This Statement of Privacy, provided pursuant to the Privacy Act of 1974, 5 U.S.C. § 552a, applies to the FAA BasicMed online medical course and governs data collection and usage. By transmitting information using this process, you consent to the data practices described in this statement.
The information entered by a user into the BasicMed course is solicited under the authority of the FAA Extension, Safety, and Security Act of 2016, Pub. L. No. 114-190 (2016); Title 49, United States Code (U.S.C.) (Transportation) sections 106, 40113(a) and 4470144703, formerly codified in the Federal Aviation Act of 1958, as amended; and Title 14, Code of Federal Regulations (CFR), part 68, Requirements for Operating Certain Small Aircraft Without a Medical Certificate.
The information system supporting BasicMed collects personally identifiable information, such as your email address, name, address, and telephone number.
The FAA collects your personal information to identify you as a BasicMed participant in your airman record.
Except for your date of birth (DOB) and email address, submission of this information is mandatory to exercise pilot privileges under BasicMed. Incomplete submission will result in delay of eligibility to exercise pilot privileges under BasicMed. Other than the optional information requested, the purpose of the information is to establish that you meet Federal Aviation Administration (FAA) requirements to operate under BasicMed. Submission of your DOB or email is not required by law and is voluntary. Refusal to furnish DOB or email will not result in the denial of any right, benefit, or privilege provided by law. Your DOB and email is solicited to assist in performing the agency's functions under 49 U.S.C. (Transportation). If supplied, it may be used by the FAA to associate all information in agency files relating to you.
The information becomes part of the FAA Privacy Act system of records, DOT/FAA847, Aviation Records on Individuals, as published in the Federal Register at 75 FR 68849 (Nov. 9, 2010), also available at https://www.gpo.gov/fdsys/pkg/FR-2010-11-09/pdf/2010-28237.pdf. These records and information in these records may be disclosed in accordance with the routine uses that appear in DOT/FAA-847, which include the following: (a) to provide basic airman certification and qualification information to the public upon request; (b) to disclose information to the National Transportation Safety Board (NTSB) in connection with its investigation responsibilities; (c) to provide information about airmen to Federal, state, and local law enforcement agencies when engaged in the investigation and apprehension of drug law violators; (d) to provide information about enforcement actions arising out of violations of the Federal Aviation Regulations to government agencies, the aviation industry, and the public upon request; (e) to disclose information to another Federal agency, or to a court or an administrative tribunal, when the Government or one of its agencies is a party to a judicial proceeding before the court or involved in administrative proceedings before the tribunal; (f) to disclose information to other Federal agencies for verification of the accuracy or completeness of the information; and (g) to comply with the Prefatory Statement of General Routine Uses for the Department of Transportation.
By consenting to the required NDR check under BasicMed, you permit the FAA to request information, if any, pertaining to your driving record from the National Driver Register (NDR). The FAA will verify the NDR information it receives with the state of record. You have the right to request an NDR file check to determine if it contains any information and, if so, the accuracy of such information. Notarized requests may be sent to: DOT/NHTSA/NTS32, 400 7th Street, S.W., Washington, DC 205900001, and must contain your complete name and date of birth. Other information about height, weight, and eye color will ensure correct positive identification.
Properly securing the information we collect online is a primary commitment. To help us do this, the FAA takes the following steps, once data is submitted to it, to: (a) employ internal access controls to ensure the only people who see your information are those with a need to do so to perform their official duties; (b) train relevant personnel on our privacy and security measures to know requirements for compliance; (c) secure the areas where we hold hard copies of information we collect online; (d) perform regular backups of the information we collect online to insure against loss; (e) use technical controls to secure the information we collect online, including but not limited to Secure Socket Layer (SSL), encryption, firewalls, and password protections; (f) periodically test our security procedures to ensure personnel and technical compliance; (g) employ external access safeguards to identify and prevent unauthorized attempts of outsiders to hack into, or cause harm to, the information in our systems. Tampering with FAA's website is against the law. Depending on the offense, it is punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act. General Aviation stakeholder groups providing a BasicMed online course have entered into agreements with the FAA to take identical steps to protect your information while your data is in their possession.
The FAA will occasionally update this Statement of Privacy to reflect FAA and customer feedback. The FAA encourages you to periodically review this statement to be informed of how the FAA is protecting your information.