a. Building access cards and ID badges

b. Security guards

c. CCTV

d. Back up media is stored offsite

e. Visitor process controls

f. Uninterruptible Power System (UPS)

g. Power to the data center is separate.

h. Locked shred bins

3. Administrative controls include but are not limited to:

a. Procedural safeguards

b. Security training and ongoing awareness programs

c. Access controls

d. Review of system activity logs

e. Background and reference checks

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Danielle Shostal

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Feb 10, 2009

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________

06.3 HHS PIA Summary for Posting (Form) / AHRQ Portal System

PIA SUMMARY AND APPROVAL COMBINED

PIA Summary

Is this a new PIA? No

If this is an existing PIA, please provide a reason for revision: PIA Validation

1. Date of this Submission: Nov 25, 2008

2. OPDIV Name: AHRQ

3. Unique Project Identifier (UPI) Number: N/A

4. Privacy Act System of Records (SOR) Number (If response to Q.21 is Yes, a SORN number is required for Q.4): N/A

5. OMB Information Collection Approval Number: N/A

6. Other Identifying Number(s): N/A

7. System Name (Align with system Item name): Portal System/(HIT) - AHRQ National Resource Center for Health Information Technology

9. System Point of Contact (POC). The System POC is the person to whom questions about the system and the responses to this PIA may be addressed: Steve Bernstein

10. Provide an overview of the system: Portal system is comprised of the Extranet web site, public web site, and a search function that are available from the Internet. The Extranet requires a username and password to log on. The public web site and search function are available to anyone on the web.

13. Indicate if the system is new or an existing one being modified: Existing

21. Is the system subject to the Privacy Act? (If response to Q.19 is Yes, response to Q.21 must be Yes and a SORN number is required for Q.4): No

23. If the system shares or discloses IIF please specify with whom and for what purpose(s): Does not share IIF

30. Please describe in detail: (1) the information the agency will collect, maintain, or disseminate; (2) why and for what purpose the agency will use the information; (3) in this description, explicitly indicate whether the information contains PII; and (4) whether submission of personal information is voluntary or mandatory: Three pieces of information are collected: first name, last name, and e-mail address, for the Extranet web site. These three pieces of information are used to generate a user id and password. A user may supply, if they elect to do so, a phone number and mailing address that is put into a profile that only that user and the administrator can see.

On the public web site a user may supply, if submitting a comment or suggestion, if the elect to do so, any of or none these three peices of IIF: first name, last name, or e-mail address.

The search function does not collect IIF.

(Note: Please describe in what format individuals will be given notice of consent [e.g., written notice, electronic notice, etc.]) On the Extranet web site community, a spreadsheet of IIF is compiled and a waiver must be signed to allow the use of IIF.

On the public web site the IIF is not shared. This IIF is only maintained long enough to respond to questions or suggestions submitted by the user.

If a change to the system were to occur, individuals would be contacted via email, and if necessary, telephone and/or formal letter to obtain consent.

32. Does the system host a website? (Note: If the system hosts a website, the Website Hosting Practices section is required to be completed regardless of the presence of PII): Yes

37. Does the website have any information or pages directed at children under the age of thirteen?: No

50. Are there policies or guidelines in place with regard to the retention and destruction of PII? (Refer to the C&A package and/or the Records Retention and Destruction section in SORN): Yes

54. Briefly describe in detail how the IIF will be secured on the system using administrative, technical, and physical controls.: Defense in depth strategy includes, but not limited too: access controls lists, badge reader controlled computer room, armed guards, firewalls, IDS, enterprise management, etc.

To enter the building an individual must present a photo ID to an armed guard. They must pass through a metal detector and send luggage through an x-ray machine. They must they use a simple key card to pass through an entryway, next to the guard's station, and use the elevator to leave the first floor. A closed-circuit television system monitors the parking lot, entries, and server room. Internal doors have cipher locks that require knowledge of the proper code to enter controlled access rooms. The server room also requires that non-authorized entrants must be accompanied by an authorized user and sign the log sheet for entry.

PIA Approval

PIA Reviewer Approval: Promote

PIA Reviewer Name: Tim Erny

Sr. Official for Privacy Approval: Promote

Sr. Official for Privacy Name: Tim Erny

Sign-off Date: Nov 25, 2008

Approved for Web Publishing: Yes

Date Published: September 1, 2009

_____________________________________________________________________________