Privacy Act of 1974; Notice of an Updated System of Records, 47138-47139 [2014-19071]
Download as PDF
<![CDATA[
47138
Federal Register / Vol. 79, No. 155 / Tuesday, August 12, 2014 / Notices
Service (SaaS) vendors. In addition,
some employees and contractors may
download and store information from
this system. Those copies are located
within the employees’ or contractors’
offices or on encrypted workstations
issued by GSA for individuals when
they are out of the office.
GENERAL SERVICES
ADMINISTRATION
[Notice–CIB–2014–03; Docket No. 2014–
0002; Sequence No. 23]
Privacy Act of 1974; Notice of an
Updated System of Records
General Services
Administration (GSA).
ACTION: Notice.
AGENCY:
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
GSA proposes to update a
system of records subject to the Privacy
Act of 1974, as amended, 5 U.S.C. 552a.
DATES: September 11, 2014.
ADDRESSES: GSA Privacy Act Officer
(ISP), General Services Administration,
1800 F Street NW., Washington, DC
20405.
SUMMARY:
Call
or email the GSA Privacy Act Officer:
telephone 202–208–1317; email
gsa.privacyact@gsa.gov.
SUPPLEMENTARY INFORMATION: GSA
proposes to update a system of records
subject to the Privacy Act of 1974, 5
U.S.C. 552a.
The updated system will allow the
public and GSA Users to utilize the
SalesForce application environment and
the Google Apps platform used by the
GSA.
FOR FURTHER INFORMATION CONTACT:
Dated: August 7, 2014.
James L. Atwater,
Director, Policy and Compliance Division,
Office of the Chief Information Officer.
GSA/CIO–3
SYSTEM NAME:
GSA’s Enterprise Organization of
Google Applications, Moderate Impact
Software as a Service Cloud (SaaS)
Minor Applications & GSA’s EEO Org of
Salesforce.com. This system is a
compilation of GSA’s Cloud based
minor applications implemented across
various vendors as well as GSA
applications, all of which are part of the
Enterprise Cloud Services (ECS) system.
emcdonald on DSK67QTVN1PROD with NOTICES
SYSTEM LOCATION:
Enterprise Cloud Services (ECS) is a
singular component system managed by
the Applied Solutions Division, a
division of Office of the Chief
Information Officer. The ECS system is
housed in secure datacenters hosted by
GSA in Kansas City (Region 6) and Fort
Worth (Region 7) and the Stennis
DataCenter in Hancock County, MS as
well as Cloud components as part of
GSA’s implementation of Google Apps,
Moderate Impact SaaS minor
applications and GSA’s EEO Org of
Salesforce.com implemented by GSA
with varying Cloud based Software as a
VerDate Mar<15>2010
17:45 Aug 11, 2014
Jkt 232001
The categories of individuals covered
by this system are the public who
access, or are granted access to, specific
minor applications in either the Google
Apps or Salesforce.com environment in
GSA and individuals collectively
referred to as ‘‘GSA Users’’, which are
GSA employed individuals who require
routine access to agency information
technology systems, including federal
employees, contractors, child care
workers and other temporary workers
with similar access requirements. The
system does not apply to or contain
occasional visitors or short-term guests
not cleared for use under HSPD–12.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system contains information
needed for the functionality of specific
minor applications that are developed
for either GSA’s implementation of
Google Apps or Salesforce.com. This
system contains the following
information:
Public individuals defined under
Categories of Individuals above/
employee/contractor/other worker’s full
name.
Organization/office of assignment.
Company/agency name.
Work address.
Work telephone number.
Social Security Number.
Personal physical home address.
Personal home or mobile phone.
Personal email addresses.
Individual work related records.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301, 40 U.S.C. 11315, 44
U.S.C. 3506, E.O. 9397, as amended, and
Homeland Security Presidential
Directive 12 (HSPD–12).
PURPOSES:
For the functionality and use of
specific minor applications within
GSA’s implementation of Google Apps
& Salesforce.com. Information may be
collected to meet the business
requirements of the application, site,
group or instance. The new system will
allow users to utilize the SalesForce
application environment and the Google
Apps platform used by the GSA.
A listing of applications covered by
this SORN can be found at: https://
www.gsa.gov/portal/content/102236.
PO 00000
Frm 00057
Fmt 4703
Sfmt 4703
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
a. To a Member of Congress or to a
Congressional staff member in response
to an inquiry of the Congressional office,
made at the written request of the
constituent about whom the record is
maintained.
b. To the National Archives and
Records Administration (NARA) for
records management purposes.
c. To Agency contractors, grantees,
consultants, or experts who have been
engaged to assist the agency in the
performance of a Federal duty to which
the information is relevant.
d. To a Federal, State, local, foreign,
or tribal or other public authority, on
request, in connection with the hiring or
retention of an employee, the issuance
or retention of a security clearance, the
letting of a contract, or the issuance or
retention of a license, grant, or other
benefit, to the extent that the
information is relevant and necessary to
the requesting agency’s decision.
e. To the Office of Management and
Budget (OMB) when necessary to the
review of private relief legislation
pursuant to OMB circular No. A–19.
f. To designated Agency personnel for
the purpose of performing an authorized
audit or oversight evaluation.
g. To the Office of Personnel
Management (OPM), the Office of
Management and Budget (OMB), the
Government Accountability Office
(GAO), or other Federal agencies when
the information is required for program
evaluation purposes.
h. To appropriate agencies, entities,
and persons when (1) the Agency
suspects or has confirmed that the
security or confidentiality of
information in the system of records has
been compromised; (2) the Agency has
determined that as a result of the
suspected or confirmed compromise
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by
GSA or another agency or entity) that
rely upon the compromised
information; (3) the disclosure made to
such agencies, entities, and persons is
reasonably necessary to assist in
connection with GSA’s efforts to
respond to the suspected or confirmed
compromise and prevent, minimize, or
remedy such harm.
i. In any criminal, civil or
administrative legal proceeding, where
pertinent, to which GSA, a GSA
employee, or the United States or other
entity of the United States Government
E:\FR\FM\12AUN1.SGM
12AUN1
Federal Register / Vol. 79, No. 155 / Tuesday, August 12, 2014 / Notices
is a party before a court or
administrative body.
j. To an appeal, grievance, hearing, or
complaints examiner; an equal
employment opportunity investigator,
arbitrator, or mediator; and/or an
exclusive representative or other person
authorized to investigate or settle a
grievance, complaint, or appeal filed by
an individual who is the subject of the
record.
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Computer records are stored on a
secure server and accessed over the Web
via encryption software. Paper records,
when created, are kept in file folders
and cabinets in secure rooms. When
individuals download information it is
kept on encrypted computers that are
accessed using PIV credentials. It is
their responsibility to protect the data,
including compliance with HCO 2180.1,
GSA Rules of Behavior for Handling
Personally Identifiable Information (PII).
RETRIEVABILITY:
Records are retrievable by a
combination of first name and last
name. Group records are retrieved by
organizational code or other listed
identifiers as configured in the
application by the program office for
their program requirements.
emcdonald on DSK67QTVN1PROD with NOTICES
Records are retained and disposed of
according to GSA records maintenance
and disposition schedules, GSA Records
Maintenance and Disposition System
(CIO P 1820.1), GSA 1820.2A, and
requirements of the National Archives
and Records Administration.
17:45 Aug 11, 2014
Jkt 232001
Dated: August 7, 2014.
James L. Atwater,
Director, Policy and Compliance Division,
Office of the Chief Information Officer.
GSA/CIO–1
RECORD ACCESS PROCEDURES:
Individuals wishing to access their
own records should contact the system
manager at the address above.
SYSTEM NAME:
CONTESTING RECORD PROCEDURES:
SYSTEM LOCATION:
Rules for contesting the content of a
record and appealing a decision are
contained in 41 CFR 105–64.
GCIMS comprises a web-based
application and data is maintained in a
secure server facility in Fort Worth, TX
and Kansas City, MO. Additionally,
some fingerprint data may be stored in
other GSA facilities to handle
adjudications for employees and
contractors located in GSA facilities
where staffed fingerprint collection
stations have been established to handle
the contractor and employee Personal
Identity Verification (PIV) process.
Contact the System Manager for
additional information.
RECORD SOURCE CATEGORIES:
The sources for information in the
system are the individuals about whom
the records are maintained, the
supervisors of those individuals,
existing GSA systems, a sponsoring
agency, a former sponsoring agency,
other Federal agencies, contract
employers, or former employers.
GSA Credential and Identity
Management System (GCIMS).
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
RETENTION AND DISPOSAL:
VerDate Mar<15>2010
wide review of its Privacy Act systems
of records. As a result of the review,
GSA is publishing an updated Privacy
Act system of records notice.
The revised system notice reflects
additional data that is collected and
stored within the system. This update
does not change individuals’ rights to
access or amend their records in the
system of records.
BILLING CODE 6820–14–P
Cloud systems are authorized to
operate separately by the GSA CIO at
the moderate level. All GSA Users
utilize two-factor authentication to
access Google Apps and Salesforce.com.
Access is limited to authorized
individuals with passwords or keys.
Computer records are protected by a
password system that is compliant with
National Institute of Standards and
Technology standards. Paper records are
stored in locked metal containers or in
secured rooms when not in use.
Information is released to authorized
officials based on their need to know.
Director, Office of Enterprise
Solutions, General Services
Administration, 1800 F Street NW.,
Washington, DC 20405.
An individual can determine if this
system contains a record pertaining to
him/her by sending a request in writing,
signed, to the System Manager at the
above address. When requesting
notification of or access to records
covered by this notice, an individual
should provide his/her full name, date
of birth, region/office, and work
location. An individual requesting
notification of records in person must
provide identity documents sufficient to
satisfy the custodian of the records that
the requester is entitled to access.
[FR Doc. 2014–19071 Filed 8–11–14; 8:45 am]
SAFEGUARDS:
SYSTEM MANAGER AND ADDRESS:
NOTIFICATION PROCEDURE:
47139
GENERAL SERVICES
ADMINISTRATION
[Notice–CIB–2014–02; Docket No. 2014–
0002; Sequence No. 22]
Privacy Act of 1974; Notice of Updated
Systems of Records
General Services
Administration.
ACTION: Notice.
AGENCY:
GSA reviewed its Privacy Act
systems to ensure that they are relevant,
necessary, accurate, up-to-date and
covered by the appropriate legal or
regulatory authority. This notice is an
updated Privacy Act system of records
notice.
DATES: September 11, 2014.
ADDRESSES: GSA Privacy Act Officer
(ISP), General Services Administration,
1800 F Street NW., Washington, DC
20405.
FOR FURTHER INFORMATION CONTACT: Call
or email the GSA Privacy Act Officer
telephone 202–208–1317; email
gsa.privacyact@gsa.gov.
SUPPLEMENTARY INFORMATION: GSA
undertook and completed an agencySUMMARY:
PO 00000
Frm 00058
Fmt 4703
Sfmt 4703
Individuals who require routine
access to agency facilities and
information technology systems,
including:
a. Federal employees.
b. Contractors.
c. Child care workers and other
temporary workers with similar access
requirements.
The system does not apply to
occasional visitors or short-term guests,
to whom GSA facilities may issue local
Facility Access Cards (FAC).
CATEGORIES OF RECORDS IN THE SYSTEM:
The system contains information
needed for issuing and maintaining
HSPD–12 credentials and also access
privilege information. Records may
include:
• Employee/contractor/other worker
full name
• Social Security Number (SSN)
• Date of birth
• Place of birth
• Height
• Weight
• Hair color
• Eye color
• Sex
• Citizenship
E:\FR\FM\12AUN1.SGM
12AUN1
]]>Agencies
[Federal Register Volume 79, Number 155 (Tuesday, August 12, 2014)]
[Notices]
[Pages 47138-47139]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-19071]
[[Page 47138]]
-----------------------------------------------------------------------
GENERAL SERVICES ADMINISTRATION
[Notice-CIB-2014-03; Docket No. 2014-0002; Sequence No. 23]
Privacy Act of 1974; Notice of an Updated System of Records
AGENCY: General Services Administration (GSA).
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: GSA proposes to update a system of records subject to the
Privacy Act of 1974, as amended, 5 U.S.C. 552a.
DATES: September 11, 2014.
ADDRESSES: GSA Privacy Act Officer (ISP), General Services
Administration, 1800 F Street NW., Washington, DC 20405.
FOR FURTHER INFORMATION CONTACT: Call or email the GSA Privacy Act
Officer: telephone 202-208-1317; email gsa.privacyact@gsa.gov.
SUPPLEMENTARY INFORMATION: GSA proposes to update a system of records
subject to the Privacy Act of 1974, 5 U.S.C. 552a.
The updated system will allow the public and GSA Users to utilize
the SalesForce application environment and the Google Apps platform
used by the GSA.
Dated: August 7, 2014.
James L. Atwater,
Director, Policy and Compliance Division, Office of the Chief
Information Officer.
GSA/CIO-3
SYSTEM NAME:
GSA's Enterprise Organization of Google Applications, Moderate
Impact Software as a Service Cloud (SaaS) Minor Applications & GSA's
EEO Org of Salesforce.com. This system is a compilation of GSA's Cloud
based minor applications implemented across various vendors as well as
GSA applications, all of which are part of the Enterprise Cloud
Services (ECS) system.
SYSTEM LOCATION:
Enterprise Cloud Services (ECS) is a singular component system
managed by the Applied Solutions Division, a division of Office of the
Chief Information Officer. The ECS system is housed in secure
datacenters hosted by GSA in Kansas City (Region 6) and Fort Worth
(Region 7) and the Stennis DataCenter in Hancock County, MS as well as
Cloud components as part of GSA's implementation of Google Apps,
Moderate Impact SaaS minor applications and GSA's EEO Org of
Salesforce.com implemented by GSA with varying Cloud based Software as
a Service (SaaS) vendors. In addition, some employees and contractors
may download and store information from this system. Those copies are
located within the employees' or contractors' offices or on encrypted
workstations issued by GSA for individuals when they are out of the
office.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The categories of individuals covered by this system are the public
who access, or are granted access to, specific minor applications in
either the Google Apps or Salesforce.com environment in GSA and
individuals collectively referred to as ``GSA Users'', which are GSA
employed individuals who require routine access to agency information
technology systems, including federal employees, contractors, child
care workers and other temporary workers with similar access
requirements. The system does not apply to or contain occasional
visitors or short-term guests not cleared for use under HSPD-12.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system contains information needed for the functionality of
specific minor applications that are developed for either GSA's
implementation of Google Apps or Salesforce.com. This system contains
the following information:
Public individuals defined under Categories of Individuals above/
employee/contractor/other worker's full name.
Organization/office of assignment.
Company/agency name.
Work address.
Work telephone number.
Social Security Number.
Personal physical home address.
Personal home or mobile phone.
Personal email addresses.
Individual work related records.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301, 40 U.S.C. 11315, 44 U.S.C. 3506, E.O. 9397, as
amended, and Homeland Security Presidential Directive 12 (HSPD-12).
PURPOSES:
For the functionality and use of specific minor applications within
GSA's implementation of Google Apps & Salesforce.com. Information may
be collected to meet the business requirements of the application,
site, group or instance. The new system will allow users to utilize the
SalesForce application environment and the Google Apps platform used by
the GSA.
A listing of applications covered by this SORN can be found at:
https://www.gsa.gov/portal/content/102236.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
a. To a Member of Congress or to a Congressional staff member in
response to an inquiry of the Congressional office, made at the written
request of the constituent about whom the record is maintained.
b. To the National Archives and Records Administration (NARA) for
records management purposes.
c. To Agency contractors, grantees, consultants, or experts who
have been engaged to assist the agency in the performance of a Federal
duty to which the information is relevant.
d. To a Federal, State, local, foreign, or tribal or other public
authority, on request, in connection with the hiring or retention of an
employee, the issuance or retention of a security clearance, the
letting of a contract, or the issuance or retention of a license,
grant, or other benefit, to the extent that the information is relevant
and necessary to the requesting agency's decision.
e. To the Office of Management and Budget (OMB) when necessary to
the review of private relief legislation pursuant to OMB circular No.
A-19.
f. To designated Agency personnel for the purpose of performing an
authorized audit or oversight evaluation.
g. To the Office of Personnel Management (OPM), the Office of
Management and Budget (OMB), the Government Accountability Office
(GAO), or other Federal agencies when the information is required for
program evaluation purposes.
h. To appropriate agencies, entities, and persons when (1) the
Agency suspects or has confirmed that the security or confidentiality
of information in the system of records has been compromised; (2) the
Agency has determined that as a result of the suspected or confirmed
compromise there is a risk of harm to economic or property interests,
identity theft or fraud, or harm to the security or integrity of this
system or other systems or programs (whether maintained by GSA or
another agency or entity) that rely upon the compromised information;
(3) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with GSA's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
i. In any criminal, civil or administrative legal proceeding, where
pertinent, to which GSA, a GSA employee, or the United States or other
entity of the United States Government
[[Page 47139]]
is a party before a court or administrative body.
j. To an appeal, grievance, hearing, or complaints examiner; an
equal employment opportunity investigator, arbitrator, or mediator;
and/or an exclusive representative or other person authorized to
investigate or settle a grievance, complaint, or appeal filed by an
individual who is the subject of the record.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Computer records are stored on a secure server and accessed over
the Web via encryption software. Paper records, when created, are kept
in file folders and cabinets in secure rooms. When individuals download
information it is kept on encrypted computers that are accessed using
PIV credentials. It is their responsibility to protect the data,
including compliance with HCO 2180.1, GSA Rules of Behavior for
Handling Personally Identifiable Information (PII).
RETRIEVABILITY:
Records are retrievable by a combination of first name and last
name. Group records are retrieved by organizational code or other
listed identifiers as configured in the application by the program
office for their program requirements.
SAFEGUARDS:
Cloud systems are authorized to operate separately by the GSA CIO
at the moderate level. All GSA Users utilize two-factor authentication
to access Google Apps and Salesforce.com. Access is limited to
authorized individuals with passwords or keys. Computer records are
protected by a password system that is compliant with National
Institute of Standards and Technology standards. Paper records are
stored in locked metal containers or in secured rooms when not in use.
Information is released to authorized officials based on their need to
know.
RETENTION AND DISPOSAL:
Records are retained and disposed of according to GSA records
maintenance and disposition schedules, GSA Records Maintenance and
Disposition System (CIO P 1820.1), GSA 1820.2A, and requirements of the
National Archives and Records Administration.
SYSTEM MANAGER AND ADDRESS:
Director, Office of Enterprise Solutions, General Services
Administration, 1800 F Street NW., Washington, DC 20405.
NOTIFICATION PROCEDURE:
An individual can determine if this system contains a record
pertaining to him/her by sending a request in writing, signed, to the
System Manager at the above address. When requesting notification of or
access to records covered by this notice, an individual should provide
his/her full name, date of birth, region/office, and work location. An
individual requesting notification of records in person must provide
identity documents sufficient to satisfy the custodian of the records
that the requester is entitled to access.
RECORD ACCESS PROCEDURES:
Individuals wishing to access their own records should contact the
system manager at the address above.
CONTESTING RECORD PROCEDURES:
Rules for contesting the content of a record and appealing a
decision are contained in 41 CFR 105-64.
RECORD SOURCE CATEGORIES:
The sources for information in the system are the individuals about
whom the records are maintained, the supervisors of those individuals,
existing GSA systems, a sponsoring agency, a former sponsoring agency,
other Federal agencies, contract employers, or former employers.
[FR Doc. 2014-19071 Filed 8-11-14; 8:45 am]
BILLING CODE 6820-14-P
