Privacy Act of 1974; Privacy Act System of Records, 78050-78052 [2011-32120]

Agencies

• National Aeronautics and Space Administration

[Federal Register Volume 76, Number 241 (Thursday, December 15, 2011)]
[Notices]
[Pages 78050-78052]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2011-32120]



[[Page 78050]]

=======================================================================
-----------------------------------------------------------------------

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

[Notice (11-118)]


Privacy Act of 1974; Privacy Act System of Records

AGENCY: National Aeronautics and Space Administration (NASA).

ACTION: Notice of proposed revisions to an existing Privacy Act system 
of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 
U.S.C. 552a), the National Aeronautics and Space Administration is 
issuing public notice of its proposal to modify its previously noticed 
system of records NASA 10SECR Security Records System. This notice sets 
forth those modifications and cancels another NASA system of records 
NASA 10FNMS, as those records are now combined within NASA 10SECR. The 
system updates summarized below under the caption SUPPLEMENTARY 
INFORMATION.

DATES: Submit comments within 30 calendar days from the date of this 
publication.

ADDRESSES: Patti F. Stockman, Privacy Act Officer, Office of the Chief 
Information Officer, National Aeronautics and Space Administration 
Headquarters, Washington, DC 20546-0001, (202) 358-4787, NASA-PAOfficer@nasa.gov.

FOR FURTHER INFORMATION CONTACT: NASA Privacy Act Officer, Patti F. 
Stockman, (202) 358-4787, NASA-PAOfficer@nasa.gov.

SUPPLEMENTARY INFORMATION: Modifications of the NASA systems of records 
include: addition of a system location, additional description of 
categories of individuals covered by and of records contained in the 
system, update of authorities for maintenance of the system, revision 
and addition of routine uses, update of retention and disposal 
citations, as well as the system locations, and practices for storing, 
retrieving, and safeguarding information.

Linda Y. Cureton,
NASA Chief Information Officer.
NASA 10SECR

SYSTEM NAME:
    Security Records System.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    The centralized data system is located at Location 9. Records are 
also located at Locations 1 through 9 and Locations 11, 12, and 14. The 
locations are set forth in Appendix A.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system maintains information on Civil Servant Employees, 
applicants, NASA committee members, NASA consultants, NASA experts, 
NASA Resident Research Associates, guest workers, contractor employees, 
detailees, visitors, correspondents (written and telephonic), Faculty 
Fellows, Intergovernmental Personnel Mobility Act (IPA) Employees, 
Grantees, Cooperative Employees, and Remote Users of NASA Non-Public 
Information Technology Resources. This system also maintains 
information on all non-U.S. citizens, to include Lawful Permanent 
Residents seeking access to NASA facilities, resources, laboratories, 
contractor sites, Federally Funded Research and Development Centers or 
NASA sponsored events for unclassified purposes to include employees of 
NASA or NASA contractors; prospective NASA or NASA contractor 
employees; employees of other U.S. Government agencies or their 
contractors; foreign students at U.S. institutions; officials or other 
persons employed by foreign governments or other foreign institutions 
who may or may not be involved in cooperation with NASA under 
international agreements; foreign media representatives; and 
representatives or agents of foreign national governments seeking 
access to NASA facilities, to include high-level protocol visits; or 
international relations.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Personnel Security Records, Personal Identity Records including 
NASA visitor files, Emergency Data Records, Criminal Matters, Traffic 
Management Records, and Access Management Records. Specific records 
fields include, but are not limited to: Name, former names, date of 
birth, place of birth, social security number, home address, phone 
numbers, citizenship, traffic infraction, security violation, security 
incident, security violation discipline status and action taken.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    18 U.S.C. 793-799, Espionage and Information Control Statutes;
    18 U.S.C. 2151-2157, Sabotage Statutes;
    18 U.S.C. 202-208, Bribery, Graft, and Conflicts of Interest ;
    18 U.S.C. 3056, Powers, authorities, and duties of United States 
Secret Service;
    18 U.S.C. 371, Conspiracy Statute;
    40 U.S.C. 1441, Responsibilities regarding efficiency, security, 
and privacy of Federal computer systems;
    44 U.S.C. 3101, Records management by agency heads; general duties;
    50 U.S.C., Internal Security Act of 1950;
    51 U.S.C. 20101 National and Commercial Space Programs;
    42 U.S.C., 2011 et seq., Atomic Energy Act of 1954, as amended;
    Executive Order 9397, as amended, Numbering System for Federal 
Accounts Relating to Individual Persons;
    Executive Order 13526, as amended, Classified National Security 
Information;
    Executive Order 12968, as amended, Access to Classified 
Information;
    Executive Order 10865, Safeguarding Classified Information Within 
Industry;
    Executive Order 10450, Security Requirements for Government 
Employees;
    Pub. L. 81-733, Summary suspension of employment of civilian 
officers and employees;
    Pub. L. 107-347, Federal Information Security Management Act 2002;
    HSPD 12, Policy for a Common Identification Standard for Federal 
Employees and Contractors;
    14 CFR parts 1203 through 1203b, NASA Information Security Program;
    14 CFR 1213; NASA Release of Information to News and Information 
Media;
    15 CFR 744; EAR Control Policy: End-user and End-use Based;
    22 CFR 62, Exchange Visitor Program;
    22 CFR 120-130; Foreign Relations Export Control;
    41 CFR Chapter 101 Federal Property Management Regulation;

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Any disclosures of information will be compatible with the purpose 
for which the Agency collected the information. The records and 
information in these records may be disclosed:
    1. To the Department of Justice (DOJ) when: (a) The agency or any 
component thereof; (b) any employee of the agency in his or her 
official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the DOJ has agreed to represent the 
employee; or (d) the United States Government, is a party to litigation 
or has an interest in such litigation, and by careful review, the 
agency determines that the records are both relevant and necessary to 
the litigation and the use of such records by DOJ is therefore deemed

[[Page 78051]]

by the agency to be for a purpose compatible with the purpose for which 
the agency collected the records.
    2. To a court or adjudicative body in a proceeding when: (a) The 
agency or any component thereof; (b) any employee of the agency in his 
or her official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the Department of Justice has 
agreed to represent the employee; or (d) the United States Government, 
is a party to litigation or has an interest in such litigation, and by 
careful review, the agency determines that the records are both 
relevant and necessary to the litigation and the use of such records is 
therefore deemed by the agency to be for a purpose that is compatible 
with the purpose for which the agency collected the records.
    3. To an Agency in order to provide a basis for determining 
preliminary visa eligibility.
    4. To a staff member of the Executive Office of the President in 
response to an inquiry from the White House.
    5. To the National Archives and Records Administration or to the 
General Services Administration for records management inspections 
conducted under 44 U.S.C. 2904 and 2906.
    6. To agency contractors, grantees, or volunteers who have been 
engaged to assist the agency in the performance of a contract service, 
grant, cooperative agreement, or other activity related to this system 
of records and who need to have access to the records in order to 
perform their activity. Recipients shall be required to comply with the 
requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.
    7. To other Federal agencies and relevant contractor facilities to 
determine eligibility of individuals to access classified National 
Security information.
    8. To any official investigative or judicial source from which 
information is requested in the course of an investigation, to the 
extent necessary to identify the individual, inform the source of the 
nature and purpose of the investigation, and to identify the type of 
information requested.
    9. To the news media or the general public, factual information the 
disclosure of which would be in the public interest and which would not 
constitute an unwarranted invasion of personal privacy, consistent with 
Freedom of Information Act standards.
    10. To a Federal, State, or local agency, or other appropriate 
entities or individuals, or through established liaison channels to 
selected foreign governments, in order to enable an intelligence agency 
to carry out its responsibilities under the National Security Act of 
1947 as amended, the CIA Act of 1949 as amended, Executive Order 12333 
or any successor order, applicable national security directives, or 
classified implementing procedures approved by the Attorney General and 
promulgated pursuant to such statutes, orders or directives.
    11. In order to notify an employee's next-of-kin or contractor in 
the event of a mishap involving that employee or contractor.
    12. To notify another Federal agency when, or verify whether, a PIV 
card is valid.
    13. To provide relevant information to an internal or external 
organization or element thereof conducting audit activities of a NASA 
contractor or subcontractor.
    14. To provide a NASA contractor, subcontractor, grantee, or other 
Government organization information developed in an investigation or 
administrative inquiry concerning a violation of a Federal or state 
statute or regulation on the part of an officer or employee of the 
contractor, subcontractor, grantee, or other Government organization.
    15. A record from this system may be disclosed to foreign 
governments or international organizations if required by treaties, 
international conventions, or executive agreements.
    16. A record from this system may be disclosed to members of a NASA 
Advisory Committee or Committees and interagency boards charged with 
responsibilities pertaining to international visits and assignments 
and/or national security when authorized by the individual or to the 
extent the committee(s) is so authorized and such disclosure is 
required by law.
    17. A record from this system may be disclosed to the following 
individuals for the purpose of providing information on traffic 
accidents, personal injuries, or the loss or damage of property: (a) 
Individuals involved in such incidents; (b) persons injured in such 
incidents; (c) owners of property damaged, lost or stolen in such 
incidents; and/or (d) these individuals' duly verified insurance 
companies, personal representatives, employers, and/or attorneys. The 
release of information under these circumstances should only occur when 
it will not: (a) interfere with ongoing law enforcement proceedings, 
(b) risk the health or safety of an individual, or (c) reveal the 
identity of an informant or witness that has received an explicit 
assurance of confidentiality. Social security numbers should not be 
released under these circumstances unless the social security number 
belongs to the individual requester. The intent of this use is to 
facilitate information flow to parties who need the information to 
adjudicate a claim.
    18. NASA standard routine uses as set forth in Appendix B.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Records in this system are maintained on electronic media and hard-
copy documents.

RETRIEVABILITY:
    Records are retrieved from the system by individual's name, file 
number, badge number, decal number, payroll number, Agency-specific 
unique personal identification code, and/or Social Security Number.

SAFEGUARDS:
    Access to system records is controlled by either Government 
personnel or selected personnel of NASA contractor guard/security force 
and contractor personnel. After presenting proper identification and 
requesting a file or record, a person with an official need to know 
and, if appropriate, a proper clearance may have access to a file or 
records only after it has been retrieved and approved for release by a 
NASA security representative. These records are secured in security 
storage equipment, and/or information technology systems employing 
security countermeasures.

RETENTION AND DISPOSAL:
    The Personnel Security Records are maintained in Agency files and 
destroyed upon notification of the death or within 5 years after 
separation or transfer of employee or within 5 years after contract 
relationship expires, whichever is applicable in accordance with NASA 
Records Retention Schedules (NRRS), Schedule 1 Item 103. The foreign 
national files are maintained in Agency files and destroyed in 
accordance with NRRS, Schedule 1 Item 35.
    The Personal Identity Records are maintained in Agency files and 
destroyed upon notification of the death or within 5 years after 
separation or transfer of employee or within 5 years after contract 
relationship expires, whichever is applicable in accordance with NRRS, 
Schedule 1 Item 103. Visitor files are maintained and destroyed in 
accordance with NRRS, Schedule 1 Item 114.
    The Emergency Data Records are maintained in Agency files and

[[Page 78052]]

destroyed when superseded or obsolete in accordance with NRRS 1, Item 
100B.
    The Criminal Matter Records are maintained in Agency files and 
destroyed in accordance with Items A and B of National Archives and 
Records Administration Disposition Authorization N1-255-07-2 after its 
approval by the Archivist of the United States.
    The Traffic Management Records are maintained in Agency files and 
destroyed in accordance with Item C of National Archives and Records 
Administration Disposition Authorization N1-255-07-2 after its approval 
by the Archivist of the United States.

SYSTEM MANAGER(S) AND ADDRESS:
    Deputy Assistant Administrator of the Office of Protective 
Services, Location 1. Subsystem Managers: The Chief of Security/
Protective Services at each subsystem location at locations 1 through 9 
and locations 11, 12, and 14. Locations are as set forth in Appendix A.

NOTIFICATION PROCEDURE:
    Information may be obtained from the cognizant system or subsystem 
manager listed above. Requests must contain the following identifying 
data concerning the requestor: First, middle, and last name; date of 
birth; Social Security Number; period and place of employment with 
NASA, if applicable.

RECORD ACCESS PROCEDURES:
    Personnel Security Records compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, Federal contracts, or access to classified 
information have been exempted by the Administrator under 5 U.S.C. 
552a(k)(5) from the access provisions of the Act.
    Personal Identity Records: Requests from individuals should be 
addressed to the same address as stated in the Notification section 
above.
    Emergency Data Records: Requests from individuals should be 
addressed to the same address as stated in the Notification section 
above.
    Criminal Matter Records compiled for civil or criminal law 
enforcement purposes have been exempted by the Administrator under 5 
U.S.C. 552a(k)(2) from the access provision of the Act. Traffic 
Management Records: Requests from individuals should be addressed to 
the same address as stated in the Notification section above.

CONTESTING RECORD PROCEDURES:
    For Personnel Security Records and Criminal Matters Records, see 
Record Access Procedures, above. For Personal Identity Records, 
Emergency Data Records, and Traffic Management Records, the NASA rules 
for access to records and for contesting contents and appealing initial 
determinations by the individual concerned appear at 14 CFR part 1212.

RECORD SOURCE CATEGORIES:
    Information is obtained from a variety of sources including the 
employee, contractor, or applicant via use of the Standard Form (SF) 
SF-85, SF-85P, or SF-86 and personal interviews; employers' and former 
employers' records; FBI criminal history records and other databases; 
financial institutions and credit reports; medical records and health 
care providers; educational institutions; interviews of witnesses such 
as neighbors, friends, coworkers, business associates, teachers, 
landlords, or family members; tax records; and other public records. 
Security violation information is obtained from a variety of sources, 
such as guard reports, security inspections, witnesses, supervisor's 
reports, audit reports.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    Personnel Security Records compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, Federal contracts, or access to classified 
information, but only to the extent that the disclosure of such 
material would reveal the identity of a confidential source, are exempt 
from the following sections of the Privacy Act of 1974, 5 U.S.C. 
552a(c)(3) relating to access to the disclosure accounting; (d) 
relating to access to the records; (e)(1) relating to the type of 
information maintained in the records; (e)(4)(G), (H) and (I) relating 
to publishing in the annual system notice information as to agency 
procedures for access and correction and information as to the 
categories of sources of records; and (f) relating to developing agency 
rules for gaining access and making corrections. The determination to 
exempt the Personnel Security Records portion of the Security Records 
System has been made by the Administrator of NASA in accordance with 5 
U.S.C. 552a(k)(5) and Subpart 5 of the NASA regulations appearing in 14 
CFR part 1212.
    Criminal Matter Records to the extent they constitute investigatory 
material compiled for law enforcement purposes are exempt from the 
following sections of the Privacy Act of 1974, 5 U.S.C. 552a(c)(3) 
relating to access to the disclosure accounting; (d) relating to access 
to the records; (e)(1) relating to the type of information maintained 
in the records; (e)(4)(G), (H) and (I) relating to publishing in the 
annual system notice information as to agency procedures for access and 
correction and information as to the categories of sources of records; 
and (f) relating to developing agency rules for gaining access and 
making corrections. The determination to exempt the Criminal Matter 
Records portion of the Security Records System has been made by the 
Administrator of NASA in accordance with 5 U.S.C. 552a(k)(2) and 
subpart 5 of the NASA regulations appearing in 14 CFR part 1212.
    Records subject to the provisions of 5 U.S.C. 552(b)(1) required by 
Executive Order to be kept secret in the interest of national defense 
or foreign policy are exempt from the following sections of the Privacy 
Act of 1974, 5 U.S.C. 552a:(c)(3) relating to access to the disclosure 
accounting; (d) relating to the access to the records; (e)(1) relating 
to the type of information maintained in the records; (e)(4)(G), (H) 
and (I) relating to publishing in the annual system notice information 
as to agency procedures for access and correction and information as to 
the categories of sources of records; and (f) relating to developing 
agency rules for gaining access and making corrections. The 
determination to exempt this portion of the Security Records System has 
been made by the Administrator of NASA in accordance with 5 U.S.C. 
552a(k)(1) and subpart 5 of the NASA regulations appearing in 14 CFR 
part 1212.
[FR Doc. 2011-32120 Filed 12-14-11; 8:45 am]
BILLING CODE P