Privacy Act of 1974; as Amended New System of Records and Routine Use Disclosures, 5619-5624 [E8-1674]
Download as PDF
<![CDATA[
Federal Register / Vol. 73, No. 20 / Wednesday, January 30, 2008 / Notices
(ii) security futures where at least one
side of the trade is cleared by an OCC
clearing member.5 Simultaneous with
the adoption of the new standard
clearing fee schedule, OCC additionally
discounted clearing fees. Effective
September 1 through December 31,
2007, OCC further reduced its
discounted clearing fees and halved the
market-maker scratch fee.6 Effective
January 1, 2008, OCC will implement a
new discounted clearing fee schedule
Contracts/trade
$0.05/contract ........................................................
$0.04/contract ........................................................
$0.03/contract ........................................................
$55.00 (capped) ....................................................
The discounted clearing fee schedule
and market maker scratch fee will
remain in effect until further action by
OCC’s Board of Directors.
The adoption of the new discounted
fee schedule reflects the strong contract
volume experienced by OCC in 2007.
OCC believes that these discounted fees
will financially benefit clearing
members and other market participants
without adversely affecting OCC’s
ability to meet its expenses and
maintain an acceptable level of retained
earnings.
The proposed rule change is
consistent with the requirements of
section 17A of the Act 7 and the rules
and regulations thereunder applicable to
OCC because it benefits clearing
members and other market participants
by discounting fees and allocating them
in a fair and equitable manner. The
proposed rule change is not inconsistent
with the existing rules of OCC,
including any other rules proposed to be
amended.
(B) Self-Regulatory Organization’s
Statement on Burden on Competition
OCC does not believe that the
proposed rule change would impose any
burden on competition.
Discounted standard fee schedule, effective
January 1, 2008
$0.03/contract.
$0.024/contract.
$18.00 (capped).
$18.00 (capped).
4(f)(2) 9 thereunder because the
proposed rule establishes or changes a
due, fee, or other charge. At any time
within sixty days of the filing of such
rule change, the Commission may
summarily abrogate such rule change if
it appears to the Commission that such
action is necessary or appropriate in the
public interest, for the protection of
investors, or otherwise in furtherance of
the purposes of the Act.
IV. Solicitation of Comments
Interested persons are invited to
submit written data, views, and
arguments concerning the foregoing,
including whether the proposed rule
change is consistent with the Act.
Comments may be submitted by any of
the following methods:
Electronic Comments
• Use the Commission’s Internet
comment form (https://www.sec.gov/
rules/sro.shtml) or
• Send an e-mail to rulecomments@sec.gov. Please include File
Number SR–OCC–2007–17 on the
subject line.
Paper Comments
The foregoing rule change has become
effective upon filing pursuant to section
19(b)(3)(A)(ii) of the Act 8 and Rule 19b–
• Send paper comments in triplicate
to Nancy M. Morris, Secretary,
Securities and Exchange Commission,
100 F Street, NE., Washington, DC
20549–1090.
All submissions should refer to File
Number SR–OCC–2007–17. This file
number should be included on the
subject line if e-mail is used. To help the
Commission process and review your
comments more efficiently, please use
only one method. The Commission will
post all comments on the Commission’s
Internet Web site (https://www.sec.gov/
rules/sro.shtml). Copies of the
submission, all subsequent
amendments, all written statements
5 Securities Exchange Act Release No. 55709 (May
4, 2007), 72 FR 26669 (May 10, 2007) [File No. SR–
OCC–2007–05].
6 Securities Exchange Act Release No. 56386
(September 11, 2007), 72 FR 53273 (September 18,
2007) [File No. SR–OCC–2007–09]. In addition,
OCC permanently adopted the standard fee
schedule for commodity futures and eliminated the
alternative fee schedule previously offered to
futures markets.
(C) Self-Regulatory Organization’s
Statement on Comments on the
Proposed Rule Change Received From
Members, Participants, or Others
Written comments were not and are
not intended to be solicited with respect
to the proposed rule change, and none
have been received.
III. Date of Effectiveness of the
Proposed Rule Change and Timing for
Commission Action
mstockstill on PROD1PC66 with NOTICES
that will replace the May 1 discounted
fees and will continue the discounted
market-maker scratch fee of $0.01 per
side. The following chart sets forth the
new discounted clearing fee schedule.
Current permanent standard fee schedule,
effective May 1, 2007
1–500 .......................................................
501–1,000 ................................................
1,001–2,000 .............................................
>2,000 ......................................................
VerDate Aug<31>2005
18:49 Jan 29, 2008
Jkt 214001
PO 00000
Frm 00126
Fmt 4703
Sfmt 4703
5619
with respect to the proposed rule
change that are filed with the
Commission, and all written
communications relating to the
proposed rule change between the
Commission and any person, other than
those that may be withheld from the
public in accordance with the
provisions of 5 U.S.C. 552, will be
available for inspection and copying in
the Commission’s Public Reference
Room, 100 F Street, NE., Washington,
DC 20549, on official business days
between the hours of 10 a.m. and 3 p.m.
The text of the proposed rule change is
available at OCC, the Commission’s
Public Reference Room, and https://
www.theocc.com/publications/rules/
proposed_changes/sr_occ_ 07_17.pdf.
All comments received will be posted
without change; the Commission does
not edit personal identifying
information from submissions. You
should submit only information that
you wish to make available publicly. All
submissions should refer to File
Number SR–OCC–2007–17 and should
be submitted on or before February 20,
2008.
For the Commission by the Division of
Trading and Markets, pursuant to delegated
authority.10
Florence E. Harmon,
Deputy Secretary.
[FR Doc. E8–1614 Filed 1–29–08; 8:45 am]
BILLING CODE 8011–01–P
SOCIAL SECURITY ADMINISTRATION
Privacy Act of 1974; as Amended New
System of Records and Routine Use
Disclosures
AGENCY:
Social Security Administration
(SSA).
7 15
U.S.C. 78q–1.
U.S.C. 78s(b)(3)(A)(ii).
9 17 CFR 240.19b–4(f)(2).
10 17 CFR 200.30–3(a)(12).
8 15
E:\FR\FM\30JAN1.SGM
30JAN1
5620
Federal Register / Vol. 73, No. 20 / Wednesday, January 30, 2008 / Notices
Proposed New System of
Records and Proposed Routine Uses.
ACTION:
SUMMARY: In accordance with the
Privacy Act (5 U.S.C. 552a(e)(4) and
(e)(11)), we are issuing public notice of
our intent to establish a new system of
records entitled, Social Security
Administration Unified Measurement
System/Managerial Cost Accountability
System (SUMS/MCAS) 60–0371, and
routine uses applicable to this system of
records. SUMS/MCAS will consist of
information related to five interrelated
Agency initiatives: (1) Workload counts,
(2) performance measures, (3) time
allocation, (4) customer service records,
and (5) managerial cost accountability.
We invite public comments on this
proposal.
DATES: We filed a report of SUMS/MCAS
and its applicable routine uses with the
Chairman of the Senate Committee on
Homeland Security and Governmental
Affairs, the Chairman of the House
Committee on Government Reform, and
the Director, Office of Information and
Regulatory Affairs, Office of
Management and Budget (OMB) on
January 23, 2008. SUMS/MCAS and its
routine uses will become effective on
March 3, 2008, unless we receive
comments warranting that they not
become effective.
ADDRESSES: Interested individuals may
comment on this publication by writing
to the Executive Director, Office of
Public Disclosure, Office of the General
Counsel, Social Security
Administration, Room 3-A–6 Operations
Building, 6401 Security Boulevard,
Baltimore, Maryland 21235–6401. All
comments received will be available for
public inspection at the above address.
FOR FURTHER INFORMATION CONTACT: Ms.
Earlene Whitworth Hill, Social
Insurance Specialist, Disclosure Policy
Development and Services Division 1,
Office of Public Disclosure, Office of the
General Counsel, Social Security
Administration, Room 3-A–6 Operations
Building, 6401 Security Boulevard,
Baltimore, Maryland 21235–6401,
telephone at (410) 965–1817, or e-mail:
earlene.whitworth.hill@ssa.gov.
SUPPLEMENTARY INFORMATION:
mstockstill on PROD1PC66 with NOTICES
I. Background and Purpose of SUMS/
MCAS
A. General Background
SUMS/MCAS will support SSA and
the State Disability Determination
Services (DDS) management and
management information (MI) analysts
in analyzing workloads, planning
resources, performing cost allocation
activities, improving access to MI, and
improving work-power allocation,
VerDate Aug<31>2005
18:49 Jan 29, 2008
Jkt 214001
which in turn will help us improve
customer service and reduce manual
work. SUMS/MCAS will provide a
single source of data, collected in a
consistent manner, which will improve
the quality, consistency, and access to
information used throughout SSA and
DDS. It will also produce detailed
reports that will assist us in assessing
office, unit, and employee performance.
SUMS/MCAS will enable us to manage
and account for resources through one
uniform source of MI, combining five
interrelated initiatives:
• Workload Counts.
• Performance Measure.
• Time Allocation.
• Customer Service Record.
• Managerial Cost Accountability.
B. Collection and Maintenance of the
Data for SUMS/MCAS
SSA will collect and maintain
information in SUMS/MCAS that is
derived from SSA’s mainframe and webbased computer usage files (log files),
payroll and human resource databases,
security files (including the Internet
verification files and Internet enterprise
security interface), and programmatic
work measurement data collected from
all SSA processing locations.
The information maintained in
SUMS/MCAS will be maintained in
paper and electronic formats.
Specifically, it will contain some, or all,
of the following information about our
clients and visitors to any SSA facility:
name, Social Security number (SSN),
age, address, and date of birth (DOB),
along with related claims processing
information. The system will contain
some, or all, of the following
information about our employees,
contractor employees, and DDS
employees: personal identification
number (PIN); position; function and
office codes; access and exit times when
logging-on to any SSA system; and
names and locations of the systems (log
files). We will retrieve information from
the system via online analytical
processing (OLAP) tools using any of
the data elements that the system
contains. Standardized reports will be
created from the data. Thus, SUMS/
MCAS will constitute a system of
records under the Privacy Act.
II. Proposed Routine Use Disclosures of
Data Maintained in SUMS/MCAS
A. Proposed Routine Use Disclosures
We are proposing to establish routine
uses of information that will be
maintained in SUMS/MCAS as
discussed below.
1. To the Office of the President for
the purpose of responding to an
PO 00000
Frm 00127
Fmt 4703
Sfmt 4703
individual pursuant to an inquiry
received from that individual or from a
third party on his or her behalf.
We will disclose information under
this routine use only in situations in
which an individual contacts the Office
of the President, seeking that Office’s
assistance in a matter relating to
information contained in SUMS/MCAS.
Information will be disclosed when the
Office of the President makes an inquiry
and indicates that it is acting on behalf
of the individual whose record is
requested.
2. To a congressional office in
response to an inquiry from that office
made at the request of the subject of a
record.
We will disclose information under
this routine use only in situations in
which an individual asks his or her
congressional representative to
intercede in a matter relating to
information contained in SUMS/MCAS.
Information will be disclosed when the
congressional representative makes an
inquiry and indicates that he or she is
acting on behalf of the individual whose
record is requested.
3. To the Department of Justice (DOJ),
a court or other tribunal, or another
party before such tribunal when:
(a) SSA, or any component thereof; or
(b) Any SSA employee in his/her
official capacity; or
(c) Any SSA employee in his/her
individual capacity where DOJ (or SSA
where it is authorized to do so) has
agreed to represent the employee; or
(d) The United States or any agency
thereof where SSA determines that the
litigation is likely to affect the operation
of SSA or any of its components,
is a party to litigation or has an interest
in such litigation, and SSA determines
that the use of such records by DOJ, a
court or other tribunal, or another party
before such tribunal, is relevant and
necessary to the litigation, provided,
however, that in each case, SSA
determines that such disclosure is
compatible with the purpose for which
the records were collected.
We will disclose information under
this routine use only as necessary to
enable DOJ to effectively defend SSA,
its components or employees, in
litigation involving SUMS/MCAS and/or
to ensure that courts and other tribunals
have appropriate information.
4. To the Equal Employment
Opportunity Commissioner (EEOC)
when requesting information in
connection with investigations into
alleged or possible discriminatory
practices in the Federal sector,
examination of Federal affirmative
employment programs, compliance by
E:\FR\FM\30JAN1.SGM
30JAN1
mstockstill on PROD1PC66 with NOTICES
Federal Register / Vol. 73, No. 20 / Wednesday, January 30, 2008 / Notices
Federal agencies with the Uniform
Guidelines on Employee Selection
Procedures, or other functions vested in
the Commission.
We will disclose information about
our employees to the EEOC, as
necessary, to assist in reassessing
individuals’ requests for reasonable
accommodations; to assist in
investigations into alleged or possible
discriminatory practices in the Federal
sector; to combat and prevent fraud,
waste, and abuse under the
Rehabilitation Act of 1973; and to assist
the Commission in carrying out its other
functions.
5. To the Federal Labor Relations
Authority, the General Counsel, the
Federal Mediation and Conciliation
Service, the Federal Service Impasses
Panel, or an arbitrator when information
is requested in connection with
investigations of allegations of unfair
practices or of other matters before an
arbitrator or the Federal Service
Impasses Panel.
We will disclose information about
our employees under this routine use, as
necessary, to the Federal Labor
Relations Authority, the General
Counsel, the Federal Mediation and
Conciliation Service, and the Federal
Service Impasses Panel or an arbitrator,
in which all or part of the allegations
involve SUMS/MCAS.
6. To the Merit Systems Protection
Board or the Office of the Special
Counsel in connection with appeals,
special studies of the civil service and
other merit systems, review of rules and
regulations, investigation of alleged or
possible prohibited personnel practices,
and other such functions promulgated
in 5 U.S.C. Chapter 12, or as may be
authorized by law.
We will disclose information about
our employees under this routine use, as
necessary, to the Merit Systems
Protection Board or the Office of the
Special Counsel, in which all or part of
the allegations in the appeal or action
involve SUMS/MCAS.
7. To contractors and other Federal
agencies, as necessary, for the purpose
of assisting SSA in the efficient
administration of its programs. We
contemplate disclosing information
under this routine use only in situations
in which SSA may enter into a
contractual or similar agreement with a
third party to assist in accomplishing an
Agency function relating to SUMS/
MCAS.
We will disclose information under
this routine use only in situations where
SSA enters into a contractual agreement
or similar agreement with a third party
to assist in accomplishing an Agency
function relating to SUMS/MCAS.
VerDate Aug<31>2005
18:49 Jan 29, 2008
Jkt 214001
8. To student volunteers, individuals
who are working under a personal
service contract, and other individuals
performing functions for SSA, but
technically not having the status of
Agency employees, if they need access
to the records in order to perform their
assigned Agency functions.
Under certain Federal statutes, SSA is
authorized to use the service of
volunteers and participants in certain
educational, training, employment, and
community service programs. Examples
of such statutes and programs include 5
U.S.C. 3111, which pertain to student
volunteers, and 42 U.S.C. 2753, which
pertain to the College Work-Study
Program. We contemplate disclosing
information under this routine use only
when SSA uses the services of these
individuals and they need access to
information in this system to perform
their assigned Agency duties.
9. To General Services Administration
(GSA) and the National Archives and
Records Administration (NARA) under
44 U.S.C. § 2904 and § 2906, as
amended by NARA Act of 1984,
information which is not restricted from
disclosure by Federal law for the use of
those agencies in conducting records
management studies.
The Administrator of GSA and the
Archivist of NARA are authorized by 44
U.S.C. 2904, as amended, to promulgate
standards, procedures and guidelines
regarding record management and
conducting records management
studies. GSA and NARA are authorized
to inspect Federal agencies’ records, for
records management purposes, and
agencies are expected to cooperate with
GSA and NARA (44 U.S.C. 2906). In
such instances, the routine use will
allow disclosure.
10. To Federal, State, and local law
enforcement agencies and private
security contractors, as appropriate,
information necessary:
• To enable them to protect the safety
of SSA employees and customers, the
security of the SSA workplace, or the
operation of SSA facilities, or
• To assist investigations or
prosecutions with respect to activities
that affect such safety and security or
activities that disrupts the operation of
SSA facilities.
We will disclose information under
this routine use to law enforcement
agencies and private security
contractors when information is needed
to respond to, investigate, or prevent
activities that jeopardize the security
and safety of SSA customers,
employees, or workplaces, or that
otherwise disrupt the operation of SSA
facilities. Information would also be
disclosed to assist in the prosecution of
PO 00000
Frm 00128
Fmt 4703
Sfmt 4703
5621
persons charged with violating Federal,
State, or local law in connection with
such activities.
11. To the Secretary of Health and
Human Services (HHS) or to any State,
we will disclose any record or
information requested in writing by the
Secretary for the purpose of
administering any program
administered by the Secretary, if records
or information of such type were so
disclosed under applicable rules,
regulations, and procedures in effect
before the date of enactment of the
Social Security Independence and
Program Improvements Act of 1994.
We will disclose information under
this routine use as directed in section
704(e)(1)(B) of the Social Security
Independence and Program
Improvements Act of 1994, which
mandates certain disclosures to HHS
components.
12. To appropriate Federal, State, and
local agencies, entities, and persons
when (1) we suspect or confirm that the
security or confidentiality of
information in this system of records
has been compromised; (2) we
determine that as a result of the
suspected or confirmed compromise
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs of SSA that rely upon the
compromised information; and (3) we
determine that disclosing the
information to such agencies, entities,
and persons is necessary to assist in our
efforts to respond to the suspected or
confirmed compromise and to prevent,
minimize, or remedy such harm. We will
use this routine use to respond only to
those incidents involving an
unintentional release of our records.
This routine use specifically permits
the disclosure of SSA information in
connection with response and
remediation efforts in the event of an
unintentional release of Agency
information, otherwise known as a
‘‘data security breach.’’ This routine use
serves to protect the interests of the
person whose information is at risk by
allowing us to take appropriate steps to
facilitate a timely and effective response
to a data breach. It will also help us to
improve our ability to prevent,
minimize, or remedy any harm that may
result from a compromise of data
maintained in this system of records.
B. Compatibility of Proposed Routine
Uses
The Privacy Act (5 U.S.C. 552a(b)(3))
and our disclosure regulations (20 CFR
Part 401) permit us to disclose
information under a published notice of
E:\FR\FM\30JAN1.SGM
30JAN1
5622
Federal Register / Vol. 73, No. 20 / Wednesday, January 30, 2008 / Notices
routine use for a purpose that is
compatible with the purpose for which
we collected the information. Section
401.150(c) of our regulations permits us
to disclose information under a routine
use where necessary to carry out SSA
programs. Section 401.120 provides that
we will disclose information when a
law specifically requires the disclosure.
The proposed routine uses numbered 1
through 8, and 10 and 11 above, will
ensure we efficiently administer SUMS/
MCAS. The disclosure that would be
made under routine uses number 9 and
12 are required by Federal law. Thus, all
routine uses are appropriate and meet
the relevant statutory and regulatory
criteria.
mstockstill on PROD1PC66 with NOTICES
III. Records Storage Medium and
Safeguards for the Information
Maintained in SUMS/MCAS
We will maintain information in
SUMS/MCAS in paper and electronic
form. Only authorized SSA, DDS, and
contractor personnel who have a need
for the information in the performance
of their official duties will be permitted
access to the information. We will
safeguard the security of the information
by requiring the use of access codes to
enter the computer system that will
maintain the data and will store
computerized records in secured areas
that are accessible only to employees
who require the information to perform
their official duties. We keep paper
records in locked cabinets or in
otherwise secure areas.
DDS and contractor personnel having
access to data in SUMS/MCAS will be
required to adhere to SSA rules
concerning safeguards, access, and use
of the data.
SSA, DDS, and contractor personnel
having access to the data on this system
will be informed of the criminal
penalties of the Privacy Act for
unauthorized access to, or disclosure of,
information maintained in this system.
See 5 U.S.C. 552a(i)(1).
IV. Effect of SUMS/MCAS on the Rights
of Individuals
SUMS/MCAS will maintain only
information that is necessary to carry
out our official functions under the
Social Security Act and other applicable
Federal statutes. We will use security
measures that protect access to, and
preclude unauthorized disclosure of,
records in SUMS/MCAS. Our
maintenance and use of the information
are in accordance with the provisions of
the Privacy Act (5 U.S.C. § 552a) and
SSA’s disclosure regulations (20 CFR
Part 401). We employ safeguards to
protect all personal information in our
possession as well as the confidentiality
VerDate Aug<31>2005
18:49 Jan 29, 2008
Jkt 214001
of the information. We will disclose
information under the routine uses
discussed above only as necessary to
accomplish the stated purpose(s). Thus,
we do not anticipate that SUMS/MCAS
and its routine use disclosures will have
an unwarranted adverse effect on the
rights of the individuals to whom they
pertain.
Dated: January 23, 2008.
Michael J. Astrue,
Commissioner.
Social Security Administration (SSA)
Notice of System of Records Required by
the Privacy Act of 1974; as Amended
SYSTEM NUMBER:
60–0371.
SYSTEM NAME:
Social Security Administration
Unified Measurement System/
Managerial Cost Accountability (SUMS/
MCAS).
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Office of Systems, SSA, 6401 Security
Boulevard, Baltimore, Maryland 21235–
6401.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
SSA employees, individuals who do
business with SSA (e.g., Social Security
claimants, beneficiaries, attorney or
non-attorney representatives, and
representative payees), the State
Disability Determination Services (DDS)
employees and contractors who assist
the Agency in administering the
Agency’s programs.
CATEGORIES OF RECORDS IN THE SYSTEM:
We collect records maintained in
SUMS/MCAS for management
information (MI) in administering the
Agency’s programs to improve customer
service and to produce detailed reports
that will assist us in assessing office,
unit, and employee performance.
Specifically, it will contain some or all
of the following information about
individuals who do business with SSA:
Name, Social Security number (SSN),
age, address, and date of birth (DOB),
along with other claims related
processing information. The system will
contain some or all of the following
information about our employees, DDS
employees, and contractor employees:
Name; SSN; personal identification
number (PIN); position; function and
office codes; access and exit times when
logging on any SSA system; and names
and locations of the systems (log files).
The records will consist of
information from SSA’s mainframe and
PO 00000
Frm 00129
Fmt 4703
Sfmt 4703
web-based computer usage files (log
files); payroll and human resource
databases; security files including the
Internet verification file and Internet
enterprise security interface; and
programmatic work measurement data
collected from all SSA processing
locations.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Section 205(a) of the Social Security
Act (42 U.S.C. 405(a)).
Chief Financial Officers (CFO) Act
(1990)—Provides for the integration and
modernization of Federal financial
systems and requires development of
reporting of cost information.
Government Performance and Results
Act (GPRA) (1993)—GPRA requires
development of Agency strategic plans
and performance goals, measurement
and reporting on actual performance
compared to goals, computation of costs
and unit costs as key performance
indicators, and comparison of costs with
outputs and outcomes.
Government Management Reform Act
(GMRA) (1994)—Requires an agencywide performance and financial
statement, an audited statement, and
cost information.
Federal Financial Management
Improvement Act (FFMIA) (1996)—
Mandates that agencies establish
financial management systems that
comply with Federal standards and
requirements. It directs auditors to
report on compliance as part of the
review of agency financial statements.
Office of Management and Budget
(OMB) Standards—Require SSA to
implement a modern managerial cost
accounting system that satisfies all
needs at all managerial decision levels.
PURPOSE(S):
SUMS/MCAS includes five
interrelated Agency initiatives: (1)
Workload Counts; (2) Performance
Measures; (3) Time Allocation; (4)
Customer Service Record; and (5)
Managerial Cost Accountability, which
will provide a single source for data,
collected in a consistent manner to
improve the quality, consistency, and
accessibility of MI. SUMS/MCAS will
enable the Agency to:
• Improve customer service and
enhance the Agency’s ability to monitor
customer service;
• Create a unified work measurement
and work power (i.e., the amount of
time it takes to do one piece of work)
identification system providing simpler
access to information for reporting data;
• Produce detailed reports that will
assist us in assessing office, unit, and
employee performance;
E:\FR\FM\30JAN1.SGM
30JAN1
Federal Register / Vol. 73, No. 20 / Wednesday, January 30, 2008 / Notices
• Consolidate the Agency workload
structure and provide data at any office
level, down to a specific employee;
• Allocate work-time usage
information consistently for all
components, workload activities, and
the time that it takes to perform work
and calculate productivity;
• Accommodate new workloads in a
flexible work-measurement system by
shifting work to locations where
capacity exists, improving customer
service;
• Ensure an accurate cost allocation
of work performed by SSA;
• Manage and account for resources
through one uniform source of MI;
• Measure outcomes, determine full
costs, control resources, assess
performance and provide timely
feedback to managers to enhance the
Agency’s accountability and customer
service; and
• Satisfy government-wide
managerial cost accounting regulations
and enable the Agency to link resource
expenditures with performance, as
required by legislation and other
government-wide requirements stated
in:
1. CFO Act of 1990;
2. GPRA Act of 1993;
3. GMRA Act of 1994;
4. FFMIA Act of 1996; and
5. OMB Standards.
mstockstill on PROD1PC66 with NOTICES
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSE OF SUCH USES:
Disclosure may be made for routine
uses as indicated below.
1. To the Office of the President for
the purpose of responding to an
individual pursuant to an inquiry
received from that individual or from a
third party on his or her behalf.
2. To a congressional office in
response to an inquiry from that office
made at the request of the subject of a
record.
3. To the Department of Justice (DOJ),
a court or other tribunal, or another
party before such tribunal when:
a. SSA, or any component thereof; or
b. Any SSA employee in his or her
official capacity; or
c. Any SSA employee in his or her
individual capacity where DOJ (or SSA
where it is authorized to do so) has
agreed to represent the employee; or
d. The United States or any agency
thereof where SSA determines that the
litigation is likely to affect the
operations of SSA or any of its
components, is a party to litigation or
has an interest in such litigation, and
SSA determines that the use of such
records by DOJ, a court or other
tribunal, or another party before such
VerDate Aug<31>2005
18:49 Jan 29, 2008
Jkt 214001
tribunal, is relevant and necessary to the
litigation, provided, however, that in
each case, SSA determines that such
disclosure is compatible with the
purpose for which the records were
collected.
4. To the Equal Employment
Opportunity Commission when
requesting information in connection
with investigations into alleged or
possible discriminatory practices in the
Federal sector, examination of Federal
affirmative employment programs,
compliance by Federal agencies with
the Uniform Guidelines on Employee
Selection Procedures, or other functions
vested in the Commission.
5. To the Federal Labor Relations
Authority, the General Counsel, the
Federal Mediation and Conciliation
Service, the Federal Service Impasses
Panel, or an arbitrator when information
is requested in connection with the
investigations of allegations of unfair
practices or of other matters before an
arbitrator or the Federal Impasses Panel.
6. To the Merit Systems Protection
Board or the Office of the Special
Counsel in connection with appeals,
special studies of the civil service and
other merit systems, review of rules and
regulations, investigation of alleged or
possible prohibited personnel practices,
and other such functions promulgated
in 5 U.S.C. Chapter 12, or as may be
authorized by law.
7. To contractors and other Federal
agencies, as necessary, for the purpose
of assisting SSA in the efficient
administration of its programs. We
contemplate disclosing information
under this routine use only in situations
in which SSA may enter into a
contractual or similar agreement with a
third party to assist in accomplishing an
Agency function relating to this system
of records.
8. To student volunteers, individuals
working under a personal service
contract, and other workers who
technically do not have the status of
Federal employees, when they are
performing work for the SSA, as
authorized by law, and they need access
to personally identifiable information in
SSA records in order to perform their
assigned Agency functions.
9. To General Services Administration
and the National Archives and Records
Administration (NARA) under 44 U.S.C.
2904 and 2906, as amended by NARA
Act of 1984, information which is not
restricted from disclosure by Federal
law for the use of those agencies in
conducting records management
studies.
10. To Federal, State, and local law
enforcement agencies and private
PO 00000
Frm 00130
Fmt 4703
Sfmt 4703
5623
security contractors, as appropriate,
information necessary:
• To enable them to protect the safety
of SSA employees and customers, the
security of the SSA workplace, or the
operation of SSA facilities, or
• To assist investigations or
prosecutions with respect to activities
that affect such safety and security or
activities that disrupt the operation of
SSA facilities.
11. To the Secretary of Health and
Human Services or to any State, we will
disclose any record or information
requested in writing by the Secretary for
the purpose of administering any
program administered by the Secretary,
if records or information of such type
were so disclosed under applicable
rules, regulations, and procedures in
effect before the date of enactment of the
Social Security Independence and
Program Improvements Act of 1994.
12. To appropriate Federal, State, and
local agencies, entities, and persons
when (1) We suspect or confirm that the
security or confidentiality of
information in this system of records
has been compromised; (2) we
determine that as a result of the
suspected or confirmed compromise
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs of SSA that rely upon the
compromised information; and (3) we
determine that disclosing the
information to such agencies, entities,
and persons is necessary to assist in our
efforts to respond to the suspected or
confirmed compromise and to prevent,
minimize, or remedy such harm. We
will use this routine use to respond only
to those incidents involving an
unintentional release of our records.
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
We maintain and store records in
SUMS/MCAS in electronic and paper
form. We keep paper records in locked
cabinets or in otherwise secure areas.
RETRIEVABILITY:
We retrieve records in SUMS/MCAS
by the name, SSN, age, address, and
DOB of individuals who do business
with SSA (e.g., Social Security
claimants, beneficiaries, attorney or
non-attorney representatives, and
representative payees). We retrieve
records in SUMS/MCAS by the name,
SSN, PIN, position code, function or
office location codes of employees, DDS
employees and contractors.
E:\FR\FM\30JAN1.SGM
30JAN1
5624
Federal Register / Vol. 73, No. 20 / Wednesday, January 30, 2008 / Notices
SAFEGUARDS:
Security measures include the use of
access codes to enter the computer
system that maintains the data;
computerized records will be stored in
secured areas that are accessible only to
employees who require the information
in performing their official duties. All
paper records will be kept in locked
cabinets or in otherwise secure areas.
SSA and DDS employees who have
access to the data will be informed of
the criminal penalties of the Privacy Act
for unauthorized access to or disclosure
of information maintained in the
system. See 5 U.S.C. 552a(i)(1).
Contractor personnel having access to
data in the system of records will be
required to adhere to SSA rules
concerning safeguards, access, and use
of the data.
RETENTION AND DISPOSAL:
The project will adhere to NARA
record retention standards as outlined
in the SUMS/MCAS Global
Requirements document. Specific
retention periods follow NC–47–75–7 as
shown below:
(1) Data source extract records housed
in the SUMS/MCAS active data
warehouse will be retained for 2 full
fiscal years plus the current fiscal year.
(2) Active detail records and
corresponding summary records housed
in the SUMS/MCAS active data
warehouse will be retained for 9 full
fiscal years plus the current fiscal year.
(3) Long term offline archive of
summary data housed in the SUMS/
MCAS long term offline archive
database will be retained for a total of
50 years or 40 additional years from the
time it moves from the active data
warehouse.
(4) MI housed in the Operational Data
Stores (ODS) will be retained for a
maximum of 5 years.
(5) Reference data housed in reference
tables within the active data warehouse
will be maintained in the active data
warehouse for 50 years.
SYSTEM MANAGER(S) AND ADDRESS:
SUMS/MCAS Program Manager,
Office of Systems, Social Security
Administration, 6401 Security
Boulevard, Baltimore, Maryland 21235–
6401.
mstockstill on PROD1PC66 with NOTICES
NOTIFICATION PROCEDURE(S):
An individual may determine if this
system contains a record about him or
her by writing to the systems manager(s)
at the above address and providing his
or her name, SSN, or other information
that may be in the system of records that
will identify him or her. An individual
requesting notification of records in
VerDate Aug<31>2005
18:49 Jan 29, 2008
Jkt 214001
person should provide the same
information, as well as provide an
identity document, preferably with a
photograph, such as a driver’s license,
or some other means of identification. If
an individual does not have any
identification documents sufficient to
establish his or her identity, the
individual must certify in writing that
he or she is the person he or she claims
to be and that he or she understands
that the knowing and willful request for,
or acquisition of, a record pertaining to
another individual under false pretenses
is a criminal offense.
If notification is requested by
telephone, an individual must verify his
or her identity by providing identifying
information that parallels the record to
which notification is being requested.
The individual will be required to
submit a request in writing or in person,
if we determine that the identifying
information provided by telephone is
insufficient. If an individual is
requesting information by telephone on
behalf of another individual, the subject
individual must be connected with SSA
and the requesting individual in the
same phone call. SSA will establish the
subject individual’s identity (his or her
name, SSN, address, date of birth, and
place of birth, along with one other
piece of information such as mother’s
maiden name) and ask for his or her
permission to provide the information
to the requesting individual.
If a request for notification is
submitted by mail, an individual must
include a notarized statement to SSA to
verify his or her identity or must certify
in the request that he or she is the
person he or she claims to be and that
he or she understands that the knowing
and willful request for, or acquisition of,
a record pertaining to another
individual under false pretenses is a
criminal offense. These procedures are
in accordance with SSA regulations (20
CFR 401.40).
RECORD ACCESS PROCEDURE(S):
Same as Notification procedures.
Requesters also should reasonably
specify the record contents they are
seeking. These procedures are in
accordance with SSA regulations (20
CFR 401.40).
CONTESTING RECORD PROCEDURE(S):
Same as Notification procedures.
Requesters should also reasonably
identify the record, specify the
information they are contesting, and
state the corrective action sought and
the reasons for the correction with
supporting justification showing how
the record is untimely, incomplete,
inaccurate, or irrelevant. These
PO 00000
Frm 00131
Fmt 4703
Sfmt 4703
procedures are in accordance with SSA
Regulations (20 CFR 401.65).
RECORD SOURCE CATEGORIES:
The information that SSA will collect
and maintain in SUMS/MCAS will
consist of information from SSA’s
mainframe customer information
control system, system management
facility transaction logs, visitor intake
process data extracts, payroll operations
data store, position codes, report office
table, Internet verification file,
electronic disability collect system and
related applications, customer help and
information programs, Medicare
application processing system, Internet
enterprise security interface log files,
travel manager, processing center, work
measurement transaction database,
district office weekly report, SSA webbased applications, programmatic
processes, and operational data stores.
SYSTEMS EXEMPT FROM CERTAIN PROVISIONS OF
THE PRIVACY ACT:
None.
[FR Doc. E8–1674 Filed 1–29–08; 8:45 am]
BILLING CODE 4191–02–P
DEPARTMENT OF STATE
[Public Notice 6076]
Advisory Committee on
Transformational Diplomacy Notice of
Report Finalization and Submission
The Department of State announces
that the Secretary of State’s Advisory
Committee on Transformational
Diplomacy (‘‘Committee’’) will submit
its report of recommendations on
Tuesday, January 29, 2008, from 1:15
p.m. to 1:45 p.m., at the Department of
State, 2201 C Street, Washington, DC in
the Treaty Room. This event will not be
a meeting of the Committee.
The Committee is composed of
persons from the private sector and
academia who provide advice on the
Department’s worldwide management
operations, including structuring,
leading and managing large global
enterprises, communicating
governmental missions and policies to
relevant publics, and better use of
information technology. The report is
comprised of committee findings and
recommendations to the Department
that support transformational diplomacy
in the areas including budgets,
integration of foreign affairs and
national security efforts, personnel
recruiting and fortification, public
private partnerships, upgrades to
technological infrastructure, as well as
tracking and measuring efforts. The
E:\FR\FM\30JAN1.SGM
30JAN1
]]>Agencies
[Federal Register Volume 73, Number 20 (Wednesday, January 30, 2008)]
[Notices]
[Pages 5619-5624]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-1674]
=======================================================================
-----------------------------------------------------------------------
SOCIAL SECURITY ADMINISTRATION
Privacy Act of 1974; as Amended New System of Records and Routine
Use Disclosures
AGENCY: Social Security Administration (SSA).
[[Page 5620]]
ACTION: Proposed New System of Records and Proposed Routine Uses.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act (5 U.S.C. 552a(e)(4) and
(e)(11)), we are issuing public notice of our intent to establish a new
system of records entitled, Social Security Administration Unified
Measurement System/Managerial Cost Accountability System (SUMS/MCAS)
60-0371, and routine uses applicable to this system of records. SUMS/
MCAS will consist of information related to five interrelated Agency
initiatives: (1) Workload counts, (2) performance measures, (3) time
allocation, (4) customer service records, and (5) managerial cost
accountability. We invite public comments on this proposal.
DATES: We filed a report of SUMS/MCAS and its applicable routine uses
with the Chairman of the Senate Committee on Homeland Security and
Governmental Affairs, the Chairman of the House Committee on Government
Reform, and the Director, Office of Information and Regulatory Affairs,
Office of Management and Budget (OMB) on January 23, 2008. SUMS/MCAS
and its routine uses will become effective on March 3, 2008, unless we
receive comments warranting that they not become effective.
ADDRESSES: Interested individuals may comment on this publication by
writing to the Executive Director, Office of Public Disclosure, Office
of the General Counsel, Social Security Administration, Room 3-A-6
Operations Building, 6401 Security Boulevard, Baltimore, Maryland
21235-6401. All comments received will be available for public
inspection at the above address.
FOR FURTHER INFORMATION CONTACT: Ms. Earlene Whitworth Hill, Social
Insurance Specialist, Disclosure Policy Development and Services
Division 1, Office of Public Disclosure, Office of the General Counsel,
Social Security Administration, Room 3-A-6 Operations Building, 6401
Security Boulevard, Baltimore, Maryland 21235-6401, telephone at (410)
965-1817, or e-mail: earlene.whitworth.hill@ssa.gov.
SUPPLEMENTARY INFORMATION:
I. Background and Purpose of SUMS/MCAS
A. General Background
SUMS/MCAS will support SSA and the State Disability Determination
Services (DDS) management and management information (MI) analysts in
analyzing workloads, planning resources, performing cost allocation
activities, improving access to MI, and improving work-power
allocation, which in turn will help us improve customer service and
reduce manual work. SUMS/MCAS will provide a single source of data,
collected in a consistent manner, which will improve the quality,
consistency, and access to information used throughout SSA and DDS. It
will also produce detailed reports that will assist us in assessing
office, unit, and employee performance. SUMS/MCAS will enable us to
manage and account for resources through one uniform source of MI,
combining five interrelated initiatives:
Workload Counts.
Performance Measure.
Time Allocation.
Customer Service Record.
Managerial Cost Accountability.
B. Collection and Maintenance of the Data for SUMS/MCAS
SSA will collect and maintain information in SUMS/MCAS that is
derived from SSA's mainframe and web-based computer usage files (log
files), payroll and human resource databases, security files (including
the Internet verification files and Internet enterprise security
interface), and programmatic work measurement data collected from all
SSA processing locations.
The information maintained in SUMS/MCAS will be maintained in paper
and electronic formats. Specifically, it will contain some, or all, of
the following information about our clients and visitors to any SSA
facility: name, Social Security number (SSN), age, address, and date of
birth (DOB), along with related claims processing information. The
system will contain some, or all, of the following information about
our employees, contractor employees, and DDS employees: personal
identification number (PIN); position; function and office codes;
access and exit times when logging-on to any SSA system; and names and
locations of the systems (log files). We will retrieve information from
the system via online analytical processing (OLAP) tools using any of
the data elements that the system contains. Standardized reports will
be created from the data. Thus, SUMS/MCAS will constitute a system of
records under the Privacy Act.
II. Proposed Routine Use Disclosures of Data Maintained in SUMS/MCAS
A. Proposed Routine Use Disclosures
We are proposing to establish routine uses of information that will
be maintained in SUMS/MCAS as discussed below.
1. To the Office of the President for the purpose of responding to
an individual pursuant to an inquiry received from that individual or
from a third party on his or her behalf.
We will disclose information under this routine use only in
situations in which an individual contacts the Office of the President,
seeking that Office's assistance in a matter relating to information
contained in SUMS/MCAS. Information will be disclosed when the Office
of the President makes an inquiry and indicates that it is acting on
behalf of the individual whose record is requested.
2. To a congressional office in response to an inquiry from that
office made at the request of the subject of a record.
We will disclose information under this routine use only in
situations in which an individual asks his or her congressional
representative to intercede in a matter relating to information
contained in SUMS/MCAS. Information will be disclosed when the
congressional representative makes an inquiry and indicates that he or
she is acting on behalf of the individual whose record is requested.
3. To the Department of Justice (DOJ), a court or other tribunal,
or another party before such tribunal when:
(a) SSA, or any component thereof; or
(b) Any SSA employee in his/her official capacity; or
(c) Any SSA employee in his/her individual capacity where DOJ (or
SSA where it is authorized to do so) has agreed to represent the
employee; or
(d) The United States or any agency thereof where SSA determines
that the litigation is likely to affect the operation of SSA or any of
its components,
is a party to litigation or has an interest in such litigation, and SSA
determines that the use of such records by DOJ, a court or other
tribunal, or another party before such tribunal, is relevant and
necessary to the litigation, provided, however, that in each case, SSA
determines that such disclosure is compatible with the purpose for
which the records were collected.
We will disclose information under this routine use only as
necessary to enable DOJ to effectively defend SSA, its components or
employees, in litigation involving SUMS/MCAS and/or to ensure that
courts and other tribunals have appropriate information.
4. To the Equal Employment Opportunity Commissioner (EEOC) when
requesting information in connection with investigations into alleged
or possible discriminatory practices in the Federal sector, examination
of Federal affirmative employment programs, compliance by
[[Page 5621]]
Federal agencies with the Uniform Guidelines on Employee Selection
Procedures, or other functions vested in the Commission.
We will disclose information about our employees to the EEOC, as
necessary, to assist in reassessing individuals' requests for
reasonable accommodations; to assist in investigations into alleged or
possible discriminatory practices in the Federal sector; to combat and
prevent fraud, waste, and abuse under the Rehabilitation Act of 1973;
and to assist the Commission in carrying out its other functions.
5. To the Federal Labor Relations Authority, the General Counsel,
the Federal Mediation and Conciliation Service, the Federal Service
Impasses Panel, or an arbitrator when information is requested in
connection with investigations of allegations of unfair practices or of
other matters before an arbitrator or the Federal Service Impasses
Panel.
We will disclose information about our employees under this routine
use, as necessary, to the Federal Labor Relations Authority, the
General Counsel, the Federal Mediation and Conciliation Service, and
the Federal Service Impasses Panel or an arbitrator, in which all or
part of the allegations involve SUMS/MCAS.
6. To the Merit Systems Protection Board or the Office of the
Special Counsel in connection with appeals, special studies of the
civil service and other merit systems, review of rules and regulations,
investigation of alleged or possible prohibited personnel practices,
and other such functions promulgated in 5 U.S.C. Chapter 12, or as may
be authorized by law.
We will disclose information about our employees under this routine
use, as necessary, to the Merit Systems Protection Board or the Office
of the Special Counsel, in which all or part of the allegations in the
appeal or action involve SUMS/MCAS.
7. To contractors and other Federal agencies, as necessary, for the
purpose of assisting SSA in the efficient administration of its
programs. We contemplate disclosing information under this routine use
only in situations in which SSA may enter into a contractual or similar
agreement with a third party to assist in accomplishing an Agency
function relating to SUMS/MCAS.
We will disclose information under this routine use only in
situations where SSA enters into a contractual agreement or similar
agreement with a third party to assist in accomplishing an Agency
function relating to SUMS/MCAS.
8. To student volunteers, individuals who are working under a
personal service contract, and other individuals performing functions
for SSA, but technically not having the status of Agency employees, if
they need access to the records in order to perform their assigned
Agency functions.
Under certain Federal statutes, SSA is authorized to use the
service of volunteers and participants in certain educational,
training, employment, and community service programs. Examples of such
statutes and programs include 5 U.S.C. 3111, which pertain to student
volunteers, and 42 U.S.C. 2753, which pertain to the College Work-Study
Program. We contemplate disclosing information under this routine use
only when SSA uses the services of these individuals and they need
access to information in this system to perform their assigned Agency
duties.
9. To General Services Administration (GSA) and the National
Archives and Records Administration (NARA) under 44 U.S.C. Sec. 2904
and Sec. 2906, as amended by NARA Act of 1984, information which is
not restricted from disclosure by Federal law for the use of those
agencies in conducting records management studies.
The Administrator of GSA and the Archivist of NARA are authorized
by 44 U.S.C. 2904, as amended, to promulgate standards, procedures and
guidelines regarding record management and conducting records
management studies. GSA and NARA are authorized to inspect Federal
agencies' records, for records management purposes, and agencies are
expected to cooperate with GSA and NARA (44 U.S.C. 2906). In such
instances, the routine use will allow disclosure.
10. To Federal, State, and local law enforcement agencies and
private security contractors, as appropriate, information necessary:
To enable them to protect the safety of SSA employees and
customers, the security of the SSA workplace, or the operation of SSA
facilities, or
To assist investigations or prosecutions with respect to
activities that affect such safety and security or activities that
disrupts the operation of SSA facilities.
We will disclose information under this routine use to law
enforcement agencies and private security contractors when information
is needed to respond to, investigate, or prevent activities that
jeopardize the security and safety of SSA customers, employees, or
workplaces, or that otherwise disrupt the operation of SSA facilities.
Information would also be disclosed to assist in the prosecution of
persons charged with violating Federal, State, or local law in
connection with such activities.
11. To the Secretary of Health and Human Services (HHS) or to any
State, we will disclose any record or information requested in writing
by the Secretary for the purpose of administering any program
administered by the Secretary, if records or information of such type
were so disclosed under applicable rules, regulations, and procedures
in effect before the date of enactment of the Social Security
Independence and Program Improvements Act of 1994.
We will disclose information under this routine use as directed in
section 704(e)(1)(B) of the Social Security Independence and Program
Improvements Act of 1994, which mandates certain disclosures to HHS
components.
12. To appropriate Federal, State, and local agencies, entities,
and persons when (1) we suspect or confirm that the security or
confidentiality of information in this system of records has been
compromised; (2) we determine that as a result of the suspected or
confirmed compromise there is a risk of harm to economic or property
interests, identity theft or fraud, or harm to the security or
integrity of this system or other systems or programs of SSA that rely
upon the compromised information; and (3) we determine that disclosing
the information to such agencies, entities, and persons is necessary to
assist in our efforts to respond to the suspected or confirmed
compromise and to prevent, minimize, or remedy such harm. We will use
this routine use to respond only to those incidents involving an
unintentional release of our records.
This routine use specifically permits the disclosure of SSA
information in connection with response and remediation efforts in the
event of an unintentional release of Agency information, otherwise
known as a ``data security breach.'' This routine use serves to protect
the interests of the person whose information is at risk by allowing us
to take appropriate steps to facilitate a timely and effective response
to a data breach. It will also help us to improve our ability to
prevent, minimize, or remedy any harm that may result from a compromise
of data maintained in this system of records.
B. Compatibility of Proposed Routine Uses
The Privacy Act (5 U.S.C. 552a(b)(3)) and our disclosure
regulations (20 CFR Part 401) permit us to disclose information under a
published notice of
[[Page 5622]]
routine use for a purpose that is compatible with the purpose for which
we collected the information. Section 401.150(c) of our regulations
permits us to disclose information under a routine use where necessary
to carry out SSA programs. Section 401.120 provides that we will
disclose information when a law specifically requires the disclosure.
The proposed routine uses numbered 1 through 8, and 10 and 11 above,
will ensure we efficiently administer SUMS/MCAS. The disclosure that
would be made under routine uses number 9 and 12 are required by
Federal law. Thus, all routine uses are appropriate and meet the
relevant statutory and regulatory criteria.
III. Records Storage Medium and Safeguards for the Information
Maintained in SUMS/MCAS
We will maintain information in SUMS/MCAS in paper and electronic
form. Only authorized SSA, DDS, and contractor personnel who have a
need for the information in the performance of their official duties
will be permitted access to the information. We will safeguard the
security of the information by requiring the use of access codes to
enter the computer system that will maintain the data and will store
computerized records in secured areas that are accessible only to
employees who require the information to perform their official duties.
We keep paper records in locked cabinets or in otherwise secure areas.
DDS and contractor personnel having access to data in SUMS/MCAS
will be required to adhere to SSA rules concerning safeguards, access,
and use of the data.
SSA, DDS, and contractor personnel having access to the data on
this system will be informed of the criminal penalties of the Privacy
Act for unauthorized access to, or disclosure of, information
maintained in this system. See 5 U.S.C. 552a(i)(1).
IV. Effect of SUMS/MCAS on the Rights of Individuals
SUMS/MCAS will maintain only information that is necessary to carry
out our official functions under the Social Security Act and other
applicable Federal statutes. We will use security measures that protect
access to, and preclude unauthorized disclosure of, records in SUMS/
MCAS. Our maintenance and use of the information are in accordance with
the provisions of the Privacy Act (5 U.S.C. Sec. 552a) and SSA's
disclosure regulations (20 CFR Part 401). We employ safeguards to
protect all personal information in our possession as well as the
confidentiality of the information. We will disclose information under
the routine uses discussed above only as necessary to accomplish the
stated purpose(s). Thus, we do not anticipate that SUMS/MCAS and its
routine use disclosures will have an unwarranted adverse effect on the
rights of the individuals to whom they pertain.
Dated: January 23, 2008.
Michael J. Astrue,
Commissioner.
Social Security Administration (SSA)
Notice of System of Records Required by the Privacy Act of 1974; as
Amended
System number:
60-0371.
System name:
Social Security Administration Unified Measurement System/
Managerial Cost Accountability (SUMS/MCAS).
Security classification:
None.
System location:
Office of Systems, SSA, 6401 Security Boulevard, Baltimore,
Maryland 21235-6401.
Categories of individuals covered by the system:
SSA employees, individuals who do business with SSA (e.g., Social
Security claimants, beneficiaries, attorney or non-attorney
representatives, and representative payees), the State Disability
Determination Services (DDS) employees and contractors who assist the
Agency in administering the Agency's programs.
Categories of records in the system:
We collect records maintained in SUMS/MCAS for management
information (MI) in administering the Agency's programs to improve
customer service and to produce detailed reports that will assist us in
assessing office, unit, and employee performance. Specifically, it will
contain some or all of the following information about individuals who
do business with SSA: Name, Social Security number (SSN), age, address,
and date of birth (DOB), along with other claims related processing
information. The system will contain some or all of the following
information about our employees, DDS employees, and contractor
employees: Name; SSN; personal identification number (PIN); position;
function and office codes; access and exit times when logging on any
SSA system; and names and locations of the systems (log files).
The records will consist of information from SSA's mainframe and
web-based computer usage files (log files); payroll and human resource
databases; security files including the Internet verification file and
Internet enterprise security interface; and programmatic work
measurement data collected from all SSA processing locations.
Authority for Maintenance of the System:
Section 205(a) of the Social Security Act (42 U.S.C. 405(a)).
Chief Financial Officers (CFO) Act (1990)--Provides for the
integration and modernization of Federal financial systems and requires
development of reporting of cost information.
Government Performance and Results Act (GPRA) (1993)--GPRA requires
development of Agency strategic plans and performance goals,
measurement and reporting on actual performance compared to goals,
computation of costs and unit costs as key performance indicators, and
comparison of costs with outputs and outcomes.
Government Management Reform Act (GMRA) (1994)--Requires an agency-
wide performance and financial statement, an audited statement, and
cost information.
Federal Financial Management Improvement Act (FFMIA) (1996)--
Mandates that agencies establish financial management systems that
comply with Federal standards and requirements. It directs auditors to
report on compliance as part of the review of agency financial
statements.
Office of Management and Budget (OMB) Standards--Require SSA to
implement a modern managerial cost accounting system that satisfies all
needs at all managerial decision levels.
Purpose(s):
SUMS/MCAS includes five interrelated Agency initiatives: (1)
Workload Counts; (2) Performance Measures; (3) Time Allocation; (4)
Customer Service Record; and (5) Managerial Cost Accountability, which
will provide a single source for data, collected in a consistent manner
to improve the quality, consistency, and accessibility of MI. SUMS/MCAS
will enable the Agency to:
Improve customer service and enhance the Agency's ability
to monitor customer service;
Create a unified work measurement and work power (i.e.,
the amount of time it takes to do one piece of work) identification
system providing simpler access to information for reporting data;
Produce detailed reports that will assist us in assessing
office, unit, and employee performance;
[[Page 5623]]
Consolidate the Agency workload structure and provide data
at any office level, down to a specific employee;
Allocate work-time usage information consistently for all
components, workload activities, and the time that it takes to perform
work and calculate productivity;
Accommodate new workloads in a flexible work-measurement
system by shifting work to locations where capacity exists, improving
customer service;
Ensure an accurate cost allocation of work performed by
SSA;
Manage and account for resources through one uniform
source of MI;
Measure outcomes, determine full costs, control resources,
assess performance and provide timely feedback to managers to enhance
the Agency's accountability and customer service; and
Satisfy government-wide managerial cost accounting
regulations and enable the Agency to link resource expenditures with
performance, as required by legislation and other government-wide
requirements stated in:
1. CFO Act of 1990;
2. GPRA Act of 1993;
3. GMRA Act of 1994;
4. FFMIA Act of 1996; and
5. OMB Standards.
Routine Uses of Records Maintained in the System, Including Categories
of Users and the Purpose of Such Uses:
Disclosure may be made for routine uses as indicated below.
1. To the Office of the President for the purpose of responding to
an individual pursuant to an inquiry received from that individual or
from a third party on his or her behalf.
2. To a congressional office in response to an inquiry from that
office made at the request of the subject of a record.
3. To the Department of Justice (DOJ), a court or other tribunal,
or another party before such tribunal when:
a. SSA, or any component thereof; or
b. Any SSA employee in his or her official capacity; or
c. Any SSA employee in his or her individual capacity where DOJ (or
SSA where it is authorized to do so) has agreed to represent the
employee; or
d. The United States or any agency thereof where SSA determines
that the litigation is likely to affect the operations of SSA or any of
its components, is a party to litigation or has an interest in such
litigation, and SSA determines that the use of such records by DOJ, a
court or other tribunal, or another party before such tribunal, is
relevant and necessary to the litigation, provided, however, that in
each case, SSA determines that such disclosure is compatible with the
purpose for which the records were collected.
4. To the Equal Employment Opportunity Commission when requesting
information in connection with investigations into alleged or possible
discriminatory practices in the Federal sector, examination of Federal
affirmative employment programs, compliance by Federal agencies with
the Uniform Guidelines on Employee Selection Procedures, or other
functions vested in the Commission.
5. To the Federal Labor Relations Authority, the General Counsel,
the Federal Mediation and Conciliation Service, the Federal Service
Impasses Panel, or an arbitrator when information is requested in
connection with the investigations of allegations of unfair practices
or of other matters before an arbitrator or the Federal Impasses Panel.
6. To the Merit Systems Protection Board or the Office of the
Special Counsel in connection with appeals, special studies of the
civil service and other merit systems, review of rules and regulations,
investigation of alleged or possible prohibited personnel practices,
and other such functions promulgated in 5 U.S.C. Chapter 12, or as may
be authorized by law.
7. To contractors and other Federal agencies, as necessary, for the
purpose of assisting SSA in the efficient administration of its
programs. We contemplate disclosing information under this routine use
only in situations in which SSA may enter into a contractual or similar
agreement with a third party to assist in accomplishing an Agency
function relating to this system of records.
8. To student volunteers, individuals working under a personal
service contract, and other workers who technically do not have the
status of Federal employees, when they are performing work for the SSA,
as authorized by law, and they need access to personally identifiable
information in SSA records in order to perform their assigned Agency
functions.
9. To General Services Administration and the National Archives and
Records Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended
by NARA Act of 1984, information which is not restricted from
disclosure by Federal law for the use of those agencies in conducting
records management studies.
10. To Federal, State, and local law enforcement agencies and
private security contractors, as appropriate, information necessary:
To enable them to protect the safety of SSA employees and
customers, the security of the SSA workplace, or the operation of SSA
facilities, or
To assist investigations or prosecutions with respect to
activities that affect such safety and security or activities that
disrupt the operation of SSA facilities.
11. To the Secretary of Health and Human Services or to any State,
we will disclose any record or information requested in writing by the
Secretary for the purpose of administering any program administered by
the Secretary, if records or information of such type were so disclosed
under applicable rules, regulations, and procedures in effect before
the date of enactment of the Social Security Independence and Program
Improvements Act of 1994.
12. To appropriate Federal, State, and local agencies, entities,
and persons when (1) We suspect or confirm that the security or
confidentiality of information in this system of records has been
compromised; (2) we determine that as a result of the suspected or
confirmed compromise there is a risk of harm to economic or property
interests, identity theft or fraud, or harm to the security or
integrity of this system or other systems or programs of SSA that rely
upon the compromised information; and (3) we determine that disclosing
the information to such agencies, entities, and persons is necessary to
assist in our efforts to respond to the suspected or confirmed
compromise and to prevent, minimize, or remedy such harm. We will use
this routine use to respond only to those incidents involving an
unintentional release of our records.
Policies and Practices for Storing, Retrieving, Accessing, Retaining
and Disposing of Records in the System:
Storage:
We maintain and store records in SUMS/MCAS in electronic and paper
form. We keep paper records in locked cabinets or in otherwise secure
areas.
Retrievability:
We retrieve records in SUMS/MCAS by the name, SSN, age, address,
and DOB of individuals who do business with SSA (e.g., Social Security
claimants, beneficiaries, attorney or non-attorney representatives, and
representative payees). We retrieve records in SUMS/MCAS by the name,
SSN, PIN, position code, function or office location codes of
employees, DDS employees and contractors.
[[Page 5624]]
Safeguards:
Security measures include the use of access codes to enter the
computer system that maintains the data; computerized records will be
stored in secured areas that are accessible only to employees who
require the information in performing their official duties. All paper
records will be kept in locked cabinets or in otherwise secure areas.
SSA and DDS employees who have access to the data will be informed of
the criminal penalties of the Privacy Act for unauthorized access to or
disclosure of information maintained in the system. See 5 U.S.C.
552a(i)(1).
Contractor personnel having access to data in the system of records
will be required to adhere to SSA rules concerning safeguards, access,
and use of the data.
Retention and Disposal:
The project will adhere to NARA record retention standards as
outlined in the SUMS/MCAS Global Requirements document. Specific
retention periods follow NC-47-75-7 as shown below:
(1) Data source extract records housed in the SUMS/MCAS active data
warehouse will be retained for 2 full fiscal years plus the current
fiscal year.
(2) Active detail records and corresponding summary records housed
in the SUMS/MCAS active data warehouse will be retained for 9 full
fiscal years plus the current fiscal year.
(3) Long term offline archive of summary data housed in the SUMS/
MCAS long term offline archive database will be retained for a total of
50 years or 40 additional years from the time it moves from the active
data warehouse.
(4) MI housed in the Operational Data Stores (ODS) will be retained
for a maximum of 5 years.
(5) Reference data housed in reference tables within the active
data warehouse will be maintained in the active data warehouse for 50
years.
System Manager(s) and Address:
SUMS/MCAS Program Manager, Office of Systems, Social Security
Administration, 6401 Security Boulevard, Baltimore, Maryland 21235-
6401.
Notification Procedure(s):
An individual may determine if this system contains a record about
him or her by writing to the systems manager(s) at the above address
and providing his or her name, SSN, or other information that may be in
the system of records that will identify him or her. An individual
requesting notification of records in person should provide the same
information, as well as provide an identity document, preferably with a
photograph, such as a driver's license, or some other means of
identification. If an individual does not have any identification
documents sufficient to establish his or her identity, the individual
must certify in writing that he or she is the person he or she claims
to be and that he or she understands that the knowing and willful
request for, or acquisition of, a record pertaining to another
individual under false pretenses is a criminal offense.
If notification is requested by telephone, an individual must
verify his or her identity by providing identifying information that
parallels the record to which notification is being requested. The
individual will be required to submit a request in writing or in
person, if we determine that the identifying information provided by
telephone is insufficient. If an individual is requesting information
by telephone on behalf of another individual, the subject individual
must be connected with SSA and the requesting individual in the same
phone call. SSA will establish the subject individual's identity (his
or her name, SSN, address, date of birth, and place of birth, along
with one other piece of information such as mother's maiden name) and
ask for his or her permission to provide the information to the
requesting individual.
If a request for notification is submitted by mail, an individual
must include a notarized statement to SSA to verify his or her identity
or must certify in the request that he or she is the person he or she
claims to be and that he or she understands that the knowing and
willful request for, or acquisition of, a record pertaining to another
individual under false pretenses is a criminal offense. These
procedures are in accordance with SSA regulations (20 CFR 401.40).
Record Access Procedure(s):
Same as Notification procedures. Requesters also should reasonably
specify the record contents they are seeking. These procedures are in
accordance with SSA regulations (20 CFR 401.40).
Contesting Record Procedure(s):
Same as Notification procedures. Requesters should also reasonably
identify the record, specify the information they are contesting, and
state the corrective action sought and the reasons for the correction
with supporting justification showing how the record is untimely,
incomplete, inaccurate, or irrelevant. These procedures are in
accordance with SSA Regulations (20 CFR 401.65).
Record Source Categories:
The information that SSA will collect and maintain in SUMS/MCAS
will consist of information from SSA's mainframe customer information
control system, system management facility transaction logs, visitor
intake process data extracts, payroll operations data store, position
codes, report office table, Internet verification file, electronic
disability collect system and related applications, customer help and
information programs, Medicare application processing system, Internet
enterprise security interface log files, travel manager, processing
center, work measurement transaction database, district office weekly
report, SSA web-based applications, programmatic processes, and
operational data stores.
Systems Exempt from Certain Provisions of the Privacy Act:
None.
[FR Doc. E8-1674 Filed 1-29-08; 8:45 am]
BILLING CODE 4191-02-P
