Microsoft Word - Salesforce_PIA Summary



SalesforceCRMPrivacyImpactAssessment(PIA)



UNITEDSTATESAGENCYFORINTERNATIONALDEVELOPMENT

 

OfficeoftheChiefInformationOfficer(M/CIO)

InformationAssuranceDivision

AppO&MITIS/SalesforceCRM

ApprovedDate:May20,2015



AdditionalPrivacyComplianceDocumentationRequired:

☐None

☐SystemofRecordsNotice(SORN)

☐OpenDataPrivacyAnalysis(ODPA)

☐PrivacyActSection(e)(3)StatementorNotice(PANotice)

☐

USAIDWebSitePrivacyPolicy

☐PrivacyProtectionLanguageinContractsandOtherAcquisition‐RelatedDocuments

☐Role‐BasedPrivacyTrainingConfirmation



PossibleAdditionalComplianceDocumentationRequired:

☐USAIDFormsManagement.

ADS505

☐InformationCollectionRequest(ICR).ADS505,ADS506,andADS508PrivacyProgram

☐RecordsScheduleApprovedbytheNationalArchivesandRecordsAdministration.ADS502

 

SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



ii



TableofContents



1 Introduction.............................................................................................................................................1

2 Information..............................................................................................................................................1

2.1 ProgramandSystemInformation.......................................................................................1

2.2 InformationCollection,Use,Maintenance,and Dissemination .........................................3

3 PrivacyRisksandControls................................................................................................................6

3.1 AuthorityandPurpose(AP)................................................................................................6

3.2 Accountability,Audit,andRiskManagement(AR).............................................................7

3.3 DataQualityandIntegrity(DI)............................................................................................7

3.4 DataMinimizationand Retention(DM).............................................................................8

3.5 IndividualParticipationandRedress(IP)............................................................................9

3.7 Transparency(TR)...............................................................................................................9

3.8 UseLimitation(UL)...........................................................................................................

10

3.9 Third‐PartyWebSitesandApplications...........................................................................10



SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



1



1 Introduction

TheUSAIDPrivacyOfficeisusingthisPrivacyImpactAssessment(PIA)Templatetogatherinformation

fromprogrammanagers,systemowners,andinformationsystemsecurityofficersinordertoanalyze

USAIDinformationtechnologyandinformationcollections (systems)thatcollect,use,maintain,or

disseminatepersonallyidentifiableinf ormation(PII).See

ADS508PrivacyProgramSection503.3.5.2

PrivacyImpactAssessments.

2 Information



2.1 ProgramandSystemInformation



2.1.1 DescribethePROGRAManditsPURPOSE.

SalesforceCRMenablesanalysisand reportingthathelpsthepublicengagementteamdevelopstrategiesand

providestrategicsupporttoUSAID’smanyrelationshipsandinteractionswithoutsidegroups.Inaddition,data

willbeusedtoreporttotheAdministratorandFrontOfficeonthebreadthanddepthofengagement.Itwillbe



usedtocoordinaterelationshipmanagementandtrackengagementinformationbybureau,byissue,andbytype

ofpartnerforavarietyofpurposes.SalesforceCRMisaninvaluableresourceforAgencystaffasitprovidesone‐

clickaccesstofundinginformation,engagementhistory,andinformationmanagement.



2.1.2 DescribetheSYSTEManditsPURPOSE.

TherearetwoapplicationswithinSalesforceCRM:NGOPartnerOutreachandUSAIDPartnershipTracking.

CFBCI,LPA,OTS,BureaususeNGOPartnerOutreachasarepositoryforgrantdataandcountriesofoperationsfor

theirvariouspartnersandgrantees,thusmakingiteasierforUSAIDtotrackandreport.NGOPartnerOutreach



surroundsitselfaroundthe"Engagements"customobject,whichwascreatedforthepurposetrackingexternal

meetingswithUSAIDstakeholdersandpartnersoranyinternalmeetingsthatinvolvethesame.

USAIDPartnershipTrackingapplicationtracksthestatusofpartnershipactivitiesandservicesfortheCTPU.S.

GlobalDevelopmentLabandMobile

Solutionsdepartment.



2.1.3 WhatistheSYSTEMSTATUS?

☐NewSystemDevelopmentorProcurement

☐PilotProjectforNewSystemDevelopmentorProcurement

☒ExistingSystemBeingUpdated

☐ExistingInformationCollectionFormorSurvey

OMBControlNumber:

☐NewInformationCollectionFormorSurvey

☐RequestforDatasettobePublishedonanExternalWebsite

☐Other:

SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



2



2.1.4 WhattypesofINFORMATIONFORMATSareinvolvedwiththeprogram?

☐Physicalonly

☒Electroniconly

☐Physicalandelectroniccombined



2.1.5 Doesyourprogram participateinPUBLICENGAGEMENT?

☒No.

☐Yes:

☐InformationCollectionFormsorSurveys

☐ThirdPartyWebSiteorApplication

☐CollaborationTool



2.1.6 Whattypeofsystemand/orTECHNOLOGYisinvolved?

☐InfrastructureSystem(LocalAreaNetwork,WideAreaNetwork,GeneralSupportSystem,etc.)

☐Network

☒Database

☐Software

☐Hardware

☐MobileApplicationorPlatform

☐MobileDeviceHardware(cameras,microphones,etc.)

☐QuickResponse(QR)Code(matrixgeometricbarcodesscannedbymobiledevices)

☐WirelessNetwork

☐SocialMedia

☐WebSiteorApplicationUsedforCollaborationwiththePublic

☐AdvertisingPlatform

☒WebsiteorWebserver

☒WebApplication

☒Third‐PartyWebsiteorApplication

☐Geotagging(locationaldataembeddedinphotosandvideos)

☐NearFieldCommunications(NFC)(wirelesscommunicationwheremobiledevicesconnectwithoutcontact)

☐AugmentedRealityDevices(wearablecomputers,suchasglassesormobiledevices,thataugmentperception)

SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



3

2.1.6 Whattypeofsystemand/orTECHNOLOGYisinvolved?

☐FacialRecognition

☐IdentityAuthenticationandManagement

☐SmartGrid

☐BiometricDevices

☐BringYourOwnDevice(BYOD)

☐Remote,SharedDataStorageandProcessing(cloudcomputingservices)

☐Other:

☐None



2.1.7 Aboutwhattypesofpeopledoyoucollect,use,maintain,ordisseminate

personalinformation?

☐CitizensoftheUnitedStates

☐AlienslawfullyadmittedtotheUnitedStatesforpermanentresidence

☐USAIDemployeesandpersonalservicescontractors

☐EmployeesofUSAIDcontractorsand/orservicesproviders

☐Aliens

☐BusinessOwnersorExecutives

☐Others:

☒None



2.2 InformationCollection,Use,Maintenance,andDissemination



2.2.1 Whattypesofpersonalinformationdoyoucollect,use,maintain,or

disseminate?

☒Name,FormerName,orAlias

☐Mother’sMaidenName

☐SocialSecurityNumberorTruncatedSSN

☐DateofBirth

☐PlaceofBirth

☐HomeAddress

SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



4

2.2.1 Whattypesofpersonalinformationdoyoucollect,use,maintain,or

disseminate?

☐HomePhoneNumber

☐PersonalCellPhoneNumber

☐PersonalE‐MailAddress

☒WorkPhoneNumber

☒WorkE‐MailAddress

☐Driver’sLicenseNumber

☐PassportNumberorGreenCardNumber

☐EmployeeNumberorOtherEmployeeIdentifier

☐TaxIdentificationNumber

☐CreditCardNumberorOtherFinancialAccountNumber

☐PatientIdentificationNumber

☐EmploymentorSalaryRecord

☐MedicalRecord

☐CriminalRecord

☐MilitaryRecord

☐FinancialRecord

☐EducationRecord

☐BiometricRecord(signature,fingerprint,photo,voiceprint,physicalmovement,DNAmarker,retinalscan,etc.)

☐SexorGender

☐Age

☐OtherPhysicalCharacteristic(eyecolor,haircolor,height,tattoo)

☐SexualOrientation

☐MaritalstatusorFamilyInformation

☐RaceorEthnicity

☐Religion

☐Citizenship

☐Other:

☐NoPIIiscollected,used,maintained,ordisseminated

SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



5



2.2.2 Whattypesofdigitalormobiledatadoyoucollect,use,maintain,or

disseminate?

☐LogData(IPaddress,time,date,referrersite,browsertype)

☐TrackingData(single‐ormulti‐sessioncookies,beacons)

☐FormData

☐UserNames

☐Passwords

☐UniqueDeviceIdentifier

☐LocationorGPSData

☐CameraControls(photo,video,videoconference)

☐MicrophoneControls

☐OtherHardwareorSoftwareControls

☐PhotoData

☐AudioorSoundData

☐OtherDeviceSensorControlsorData

☐On/OffStatusandControls

☐CellTowerRecords(logs,userlocation,time,date)

☐DataCollectedbyApps(itemize)

☐ContactListandDirectories

☐BiometricDataorRelatedData

☐SDCardorOtherStoredData

☐NetworkStatus

☐NetworkCommunicationsData

☐DeviceSettingsorPreferences(security,sharing,status)

☐Other:

☒None



SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



6

2.2.4 Whoownsand/orcontrolsthesysteminvolved?

☒USAIDOffice:

☐AnotherFederalAgency:

☐Contractor:

☒CloudComputingServicesProvider:

☐Third‐PartyWebsiteorApplicationServicesProvider:

☐MobileServicesProvider:

☐DigitalCollaborationToolsorServicesProvider:

☐Other:



3 PrivacyRisksandControls

3.1 AuthorityandPurpose(AP)



3.1.1 WhatarethestatutesorotherLEGALAUTHORITIESthatpermityoutocollect,

use,maintain,ordisseminatepersonalinformation?



3.1.2 WhyisthePIIcollectedandhowdoyouuseit?

WithinSalesforceCRMaNGOPartnerOutreachoraUSAIDPartnershipTrackingusermaycollectcontact

informationfrominternalorexternalpartnersorUSAlDstakeholdersthatwouldotherwisebecategorizedas

"sensitivebutunclassified.”Thisincludesstatusessuchas"CEOorVP"ofexternalbusinesses.Thecontact

informationiscollected

totrackpointsofcontactforvariouspartneractivitiesorstatusesandalsoobtainreports

onmeetingsthataretrackedbytheFrontOffice.BureaussuchasLPAmaycollectPlldatatocompilemailinglists

tolatersendinvitesforUSAIDeventsandcollecttheresultsofthosewho

attended.

USAIDPartnershipTrackingusersmaycollectPllinformationofstaffrequeststhataremadetosupportamission

activity,suchastraining.Also,contactinformationforpointofcontactsofthosewithinthemissionsor

participatingpartnerstousewhenneeded.



3.1.3 HowwillyouidentifyandevaluateanypossiblenewusesofthePII?

NewusesforPIIinformationwillbeevaluatedateachbureaulevel.



SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



7

3.2 Accountability,Audit,andRiskManagement(AR)



3.2.1 Doyouuseanydatacollectionformsorsurveys?

☐No:

☒Yes:

☐FormorSurvey(Pleaseattach)

☐OMBNumber,ifapplicable:

☐PrivacyActStatement(PleaseprovidelinkorattachPAStatement)



3.2.3 Whoownsand/orcontrolsthepersonalinformation?

☒USAIDOffice:

☐

AnotherFederalAgency:

☐Contractor:

☐CloudComputingServicesProvider:

☐Third‐PartyWebServicesProvider:

☐MobileServicesProvider:

☐DigitalCollaborationToolsorServicesProvider:

☐Other:



3.2.8 DoyoucollectPIIforanexclusivelystatisticalpurpose?Ifyoudo,howdoyou

ensurethatthePIIisnotdisclosedorusedinappropriately?

☒No.

☐Yes:



3.3 DataQualityandIntegrity(DI)



3.3.1 HowdoyouensurethatyoucollectPIItothegreatestextentpossibledirectly

fromthesubjectindividual?

EachSalesforceuserisresponsibleforupdatingandmaintainingtheirdatatothehighestextent.Userprofilesand

groupshavebeencreatedtocontroltheaccessandinformationthatisbeinginputtedbyeachindividual.Onlythe

systemadministratorhasaccesstoalldataandsettings.

SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



8



3.3.2 Howdoyouensure,tothegreatestextentpossible,thatthePIIisaccurate,

relevant,timely,andcompleteatthetimeofcollection?

EachSalesforceuserisresponsibleforupdatingandmaintainingtheirdataascurrentaspossible.TheSalesforce

systemadministratorperformsdatacheckandsystemcleanuponamonthlybasis.TheSalesforcesystem

administratoralsomonitorsthesystemhealthcheckandsystemstatusattrust.salesforce.com.



3.3.3 Howdoyoucheckfor,andcorrectasnecessary,anyinaccurateoroutdatedPII

inthesystem?

TheSalesforcesystemadministrator willworkwitheachbureaupointofcontacttoimporttheircontact

informationandcollectupdatesviadataloader.



3.4 DataMinimizationandRetention(DM)



3.4.1 WhatistheminimumPIIrelevantandnecessarytoaccomplishthelegal

purposeoftheprogram?

SalesforceCRMmaycollect contactinformation such as first name, last name, work address,workemail address o

ranyphonenumbersassociatedwiththeindividual.Thisinformationisneededtocommunicatewithpartnersand

USAIDStakeholdersthatperformpaitneractivitiesandtocapturemeetinginformation.Surveydatamayaldobec

ollectedtoanalyzepotentialcustomersand

pattnershipswithUSAID.IfthiscontactinformationisnotaccessibleU

SAIDmaynotbeabletotrackpointsofcontactandreachouttoit'scustomersorpartners.



3.4.3 Doesthesystemderivenewdataorcreatepreviouslyunavailabledataabout

anindividualthroughaggregationorderivationoftheinformationcollected?

IsthePIIrelevantandnecessarytothespecifiedpurposesandhowisit

maintained?

☐No.

☒Yes:



3.4.4 Whattypesofreportsaboutindividualscanyouproducefromthesystem?

Salesforceusersareabletogenerateandcreatereportsbytypesuchastabularreport,summaryreport, ormatrix

report.Usersareabletoanalyzethedataandcontrolaccess.



3.4.6 Doesthesystemmonitorortrackindividuals?

(IfyouchooseYes,pleaseexplainthemonitoringcapability.)

☒No.

☐Yes:



SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



9

3.5 IndividualParticipationandRedress(IP)



3.5.1 Doyoucontactindividualstoallowthemtoconsenttoyourcollectionand

sharingofPII?

CollectionofPIIinformationisvoluntaryandcollectedthroughsurveys,RSVPs,research,ormeetingswithpartners

orprospectivecustomers.



3.5.2 Whatmechanismdoyouprovideforanindividualtogainaccesstoand/orto

amendthePIIpertainingtothatindividual?

Salesforceusermustbearegistereduserinordertoaccessdatainthesystem.



3.5.3 IfyoursysteminvolvescloudcomputingservicesandthePIIislocatedoutside

ofUSAID,howdoyouensurethatthePIIwillbeavailabletoindividualswho

requestaccesstoandamendmentoftheirPII?

ThereisnodatacollectedoutsideofUSAID.



3.7 Transparency(TR)



3.7.1 Doyouretrieveinformationbypersonalidentifiers,suchasnameornumber?

(IfyouchooseYes,pleaseprovidethetypesofpersonalidentifiersthatareused.)

☒No.

☐Yes:



3.7.2 Howdoyouprovidenoticetoindividualsregarding?

1)TheauthoritytocollectPII:

2)TheprincipalpurposesforwhichthePIIwillbeused:

3)TheroutineusesofthePII:

4)Theeffectsontheindividual,ifany,ofnotprovidingalloranypartofthePII:



SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



10

3.7.3 IsthereaPrivacyActSystemofRecordsNotice(SORN)thatcoversthis

system?

☒No

☐Yes:



3.7.4 Ifyoursysteminvolvescloudcomputingservices,howdoyouensurethatyou

knowthelocationofthePIIandthattheSORNSystemLocation(s)section

providesappropriatenoticeofthePIIlocation?

Salesforce.comdoesnothaveaccesstoNA21instance.Salesforcemustrequestaccesstothesystem.



3.8 UseLimitation(UL)



3.8.1 WhohasaccesstothePIIatUSAID?

TherearethirtySalesforceusersthatcanaccessthesystem.FourteenfromCTPbureau,sevenfromCFBCI,five

fromLPA,threefromM/CIO.Eachbureauhasaspecificprofilethatisassignedtoitallowingaccesstothat

bureau’sdata.OncetheSalesforceuseracquiresauserlicenseandisregistered,

theuserwillbeabletoaccess

datathatisallowedfortheuser’sspecificgroup.



3.8.3 WithwhomdoyousharethePIIoutsideofUSAID?Andwhether(andhow,if

applicable)youwillbeusingthesystemorrelatedwebsiteorapplicationto

engagewiththepublic?

SalesforceCRMneithersharesinformationoutsideofUSAIDnordoesitengagethepublicinanyway.



3.8.4 DoyousharePIIoutsideofUSAID?

Ifso,howdoyouensuretheprotectionofthePII1)asitmovesfromUSAIDto

theoutsideentityand2)whenitisused,maintained,ordisseminatedbythe

outsideentity?

☒No.

☐Yes:



3.9 Third‐PartyWebSitesandApplications



3.9.1 WhatPIIcouldbemadeavailable(eventhoughnotrequested)toUSAIDorits

contractorsandserviceproviderswhenengagingwiththepublic?

SalesforceCRMneithersharesinformationoutsideofUSAIDnordoesitengagethepublicinanyway.



SalesforcePrivacyImpactAssessment

DateApproved:May20,2015



11



AppendixA. LinksandArtifacts

PrivacyComplianceDocumentsorLinks

A.1

☐None.TherearenodocumentsorlinksthatIneedtoprovide.

☐PrivacyThresholdAnalysis(PTA)

☐PrivacyImpactAssessment(PIA)

☐SystemofRecordsNotice(SORN)

☐OpenDataPrivacyAnalysisforPostingDatasetstothePublic(ODPA)

☐DataCollectionFormsorSurveys

☐PrivacyActSection(e)(3)StatementsorNotices

☐USAIDWebSitePrivacyPolicy

☐PrivacyPolicyofThird‐PartyWebSiteorApplication

☐PrivacyProtectionLanguageinContractsandOtherAcquisition‐RelatedDocuments

