Privacy Act of 1974; System of Records, 78412-78414 [2014-30223]
Download as PDF
78412
Federal Register / Vol. 79, No. 249 / Tuesday, December 30, 2014 / Notices
pursuant to 5 U.S.C. 552a(b)(3) as
follows:
Service member records are shared
with the Department of Veterans Affairs
(VA) as a checklist upon completion of
the program with the DoD.
LAW ENFORCEMENT ROUTINE USE:
If a system of records maintained by
a DoD Component to carry out its
functions indicates a violation or
potential violation of law, whether civil,
criminal, or regulatory in nature, and
whether arising by general statute or by
regulation, rule, or order issued
pursuant thereto, the relevant records in
the system of records may be referred,
as a routine use, to the agency
concerned, whether federal, state, local,
or foreign, charged with the
responsibility of investigating or
prosecuting such violation or charged
with enforcing or implementing the
statute, rule, regulation, or order issued
pursuant thereto.
CONGRESSIONAL INQUIRIES DISCLOSURE ROUTINE
USE:
Disclosure from a system of records
maintained by a DoD Component may
be made to a congressional office from
the record of an individual in response
to an inquiry from the congressional
office made at the request of that
individual.
DISCLOSURE TO THE DEPARTMENT OF JUSTICE
FOR LITIGATION ROUTINE USE:
A record from a system of records
maintained by a DoD Component may
be disclosed as a routine use to any
component of the Department of Justice
for the purpose of representing the
Department of Defense, or any officer,
employee or member of the Department
in pending or potential litigation to
which the record is pertinent.
DISCLOSURE OF INFORMATION TO THE NATIONAL
ARCHIVES AND RECORDS ADMINISTRATION
ROUTINE USE:
A record from a system of records
maintained by a DoD Component may
be disclosed as a routine use to the
National Archives and Records
Administration for the purpose of
records management inspections
conducted under authority of 44 U.S.C.
2904 and 2906.
mstockstill on DSK4VPTVN1PROD with NOTICES
DATA BREACH REMEDIATION PURPOSES ROUTINE
USE:
A record from a system of records
maintained by a Component may be
disclosed to appropriate agencies,
entities, and persons when (1) The
Component suspects or has confirmed
that the security or confidentiality of the
information in the system of records has
been compromised; (2) the Component
VerDate Sep<11>2014
21:42 Dec 29, 2014
Jkt 235001
has determined that as a result of the
suspected or confirmed compromise
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by the
Component or another agency or entity)
that rely upon the compromised
information; and (3) the disclosure
made to such agencies, entities, and
persons is reasonably necessary to assist
in connection with the Components
efforts to respond to the suspected or
confirmed compromise and prevent,
minimize, or remedy such harm.’’
NOTIFICATION PROCEDURE:
Delete entry and replace with
‘‘Individuals seeking to determine
whether information about themselves
is contained in this system should
address written inquiries to the
Principal Deputy for Care Coordination,
Office of Warrior Care Policy, Office of
the Secretary of Defense, OUSD (P&R)
WCP, 200 Stovall Street, Alexandria, VA
22332–0800.
Signed, written requests must contain
the individual’s full name, mailing
address and SSN.’’
RECORD ACCESS PROCEDURES:
Delete entry and replace with ‘‘Last
name, SSN, DoD ID number, Service,
component.’’
Delete entry and replace with
‘‘Individuals seeking access to
information about themselves contained
in this system should address written
inquiries to the Office of the Secretary
of Defense/Joint Staff Freedom of
Information Act Requester Service
Center, 1155 Defense Pentagon,
Washington DC 20301–1155.
Signed, written requests must include
the name and number of this system of
record notice, the Service member’s full
name and SSN.’’
SAFEGUARDS:
CONTESTING RECORD PROCEDURES:
Delete entry and replace with ‘‘The
servers are maintained at a military
installation with 24-hour guards and
maintained in a locked facility. The
servers and terminals are located in
restricted areas accessible only to
authorized persons that are properly
screened, cleared and trained. A system
administrator grants specific access
privileges and users are authenticated.
Access requires valid Common Access
Card (CAC)-based certificates and PIN.
Records are maintained in a secure,
password protected electronic system
that utilizes security hardware and
software that includes multiple
firewalls, active intruder detection,
encryption at rest and in transit,
external certificates, DoD public key
infrastructure certificates and role-based
access controls.’’
Delete entry and replace with ‘‘The
Office of the Secretary of Defense (OSD)
rules for accessing records, for
contesting contents and appealing
initial agency determinations are
published in OSD Administrative
Instruction 81, 32 CFR part 311; or may
be obtained from the system manager.’’
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Delete entry and replace with
‘‘Electronic storage media.’’
RETRIEVABILITY:
RECORD SOURCE CATEGORIES:
Delete entry and replace with
‘‘Service members, Defense Enrollment
Eligibility Reporting System (DEERS),
Operational Data Store Enterprise
(ODSE) system, Total Force Data
Warehouse, and Defense Casualty
Information Processing System
(DCIPS).’’
*
*
*
*
*
[FR Doc. 2014–30364 Filed 12–29–14; 8:45 am]
BILLING CODE 5001–06–P
RETENTION AND DISPOSAL:
Delete entry and replace with
‘‘Disposition pending (until the National
Archives and Records Administration
approves the retention and disposal
schedule, records will be treated as
permanent).’’
SYSTEM MANAGER(S) AND ADDRESS:
Frm 00032
Fmt 4703
Sfmt 4703
Office of the Secretary
[Docket ID DoD–2014–OS–0160]
Privacy Act of 1974; System of
Records
Office of the Secretary of
Defense, DoD.
ACTION: Notice to add a new System of
Records.
AGENCY:
Delete entry and replace with
‘‘Principal Deputy for Care
Coordination, Office of Warrior Care
Policy, Office of the Secretary of
Defense, OUSD (P&R) WCP, 200 Stovall
Street, Alexandria, VA 22332–0800.’’
PO 00000
DEPARTMENT OF DEFENSE
The Office of the Secretary of
Defense proposes to add a new system
SUMMARY:
E:\FR\FM\30DEN1.SGM
30DEN1
mstockstill on DSK4VPTVN1PROD with NOTICES
Federal Register / Vol. 79, No. 249 / Tuesday, December 30, 2014 / Notices
of records, DAU 08, entitled ‘‘Defense
Acquisition University Student
Information System (SIS)’’ to manage
administrative and academic functions
related to student registration, and
courses attempted and completed.
Records are used to verify attendance
and grades, and are also used as a
management tool for statistical analysis,
tracking, and reporting.
DATES: Comments will be accepted on or
before January 29, 2015. This proposed
action will be effective the day
following the end of the comment
period unless comments are received
which result in a contrary
determination.
ADDRESSES: You may submit comments,
identified by docket number and title,
by any of the following methods:
• Federal Rulemaking Portal: https://
www.regulations.gov. Follow the
instructions for submitting comments.
• Mail: Federal Docket Management
System Office, 4800 Mark Center Drive,
East Tower, 2nd Floor, Suite 02G09,
Alexandria, VA 22350–3100.
Instructions: All submissions received
must include the agency name and
docket number for this Federal Register
document. The general policy for
comments and other submissions from
members of the public is to make these
submissions available for public
viewing on the Internet at https://
www.regulations.gov as they are
received without change, including any
personal identifiers or contact
information.
FOR FURTHER INFORMATION CONTACT: Ms.
Cindy Allard, Chief, OSD/JS Privacy
Office, Freedom of Information
Directorate, Washington Headquarters
Service, 1155 Defense Pentagon,
Washington, DC 20301–1155, or by
phone at (571) 372–0461.
SUPPLEMENTARY INFORMATION: The Office
of the Secretary of Defense notices for
systems of records subject to the Privacy
Act of 1974 (5 U.S.C. 552a), as amended,
have been published in the Federal
Register and are available from the
address in FOR FURTHER INFORMATION
CONTACT or at https://dpcld.defense.
gov/. The proposed system report, as
required by 5 U.S.C. 552a(r) of the
Privacy Act of 1974, as amended, was
submitted on December 16, 2014, to the
House Committee on Oversight and
Government Reform, the Senate
Committee on Governmental Affairs,
and the Office of Management and
Budget (OMB) pursuant to paragraph 4c
of Appendix I to OMB Circular No. A–
130, ‘‘Federal Agency Responsibilities
for Maintaining Records About
Individuals,’’ dated February 8, 1996
(February 20, 1996, 61 FR 6427).
VerDate Sep<11>2014
21:42 Dec 29, 2014
Jkt 235001
Dated: December 19, 2014.
Aaron Siegel,
Alternate OSD Federal Register Liaison
Officer, Department of Defense.
DAU 08
SYSTEM NAME
Defense Acquisition University
Student Information System (SIS).
SYSTEM LOCATION
Defense Acquisition University
(DAU), 9820 Belvoir Road, Fort Belvoir,
VA 22060–5565.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM
All current and former students of the
DAU including contractors and foreign
nationals.
CATEGORIES OF RECORDS IN THE SYSTEM
Name; DAU ID Number; date of birth;
citizenship; home address; personal
home telephone number, personal cell
telephone number; personal email
address; education information (college
transcripts); employment information
(job series; rank; pay grade; service; user
type (i.e., DoD, military, civilian),
business address, business telephone
number, business email address,
supervisor’s name; supervisor’s
telephone number; supervisor’s email
address); emergency contact; Temporary
Duty (TDY) address; TDY telephone
number; registration information (i.e.,
registered, waitlisted, graduated); course
information (i.e., course name, class or
section number, dates); instructor
information; DAU grades; and special
accommodation (yes/no only).
AUTHORITY FOR MAINTENANCE OF THE SYSTEM
10 U.S.C. 133, Under Secretary of
Defense for Acquisition, Technology,
and Logistics; and DoD Directive
5000.57, Defense Acquisition
University.
PURPOSE(S)
To manage administrative and
academic functions related to student
registration, and courses attempted and
completed. Records are used to verify
attendance and grades, and are also
used as a management tool for statistical
analysis, tracking, and reporting.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES
In addition to those disclosures
generally permitted under 5 U.S.C.
552a(b) of the Privacy Act of 1974, as
amended, the records contained herein
may specifically be disclosed outside
the DoD as a routine use pursuant to 5
U.S.C. 552a(b)(3) as follows:
1. Law Enforcement Routine Use: If a
system of records maintained by a DoD
PO 00000
Frm 00033
Fmt 4703
Sfmt 4703
78413
Component to carry out its functions
indicates a violation or potential
violation of law, whether civil, criminal,
or regulatory in nature, and whether
arising by general statute or by
regulation, rule, or order issued
pursuant thereto, the relevant records in
the system of records may be referred,
as a routine use, to the agency
concerned, whether federal, state, local,
or foreign, charged with the
responsibility of investigating or
prosecuting such violation or charged
with enforcing or implementing the
statute, rule, regulation, or order issued
pursuant thereto.
2. Congressional Inquiries Disclosure
Routine Use: Disclosure from a system
of records maintained by a DoD
Component may be made to a
congressional office from the record of
an individual in response to an inquiry
from the congressional office made at
the request of that individual.
3. Disclosures Required by
International Agreements Routine Use:
A record from a system of records
maintained by a DoD Component may
be disclosed to foreign law enforcement,
security, investigatory, or administrative
authorities to comply with requirements
imposed by, or to claim rights conferred
in, international agreements and
arrangements including those regulating
the stationing and status in foreign
countries of DoD military and civilian
personnel.
4. Disclosure to the Department of
Justice for Litigation Routine Use: A
record from a system of records
maintained by a DoD Component may
be disclosed as a routine use to any
component of the Department of Justice
for the purpose of representing the
Department of Defense, or any officer,
employee or member of the Department
in pending or potential litigation to
which the record is pertinent.
5. Disclosure of Information to the
National Archives and Records
Administration Routine Use: A record
from a system of records maintained by
a DoD Component may be disclosed as
a routine use to the National Archives
and Records Administration for the
purpose of records management
inspections conducted under authority
of 44 U.S.C. 2904 and 2906.
6. Data Breach Remediation Purposes
Routine Use: A record from a system of
records maintained by a Component
may be disclosed to appropriate
agencies, entities, and persons when (1)
The Component suspects or has
confirmed that the security or
confidentiality of the information in the
system of records has been
compromised; (2) the Component has
determined that as a result of the
E:\FR\FM\30DEN1.SGM
30DEN1
78414
Federal Register / Vol. 79, No. 249 / Tuesday, December 30, 2014 / Notices
suspected or confirmed compromise
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by the
Component or another agency or entity)
that rely upon the compromised
information; and (3) the disclosure
made to such agencies, entities, and
persons is reasonably necessary to assist
in connection with the Components
efforts to respond to the suspected or
confirmed compromise and prevent,
minimize, or remedy such harm.
POLICIES AND PRACTICES FOR STORING,
RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM
Electronic storage media.
RETRIEVABILITY
Individual’s name, DAU ID number,
date of birth, course name, and class or
section number.
mstockstill on DSK4VPTVN1PROD with NOTICES
SAFEGUARDS
Physical controls include: Security
guards, identification badges, and key
cards. Building is located on a federal
installation with around-the-clock gate
guards and is locked during nonbusiness hours. Only individuals with
the need to know and role-based access
are authorized access to records.
Personally Identifiable Information (PII)
fields are not exposed to users who have
not been properly cleared and trained.
Reports containing PII may only be
created by those authorized. Any reports
generated with PII are appropriately
marked per regulations. System is
contained in a DAU enclave with
boundary defense mechanisms in place.
Technical controls include: User
identification, passwords, intrusion
detection system (IDS), data is
encrypted at rest and in transit,
firewalls, virtual private network (VPN),
access to records requires the use of
DoD Public Key Infrastructure
Certificates or Common Access Card
(CAC) and Personnel Identification
Number (PIN).
Administrative controls include:
Periodic security audits, regular
monitoring of users’ security practices,
methods to ensure only authorized
personnel access to PII, encryption of
backups containing sensitive data.
Individuals seeking to determine
whether information about themselves
is contained in this system should
address written inquiries to the Center
Director, Defense Acquisition
University, Performance and Resource
Management, 9820 Belvoir Road, Fort
Belvoir, VA 22060–5565.
Signed, written requests should
contain full name, DAU ID number, date
of birth, current address, and telephone
number.
Individuals seeking access to
information about themselves contained
in this system, should address written
inquiries to the Office of the Secretary
of Defense/Joint Staff Freedom of
Information Act Requester Service
Center, 1155 Defense Pentagon,
Washington, DC 20301–1155.
Signed, written requests must contain
full name, DAU ID number, date of
birth, current address, telephone
number, and the name and number of
this system of records notice.
CONTESTING RECORD PROCEDURES
The OSD rules for accessing records,
for contesting contents, and appealing
initial agency determinations are
published in OSD Administrative
Instruction 81; 32 CFR part 311; or may
be obtained from the system manager.
RECORD SOURCE CATEGORIES
The individual, the DAU Data Center,
Career Acquisition Personnel & Position
Management Information System
(CAPPMIS) (Army system), Defense
Civilian Personnel Data System
(DCPDS), Acquisition Career
Management System (ACMS) (Air Force
system), Management Information
System (MIS II) (Navy acquisition career
management system), and Defense
Manpower Data Center (DMDC).
EXEMPTIONS CLAIMED FOR THE SYSTEM
None.
[FR Doc. 2014–30223 Filed 12–29–14; 8:45 am]
BILLING CODE 5001–06–P
DEPARTMENT OF DEFENSE
Department of the Army
RETENTION AND DISPOSAL
Records are destroyed when 50 years
old.
SYSTEM MANAGERS AND ADDRESS
Center Director, Defense Acquisition
University, Scheduling and Student
21:42 Dec 29, 2014
NOTIFICATION PROCEDURE
RECORD ACCESS PROCEDURES
STORAGE
VerDate Sep<11>2014
Support, Performance and Resource
Management, 9820 Belvoir Road, Fort
Belvoir, VA 22060–5565.
Jkt 235001
[Docket ID USA–2014–0040]
Submission for OMB Review;
Comment Request
ACTION:
PO 00000
Notice.
Frm 00034
Fmt 4703
Sfmt 4703
The Department of Defense
has submitted to OMB for clearance, the
following proposal for collection of
information under the provisions of the
Paperwork Reduction Act.
DATES: Consideration will be given to all
comments received by January 29, 2015.
FOR FURTHER INFORMATION CONTACT: Fred
Licari, 571–372–0493.
SUPPLEMENTARY INFORMATION:
Title, Associated Form and OMB
Number: The Contractor Manpower
Reporting System; OMB Control
Number 0702–0120.
Type of Request: Extension.
Number of Respondents: 12,215.
Responses per Respondent: 1.
Annual Responses: 12,215.
Average Burden per Response: 5
minutes.
Annual Burden Hours: 1018.
Needs and Uses: This program greatly
enhances the ability of the Army to
identify and track its contractor
workforce. Current systems do not have
contractor manpower data that is
collected by the contractor Manpower
Reporting System—i.e., Direct Labor
Hours, Direct Labor Dollars, and
Organization supported. Existing
financial and procurement systems have
obligation amounts of an unknown mix
of services and supplies, and the
Department of the Army is not able to
trace the funding to the organization
supported. Like all other Federal
Government agencies, the Army’s
reliance on service contractor
employees has increased significantly
over the past few years.
Affected Public: Business or other forprofit.
Frequency: Annually.
Respondent’s Obligation: Required to
Obtain or Maintain Benefits.
OMB Desk Officer: Ms. Jasmeet
Seehra.
Written comments and
recommendations on the proposed
information collection should be sent to
Ms. Jasmeet Seehra at the Office of
Management and Budget, Desk Officer
for DoD, Room 10236, New Executive
Office Building, Washington, DC 20503.
You may also submit comments,
identified by docket number and title,
by the following method:
• Federal eRulemaking Portal: https://
www.regulations.gov. Follow the
instructions for submitting comments.
Instructions: All submissions received
must include the agency name, docket
number and title for this Federal
Register document. The general policy
for comments and other submissions
from members of the public is to make
these submissions available for public
viewing on the Internet at https://
SUMMARY:
E:\FR\FM\30DEN1.SGM
30DEN1
Agencies
[Federal Register Volume 79, Number 249 (Tuesday, December 30, 2014)]
[Notices]
[Pages 78412-78414]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2014-30223]
-----------------------------------------------------------------------
DEPARTMENT OF DEFENSE
Office of the Secretary
[Docket ID DoD-2014-OS-0160]
Privacy Act of 1974; System of Records
AGENCY: Office of the Secretary of Defense, DoD.
ACTION: Notice to add a new System of Records.
-----------------------------------------------------------------------
SUMMARY: The Office of the Secretary of Defense proposes to add a new
system
[[Page 78413]]
of records, DAU 08, entitled ``Defense Acquisition University Student
Information System (SIS)'' to manage administrative and academic
functions related to student registration, and courses attempted and
completed. Records are used to verify attendance and grades, and are
also used as a management tool for statistical analysis, tracking, and
reporting.
DATES: Comments will be accepted on or before January 29, 2015. This
proposed action will be effective the day following the end of the
comment period unless comments are received which result in a contrary
determination.
ADDRESSES: You may submit comments, identified by docket number and
title, by any of the following methods:
Federal Rulemaking Portal: https://www.regulations.gov.
Follow the instructions for submitting comments.
Mail: Federal Docket Management System Office, 4800 Mark
Center Drive, East Tower, 2nd Floor, Suite 02G09, Alexandria, VA 22350-
3100.
Instructions: All submissions received must include the agency name
and docket number for this Federal Register document. The general
policy for comments and other submissions from members of the public is
to make these submissions available for public viewing on the Internet
at https://www.regulations.gov as they are received without change,
including any personal identifiers or contact information.
FOR FURTHER INFORMATION CONTACT: Ms. Cindy Allard, Chief, OSD/JS
Privacy Office, Freedom of Information Directorate, Washington
Headquarters Service, 1155 Defense Pentagon, Washington, DC 20301-1155,
or by phone at (571) 372-0461.
SUPPLEMENTARY INFORMATION: The Office of the Secretary of Defense
notices for systems of records subject to the Privacy Act of 1974 (5
U.S.C. 552a), as amended, have been published in the Federal Register
and are available from the address in FOR FURTHER INFORMATION CONTACT
or at https://dpcld.defense.gov/ gov/. The proposed system report, as
required by 5 U.S.C. 552a(r) of the Privacy Act of 1974, as amended,
was submitted on December 16, 2014, to the House Committee on Oversight
and Government Reform, the Senate Committee on Governmental Affairs,
and the Office of Management and Budget (OMB) pursuant to paragraph 4c
of Appendix I to OMB Circular No. A-130, ``Federal Agency
Responsibilities for Maintaining Records About Individuals,'' dated
February 8, 1996 (February 20, 1996, 61 FR 6427).
Dated: December 19, 2014.
Aaron Siegel,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
DAU 08
System Name
Defense Acquisition University Student Information System (SIS).
System Location
Defense Acquisition University (DAU), 9820 Belvoir Road, Fort
Belvoir, VA 22060-5565.
Categories of Individuals Covered by the System
All current and former students of the DAU including contractors
and foreign nationals.
Categories of Records in the System
Name; DAU ID Number; date of birth; citizenship; home address;
personal home telephone number, personal cell telephone number;
personal email address; education information (college transcripts);
employment information (job series; rank; pay grade; service; user type
(i.e., DoD, military, civilian), business address, business telephone
number, business email address, supervisor's name; supervisor's
telephone number; supervisor's email address); emergency contact;
Temporary Duty (TDY) address; TDY telephone number; registration
information (i.e., registered, waitlisted, graduated); course
information (i.e., course name, class or section number, dates);
instructor information; DAU grades; and special accommodation (yes/no
only).
Authority for Maintenance of the System
10 U.S.C. 133, Under Secretary of Defense for Acquisition,
Technology, and Logistics; and DoD Directive 5000.57, Defense
Acquisition University.
Purpose(s)
To manage administrative and academic functions related to student
registration, and courses attempted and completed. Records are used to
verify attendance and grades, and are also used as a management tool
for statistical analysis, tracking, and reporting.
Routine Uses of Records Maintained in the System, Including Categories
of Users and the Purposes of Such Uses
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act of 1974, as amended, the records contained
herein may specifically be disclosed outside the DoD as a routine use
pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. Law Enforcement Routine Use: If a system of records maintained
by a DoD Component to carry out its functions indicates a violation or
potential violation of law, whether civil, criminal, or regulatory in
nature, and whether arising by general statute or by regulation, rule,
or order issued pursuant thereto, the relevant records in the system of
records may be referred, as a routine use, to the agency concerned,
whether federal, state, local, or foreign, charged with the
responsibility of investigating or prosecuting such violation or
charged with enforcing or implementing the statute, rule, regulation,
or order issued pursuant thereto.
2. Congressional Inquiries Disclosure Routine Use: Disclosure from
a system of records maintained by a DoD Component may be made to a
congressional office from the record of an individual in response to an
inquiry from the congressional office made at the request of that
individual.
3. Disclosures Required by International Agreements Routine Use: A
record from a system of records maintained by a DoD Component may be
disclosed to foreign law enforcement, security, investigatory, or
administrative authorities to comply with requirements imposed by, or
to claim rights conferred in, international agreements and arrangements
including those regulating the stationing and status in foreign
countries of DoD military and civilian personnel.
4. Disclosure to the Department of Justice for Litigation Routine
Use: A record from a system of records maintained by a DoD Component
may be disclosed as a routine use to any component of the Department of
Justice for the purpose of representing the Department of Defense, or
any officer, employee or member of the Department in pending or
potential litigation to which the record is pertinent.
5. Disclosure of Information to the National Archives and Records
Administration Routine Use: A record from a system of records
maintained by a DoD Component may be disclosed as a routine use to the
National Archives and Records Administration for the purpose of records
management inspections conducted under authority of 44 U.S.C. 2904 and
2906.
6. Data Breach Remediation Purposes Routine Use: A record from a
system of records maintained by a Component may be disclosed to
appropriate agencies, entities, and persons when (1) The Component
suspects or has confirmed that the security or confidentiality of the
information in the system of records has been compromised; (2) the
Component has determined that as a result of the
[[Page 78414]]
suspected or confirmed compromise there is a risk of harm to economic
or property interests, identity theft or fraud, or harm to the security
or integrity of this system or other systems or programs (whether
maintained by the Component or another agency or entity) that rely upon
the compromised information; and (3) the disclosure made to such
agencies, entities, and persons is reasonably necessary to assist in
connection with the Components efforts to respond to the suspected or
confirmed compromise and prevent, minimize, or remedy such harm.
Policies and Practices for Storing, Retrieving, Accessing, Retaining,
and Disposing of Records in the System
Storage
Electronic storage media.
Retrievability
Individual's name, DAU ID number, date of birth, course name, and
class or section number.
Safeguards
Physical controls include: Security guards, identification badges,
and key cards. Building is located on a federal installation with
around-the-clock gate guards and is locked during non-business hours.
Only individuals with the need to know and role-based access are
authorized access to records. Personally Identifiable Information (PII)
fields are not exposed to users who have not been properly cleared and
trained. Reports containing PII may only be created by those
authorized. Any reports generated with PII are appropriately marked per
regulations. System is contained in a DAU enclave with boundary defense
mechanisms in place.
Technical controls include: User identification, passwords,
intrusion detection system (IDS), data is encrypted at rest and in
transit, firewalls, virtual private network (VPN), access to records
requires the use of DoD Public Key Infrastructure Certificates or
Common Access Card (CAC) and Personnel Identification Number (PIN).
Administrative controls include: Periodic security audits, regular
monitoring of users' security practices, methods to ensure only
authorized personnel access to PII, encryption of backups containing
sensitive data.
Retention and Disposal
Records are destroyed when 50 years old.
System Managers and Address
Center Director, Defense Acquisition University, Scheduling and
Student Support, Performance and Resource Management, 9820 Belvoir
Road, Fort Belvoir, VA 22060-5565.
Notification Procedure
Individuals seeking to determine whether information about
themselves is contained in this system should address written inquiries
to the Center Director, Defense Acquisition University, Performance and
Resource Management, 9820 Belvoir Road, Fort Belvoir, VA 22060-5565.
Signed, written requests should contain full name, DAU ID number,
date of birth, current address, and telephone number.
Record Access Procedures
Individuals seeking access to information about themselves
contained in this system, should address written inquiries to the
Office of the Secretary of Defense/Joint Staff Freedom of Information
Act Requester Service Center, 1155 Defense Pentagon, Washington, DC
20301-1155.
Signed, written requests must contain full name, DAU ID number,
date of birth, current address, telephone number, and the name and
number of this system of records notice.
Contesting Record Procedures
The OSD rules for accessing records, for contesting contents, and
appealing initial agency determinations are published in OSD
Administrative Instruction 81; 32 CFR part 311; or may be obtained from
the system manager.
Record Source Categories
The individual, the DAU Data Center, Career Acquisition Personnel &
Position Management Information System (CAPPMIS) (Army system), Defense
Civilian Personnel Data System (DCPDS), Acquisition Career Management
System (ACMS) (Air Force system), Management Information System (MIS
II) (Navy acquisition career management system), and Defense Manpower
Data Center (DMDC).
Exemptions Claimed for the System
None.
[FR Doc. 2014-30223 Filed 12-29-14; 8:45 am]
BILLING CODE 5001-06-P