Privacy Act of 1974; Notice of Updated Systems of Records, 22397-22398 [E8-8919]

Download as PDF Federal Register / Vol. 73, No. 81 / Friday, April 25, 2008 / Notices the issuance of a grant, license, or other benefit to the extent that the information is relevant and necessary to a decision. d. To the Office of Personnel Management (OPM), the Office of Management and Budget (OMB), or the Government Accountability Office (GAO) when the information is required for program evaluation purposes. e. To a Member of Congress or staff on behalf of and at the request of the individual who is the subject of the record. f. To an expert, consultant, or contractor of GSA in the performance of a Federal duty to which the information is relevant. g. To the National Archives and Records Administration (NARA) for records management purposes. h. To the GSA Office of Finance for debt collection purposes (see GSA/ PPFM–7). i. To appropriate agencies, entities, and persons when (1) the Agency suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by GSA or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with GSA’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Information may be collected on paper or electronically and may be stored on paper or on electronic media, as appropriate. transmitted. Paper records are stored in secure cabinets or rooms. Electronic records are protected by passwords and other appropriate security measures. RETENTION AND DISPOSAL: Disposition of records is according to the National Archives and Records Administration (NARA) guidelines, as set forth in the handbook, GSA Records Maintenance and Disposition System (CIO P 1820.1), and authorized GSA records schedules. SYSTEM MANAGER AND ADDRESS: Director, Financial Initiative Division (BCD), Office of Financial Policy and Operations, Office of the Chief Financial Officer, General Services Administration, 1800 F Street, NW., Washington, DC 20405. NOTIFICATION PROCEDURE: A Privacy Act Statement on the purchase card data collection form notifies individuals of the purpose and uses of the information they provide. Employees may obtain information about whether they are a part of this system of records from the system manager at the above address. RECORD ACCESS PROCEDURES: Requests from individuals for access to their records should be addressed to the system manager. CONTESTING RECORD PROCEDURES: GSA rules for access to systems of records, contesting the contents of systems of records, and appealing initial determinations are published at 41 CFR part 105–64. RECORD SOURCE CATEGORIES: Information is obtained from individuals submitting charge card applications, monthly contractor reports, purchase records, managers, other agencies, non-Federal sources such as private firms, and other agency systems containing information pertaining to the purchase card program. [FR Doc. E8–8910 Filed 4–24–08; 8:45 am] 22397 necessary, accurate, up-to-date, covered by the appropriate legal or regulatory authority, and in response to OMB M– 07–16. This notice is a compilation of updated Privacy Act system of record notices. DATES: Effective May 27, 2008. Call or e-mail the GSA Privacy Act Officer: telephone 202–208–1317; e-mail gsa.privacyact@gsa.gov. FOR FURTHER INFORMATION CONTACT: GSA Privacy Act Officer (CIB), General Services Administration, 1800 F Street, NW., Washington, DC 20405. ADDRESSES: GSA undertook and completed an agencywide review of its Privacy Act systems of records. As a result of the review GSA is publishing updated Privacy Act systems of records notices. Rather than make numerous piecemeal revisions, GSA is republishing updated notices for one of its systems. Nothing in the revised system notices indicates a change in authorities or practices regarding the collection and maintenance of information. Nor do the changes impact individuals’ rights to access or amend their records in the systems of records. The updated system notices also include the new requirement from OMB Memorandum M–07–16 regarding a new routine use that allows agencies to disclose information in connection with a response and remedial efforts in the event of a data breach. SUPPLEMENTARY INFORMATION: Dated: April 16, 2008. Cheryl M. Paige, Director, Office of Information Management. GSA/PPFM–11 SYSTEM NAME: Pegasys. SYSTEM LOCATION: Pegasys records and files are maintained in the Phoenix Data Center (PDC), with records also stored in the Washington, DC Central Office, Ft. Worth regional office, and Kansas City regional office. RETRIEVABILITY: BILLING CODE 6820–34–P Records are retrievable by a personal identifier or by other appropriate type of designation approved by GSA. GENERAL SERVICES ADMINISTRATION Individuals covered by Pegasys include GSA vendors and Federal employees. Privacy Act of 1974; Notice of Updated Systems of Records RECORDS IN THE SYSTEM: sroberts on PROD1PC70 with NOTICES SAFEGUARDS: System records are safeguarded in accordance with the requirements of the Privacy Act, the Computer Security Act, and OMB Circular A–130. Technical, administrative, and personnel security measures are implemented to ensure confidentiality and integrity of the system data stored, processed, and VerDate Aug<31>2005 20:20 Apr 24, 2008 Jkt 214001 INDIVIDUALS COVERED BY THE SYSTEM: General Services Administration. ACTION: Notice. AGENCY: SUMMARY: GSA reviewed its Privacy Act systems to ensure that they are relevant, PO 00000 Frm 00077 Fmt 4703 Sfmt 4703 Pegasys contains records and files pertaining to financial information; therefore, these files and records contain the following privacy data: • Social Security Number (SSN); • Employee address; • Banking information; E:\FR\FM\25APN1.SGM 25APN1 22398 Federal Register / Vol. 73, No. 81 / Friday, April 25, 2008 / Notices • Credit Card number. AUTHORITY FOR MAINTAINING THE SYSTEM: The Chief Financial Officers (CFO) Act of 1990 (Public Law 101–576) as amended. PURPOSE: Pegasys is the GSA core financial management system of records to make payments and record accounting transactions. This includes funds management (budget execution and purchasing), credit cards, accounts payable, disbursements, standard general ledger, and reporting. It is part of a shared-services financial operation providing a commercial-off-the-shelf (COTS) financial system (in a privatevendor hosted environment), financial transaction processing, and financial analysis for its main business lines of Federal supplies and technology, public buildings, and general management and administration offices. GSA also utilizes this shared-service operation to cross service multiple external client agencies. sroberts on PROD1PC70 with NOTICES System information accessed by Pegasys may be used by designated finance center employees and their supervisors, along with designated analysts and managers. System information also may be used: a. In any legal proceeding, where pertinent, to which GSA is a party before a court or administrative body. b. To conduct investigations, by authorized officials, that are investigating or settling a grievance, complaint, or appeal filed by an individual who is the subject of the record. c. To a Federal agency in connection with the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation; the letting of a contract; or the issuance of a grant, license, or other benefit to the extent that the information is relevant and necessary to a decision. d. To the Office of Personnel Management (OPM), the Office of Management and Budget (OMB), or the Government Accountability Office (GAO) when the information is required for program evaluation purposes. e. To an expert, consultant, or contractor of GSA in the performance of a Federal duty to which the information is relevant. f. To the National Archives and Records Administration (NARA) for records management purposes. g. To appropriate agencies, entities, and persons when (1) the Agency 20:20 Apr 24, 2008 Jkt 214001 POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF SYSTEM RECORDS: should contact the Pegasys system manager. RECORD ACCESS PROCEDURE: Requests for access may be directed to the Pegasys system manager. RECORD CONTESTING PROCEDURE: GSA rules for accessing records, for contesting the contents, and appealing initial decisions are in 41 CFR part 105– 64, published in the Federal Register. RECORD SOURCES: The sources for information in Pegasys are the individuals for whom the records are maintained, the supervisors of those individuals, and existing agency systems. [FR Doc. E8–8919 Filed 4–24–08; 8:45 am] BILLING CODE 6820–34–P STORAGE: GENERAL SERVICES ADMINISTRATION All records and files in Pegasys are stored electronically in a passwordprotected database format. Privacy Act of 1974; Notice of Updated Systems of Records RETRIEVAL: ROUTINE USES OF THE SYSTEM RECORDS, INCLUDING CATEGORIES OF USERS AND THEIR PURPOSE FOR USING THE SYSTEM: VerDate Aug<31>2005 suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by GSA or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with GSA’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. AGENCY: Information on individuals contained in Pegasys records and files are retrievable by name or vendor number. SAFEGUARDS: Pegasys records and files are safeguarded in accordance with the requirements of the Privacy Act. Access is limited to authorized individuals with passwords, and the database is maintained behind a certified firewall. Information on individuals is released only to authorized persons on a need-toknow basis and in accordance with the provisions of routine use. This system undergoes frequent testing and is certified and accredited for operation. Periodic Privacy Act Impact Assessments are performed as well to ensure the adequacy of security controls to protect personally identifiable information. Pegasys records and files are retained and disposed of according to GSA records maintenance and disposition schedules and the requirements of the National Archives and Records Administration (NARA). SYSTEM MANAGER AND ADDRESS: Director, Financial Systems Development Division (BDD), General Services Administration, 1800 F Street, NW., Washington, DC 20405. NOTIFICATION PROCEDURE: Individuals wishing to inquire if the system contains information about them Frm 00078 Fmt 4703 Sfmt 4703 SUMMARY: The General Services Administration (GSA) reviewed its Privacy Act systems to ensure that they are relevant, necessary, accurate, up-todate, covered by the appropriate legal or regulatory authority, and in response to OMB M–07–16. This notice is a compilation of updated Privacy Act system of record notices. DATES: Effective May 27, 2008. FOR FURTHER INFORMATION CONTACT: Call or e-mail the GSA Privacy Act Officer: Telephone 202–208–1317; e-mail gsa.privacyact@gsa.gov. GSA Privacy Act Officer (CIB), General Services Administration, 1800 F Street, NW., Washington, DC 20405. ADDRESSES: GSA undertook and completed an agencywide review of its Privacy Act systems of records. As a result of the review GSA is publishing updated Privacy Act systems of records notices. Rather than make numerous piecemeal revisions, GSA is republishing updated notices for one of its systems. Nothing in the revised system notices indicates a change in authorities or practices regarding the collection and maintenance of information. Nor do the changes impact individuals’ rights to access or amend their records in the systems of records. The updated system notices also include the new SUPPLEMENTARY INFORMATION: RETENTION AND DISPOSAL: PO 00000 General Services Administration. ACTION: Notice. E:\FR\FM\25APN1.SGM 25APN1

Agencies

[Federal Register Volume 73, Number 81 (Friday, April 25, 2008)]
[Notices]
[Pages 22397-22398]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-8919]


-----------------------------------------------------------------------

GENERAL SERVICES ADMINISTRATION


Privacy Act of 1974; Notice of Updated Systems of Records

AGENCY: General Services Administration.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: GSA reviewed its Privacy Act systems to ensure that they are 
relevant, necessary, accurate, up-to-date, covered by the appropriate 
legal or regulatory authority, and in response to OMB M-07-16. This 
notice is a compilation of updated Privacy Act system of record 
notices.

DATES: Effective May 27, 2008.

FOR FURTHER INFORMATION CONTACT: Call or e-mail the GSA Privacy Act 
Officer: telephone 202-208-1317; e-mail gsa.privacyact@gsa.gov.

ADDRESSES: GSA Privacy Act Officer (CIB), General Services 
Administration, 1800 F Street, NW., Washington, DC 20405.

SUPPLEMENTARY INFORMATION: GSA undertook and completed an agency-wide 
review of its Privacy Act systems of records. As a result of the review 
GSA is publishing updated Privacy Act systems of records notices. 
Rather than make numerous piecemeal revisions, GSA is republishing 
updated notices for one of its systems. Nothing in the revised system 
notices indicates a change in authorities or practices regarding the 
collection and maintenance of information. Nor do the changes impact 
individuals' rights to access or amend their records in the systems of 
records. The updated system notices also include the new requirement 
from OMB Memorandum M-07-16 regarding a new routine use that allows 
agencies to disclose information in connection with a response and 
remedial efforts in the event of a data breach.

    Dated: April 16, 2008.
Cheryl M. Paige,
Director, Office of Information Management.
GSA/PPFM-11

SYSTEM NAME:
    Pegasys.

SYSTEM LOCATION:
    Pegasys records and files are maintained in the Phoenix Data Center 
(PDC), with records also stored in the Washington, DC Central Office, 
Ft. Worth regional office, and Kansas City regional office.

INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals covered by Pegasys include GSA vendors and Federal 
employees.

RECORDS IN THE SYSTEM:
    Pegasys contains records and files pertaining to financial 
information; therefore, these files and records contain the following 
privacy data:
     Social Security Number (SSN);
     Employee address;
     Banking information;

[[Page 22398]]

     Credit Card number.

AUTHORITY FOR MAINTAINING THE SYSTEM:
    The Chief Financial Officers (CFO) Act of 1990 (Public Law 101-576) 
as amended.

PURPOSE:
    Pegasys is the GSA core financial management system of records to 
make payments and record accounting transactions. This includes funds 
management (budget execution and purchasing), credit cards, accounts 
payable, disbursements, standard general ledger, and reporting. It is 
part of a shared-services financial operation providing a commercial-
off-the-shelf (COTS) financial system (in a private-vendor hosted 
environment), financial transaction processing, and financial analysis 
for its main business lines of Federal supplies and technology, public 
buildings, and general management and administration offices. GSA also 
utilizes this shared-service operation to cross service multiple 
external client agencies.

ROUTINE USES OF THE SYSTEM RECORDS, INCLUDING CATEGORIES OF USERS AND 
THEIR PURPOSE FOR USING THE SYSTEM:
    System information accessed by Pegasys may be used by designated 
finance center employees and their supervisors, along with designated 
analysts and managers. System information also may be used:
    a. In any legal proceeding, where pertinent, to which GSA is a 
party before a court or administrative body.
    b. To conduct investigations, by authorized officials, that are 
investigating or settling a grievance, complaint, or appeal filed by an 
individual who is the subject of the record.
    c. To a Federal agency in connection with the hiring or retention 
of an employee; the issuance of a security clearance; the reporting of 
an investigation; the letting of a contract; or the issuance of a 
grant, license, or other benefit to the extent that the information is 
relevant and necessary to a decision.
    d. To the Office of Personnel Management (OPM), the Office of 
Management and Budget (OMB), or the Government Accountability Office 
(GAO) when the information is required for program evaluation purposes.
    e. To an expert, consultant, or contractor of GSA in the 
performance of a Federal duty to which the information is relevant.
    f. To the National Archives and Records Administration (NARA) for 
records management purposes.
    g. To appropriate agencies, entities, and persons when (1) the 
Agency suspects or has confirmed that the security or confidentiality 
of information in the system of records has been compromised; (2) the 
Agency has determined that as a result of the suspected or confirmed 
compromise there is a risk of harm to economic or property interests, 
identity theft or fraud, or harm to the security or integrity of this 
system or other systems or programs (whether maintained by GSA or 
another agency or entity) that rely upon the compromised information; 
and (3) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with GSA's efforts to 
respond to the suspected or confirmed compromise and prevent, minimize, 
or remedy such harm.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF SYSTEM RECORDS:
STORAGE:
    All records and files in Pegasys are stored electronically in a 
password-protected database format.

RETRIEVAL:
    Information on individuals contained in Pegasys records and files 
are retrievable by name or vendor number.

SAFEGUARDS:
    Pegasys records and files are safeguarded in accordance with the 
requirements of the Privacy Act. Access is limited to authorized 
individuals with passwords, and the database is maintained behind a 
certified firewall. Information on individuals is released only to 
authorized persons on a need-to-know basis and in accordance with the 
provisions of routine use. This system undergoes frequent testing and 
is certified and accredited for operation. Periodic Privacy Act Impact 
Assessments are performed as well to ensure the adequacy of security 
controls to protect personally identifiable information.

RETENTION AND DISPOSAL:
    Pegasys records and files are retained and disposed of according to 
GSA records maintenance and disposition schedules and the requirements 
of the National Archives and Records Administration (NARA).

SYSTEM MANAGER AND ADDRESS:
    Director, Financial Systems Development Division (BDD), General 
Services Administration, 1800 F Street, NW., Washington, DC 20405.

NOTIFICATION PROCEDURE:
    Individuals wishing to inquire if the system contains information 
about them should contact the Pegasys system manager.

RECORD ACCESS PROCEDURE:
    Requests for access may be directed to the Pegasys system manager.

RECORD CONTESTING PROCEDURE:
    GSA rules for accessing records, for contesting the contents, and 
appealing initial decisions are in 41 CFR part 105-64, published in the 
Federal Register.

RECORD SOURCES:
    The sources for information in Pegasys are the individuals for whom 
the records are maintained, the supervisors of those individuals, and 
existing agency systems.

[FR Doc. E8-8919 Filed 4-24-08; 8:45 am]
BILLING CODE 6820-34-P