Privacy Act of 1974; System of Records, 11186-11190 [E9-5599]

Download as PDF 11186 Federal Register / Vol. 74, No. 49 / Monday, March 16, 2009 / Notices remedy such harm. This routine use permits disclosures by the Department to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 U.S.C. 5724, as the terms are defined in 38 U.S.C. 5727. The Report of Intent to Amend a System on Records Notice and an advance copy of the system notice have been sent to the appropriate Congressional committees and to the Director of the Office of Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy Act) and guidelines issued by OMB (65 FR 77677), December 12, 2000. Approved: February 24, 2009. John R. Gingrich, Chief of Staff, Department of Veterans Affairs. Notice of Amendment of Systems of Records 1. In the system identified as 93VA131, ‘‘Gulf War Registry-VA’’, as set forth in the Federal Register, 69 FR 2962 and last amended on Jan. 21, 2004. Two new routine uses are added as follows: 93VA131 SYSTEM NAME: * Gulf War Registry-VA. * * * * ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: * * * * * 11. Disclosure to other Federal agencies may be made to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs. 12. VA may, on its own initiative, disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that the integrity or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise, there is a risk of embarrassment or harm to the reputations of the record subjects, harm to economic or property interests, identity theft or fraud, or harm to the security, confidentiality, or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the potentially compromised information; and (3) the disclosure is to agencies, entities, or persons whom VA determines are reasonably necessary to assist or carry VerDate Nov<24>2008 15:38 Mar 13, 2009 Jkt 217001 out the Department’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. This routine use permits disclosures by the Department to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 U.S.C. 5724, as the terms are defined in 38 U.S.C. 5727. 2. In the system identified as 105VA131, ‘‘Agent Orange RegistryVA’’, as set forth in the Federal Register, 68 FR 75025 and last amended on Dec. 29, 2003. Two new routine uses are added as follows: 105VA131 SYSTEM NAME: * Agent Orange Registry-VA. * * * * ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: * * * * * 10. Disclosure to other Federal agencies may be made to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs. 11. VA may, on its own initiative, disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that the integrity or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise, there is a risk of embarrassment or harm to the reputations of the record subjects, harm to economic or property interests, identity theft or fraud, or harm to the security, confidentiality, or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the potentially compromised information; and (3) the disclosure is to agencies, entities, or persons whom VA determines are reasonably necessary to assist or carry out the Department’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. This routine use permits disclosures by the Department to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 U.S.C. 5724, as the terms are defined in 38 U.S.C. 5727. 3. In the system identified as 108VA11S, ‘‘Spinal Cord Dysfunction- PO 00000 Frm 00109 Fmt 4703 Sfmt 4703 Registry (SCD–R)–VA’’, as set forth in the Federal Register 69 FR 35139, and last amended on June 23, 2004. Two new routine uses are added as follows: 108VA11S SYSTEM NAME: Spinal Cord Dysfunction-Registry (SCD–R)–VA. * * * * * ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: * * * * * 12. Disclosure to other Federal agencies may be made to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs. 13. VA may, on its own initiative, disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that the integrity or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise, there is a risk of embarrassment or harm to the reputations of the record subjects, harm to economic or property interests, identity theft or fraud, or harm to the security, confidentiality, or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the potentially compromised information; and (3) the disclosure is to agencies, entities, or persons whom VA determines are reasonably necessary to assist or carry out the Department’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. This routine use permits disclosures by the Department to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 U.S.C. 5724, as the terms are defined in 38 U.S.C. 5727. [FR Doc. E9–5598 Filed 3–13–09; 8:45 am] BILLING CODE 8320–01–P DEPARTMENT OF VETERANS AFFAIRS Privacy Act of 1974; System of Records AGENCY: Department of Veterans Affairs (VA). ACTION: Notice of establishment of a new system of records. E:\FR\FM\16MRN1.SGM 16MRN1 Federal Register / Vol. 74, No. 49 / Monday, March 16, 2009 / Notices SUMMARY: The Privacy Act of 1974 (5 U.S.C. 552a(e)(4)) requires that all agencies publish in the Federal Register a notice of the existence and character of their systems of records. Notice is hereby given that the Department of Veterans Affairs (VA) is establishing a new system of records entitled ‘‘Executive Veterans Affairs Contact Management System (Exec VA)—VA’’ (141VA005Q3). DATES: Comments on this new system of records must be received no later than April 15, 2009. If no public comment is received, the new system will become effective April 15, 2009. ADDRESSES: Written comments concerning the proposed new system of records may be submitted through www.Regulations.gov; by mail or hand delivery to the Director, Regulations Management (02REG), Department of Veterans Affairs, 810 Vermont Avenue, NW., Room 1068, Washington, DC 20420; or by fax to (202) 273–9026; or e-mail to VAregulations@va.gov. All comments received will be available for public inspection in the Office of Regulation Policy and Management, Room 1063B, between the hours of 8 a.m. and 4:30 p.m., Monday through Friday (except holidays). Please call (202) 461–4902 for an appointment. In addition, during the comment period, comments may be viewed online through the Federal Docket Management System (FDMS) at www.Regulations.gov. FOR FURTHER INFORMATION CONTACT: Director, Customer Relations & Executive Projects, Office of the Secretary, 810 Vermont Avenue, NW., Washington, DC 20420; (202) 273–4830; fax 202 273–4877. SUPPLEMENTARY INFORMATION: I. Description of the Proposed System of Records The Department of Veterans Affairs (VA) receives and responds to numerous inquiries concerning benefits administered by the Department and other matters regarding veterans. These inquiries are received from veterans, their representatives, individuals and entities doing business with VA via the telephone. This information is collected and put into a Web-based communications system known as Executive Veterans Affairs Contact Management System (Exec VA)—VA. Information requested to process the inquiries may include the caller’s (and veteran’s, if applicable) name, address, phone number, claim number and Social Security number if provided by the caller. Callers are not required to provide personal or contact information; however, in some instances VA may VerDate Nov<24>2008 15:38 Mar 13, 2009 Jkt 217001 need this information in order to respond to specific inquiries. The authority to maintain these records is title 38, United States Code, section 501. Exec VA is accessed through a secured Intranet Web site located on the VA network. A username and password are required to log into the system. Once an authorized user has successfully logged into the system, information gleaned from the caller is entered into a form and assigned to pre-established groups, of VA employees, representing VA staff offices, and VA’s three administrations: Veterans Health Administration (VHA); Veterans Benefits Administration (VBA); and National Cemetery Administration (NCA). The assigned person(s) receives an e-mail message notifying them of the inquiry being assigned to them. The Assignee then logs into the system and performs the required action, as dictated by the details of the issue, and closes the call. The details of the call, including the caller’s and veteran’s personally identifiable information (PII), are kept in a database located in Austin, Texas. This collection of data is used to better serve our veterans by providing a searchable history of their claims, requests, issues and complaints. II. Proposed Routine Use Disclosures of Data in the System We are proposing to establish the following Routine Use disclosures of information maintained in the system: 1. VA may disclose information from the record of an individual to a congressional office in response to an inquiry made at the request of that individual. VA must be able to provide information about individuals to adequately respond to inquiries from Members of Congress at the request of constituents who have sought their assistance. 2. VA may disclose information to individuals, organizations, private or public agencies, or other entities whom VA has a contract or agreement to perform such services as VA may deem practicable for the purposes of laws administered by VA, in order for the individual or entity with whom VA has an agreement or contract to perform the services of the contract or agreement. This routine use includes disclosures by the individual or entity performing the service for VA to any secondary individual or entity to perform an activity that is necessary for the individual or entity with whom VA has a contract or agreement to provide the service to VA. This routine use, which also applies to agreements that do not qualify as contracts defined by Federal PO 00000 Frm 00110 Fmt 4703 Sfmt 4703 11187 procurement laws and regulations, is consistent with OMB guidance in OMB Circular A–130, App. I, paragraph 5a(1)(b) that agencies promulgate routine uses to address disclosure of Privacy Act-protected information to contractors in order to perform the services contracts for the agency. 3. VA may disclose information in this system to the Equal Employment Opportunity Commission when requested in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or for other functions of the Commission as authorized by law or regulation. VA must be able to provide information to EEOC to assist it in fulfilling its duties to protect employees’ rights, as required by statute and regulation. 4. VA may disclose to the Federal Labor Relations Authority, including its General Counsel, information related to the establishment of jurisdiction, the investigation and resolution of allegations of unfair labor practices, or information in connection with the resolution of exceptions to arbitration awards when a question of material fact is raised, in matters properly before the Federal Services Impasses Panel, and to investigate representation petitions and conduct or supervise representation elections. VA must be able to provide information to FLRA to comply with the statutory mandate under which it operates. 5. VA may disclose information in this system to officials of the Merit Systems Protection Board, or the Office of the Special Counsel, when requested in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions, promulgated in 5 U.S.C. 1205 and 1206, or as may be authorized by law. VA must be able to provide information to MSPB to comply with the statutory mandate under which it operates. 6. VA may disclose information identified in 5 U.S.C. 7114(b)(4) to officials of labor organizations recognized under 5 U.S.C. Chapter 71 when relevant and necessary to their duties of exclusive representation concerning personnel policies, practices, and matters affecting working conditions. VA must be able to provide information to unions to assist them in advancing workers’ interests with respect to wages, benefits, and working conditions. The routine use does not provide any greater access to Privacy Act protected information under section E:\FR\FM\16MRN1.SGM 16MRN1 11188 Federal Register / Vol. 74, No. 49 / Monday, March 16, 2009 / Notices 7114(b) then the unions would have to the information if it was not protected by the Privacy Act. The routine use simply removes the Privacy Act as a bar to the disclosure of the information at the Agency’s discretion. 7. VA may disclose information from this system of records to the National Archives and Records Administration in records management inspections conducted under title 44, U.S.C. NARA is responsible for archiving old records no longer actively used but which may be appropriate for preservation, and for the physical maintenance of the Federal government’s records. VA must be able to provide the records to NARA in order to determine the proper disposition of such records. 8. VA may disclose on its own initiative any information in this system, except the names and home addresses of veterans and their dependents, which is relevant to a suspected or reasonably imminent violation of law, whether civil, criminal or regulatory in nature and whether arising by general or program statute or by regulation, rule or order issued pursuant thereto, to a Federal, State, local, tribal, or foreign agency charged with the responsibility of investigating or prosecuting such violation, or charged with enforcing or implementing the statute, regulation, rule or order. On its own initiative, VA may also disclose the names and addresses of veterans and their dependents to a Federal agency charged with the responsibility of investigating or prosecuting civil, criminal or regulatory violations of law, or charged with enforcing or implementing the statute, regulation, rule or order issued pursuant thereto. VA must be able to provide on its own initiative information that pertains to a violation of laws to law enforcement authorities in order for them to investigate and enforce those laws. Under 38 U.S.C. 5701(a) and (f), VA may only disclose the names and addresses of veterans and their dependents to Federal entities with law enforcement responsibilities. This is distinct from the authority to disclose records in response to a qualifying request from a law enforcement entity, as authorized by Privacy Act subsection 5 U.S.C. 552a(b)(7). 9. VA may disclose information in this system of records to the Department of Justice (DoJ), either on VA’s initiative or in response to DoJ’s request for the information, after either VA or DoJ determines that such information is relevant to DoJ’s representation of the United States or any of its components in legal proceedings before a court or adjudicative body, provided that, in VerDate Nov<24>2008 15:38 Mar 13, 2009 Jkt 217001 each case, the agency also determines prior to disclosure that disclosure of the records to the Department of Justice is a use of the information contained in the records that is compatible with the purpose for which VA collected the records. VA, on its own initiative, may disclose records in this system of records in legal proceedings before a court or administrative body after determining that the disclosure of the records to the court or administrative body is a use of the information contained in the records that is compatible with the purpose for which VA collected the records. VA must be able to provide information to DoJ in litigation where the United States or any of its components is involved and has an interest. 10. VA may, on its own initiative, disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that the integrity or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of embarrassment or harm to the reputations of the record subjects, harm to economic or property interests, identity theft or fraud, or harm to the security, confidentiality, or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the potentially compromised information; and (3) the disclosure is to agencies, entities, or persons whom VA determines are reasonably necessary to assist or carry out the Department’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. This routine use permits disclosure that is required by the Memorandum from the Office of Management and Budget (M–07–16), dated May 22, 2007, of all systems of records of all federal agencies. Further, the disclosure allows VA to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 U.S.C. 5724 and 5727. 11. VA may disclose information in this system of records to another Federal agency; either on VA’s initiative or in response to a request from another Federal agency for the information after VA determines that such information is relevant to that Federal agency’s mission. VA must be able to assist other Federal agencies in carrying out their operational missions and programs. PO 00000 Frm 00111 Fmt 4703 Sfmt 4703 III. Compatibility of the Routine Uses The Privacy Act permits disclosure of information about individuals without their consent for a routine use when the information will be used for a purpose that is compatible with the purpose for which the information is collected. In all of the routine use disclosures described above, either the recipient of the information will use the information in connection with a matter relating to one of VA’s programs; to provide a benefit to VA; or because disclosure is required by law. The Report of Intent to Publish a New System of Records Notice and an advance copy of the system notice has been sent to the appropriate Congressional committees and to the Director of the Office of Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy Act), as amended, and guidelines issued by OMB (65 FR 77677), December 12, 2000. Approved: February 24, 2009. John R. Gingrich, Chief of Staff, Department of Veterans Affairs. 141VA005Q3 SYSTEM NAME: Executive Veterans Affairs Contact Management System (Exec VA)—VA. SECURITY CLASSIFICATION: None. SYSTEM LOCATION: The primary location of Exec VA application and database is at the Corporate Data Center Operations (CDCO), 1615 Woodward Street, Austin, Texas 78772. Some copies of electronic records and paper records may be available at various Department of Veterans Affairs (VA) offices where a matter has been referred for action. Additionally, copies of records in this system of records may be stored at various VA back up sites, including, Hines, Ill. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: The category of the individuals covered by the Exec VA database encompasses veterans, their dependents, representatives, beneficiaries, and others contacting VA on veterans’ issues. CATEGORIES OF RECORDS IN THE SYSTEM: Records are maintained in electronic and paper form depending on the nature of the materials received, background information compiled, and/or response sent. Each may include the names, Social Security numbers, mailing addresses, telephone numbers, and E:\FR\FM\16MRN1.SGM 16MRN1 Federal Register / Vol. 74, No. 49 / Monday, March 16, 2009 / Notices other personal identifiers routinely required to identify a correspondent or subject. Other record items maintained may include personal facts about medical, financial, or memorial benefits related to the correspondent, veteran, dependent or beneficiary. Internal VA records may include (but are not limited to) VA administrative, financial and personnel information. Records may include scanned document, letter, email, fax, Internet document, tracking sheet, note, and documentation of a telephone call and/or of a meeting with an individual. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 44 U.S.C. 3501, Note; Pub. L. 107– 347, sec. 206(d); Note; 5 U.S.C. 301, and 553. PURPOSE: The Exec VA is a contact management system designed to track issues from veterans, others acting on their behalf, and others seeking information regarding veterans’ issues. Initial contact may come from calls placed to a VA call center, telephone inquiries received at a VA office, or other medium including fax, e-mail, or information received at https://www.va.gov. The Exec VA system is designed to provide a onestop repository for veterans’ issues. Upon receipt of an inquiry, pertinent information is entered into Exec VA. The system provides access controls maintaining the integrity and confidentiality of the contact management system. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PUROSES OF SUCH USES: 1. VA may disclose information from the record of an individual to a congressional office in response to an inquiry made at the request of that individual. 2. VA may disclose information to individuals, organizations, private or public agencies, or other entities whom VA has a contract or agreement to perform such services as VA may deem practicable for the purposes of laws administered by VA, in order for the individual or entity with whom VA has an agreement or contract to perform the services of the contract or agreement. 3. VA may disclose information in this system to the Equal Employment Opportunity Commission when requested in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or for other functions of the Commission as authorized by law or regulation. VerDate Nov<24>2008 15:38 Mar 13, 2009 Jkt 217001 4. VA may disclose to the Federal Labor Relations Authority, including its General Counsel, information related to the establishment of jurisdiction, the investigation and resolution of allegations of unfair labor practices, or information in connection with the resolution of exceptions to arbitration awards when a question of material fact is raised, in matters properly before the Federal Services Impasses Panel, and to investigate representation petitions and conduct or supervise representation elections. 5. VA may disclose information in this system to officials of the Merit Systems Protection Board, or the Office of the Special Counsel, when requested in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions, promulgated in 5 U.S.C. 1205 and 1206, or as may be authorized by law. 6. VA may disclose information identified in 5 U.S.C. 7114(b)(4) to officials of labor organizations recognized under 5 U.S.C. Chapter 71 when relevant and necessary to their duties of exclusive representation concerning personnel policies, practices, and matters affecting working conditions. 7. VA may disclose information from this system of records to the National Archives and Records Administration (NARA) in records management inspections conducted under title 44, U.S.C. NARA is responsible for archiving old records no longer actively used but which may be appropriate for preservation, and for the physical maintenance of the Federal government’s records. 8. VA may disclose on its own initiative any information in this system, except the names and home addresses of veterans and their dependents, which is relevant to a suspected or reasonably imminent violation of law, whether civil, criminal or regulatory in nature and whether arising by general or program statute or by regulation, rule or order issued pursuant thereto, to a Federal, State, local, tribal, or foreign agency charged with the responsibility of investigating or prosecuting such violation, or charged with enforcing or implementing the statute, regulation, rule or order. On its own initiative, VA may also disclose the names and addresses of veterans and their dependents to a Federal agency charged with the responsibility of investigating or prosecuting civil, criminal or regulatory violations of law, or charged with enforcing or PO 00000 Frm 00112 Fmt 4703 Sfmt 4703 11189 implementing the statute, regulation, rule or order issued pursuant thereto. 9. VA may disclose information in this system of records to the Department of Justice (DoJ), either on VA’s initiative or in response to DoJ’s request for the information, after either VA or DoJ determines that such information is relevant to DoJ’s representation of the United States or any of its components in legal proceedings before a court or adjudicative body, provided that, in each case, the agency also determines prior to disclosure that disclosure of the records to the Department of Justice is a use of the information contained in the records that is compatible with the purpose for which VA collected the records. VA, on its own initiative, may disclose records in this system of records in legal proceedings before a court or administrative body after determining that the disclosure of the records to the court or administrative body is a use of the information contained in the records that is compatible with the purpose for which VA collected the records. 10. VA may disclose information in this system of records to another Federal agency; either on VA’s initiative or in response to a request from another Federal agency for the information after VA determines that such information is relevant to that Federal agency’s mission. DISCLOSURE TO CONSUMER REPORTING AGENCIES: The Exec VA database will not disclose information to any consumer reporting agency from this system of record. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: Exec VA data is regularly backed up and stored at the Corporate Data Center Operations (CDCO). A copy of the regular backups is securely transported and stored in a controlled storage facility at Hines, Illinois. RETRIEVABILITY: Records are retrieved by various data elements and key word searches, among which are by: Name, Number, Call#, Priority, Status, Subject, Address, Call Type, History, Claim#, SSN, Country, State, VISN, Phone, Date, time, group, and Call Range. SAFEGUARDS: The Exec VA is accessible by authorized VA personnel only with a user ID and a password that can be authenticated. Staff of the CDCO E:\FR\FM\16MRN1.SGM 16MRN1 11190 Federal Register / Vol. 74, No. 49 / Monday, March 16, 2009 / Notices performs backups for the Exec VA Application Server and the Oracle Database Server, respectively, according to the following schedule: • Incremental data backups on a daily basis; and • Full data backups on a weekly basis. RETENTION AND DISPOSAL: Records will be maintained and disposed of, in accordance with records disposition authority, approved by the Archivist of the United States. SYSTEM MANAGER(S) AND ADDRESSES: Director, Customer Relations & Executive Projects, Office of the Secretary, 810 Vermont Ave., NW., Washington, DC 20420; (202) 273–4830. NOTIFICATION PROCEDURES: Individuals seeking to determine whether this System of Records contains information, about them, should address written inquiries to the Office of Secretary (00), Department of Veterans Affairs, 810 Vermont Ave., NW., Washington, DC 20420. Requests should contain the full name, address and telephone number of the individual making the inquiry. RECORD ACCESS PROCEDURE: Individuals seeking to access or contest the contents of records, about themselves, contained in this System of Records should address a written request, including full name, address and telephone number to the Office of Secretary (00), Department of Veterans Affairs, 810 Vermont Ave., NW., Washington, DC 20420. CONTESTING RECORD PROCEDURE: (See Record Access Procedure above.) RECORD SOURCE CATEGORIES: Individuals who contact VA via the VA Web site at https://www.va.gov or by using a VA call center include veterans, veterans’ family members and/or their representatives, government employees (Federal, State and local), realtors and home buyers, small business owners, vendors, funeral directors, clinicians, teachers, researchers, employees of veterans’ service organizations, member of the public and all other individuals and representatives of organizations. EXEMPTIONS CLAIMED FOR THE SYSTEM: No exemptions claimed for this system. [FR Doc. E9–5599 Filed 3–13–09; 8:45 am] BILLING CODE 8329–01–P VerDate Nov<24>2008 15:38 Mar 13, 2009 Jkt 217001 DEPARTMENT OF VETERANS AFFAIRS Privacy Act of 1974; System of Records Department of Veterans Affairs. Notice of publication of new system of records. AGENCY: ACTION: SUMMARY: The Privacy Act of 1974 (5 U.S.C. Section 552a) requires that all agencies publish in the Federal Register a notice of the existence of and character of their systems of records. Notice is hereby given that the Department of Veterans Affairs (VA) is adding a new system records entitled ‘‘Inspector General Oversight Data Extracts—VA,’’ (154VA53C). DATES: Comments on this new system of records must be received not later than April 15, 2009. If no public comment is received, the amended system will become effective April 15, 2009. Written comments may be submitted through https:// www.Regulations.gov; by mail or handdelivery to the Director, Regulations Management (02REG), Department of Veterans Affairs, 810 Vermont Ave., NW., Room 1068, Washington, DC 20420; or by fax to (202) 273–9026. Copies of comments received will be available for public inspection in the Office of Regulation Policy and Management, Room 1063B, between the hours of 8 a.m. and 4:30 p.m. Monday through Friday (except holidays). Please call (202) 461–4902 for an appointment. In addition, during the comment period, comments may be viewed online through the Federal Docket Management System (FDMS). FOR FURTHER INFORMATION CONTACT: Timothy J. McGrath, Attorney Advisor, Department of Veterans Affairs, Office of Inspector General (50C), 810 Vermont Avenue, NW., Washington, DC 20420; or fax comments to (202) 565–8667; or e-mail comments to timothy.mcgrath@va.gov. ADDRESSES: SUPPLEMENTARY INFORMATION: I. Description of the Proposed System of Records The ‘‘Inspector General Oversight Data Extracts—VA’’ system of records is a collection of data, and extracts of data utilized by the Department of Veterans Affairs, Office of Inspector General (OIG) in performing its statutory mission under title 5 U.S.C. App. 3. The OIG’s mission is to detect and deter fraud, waste, abuse, and mismanagement of operations in the Department of Veterans Affairs. The OIG accomplishes that mission through PO 00000 Frm 00113 Fmt 4703 Sfmt 4703 various operational means including criminal investigations, audits, healthcare inspections, and other administrative reviews. OIG components may use various databases or extracts of those databases in furtherance of their investigation, project or review. The database extracts are provided from master databases under the jurisdiction of the Department of Veterans Affairs, including, but not limited to, the Veterans Benefits Administration, Veterans Health Administration, and the National Cemetery Administration. Data extracts may also be from databases provided by the Department of Defense as well as other Federal and State agencies. When an OIG component begins an investigation, project, or review that requires the use or analysis of a particular database, the OIG Data Analysis Division (53CT) at the Consolidated Franchise Data Center in Austin, Texas will prepare an appropriate extract from a master database. To the fullest extent possible, the OIG component will use only the minimum amount of information required for the investigation, project or review. In appropriate cases, the Data Analysis Division will remove any personal identifying information before forwarding the data extract. This policy is designed as a security measure to control the type and amount of data being used and worked on. These data extracts contain personal identifiers (e.g., social security numbers and military service numbers, etc.), residential and professional contact data (e.g., address and telephone numbers, etc.), population demographics (e.g., gender and zip codes, etc.), military service-related data (e.g., branch of service and service dates, etc.), financial-related data (e.g., amount of historic benefit payments, etc.), claims processing codes and information (e.g., disability compensation and pension award codes, etc.), and other VA and non-VA Federal information. The information is retrievable by name, social security number, military service number, claim or file number, non-VA Federal benefit identifiers, and other personal identifiers. Consequently, a Privacy Act system of records must be established in order to protect this information. II. Proposed Routine Use of Disclosures of Data in the System VA is proposing to establish the following routine use disclosures of the information that will be maintained in the system. E:\FR\FM\16MRN1.SGM 16MRN1

Agencies

[Federal Register Volume 74, Number 49 (Monday, March 16, 2009)]
[Notices]
[Pages 11186-11190]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E9-5599]


-----------------------------------------------------------------------

DEPARTMENT OF VETERANS AFFAIRS


Privacy Act of 1974; System of Records

AGENCY: Department of Veterans Affairs (VA).

ACTION: Notice of establishment of a new system of records.

-----------------------------------------------------------------------

[[Page 11187]]

SUMMARY: The Privacy Act of 1974 (5 U.S.C. 552a(e)(4)) requires that 
all agencies publish in the Federal Register a notice of the existence 
and character of their systems of records. Notice is hereby given that 
the Department of Veterans Affairs (VA) is establishing a new system of 
records entitled ``Executive Veterans Affairs Contact Management System 
(Exec VA)--VA'' (141VA005Q3).

DATES: Comments on this new system of records must be received no later 
than April 15, 2009. If no public comment is received, the new system 
will become effective April 15, 2009.

ADDRESSES: Written comments concerning the proposed new system of 
records may be submitted through www.Regulations.gov; by mail or hand 
delivery to the Director, Regulations Management (02REG), Department of 
Veterans Affairs, 810 Vermont Avenue, NW., Room 1068, Washington, DC 
20420; or by fax to (202) 273-9026; or e-mail to VAregulations@va.gov. 
All comments received will be available for public inspection in the 
Office of Regulation Policy and Management, Room 1063B, between the 
hours of 8 a.m. and 4:30 p.m., Monday through Friday (except holidays). 
Please call (202) 461-4902 for an appointment. In addition, during the 
comment period, comments may be viewed online through the Federal 
Docket Management System (FDMS) at www.Regulations.gov.

FOR FURTHER INFORMATION CONTACT: Director, Customer Relations & 
Executive Projects, Office of the Secretary, 810 Vermont Avenue, NW., 
Washington, DC 20420; (202) 273-4830; fax 202 273-4877.

SUPPLEMENTARY INFORMATION: 

I. Description of the Proposed System of Records

    The Department of Veterans Affairs (VA) receives and responds to 
numerous inquiries concerning benefits administered by the Department 
and other matters regarding veterans. These inquiries are received from 
veterans, their representatives, individuals and entities doing 
business with VA via the telephone. This information is collected and 
put into a Web-based communications system known as Executive Veterans 
Affairs Contact Management System (Exec VA)--VA.
    Information requested to process the inquiries may include the 
caller's (and veteran's, if applicable) name, address, phone number, 
claim number and Social Security number if provided by the caller. 
Callers are not required to provide personal or contact information; 
however, in some instances VA may need this information in order to 
respond to specific inquiries. The authority to maintain these records 
is title 38, United States Code, section 501.
    Exec VA is accessed through a secured Intranet Web site located on 
the VA network. A username and password are required to log into the 
system. Once an authorized user has successfully logged into the 
system, information gleaned from the caller is entered into a form and 
assigned to pre-established groups, of VA employees, representing VA 
staff offices, and VA's three administrations: Veterans Health 
Administration (VHA); Veterans Benefits Administration (VBA); and 
National Cemetery Administration (NCA). The assigned person(s) receives 
an e-mail message notifying them of the inquiry being assigned to them. 
The Assignee then logs into the system and performs the required 
action, as dictated by the details of the issue, and closes the call.
    The details of the call, including the caller's and veteran's 
personally identifiable information (PII), are kept in a database 
located in Austin, Texas. This collection of data is used to better 
serve our veterans by providing a searchable history of their claims, 
requests, issues and complaints.

II. Proposed Routine Use Disclosures of Data in the System

    We are proposing to establish the following Routine Use disclosures 
of information maintained in the system:
    1. VA may disclose information from the record of an individual to 
a congressional office in response to an inquiry made at the request of 
that individual. VA must be able to provide information about 
individuals to adequately respond to inquiries from Members of Congress 
at the request of constituents who have sought their assistance.
    2. VA may disclose information to individuals, organizations, 
private or public agencies, or other entities whom VA has a contract or 
agreement to perform such services as VA may deem practicable for the 
purposes of laws administered by VA, in order for the individual or 
entity with whom VA has an agreement or contract to perform the 
services of the contract or agreement. This routine use includes 
disclosures by the individual or entity performing the service for VA 
to any secondary individual or entity to perform an activity that is 
necessary for the individual or entity with whom VA has a contract or 
agreement to provide the service to VA. This routine use, which also 
applies to agreements that do not qualify as contracts defined by 
Federal procurement laws and regulations, is consistent with OMB 
guidance in OMB Circular A-130, App. I, paragraph 5a(1)(b) that 
agencies promulgate routine uses to address disclosure of Privacy Act-
protected information to contractors in order to perform the services 
contracts for the agency.
    3. VA may disclose information in this system to the Equal 
Employment Opportunity Commission when requested in connection with 
investigations of alleged or possible discriminatory practices, 
examination of Federal affirmative employment programs, or for other 
functions of the Commission as authorized by law or regulation. VA must 
be able to provide information to EEOC to assist it in fulfilling its 
duties to protect employees' rights, as required by statute and 
regulation.
    4. VA may disclose to the Federal Labor Relations Authority, 
including its General Counsel, information related to the establishment 
of jurisdiction, the investigation and resolution of allegations of 
unfair labor practices, or information in connection with the 
resolution of exceptions to arbitration awards when a question of 
material fact is raised, in matters properly before the Federal 
Services Impasses Panel, and to investigate representation petitions 
and conduct or supervise representation elections. VA must be able to 
provide information to FLRA to comply with the statutory mandate under 
which it operates.
    5. VA may disclose information in this system to officials of the 
Merit Systems Protection Board, or the Office of the Special Counsel, 
when requested in connection with appeals, special studies of the civil 
service and other merit systems, review of rules and regulations, 
investigation of alleged or possible prohibited personnel practices, 
and such other functions, promulgated in 5 U.S.C. 1205 and 1206, or as 
may be authorized by law. VA must be able to provide information to 
MSPB to comply with the statutory mandate under which it operates.
    6. VA may disclose information identified in 5 U.S.C. 7114(b)(4) to 
officials of labor organizations recognized under 5 U.S.C. Chapter 71 
when relevant and necessary to their duties of exclusive representation 
concerning personnel policies, practices, and matters affecting working 
conditions. VA must be able to provide information to unions to assist 
them in advancing workers' interests with respect to wages, benefits, 
and working conditions. The routine use does not provide any greater 
access to Privacy Act protected information under section

[[Page 11188]]

7114(b) then the unions would have to the information if it was not 
protected by the Privacy Act. The routine use simply removes the 
Privacy Act as a bar to the disclosure of the information at the 
Agency's discretion.
    7. VA may disclose information from this system of records to the 
National Archives and Records Administration in records management 
inspections conducted under title 44, U.S.C. NARA is responsible for 
archiving old records no longer actively used but which may be 
appropriate for preservation, and for the physical maintenance of the 
Federal government's records. VA must be able to provide the records to 
NARA in order to determine the proper disposition of such records.
    8. VA may disclose on its own initiative any information in this 
system, except the names and home addresses of veterans and their 
dependents, which is relevant to a suspected or reasonably imminent 
violation of law, whether civil, criminal or regulatory in nature and 
whether arising by general or program statute or by regulation, rule or 
order issued pursuant thereto, to a Federal, State, local, tribal, or 
foreign agency charged with the responsibility of investigating or 
prosecuting such violation, or charged with enforcing or implementing 
the statute, regulation, rule or order. On its own initiative, VA may 
also disclose the names and addresses of veterans and their dependents 
to a Federal agency charged with the responsibility of investigating or 
prosecuting civil, criminal or regulatory violations of law, or charged 
with enforcing or implementing the statute, regulation, rule or order 
issued pursuant thereto. VA must be able to provide on its own 
initiative information that pertains to a violation of laws to law 
enforcement authorities in order for them to investigate and enforce 
those laws. Under 38 U.S.C. 5701(a) and (f), VA may only disclose the 
names and addresses of veterans and their dependents to Federal 
entities with law enforcement responsibilities. This is distinct from 
the authority to disclose records in response to a qualifying request 
from a law enforcement entity, as authorized by Privacy Act subsection 
5 U.S.C. 552a(b)(7).
    9. VA may disclose information in this system of records to the 
Department of Justice (DoJ), either on VA's initiative or in response 
to DoJ's request for the information, after either VA or DoJ determines 
that such information is relevant to DoJ's representation of the United 
States or any of its components in legal proceedings before a court or 
adjudicative body, provided that, in each case, the agency also 
determines prior to disclosure that disclosure of the records to the 
Department of Justice is a use of the information contained in the 
records that is compatible with the purpose for which VA collected the 
records. VA, on its own initiative, may disclose records in this system 
of records in legal proceedings before a court or administrative body 
after determining that the disclosure of the records to the court or 
administrative body is a use of the information contained in the 
records that is compatible with the purpose for which VA collected the 
records. VA must be able to provide information to DoJ in litigation 
where the United States or any of its components is involved and has an 
interest.
    10. VA may, on its own initiative, disclose any information or 
records to appropriate agencies, entities, and persons when (1) VA 
suspects or has confirmed that the integrity or confidentiality of 
information in the system of records has been compromised; (2) the 
Department has determined that as a result of the suspected or 
confirmed compromise there is a risk of embarrassment or harm to the 
reputations of the record subjects, harm to economic or property 
interests, identity theft or fraud, or harm to the security, 
confidentiality, or integrity of this system or other systems or 
programs (whether maintained by the Department or another agency or 
entity) that rely upon the potentially compromised information; and (3) 
the disclosure is to agencies, entities, or persons whom VA determines 
are reasonably necessary to assist or carry out the Department's 
efforts to respond to the suspected or confirmed compromise and 
prevent, minimize, or remedy such harm. This routine use permits 
disclosure that is required by the Memorandum from the Office of 
Management and Budget (M-07-16), dated May 22, 2007, of all systems of 
records of all federal agencies. Further, the disclosure allows VA to 
respond to a suspected or confirmed data breach, including the conduct 
of any risk analysis or provision of credit protection services as 
provided in 38 U.S.C. 5724 and 5727.
    11. VA may disclose information in this system of records to 
another Federal agency; either on VA's initiative or in response to a 
request from another Federal agency for the information after VA 
determines that such information is relevant to that Federal agency's 
mission. VA must be able to assist other Federal agencies in carrying 
out their operational missions and programs.

III. Compatibility of the Routine Uses

    The Privacy Act permits disclosure of information about individuals 
without their consent for a routine use when the information will be 
used for a purpose that is compatible with the purpose for which the 
information is collected. In all of the routine use disclosures 
described above, either the recipient of the information will use the 
information in connection with a matter relating to one of VA's 
programs; to provide a benefit to VA; or because disclosure is required 
by law.
    The Report of Intent to Publish a New System of Records Notice and 
an advance copy of the system notice has been sent to the appropriate 
Congressional committees and to the Director of the Office of 
Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy 
Act), as amended, and guidelines issued by OMB (65 FR 77677), December 
12, 2000.

    Approved: February 24, 2009.
John R. Gingrich,
Chief of Staff, Department of Veterans Affairs.
141VA005Q3

SYSTEM NAME:
    Executive Veterans Affairs Contact Management System (Exec VA)--VA.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    The primary location of Exec VA application and database is at the 
Corporate Data Center Operations (CDCO), 1615 Woodward Street, Austin, 
Texas 78772. Some copies of electronic records and paper records may be 
available at various Department of Veterans Affairs (VA) offices where 
a matter has been referred for action. Additionally, copies of records 
in this system of records may be stored at various VA back up sites, 
including, Hines, Ill.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The category of the individuals covered by the Exec VA database 
encompasses veterans, their dependents, representatives, beneficiaries, 
and others contacting VA on veterans' issues.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records are maintained in electronic and paper form depending on 
the nature of the materials received, background information compiled, 
and/or response sent. Each may include the names, Social Security 
numbers, mailing addresses, telephone numbers, and

[[Page 11189]]

other personal identifiers routinely required to identify a 
correspondent or subject. Other record items maintained may include 
personal facts about medical, financial, or memorial benefits related 
to the correspondent, veteran, dependent or beneficiary. Internal VA 
records may include (but are not limited to) VA administrative, 
financial and personnel information. Records may include scanned 
document, letter, e-mail, fax, Internet document, tracking sheet, note, 
and documentation of a telephone call and/or of a meeting with an 
individual.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    44 U.S.C. 3501, Note; Pub. L. 107-347, sec. 206(d); Note; 5 U.S.C. 
301, and 553.

PURPOSE:
    The Exec VA is a contact management system designed to track issues 
from veterans, others acting on their behalf, and others seeking 
information regarding veterans' issues. Initial contact may come from 
calls placed to a VA call center, telephone inquiries received at a VA 
office, or other medium including fax, e-mail, or information received 
at https://www.va.gov. The Exec VA system is designed to provide a one-
stop repository for veterans' issues. Upon receipt of an inquiry, 
pertinent information is entered into Exec VA. The system provides 
access controls maintaining the integrity and confidentiality of the 
contact management system.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PUROSES OF SUCH USES:
    1. VA may disclose information from the record of an individual to 
a congressional office in response to an inquiry made at the request of 
that individual.
    2. VA may disclose information to individuals, organizations, 
private or public agencies, or other entities whom VA has a contract or 
agreement to perform such services as VA may deem practicable for the 
purposes of laws administered by VA, in order for the individual or 
entity with whom VA has an agreement or contract to perform the 
services of the contract or agreement.
    3. VA may disclose information in this system to the Equal 
Employment Opportunity Commission when requested in connection with 
investigations of alleged or possible discriminatory practices, 
examination of Federal affirmative employment programs, or for other 
functions of the Commission as authorized by law or regulation.
    4. VA may disclose to the Federal Labor Relations Authority, 
including its General Counsel, information related to the establishment 
of jurisdiction, the investigation and resolution of allegations of 
unfair labor practices, or information in connection with the 
resolution of exceptions to arbitration awards when a question of 
material fact is raised, in matters properly before the Federal 
Services Impasses Panel, and to investigate representation petitions 
and conduct or supervise representation elections.
    5. VA may disclose information in this system to officials of the 
Merit Systems Protection Board, or the Office of the Special Counsel, 
when requested in connection with appeals, special studies of the civil 
service and other merit systems, review of rules and regulations, 
investigation of alleged or possible prohibited personnel practices, 
and such other functions, promulgated in 5 U.S.C. 1205 and 1206, or as 
may be authorized by law.
    6. VA may disclose information identified in 5 U.S.C. 7114(b)(4) to 
officials of labor organizations recognized under 5 U.S.C. Chapter 71 
when relevant and necessary to their duties of exclusive representation 
concerning personnel policies, practices, and matters affecting working 
conditions.
    7. VA may disclose information from this system of records to the 
National Archives and Records Administration (NARA) in records 
management inspections conducted under title 44, U.S.C. NARA is 
responsible for archiving old records no longer actively used but which 
may be appropriate for preservation, and for the physical maintenance 
of the Federal government's records.
    8. VA may disclose on its own initiative any information in this 
system, except the names and home addresses of veterans and their 
dependents, which is relevant to a suspected or reasonably imminent 
violation of law, whether civil, criminal or regulatory in nature and 
whether arising by general or program statute or by regulation, rule or 
order issued pursuant thereto, to a Federal, State, local, tribal, or 
foreign agency charged with the responsibility of investigating or 
prosecuting such violation, or charged with enforcing or implementing 
the statute, regulation, rule or order. On its own initiative, VA may 
also disclose the names and addresses of veterans and their dependents 
to a Federal agency charged with the responsibility of investigating or 
prosecuting civil, criminal or regulatory violations of law, or charged 
with enforcing or implementing the statute, regulation, rule or order 
issued pursuant thereto.
    9. VA may disclose information in this system of records to the 
Department of Justice (DoJ), either on VA's initiative or in response 
to DoJ's request for the information, after either VA or DoJ determines 
that such information is relevant to DoJ's representation of the United 
States or any of its components in legal proceedings before a court or 
adjudicative body, provided that, in each case, the agency also 
determines prior to disclosure that disclosure of the records to the 
Department of Justice is a use of the information contained in the 
records that is compatible with the purpose for which VA collected the 
records. VA, on its own initiative, may disclose records in this system 
of records in legal proceedings before a court or administrative body 
after determining that the disclosure of the records to the court or 
administrative body is a use of the information contained in the 
records that is compatible with the purpose for which VA collected the 
records.
    10. VA may disclose information in this system of records to 
another Federal agency; either on VA's initiative or in response to a 
request from another Federal agency for the information after VA 
determines that such information is relevant to that Federal agency's 
mission.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    The Exec VA database will not disclose information to any consumer 
reporting agency from this system of record.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Exec VA data is regularly backed up and stored at the Corporate 
Data Center Operations (CDCO). A copy of the regular backups is 
securely transported and stored in a controlled storage facility at 
Hines, Illinois.

RETRIEVABILITY:
    Records are retrieved by various data elements and key word 
searches, among which are by: Name, Number, Call, Priority, 
Status, Subject, Address, Call Type, History, Claim, SSN, 
Country, State, VISN, Phone, Date, time, group, and Call Range.

SAFEGUARDS:
    The Exec VA is accessible by authorized VA personnel only with a 
user ID and a password that can be authenticated. Staff of the CDCO

[[Page 11190]]

performs backups for the Exec VA Application Server and the Oracle 
Database Server, respectively, according to the following schedule:
     Incremental data backups on a daily basis; and
     Full data backups on a weekly basis.

RETENTION AND DISPOSAL:
    Records will be maintained and disposed of, in accordance with 
records disposition authority, approved by the Archivist of the United 
States.

SYSTEM MANAGER(S) AND ADDRESSES:
    Director, Customer Relations & Executive Projects, Office of the 
Secretary, 810 Vermont Ave., NW., Washington, DC 20420; (202) 273-4830.

NOTIFICATION PROCEDURES:
    Individuals seeking to determine whether this System of Records 
contains information, about them, should address written inquiries to 
the Office of Secretary (00), Department of Veterans Affairs, 810 
Vermont Ave., NW., Washington, DC 20420. Requests should contain the 
full name, address and telephone number of the individual making the 
inquiry.

RECORD ACCESS PROCEDURE:
    Individuals seeking to access or contest the contents of records, 
about themselves, contained in this System of Records should address a 
written request, including full name, address and telephone number to 
the Office of Secretary (00), Department of Veterans Affairs, 810 
Vermont Ave., NW., Washington, DC 20420.

CONTESTING RECORD PROCEDURE:
    (See Record Access Procedure above.)

RECORD SOURCE CATEGORIES:
    Individuals who contact VA via the VA Web site at https://www.va.gov 
or by using a VA call center include veterans, veterans' family members 
and/or their representatives, government employees (Federal, State and 
local), realtors and home buyers, small business owners, vendors, 
funeral directors, clinicians, teachers, researchers, employees of 
veterans' service organizations, member of the public and all other 
individuals and representatives of organizations.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    No exemptions claimed for this system.

 [FR Doc. E9-5599 Filed 3-13-09; 8:45 am]
BILLING CODE 8329-01-P
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.