FSA logo US Department of Education - FSAdownload software and documentation
Skip navigation link Search:     Information for Financial Aid Professionals | Help Center | Feedback | Privacy| About Us
 
Site Navigation
Home
Site Map
Software
References
Privacy Act
Help
Related Services
FSA Enrollment (SAIG Mailbox)
Subscribe to the FSATECH Listserv to join our on-line discussion of systems issues.
Other Web Sites for FSA Student Data
FAA Access to CPS Online
E-Campus Based/FISAP
COD (separate enrollment required)
NSLDS for FAAs (separate enrollment required)
Other Dept. of ED Links
 
 

PRIVACY POLICY AND PRIVACY IMPACT ASSESSMENT For
The FSAdownload Website

Thank you for visiting the FSAdownload website and reviewing our privacy policy. We do not collect any personal information about you on this website, but we do collect non-personal information about your visit.

1. What is the FSAdownload Website and Its Principal Purpose?
The FSAdownload Website (also called the "Website" in this assessment) is a product of Federal Student Aid (FSA) of the U.S. Department of Education (ED). FSAdownload is the Internet location where we post announcements; software and associated documents; and technical references and guides about ED's student financial aid products for financial aid administrators (FAAs) to download.

You can visit the Website at: www.FSAdownload.ed.gov.

2. What Information is Being Collected on the FSAdownload Website and How Is It Used?
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data. Instead of collecting privacy protected information, the Website is a repository of announcements, software, and other written reference materials which can be reviewed or downloaded to the FAA's personal computer.

Non-personal Information We Record - (Use of Cookies)
No cookies (small text files that generally are placed on your hard drive whenever you access a given domain) or other tracking technology are used on the Website.

If you do nothing during your visit but browse through the Website, read pages, or download information, our Website's operating system will automatically record some general information about your visit.

During your visit, our web operating system will record:

  • The Internet domain for your Internet service, such as "xcompany.com" or "xcompany.net" if you use a private Internet access account, or "yourinstitution.edu" if you connect from a college or university domain;
  • The type of browser (such as "Netscape version x" or "Internet Explorer version x") that you are using;
  • The type of operating system that you use (such as Macintosh, Unix, or Windows);
  • The date and time you visit our site, and the web pages that you visit on our site;
  • The address of the previous website you were visiting, if you reached our Website through a link from another website rather than reaching our Website directly.

Personal information that could identify the user is not collected on this Website.

Security and Intrusion Detection
To maintain system security and to make sure the information that we provide on this Website remains available to all users, we use special software programs for monitoring network traffic to identify unauthorized attempts by users to change information in our system, or to otherwise cause damage to this government computer system. The security and intrusion detection programs do not collect personally identifiable information, but they do collect information that could help us identify someone attempting to tamper with this Website.

Except for authorized law enforcement investigations, we make no other attempts to identify individual users or their usage habits. We only use raw monitoring data logs for determining trends in usage patterns and for diagnosing system problems.

Links to Other Sites
Our policy discloses the privacy practices for the FSAdownload Website. Our Website provides links to other websites. When you leave FSAdownload, you will be going to other sites that are beyond our control. These other sites may send their own cookies to users, collect data, or solicit personal information. The privacy policies and procedures described here for FSAdownload will not apply to any external links. We encourage you to read the privacy policies of any site you link to from ours, especially before you share any personal information. Be informed. You are the person best qualified to protect your own privacy.

3. FSA Authority for the Collection of SSN and Other Privacy Protected Information for the FSAdownload Website.
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data.

4. Rights Under the Privacy Act or Other Applicable Law.
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data. No personal data is being disclosed to any other system or entity.

5. Voluntary Collection of SSN and Other Privacy Protected Information.
FSAdownload does not collect privacy protected information on a voluntary basis or otherwise.

6. What If I Choose Not to Use "FSAdownload"?
Use of FSAdownload is strictly voluntary, but the information and software posted on FSAdownload may not be available from another source or in another format.

7. Security
The completion of system security plans is a requirement of the Office of Management and Budget (OMB) Circular A-130, "Management of Federal Information Resources," Appendix III, "Security of Federal Automated Information Resources," and Public Law 100-235, "Computer Security Act of 1987." The Central Processing System's (CPS) security plan, which includes the FSAdownload Website, demonstrates the Website's compliance with the Information Technology (IT) requirements mandated by Federal law and policy. The security plan contains details regarding the Risk Assessment conducted for the Website, as well as the security controls (hardware/software/facilities/personnel) in place to mitigate any identified risks to the information collected on the Website. Management, operational, and technical security controls are in place for the Website, encompassing personnel, physical environment access, contingency plans, disaster recovery, and identification and authentication procedures. The Website is currently in the operations/maintenance phase of the life cycle. As such, the following functions are being performed: security operations and administration, operational assurance, audits, and monitoring. The System Security Officer (SSO) for the Website is Mal Chernow, Management and Program Analyst, (202) 377-3351.

INTRODUCTION TO PRIVACY IMPACT ASSESSMENT

Section 208 of the E-Government Act of 2002 (P.L. 107-347) requires FSA to complete a Privacy Impact Assessment (PIA) for each system that collects information from the public through the Internet.
During the Definition Phase of the FSA Solution Lifecycle, the SSO ensures that the team completes the attached PIA Questionnaire, has it reviewed by the Chief Information Officer or equivalent official, and files the completed form in the system's Security Notebook as part of the system's documentation. This PIA must also be made available to the public.

Privacy Impact Assessment Questionnaire
System Name: The FSAdownload Website
System Owner: William Leith
Privacy Impact Assessment Questionnaire Author: Marya Dennis
Date: [fill-in]

Officials and organizational components involved in the analysis and review of the Privacy Impact Assessment included the following: Department of Education (ED), Federal Student Aid (FSA), FSA CIO, and the SSO for the FSAdownload Website.

1. What Privacy Protected Information Will Be Collected For The System?
No information is collected on the Website that either directly identifies an individual user of the Website (i.e. Social Security Number, name, address or other identifying number or code, telephone number, or e-mail address) or that is intended to be used to identify a specific user of the Website in conjunction with any other data.

Non-personal Information We Record - (Use of Cookies)
No cookies (small text files that generally are placed on your hard drive whenever you access a given domain) or other tracking technology are used on the Website.
If you do nothing during your visit but browse through the Website, read pages, or download information, our Website's operating system will automatically record some general information about your visit.

During your visit, our web operating system will record:

  • The Internet domain for your Internet service, such as "xcompany.com" or "xcompany.net" if you use a private Internet access account, or "yourinstitution.edu" if you connect from a college or university domain;
  • The type of browser (such as "Netscape version x" or "Internet Explorer version x") that you are using;
  • The type of operating system that you use (such as Macintosh, Unix, or Windows);
  • The date and time you visit our site, and the web pages that you visit on our site;
  • The address of the previous website you were visiting, if you reached our Website through a link from another website rather than reaching our Website directly.

Personal information that could identify the user is not collected on this Website.

Security and Intrusion Detection
For security purposes and to make sure this service remains available to all users, we use special software programs for monitoring network traffic to identify unauthorized attempts to upload or change information, or to otherwise cause damage to this government computer system. These programs collect no personally identifiable information, but they do collect information that could help us identify someone attempting to tamper with the Website.

Except for authorized law enforcement investigations, we make no other attempts to identify individual users or their usage habits. We only use raw monitoring data logs for determining trends in usage patterns and in diagnosing system problems.

Links to Other Sites
Our policy discloses the privacy practices for the FSAdownload Website. But, the Website provides links to other websites. When you leave the Website, you will be going to sites that are beyond our control. We try to ensure that links that leave our site are clearly labeled. These other sites may send their own cookies to users, collect data, or solicit personal information. The privacy policies and procedures described here for FSAdownload will not apply to any external links. We encourage you to read the privacy policies of any site you link to from ours, especially if you share any personal information. Be informed. You are the person best qualified to protect your own privacy.

The user is not identified in the collection of non-personal information.


2. Why is Privacy Protected Information Being Collected?
No information is collected on the Website that either directly identifies an individual user
of the Website (i.e. Social Security Number, name, address or other identifying number or
code, telephone number, or e-mail address) or that is intended to be used to identify a
specific user of the Website in conjunction with any other data.

3. How Will FSA Use Any Privacy Protected Information Provided?
No information is collected on the Website that either directly identifies an individual
website user (i.e. Social Security Number, name, address or other identifying number or
code, telephone number, or e-mail address) or that is intended to be used to identify a
specific user of the Website in conjunction with any other data.

4. Will Any Privacy Protected Information Collected On This Website Be Shared With
Any Other Agency or Entity?

No information is collected on the Website that either directly identifies an individual user
of the Website (i.e. Social Security Number, name, address or other identifying number or
code, telephone number, or e-mail address) or that is intended to be used to identify a
specific user of the Website in conjunction with any other data.

5. Describe The Notice or Opportunities For Consent That Would Be or Are Provided To Individuals About Privacy Protected Information That Is Collected And How That Information Is Shared With Other Organizations.
The Website is a government agency website that financial aid administrators from participating institutions of higher education access. Since no privacy protected information is collected on the Website, notice or opportunities for consent are not required.

6. How Will The Information Be Secured?
The completion of system security plans is a requirement of the Office of Management and Budget (OMB) Circular A-130, "Management of Federal Information Resources," Appendix III, "Security of Federal Automated Information Resources," and Public Law 100-235, "Computer Security Act of 1987." The CPS's security plan, which includes the FSAdownload Website, demonstrates the Website's compliance with the Information Technology (IT) requirements mandated by Federal law and policy. The security plan contains details regarding the Risk Assessment conducted for the Website, as well as the security controls (hardware/software/facilities/personnel) in place to mitigate any identified risks to the information collected on the Website. Management, operational, and technical security controls are in place for the Website. Those controls encompassing personnel, physical environment access, contingency plans, disaster recovery, and identification and authentication procedures. The Website is currently in the operations/maintenance phase of the life cycle. As such, the following functions are being performed: security operations and administration, operational assurance, audits, and monitoring. The SSO for the Website is Mal Chernow, Management and Program Analyst, (202) 377-3351.

7. Is A System Of Records Being Created Or Updated With The Collection Of This
Information?

No. It is not necessary because no information is collected on the Website that either
directly identifies an individual user of the Website (i.e. Social Security Number, name,
address or other identifying number or code, telephone number, or e-mail address) or that
is intended to be used to identify a specific user of the Website in conjunction with any
other data.

8. List The Web Addresses (Known or Planned) That Will Have A Privacy Policy
http://FSAdownload.ed.gov.
 
    This page was last modified on 03/30/2015