Privacy Act of 1974; System of Records-Migrant Student Information Exchange, 68572-68576 [E7-23541]
Download as PDF
<![CDATA[
68572
Federal Register / Vol. 72, No. 233 / Wednesday, December 5, 2007 / Notices
based on emissions scenarios developed
through the CCTP.’’ is posted on the
CCSP Web site at:
www.climatescience.gov/Library/sap/
sap3–2/public-review-draft/default.htm
Detailed instructions for making
comments on this draft report are
provided on the link above. Comments
must be prepared in accordance to these
instructions and must be submitted to:
3.2–climateprojections@usgcrp.gov
FOR FURTHER INFORMATION CONTACT: Dr.
Fabien Laurier, Climate Change Science
Program Office, 1717 Pennsylvania
Avenue NW, Suite 250, Washington, DC
20006, Telephone: (202) 419–3481.
SUPPLEMENTARY INFORMATION: The CCSP
was established by the President in 2002
to coordinate and integrate scientific
research on global change and climate
change sponsored by 13 participating
departments and agencies of the U.S.
Government. The CCSP is charged with
preparing information resources that
promote climate-related discussions and
decisions, including scientific synthesis
and assessment analyses that support
evaluation of important policy issues.
Dated: November 27, 2007.
William J. Brennan,
Deputy Assistant Secretary of Commerce for
International Affairs, and Acting Director,
Climate Change Science Program.
[FR Doc. E7–23595 Filed 12–4–07; 8:45 am]
BILLING CODE 3510–12–S
Notice of Proposed Information
Collection Requests
mstockstill on PROD1PC66 with NOTICES
AGENCY: Department of Education.
SUMMARY: The IC Clearance Official,
Regulatory Information Management
Services, Office of Management, invites
comments on the proposed information
collection requests as required by the
Paperwork Reduction Act of 1995.
DATES: Interested persons are invited to
submit comments on or before February
4, 2008.
SUPPLEMENTARY INFORMATION: Section
3506 of the Paperwork Reduction Act of
1995 (44 U.S.C. Chapter 35) requires
that the Office of Management and
Budget (OMB) provide interested
Federal agencies and the public an early
opportunity to comment on information
collection requests. OMB may amend or
waive the requirement for public
consultation to the extent that public
participation in the approval process
would defeat the purpose of the
information collection, violate State or
Federal law, or substantially interfere
with any agency’s ability to perform its
statutory obligations. The IC Clearance
19:05 Dec 04, 2007
Jkt 214001
Dated: November 29, 2007.
Angela C. Arrington,
IC Clearance Official, Regulatory Information
Management Services, Office of Management.
Office of Special Education and
Rehabilitative Services
DEPARTMENT OF EDUCATION
VerDate Aug<31>2005
Official, Regulatory Information
Management Services, Office of
Management, publishes that notice
containing proposed information
collection requests prior to submission
of these requests to OMB. Each
proposed information collection,
grouped by office, contains the
following: (1) Type of review requested,
e.g. new, revision, extension, existing or
reinstatement; (2) Title; (3) Summary of
the collection; (4) Description of the
need for, and proposed use of, the
information; (5) Respondents and
frequency of collection; and (6)
Reporting and/or Recordkeeping
burden. OMB invites public comment.
The Department of Education is
especially interested in public comment
addressing the following issues: (1) Is
this collection necessary to the proper
functions of the Department; (2) will
this information be processed and used
in a timely manner; (3) is the estimate
of burden accurate; (4) how might the
Department enhance the quality, utility,
and clarity of the information to be
collected; and (5) how might the
Department minimize the burden of this
collection on the respondents, including
through the use of information
technology.
Type of Review: Extension.
Title: Protection and Advocacy for
Assistive Technology (PAAT).
Frequency: Annually.
Affected Public:
Not-for-profit institutions; State,
Local, or Tribal Gov’t, SEAs or LEAs.
Reporting and Recordkeeping Hour
Burden:
Responses: 57. Burden Hours: 912.
Abstract: The Annual PAAT Program
Performance Report will be used to
analyze and evaluate the PAAT Program
administered by eligible systems in
states. These systems provide services to
eligible individuals with disabilities to
assist in the acquisition, utilization, or
maintenance of assistive technology
devices or assistive technology services.
The Rehabilitation Services
Administration (RSA) uses the form to
meet specific data collection
requirements of Section 5 of the
Assistive Technology Act of 1998, as
amended (AT Act). PAAT programs
must report annually using the form,
which is due on or before December 30
of each year. The Annual PAAT
Performance Report has enabled RSA to
PO 00000
Frm 00020
Fmt 4703
Sfmt 4703
furnish the President and Congress with
data on the provision of protection and
advocacy services and has helped to
establish a sound basis for future
funding requests. Data from the form
have been used to evaluate the
effectiveness of eligible systems within
individual states in meeting annual
priorities and objectives. These data also
have been used to indicate trends in the
provision of services from year to year.
Requests for copies of the proposed
information collection request may be
accessed from https://edicsweb.ed.gov,
by selecting the ‘‘Browse Pending
Collections’’ link and by clicking on
link number 3535. When you access the
information collection, click on
‘‘Download Attachments’’ to view.
Written requests for information should
be addressed to U.S. Department of
Education, 400 Maryland Avenue, SW.,
Potomac Center, 9th Floor, Washington,
DC 20202–4700. Requests may also be
electronically mailed to
ICDocketMgr@ed.gov or faxed to 202–
245–6623. Please specify the complete
title of the information collection when
making your request.
Comments regarding burden and/or
the collection activity requirements
should be electronically mailed to
ICDocketMgr@ed.gov. Individuals who
use a telecommunications device for the
deaf (TDD) may call the Federal
Information Relay Service (FIRS) at 1–
800–877–8339.
[FR Doc. E7–23563 Filed 12–4–07; 8:45 am]
BILLING CODE 4000–01–P
DEPARTMENT OF EDUCATION
Privacy Act of 1974; System of
Records—Migrant Student Information
Exchange
Office of Elementary and
Secondary Education, Department of
Education.
ACTION: Notice of a new system of
records.
AGENCY:
SUMMARY: In accordance with the
Privacy Act of 1974, as amended
(Privacy Act), the Department of
Education (Department) publishes this
notice of a new system of records
entitled ‘‘Migrant Student Information
Exchange’’ (MSIX) (18–14–04).
MSIX will contain information on
migrant students who participate in the
Migrant Education Program (MEP)
authorized under Title I, Part C of the
Elementary and Secondary Education
Act of 1965 (ESEA), as amended by the
No Child Left Behind Act of 2001 (Pub.
L. 107–110). Section 1308(b)(2) of ESEA
(20 U.S.C. 6398(b)(2)) specifically
E:\FR\FM\05DEN1.SGM
05DEN1
Federal Register / Vol. 72, No. 233 / Wednesday, December 5, 2007 / Notices
authorizes the implementation of MSIX
and its associated minimum data
elements (MDEs). This statutory
provision requires the Secretary to
ensure the linkage of migrant student
record systems for the purpose of
electronically exchanging, among the
States, health and educational
information regarding all migratory
students.
The Department seeks comment
on the new system of records described
in this notice, in accordance with the
requirements of the Privacy Act. We
must receive your comments on the
proposed routine uses for the system of
records described in this notice on or
before January 4, 2008.
The Department filed a report
describing the new system of records
covered by this notice with the Chair of
the Senate Committee on Homeland
Security and Governmental Affairs, the
Chair of the House Committee on
Oversight and Government Reform, and
the Administrator of the Office of
Information and Regulatory Affairs,
Office of Management and Budget
(OMB) on November 30, 2007. This
system of records will become effective
at the later date of—(1) the expiration of
the 40-day period for OMB review on
January 9, 2008 or (2) January 4, 2008,
unless the system of records needs to be
changed as a result of public comment
or OMB review.
ADDRESSES: Address all comments about
the proposed routine uses to Jennifer
Dozier, Office of Elementary and
Secondary Education, U.S. Department
of Education, 400 Maryland Avenue,
SW., room 3E327, Washington, DC
20202. Telephone: (202) 205–4421. If
you prefer to send comments through
the Internet, use the following address:
comments@ed.gov.
You must include the term ‘‘Migrant
Student Information Exchange’’ in the
subject line of the electronic message.
During and after the comment period,
you may inspect comments about this
notice in room 2W224, 400 Maryland
Avenue, SW., Washington, DC, between
the hours of 8 a.m. and 4:30 p.m.,
Eastern time, Monday through Friday of
each week except Federal holidays.
mstockstill on PROD1PC66 with NOTICES
DATES:
Assistance to Individuals With
Disabilities in Reviewing the
Rulemaking Record
On request, we will supply an
appropriate aid, such as a reader or
print magnifier, to an individual with a
disability who needs assistance to
review the comments or other
documents in the public rulemaking
record for this notice. If you want to
schedule an appointment for this type of
VerDate Aug<31>2005
19:05 Dec 04, 2007
Jkt 214001
aid, please contact the person listed
under FOR FURTHER INFORMATION
CONTACT.
FOR FURTHER INFORMATION CONTACT:
Jennifer Dozier. Telephone: (202) 205–
4421. If you use a telecommunications
device for the deaf (TDD), call the
Federal Relay Service (FRS) at 1–800–
877–8339.
Individuals with disabilities can
obtain this document in an alternative
format (e.g., Braille, large print,
audiotape, or computer diskette) on
request to the contact person listed
under this section.
SUPPLEMENTARY INFORMATION:
Introduction
MSIX will provide the technology that
will allow all States, in accordance with
applicable law, to share educational and
health information on migrant children
who travel from State to State due to
their migratory lifestyle and who, as a
result, have student records in the
migrant student databases of multiple
States. Authorized representatives of
State and local agencies will use MSIX
to assist with school enrollment, grade
placement, and accrual of course credits
for migrant children nationwide. In
doing so, MSIX will work in concert
with the existing migrant student
information systems that States
currently use to manage their migrant
student data. Authorized representatives
of State educational agencies (SEAs),
local educational agencies (LEAs), and
other MEP local operating agencies will
use MSIX to retrieve educational and
health information on migrant students
who move from State to State due to
their migrant lifestyle.
The Privacy Act (5 U.S.C. 552a(e)(4))
requires the Department to publish in
the Federal Register this notice of a new
system of records maintained by the
Department. The Department’s
regulations implementing the Privacy
Act are contained in the Code of Federal
Regulations (CFR) in 34 CFR part 5b.
The Privacy Act applies to
information about individuals that
contains individually identifying
information that is retrieved by a unique
identifier associated with each
individual, such as a name or social
security number. The information about
each individual is called a ‘‘record,’’
and the system, whether manual or
computer-based, is called a ‘‘system of
records.’’ The Privacy Act requires each
agency to publish notices of new or
altered systems of records in the Federal
Register and to submit reports to the
Administrator of the Office of
Information and Regulatory Affairs,
OMB, the Chair of the Senate Committee
PO 00000
Frm 00021
Fmt 4703
Sfmt 4703
68573
on Homeland Security and
Governmental Affairs, and the Chair of
the House Committee on Oversight and
Government Reform, whenever the
agency publishes a new or altered
system of records.
Electronic Access to This Document
You may view this document, as well
as all other documents of this
Department published in the Federal
Register, in text or Adobe Portable
Document Format (PDF) on the Internet
at the following site: www.ed.gov/news/
fedregister.
To use PDF you must have Adobe
Acrobat Reader, which is available free
at this site. If you have questions about
using PDF, call the U.S. Government
Printing Office (GPO), toll free, at 1–
888–293–6498, or in the Washington,
DC, area at (202) 512–1530.
Note: The official version of this document
is the document published in the Federal
Register. Free Internet access to the official
edition of the Federal Register and the CFR
is available on GPO Access at:
www.gpoaccess.gov/nara/.
Dated: November 30, 2007.
Kerri L. Briggs,
Assistant Secretary for Elementary and
Secondary Education.
For the reasons discussed in the
preamble, the Assistant Secretary for
Elementary and Secondary Education
publishes a notice of a new system of
records to read as follows:
18–14–04
SYSTEM NAME:
Migrant Student Information
Exchange (MSIX).
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
(1) U.S. Department of Education,
Office of Elementary and Secondary
Education, Office of Migrant Education,
400 Maryland Avenue, SW., room
3E344, Washington, DC 20202–4614.
(2a) Deloitte LLC, 4301 North Fairfax
Drive, Suite 210, Arlington, VA 22203–
1633 (software development and
programming).
(2b) Deloitte LLC, 110 West 7th Street,
Suite 1100, Tulsa, OK 74119–1107 (help
desk for MSIX).
(3a) EDS Data Center, 6031 South Rio
Grande Avenue, Orlando, FL 32809–
4613 (MSIX Production Servers).
(3b) EDS, 12000 Research Parkway,
Orlando, FL 32826–2943 (back-up
tapes).
(4) Navasite Data Center, 8619
Westwood Center Drive, Vienna, VA
22182–2220 (disaster recovery site).
E:\FR\FM\05DEN1.SGM
05DEN1
68574
Federal Register / Vol. 72, No. 233 / Wednesday, December 5, 2007 / Notices
(5) Access to MSIX is available
through the Internet from other
locations.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
This system contains records on all
children whom States have determined
to be eligible to participate in the MEP,
authorized in Title I, Part C of the
Elementary and Secondary Education
Act of 1965 (ESEA), as amended by the
No Child Left Behind Act of 2001 (Pub.
L. 107–110).
CATEGORIES OF RECORDS IN THE SYSTEM:
The categories of records in the
system include the migrant child’s:
Name, date of birth, personal
identification numbers assigned by the
States and the Department, parent’s or
parents’ name or names, school
enrollment data, school contact data,
assessment data, and other educational
and health data necessary for accurate
and timely school enrollment, grade and
course placement, and accrual of course
credits. The final request for public
comment on the minimum data
elements (MDEs) to be included in
MSIX was published, pursuant to the
Paperwork Reduction Act of 1995
clearance process, in the Federal
Register on August 3, 2007 (72 FR
43253–34). More information on the 66
MDEs is available in the Department’s
Information Collection Notice at: http:
//edicsweb.ed.gov/browse/
downldatt.cfm?pkg_serial_num=2841.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
MSIX is authorized under section
1308(b)(2) of the ESEA, as amended by
the No Child Left Behind Act of 2001
(20 U.S.C. Section 6398(b)(2)).
mstockstill on PROD1PC66 with NOTICES
PURPOSE(S):
The purpose of MSIX is to enhance
the continuity of educational and health
services for migrant children by
providing a mechanism for all States to
exchange educational and health related
information on migrant children who
move from State to State due to their
migratory lifestyle. It is anticipated that
the existence and use of MSIX will help
to improve the timeliness of school
enrollments, improve the
appropriateness of grade and course
placements, and reduce incidences of
unnecessary immunizations of migrant
children. Further, MSIX will facilitate
the accrual of course credits for migrant
children in secondary school by
providing accurate academic
information on the student’s course
history and academic progress.
VerDate Aug<31>2005
19:05 Dec 04, 2007
Jkt 214001
The Department of Education
(Department) may disclose information
contained in a record in this system of
records, under the routine uses listed in
this system of records, without the
consent of the individual if the
disclosure is compatible with the
purposes for which the record was
collected. The Department may make
these disclosures on a case-by-case basis
or, if the Department has complied with
the computer matching requirements of
the Privacy Act, as amended, under a
computer matching agreement.
(1) MEP Services, School Enrollment,
Grade or Course Placement, Accrual of
High School Credits, Student Record
Match Resolution. The Department may
disclose a record in this system of
records to authorized representatives of
State education agencies (SEAs), local
education agencies (LEAs), and other
MEP local operating agencies (LOAs) to
facilitate one or more of the following
for a student: (a) Participation in the
MEP, (b) enrollment in school, (c) grade
or course placement, (d) credit accrual,
and (e) unique student match
resolution.
(2) Contract Disclosure. If the
Department contracts with an entity for
the purposes of performing any function
that requires disclosure of records in
this system to employees of the
contractor, the Department may disclose
the records to those employees who
have received the appropriate level
security clearance from the Department.
Before entering into such a contract, the
Department will require the contractor
to maintain Privacy Act safeguards, as
required under 5 U.S.C. 552a(m), with
respect to the records in the system.
(3) Research Disclosure. The
Department may disclose records from
this system to a researcher if an
appropriate official of the Department
determines that the individual or
organization to which the disclosure
would be made is qualified to carry out
specific research related to functions or
purposes of this system of records. The
official may disclose information from
this system of records to that researcher
solely for the purpose of carrying out
that research related to the functions or
purposes of this system of records. The
researcher will be required to maintain
Privacy Act safeguards with respect to
the disclosed records.
(4) Freedom of Information Act
(FOIA) and Privacy Act Advice
Disclosure. The Department may
disclose records to the U.S. Department
of Justice (DOJ) or OMB if the
Department concludes that disclosure is
PO 00000
Frm 00022
Fmt 4703
Sfmt 4703
desirable or necessary to determine
whether particular records are required
to be disclosed under FOIA or the
Privacy Act.
(5) Disclosure in the Course of
Responding to Breach of Data. The
Department may disclose records to
appropriate agencies, entities, and
persons when (a) it is suspected or
confirmed that the security or
confidentiality of information in MSIX
has been compromised; (b) the
Department has determined that as a
result of the suspected or confirmed
compromise, there is a risk of harm to
economic or property interests, identity
theft or fraud, or harm to the security or
integrity of MSIX or other systems or
programs (whether maintained by the
Department or by another agency or
entity) that rely upon the compromised
information; and, (c) the disclosure is
made to such agencies, entities, and
persons who are reasonably necessary to
assist the Department in responding to
the suspected or confirmed compromise
and in helping the Department prevent,
minimize, or remedy such harm.
(6) Litigation or Alternative Dispute
Resolution (ADR) Disclosure.
(a) Introduction. In the event that one
of the following parties is involved in
litigation or ADR, or has an interest in
litigation or ADR, the Department may
disclose certain records to the parties
described in paragraphs b, c, and d of
this routine use under the conditions
specified in those paragraphs:
(i) The Department or any of its
components.
(ii) Any Department employee in his
or her official capacity.
(iii) Any employee of the Department
in his or her individual capacity where
DOJ has agreed to or has been requested
to provide or arrange for representation
of the employee.
(iv) Any employee of the Department
in his or her individual capacity where
the Department has agreed to represent
the employee.
(v) The United States where the
Department determines that the
litigation is likely to affect the
Department or any of its components.
(b) Disclosure to DOJ. If the
Department determines that disclosure
of certain records to DOJ, or attorneys
engaged by DOJ, is relevant and
necessary to litigation or ADR, and is
compatible with the purpose for which
the records were collected, the
Department may disclose those records
as a routine use to DOJ.
(c) Adjudicative Disclosure. If the
Department determines that disclosure
of certain records to an adjudicative
body before which the Department is
authorized to appear, individual, or
E:\FR\FM\05DEN1.SGM
05DEN1
Federal Register / Vol. 72, No. 233 / Wednesday, December 5, 2007 / Notices
entity designated by the Department or
otherwise empowered to resolve or
mediate disputes is relevant and
necessary to litigation or ADR, and is
compatible with the purpose for which
the records were collected, the
Department may disclose those records
as a routine use to the adjudicative
body, individual, or entity.
(d) Disclosure to Parties, Counsel,
Representatives, and Witnesses. If the
Department determines that disclosure
of certain records to a party, counsel,
representative, or witness is relevant
and necessary to litigation or ADR, and
is compatible with the purpose for
which the records were collected, the
Department may disclose those records
as a routine use to a party, counsel,
representative, or witness.
(7) Congressional Member Disclosure.
The Department may disclose
information from a record of an
individual to a member of Congress and
his or her staff in response to an inquiry
from the member made at the written
request of that individual. The
member’s right to the information is no
greater than the right of the individual
who requested it.
DISCLOSURE TO CONSUMER REPORTING
AGENCIES:
Not applicable to this system notice.
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
The Data Center of the Department’s
contractor, EDS, stores computerized
student records on server hardware and
MSIX backup tapes, including MSIX
Help Desk tapes, in locked file cabinets.
RETRIEVABILITY:
Records in this system are indexed by
a unique number, assigned to each
individual, that is cross-referenced by
the individual’s name.
mstockstill on PROD1PC66 with NOTICES
SAFEGUARDS:
(1) Introduction
Security personnel control and
monitor all physical access to the site of
the Department’s contractor and
subcontractors, where this system of
records is maintained. The computer
system employed by the Department
offers a high degree of resistance to
tampering and circumvention. This
computer system limits data access to
Department and contract staff on a
‘‘need to know’’ basis, and controls
individual users’ ability to access and
alter records within the system by
granting user names and passwords, and
assigning user roles to individuals that
restrict access based on user category
VerDate Aug<31>2005
19:05 Dec 04, 2007
Jkt 214001
(e.g., district administrator, counselor,
state administrator).
The contractor has established a set of
procedures to ensure confidentiality of
data, and will maintain the security of
the complete set of all master data files
and documentation. The contractor and
subcontractor employees who collect,
maintain, use, or disseminate data in
this system, must comply with the
requirements of the Privacy Act.
(2) Physical Security of Electronic
Data
Physical security of electronic data
will be maintained. The MSIX
infrastructure is housed in a secured
data center, access to which is
controlled by multiple access controls.
These access controls include a
combination of personal photo
identification/card scans, biometric
hand scanning, and personal access
codes. These access controls also
include man-traps and physical
barricades that limit access to the data
center floor and machine rooms.
Further, all entrances, exits, and key
points throughout the facility are
monitored in real-time via closed circuit
television (CCTV) 24 hours per day. All
CCTV is recorded and stored on tape for
audit purposes. These access control
mechanisms are centrally managed by
resources within the data center, which
is staffed 24 hours per day.
Security personnel are required to
inspect picture identification and have
visitors sign in before granting access to
the facility. Visitors are pre-authorized
and registered in a database at least 24
hours prior to their arrival, and are
required to provide picture
identification that matches the name
given previously to the data center. All
personnel are required to display an
identification badge or an authorized
visitor badge at all times while on the
premises; and all packages brought into
the data center are subject to inspection.
Backup tapes are employed, and
numerous mechanisms protect the
physical security of these backup tapes.
First, in the event of a disaster recovery
situation, MSIX backup tapes will be
transferred in locking containers.
Contractor and subcontractor employees
holding Department of Defense (DoD)
Secret or Interim Secret clearances will
ship the tapes from the EDS Data Center
to the Navasite Data Center, the disaster
recovery site. Thus, the MSIX system
can be restored in the event of a disaster
at the Navasite Data Center. Second, the
backup tapes are stored in a tape library
within the EDS Data Center and are only
available to authorized personnel.
Access to the backup tapes is limited
through the use of biometric access
PO 00000
Frm 00023
Fmt 4703
Sfmt 4703
68575
control mechanisms. Third, the backup
tapes are stored in fireproof safes.
(c) User Access to Electronic Data
MSIX incorporates a series of security
controls mandated by the Federal
Information Security Management Act
of 2002 (FISMA) and the Department.
MSIX leverages role-based accounts and
security controls to limit access to the
application, its servers, and its
infrastructure to authorized users. All
MSIX users must follow a registration
process that involves identity validation
and verification prior to gaining access
to MSIX. Once validated and approved,
MSIX User Administrators will grant
access to authorized users by creating
their MSIX accounts and assigning the
appropriate MSIX roles. MSIX requires
users to use strong passwords,
comprised of alphanumeric and special
characters, and uses Oracle’s Internet
Directory (OID) application to manage
its user accounts. OID stores the name
of each MSIX user, each MSIX user’s
associated roles and access privileges,
and each MSIX user’s passwords using
an encrypted format. The MSIX
application is only available to
authorized users via a Uniform Resource
Locator (URL) that runs under the
Hypertext Transfer Protocol over Secure
Socket Layer (HTTPS). No user may
alter records in this system of records
except to identify and assign a student
a unique student identifier through the
record matching process. Further, MSIX
limits data submissions from State
systems to specific Internet Protocol
addresses and requires the use of Secure
File Transfer Protocol.
(d) Additional Security Measures
The MSIX infrastructure also
leverages a series of firewalls to limit
internal access to specific protocols and
ports, as well as intrusion detection
systems to help identify unauthorized
access to MSIX. MSIX logs and tracks
login attempts, data modifications, and
other key application and system
events. The MSIX operations and
maintenance team monitors these logs
on a regular basis. Further, the MSIX
operations and maintenance team
performs vulnerability scans on a
routine basis, monitors the U.S.
Computer Emergency Response Team
(CERT) bulletins (see https://www.uscert.gov/ for more details), and applies
routine operating system and vendor
patches as appropriate.
RETENTION AND DISPOSAL:
Records are maintained and disposed
of in accordance with the Department’s
Records Disposition Schedules as listed
under ED 231—Public and Restricted
Use Data Files—Studies.
E:\FR\FM\05DEN1.SGM
05DEN1
68576
Federal Register / Vol. 72, No. 233 / Wednesday, December 5, 2007 / Notices
SYSTEM MANAGER AND ADDRESS:
Director, Office of Migrant Education,
U.S. Department of Education, 400
Maryland Avenue, SW., room 3E317,
Washington, DC 20202–0001.
NOTIFICATION PROCEDURE:
If you wish to determine whether a
record exists regarding you in the
system of records, contact the system
manager at the address listed under,
SYSTEM MANAGER AND ADDRESS. Your
request must meet the requirements of
regulations in 34 CFR 5b.5, including
proof of identity.
RECORD ACCESS PROCEDURE:
If you wish to gain access to your
record in the system of records, contact
the system manager at the address listed
under SYSTEM MANAGER AND ADDRESS.
Your request must meet the
requirements of regulations in 34 CFR
5b.5, including proof of identity.
CONTESTING RECORD PROCEDURE:
If you wish to contest the content of
a record regarding you in the system of
records, contact the system manager at
the address listed under, SYSTEM
MANAGER AND ADDRESS. Your request
must meet the requirements of
regulations in 34 CFR 5b.7, including
proof of identity.
RECORD SOURCE CATEGORIES:
The system will contain records that
are obtained from SEAs and LEAs.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
None.
[FR Doc. E7–23541 Filed 12–4–07; 8:45 am]
BILLING CODE 4000–01–P
DEPARTMENT OF ENERGY
Federal Energy Regulatory
Commission
Combined Notice of Filings # 1
mstockstill on PROD1PC66 with NOTICES
November 19, 2007.
Take notice that the Commission
received the following electric rate
filings:
Docket Numbers: ER02–1656–034;
EL01–68–031.
Applicants: California Independent
System Operator Corporation.
Description: Sempra Energy Trading
LLC submits a report to state that it does
not seek any payment in excess of the
negative $30/MWh Cap.
Filed Date: 11/07/2007.
Accession Number: 20071114–0090.
Comment Date: 5 p.m. Eastern Time
on Wednesday, November 28, 2007.
Docket Numbers: ER03–428–005.
VerDate Aug<31>2005
19:05 Dec 04, 2007
Jkt 214001
Applicants: ConocoPhillips Company.
Description: ConocoPhillips Company
submits Substitute Third Revised Sheet
1 to its revised FERC Electric Tariff 1,
to become effective 9/18/07.
Filed Date: 11/13/2007.
Accession Number: 20071114–0205.
Comment Date: 5 p.m. Eastern Time
on Monday, November 26, 2007.
Docket Numbers: ER04–708–004.
Applicants: Horsehead Corp.
Description: Notice of non-material
change in status re Horsehead Corp.
Filed Date: 11/09/2007.
Accession Number: 20071114–0077.
Comment Date: 5 p.m. Eastern Time
on Friday, November 30, 2007.
Docket Numbers: ER06–758–002;
ER06–635–001; ER02–237–009; ER95–
1007–020; ER01–2741–005; ER07–34–
002; ER03–1151–005; ER00–2235–002;
ER99–3320–005; ER06–759–001; ER03–
922–006; ER06–634–001.
Applicants: Chambers Cogeneration
LP; Edgecombe Genco, LLC; J. Aron &
Company; Logan Generating Company,
LP; Plains End, LLC; Plains End II, LLC;
Power Receivable Finance, LLC;
Ouachita Power, LLC; Rathdrum Power,
LLC; Selkirk Cogen Partners, L.P.;
Southaven Power, LLC; Spruance
Genco, LLC.
Description: Chambers Cogeneration,
Limited Partnership et al. submit a
notice of non-material change in status
in compliance with FERC’s Order 652.
Filed Date: 11/09/2007.
Accession Number: 20071114–0078.
Comment Date: 5 p.m. Eastern Time
on Friday, November 30, 2007.
Docket Numbers: ER07–970–002.
Applicants: Midwest Independent
Transmission System Operator, Inc.
Description: Midwest Independent
Transmission System Operator, Inc.
submits a compliance filing of a Large
Generator Interconnection Agreement.
Filed Date: 11/13/2007.
Accession Number: 20071115–0057.
Comment Date: 5 p.m. Eastern Time
on Tuesday, December 4, 2007.
Docket Numbers: ER07–1203–001.
Applicants: Duke Energy Carolinas,
LLC.
Description: Duke Energy Carolinas,
LLC submits additional information to
support their filing and request to waive
the Commission’s regulations in order to
make the filing effective 1/1/08.
Filed Date: 11/08/2007.
Accession Number: 20071113–0006.
Comment Date: 5 p.m. Eastern Time
on Thursday, November 29, 2007.
Docket Numbers: ER07–1250–002.
Applicants: PowerGrid Systems, Inc.
Description: PowerGrid Systems, Inc.
submits a Substitute Original Sheet 1
and Original Sheet 2 to its FERC Electric
Tariff, Original Volume 1.
PO 00000
Frm 00024
Fmt 4703
Sfmt 4703
Filed Date: 11/15/2007.
Accession Number: 20071119–0019.
Comment Date: 5 p.m. Eastern Time
on Thursday, December 6, 2007.
Docket Numbers: ER07–1268–002.
Applicants: PacifiCorp.
Description: Compliance Filing of
PacifiCorp.
Filed Date: 11/15/2007.
Accession Number: 20071115–5002.
Comment Date: 5 p.m. Eastern Time
on Thursday, December 6, 2007.
Docket Numbers: ER07–1367–001.
Applicants: American Electric Power
Service Corporation.
Description: AEP Operating
Companies submits their Third Revised
Interconnection and Local Delivery
Service Agreement with Elk Power Co.
Filed Date: 11/15/2007.
Accession Number: 20071119–0015.
Comment Date: 5 p.m. Eastern Time
on Thursday, December 6, 2007.
Docket Numbers: ER07–1402–001.
Applicants: Allegheny Generating
Company.
Description: Supplemental
Submission of Allegheny Generating
Company.
Filed Date: 10/26/2007.
Accession Number: 20071026–5037.
Comment Date: 5 p.m. Eastern Time
on Thursday, November 29, 2007.
Docket Numbers: ER08–193–000.
Applicants: Pacific Gas and Electric
Company.
Description: Pacific Gas and Electric
Co. submits the Midway
Interconnection Agreement with
Southern California Edison Co.
Filed Date: 11/07/2007.
Accession Number: 20071116–0320.
Comment Date: 5 p.m. Eastern Time
on Wednesday, November 28, 2007.
Docket Numbers: ER08–205–000.
Applicants: PJM Interconnection,
L.L.C.
Description: PJM Interconnection LLC
submits its revisions to Schedule 2 of
the PJM Open Access Transmission
Tariff.
Filed Date: 11/13/2007.
Accession Number: 20071114–0076.
Comment Date: 5 p.m. Eastern Time
on Tuesday, December 4, 2007.
Docket Numbers: ER08–213–000.
Applicants: Round Rock Energy, LP.
Description: Round Rock Energy, LP
requests that FERC accept its FERC
Electric Tariff, Original Volume 1 etc.
Filed Date: 11/14/2007.
Accession Number: 20071116–0042.
Comment Date: 5 p.m. Eastern Time
on Wednesday, December 5, 2007.
Docket Numbers: ER08–214–000.
Applicants: Deephaven RV Sub Fund
Ltd.
E:\FR\FM\05DEN1.SGM
05DEN1
]]>Agencies
[Federal Register Volume 72, Number 233 (Wednesday, December 5, 2007)]
[Notices]
[Pages 68572-68576]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E7-23541]
-----------------------------------------------------------------------
DEPARTMENT OF EDUCATION
Privacy Act of 1974; System of Records--Migrant Student
Information Exchange
AGENCY: Office of Elementary and Secondary Education, Department of
Education.
ACTION: Notice of a new system of records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act of 1974, as amended
(Privacy Act), the Department of Education (Department) publishes this
notice of a new system of records entitled ``Migrant Student
Information Exchange'' (MSIX) (18-14-04).
MSIX will contain information on migrant students who participate
in the Migrant Education Program (MEP) authorized under Title I, Part C
of the Elementary and Secondary Education Act of 1965 (ESEA), as
amended by the No Child Left Behind Act of 2001 (Pub. L. 107-110).
Section 1308(b)(2) of ESEA (20 U.S.C. 6398(b)(2)) specifically
[[Page 68573]]
authorizes the implementation of MSIX and its associated minimum data
elements (MDEs). This statutory provision requires the Secretary to
ensure the linkage of migrant student record systems for the purpose of
electronically exchanging, among the States, health and educational
information regarding all migratory students.
DATES: The Department seeks comment on the new system of records
described in this notice, in accordance with the requirements of the
Privacy Act. We must receive your comments on the proposed routine uses
for the system of records described in this notice on or before January
4, 2008.
The Department filed a report describing the new system of records
covered by this notice with the Chair of the Senate Committee on
Homeland Security and Governmental Affairs, the Chair of the House
Committee on Oversight and Government Reform, and the Administrator of
the Office of Information and Regulatory Affairs, Office of Management
and Budget (OMB) on November 30, 2007. This system of records will
become effective at the later date of--(1) the expiration of the 40-day
period for OMB review on January 9, 2008 or (2) January 4, 2008, unless
the system of records needs to be changed as a result of public comment
or OMB review.
ADDRESSES: Address all comments about the proposed routine uses to
Jennifer Dozier, Office of Elementary and Secondary Education, U.S.
Department of Education, 400 Maryland Avenue, SW., room 3E327,
Washington, DC 20202. Telephone: (202) 205-4421. If you prefer to send
comments through the Internet, use the following address:
comments@ed.gov.
You must include the term ``Migrant Student Information Exchange''
in the subject line of the electronic message.
During and after the comment period, you may inspect comments about
this notice in room 2W224, 400 Maryland Avenue, SW., Washington, DC,
between the hours of 8 a.m. and 4:30 p.m., Eastern time, Monday through
Friday of each week except Federal holidays.
Assistance to Individuals With Disabilities in Reviewing the Rulemaking
Record
On request, we will supply an appropriate aid, such as a reader or
print magnifier, to an individual with a disability who needs
assistance to review the comments or other documents in the public
rulemaking record for this notice. If you want to schedule an
appointment for this type of aid, please contact the person listed
under FOR FURTHER INFORMATION CONTACT.
FOR FURTHER INFORMATION CONTACT: Jennifer Dozier. Telephone: (202) 205-
4421. If you use a telecommunications device for the deaf (TDD), call
the Federal Relay Service (FRS) at 1-800-877-8339.
Individuals with disabilities can obtain this document in an
alternative format (e.g., Braille, large print, audiotape, or computer
diskette) on request to the contact person listed under this section.
SUPPLEMENTARY INFORMATION:
Introduction
MSIX will provide the technology that will allow all States, in
accordance with applicable law, to share educational and health
information on migrant children who travel from State to State due to
their migratory lifestyle and who, as a result, have student records in
the migrant student databases of multiple States. Authorized
representatives of State and local agencies will use MSIX to assist
with school enrollment, grade placement, and accrual of course credits
for migrant children nationwide. In doing so, MSIX will work in concert
with the existing migrant student information systems that States
currently use to manage their migrant student data. Authorized
representatives of State educational agencies (SEAs), local educational
agencies (LEAs), and other MEP local operating agencies will use MSIX
to retrieve educational and health information on migrant students who
move from State to State due to their migrant lifestyle.
The Privacy Act (5 U.S.C. 552a(e)(4)) requires the Department to
publish in the Federal Register this notice of a new system of records
maintained by the Department. The Department's regulations implementing
the Privacy Act are contained in the Code of Federal Regulations (CFR)
in 34 CFR part 5b.
The Privacy Act applies to information about individuals that
contains individually identifying information that is retrieved by a
unique identifier associated with each individual, such as a name or
social security number. The information about each individual is called
a ``record,'' and the system, whether manual or computer-based, is
called a ``system of records.'' The Privacy Act requires each agency to
publish notices of new or altered systems of records in the Federal
Register and to submit reports to the Administrator of the Office of
Information and Regulatory Affairs, OMB, the Chair of the Senate
Committee on Homeland Security and Governmental Affairs, and the Chair
of the House Committee on Oversight and Government Reform, whenever the
agency publishes a new or altered system of records.
Electronic Access to This Document
You may view this document, as well as all other documents of this
Department published in the Federal Register, in text or Adobe Portable
Document Format (PDF) on the Internet at the following site:
www.ed.gov/news/fedregister.
To use PDF you must have Adobe Acrobat Reader, which is available
free at this site. If you have questions about using PDF, call the U.S.
Government Printing Office (GPO), toll free, at 1-888-293-6498, or in
the Washington, DC, area at (202) 512-1530.
Note: The official version of this document is the document
published in the Federal Register. Free Internet access to the
official edition of the Federal Register and the CFR is available on
GPO Access at: www.gpoaccess.gov/nara/.
Dated: November 30, 2007.
Kerri L. Briggs,
Assistant Secretary for Elementary and Secondary Education.
For the reasons discussed in the preamble, the Assistant Secretary
for Elementary and Secondary Education publishes a notice of a new
system of records to read as follows:
18-14-04
SYSTEM NAME:
Migrant Student Information Exchange (MSIX).
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
(1) U.S. Department of Education, Office of Elementary and
Secondary Education, Office of Migrant Education, 400 Maryland Avenue,
SW., room 3E344, Washington, DC 20202-4614.
(2a) Deloitte LLC, 4301 North Fairfax Drive, Suite 210, Arlington,
VA 22203-1633 (software development and programming).
(2b) Deloitte LLC, 110 West 7th Street, Suite 1100, Tulsa, OK
74119-1107 (help desk for MSIX).
(3a) EDS Data Center, 6031 South Rio Grande Avenue, Orlando, FL
32809-4613 (MSIX Production Servers).
(3b) EDS, 12000 Research Parkway, Orlando, FL 32826-2943 (back-up
tapes).
(4) Navasite Data Center, 8619 Westwood Center Drive, Vienna, VA
22182-2220 (disaster recovery site).
[[Page 68574]]
(5) Access to MSIX is available through the Internet from other
locations.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
This system contains records on all children whom States have
determined to be eligible to participate in the MEP, authorized in
Title I, Part C of the Elementary and Secondary Education Act of 1965
(ESEA), as amended by the No Child Left Behind Act of 2001 (Pub. L.
107-110).
CATEGORIES OF RECORDS IN THE SYSTEM:
The categories of records in the system include the migrant
child's: Name, date of birth, personal identification numbers assigned
by the States and the Department, parent's or parents' name or names,
school enrollment data, school contact data, assessment data, and other
educational and health data necessary for accurate and timely school
enrollment, grade and course placement, and accrual of course credits.
The final request for public comment on the minimum data elements
(MDEs) to be included in MSIX was published, pursuant to the Paperwork
Reduction Act of 1995 clearance process, in the Federal Register on
August 3, 2007 (72 FR 43253-34). More information on the 66 MDEs is
available in the Department's Information Collection Notice at: http: /
/edicsweb.ed.gov/browse/downldatt.cfm?pkg--serial--num=2841.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
MSIX is authorized under section 1308(b)(2) of the ESEA, as amended
by the No Child Left Behind Act of 2001 (20 U.S.C. Section 6398(b)(2)).
PURPOSE(S):
The purpose of MSIX is to enhance the continuity of educational and
health services for migrant children by providing a mechanism for all
States to exchange educational and health related information on
migrant children who move from State to State due to their migratory
lifestyle. It is anticipated that the existence and use of MSIX will
help to improve the timeliness of school enrollments, improve the
appropriateness of grade and course placements, and reduce incidences
of unnecessary immunizations of migrant children. Further, MSIX will
facilitate the accrual of course credits for migrant children in
secondary school by providing accurate academic information on the
student's course history and academic progress.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
The Department of Education (Department) may disclose information
contained in a record in this system of records, under the routine uses
listed in this system of records, without the consent of the individual
if the disclosure is compatible with the purposes for which the record
was collected. The Department may make these disclosures on a case-by-
case basis or, if the Department has complied with the computer
matching requirements of the Privacy Act, as amended, under a computer
matching agreement.
(1) MEP Services, School Enrollment, Grade or Course Placement,
Accrual of High School Credits, Student Record Match Resolution. The
Department may disclose a record in this system of records to
authorized representatives of State education agencies (SEAs), local
education agencies (LEAs), and other MEP local operating agencies
(LOAs) to facilitate one or more of the following for a student: (a)
Participation in the MEP, (b) enrollment in school, (c) grade or course
placement, (d) credit accrual, and (e) unique student match resolution.
(2) Contract Disclosure. If the Department contracts with an entity
for the purposes of performing any function that requires disclosure of
records in this system to employees of the contractor, the Department
may disclose the records to those employees who have received the
appropriate level security clearance from the Department. Before
entering into such a contract, the Department will require the
contractor to maintain Privacy Act safeguards, as required under 5
U.S.C. 552a(m), with respect to the records in the system.
(3) Research Disclosure. The Department may disclose records from
this system to a researcher if an appropriate official of the
Department determines that the individual or organization to which the
disclosure would be made is qualified to carry out specific research
related to functions or purposes of this system of records. The
official may disclose information from this system of records to that
researcher solely for the purpose of carrying out that research related
to the functions or purposes of this system of records. The researcher
will be required to maintain Privacy Act safeguards with respect to the
disclosed records.
(4) Freedom of Information Act (FOIA) and Privacy Act Advice
Disclosure. The Department may disclose records to the U.S. Department
of Justice (DOJ) or OMB if the Department concludes that disclosure is
desirable or necessary to determine whether particular records are
required to be disclosed under FOIA or the Privacy Act.
(5) Disclosure in the Course of Responding to Breach of Data. The
Department may disclose records to appropriate agencies, entities, and
persons when (a) it is suspected or confirmed that the security or
confidentiality of information in MSIX has been compromised; (b) the
Department has determined that as a result of the suspected or
confirmed compromise, there is a risk of harm to economic or property
interests, identity theft or fraud, or harm to the security or
integrity of MSIX or other systems or programs (whether maintained by
the Department or by another agency or entity) that rely upon the
compromised information; and, (c) the disclosure is made to such
agencies, entities, and persons who are reasonably necessary to assist
the Department in responding to the suspected or confirmed compromise
and in helping the Department prevent, minimize, or remedy such harm.
(6) Litigation or Alternative Dispute Resolution (ADR) Disclosure.
(a) Introduction. In the event that one of the following parties is
involved in litigation or ADR, or has an interest in litigation or ADR,
the Department may disclose certain records to the parties described in
paragraphs b, c, and d of this routine use under the conditions
specified in those paragraphs:
(i) The Department or any of its components.
(ii) Any Department employee in his or her official capacity.
(iii) Any employee of the Department in his or her individual
capacity where DOJ has agreed to or has been requested to provide or
arrange for representation of the employee.
(iv) Any employee of the Department in his or her individual
capacity where the Department has agreed to represent the employee.
(v) The United States where the Department determines that the
litigation is likely to affect the Department or any of its components.
(b) Disclosure to DOJ. If the Department determines that disclosure
of certain records to DOJ, or attorneys engaged by DOJ, is relevant and
necessary to litigation or ADR, and is compatible with the purpose for
which the records were collected, the Department may disclose those
records as a routine use to DOJ.
(c) Adjudicative Disclosure. If the Department determines that
disclosure of certain records to an adjudicative body before which the
Department is authorized to appear, individual, or
[[Page 68575]]
entity designated by the Department or otherwise empowered to resolve
or mediate disputes is relevant and necessary to litigation or ADR, and
is compatible with the purpose for which the records were collected,
the Department may disclose those records as a routine use to the
adjudicative body, individual, or entity.
(d) Disclosure to Parties, Counsel, Representatives, and Witnesses.
If the Department determines that disclosure of certain records to a
party, counsel, representative, or witness is relevant and necessary to
litigation or ADR, and is compatible with the purpose for which the
records were collected, the Department may disclose those records as a
routine use to a party, counsel, representative, or witness.
(7) Congressional Member Disclosure. The Department may disclose
information from a record of an individual to a member of Congress and
his or her staff in response to an inquiry from the member made at the
written request of that individual. The member's right to the
information is no greater than the right of the individual who
requested it.
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
Not applicable to this system notice.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
The Data Center of the Department's contractor, EDS, stores
computerized student records on server hardware and MSIX backup tapes,
including MSIX Help Desk tapes, in locked file cabinets.
RETRIEVABILITY:
Records in this system are indexed by a unique number, assigned to
each individual, that is cross-referenced by the individual's name.
SAFEGUARDS:
(1) Introduction
Security personnel control and monitor all physical access to the
site of the Department's contractor and subcontractors, where this
system of records is maintained. The computer system employed by the
Department offers a high degree of resistance to tampering and
circumvention. This computer system limits data access to Department
and contract staff on a ``need to know'' basis, and controls individual
users' ability to access and alter records within the system by
granting user names and passwords, and assigning user roles to
individuals that restrict access based on user category (e.g., district
administrator, counselor, state administrator).
The contractor has established a set of procedures to ensure
confidentiality of data, and will maintain the security of the complete
set of all master data files and documentation. The contractor and
subcontractor employees who collect, maintain, use, or disseminate data
in this system, must comply with the requirements of the Privacy Act.
(2) Physical Security of Electronic Data
Physical security of electronic data will be maintained. The MSIX
infrastructure is housed in a secured data center, access to which is
controlled by multiple access controls. These access controls include a
combination of personal photo identification/card scans, biometric hand
scanning, and personal access codes. These access controls also include
man-traps and physical barricades that limit access to the data center
floor and machine rooms. Further, all entrances, exits, and key points
throughout the facility are monitored in real-time via closed circuit
television (CCTV) 24 hours per day. All CCTV is recorded and stored on
tape for audit purposes. These access control mechanisms are centrally
managed by resources within the data center, which is staffed 24 hours
per day.
Security personnel are required to inspect picture identification
and have visitors sign in before granting access to the facility.
Visitors are pre-authorized and registered in a database at least 24
hours prior to their arrival, and are required to provide picture
identification that matches the name given previously to the data
center. All personnel are required to display an identification badge
or an authorized visitor badge at all times while on the premises; and
all packages brought into the data center are subject to inspection.
Backup tapes are employed, and numerous mechanisms protect the
physical security of these backup tapes. First, in the event of a
disaster recovery situation, MSIX backup tapes will be transferred in
locking containers. Contractor and subcontractor employees holding
Department of Defense (DoD) Secret or Interim Secret clearances will
ship the tapes from the EDS Data Center to the Navasite Data Center,
the disaster recovery site. Thus, the MSIX system can be restored in
the event of a disaster at the Navasite Data Center. Second, the backup
tapes are stored in a tape library within the EDS Data Center and are
only available to authorized personnel. Access to the backup tapes is
limited through the use of biometric access control mechanisms. Third,
the backup tapes are stored in fireproof safes.
(c) User Access to Electronic Data
MSIX incorporates a series of security controls mandated by the
Federal Information Security Management Act of 2002 (FISMA) and the
Department. MSIX leverages role-based accounts and security controls to
limit access to the application, its servers, and its infrastructure to
authorized users. All MSIX users must follow a registration process
that involves identity validation and verification prior to gaining
access to MSIX. Once validated and approved, MSIX User Administrators
will grant access to authorized users by creating their MSIX accounts
and assigning the appropriate MSIX roles. MSIX requires users to use
strong passwords, comprised of alphanumeric and special characters, and
uses Oracle's Internet Directory (OID) application to manage its user
accounts. OID stores the name of each MSIX user, each MSIX user's
associated roles and access privileges, and each MSIX user's passwords
using an encrypted format. The MSIX application is only available to
authorized users via a Uniform Resource Locator (URL) that runs under
the Hypertext Transfer Protocol over Secure Socket Layer (HTTPS). No
user may alter records in this system of records except to identify and
assign a student a unique student identifier through the record
matching process. Further, MSIX limits data submissions from State
systems to specific Internet Protocol addresses and requires the use of
Secure File Transfer Protocol.
(d) Additional Security Measures
The MSIX infrastructure also leverages a series of firewalls to
limit internal access to specific protocols and ports, as well as
intrusion detection systems to help identify unauthorized access to
MSIX. MSIX logs and tracks login attempts, data modifications, and
other key application and system events. The MSIX operations and
maintenance team monitors these logs on a regular basis. Further, the
MSIX operations and maintenance team performs vulnerability scans on a
routine basis, monitors the U.S. Computer Emergency Response Team
(CERT) bulletins (see https://www.us-cert.gov/ for more details), and
applies routine operating system and vendor patches as appropriate.
Retention and Disposal:
Records are maintained and disposed of in accordance with the
Department's Records Disposition Schedules as listed under ED 231--
Public and Restricted Use Data Files--Studies.
[[Page 68576]]
System Manager and Address:
Director, Office of Migrant Education, U.S. Department of
Education, 400 Maryland Avenue, SW., room 3E317, Washington, DC 20202-
0001.
Notification Procedure:
If you wish to determine whether a record exists regarding you in
the system of records, contact the system manager at the address listed
under, SYSTEM MANAGER AND ADDRESS. Your request must meet the
requirements of regulations in 34 CFR 5b.5, including proof of
identity.
Record Access Procedure:
If you wish to gain access to your record in the system of records,
contact the system manager at the address listed under SYSTEM MANAGER
AND ADDRESS. Your request must meet the requirements of regulations in
34 CFR 5b.5, including proof of identity.
Contesting Record Procedure:
If you wish to contest the content of a record regarding you in the
system of records, contact the system manager at the address listed
under, SYSTEM MANAGER AND ADDRESS. Your request must meet the
requirements of regulations in 34 CFR 5b.7, including proof of
identity.
Record Source Categories:
The system will contain records that are obtained from SEAs and
LEAs.
Exemptions Claimed for the System:
None.
[FR Doc. E7-23541 Filed 12-4-07; 8:45 am]
BILLING CODE 4000-01-P
