Privacy Act of 1974; System of Records, 40155-40158 [E9-19160]

Agencies

• Recovery Accountability and Transparency Board

[Federal Register Volume 74, Number 153 (Tuesday, August 11, 2009)]
[Notices]
[Pages 40155-40158]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E9-19160]


========================================================================
Notices
                                                Federal Register
________________________________________________________________________

This section of the FEDERAL REGISTER contains documents other than rules 
or proposed rules that are applicable to the public. Notices of hearings 
and investigations, committee meetings, agency decisions and rulings, 
delegations of authority, filing of petitions and applications and agency 
statements of organization and functions are examples of documents 
appearing in this section.

========================================================================


Federal Register / Vol. 74, No. 153 / Tuesday, August 11, 2009 / 
Notices

[[Page 40155]]



RECOVERY ACCOUNTABILITY AND TRANSPARENCY BOARD


Privacy Act of 1974; System of Records

AGENCY: Recovery Accountability and Transparency Board.

ACTION: Notice of new Privacy Act systems of records.

-----------------------------------------------------------------------

SUMMARY: The Recovery Accountability and Transparency Board (Board) 
proposes two new systems of records subject to the Privacy Act of 1974, 
as amended (Privacy Act or the Act), entitled ``FederalReporting.gov 
Section 1512 Data System'' (1512 Data System) and 
``FederalReporting.gov Recipient Registration System'' (FRRS). The 1512 
Data System will contain information on recipients of funding from the 
American Recovery and Reinvestment Act, Public Law 111-5 (Recovery 
Act). Under section 1512 of the Recovery Act, as well as implementing 
guidance promulgated by the Office of Management and Budget (OMB), 
recipients are required to report certain data elements relating to 
their receipt of funds. The 1512 Data System will include data 
collected from recipients reporting data pursuant to the Recovery Act, 
and that data will then flow to and be posted publicly on the Web site 
Recovery.gov, which was also established by the Recovery Act. The FRRS 
will contain information on individuals who have registered and 
established accounts to access FederalReporting.gov, the Board's Web-
based inbound reporting system. The information maintained by the FRRS 
includes the first name, last name, phone number, extension, agency 
code (for individuals associated with a Federal agency), and DUNS 
number. This information is used to retrieve additional recipient 
organizational information from the Central Contractor Registry (CCR), 
Federal Procurement Data System (FPDS), and Dun and Bradstreet database 
systems. This information will be used to protect and manage access to 
the individual's account on FederalReporting.gov. In this notice, the 
Board provides the required information on the systems of records.

ADDRESSES: Comments may be submitted:
    By Mail or Hand Delivery: Jennifer Dure, Office of General Counsel, 
Recovery Accountability and Transparency Board, 1717 Pennsylvania 
Avenue, NW., Suite 700, Washington, DC 20006;
    By Fax: (202) 254-7970; or
    By E-mail to the Board: comments@ratb.gov.
    All comments on the proposed new systems of records should be 
clearly identified as such.

FOR FURTHER INFORMATION CONTACT: Jennifer Dure, General Counsel, 
Recovery Accountability and Transparency Board, 1717 Pennsylvania 
Avenue, NW., Suite 700, Washington, DC 20006, (202) 254-7900.

SUPPLEMENTARY INFORMATION: Title 5 U.S.C. 552a(e)(4) and (11) provide 
that the public be given a 30-day period in which to comment on any new 
routine use of a system of records. OMB, which has oversight 
responsibilities under the Act, requires a 40-day period in which to 
conclude its review of the new systems. Therefore, please submit any 
comments by September 21, 2009.
    In accordance with 5 U.S.C. 552a(r), the Board has provided a 
report to OMB and the Congress on the proposed systems of records.

Recovery Accountability and Transparency Board

Table of Contents

RATB-9--FederalReporting.gov Section 1512 Data System.
RATB-10--FederalReporting.gov Recipient Registration System.
RATB-9

SYSTEM NAME:
    FederalReporting.gov Section 1512 Data System (1512 Data System).

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    The principal management entity for the system is the Recovery 
Accountability and Transparency Board, located at 1717 Pennsylvania 
Avenue, NW., Suite 700, Washington, DC 20006. The physical location for 
the system will be the CGI Phoenix Data Center, located at 10007 South 
51st Street, Phoenix, AZ 85044. The system will be operated at this 
facility.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system contains records that all recipients of Recovery funds, 
as defined by section 1512(b)(1) of the Recovery Act, are required to 
report. This system includes information on individuals who are sole 
proprietors.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system contains records described in OMB's June 22, 2009, 
Implementing Guidance for the Reports on Use of Funds Pursuant to the 
American Recovery and Reinvestment Act of 2009. The record description 
in this document includes data on prime recipients, subrecipients, and 
vendors receiving funding under the Recovery Act. The system will also 
store other system-generated data such as the recipient's report 
submission date and time and other identifiers for internal tracking.

AUTHORITY FOR MAINTENANCE OF SYSTEM:
    The Recovery Act was enacted on February 17, 2009, in order to make 
supplemental appropriations for job preservation and creation, 
infrastructure investment, energy efficiency and science, assistance to 
the unemployed, and State and local fiscal stabilization.

PURPOSE(S):
    FederalReporting.gov is the Board's inbound Recovery reporting 
solution. Recipients of Recovery funds are required to disclose certain 
information, which must then be posted on the public-facing Web site, 
Recovery.gov. The purpose of collecting this information is to provide 
the public with information as to how the government spends money, and 
also to assist with the prevention of fraud, waste, and mismanagement 
of Recovery funds.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    1512 Data System records will be used to collect information about 
recipients' use of Recovery funds, as well as to populate the public-
facing Web site Recovery.gov. The records may

[[Page 40156]]

also be used for auditing or other internal purpose of the Board, 
including but not limited to: investigation of possible fraud, waste, 
abuse, and mismanagement of Recovery funds; litigation purposes related 
to information reported to the Board; and contacting the recipient in 
the event of a system modification or change to FederalReporting.gov, 
including the data elements required to be reported.
    The Board may disclose information contained in a record in this 
system of records under the routine uses listed in this notice without 
the consent of the recipient if the disclosure is compatible with the 
purposes for which the record was collected.
    The general routine uses for the Board's 1512 Data System records 
are listed as follows:
    A. As set forth above, and pursuant to the Recovery Act, 1512 Data 
System records will be used to collect information about recipients' 
use of Recovery funds, as well as to populate the public-facing Web 
site Recovery.gov, where disclosure of the specified data elements will 
be made to the public.
    B. Information may be disclosed to the appropriate Federal, State, 
local, or Tribal agency responsible for investigating, prosecuting, 
enforcing, or implementing a statute, rule, regulation, or order, if 
the information is relevant to a violation or potential violation of 
civil or criminal law or regulation within the jurisdiction of the 
receiving entity.
    C. Disclosure may be made to a Federal, State, local, or Tribal or 
other public authority of the fact that this system of records contains 
information relevant to the retention of an employee, the retention of 
a security clearance, the letting of a contract, or the issuance of a 
license, grant, or other benefit. That entity, authority or licensing 
organization may then make a request supported by the written consent 
of the individual for the entire record if it so chooses.
    D. Information may be disclosed to a congressional office from the 
record of an individual in response to an inquiry from the 
congressional office made at the request of the individual.
    E. Information may be disclosed to the Department of Justice (DOJ), 
or in a proceeding before a court, adjudicative body, or other 
administrative body before which the Board is authorized to appear, 
when:
    1. The Board, or any component thereof; or
    2. Any employee of the Board in his or her official capacity; or
    3. Any employee of the Board in his or her individual capacity 
where the DOJ or the Board has agreed to represent the employee; or
    4. The United States, if the Board determines that litigation is 
likely to affect the Board or any of its components, is a party to 
litigation or has an interest in such litigation, and the use of such 
records by the DOJ or the Board is deemed by the Board to be relevant 
and necessary to the litigation, provided, however, that in each case 
it has been determined that the disclosure is compatible with the 
purpose for which the records were collected.
    F. Information may be disclosed to the National Archives and 
Records Administration in records management inspections.
    G. Information may be disclosed to contractors, grantees, 
consultants, or volunteers performing or working on a contract, 
service, grant, cooperative agreement, job, or other activity for the 
Board and who have a need to have access to the information in the 
performance of their duties or activities for the Board.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE:
    The 1512 Data System records will be stored in digital format on a 
digital storage device. Long-term 1512 Data System records will be 
stored on magnetic tape format. All record storage procedures are in 
accordance with current applicable regulations.

RETRIEVABILITY:
    Records are retrievable by database management systems software 
designed to retrieve recipient reporting elements based upon role-based 
user access privileges.

SAFEGUARDS:
    The Board has minimized the risk of unauthorized access to the 
system by establishing a secure environment for exchanging electronic 
information. Physical access uses a defense in-depth approach 
restricting access at each layer closest to where the actual system 
resides. The entire complex is patrolled by security during non-
business hours. Physical access to the data system housed within the 
facility is controlled by a computerized badge-reading system. Multiple 
levels of security are maintained via dual factor authentication for 
access using biometrics. The computer system offers a high degree of 
resistance to tampering and circumvention. This system limits data 
access to Board and contract staff on a need-to-know basis, and 
controls individuals' ability to access and alter records within the 
system. All users of the system of records are given a unique user 
identification (ID) with personal identifiers. All interactions between 
the system and the authorized individual users are recorded.

RETENTION AND DISPOSAL:
    The Board will retain and dispose of these records in accordance 
with National Archives and Records Administration General Records 
Schedule 20, Item 1.c. This schedule provides disposal authorization 
for electronic files and hard copy printouts created to monitor system 
usage, including but not limited to log-in files, audit trail files, 
system usage files, and cost-back files used to access charges for 
system use. Records will be deleted or destroyed when the Board 
determines they are no longer needed for administrative, legal, audit, 
or other program purposes.

SYSTEM MANAGER AND ADDRESS:
    Michael Wood, Recovery Accountability and Transparency Board, 1717 
Pennsylvania Avenue, NW., Suite 700, Washington, DC 20006.

NOTIFICATION PROCEDURE:
    Any individual who wants to know whether this system of records 
contains a record about him or her, who wants access to his or her 
record, or who wants to contest the contents of a record should make a 
written request to the system manager.

RECORD ACCESS PROCEDURES:
    A request for record access shall follow the directions described 
under Notification Procedure and will be addressed to the system 
manager at the address listed above.

CONTESTING RECORDS PROCEDURES:
    If you wish to contest a record in the system of records, contact 
the system manager and identify the record to be changed, identify the 
corrective action sought, and provide a written justification.

RECORD SOURCE CATEGORIES:
    Information is obtained from individuals who have had or seek to 
have their identity authenticated except that a password and a username 
are explicitly self-assigned by the user registering to gain access to 
the 1512 Data System.
RATB-10

SYSTEM NAME:
    FederalReporting.gov Recipient Registration System (FRRS).

SECURITY CLASSIFICATION:
    None.

[[Page 40157]]

SYSTEM LOCATION:
    The principal management entity for the FRRS system is the Recovery 
Accountability and Transparency Board, located at 1717 Pennsylvania 
Avenue, NW., Suite 700, Washington, DC 20006. The physical location for 
the system will be the CGI Phoenix Data Center, located at 10007 South 
51st Street, Phoenix, AZ 85044. The system will be operated at this 
facility.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system contains records on all individuals that have either 
attempted to register or have registered to obtain an account to use 
FederalReporting.gov to report recipient data elements related to 
Recovery funds.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system contains records including individual's name, self-
assigned user name and security question, work address and related 
contact information (e.g., phone and fax numbers, e-mail address), 
organizational point of contact, and related contact information. The 
individual registering for FederalReporting.gov will generate a self-
assigned password that will be stored on the FRRS, but will only be 
accessible to the registering individual. The system will also store 
other system-generated data such as the registration date, time, and 
other identifiers for internal tracking. Upon assignment of the 
password and ID code, the user may subsequently access 
FederalReporting.gov by entering these data.

AUTHORITY FOR MAINTENANCE OF SYSTEM:
    The Recovery Act was enacted on February 17, 2009, in order to make 
supplemental appropriations for job preservation and creation, 
infrastructure investment, energy efficiency and science, assistance to 
the unemployed, and State and local fiscal stabilization.

PURPOSE(S):
    FederalReporting.gov is the Board's inbound Recovery reporting 
solution. Recipients of Recovery funds are required to disclose certain 
information, which must then be posted on the public-facing Web site, 
Recovery.gov. The purpose of collecting this information is to provide 
the public with information as to how the government spends money, and 
also to assist with the prevention of fraud, waste, and mismanagement 
of Recovery funds. FRRS was developed to protect the Board and 
FederalReporting.gov users from individuals seeking to gain 
unauthorized access to user accounts on FederalReporting.gov. 
FederalReporting.gov is the sole source for reporting Recovery Act 
information.
    The information contained in records maintained in the FRRS is used 
for the purposes of verifying the identity of the individual, allowing 
individual users to establish an account on FederalReporting.gov, 
providing individual users access to their FederalReporting.gov account 
for reporting data, allowing individual users to customize, update or 
terminate their account with FederalReporting.gov, renewing or revoking 
an individual user's account on FederalReporting.gov, supporting the 
FederalReporting.gov help desk functions, investigating possible fraud 
and verifying compliance with program regulations, and initiating legal 
action against an individual involved in program fraud, abuse, or 
noncompliance. The information is also used to provide authenticated 
protected access to FederalReporting.gov, thereby protecting 
FederalReporting.gov and FederalReporting.gov users from potential harm 
caused by individuals with malicious intentions gaining unauthorized 
access to the system.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    FRRS records will be used to facilitate registering 
FederalReporting.gov system users, issuing a username and password, and 
subsequently, verifying an individual's identity as he/she seeks to 
gain routine access to his/her account. In some cases, the 
organizational point of contact has the ability to deny access or 
reporting privileges for the organization, based on the registration 
information provided by the user. The system has secondary uses that 
include: using the established username to facilitate tracking service 
calls or e-mails from the user in the event that there is a change in 
registration status or a problem the user has with 
FederalReporting.gov; facilitating the retrieval of user actions (e.g., 
historical submissions and help tickets) and events while on the 
FederalReporting.gov system. The records may also be subsequently used 
for auditing or other internal purpose of the Board, including but not 
limited to: Instances where enforcement of the conditions of using 
FederalReporting.gov are necessary; investigation of possible fraud 
involving a registered user; litigation purposes related to information 
reported to the Board; contacting the individual in the event of a 
system modification; a change to FederalReporting.gov; or modification, 
revocation or termination of user's access privileges to 
FederalReporting.gov.
    The Board may disclose information contained in a record in this 
system of records under the routine uses listed in this notice without 
the consent of the individual if the disclosure is compatible with the 
purposes for which the record was collected.
    The general routine uses for the Board's FRRS are listed as 
follows:
    A. Information may be disclosed to the appropriate Federal, State, 
local, or Tribal agency responsible for investigating, prosecuting, 
enforcing, or implementing a statute, rule, regulation, or order, if 
the information is relevant to a violation or potential violation of 
civil or criminal law or regulation within the jurisdiction of the 
receiving entity.
    B. Disclosure may be made to a Federal, State, local, or Tribal or 
other public authority of the fact that this system of records contains 
information relevant to the retention of an employee, the retention of 
a security clearance, the letting of a contract, or the issuance of a 
license, grant, or other benefit. That entity, authority or licensing 
organization may then make a request supported by the written consent 
of the individual for the entire record if it so chooses.
    C. Information may be disclosed to a congressional office from the 
record of an individual in response to an inquiry from the 
congressional office made at the request of the individual.
    D. Information may be disclosed to the Department of Justice (DOJ), 
or in a proceeding before a court, adjudicative body, or other 
administrative body before which the Board is authorized to appear, 
when:
    1. The Board, or any component thereof; or
    2. Any employee of the Board in his or her official capacity; or
    3. Any employee of the Board in his or her individual capacity 
where the DOJ or the Board has agreed to represent the employee; or
    4. The United States, if the Board determines that litigation is 
likely to affect the Board or any of its components, is a party to 
litigation or has an interest in such litigation, and the use of such 
records by the DOJ or the Board is deemed by the Board to be relevant 
and necessary to the litigation, provided, however, that in each case 
it has been determined that the disclosure is compatible with the 
purpose for which the records were collected.
    E. Information may be disclosed to the National Archives and 
Records

[[Page 40158]]

Administration in records management inspections.
    F. Information may be disclosed to contractors, grantees, 
consultants, or volunteers performing or working on a contract, 
service, grant, cooperative agreement, job, or other activity for the 
Board and who have a need to have access to the information in the 
performance of their duties or activities for the Board.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    The FRRS records will be stored in digital format on a digital 
storage device. Long-term FRRS Data System records will be stored on 
magnetic tape format. All record storage procedures are in accordance 
with current applicable regulations.

RETRIEVABILITY:
    Records are retrievable by database management systems software 
designed to retrieve FRRS elements based upon role-based user access 
privileges. Records are retrievable by the FRRS user name.

SAFEGUARDS:
    The Board has minimized the risk of unauthorized access to the 
system by establishing a secure environment for exchanging electronic 
information. Physical access uses a defense in-depth approach 
restricting access at each layer closest to where the actual system 
resides. The entire complex is patrolled by security during non-
business hours. Physical access to the data system housed within the 
facility is controlled by a computerized badge reading system. Multiple 
levels of security are maintained via dual factor authentication for 
access using biometrics. The computer system offers a high degree of 
resistance to tampering and circumvention. This system limits data 
access to Board and contract staff on a need-to-know basis, and 
controls individuals' ability to access and alter records within the 
system. All users of the system of records are given a unique user 
identification (ID) with personal identifiers. All interactions between 
the system and the authorized individual users are recorded.

RETENTION AND DISPOSAL:
    The Board will retain and dispose of these records in accordance 
with National Archives and Records Administration General Records 
Schedule 20, Item 1.c. This schedule provides disposal authorization 
for electronic files and hard copy printouts created to monitor system 
usage, including but not limited to log-in files, audit trail files, 
system usage files, and cost-back files used to access charges for 
system use. Records will be deleted or destroyed when the Board 
determines they are no longer needed for administrative, legal, audit, 
or other program purposes.

SYSTEM MANAGERS AND ADDRESS:
    Michael Wood, Recovery Accountability and Transparency Board, 1717 
Pennsylvania Avenue, NW., Suite 700, Washington, DC 20006.

NOTIFICATION PROCEDURE:
    Any individual who wants to know whether this system of records 
contains a record about him or her, who wants access to his or her 
record, or who wants to contest the contents of a record should make a 
written request to the system manager.

RECORD ACCESS PROCEDURES:
    A request for record access shall follow the directions described 
under Notification Procedure and will be addressed to the system 
manager at the address listed above.

CONTESTING RECORDS PROCEDURES:
    If you wish to contest a record in the system of records, contact 
the system manager and identify the record to be changed, identify the 
corrective action sought, and provide a written justification.

RECORD SOURCE CATEGORIES:
    Information is obtained from individuals who have had or seek to 
have their identity authenticated except that a password and a username 
are explicitly self-assigned by the user registering to gain access to 
FederalReporting.gov.

Ivan J. Flores,
Paralegal Specialist, Recovery Accountability and Transparency Board.
[FR Doc. E9-19160 Filed 8-10-09; 8:45 am]
BILLING CODE 6820-GA-P