Privacy Act of 1974; Report of a New System of Records, 57602-57607 [05-19676]
Download as PDF
<![CDATA[
57602
Federal Register / Vol. 70, No. 190 / Monday, October 3, 2005 / Notices
following class of employees as an
addition to the SEC:
following class of employees as an
addition to the SEC:
Department of Energy (DOE) employees or
DOE contractor or subcontractor employees
who worked as radiographers from May 1948
to March 1949 in support of Line 1
operations at the Iowa Army Ammunition
Plant and who were employed for a number
of work days aggregating at least 250 work
days, occurring under this employment in
combination with work days of employment
occurring within the parameters (excluding
aggregate work day requirements) established
for other classes of employees included in
the SEC.
This designation became effective on
September 24, 2005, as provided for
under 42 U.S.C. 7384l(14)(C). Hence,
beginning on September 24, 2005,
members of this class of employees,
defined as reported in this notice,
became members of the Special
Exposure Cohort.
FOR FURTHER INFORMATION CONTACT:
Larry Elliott, Director, Office of
Compensation Analysis and Support,
National Institute for Occupational
Safety and Health, 4676 Columbia
Parkway, MS C–46, Cincinnati, OH
45226, Telephone 513–533–6800 (this is
not a toll-free number). Information
requests can also be submitted by e-mail
to OCAS@CDC.GOV.
Department of Energy (DOE) employees or
DOE contractor or subcontractor employees
who worked in uranium enrichment
operations or other radiological activities at
the Y–12 facility in Oak Ridge, Tennessee
from March 1943 through December 1947
and who were employed for a number of
work days aggregating at least 250 work days,
either solely under this employment or in
combination with work days of employment
occurring within the parameters (excluding
aggregate work day requirements) established
for other classes of employees included in
the SEC.
This designation became effective on
September 24, 2005, as provided for
under 42 U.S.C. 7384l(14)(C). Hence,
beginning on September 24, 2005,
members of this class of employees,
defined as reported in this notice,
became members of the Special
Exposure Cohort.
FOR FURTHER INFORMATION CONTACT:
Larry Elliott, Director, Office of
Compensation Analysis and Support,
National Institute for Occupational
Safety and Health, 4676 Columbia
Parkway, MS C–46, Cincinnati, OH
45226, Telephone 513–533–6800 (this is
not a toll-free number). Information
requests can also be submitted by e-mail
to OCAS@CDC.GOV.
Dated: September 26, 2005.
John Howard,
Director, National Institute for Occupational
Safety and Health, Centers for Disease Control
and Prevention.
[FR Doc. 05–19673 Filed 9–30–05; 8:45 am]
Dated: September 26, 2005.
John Howard,
Director, National Institute for Occupational
Safety and Health, Centers for Disease Control
and Prevention.
[FR Doc. 05–19674 Filed 9–30–05; 8:45 am]
BILLING CODE 4163–19–P
BILLING CODE 4163–19–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Centers for Disease Control and
Prevention
Centers for Medicare & Medicaid
Services
Final Effect of Designation of a Class
of Employees for Addition to the
Special Exposure Cohort
Privacy Act of 1974; Report of a New
System of Records
Centers for Disease Control and
Prevention (CDC), Department of Health
and Human Services (HHS).
ACTION: Notice.
AGENCY:
SUMMARY: The Department of Health and
Human Services (HHS) gives notice
concerning the final effect of the HHS
decision to designate a class of
employees at the Y–12 facility, in Oak
Ridge, Tennessee as an addition to the
Special Exposure Cohort (SEC) under
the Energy Employees Occupational
Illness Compensation Program Act of
2000. On August 25, 2005, as provided
for under 42 U.S.C. 7384q(b), the
Secretary of HHS designated the
VerDate Aug<31>2005
17:26 Sep 30, 2005
Jkt 205001
Department of Health and
Human Services (HHS), Center for
Medicare & Medicaid Services (CMS).
ACTION: Notice of a New System of
Records (SOR).
AGENCY:
SUMMARY: In accordance with the
requirements of the Privacy Act of 1974,
we are proposing to create a new system
titled, ‘‘Cancer Prevention and
Treatment Demonstration for Ethnic and
Racial Minorities (CPTD) System,
System No. 09–70–0560.’’ Section 122
of the Medicare, Medicaid, and State
Children’s Health Insurance Program
(SCHIP) Benefits Improvement and
Protection Act of 2000 (BIPA) (Public
Law (Pub. L.) 106–554) grants CMS the
PO 00000
Frm 00052
Fmt 4703
Sfmt 4703
authority to award at least nine
cooperative agreement demonstration
projects that will identify methods to
reduce disparities in early cancer
screening, diagnosis, and treatment for
Black, Hispanic, Asian American and
Pacific Islander, and American Indian
(including Alaskan Native, Eskimo, and
Aleut) Medicare beneficiary
populations. Demonstration sites will
use the best available scientific evidence
to identify promising models of cancer
screening, diagnosis and treatment
interventions to promote health and
appropriate utilization of Medicare
covered services, eliminate disparities
in cancer detection and treatment
among ethnic and racial populations of
Medicare beneficiaries, and provide
information to improve the effectiveness
of the Medicare program.
The purpose of this system is to
collect and maintain demographic and
cancer health-related data on Medicare
target population beneficiaries who
voluntarily enroll in the CPTD Project
for Ethnic and Racial Minorities. This
system will enable CMS to enroll
eligible participants in the
demonstration project; randomize
participants into intervention and
control groups; reimburse
demonstration site service claims; and
develop, maintain and analyze/evaluate
research information showing the
potential impact of providing cancer
screening, diagnosis and treatment
facilitation services to underserved
Medicare beneficiaries. Information
retrieved from this system may be
disclosed to: (1) Support regulatory,
reimbursement, and policy functions
performed within the agency or by a
contractor, grantee, consultant or other
legal agent; (2) assist another Federal or
state agency with information to enable
such agency to administer a Federal
health benefits program, or to enable
such agency to fulfill a requirement of
Federal statute or regulation that
implements a health benefits program
funded in whole or in part with Federal
funds; (3) assist an individual or
organization engaged in the
performance activities of the
demonstration or in a research project or
in support of an evaluation project
related to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects; (4) support constituent
requests made to a congressional
representative; (5) support litigation
involving the agency; and (6) combat
fraud and abuse in certain health
benefits programs. We have provided
background information about the new
system in the SUPPLEMENTARY
E:\FR\FM\03OCN1.SGM
03OCN1
Federal Register / Vol. 70, No. 190 / Monday, October 3, 2005 / Notices
INFORMATION section below. Although
the Privacy Act requires only that CMS
provide an opportunity for interested
persons to comment on the proposed
routine uses, CMS invites comments on
all portions of this notice. See DATES
section for comment period.
DATES: CMS filed a new SOR report
with the Chair of the House Committee
on Government Reform and Oversight,
the Chair of the Senate Committee on
Governmental Affairs, and the
Administrator, Office of Information
and Regulatory Affairs, Office of
Management and Budget (OMB) on
September 26, 2005. In any event, we
will not disclose any information under
a routine use until 40 days after
publication. We may defer
implementation of this system or one or
more of the routine use statements listed
below if we receive comments that
persuade us to defer implementation.
ADDRESSES: The public should address
comment to the CMS Privacy Officer,
Mail-stop N2–04–27, 7500 Security
Boulevard, Baltimore, Maryland 21244–
1850. Comments received will be
available for review at this location by
appointment during regular business
hours, Monday through Friday from 9
a.m.–3 p.m., eastern time.
FOR FURTHER INFORMATION CONTACT: C.
Diane Merriman, Project Officer,
Division of Health Promotion and
Disease Prevention Demonstrations,
Office of Research Development and
Information, CMS, Mail Stop S3–07–04,
7500 Security Boulevard, Baltimore,
Maryland 21244–1849, telephone
number (410) 786–7237, e-mail
Diane.Merriman@cms.hhs.gov.
SUPPLEMENTARY INFORMATION: Section
122 of the Medicare, Medicaid, and
SCHIP Benefits Improvement and
Protection Act of 2000 (BIPA) (Pub. L.
106–554) requires CMS to design and
implement at least nine demonstration
projects in specific target populations
for the purpose of developing models
and evaluating methods that: (1)
Improve the quality of items and
services provided to target individuals
in order to facilitate reduced disparities
in early detection and treatment of
cancer; (2) improve clinical outcomes,
satisfaction, quality of life, and
appropriate use of Medicare-covered
services and referral patterns among
those target individuals with cancer; (3)
eliminate disparities in the rate of
preventive cancer screening measures;
and (4) promote collaboration with
community-based organizations to
ensure cultural competency of health
care professionals and linguistic access
for persons with limited English
proficiency. Each of the following four
VerDate Aug<31>2005
17:26 Sep 30, 2005
Jkt 205001
legislatively-mandated target
populations are required to be the
subject of two separate demonstration
projects: American Indians (including
Alaskan Natives, Eskimos and Aleuts);
Asian Americans and Pacific Islanders;
Blacks; and Hispanics. If the initial
demonstration evaluation indicates that
these projects (1) reduce Medicare
expenditures; or (2) do not increase
Medicare expenditures, reduce ethnic
and racial health disparities, and
increase beneficiary and health care
provider satisfaction, the existing
demonstration projects will continue,
and the number of demonstration
projects may be expanded in the future.
I. Description of the Proposed System of
Records
A. Statutory and Regulatory Basis for
SOR
The statutory authority for this system
is given under the provisions of Section
122 of the Medicare, Medicaid, and
State Children’s Health Insurance
Program (SCHIP) Benefits Improvement
and Protection Act of 2000 (BIPA) (Pub.
L. 106–554).
B. Collection and Maintenance of Data
in the System
This system will collect and maintain
individually identifiable demographic
and cancer health-related data collected
on Medicare target population
beneficiaries who voluntarily enroll in
the CPTD for Ethnic and Racial
Minorities. The system will maintain
information on two populations: (1)
Medicare beneficiaries belonging to a
defined ethnic or racial minority group
who do not have a current diagnosis of
cancer before enrollment in the
demonstration project; and (2) Medicare
beneficiaries belonging to a defined
ethnic or racial minority who have been
diagnosed with cancer before
enrollment in the demonstration project.
The collected information will contain
name, address, telephone number,
Medicare health insurance claim (HIC)
number, race/ethnicity, gender type,
and date of birth, as well as background
information relating to Medicare issues.
It will also include cancer screening,
diagnosis, treatment, project enrollment
and evaluation, survey and research
information needed to administer the
demonstration project and develop
research reports on the demonstration
findings.
II. Agency Policies, Procedures, and
Restrictions on the Routine Use
A. The Privacy Act permits us to
disclose information without an
individual’s consent if the information
PO 00000
Frm 00053
Fmt 4703
Sfmt 4703
57603
is to be used for a purpose that is
compatible with the purpose(s) for
which the information was collected.
Any such disclosure of data is known as
a ‘‘routine use.’’ The Government will
only release CPTD information that can
be associated with an individual as
provided for under ‘‘Section III.
Proposed Routine Use Disclosures of
Data in the System.’’ Both identifiable
and non-identifiable data may be
disclosed under a routine use. We will
only collect the minimum personal data
necessary to achieve the purpose of
CPTD.
CMS has the following policies and
procedures concerning disclosures of
information that will be maintained in
the system. Disclosure of information
from the system will be approved only
to the extent necessary to accomplish
the purpose of the disclosure and only
after CMS:
1. Determines that the use or
disclosure is consistent with the reason
that the data is being collected; e.g., to
collect and maintain demographic and
cancer health-related data on Medicare
target population beneficiaries who
voluntarily enroll in the CPTD Project
for Ethnic and Racial Minorities.
2. Determines that:
a. The purpose for which the
disclosure is to be made can only be
accomplished if the record is provided
in individually identifiable form;
b. The purpose for which the
disclosure is to be made is of sufficient
importance to warrant the effect and/or
risk on the privacy of the individual that
additional exposure of the record might
bring; and
c. There is a strong probability that
the proposed use of the data would in
fact accomplish the stated purpose(s).
3. Requires the information recipient
to:
a. Establish administrative, technical,
and physical safeguards to prevent
unauthorized use or disclosure of the
record;
b. Remove or destroy, at the earliest
time, all patient-identifiable
information; and
c. Agree to not use or disclose the
information for any purpose other than
the stated purpose under which the
information was disclosed.
4. Determines that the data are valid
and reliable.
III. Proposed Routine Use Disclosures
of Data in the System
A. The Privacy Act allows us to
disclose information without an
individual’s consent if the information
is to be used for a purpose that is
compatible with the purpose(s) for
which the information was collected.
E:\FR\FM\03OCN1.SGM
03OCN1
57604
Federal Register / Vol. 70, No. 190 / Monday, October 3, 2005 / Notices
Any such compatible use of data is
known as a ‘‘routine use.’’ The proposed
routine uses in this system meet the
compatibility requirement of the Privacy
Act. We are proposing to establish the
following routine use disclosures of
information maintained in the system:
1. To agency contractors, grantees,
consultants or other legal agents who
have been engaged by the agency to
assist in the performance of a service
related to this system of records and
who need to have access to the records
in order to perform the activity.
We contemplate disclosing
information under this routine use only
in situations in which CMS may enter
into a contractual, grantee, cooperative
agreement or consultant relationship
with a third party to assist in
accomplishing CMS functions relating
to purposes for this system or records.
CMS occasionally contracts out certain
of its functions when doing so would
contribute to effective and efficient
operations. CMS must be able to give a
contractor, grantee, consultant or other
legal agent whatever information is
necessary for the agent to fulfill its
duties. In these situations, safeguards
are provided in the contract prohibiting
the agent from using or disclosing the
information for any purpose other than
that described in the contract and
requires the agent to return or destroy
all information at the completion of the
contract.
2. To another Federal or state agency
to:
a. Contribute to the accuracy of CMS’s
proper payment of Medicare benefits;
b. Enable such agency to administer a
Federal health benefits program, or, as
necessary, to enable such agency to
fulfill a requirement of a Federal statute
or regulation that implements a health
benefits program funded in whole or in
part with Federal funds; and/or
c. Assist Federal/state Medicaid
programs within the state.
Other Federal or state agencies, in
their administration of a Federal health
program, may require CPTD information
in order to support evaluations and
monitoring of Medicare claims
information of beneficiaries, including
proper reimbursement for services
provided.
3. To an individual or organization
engaged in or assisting in the
enrollment, screening, diagnosis,
treatment, evaluation, or research efforts
relative to beneficiary participation in
the CPTD for Ethnic and Racial
Minorities (including summary analyses
demonstrating the impact of the
demonstration project), and other
activities reasonably necessary to fulfill
the provisions of the demonstration
VerDate Aug<31>2005
17:26 Sep 30, 2005
Jkt 205001
project and ensure appropriate use of
Medicare trust funds and program
funds, as well as to an individual or
organization for a research project or in
support of an evaluation project related
to the prevention of disease or
disability, the restoration or
maintenance of health, the reduction of
healthcare disparities, or payment
related projects.
The CPTD data will provide for
research or support of evaluation
projects and a broader, longitudinal,
national perspective of the status of
Medicare beneficiaries. CMS anticipates
that many researchers will have
legitimate requests to use these data in
projects that could ultimately improve
the care provided to Medicare
beneficiaries and the policies that
govern their care.
4. To a Member of Congress or to a
congressional staff member in response
to an inquiry of the congressional office
made at the written request of the
constituent about whom the record is
maintained.
Beneficiaries sometimes request the
help of a Member of Congress in
resolving an issue relating to a matter
before CMS. The Member of Congress
then writes to CMS, and CMS must be
able to give sufficient information to be
responsive to the inquiry.
5. To the Department of Justice (DOJ),
court or adjudicatory body when:
a. The agency or any component
thereof, or
b. Any employee of the agency in his
or her official capacity, or
c. Any employee of the agency in his
or her individual capacity where the
DOJ has agreed to represent the
employee, or
d. The United States Government, is
a party to litigation or has an interest in
such litigation, and, by careful review,
CMS determines that the records are
both relevant and necessary to the
litigation and that the use of such
records by the DOJ, court or
adjudicatory body is compatible with
the purpose for which the agency
collected the records.
Whenever CMS is involved in
litigation, and occasionally when
another party is involved in litigation
and CMS policies or operations could be
affected by the outcome of the litigation,
CMS would be able to disclose
information to the DOJ, court or
adjudicatory body involved.
6. To a CMS contractor (including, but
not necessarily limited to, fiscal
intermediaries and carriers) that assists
in the administration of a CMSadministered health benefits program,
or to a grantee of a CMS-administered
grant program, when disclosure is
PO 00000
Frm 00054
Fmt 4703
Sfmt 4703
deemed reasonably necessary by CMS to
prevent, deter, discover, detect,
investigate, examine, prosecute, sue
with respect to, defend against, correct,
remedy, or otherwise combat fraud or
abuse in such program.
We contemplate disclosing
information under this routine use only
in situations in which CMS may enter
into a contractual, grantee, cooperative
agreement or consultant relationship
with a third party to assist in
accomplishing CMS functions relating
to the purpose of combating fraud and
abuse. CMS occasionally contracts out
certain of its functions or makes grants
or cooperative agreements when doing
so would contribute to effective and
efficient operations. CMS must be able
to give a contractor, grantee, consultant
or other legal agent whatever
information is necessary for the agent to
fulfill its duties. In these situations,
safeguards are provided in the contract
prohibiting the agent from using or
disclosing the information for any
purpose other than that described in the
contract and requiring the agent to
return or destroy all information.
7. To another Federal agency or to an
instrumentality of any governmental
jurisdiction within or under the control
of the United States (including any State
or local governmental agency), that
administers, or that has the authority to
investigate potential fraud or abuse in,
a health benefits program funded in
whole or in part by Federal funds, when
disclosure is deemed reasonably
necessary by CMS to prevent, deter,
discover, detect, investigate, examine,
prosecute, sue with respect to, defend
against, correct, remedy, or otherwise
combat fraud or abuse in such programs.
Other agencies may require CPTD
information for the purpose of
combating fraud and abuse in such
Federally-funded programs.
B. Additional Provisions Affecting
Routine Use Disclosures
This system contains Protected Health
Information (PHI) as defined by HHS
regulation ‘‘Standards for Privacy of
Individually Identifiable Health
Information’’ (45 CFR Parts 160 and 164,
65 FR 82462 (12–28–00), Subparts A
and E). Disclosures of PHI authorized by
these routine uses may only be made if
and as permitted or required by the
‘‘Standards for Privacy of Individually
Identifiable Health Information.’’
In addition, our policy will be to
prohibit release even of not directly
identifiable information, except
pursuant to one of the routine uses or
if required by law, if we determine there
is a possibility that an individual can be
identified through implicit deduction
E:\FR\FM\03OCN1.SGM
03OCN1
Federal Register / Vol. 70, No. 190 / Monday, October 3, 2005 / Notices
based on small cell sizes (instances
where the patient population is so small
that individuals who are familiar with
the enrollees could, because of the small
size, use this information to deduce the
identity of the beneficiary).
IV. Safeguards
CMS has safeguards in place for
authorized users and monitors such
users to ensure against excessive or
unauthorized use. Personnel having
access to the system have been trained
in the Privacy Act and information
security requirements. Employees who
maintain records in this system are
instructed not to release data until the
intended recipient agrees to implement
appropriate management, operational
and technical safeguards sufficient to
protect the confidentiality, integrity and
availability of the information and
information systems and to prevent
unauthorized access.
This system will conform to all
applicable Federal laws and regulations
and Federal, HHS, and CMS policies
and standards as they relate to
information security and data privacy.
These laws and regulations include but
are not limited to: The Privacy Act of
1974; the Federal Information Security
Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the
Health Insurance Portability and
Accountability Act of 1996; the EGovernment Act of 2002, the ClingerCohen Act of 1996; the Medicare
Modernization Act of 2003, and the
corresponding implementing
regulations. OMB Circular A–130,
Management of Federal Resources,
Appendix III, Security of Federal
Automated Information Resources also
applies. Federal, HHS, and CMS
policies and standards include but are
not limited to: All pertinent National
Institute of Standards and Technology
publications; the HHS Information
Systems Program Handbook and the
CMS Information Security Handbook.
V. Effects of the Proposed System of
Records on Individual Rights
CMS proposes to establish this system
in accordance with the principles and
requirements of the Privacy Act and will
collect, use, and disseminate
information only as prescribed therein.
Data in this system will be subject to the
authorized releases in accordance with
the routine uses identified in this
system of records.
CMS will take precautionary
measures (see item IV above) to
minimize the risks of unauthorized
access to the records and the potential
harm to individual privacy or other
personal or property rights of patients
VerDate Aug<31>2005
17:26 Sep 30, 2005
Jkt 205001
whose data are maintained in this
system. CMS will collect only that
information necessary to perform the
system’s functions. In addition, CMS
will make disclosure from the proposed
system only with consent of the subject
individual, or his/her legal
representative, or in accordance with an
applicable exception provision of the
Privacy Act. CMS, therefore, does not
anticipate an unfavorable effect on
individual privacy as a result of
information relating to individuals.
Dated: August 30, 2005.
John R. Dyer,
Chief Operating Officer, Centers for Medicare
& Medicaid Services.
System No. 09–70–0560
SYSTEM NAME:
‘‘Cancer Prevention and Treatment
Demonstration for Ethnic and Racial
Minorities (CPTD),’’ HHS/CMS/ORDI.
SECURITY CLASSIFICATION:
Level Three Privacy Act Sensitive
Data.
SYSTEM LOCATION:
CMS Data Center, 7500 Security
Boulevard, North Building, First Floor,
Baltimore, Maryland 21244–1850 and at
various co-locations of CMS agents.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
This system will collect and maintain
individually identifiable demographic
and cancer health-related data collected
on Medicare target population
beneficiaries who voluntarily enroll in
the Cancer Prevention and Treatment
Demonstration (CPTD) for Ethnic and
Racial Minorities. The system will
maintain information on two
populations: (1) Medicare beneficiaries
belonging to a defined ethnic or racial
minority group who do not have a
current diagnosis of cancer before
enrollment in the demonstration project;
and (2) Medicare beneficiaries belonging
to a defined ethnic or racial minority
who have been diagnosed with cancer
before enrollment in the demonstration
project.
CATEGORIES OF RECORDS IN THE SYSTEM:
The collected information will
contain name, address, telephone
number, health insurance claim (HIC)
number, race/ethnicity, gender type,
and date of birth, as well as background
information relating to Medicare issues.
It will also include cancer screening,
diagnosis, treatment, project enrollment
and evaluation, survey and research
information needed to administer the
demonstration project and develop
PO 00000
Frm 00055
Fmt 4703
Sfmt 4703
57605
research reports on the demonstration
findings.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The statutory authority for this system
is given under the provisions of Section
122 of the Medicare, Medicaid, and
State Children’s Health Insurance
Program (SCHIP) Benefits Improvement
and Protection Act of 2000 (BIPA) (Pub.
L. 106–554).
PURPOSE(S) OF THE SYSTEM:
The purpose of this system is to
collect and maintain demographic and
cancer health-related data on Medicare
target population beneficiaries who
voluntarily enroll in the CPTD Project
for Ethnic and Racial Minorities. This
system will enable CMS to enroll
eligible participants in the
demonstration project; randomize
participants into intervention and
control groups; reimburse
demonstration site service claims; and
develop, maintain and analyze/evaluate
research information showing the
potential impact of providing cancer
screening, diagnosis and treatment
facilitation services to underserved
Medicare beneficiaries. Information
retrieved from this system may be
disclosed to: (1) Support regulatory,
reimbursement, and policy functions
performed within the agency or by a
contractor, grantee, consultant or other
legal agent; (2) assist another Federal or
state agency with information to enable
such agency to administer a Federal
health benefits program, or to enable
such agency to fulfill a requirement of
Federal statute or regulation that
implements a health benefits program
funded in whole or in part with Federal
funds; (3) assist an individual or
organization engaged in the
performance activities of the
demonstration or in a research project or
in support of an evaluation project
related to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects; (4) support constituent
requests made to a congressional
representative; (5) support litigation
involving the agency; and (6) combat
fraud and abuse in certain health
benefits programs.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OR USERS AND
THE PURPOSES OF SUCH USES:
A. The Privacy Act allows us to
disclose information without an
individual’s consent if the information
is to be used for a purpose that is
compatible with the purpose(s) for
which the information was collected.
Any such compatible use of data is
E:\FR\FM\03OCN1.SGM
03OCN1
57606
Federal Register / Vol. 70, No. 190 / Monday, October 3, 2005 / Notices
known as a ‘‘routine use.’’ We are
proposing to establish the following
routine use disclosures of information
maintained in the system. Information
will be disclosed to:
1. To agency contractors, grantees,
consultants or other legal agents who
have been engaged by the agency to
assist in the performance of a service
related to this system of records and
who need to have access to the records
in order to perform the activity.
2. To another Federal or state agency
to:
a. Contribute to the accuracy of CMS’s
proper payment of Medicare benefits,
b. Enable such agency to administer a
Federal health benefits program, or as
necessary to enable such agency to
fulfill a requirement of a Federal statute
or regulation that implements a health
benefits program funded in whole or in
part with Federal funds, and/or
c. Assist Federal/state Medicaid
programs within the state.
3. To an individual or organization
engaged in or assisting in the
enrollment, screening, diagnosis,
treatment, evaluation, or research efforts
relative to beneficiary participation in
the CPTD for Ethnic and Racial
Minorities (including summary analyses
demonstrating the impact of the
demonstration project), and other
activities reasonably necessary to fulfill
the provisions of the demonstration
project and ensure appropriate use of
Medicare trust funds and program
funds, as well as to an individual or
organization for a research project or in
support of an evaluation project related
to the prevention of disease or
disability, the restoration or
maintenance of health, or payment
related projects.
4. To a Member of Congress or to a
congressional staff member in response
to an inquiry of the congressional office
made at the written request of the
constituent about whom the record is
maintained.
5. To the Department of Justice (DOJ),
court or adjudicatory body when:
a. The agency or any component
thereof, or
b. Any employee of the agency in his
or her official capacity, or
c. Any employee of the agency in his
or her individual capacity where the
DOJ has agreed to represent the
employee, or
d. The United States Government is a
party to litigation or has an interest in
such litigation, and, by careful review,
CMS determines that the records are
both relevant and necessary to the
litigation and that the use of such
records by the DOJ, court or
adjudicatory body is compatible with
VerDate Aug<31>2005
17:26 Sep 30, 2005
Jkt 205001
the purpose for which the agency
collected the records.
6. To a CMS contractor (including, but
not necessarily limited to, fiscal
intermediaries and carriers) that assists
in the administration of a CMSadministered health benefits program,
or to a grantee of a CMS-administered
grant program, when disclosure is
deemed reasonably necessary by CMS to
prevent, deter, discover, detect,
investigate, examine, prosecute, sue
with respect to, defend against, correct,
remedy, or otherwise combat fraud or
abuse in such program.
7. To another Federal agency or to an
instrumentality of any governmental
jurisdiction within or under the control
of the United States (including any State
or local governmental agency), that
administers, or that has the authority to
investigate potential fraud or abuse in,
a health benefits program funded in
whole or in part by Federal funds, when
disclosure is deemed reasonably
necessary by CMS to prevent, deter,
discover, detect, investigate, examine,
prosecute, sue with respect to, defend
against, correct, remedy, or otherwise
combat fraud or abuse in such programs.
B. Additional Provisions Affecting
Routine Use Disclosures:
This system contains Protected Health
Information as defines by HHS
regulation ‘‘Standards for Privacy of
Individually Identifiable Health
Information’’ (45 CFR Parts 160 and 164,
65 Federal Register 82462 (12–28–00),
Subparts A and E). Disclosures of
Protected Health Information authorized
by these routine uses may only be made
if and as permitted or required by the
‘‘Standards for Privacy of Individually
Identifiable Health Information.’’
In addition, our policy will be to
prohibit release even of not directly
identifiable information, except
pursuant to one of the routine uses or
if required by law, if we determine there
is a possibility that an individual can be
identified through implicit deduction
based on small cell sizes (instances
where the complaint population is so
small that individuals who are familiar
with the complainants could, because of
the small size, use this information to
deduce the identity of the complainant).
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
All records are stored electronically.
Some input may be generated in
hardcopy, such as eligibility,
enrollment, initial cancer status and
followup assessment information before
transcription to electronic media. All
claims-related records are encompassed
PO 00000
Frm 00056
Fmt 4703
Sfmt 4703
by the document preservation order and
will be retained until notification is
received from the Department of Justice.
RETRIEVABILITY:
The collected data are retrieved by an
individual identifier; e.g., beneficiary
name or HIC number.
SAFEGUARDS:
CMS has safeguards in place for
authorized users and monitors such
users to ensure against excessive or
unauthorized use. Personnel having
access to the system have been trained
in the Privacy Act and information
security requirements. Employees who
maintain records in this system are
instructed not to release data until the
intended recipient agrees to implement
appropriate management, operational
and technical safeguards sufficient to
protect the confidentiality, integrity and
availability of the information and
information systems and to prevent
unauthorized access.
This system will conform to all
applicable Federal laws and regulations
and Federal, HHS, and CMS policies
and standards as they relate to
information security and data privacy.
These laws and regulations include but
are not limited to: The Privacy Act of
1974; the Federal Information Security
Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the
Health Insurance Portability and
Accountability Act of 1996; the EGovernment Act of 2002, the ClingerCohen Act of 1996; the Medicare
Modernization Act of 2003, and the
corresponding implementing
regulations. OMB Circular A–130,
Management of Federal Resources,
Appendix III, Security of Federal
Automated Information Resources also
applies. Federal, HHS, and CMS
policies and standards include but are
not limited to: All pertinent National
Institute of Standards and Technology
publications; the HHS Information
Systems Program Handbook and the
CMS Information Security Handbook.
RETENTION AND DISPOSAL:
CMS will retain information for a total
period not to exceed 25 years. Data
residing with the designated
demonstration project site agent shall be
returned to CMS at the end of the
demonstration period, with all data then
being the responsibility of CMS for
adequate storage and security.
SYSTEM MANAGER AND ADDRESS:
Director, Office of Research
Development and Information, CMS,
Room C3–20–11, 7500 Security
Boulevard, Baltimore, Maryland 21244–
1850.
E:\FR\FM\03OCN1.SGM
03OCN1
Federal Register / Vol. 70, No. 190 / Monday, October 3, 2005 / Notices
NOTIFICATION PROCEDURE:
For the purpose of access, the subject
individual should write to the system
manager who will require the system
name, address, age, gender type, and, for
verification purposes, the subject
individual’s name (woman’s maiden
name, if applicable).
care funds. The duration of the grant is
12 months.
Statutory Authority: This award will be
made pursuant to the Child Care and
Development Block Grant Act of 1990 as
amended (CCDBG Act); section 418 of the
Social Security Act; Consolidated
Appropriations Act, 2001 (Pub. L. 106–554).
FOR FURTHER INFORMATION CONTACT:
RECORD ACCESS PROCEDURE:
Shannon Rudisill, Director of Technical
Assistance, Child Care Bureau, at 202–
205–8051.
For purpose of access, use the same
procedures outlined in Notification
Procedures above. Requestors should
also reasonably specify the record
contents being sought. (These
procedures are in accordance with
Department regulation 45 CFR
5b.5(a)(2)).
Dated: September 27, 2005.
Joan E. Ohl,
Commissioner, Administration on Children,
Youth and Families.
[FR Doc. 05–19650 Filed 9–30–05; 8:45 am]
BILLING CODE 4184–01–P
CONTESTING RECORD PROCEDURES:
The subject individual should contact
the system manager named above, and
reasonably identify the record and
specify the information to be contested.
State the corrective action sought and
the reasons for the correction with
supporting justification. (These
procedures are in accordance with
Department regulation 45 CFR 5b.7).
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS
OF THE ACT:
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Food and Drug Administration
[Docket No. 2005P–0376]
Iceberg Water Deviating From Identity
Standard; Temporary Permit for Market
Testing
AGENCY:
Food and Drug Administration,
HHS.
None.
Notice.
[FR Doc. 05–19676 Filed 9–30–05; 8:45 am]
ACTION:
BILLING CODE 4120–03–P
SUMMARY: The Food and Drug
Administration (FDA) is announcing
that a temporary permit has been issued
to Canada’s Original ICEBERG Water
Corp., to market a product designated as
‘‘Canada’s Original Iceberg Water’’ that
deviates from the U.S. standard of
identity for bottled water. The purpose
of the temporary permit is to allow the
applicant to measure consumer
acceptance of the product, identify mass
production problems, and assess
commercial feasibility.
DATES: This permit is effective for 15
months, beginning on the date the
permit holder introduces or causes the
introduction of the test product into
interstate commerce, but not later than
January 3, 2006.
FOR FURTHER INFORMATION CONTACT:
Loretta A. Carey, Center for Food Safety
and Applied Nutrition (HFS–820), Food
and Drug Administration, 5100 Paint
Branch Pkwy., College Park, MD 20740,
301–436–2371.
SUPPLEMENTARY INFORMATION: In
accordance with 21 CFR 130.17
concerning temporary permits to
facilitate market testing of foods
deviating from the requirements of the
standards of identity issued under
section 401 of the Federal Food, Drug,
and Cosmetic Act (21 U.S.C. 341), FDA
is giving notice that a temporary permit
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Administration for Children and
Families
Administration on Children, Youth, and
Families; Notice of Award of NonCompetitive Grant
Administration on Children,
Youth and Families, ACF, HHS.
ACTION: Award announcement.
AGENCY:
SUMMARY: The Administration on
Children, Youth and Families herein
announces an urgent grant award to the
National Association of Child Care
Resource and Referral Agencies
(NACCRRA) to provide technical
assistance to reestablish the operations
of the resource and referral agencies in
Mississippi and Louisiana whose
operations have been disrupted by
Hurricane Katrina. This grant will help
to re-establish child care referral
services so that families along the Gulf
Coast can find child care. This grant
will also support local and Statewide
inventories of child care need and
availability.
The amount of the proposed grant to
NACCRRA is $99,500 in FY 2005 child
VerDate Aug<31>2005
17:26 Sep 30, 2005
Jkt 205001
PO 00000
Frm 00057
Fmt 4703
Sfmt 4703
57607
has been issued to Canada’s Original
ICEBERG Water Corp., 23 Lesmill Rd.,
suite 304, Toronto, Ontario Canada,
M3B–3P6.
The permit covers limited interstate
marketing tests of products identified as
‘‘Canada’s Original Iceberg Water’’ that
deviate from the U.S. standard of
identity for bottled water (§165.110 (21
CFR 165.110)) in that the source of the
water is an iceberg. The test product
meets all the requirements of the
standard with the exception of the
source definition. The purpose of this
permit is to test the product throughout
the United States, in order to allow the
applicant to measure consumer
acceptance of the product, identify mass
production problems, and assess
commercial feasibility.
This permit provides for the
temporary marketing of 500,000 cases of
the 24 x 500 milliliter bottles and
500,000 cases of the 12 x 1 liter bottles,
totaling 1 million cases per year. The
total fluid quantity covered by this
application is 12 million liters
(3,170,065 gallons). The test product
will be manufactured for Canada’s
Original ICEBERG Water Corp., by
Discovery Springs, Daniel’s Point Rd.,
Trepassey, Newfoundland, Canada
A0A–4B0. Canada’s Original ICEBERG
Water Corp. will distribute the test
products throughout the United States.
The information panel of the labels will
bear nutrition labeling in accordance
with 21 CFR 101.9. The bottled water
will be manufactured in accordance
with the quality standards in §165.110
and the requirements for processing and
bottling of bottled drinking water in 21
CFR part 129. This permit is effective
for 15 months, beginning on the date the
food is introduced or caused to be
introduced into interstate commerce,
but not later than January 3, 2006.
Dated: September 22, 2005.
Barbara Schneeman,
Director, Office of Nutritional Products,
Labeling, and Dietary Supplements, Center
for Food Safety and Applied Nutrition.
[FR Doc. 05–19728 Filed 9–30–05; 8:45 am]
BILLING CODE 4160–01–S
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Food and Drug Administration
[Docket No. 2005N–0394]
Food and Drug Administration’s
Communication of Drug Safety
Information; Public Hearing
AGENCY:
Food and Drug Administration,
HHS.
E:\FR\FM\03OCN1.SGM
03OCN1
]]>Agencies
[Federal Register Volume 70, Number 190 (Monday, October 3, 2005)]
[Notices]
[Pages 57602-57607]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 05]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Centers for Medicare & Medicaid Services
Privacy Act of 1974; Report of a New System of Records
AGENCY: Department of Health and Human Services (HHS), Center for
Medicare & Medicaid Services (CMS).
ACTION: Notice of a New System of Records (SOR).
-----------------------------------------------------------------------
SUMMARY: In accordance with the requirements of the Privacy Act of
1974, we are proposing to create a new system titled, ``Cancer
Prevention and Treatment Demonstration for Ethnic and Racial Minorities
(CPTD) System, System No. 09-70-0560.'' Section 122 of the Medicare,
Medicaid, and State Children's Health Insurance Program (SCHIP)
Benefits Improvement and Protection Act of 2000 (BIPA) (Public Law
(Pub. L.) 106-554) grants CMS the authority to award at least nine
cooperative agreement demonstration projects that will identify methods
to reduce disparities in early cancer screening, diagnosis, and
treatment for Black, Hispanic, Asian American and Pacific Islander, and
American Indian (including Alaskan Native, Eskimo, and Aleut) Medicare
beneficiary populations. Demonstration sites will use the best
available scientific evidence to identify promising models of cancer
screening, diagnosis and treatment interventions to promote health and
appropriate utilization of Medicare covered services, eliminate
disparities in cancer detection and treatment among ethnic and racial
populations of Medicare beneficiaries, and provide information to
improve the effectiveness of the Medicare program.
The purpose of this system is to collect and maintain demographic
and cancer health-related data on Medicare target population
beneficiaries who voluntarily enroll in the CPTD Project for Ethnic and
Racial Minorities. This system will enable CMS to enroll eligible
participants in the demonstration project; randomize participants into
intervention and control groups; reimburse demonstration site service
claims; and develop, maintain and analyze/evaluate research information
showing the potential impact of providing cancer screening, diagnosis
and treatment facilitation services to underserved Medicare
beneficiaries. Information retrieved from this system may be disclosed
to: (1) Support regulatory, reimbursement, and policy functions
performed within the agency or by a contractor, grantee, consultant or
other legal agent; (2) assist another Federal or state agency with
information to enable such agency to administer a Federal health
benefits program, or to enable such agency to fulfill a requirement of
Federal statute or regulation that implements a health benefits program
funded in whole or in part with Federal funds; (3) assist an individual
or organization engaged in the performance activities of the
demonstration or in a research project or in support of an evaluation
project related to the prevention of disease or disability, the
restoration or maintenance of health, or payment related projects; (4)
support constituent requests made to a congressional representative;
(5) support litigation involving the agency; and (6) combat fraud and
abuse in certain health benefits programs. We have provided background
information about the new system in the Supplementary
[[Page 57603]]
Information section below. Although the Privacy Act requires only that
CMS provide an opportunity for interested persons to comment on the
proposed routine uses, CMS invites comments on all portions of this
notice. See Dates section for comment period.
DATES: CMS filed a new SOR report with the Chair of the House Committee
on Government Reform and Oversight, the Chair of the Senate Committee
on Governmental Affairs, and the Administrator, Office of Information
and Regulatory Affairs, Office of Management and Budget (OMB) on
September 26, 2005. In any event, we will not disclose any information
under a routine use until 40 days after publication. We may defer
implementation of this system or one or more of the routine use
statements listed below if we receive comments that persuade us to
defer implementation.
ADDRESSES: The public should address comment to the CMS Privacy
Officer, Mail-stop N2-04-27, 7500 Security Boulevard, Baltimore,
Maryland 21244-1850. Comments received will be available for review at
this location by appointment during regular business hours, Monday
through Friday from 9 a.m.-3 p.m., eastern time.
FOR FURTHER INFORMATION CONTACT: C. Diane Merriman, Project Officer,
Division of Health Promotion and Disease Prevention Demonstrations,
Office of Research Development and Information, CMS, Mail Stop S3-07-
04, 7500 Security Boulevard, Baltimore, Maryland 21244-1849, telephone
number (410) 786-7237, e-mail Diane.Merriman@cms.hhs.gov.
SUPPLEMENTARY INFORMATION: Section 122 of the Medicare, Medicaid, and
SCHIP Benefits Improvement and Protection Act of 2000 (BIPA) (Pub. L.
106-554) requires CMS to design and implement at least nine
demonstration projects in specific target populations for the purpose
of developing models and evaluating methods that: (1) Improve the
quality of items and services provided to target individuals in order
to facilitate reduced disparities in early detection and treatment of
cancer; (2) improve clinical outcomes, satisfaction, quality of life,
and appropriate use of Medicare-covered services and referral patterns
among those target individuals with cancer; (3) eliminate disparities
in the rate of preventive cancer screening measures; and (4) promote
collaboration with community-based organizations to ensure cultural
competency of health care professionals and linguistic access for
persons with limited English proficiency. Each of the following four
legislatively-mandated target populations are required to be the
subject of two separate demonstration projects: American Indians
(including Alaskan Natives, Eskimos and Aleuts); Asian Americans and
Pacific Islanders; Blacks; and Hispanics. If the initial demonstration
evaluation indicates that these projects (1) reduce Medicare
expenditures; or (2) do not increase Medicare expenditures, reduce
ethnic and racial health disparities, and increase beneficiary and
health care provider satisfaction, the existing demonstration projects
will continue, and the number of demonstration projects may be expanded
in the future.
I. Description of the Proposed System of Records
A. Statutory and Regulatory Basis for SOR
The statutory authority for this system is given under the
provisions of Section 122 of the Medicare, Medicaid, and State
Children's Health Insurance Program (SCHIP) Benefits Improvement and
Protection Act of 2000 (BIPA) (Pub. L. 106-554).
B. Collection and Maintenance of Data in the System
This system will collect and maintain individually identifiable
demographic and cancer health-related data collected on Medicare target
population beneficiaries who voluntarily enroll in the CPTD for Ethnic
and Racial Minorities. The system will maintain information on two
populations: (1) Medicare beneficiaries belonging to a defined ethnic
or racial minority group who do not have a current diagnosis of cancer
before enrollment in the demonstration project; and (2) Medicare
beneficiaries belonging to a defined ethnic or racial minority who have
been diagnosed with cancer before enrollment in the demonstration
project. The collected information will contain name, address,
telephone number, Medicare health insurance claim (HIC) number, race/
ethnicity, gender type, and date of birth, as well as background
information relating to Medicare issues. It will also include cancer
screening, diagnosis, treatment, project enrollment and evaluation,
survey and research information needed to administer the demonstration
project and develop research reports on the demonstration findings.
II. Agency Policies, Procedures, and Restrictions on the Routine Use
A. The Privacy Act permits us to disclose information without an
individual's consent if the information is to be used for a purpose
that is compatible with the purpose(s) for which the information was
collected. Any such disclosure of data is known as a ``routine use.''
The Government will only release CPTD information that can be
associated with an individual as provided for under ``Section III.
Proposed Routine Use Disclosures of Data in the System.'' Both
identifiable and non-identifiable data may be disclosed under a routine
use. We will only collect the minimum personal data necessary to
achieve the purpose of CPTD.
CMS has the following policies and procedures concerning
disclosures of information that will be maintained in the system.
Disclosure of information from the system will be approved only to the
extent necessary to accomplish the purpose of the disclosure and only
after CMS:
1. Determines that the use or disclosure is consistent with the
reason that the data is being collected; e.g., to collect and maintain
demographic and cancer health-related data on Medicare target
population beneficiaries who voluntarily enroll in the CPTD Project for
Ethnic and Racial Minorities.
2. Determines that:
a. The purpose for which the disclosure is to be made can only be
accomplished if the record is provided in individually identifiable
form;
b. The purpose for which the disclosure is to be made is of
sufficient importance to warrant the effect and/or risk on the privacy
of the individual that additional exposure of the record might bring;
and
c. There is a strong probability that the proposed use of the data
would in fact accomplish the stated purpose(s).
3. Requires the information recipient to:
a. Establish administrative, technical, and physical safeguards to
prevent unauthorized use or disclosure of the record;
b. Remove or destroy, at the earliest time, all patient-
identifiable information; and
c. Agree to not use or disclose the information for any purpose
other than the stated purpose under which the information was
disclosed.
4. Determines that the data are valid and reliable.
III. Proposed Routine Use Disclosures of Data in the System
A. The Privacy Act allows us to disclose information without an
individual's consent if the information is to be used for a purpose
that is compatible with the purpose(s) for which the information was
collected.
[[Page 57604]]
Any such compatible use of data is known as a ``routine use.'' The
proposed routine uses in this system meet the compatibility requirement
of the Privacy Act. We are proposing to establish the following routine
use disclosures of information maintained in the system:
1. To agency contractors, grantees, consultants or other legal
agents who have been engaged by the agency to assist in the performance
of a service related to this system of records and who need to have
access to the records in order to perform the activity.
We contemplate disclosing information under this routine use only
in situations in which CMS may enter into a contractual, grantee,
cooperative agreement or consultant relationship with a third party to
assist in accomplishing CMS functions relating to purposes for this
system or records. CMS occasionally contracts out certain of its
functions when doing so would contribute to effective and efficient
operations. CMS must be able to give a contractor, grantee, consultant
or other legal agent whatever information is necessary for the agent to
fulfill its duties. In these situations, safeguards are provided in the
contract prohibiting the agent from using or disclosing the information
for any purpose other than that described in the contract and requires
the agent to return or destroy all information at the completion of the
contract.
2. To another Federal or state agency to:
a. Contribute to the accuracy of CMS's proper payment of Medicare
benefits;
b. Enable such agency to administer a Federal health benefits
program, or, as necessary, to enable such agency to fulfill a
requirement of a Federal statute or regulation that implements a health
benefits program funded in whole or in part with Federal funds; and/or
c. Assist Federal/state Medicaid programs within the state.
Other Federal or state agencies, in their administration of a
Federal health program, may require CPTD information in order to
support evaluations and monitoring of Medicare claims information of
beneficiaries, including proper reimbursement for services provided.
3. To an individual or organization engaged in or assisting in the
enrollment, screening, diagnosis, treatment, evaluation, or research
efforts relative to beneficiary participation in the CPTD for Ethnic
and Racial Minorities (including summary analyses demonstrating the
impact of the demonstration project), and other activities reasonably
necessary to fulfill the provisions of the demonstration project and
ensure appropriate use of Medicare trust funds and program funds, as
well as to an individual or organization for a research project or in
support of an evaluation project related to the prevention of disease
or disability, the restoration or maintenance of health, the reduction
of healthcare disparities, or payment related projects.
The CPTD data will provide for research or support of evaluation
projects and a broader, longitudinal, national perspective of the
status of Medicare beneficiaries. CMS anticipates that many researchers
will have legitimate requests to use these data in projects that could
ultimately improve the care provided to Medicare beneficiaries and the
policies that govern their care.
4. To a Member of Congress or to a congressional staff member in
response to an inquiry of the congressional office made at the written
request of the constituent about whom the record is maintained.
Beneficiaries sometimes request the help of a Member of Congress in
resolving an issue relating to a matter before CMS. The Member of
Congress then writes to CMS, and CMS must be able to give sufficient
information to be responsive to the inquiry.
5. To the Department of Justice (DOJ), court or adjudicatory body
when:
a. The agency or any component thereof, or
b. Any employee of the agency in his or her official capacity, or
c. Any employee of the agency in his or her individual capacity
where the DOJ has agreed to represent the employee, or
d. The United States Government, is a party to litigation or has an
interest in such litigation, and, by careful review, CMS determines
that the records are both relevant and necessary to the litigation and
that the use of such records by the DOJ, court or adjudicatory body is
compatible with the purpose for which the agency collected the records.
Whenever CMS is involved in litigation, and occasionally when
another party is involved in litigation and CMS policies or operations
could be affected by the outcome of the litigation, CMS would be able
to disclose information to the DOJ, court or adjudicatory body
involved.
6. To a CMS contractor (including, but not necessarily limited to,
fiscal intermediaries and carriers) that assists in the administration
of a CMS-administered health benefits program, or to a grantee of a
CMS-administered grant program, when disclosure is deemed reasonably
necessary by CMS to prevent, deter, discover, detect, investigate,
examine, prosecute, sue with respect to, defend against, correct,
remedy, or otherwise combat fraud or abuse in such program.
We contemplate disclosing information under this routine use only
in situations in which CMS may enter into a contractual, grantee,
cooperative agreement or consultant relationship with a third party to
assist in accomplishing CMS functions relating to the purpose of
combating fraud and abuse. CMS occasionally contracts out certain of
its functions or makes grants or cooperative agreements when doing so
would contribute to effective and efficient operations. CMS must be
able to give a contractor, grantee, consultant or other legal agent
whatever information is necessary for the agent to fulfill its duties.
In these situations, safeguards are provided in the contract
prohibiting the agent from using or disclosing the information for any
purpose other than that described in the contract and requiring the
agent to return or destroy all information.
7. To another Federal agency or to an instrumentality of any
governmental jurisdiction within or under the control of the United
States (including any State or local governmental agency), that
administers, or that has the authority to investigate potential fraud
or abuse in, a health benefits program funded in whole or in part by
Federal funds, when disclosure is deemed reasonably necessary by CMS to
prevent, deter, discover, detect, investigate, examine, prosecute, sue
with respect to, defend against, correct, remedy, or otherwise combat
fraud or abuse in such programs.
Other agencies may require CPTD information for the purpose of
combating fraud and abuse in such Federally-funded programs.
B. Additional Provisions Affecting Routine Use Disclosures
This system contains Protected Health Information (PHI) as defined
by HHS regulation ``Standards for Privacy of Individually Identifiable
Health Information'' (45 CFR Parts 160 and 164, 65 FR 82462 (12-28-00),
Subparts A and E). Disclosures of PHI authorized by these routine uses
may only be made if and as permitted or required by the ``Standards for
Privacy of Individually Identifiable Health Information.''
In addition, our policy will be to prohibit release even of not
directly identifiable information, except pursuant to one of the
routine uses or if required by law, if we determine there is a
possibility that an individual can be identified through implicit
deduction
[[Page 57605]]
based on small cell sizes (instances where the patient population is so
small that individuals who are familiar with the enrollees could,
because of the small size, use this information to deduce the identity
of the beneficiary).
IV. Safeguards
CMS has safeguards in place for authorized users and monitors such
users to ensure against excessive or unauthorized use. Personnel having
access to the system have been trained in the Privacy Act and
information security requirements. Employees who maintain records in
this system are instructed not to release data until the intended
recipient agrees to implement appropriate management, operational and
technical safeguards sufficient to protect the confidentiality,
integrity and availability of the information and information systems
and to prevent unauthorized access.
This system will conform to all applicable Federal laws and
regulations and Federal, HHS, and CMS policies and standards as they
relate to information security and data privacy. These laws and
regulations include but are not limited to: The Privacy Act of 1974;
the Federal Information Security Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the Health Insurance Portability and
Accountability Act of 1996; the E-Government Act of 2002, the Clinger-
Cohen Act of 1996; the Medicare Modernization Act of 2003, and the
corresponding implementing regulations. OMB Circular A-130, Management
of Federal Resources, Appendix III, Security of Federal Automated
Information Resources also applies. Federal, HHS, and CMS policies and
standards include but are not limited to: All pertinent National
Institute of Standards and Technology publications; the HHS Information
Systems Program Handbook and the CMS Information Security Handbook.
V. Effects of the Proposed System of Records on Individual Rights
CMS proposes to establish this system in accordance with the
principles and requirements of the Privacy Act and will collect, use,
and disseminate information only as prescribed therein. Data in this
system will be subject to the authorized releases in accordance with
the routine uses identified in this system of records.
CMS will take precautionary measures (see item IV above) to
minimize the risks of unauthorized access to the records and the
potential harm to individual privacy or other personal or property
rights of patients whose data are maintained in this system. CMS will
collect only that information necessary to perform the system's
functions. In addition, CMS will make disclosure from the proposed
system only with consent of the subject individual, or his/her legal
representative, or in accordance with an applicable exception provision
of the Privacy Act. CMS, therefore, does not anticipate an unfavorable
effect on individual privacy as a result of information relating to
individuals.
Dated: August 30, 2005.
John R. Dyer,
Chief Operating Officer, Centers for Medicare & Medicaid Services.
System No. 09-70-0560
SYSTEM NAME:
``Cancer Prevention and Treatment Demonstration for Ethnic and
Racial Minorities (CPTD),'' HHS/CMS/ORDI.
SECURITY CLASSIFICATION:
Level Three Privacy Act Sensitive Data.
SYSTEM LOCATION:
CMS Data Center, 7500 Security Boulevard, North Building, First
Floor, Baltimore, Maryland 21244-1850 and at various co-locations of
CMS agents.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
This system will collect and maintain individually identifiable
demographic and cancer health-related data collected on Medicare target
population beneficiaries who voluntarily enroll in the Cancer
Prevention and Treatment Demonstration (CPTD) for Ethnic and Racial
Minorities. The system will maintain information on two populations:
(1) Medicare beneficiaries belonging to a defined ethnic or racial
minority group who do not have a current diagnosis of cancer before
enrollment in the demonstration project; and (2) Medicare beneficiaries
belonging to a defined ethnic or racial minority who have been
diagnosed with cancer before enrollment in the demonstration project.
CATEGORIES OF RECORDS IN THE SYSTEM:
The collected information will contain name, address, telephone
number, health insurance claim (HIC) number, race/ethnicity, gender
type, and date of birth, as well as background information relating to
Medicare issues. It will also include cancer screening, diagnosis,
treatment, project enrollment and evaluation, survey and research
information needed to administer the demonstration project and develop
research reports on the demonstration findings.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The statutory authority for this system is given under the
provisions of Section 122 of the Medicare, Medicaid, and State
Children's Health Insurance Program (SCHIP) Benefits Improvement and
Protection Act of 2000 (BIPA) (Pub. L. 106-554).
PURPOSE(S) OF THE SYSTEM:
The purpose of this system is to collect and maintain demographic
and cancer health-related data on Medicare target population
beneficiaries who voluntarily enroll in the CPTD Project for Ethnic and
Racial Minorities. This system will enable CMS to enroll eligible
participants in the demonstration project; randomize participants into
intervention and control groups; reimburse demonstration site service
claims; and develop, maintain and analyze/evaluate research information
showing the potential impact of providing cancer screening, diagnosis
and treatment facilitation services to underserved Medicare
beneficiaries. Information retrieved from this system may be disclosed
to: (1) Support regulatory, reimbursement, and policy functions
performed within the agency or by a contractor, grantee, consultant or
other legal agent; (2) assist another Federal or state agency with
information to enable such agency to administer a Federal health
benefits program, or to enable such agency to fulfill a requirement of
Federal statute or regulation that implements a health benefits program
funded in whole or in part with Federal funds; (3) assist an individual
or organization engaged in the performance activities of the
demonstration or in a research project or in support of an evaluation
project related to the prevention of disease or disability, the
restoration or maintenance of health, or payment related projects; (4)
support constituent requests made to a congressional representative;
(5) support litigation involving the agency; and (6) combat fraud and
abuse in certain health benefits programs.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OR USERS AND THE PURPOSES OF SUCH USES:
A. The Privacy Act allows us to disclose information without an
individual's consent if the information is to be used for a purpose
that is compatible with the purpose(s) for which the information was
collected. Any such compatible use of data is
[[Page 57606]]
known as a ``routine use.'' We are proposing to establish the following
routine use disclosures of information maintained in the system.
Information will be disclosed to:
1. To agency contractors, grantees, consultants or other legal
agents who have been engaged by the agency to assist in the performance
of a service related to this system of records and who need to have
access to the records in order to perform the activity.
2. To another Federal or state agency to:
a. Contribute to the accuracy of CMS's proper payment of Medicare
benefits,
b. Enable such agency to administer a Federal health benefits
program, or as necessary to enable such agency to fulfill a requirement
of a Federal statute or regulation that implements a health benefits
program funded in whole or in part with Federal funds, and/or
c. Assist Federal/state Medicaid programs within the state.
3. To an individual or organization engaged in or assisting in the
enrollment, screening, diagnosis, treatment, evaluation, or research
efforts relative to beneficiary participation in the CPTD for Ethnic
and Racial Minorities (including summary analyses demonstrating the
impact of the demonstration project), and other activities reasonably
necessary to fulfill the provisions of the demonstration project and
ensure appropriate use of Medicare trust funds and program funds, as
well as to an individual or organization for a research project or in
support of an evaluation project related to the prevention of disease
or disability, the restoration or maintenance of health, or payment
related projects.
4. To a Member of Congress or to a congressional staff member in
response to an inquiry of the congressional office made at the written
request of the constituent about whom the record is maintained.
5. To the Department of Justice (DOJ), court or adjudicatory body
when:
a. The agency or any component thereof, or
b. Any employee of the agency in his or her official capacity, or
c. Any employee of the agency in his or her individual capacity
where the DOJ has agreed to represent the employee, or
d. The United States Government is a party to litigation or has an
interest in such litigation, and, by careful review, CMS determines
that the records are both relevant and necessary to the litigation and
that the use of such records by the DOJ, court or adjudicatory body is
compatible with the purpose for which the agency collected the records.
6. To a CMS contractor (including, but not necessarily limited to,
fiscal intermediaries and carriers) that assists in the administration
of a CMS-administered health benefits program, or to a grantee of a
CMS-administered grant program, when disclosure is deemed reasonably
necessary by CMS to prevent, deter, discover, detect, investigate,
examine, prosecute, sue with respect to, defend against, correct,
remedy, or otherwise combat fraud or abuse in such program.
7. To another Federal agency or to an instrumentality of any
governmental jurisdiction within or under the control of the United
States (including any State or local governmental agency), that
administers, or that has the authority to investigate potential fraud
or abuse in, a health benefits program funded in whole or in part by
Federal funds, when disclosure is deemed reasonably necessary by CMS to
prevent, deter, discover, detect, investigate, examine, prosecute, sue
with respect to, defend against, correct, remedy, or otherwise combat
fraud or abuse in such programs.
B. Additional Provisions Affecting Routine Use Disclosures:
This system contains Protected Health Information as defines by HHS
regulation ``Standards for Privacy of Individually Identifiable Health
Information'' (45 CFR Parts 160 and 164, 65 Federal Register 82462 (12-
28-00), Subparts A and E). Disclosures of Protected Health Information
authorized by these routine uses may only be made if and as permitted
or required by the ``Standards for Privacy of Individually Identifiable
Health Information.''
In addition, our policy will be to prohibit release even of not
directly identifiable information, except pursuant to one of the
routine uses or if required by law, if we determine there is a
possibility that an individual can be identified through implicit
deduction based on small cell sizes (instances where the complaint
population is so small that individuals who are familiar with the
complainants could, because of the small size, use this information to
deduce the identity of the complainant).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
All records are stored electronically. Some input may be generated
in hardcopy, such as eligibility, enrollment, initial cancer status and
followup assessment information before transcription to electronic
media. All claims-related records are encompassed by the document
preservation order and will be retained until notification is received
from the Department of Justice.
RETRIEVABILITY:
The collected data are retrieved by an individual identifier; e.g.,
beneficiary name or HIC number.
SAFEGUARDS:
CMS has safeguards in place for authorized users and monitors such
users to ensure against excessive or unauthorized use. Personnel having
access to the system have been trained in the Privacy Act and
information security requirements. Employees who maintain records in
this system are instructed not to release data until the intended
recipient agrees to implement appropriate management, operational and
technical safeguards sufficient to protect the confidentiality,
integrity and availability of the information and information systems
and to prevent unauthorized access.
This system will conform to all applicable Federal laws and
regulations and Federal, HHS, and CMS policies and standards as they
relate to information security and data privacy. These laws and
regulations include but are not limited to: The Privacy Act of 1974;
the Federal Information Security Management Act of 2002; the Computer
Fraud and Abuse Act of 1986; the Health Insurance Portability and
Accountability Act of 1996; the E-Government Act of 2002, the Clinger-
Cohen Act of 1996; the Medicare Modernization Act of 2003, and the
corresponding implementing regulations. OMB Circular A-130, Management
of Federal Resources, Appendix III, Security of Federal Automated
Information Resources also applies. Federal, HHS, and CMS policies and
standards include but are not limited to: All pertinent National
Institute of Standards and Technology publications; the HHS Information
Systems Program Handbook and the CMS Information Security Handbook.
RETENTION AND DISPOSAL:
CMS will retain information for a total period not to exceed 25
years. Data residing with the designated demonstration project site
agent shall be returned to CMS at the end of the demonstration period,
with all data then being the responsibility of CMS for adequate storage
and security.
SYSTEM MANAGER AND ADDRESS:
Director, Office of Research Development and Information, CMS, Room
C3-20-11, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.
[[Page 57607]]
NOTIFICATION PROCEDURE:
For the purpose of access, the subject individual should write to
the system manager who will require the system name, address, age,
gender type, and, for verification purposes, the subject individual's
name (woman's maiden name, if applicable).
RECORD ACCESS PROCEDURE:
For purpose of access, use the same procedures outlined in
Notification Procedures above. Requestors should also reasonably
specify the record contents being sought. (These procedures are in
accordance with Department regulation 45 CFR 5b.5(a)(2)).
CONTESTING RECORD PROCEDURES:
The subject individual should contact the system manager named
above, and reasonably identify the record and specify the information
to be contested. State the corrective action sought and the reasons for
the correction with supporting justification. (These procedures are in
accordance with Department regulation 45 CFR 5b.7).
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
[FR Doc. 05-19676 Filed 9-30-05; 8:45 am]
BILLING CODE 4120-03-P
