Notification of a New System of Records Notice for the EPA Personnel Access and Security System (EPASS), 49076-49078 [2014-19689]
Download as PDF
<![CDATA[
49076
Federal Register / Vol. 79, No. 160 / Tuesday, August 19, 2014 / Notices
Intent (LOI) (assuming one person per
estimated submission) and 1,920
reviewers of proposals submitted
through Grants.gov.
(6) Annual Estimated Number of
Total Responses: Annual Estimated
Number of Total Responses: The Office
of Science receives about 1,000 DOE
national laboratory and interagency
proposals per year, based on an average
of estimated submission numbers (fiscal
year 2006 through fiscal year 2014) and
about 7,000 pre-proposals and letters of
intent per year, based on an estimate of
about 200 per solicitation and the
number of solicitations per year (about
35, based on an average between fiscal
year 2006 and fiscal year 2014).
(7) Annual Estimated Number of
Burden Hours: The time it takes to
complete a form depends upon the type
of form being completed. External users
will need to register with PAMS in
order to access the system. It takes
approximately 30 minutes for external
users to complete the forms required to
become a registered PAMS user. Both
LOI and pre-proposal forms take 15
minutes each, whereas completing a
lab/interagency proposal will take about
2 hours. The reviewers require about 1
hour of analysis, per submission. Based
on the annual estimated number of
responses, broken down by DOE
national laboratory, letter of intent and
pre-proposal, the annual estimated time
required for reviewers to complete
analysis or responses and the time
required for external users to register
with PAMS, the estimated annual
number of burden hours is 10,630.
Total number of unduplicated
respondents: 9,920.
Reports filed per person: 1.
Total annual responses: 9,920.
Total annual burden hours: 10,630.
(8) Annual Estimated Reporting and
Recordkeeping Cost Burden: $0.
Statutory Authority: Section 641 of the
Department of Energy Organization Act,
codified at 42 U.S.C. 7251.
Issued in Washington, DC, on August 12,
2014.
Marina Amoroso,
Deputy Project Manager for Information
Technology and Services Office of Science.
[FR Doc. 2014–19676 Filed 8–18–14; 8:45 am]
tkelley on DSK3SPTVN1PROD with NOTICES
BILLING CODE 6450–01–P
DEPARTMENT OF ENERGY
National Electric Transmission
Congestion Study
Department of Energy.
ACTION: Notice of Public Comment.
AGENCY:
VerDate Mar<15>2010
16:30 Aug 18, 2014
Jkt 232001
The Department of Energy
(Department) invites public comment on
the draft National Electric Transmission
Congestion Study.
SUMMARY:
Comments must be received on
or before October 20, 2014.
DATES:
The draft study is available
for review at https://www.energy.gov/
node/942311. Written comments may be
submitted electronically to
Congestionstudy.comments@hq.doe.gov.
Written comments may also be
delivered by conventional mail to David
Meyer, Office of Electricity Delivery and
Energy Reliability, U.S. Department of
Energy, 1000 Independence Ave. SW.,
Washington, DC 20585. Commenters are
cautioned, however, that all
conventional mail to the Department is
subject to an automatic security
screening process that may take up to
three weeks and sometimes renders
mailed material illegible.
ADDRESSES:
FOR FURTHER INFORMATION CONTACT:
David Meyer, at David.Meyer@
hq.doe.gov, or telephone 202–586–1411.
Section
1221(a) of the Energy Policy Act of
2005, codified at 16 U.S.C. 824p(a),
directs the Secretary of Energy to
conduct an electric transmission
congestion study every three years, and
to prepare it in consultation with
affected states and regional reliability
organizations. In the study, the
Department seeks to provide
information about transmission
congestion by focusing on specific
indications of transmission constraints
and congestion and their consequences.
The study focuses on a specific time
frame—i.e., historical trends over the
past few years, and looking forward
three to five years. The study is based
entirely on publicly available data and
transmission-related documents.
The draft study is available for review
at https://www.energy.gov/node/942311.
All comments received will be made
publicly available on https://
www.energy.gov/node/942311. After
reviewing and considering the public
comments, the Department will prepare
and release a final version of the study.
SUPPLEMENTARY INFORMATION:
Issued at Washington, DC, on August 14,
2014.
Patricia A. Hoffman,
Assistant Secretary, Office of Electricity
Delivery and Energy Reliability.
[FR Doc. 2014–19690 Filed 8–18–14; 8:45 am]
BILLING CODE 6450–01–P
PO 00000
Frm 00029
Fmt 4703
Sfmt 4703
ENVIRONMENTAL PROTECTION
AGENCY
[FRL–9915–14–OARM; EPA–HQ–OEI–2012–
0836]
Notification of a New System of
Records Notice for the EPA Personnel
Access and Security System (EPASS)
Environmental Protection
Agency.
ACTION: Notice.
AGENCY:
The U.S. Environmental
Protection Agency’s (EPA) Office of
Administration and Resource
Management, Office of Administration,
Security Management Division is giving
notice that it proposes to create a new
system of records pursuant to the
provisions of the Privacy Act of 1974 (5
U.S.C. 552a). The EPA Personnel Access
and Security System (EPASS) is being
created to comply with the Homeland
Security Presidential Directive-12
(HSPD–12), which was issued on
August 12, 2004 and signed on August
27, 2004. HSPD–12 mandates a
government-wide federal standard for
ensuring that identification cards issued
to government employees and
contractors are reliable and secure.
EPASS complies with the federal
requirements and will enhance security,
increase efficiency, reduce identity
fraud, and protect personal privacy.
DATES: Persons wishing to comment on
this new system of records notice must
do so by September 29, 2014.
ADDRESS: Submit your comments,
identified by Docket ID No. EPA–HQ–
2012–0836, by mail:
• www.regulations.gov: Follow the
online instructions for submitting
comments.
• Email: oei.docket@epa.gov.
• Fax: 202–566–1752.
• Mail: OEI Docket, Environmental
Protection Agency, Mail code: 2822T,
1200 Pennsylvania Ave. NW.,
Washington, DC 20460.
• Hand Delivery: OEI Docket, EPA/
DC, EPA West Building, Room 3334,
1301 Constitution Ave. NW.,
Washington, DC. Such deliveries are
only accepted during the docket’s
normal hours of operation, and special
arrangements should be made for
deliveries of boxed information.
Instructions: Direct your comments to
Docket ID No. EPA–HQ–OEI–2012–
0836. EPA’s policy is that all comments
received will be included in the public
docket without change and may be
made available online at
www.regulations.gov, including any
personal information provided, unless
the comment includes information
SUMMARY:
E:\FR\FM\19AUN1.SGM
19AUN1
tkelley on DSK3SPTVN1PROD with NOTICES
Federal Register / Vol. 79, No. 160 / Tuesday, August 19, 2014 / Notices
claimed to be Confidential Business
Information (CBI) or other information
for which disclosure is restricted by
statute. Do not submit information that
you consider to be CBI or otherwise
protected through www.regulations.gov.
The www.regulations.gov Web site is an
‘‘anonymous access’’ system, which
means EPA will not know your identity
or contact information unless you
provide it in the body of your comment.
If you send an email comment directly
to EPA without going through
www.regulations.gov your email address
will be automatically captured and
included as part of the comment that is
placed in the public docket and made
available on the Internet. If you submit
an electronic comment, EPA
recommends that you include your
name and other contact information in
the body of your comment and with any
disk or CD–ROM you submit. If EPA
cannot read your comment due to
technical difficulties and cannot contact
you for clarification, EPA may not be
able to consider your comment.
Electronic files should avoid the use of
special characters, any form of
encryption, and be free of any defects or
viruses. For additional information
about EPA’s public docket visit the EPA
Docket Center homepage at https://
www.epa.gov/epahome/dockets.htm.
Docket: All documents in the docket
are listed in the www.regulations.gov
index. Although listed in the index,
some information is not publicly
available (e.g., CBI or other information
for which disclosure is restricted by
statute). Certain other material, such as
copyrighted material, will be publicly
available only in hard copy. Publicly
available docket materials are available
either electronically in
www.regulations.gov or in hard copy at
the OEI Docket, EPA/DC, EPA West
Building, Room 3334, 1301 Constitution
Ave. NW., Washington, DC. The Public
Reading Room is open from 8:30 a.m. to
4:30 p.m., Monday through Friday
excluding legal holidays. The telephone
number for the Public Reading Room is
(202) 566–1744, and the telephone
number for the OEI Docket is (202) 566–
1745.
FOR FURTHER INFORMATION CONTACT:
Kelly Glazier, Security Management
Division (SMD) Acting Director, (202)
564–0351.
SUPPLEMENTARY INFORMATION:
General Information
The U.S. Environmental Protection
Agency (EPA) plans to create a Privacy
Act system of records for the EPA
Personnel Access and Security System
(EPASS). This system is being created
VerDate Mar<15>2010
16:30 Aug 18, 2014
Jkt 232001
for the purpose of issuing credentials to
EPA employees and its contractors that
meet the requirements of Homeland
Security Presidential Directive 12
(HSPD–12) issued on August 12, 2004.
The Directive requires the development
of a mandatory, government-wide
standard for issuing secure and reliable
forms of identification to executive
branch employees and federal
contractors for access to federally
controlled facilities and networks.
The National Institute of Standards
and Technology (NIST) further defined
the issuance standards in Federal
Information Processing (FIP) Standards
Publication 201which describes the
minimum requirements for a federal
personal identification verification (PIV)
system. EPA’s identification system,
EPASS, complies with all HSPD–12
requirements. It is designed to link a
person’s identity to an identification
credential and link the credential to a
person’s ability to physically and
logically access federally-controlled
buildings and information systems.
EPASS will contain information on all
Agency employees, contractors,
consultants, volunteers and other
workers who require long-term, regular
access, as required by their position, to
federal facilities, systems and networks.
The personal information collected in
the personnel enrollment process
consists of data elements necessary to
verify the identity of the individual and
to perform background or other
investigations. EPASS will collect the
applicant’s name, date of birth, Social
Security Number, organizational
affiliations, fingerprints, work email
address and phone number(s), other
verification and demographic
information, and the applicant’s
photograph.
Dated: June 24, 2014.
Renee P. Wynn,
Acting Assistant Administrator, and Acting
Chief Information Officer.
EPA–62
SYSTEM NAME:
EPA Personnel Access and Security
System (EPASS)
SYSTEM LOCATION:
Environmental Protection Agency,
Office of Administration and Resource
Management (OARM), Office of
Administration (OA), Ariel Rios
Building, MC3201A, 1200 Pennsylvania
Ave. NW., Washington, DC 20460.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
The System will collect and maintain
information on individuals who require
PO 00000
Frm 00030
Fmt 4703
Sfmt 4703
49077
long-term, regular access as required by
their position, to EPA-controlled
facilities and information technology
systems, including federal employees,
contractors, grantees, students, interns,
volunteers, other non-federal employees
and individuals formerly in any of these
positions. The System does not collect
information on occasional visitors or
short-term guests to whom the Agency
may issue temporary identification.
CATEGORIES OF RECORDS IN THE SYSTEM:
Enrollment records: full name and
history of name changes, social security
number, applicant ID number, date of
birth, gender, race, height, weight, hair
color, eye color, digital color
photograph, fingerprints, biometric
template (two fingerprints), employee
affiliation, work email address, work
telephone number(s), office location and
organizational unit, employee status,
foreign national status, federal
emergency response official status,
National Agency Check with Inquiries
(NACI) status (permanent or
provisional), citizenship status,
government agency code, computer
login name/user principal name (UPN),
and personal identification verification
(PIV) card issuance location. Records in
EPASS’s Identity Management System
(IDMS) and Card Management System
(CMS) are needed for credential
management of enrolled individuals and
include PIV card serial number, digital
certificate serial number, PIV card
issuance and expiration dates, PIV card
personal identification number (PIN),
cardholder unique identifier (CHUID),
and card management keys. All
sponsored individuals enrolled within
EPASS may be issued a PIV card. The
PIV card contains the following
mandatory information: name,
photograph, individual’s affiliation,
organizational affiliation, PIV card
expiration date, Agency card serial
number, and color-coding for employee
affiliation. The card also contains an
integrated circuit chip which is encoded
with the following data elements:
cardholder unique identifier (CHUID),
PIV authentication digital certificate,
and two fingerprint biometric minutiae
templates.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Government Organization and
Employees (5 U.S.C. 301); Public
Buildings under the control of
Administrator of General Services (40
U.S.C. 3101); Federal Information
Security Management Act of 2002 (44
U.S.C. 3541); E-Government Act of 2002
(44 U.S.C. 101); Paperwork Reduction
Act of 1995 (44 U.S.C. 3501); Executive
Order 9347 (Nov. 22, 1943); and
E:\FR\FM\19AUN1.SGM
19AUN1
49078
Federal Register / Vol. 79, No. 160 / Tuesday, August 19, 2014 / Notices
Homeland Security Presidential
Directive 12 (HSPD–12) (August 27,
2004).
PURPOSE(S):
Persons given roles in the EPASS
HSPD–12 process must be screened and
complete training specific to their roles
to ensure they are knowledgeable about
how to protect PII.
• Retention and Disposal: Records are
retained and disposed of in accordance
with EPA’s records schedule 089.
The primary purposes of the System
are to: (1) Ensure the safety and security
of Federal facilities, systems, or
information, and of facility occupants
and users; (2) provide for
interoperability and trust in allowing
physical access to individuals entering
Federal facilities; and (3) allow logical
access to Federal information systems,
networks, and resources on a
government-wide basis.
SYSTEM MANAGER(S) AND ADDRESS:
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
NOTIFICATION PROCEDURES:
General routine uses A, B, C, D E, F,
G, H, I, J, K, and L apply to this System.
tkelley on DSK3SPTVN1PROD with NOTICES
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
• Storage: Records are stored on a
secure server within the EPASS subsystem Fingerprint Transmission
System (FTS) and can be accessed over
the Web using encryption software. The
records are kept for 120 days and are
either manually or automatically
deleted.
• Retrievability: Records can only be
retrieved within the System database,
which requires authorized user login/
password credentials and administrative
privileges to retrieve personal data
within a Web instance of the system by
using a combination of first name and
last name.
• Safeguards: Consistent with the
requirements of the Federal Information
Security Management Act and
associated OMB policies, standards and
guidance from the National Institute of
Standards and Technology, EPA
protects all records from unauthorized
access through appropriate
administrative, physical, and technical
safeguards. Buildings have security
guards and secured doors. All entrances
are monitored through electronic
surveillance equipment. Physical
security controls include indoor and
outdoor security monitoring and
surveillance, badge and picture ID
access screening and biometric access
screening. Personally identifiable
information (PII) is safeguarded and
protected in conformance with all
Federal statutes and Office of
Management and Budget (OMB)
requirements. All access has role-based
restrictions. Individuals granted access
privileges must be screened for proper
credentials. EPA maintains an audit trail
and performs random periodic reviews
to identify any unauthorized access.
VerDate Mar<15>2010
16:30 Aug 18, 2014
Jkt 232001
Director, Office of Administration and
Resources Management (OARM), Office
of Administration (OA), Environmental
Protection Agency, 1200 Pennsylvania
Avenue NW., Washington, DC 20460.
Any individual who wants to know
whether this System of records contains
a record about him or her, who wants
access to his or her record, or who
wants to contest the contents of a
record, should make a written request to
the EPA FOIA Office, Attn: Privacy Act
Officer, MC2822T, 1200 Pennsylvania
Avenue NW., Washington, DC 20460.
RECORD ACCESS PROCEDURE:
Requests for access must be made in
accordance with the procedures
described in EPA’s Privacy Act
regulations at 40 CFR part 16.
Requesters will be required to provide
adequate identification, such as a
driver’s license, employee identification
card, or other identifying document.
Additional identification procedures
may be required in some instances.
CONTESTING RECORDS PROCEDURE:
Requests for correction or amendment
must identify the record to be changed
and the corrective action sought.
Complete EPA Privacy Act procedures
are described in EPA’s Privacy Act
regulations at 40 CFR part 16.
RECORD SOURCE CATEGORIES:
The sources for information in the
system are the individuals about whom,
the records are maintained, the
supervisors of those individuals,
existing EPA systems, the sponsoring
agency, the former sponsoring agency,
other Federal agencies, the contract
employer, the former contract employer
and the U.S. Office of Personnel
Management (OPM).
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS
OF THE ACT:
None.
[FR Doc. 2014–19689 Filed 8–18–14; 8:45 am]
BILLING CODE 6560–50–P
PO 00000
Frm 00031
Fmt 4703
Sfmt 4703
EXPORT-IMPORT BANK
[Public Notice: 2014–0040]
Application for Final Commitment for a
Long-Term Loan or Financial
Guarantee in Excess of $100 Million:
AP088876XX
Export-Import Bank of the
United States.
ACTION: Notice.
AGENCY:
This Notice is to inform the
public, in accordance with Section
3(c)(10) of the Charter of the ExportImport Bank of the United States (‘‘ExIm Bank’’), that Ex-Im Bank has received
an application for final commitment for
a long-term loan or financial guarantee
in excess of $100 million (as calculated
in accordance with Section 3(c)(10) of
the Charter). Comments received within
the comment period specified below
will be presented to the Ex-Im Bank
Board of Directors prior to final action
on this Transaction.
DATES: Comments must be received on
or before September 15, 2014 to be
assured of consideration before final
consideration of the transaction by the
Board of Directors of Ex-Im Bank.
ADDRESSES: Comments may be
submitted through Regulations.gov at
WWW.REGULATIONS.GOV. To submit
a comment, enter EIB–2014–0040 under
the heading ‘‘Enter Keyword or ID’’ and
select Search. Follow the instructions
provided at the Submit a Comment
screen. Please include your name,
company name (if any) and EIB–2014–
0040 on any attached document.
Reference: AP088876XX.
SUMMARY:
Purpose and Use
Brief description of the purpose of the
transaction:
To support the export of U.S.manufactured commercial aircraft to
Colombia.
Brief non-proprietary description of
the anticipated use of the items being
exported:
To be used by Avianca for passenger
transport between Colombia and other
countries in Latin America, North
America and Europe.
To the extent that Ex-Im Bank is
reasonably aware, the items being
exported may produce exports or
provide services in competition with the
exportation of goods or provision of
services by a United States industry.
Parties
Principal Supplier: The Boeing
Company.
Obligor: Avianca Holdings S.A.
Guarantor(s): Avianca S.A., TACA
International Airlines, S.A.
E:\FR\FM\19AUN1.SGM
19AUN1
]]>Agencies
[Federal Register Volume 79, Number 160 (Tuesday, August 19, 2014)]
[Notices]
[Pages 49076-49078]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-19689]
=======================================================================
-----------------------------------------------------------------------
ENVIRONMENTAL PROTECTION AGENCY
[FRL-9915-14-OARM; EPA-HQ-OEI-2012-0836]
Notification of a New System of Records Notice for the EPA
Personnel Access and Security System (EPASS)
AGENCY: Environmental Protection Agency.
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: The U.S. Environmental Protection Agency's (EPA) Office of
Administration and Resource Management, Office of Administration,
Security Management Division is giving notice that it proposes to
create a new system of records pursuant to the provisions of the
Privacy Act of 1974 (5 U.S.C. 552a). The EPA Personnel Access and
Security System (EPASS) is being created to comply with the Homeland
Security Presidential Directive-12 (HSPD-12), which was issued on
August 12, 2004 and signed on August 27, 2004. HSPD-12 mandates a
government-wide federal standard for ensuring that identification cards
issued to government employees and contractors are reliable and secure.
EPASS complies with the federal requirements and will enhance security,
increase efficiency, reduce identity fraud, and protect personal
privacy.
DATES: Persons wishing to comment on this new system of records notice
must do so by September 29, 2014.
ADDRESS: Submit your comments, identified by Docket ID No. EPA-HQ-2012-
0836, by mail:
www.regulations.gov: Follow the online instructions for
submitting comments.
Email: oei.docket@epa.gov.
Fax: 202-566-1752.
Mail: OEI Docket, Environmental Protection Agency, Mail
code: 2822T, 1200 Pennsylvania Ave. NW., Washington, DC 20460.
Hand Delivery: OEI Docket, EPA/DC, EPA West Building, Room
3334, 1301 Constitution Ave. NW., Washington, DC. Such deliveries are
only accepted during the docket's normal hours of operation, and
special arrangements should be made for deliveries of boxed
information.
Instructions: Direct your comments to Docket ID No. EPA-HQ-OEI-
2012-0836. EPA's policy is that all comments received will be included
in the public docket without change and may be made available online at
www.regulations.gov, including any personal information provided,
unless the comment includes information
[[Page 49077]]
claimed to be Confidential Business Information (CBI) or other
information for which disclosure is restricted by statute. Do not
submit information that you consider to be CBI or otherwise protected
through www.regulations.gov. The www.regulations.gov Web site is an
``anonymous access'' system, which means EPA will not know your
identity or contact information unless you provide it in the body of
your comment. If you send an email comment directly to EPA without
going through www.regulations.gov your email address will be
automatically captured and included as part of the comment that is
placed in the public docket and made available on the Internet. If you
submit an electronic comment, EPA recommends that you include your name
and other contact information in the body of your comment and with any
disk or CD-ROM you submit. If EPA cannot read your comment due to
technical difficulties and cannot contact you for clarification, EPA
may not be able to consider your comment. Electronic files should avoid
the use of special characters, any form of encryption, and be free of
any defects or viruses. For additional information about EPA's public
docket visit the EPA Docket Center homepage at https://www.epa.gov/epahome/dockets.htm.
Docket: All documents in the docket are listed in the
www.regulations.gov index. Although listed in the index, some
information is not publicly available (e.g., CBI or other information
for which disclosure is restricted by statute). Certain other material,
such as copyrighted material, will be publicly available only in hard
copy. Publicly available docket materials are available either
electronically in www.regulations.gov or in hard copy at the OEI
Docket, EPA/DC, EPA West Building, Room 3334, 1301 Constitution Ave.
NW., Washington, DC. The Public Reading Room is open from 8:30 a.m. to
4:30 p.m., Monday through Friday excluding legal holidays. The
telephone number for the Public Reading Room is (202) 566-1744, and the
telephone number for the OEI Docket is (202) 566-1745.
FOR FURTHER INFORMATION CONTACT: Kelly Glazier, Security Management
Division (SMD) Acting Director, (202) 564-0351.
SUPPLEMENTARY INFORMATION:
General Information
The U.S. Environmental Protection Agency (EPA) plans to create a
Privacy Act system of records for the EPA Personnel Access and Security
System (EPASS). This system is being created for the purpose of issuing
credentials to EPA employees and its contractors that meet the
requirements of Homeland Security Presidential Directive 12 (HSPD-12)
issued on August 12, 2004. The Directive requires the development of a
mandatory, government-wide standard for issuing secure and reliable
forms of identification to executive branch employees and federal
contractors for access to federally controlled facilities and networks.
The National Institute of Standards and Technology (NIST) further
defined the issuance standards in Federal Information Processing (FIP)
Standards Publication 201which describes the minimum requirements for a
federal personal identification verification (PIV) system. EPA's
identification system, EPASS, complies with all HSPD-12 requirements.
It is designed to link a person's identity to an identification
credential and link the credential to a person's ability to physically
and logically access federally-controlled buildings and information
systems.
EPASS will contain information on all Agency employees,
contractors, consultants, volunteers and other workers who require
long-term, regular access, as required by their position, to federal
facilities, systems and networks. The personal information collected in
the personnel enrollment process consists of data elements necessary to
verify the identity of the individual and to perform background or
other investigations. EPASS will collect the applicant's name, date of
birth, Social Security Number, organizational affiliations,
fingerprints, work email address and phone number(s), other
verification and demographic information, and the applicant's
photograph.
Dated: June 24, 2014.
Renee P. Wynn,
Acting Assistant Administrator, and Acting Chief Information Officer.
EPA-62
System Name:
EPA Personnel Access and Security System (EPASS)
System Location:
Environmental Protection Agency, Office of Administration and
Resource Management (OARM), Office of Administration (OA), Ariel Rios
Building, MC3201A, 1200 Pennsylvania Ave. NW., Washington, DC 20460.
Categories of Individuals Covered by the System:
The System will collect and maintain information on individuals who
require long-term, regular access as required by their position, to
EPA-controlled facilities and information technology systems, including
federal employees, contractors, grantees, students, interns,
volunteers, other non-federal employees and individuals formerly in any
of these positions. The System does not collect information on
occasional visitors or short-term guests to whom the Agency may issue
temporary identification.
Categories of Records in the System:
Enrollment records: full name and history of name changes, social
security number, applicant ID number, date of birth, gender, race,
height, weight, hair color, eye color, digital color photograph,
fingerprints, biometric template (two fingerprints), employee
affiliation, work email address, work telephone number(s), office
location and organizational unit, employee status, foreign national
status, federal emergency response official status, National Agency
Check with Inquiries (NACI) status (permanent or provisional),
citizenship status, government agency code, computer login name/user
principal name (UPN), and personal identification verification (PIV)
card issuance location. Records in EPASS's Identity Management System
(IDMS) and Card Management System (CMS) are needed for credential
management of enrolled individuals and include PIV card serial number,
digital certificate serial number, PIV card issuance and expiration
dates, PIV card personal identification number (PIN), cardholder unique
identifier (CHUID), and card management keys. All sponsored individuals
enrolled within EPASS may be issued a PIV card. The PIV card contains
the following mandatory information: name, photograph, individual's
affiliation, organizational affiliation, PIV card expiration date,
Agency card serial number, and color-coding for employee affiliation.
The card also contains an integrated circuit chip which is encoded with
the following data elements: cardholder unique identifier (CHUID), PIV
authentication digital certificate, and two fingerprint biometric
minutiae templates.
Authority for Maintenance of the System:
Government Organization and Employees (5 U.S.C. 301); Public
Buildings under the control of Administrator of General Services (40
U.S.C. 3101); Federal Information Security Management Act of 2002 (44
U.S.C. 3541); E-Government Act of 2002 (44 U.S.C. 101); Paperwork
Reduction Act of 1995 (44 U.S.C. 3501); Executive Order 9347 (Nov. 22,
1943); and
[[Page 49078]]
Homeland Security Presidential Directive 12 (HSPD-12) (August 27,
2004).
Purpose(s):
The primary purposes of the System are to: (1) Ensure the safety
and security of Federal facilities, systems, or information, and of
facility occupants and users; (2) provide for interoperability and
trust in allowing physical access to individuals entering Federal
facilities; and (3) allow logical access to Federal information
systems, networks, and resources on a government-wide basis.
Routine Uses of Records Maintained in the System, Including Categories
of Users and the Purposes of Such Uses:
General routine uses A, B, C, D E, F, G, H, I, J, K, and L apply to
this System.
Policies and Practices for Storing, Retrieving, Accessing, Retaining,
and Disposing of Records in the System:
Storage: Records are stored on a secure server within the
EPASS sub-system Fingerprint Transmission System (FTS) and can be
accessed over the Web using encryption software. The records are kept
for 120 days and are either manually or automatically deleted.
Retrievability: Records can only be retrieved within the
System database, which requires authorized user login/password
credentials and administrative privileges to retrieve personal data
within a Web instance of the system by using a combination of first
name and last name.
Safeguards: Consistent with the requirements of the
Federal Information Security Management Act and associated OMB
policies, standards and guidance from the National Institute of
Standards and Technology, EPA protects all records from unauthorized
access through appropriate administrative, physical, and technical
safeguards. Buildings have security guards and secured doors. All
entrances are monitored through electronic surveillance equipment.
Physical security controls include indoor and outdoor security
monitoring and surveillance, badge and picture ID access screening and
biometric access screening. Personally identifiable information (PII)
is safeguarded and protected in conformance with all Federal statutes
and Office of Management and Budget (OMB) requirements. All access has
role-based restrictions. Individuals granted access privileges must be
screened for proper credentials. EPA maintains an audit trail and
performs random periodic reviews to identify any unauthorized access.
Persons given roles in the EPASS HSPD-12 process must be screened and
complete training specific to their roles to ensure they are
knowledgeable about how to protect PII.
Retention and Disposal: Records are retained and disposed
of in accordance with EPA's records schedule 089.
System Manager(s) and Address:
Director, Office of Administration and Resources Management (OARM),
Office of Administration (OA), Environmental Protection Agency, 1200
Pennsylvania Avenue NW., Washington, DC 20460.
Notification Procedures:
Any individual who wants to know whether this System of records
contains a record about him or her, who wants access to his or her
record, or who wants to contest the contents of a record, should make a
written request to the EPA FOIA Office, Attn: Privacy Act Officer,
MC2822T, 1200 Pennsylvania Avenue NW., Washington, DC 20460.
Record Access Procedure:
Requests for access must be made in accordance with the procedures
described in EPA's Privacy Act regulations at 40 CFR part 16.
Requesters will be required to provide adequate identification, such as
a driver's license, employee identification card, or other identifying
document. Additional identification procedures may be required in some
instances.
Contesting Records Procedure:
Requests for correction or amendment must identify the record to be
changed and the corrective action sought. Complete EPA Privacy Act
procedures are described in EPA's Privacy Act regulations at 40 CFR
part 16.
Record Source Categories:
The sources for information in the system are the individuals about
whom, the records are maintained, the supervisors of those individuals,
existing EPA systems, the sponsoring agency, the former sponsoring
agency, other Federal agencies, the contract employer, the former
contract employer and the U.S. Office of Personnel Management (OPM).
Systems Exempted From Certain Provisions of the Act:
None.
[FR Doc. 2014-19689 Filed 8-18-14; 8:45 am]
BILLING CODE 6560-50-P
