Proposed Privacy Act System of Records, 54190-54192 [2011-22241]
Download as PDFAgencies
[Federal Register Volume 76, Number 169 (Wednesday, August 31, 2011)] [Notices] [Pages 54190-54192] From the Federal Register Online via the Government Printing Office [www.gpo.gov] [FR Doc No: 2011-22241] ======================================================================== Notices Federal Register ________________________________________________________________________ This section of the FEDERAL REGISTER contains documents other than rules or proposed rules that are applicable to the public. Notices of hearings and investigations, committee meetings, agency decisions and rulings, delegations of authority, filing of petitions and applications and agency statements of organization and functions are examples of documents appearing in this section. ======================================================================== Federal Register / Vol. 76, No. 169 / Wednesday, August 31, 2011 / Notices [[Page 54190]] DEPARTMENT OF AGRICULTURE Proposed Privacy Act System of Records AGENCY: Office of the Chief Information Officer (OCIO), Departmental Management (DM). ACTION: Notice of Proposed Privacy Act System of Records. ----------------------------------------------------------------------- SUMMARY: In accordance with the requirements of the Privacy Act of 1974, as amended, the U.S. Department of Agriculture (USDA), OCIO gives notice of a new Privacy Act System of Records. DATES: This notice will be effective without further notice on October 31, 2011 unless modified by a subsequent notice to incorporate comments received from the public. Written or electronic comments must be received by the contact person listed below on or before September 30, 2011 to be assured consideration. ADDRESSES: You may submit written or electronic comments on this notice by any of the following methods:Federal eRulemaking Portal: https://www.regulations.gov. Follow the online instructions for submitting comments. Mail: Phyllis Holmes, Compliance Officer, DM, USDA, 1400 Independence Avenue, Room 2916, SW., Washington, DC 20250. E-mail: Phyllis.Holmes@dm.usda.gov. Fax: (202) 720-0105. All comments will become a matter of public record and should be identified as ``FOIAXpress System of Records Comments,'' making reference to the date and page number of this issue of the Federal Register. Comments will be available for public inspection in the above office during regular business hours (7 CFR 1.27(b)). Please call Phyllis Holmes at (202) 720-0068 to make an appointment to read comments. FOR FURTHER INFORMATION CONTACT: Phyllis Holmes, Compliance Officer, DM, USDA, at (202) 720-0068. SUPPLEMENTARY INFORMATION: The Freedom of Information Act (FOIA), 5 U.S.C. 552, was enacted in 1966 and gives any person the right to request access to almost any Federal agency record, except those protected from disclosure by legal exemptions and exclusions (e.g., classified national security, business proprietary, personal privacy, and investigative documents). The public may submit a FOIA request to USDA by sending a written request for the records directly to the USDA component responsible for the records sought. In addition, the Privacy Act, 5 U.S.C. 552a, provides individuals with certain rights to request and amend information maintained by USDA about them. In addition, the Privacy Act restricts USDA's ability to disclose certain information about individuals maintained in an agency Privacy Act System of Records. Individuals may submit Privacy Act requests to USDA in writing in accordance with USDA Privacy Act procedures. In March, 2009, Attorney General Eric Holder issued comprehensive new FOIA guidelines. In addition to establishing criteria governing the presumption of disclosure, the Attorney General's FOIA guidelines emphasized that agencies must have effective systems in place for responding to FOIA requests. In response, the USDA Freedom of Information Act Express (FX) Project was undertaken to increase openness with the public and to address the current lack of standardized reporting and tracking of USDA's FOIA data and information requests. Currently, USDA's FOIA program is decentralized, with each mission area and agency managing its respective FOIA programs. At the end of each year, each agency must collect and report the appropriate data for the FOIA Annual Report. Currently the annual reporting process is manual and time consuming. The purpose of the USDA FX system is to transform the USDA FOIA management experience from a manual task to an efficient business process across the enterprise. This technology implementation will allow for real-time tracking, management, centralized oversight, and quality control across the USDA FOIA program. With FX, USDA agencies anticipate a more efficient process, resulting in quicker responses to requests for information. In addition, the process of capturing, collating, and calculating values for the Annual Report will be enhanced and fully automated. As a result, the USDA FOIA program will be streamlined. The USDA FOIA Officer will be able to maintain a real time snapshot of the activities of every agency at any given time. Signed at Washington, DC, on August 19, 2011. Pearlie S. Reed, Assistant Secretary of Agriculture for Administration. System Name: Freedom of Information Act Express (FX). Security Classification: None. System Location: The records in this system are collected in a Web-based system located on servers in Gaithersburg, Maryland. The system is an enterprise solution that operates through USDA. A list of USDA FOIA servicing centers can be found at https://www.dm.usda.gov/foia_public_liaisons.htm. FX will be used by FOIA servicing centers and staff offices responsible for processing FOIA and Privacy Act requests throughout USDA. Categories of Individuals Covered by the System: Individuals covered by this system of records include: individuals who submit FOIA requests, FOIA appeals, and Privacy Act requests and appeals to USDA; individuals whose requests, appeals, and/or records have been referred to USDA by other agencies; attorneys or other persons representing individuals submitting such requests and appeals or litigation; individuals who are the subjects of such requests; and government personnel assigned to handle such requests or appeals. Categories of Records in the System: Categories of records in this system may include the following records received, created, or compiled in processing FOIA and Privacy Act requests or appeals: Original requests and administrative appeals; documents relating to payment of FOIA fees; correspondence between the agency and the FOIA or Privacy Act requester; and internal agency records relating to the processing of FOIA and Privacy Act requests and appeals. In some cases, the [[Page 54191]] records responsive to the request may be included in the database. Types of information in the records may include requesters' and their attorneys' or representatives' names, addresses, e-mail addresses, telephone numbers, and FOIA case numbers; office telephone numbers, and office routing symbols of USDA employees and contractors; names, telephone numbers, and addresses of the submitter of the information requested; and unique case identifier or other identifier assigned to the request or appeal. Authority for Maintenance of the System: FOIA Act, 5 U.S.C. 552, As Amended By Public Law No. 104-231, 110 Stat. 3048 and the Privacy Act of 1974, 5 U.S.C. 552a Section (e)(4)(A). Purpose(s): The purpose of this system of records is to permit the USDA's OCIO to administer and manage FOIA requests. The system will also assist the FOIA Officials at the USDA agencies to process and track FOIA requests for records. Currently, USDA agencies utilize multiple manual and office suite products to track, respond to, and close out FOIA requests. The OCIO, in an effort to streamline the FOIA process, is implementing a solution, FX, that will allow USDA to enter, view, update, process, and track real time FOIA requests received. FX will allow the public to submit FOIA requests online utilizing FX's Public Access Link (PAL). PAL is a Web front-end portal that will allow requestors the opportunity to send, and see in real time, the status of their FOIA request. Individuals wishing to use PAL, when available, will be required to establish a USDA e-authentication account. This system of records will have several routine uses to enable USDA to comply with the FOIA, 5 U.S.C. 552, as amended by Public Law No. 104- 231, 110 Stat. 3048, and the Privacy Act of 1974, 5 U.S.C. 552a Section (e)(4)(A). Routine Uses of Records Maintained in the System Including Categories of Users and Purposes of Such Uses: These records may be disclosed: A. To the Department of Justice (DOJ) or other Federal agency conducting litigation or in proceedings before any court, adjudicative or administrative body, when: 1. USDA or any USDA agency; 2. Any employee of USDA in his/her official capacity; 3. Any employee of USDA in his/her individual capacity where DOJ or USDA has agreed to represent the employee; or 4. The United States or any agency thereof, is a party to the litigation or has an interest in such litigation, and USDA determines that the records are both relevant and necessary to the litigation, and the use of such records is compatible with the purpose for which USDA collected the records. B. To a congressional office in response to an inquiry from that congressional office made at the request of the individual to whom the record pertains. C. To the National Archives and Records Administration (NARA) or other Federal government agencies pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906. D. To an agency, organization, or individual for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function. E. To appropriate agencies, entities, and persons when: 1. USDA suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; 2. The Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by USDA or another agency or entity) that rely upon the compromised information; 3. The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with USDA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. F. To contractors and their agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for USDA, when necessary to accomplish an agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to USDA officers and employees. G. To an appropriate Federal, State, Tribal, local, international, or foreign law enforcement agency or other appropriate authority charged with investigating or prosecuting a violation or enforcing or implementing a law, rule, regulation, or order, where a record, either on its face or in conjunction with other information, indicates a violation or potential violation of law, which includes criminal, civil, or regulatory violations, and such disclosure is proper and consistent with the official duties of the person making the disclosure. H. When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate public authority, whether Federal, foreign, State, local, or Tribal, or otherwise, responsible for enforcing, investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, or prosecutorial responsibility of the receiving entity. Disclosure to Consumer Reporting Agencies: None. Policies and Practice For Storing, Retrieving, Accessing, Retaining and Disposing of Records in the System Storage: Electronic records are maintained on a server at a secure contractor facility within the Washington, DC, metropolitan area. Access to the system is restricted and role based. Access to information is granted only to those individuals assigned or working on a FOIA case. Retrievability: Data will be indexed by first name, last name, case number, or other agency identifier. Safeguards: The system itself will be secured in a restricted area within USDA owned/operated computer space. Access to this space is strictly controlled using multiple physical access control security systems. This space can only be accessed by authorized personnel with the appropriate access devices. Electronic access to records is role based and controlled through a system of computer access identification and authorization utilizing passwords. Access is granted by the system administrator, and controlled by the database management system software. The system of records will not be exempt from any provisions of the Privacy Act. Retention and Disposal: Records in this system will be retained in accordance with NARA's [[Page 54192]] General Records Schedule 14, but may be retained for a longer period as required by litigation or open investigations or audits. A FOIA record deals with significant policy-making issues; it is a permanent record. A FOIA record may qualify as a permanent Federal Record. A permanent record is one that has been determined by NARA to have sufficient value to warrant its preservation in the National Archives of the United States. Permanent records include all records accessioned by NARA into the National Archives of the United States and later increments of the same records, and those for which the disposition is permanent on SF 115s, Request for Records Disposition Authority, approved by NARA on or after May 14, 1973. System Manager(s) and Address: The System manager for this system is the FX Program Manager. The mailing address for the USDA System Manager is 1400 Independence Ave., SW., Washington, DC 20250. Notification Procedures: Individuals seeking notification of and access to any record contained in this system of records, or seeking to contest its content, may submit a request in writing to the headquarters or component's FOIA Official, whose contact information can be found at https://www.dm.usda.gov/foia.htm under ``contacts.'' If an individual believes more than one component maintains Privacy Act records concerning him or her, the individual may submit the request to the Chief Privacy Act Officer, Department of Agriculture, 1400 Independence Avenue SW., Room 408-W, Washington, DC 20250. When seeking records about yourself from this system of records, or any other USDA system of records, your request must conform with the Privacy Act regulations set forth in 6 CFR part 5. You must first verify your identity, meaning that you must provide your full name, current address, and date and place of birth. You must sign your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. While no specific form is required, you may obtain forms for this purpose from the Chief FOIA Officer, Department of Agriculture, 1400 Independence Avenue, SW., Washington, DC 20250. In addition, you should provide the following: An explanation of why you believe USDA would have information on you, Identify which component(s) of USDA you believe may have the information about you, Specify when you believe the records would have been created, Provide any other information that will help the FOIA staff determine which USDA component agency may have responsive records, If your request is seeking records pertaining to another living individual, you must include a statement from that individual certifying his/her agreement for you to access his/her records. Without this bulleted information, the component(s) may not be able to conduct an effective search, and your request may be denied due to lack of specificity or lack of compliance with applicable regulations. Exemptions Claimed for the System: During the course of a FOIA/Privacy Act action, exempt material from other systems of records may become part of the case records in this system of records. To the extent that copies of exempt records from these other systems of records are entered into these Privacy Act case records, USDA hereby claims the same exemptions for the records as claimed in the original, primary system of records from which they originated, or in which they are maintained. United States Department of Agriculture OCIO-01--FOIAXPRESS (FX)Narrative Statement The purpose of the Freedom of Information Act Express (FX) system is to streamline and transform the USDA FOIA and Privacy Act request response process from a manual process to an automated system. Pursuant to FOIA and the Privacy Act, members of the public make information requests for agency records. Processing these requests requires the agency to maintain information on the requesters, including information necessary to correspond with the requesters, collect applicable fees, and search for requested records. FX will give USDA FOIA Officials and Privacy Act Officials the ability to enter FOIA requests into the system, track status, prepare responses, redact records, and complete the FOIA processing. FX has a Public Access Link (PAL) that will allow the public to submit and track their FOIA requests online. FX will be used by USDA to compile the annual FOIA report. FX will contain contact information about the individuals requesting records. Copies of the original agency records reviewed or processed in response to the request will be subject to the provisions of the Privacy Act System or Records from which they originated, if any. The authority to operate this system comes from the Freedom of Information Act, 5 U.S.C. 552, as amended by Public Law 104-231,110 Stat. 3048 and the Privacy Act of 1974, 5 U.S.C. 552a (e)(4)(A). While the information in this system may be made available outside USDA as set forth in the routine uses, in most cases, the information was voluntarily submitted by the individual or their representative either as part of a request for information from USDA, or an appeal. USDA requires the accumulation of some privacy data in order to contact and correspond with individuals requesting information. Use of this system, as established, should not result in undue infringement of any individual's right to privacy. The records contained in the system are protected by the confidentiality requirements of the USDA Office of the Chief Information Officer (OCIO) Cyber Security Manuals and the provisions of the Privacy Act. The vendor hosting the solution will operate the system in an approved, certified datacenter in the Washington, DC, metropolitan area. The system will not be hosted on a platform that shares applications or hardware with other organizations, or other organizational data. Only authorized USDA FOIA or Privacy Act officials will have access to the records in this system on a need-to-know basis. Role-based access controls are used, and FX is only accessible via the Internet using USDA e-authentication application. Records in the system are encrypted. Users of the system are granted access upon successful completion of security training. User access is role based and restricted based on the least privilege allowed for performing the job function principle. Due to the sensitive nature of FX, the system also adheres to the National Institute of Standards and Technology Special Publication 800- 53 security controls, and Federal Information Processing Systems (FIPS) 199 and 200. Moreover, specific USDA security requirements are adhered to through the USDA Cyber Security Manuals, including, but not limited to, DM3545-000 Personnel Security. Supporting Documentation: Systems Notice: The Department of Agriculture has attached advance copies of the Federal Register notice of the new system of records. [FR Doc. 2011-22241 Filed 8-30-11; 8:45 am] BILLING CODE 3412-BA-P
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.