Fill - Free fillable Privacy Certificate Guidelines (U.S. Department of Justice, Office of Justice Prograns) PDF form

Privacy Certificate Guidelines

OJP policy requires that all grantees receiving funds to conduct research or statistical activities that involve

collecting data identifiable to a private person submit a Privacy Certificate in accordance with the

requirements of 28 CFR Part 22.

To determine if these regulations apply to a particular project, the applicant/grantee should answer the follow-

ing two questions. First, is the project a research or statistical project as defined in 28 CFR § 22.2? Second,

does the project involve collecting information identifiable to a private person as defined in 28 CFR § 22.2?

If the answer to both of these questions is yes, then a Privacy Certificate is required.

Projects will typically fall into one of three categories:

Category 1: The project does not involve any research or

statistical activities.

Category 2: The project involves research and/or statistical activities but does not involve the collection of

information identifiable to private persons.

Category 3: The project involves research and/or statistical activities and involves the collection of informa-

tion identifiable to private persons.

Applicants/grantees whose projects fall into categories 1 and 2 do not need to prepare a Privacy Certificate in

accordance with the regulations. However,

applicants/grantees should submit a brief description of the project

(one or two paragraphs) demonstrating that a Privacy Certificate is not required. For example, the project

description for a project in category 1 would describe the type of activities involved (e.g., demonstration pro-

gram, training and technical assistance) and contain a statement to the effect that no research or statistical

activities will be conducted as part of this project. Similarly, the project description for a

project in category 2

would contain a very brief description of the research/statistical activities to be conducted and the type(s) of

data being collected or used in the project and would assert that no information identifiable to a private person

is being collected. Applicants/grantees whose projects fall into category 3 will need to submit a Privacy Cer-

tificate in compliance with 28 CFR Part 22.

The attached documents have been created to assist OJJDP applicants/grantees in preparing a Privacy Certifi-

cate. The Privacy Certificate should include a face sheet with general project information and assurances and

an attachment detailing procedures for protecting the confidentiality of data identifiable to private persons.

The face sheet must be signed by the Principal Investigator(s) and the Authorized Institutional Representative

from the institution or organization conducting the project (with the name and title typed under each signature).

The Privacy Certificate submitted to OJJDP should contain original signatures submited via hard copy

and scan or completed with the applicable e-signatures. Please note that each section must be completed for

the Privacy Certificate to be approved. The applicable section(s) of 28 CFR Part 22 are noted in brackets for

reference purposes. Guidelines for completing each section are provided in italics.

If you do not have an electronic signature and would still like to sign this document electornically, select Tools in the

Show or Hide Panels in the upper right hand corner of this PDF. Click on the "Sign and Certity" ribbon and elect the

"Apply Ink Signature" option.

If you have a

ny questions about preparing a Privacy Certificate, please contact your OJJDP grant manager.

Office of Juvenile Justice and Delinquency Prevention

Privacy Certificate Face Sheet

Title of Project: __________________________________________________________________________

Applicant/Grantee: ________________________________________________________________________

Address: ________________________________________________________________________________

________________________________________________________________________________________

Principal Investigator(s): ____________________________________________________________________

In accordance with 28 CFR Part 22,

the applicant/grantee agrees to provide administrative and physical securi-

ty of identifiable data and to preserve the anonymity of private persons participating in this project. Further,

the applicant/grantee assures that any data identifiable to a private person will not be used or revealed, except

as authorized by 28 CFR §§ 22.21 and 22.22.

Project personnel, including subcontractors, have been or will be advised of these procedures and are required

to agree,

in writing, to comply with all established procedures to safeguard privacy and confidentiality.

In order to comply with the regulations, the applicant/grantee

has attached a document containing all required

elements of a privacy certificate as provided in 28 CFR Part 22.

Signature(s): __________________________________________ Date: ____________________________

__________________________________________ Date: ____________________________

Office of Juvenile Justice and Delinquency Prevention

Principal Investigator

Authorized Institutional Representative

PLEASE NOTE:

Two Signatures are required to validate this document. The Principal Investigator (PI) and the Authorized

Institutional Representative are required to sign above. Failure to provide both signatures will delay the award

process and your ability to draw funds.

click to sign

signature

click to edit

click to sign

signature

click to edit

Privacy Certificate

Brief description of the project: {§ 22.23(b)}

Please provide a one- or two-paragraph description of the overall project, similar to an abstract of

the project. The description should include the type(s) of data to be used in the project.

Office of Juvenile Justice and Delinquency Prevention

Procedures to notify participants, as required by 28 CFR § 22.23(b)(4), or, if notification is to be waived,

pursuant to 28 CFR § 22.27(c), justification for waiver: {§ 22.27}

Please note that many projects involving the collection of data identifiable to a private person also

fall under DOJ human subjects regulations at 28 CFR Part 46. Projects involving human subjects

are required to obtain informed consent in accordance with the human subjects regulations. If you

have any question about whether your project involves human subjects,

please consult with OJJDP

or with your institution’s Institutional Review Board (IRB).

If your project does not involve human subjects as defined in 28 CFR Part 46, then you are only

required to notify participants, either orally or in writing, that the information obtained from them

will be used strictly for research or statistical purposes and that their participation is voluntary, as

required by 28 CFR § 22.27.

This section should include information on informed consent or notification procedures as appro-

priate for your project. $GGLWLRQDOVSDFHSURYLGHGRQWKHEODQNSDJHVDWWKHHQGRIWKLVGRFXPHQW

(Additional space provided on the blank pages at the end of this document.)

Procedures for storing and securing the data: {§ 22.23(b)(5), § 22.23(b)(7)}

Describe the procedures that will be put in place to ensure administrative and physical security of

identifiable data and to preserve anonymity of private persons to whom information relates (e.g.,

hard copies of data will be stored in a locked file cabinet with limited access to cabinet key,

proce-

dures for protecting computer data files with identifying information, and so on).

Disposition of data will occur in the following manner: {§ 22.23(c), § 22.25}

Describe how confidentiality of identifiable data will be protected upon completion of the project.

Office of Juvenile Justice and Delinquency Prevention

Assurance that the anonymity of private persons will be protected: {§ 22.23(b)(8), § 22.22}

Provide assurance that project findings and reports prepared for dissemination will not contain

information that can reasonably be expected to be identifiable to a private person except as au-

thorized under 28 CFR § 22.22. If the project will result in the public release of statistical tables or

microdata files, please provide assurance that appropriate measures will be taken to minimize the

risk of disclosing confidential information about identifiable persons. It is not necessary to identify

the precise measures that will be used. The applicant/grantee simply needs to assure OJJDP that

before any statistical tables or microdata files are released to the public, the applicant/grantee will

examine the tables and/or files for potential disclosure problems and take steps to prevent such

disclosure.

Reference for further information on disclosure issues: Federal Committee on Statistical Method-

ology. 1994. Statistical Policy Working Paper 22: Report on Statistical Disclosure Limitation

Methodology. Washington, DC: Office of Management and Budget. www.fcsm.gov/working-

papers/wp22.html. $GGLWLRQDOVSDFHSURYLGHGRQWKHEODQNSDJHVDWWKHHQGRIWKLVGRFXPHQW

Office of Juvenile Justice and Delinquency Prevention

(Additional space provided on the blank pages at the end of this document.)

Access to data in identifiable form is limited to the following individuals: {§ 22.23(b)(2)}

Principal Investigator(s):

Project Staff:

Subcontractors:

Please provide name, address, phone number, and organizational affiliation for each of the above-

mentioned individuals. If project staff and/or subcontractors have not been determined, please

provide as much detail as possible about personnel (e.g., two research assistants) who will have

access to data with identifying information on individuals.

Information Transfer Agreements: {§ 22.23(b)(6), § 22.24, § 22.26}

The regulations require that prior to the transfer of identifiable data to persons other than project

staff and OJP staff, the persons receiving the data must enter into an Information Transfer Agree-

ment. Please indicate how the transfer of identifiable data will be handled in compliance with 28

CFR § 22.24 and § 22.26. In addition, please assure that a log will be maintained of all transfers

of identifiable data in accordance with § 22.23(b)(6).

Office of Juvenile Justice and Delinquency Prevention

Identify any conditions that would require waiving an element of the Privacy Certificate and explain:

Office of Juvenile Justice and Delinquency Prevention

Additional space provided below. Please reference the regulation in which this supplement text corresponds.

Office of Juvenile Justice and Delinquency Prevention

Additional space provided below. Please reference the regulation in which this supplement text corresponds.

Download
Save PDF to desktop

Email
Email completed PDF

Send for Signing
Email for others to sign

Print
Print document

NAME

Privacy Certificate Guidelines (U.S. Department of Justice, Office of Justice Prograns)

View Audit Log
Print With Audit Log
Duplicate Document

Fill Online, Printable, Fillable, Blank Privacy Certificate Guidelines (U.S. Department of Justice, Office of Justice Prograns) Form

Related forms

Fillable Privacy Certificate Guidelines (U.S. Department of Justice, Office of Justice Prograns)

Fill Online, Printable, Fillable, Blank Privacy Certificate Guidelines (U.S. Department of Justice, Office of Justice Prograns) Form

Related forms

First 20 documents completely FREE!