Privacy Act of 1974; Systems of Records, 1988-1991 [2015-00403]

Agencies

• DEPARTMENT OF THE TREASURY

[Federal Register Volume 80, Number 9 (Wednesday, January 14, 2015)]
[Notices]
[Pages 1988-1991]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2015-00403]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY


Privacy Act of 1974; Systems of Records

AGENCY: Department of the Treasury.

ACTION: Notice of proposed Privacy Act of 1974 system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, as amended, 5 
U.S.C. 552a, the Department of the Treasury (``Treasury'') proposes to 
establish a new Privacy Act system of records titled ``Treasury .015--
General Information Technology Access Account Records.'' This system 
will allow Treasury to collect a discrete set of personally 
identifiable information in order to allow authorized individuals 
access to, or interaction with, Treasury information technology 
resources and allow Treasury to track use of its information technology 
resources.

DATES: Submit comments on or before February 13, 2015. This new system 
will be effective February 23, 2015 unless comments are received which 
result in a contrary determination.

ADDRESSES: You may submit comments, identified by one of the following 
methods:
     Fax: 202-622-3895.
     Mail: Helen Goff Foster, Deputy Assistant Secretary for 
Privacy, Transparency, and Records, Office of Privacy, Transparency, 
and Records, Department of the Treasury, 1500 Pennsylvania Avenue NW., 
Washington, DC 20220.
    Instructions: All submissions received must include the agency name 
for this rulemaking. All comments received will be posted without 
change to https://www.regulations.gov, including any personal 
information you provide with your submission. For access to background 
documents or comments received, go to https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: For general questions and for privacy 
issues please contact: Deputy Assistant Secretary for Privacy, 
Transparency, and Records, Office of Privacy, Transparency, and Records 
(202-622-0790), Department of the Treasury, 1500 Pennsylvania Ave. NW., 
Washington, DC 20220.

SUPPLEMENTARY INFORMATION: In accordance with the Privacy Act of 1974, 
5 U.S.C. 552a, the Department of the Treasury proposes to establish a 
new system of records titled, ``Treasury .015--General Information 
Technology Access Account Records.'' The proposed system of records is 
published in its entirety below.
    In accordance with 5 U.S.C. 552a(r), Treasury provided a report of 
this system of records to the Office of Management and Budget and 
Congress.

    Dated: December 22, 2014.
Helen Goff Foster,
Deputy Assistant Secretary for Privacy, Transparency, and Records.
TREASURY .015

System name:
    Treasury .015--General Information Technology Access Account 
Records System of Records.

System location:
    The records are located at Main Treasury and in other Treasury 
bureaus and offices, both in Washington, DC and at field locations as 
follows:
    (1) Departmental Offices: 1500 Pennsylvania Ave. NW., Washington, 
DC 20220;
    (2) Alcohol and Tobacco Tax and Trade Bureau: 1310 G St. NW., 
Washington, DC 20220.
    (3) Office of the Comptroller of the Currency: Constitution Center, 
400 Seventh St. SW., Washington, DC 20024;
    (4) Fiscal Service: Liberty Center Building, 401 14th St. SW., 
Washington, DC 20227;
    (5) Internal Revenue Service: 1111 Constitution Ave. NW., 
Washington, DC 20224;
    (6) United States Mint: 801 Ninth St. NW., Washington, DC 20220;
    (7) Bureau of Engraving and Printing: Eastern Currency Facility, 
14th and C Streets SW., Washington, DC 20228 and Western Currency 
Facility, 9000 Blue Mound Rd., Fort Worth, TX 76131;
    (8) Financial Crimes Enforcement Network: Vienna, VA 22183;
    (9) Special Inspector General for the Troubled Asset Relief 
Program: 1801 L St. NW., Washington, DC 20220;

[[Page 1989]]

    (10) Office of Inspector General: 740 15th St. NW., Washington, DC 
20220; and
    (11) Office of the Treasury Inspector General for Tax 
Administration: 1125 15th St. NW., Suite 700A, Washington, DC 20005.

Categories of individuals covered by the system:
     All persons who are authorized to access Treasury 
information technology resources, including employees, contractors, 
grantees, fiscal agents, financial agents, interns, detailees, and any 
lawfully designated representative of the above as well as 
representatives of federal, state, territorial, tribal, local, 
international, or foreign government agencies or entities, in 
furtherance of the Treasury mission.
     Individuals who serve on Treasury boards and committees;
     Individuals who provide personal information in order to 
facilitate access to Treasury information technology resources;
     Industry points-of-contact providing business contact 
information for conducting business with government agencies;
     Industry points-of-contact emergency contact information 
in case of an injury or medical notification;
     Individuals who voluntarily join a Treasury-owned and 
operated web portal for collaboration purposes; and
     Individuals who request access but are denied, or who have 
had their access to Treasury information systems revoked.

Categories of records in the system:
     Social Security number;
     Business name;
     Job title;
     Business contact information;
     Personal contact information;
     Pager numbers;
     Others phone numbers or contact information provided by 
individuals while on travel or otherwise away from the office or home;
     Citizenship;
     Level of access;
     Home addresses;
     Business addresses;
     Personal and business electronic mail addresses of senders 
and recipients;
     Justification for access to Treasury computers, networks, 
or systems;
     Verification of training requirements or other 
prerequisite requirements for access to Treasury computers, networks, 
or systems;
     Records on the authentication of a request for access to a 
Treasury IT resource, including names, phone numbers of other contacts, 
and positions or business/organizational affiliations and titles of 
individuals who can verify that the individual seeking access has a 
need for access to a Treasury IT resource.
     Records on access to Treasury computers and networks 
including user IDs and passwords;
     Registration numbers or IDs associated with Treasury 
information technology resources;
     Date and time of access to Treasury IT resources;
     Tax returns and tax return information;
     Logs of activity when accessing and using Treasury 
information technology resources;
     Internet Protocol address of visitors to Treasury Web 
sites (a unique number identifying the computer from which a member of 
the public or others access Treasury IT resources); and
     Logs of individuals' internet activity while using 
Treasury IT resources.

Authority for maintenance of the system:
    44 U.S.C. 3101; EO 9397, as amended by EO 13487; and 44 U.S.C. 
3534.

Purposes:
    This system will allow Treasury to collect a discrete set of 
personally identifiable information in order to allow authorized 
individuals access to, or interactions with, Treasury information 
technology resources, and allow Treasury to track use of its 
information technology resources. The system enables Treasury to 
maintain: account information required for approved access to 
information technology; lists of individuals who are appropriate 
organizational points of contact; and lists of individuals who are 
emergency points of contact. The system will also enable Treasury to 
provide individuals access to certain meetings and programs where 
additional information is required and, where appropriate, facilitate 
collaboration by allowing individuals in the same operational program 
to share information.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    Disclosure of tax returns and tax return information may be made 
only as allowed by 26 U.S.C. 6103. In addition to those disclosures 
generally permitted under 5 U.S.C. 552a (b) of the Privacy Act, all or 
a portion of the records or information contained in this system may be 
disclosed outside Treasury as a routine use pursuant to 5 U.S.C. 552a 
(b) (3), as follows:
    A. To the Department of Justice (including United States Attorneys' 
Offices) or other federal agencies conducting litigation or in 
proceedings before any court or adjudicative or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    1. Treasury or any component thereof;
    2. Any employee of Treasury in his/her official capacity;
    3. Any employee of Treasury in his/her individual capacity where 
the Department of Justice or Treasury has agreed to represent the 
employee; or
    4. The United States or any agency thereof.
    B. To a congressional office from the record of an individual in 
response to an inquiry from that congressional office made at the 
request of the individual to whom the record pertains.
    C. To the National Archives and Records Administration or General 
Services Administration pursuant to records management inspections 
being conducted under the authority of 44 U.S.C. 2904 and 2906.
    D. To an agency or organization for the purpose of performing audit 
or oversight operations as authorized by law, but only such information 
as is necessary and relevant to such audit or oversight function.
    E. To appropriate agencies, entities, and persons when:
    1. Treasury suspects or has confirmed that the security or 
confidentiality of information in the system of records has been 
compromised;
    2. The disclosure made to such agencies, entities, and persons as 
is reasonably necessary to assist in connection with Treasury's efforts 
to respond to the suspected or confirmed compromise and prevent, 
minimize, or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants, 
fiscal agent, financial agents, and others performing or working on a 
contract, service, grant, cooperative agreement, or other assignment 
for Treasury, when necessary to accomplish an agency function related 
to this system of records. Individuals provided information under this 
routine use are subject to the same Privacy Act requirements and 
limitations on disclosure as are applicable to Treasury officers and 
employees.
    G. To an appropriate federal, state, tribal, local, international, 
or foreign law enforcement agency or other appropriate authority 
charged with investigating or prosecuting a violation or enforcing or 
implementing a law, rule, regulation, or order, where a record, either 
on its face

[[Page 1990]]

or in conjunction with other information, indicates a violation or 
potential violation of law, which includes criminal, civil, or 
regulatory violations and such disclosure is proper and consistent with 
the official duties of the person making the disclosure.
    H. To sponsors, employers, contractors, facility operators, 
grantees, experts, fiscal agents, financial agents, and consultants in 
connection with establishing an access account for an individual or 
maintaining appropriate points of contact and when necessary to 
accomplish a Treasury mission function or objective related to this 
system of records.
    I. To other individuals in the same operational program supported 
by an information technology resource, where appropriate notice to the 
individual has been made that his or her contact information will be 
shared with other members of the same operational program in order to 
facilitate collaboration.
    J. To federal agencies such as the Office of Personnel Management, 
the Merit Systems Protection Board, the Office of Management and 
Budget, the Federal Labor Relations Authority, the Government 
Accountability Office, and the Equal Employment Opportunity Commission 
in the fulfillment of these agencies' official duties.
    K. To international, federal, state, local, tribal, or private 
entities for the purpose of the regular exchange of business contact 
information in order to facilitate collaboration for official business.
    L. To the news media and the public, with the approval of the 
Senior Agency Official for Privacy, or her designee, in consultation 
with counsel, when there exists a legitimate public interest in the 
disclosure of the information or when disclosure is necessary to 
preserve confidence in the integrity of Treasury or is necessary to 
demonstrate the accountability of Treasury's officers, employees, or 
individuals covered by the system, except to the extent it is 
determined that release of the specific information in the context of a 
particular case would constitute an unwarranted invasion of personal 
privacy.

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Records in this system are on paper and/or in digital or other 
electronic form. Digital and other electronic images are stored on a 
storage area network in a secured environment. Records, whether paper 
or electronic, may be stored at the Treasury Headquarters or at the 
bureau or office level.

Retrievability:
    Information may be retrieved, sorted, and/or searched by an 
identification number assigned by computer, by facility, by business 
affiliation, email address, or by the name of the individual, or other 
employee data fields previously identified in this System of Records 
Notice.

Safeguards:
    Information in this system is safeguarded in accordance with 
applicable laws, rules and policies, including Treasury Directive 85-
01, Department of the Treasury Information Technology (IT) Security 
Program. Further, Treasury .015--General Information Technology Access 
Account Records system of records security protocols will meet multiple 
National Institute of Standards and Technology security standards from 
authentication to certification and authorization. Records in the 
Treasury .015--General Information Technology Access Account Records 
system of records will be maintained in a secure, password protected 
electronic system that will utilize security hardware and software to 
include: multiple firewalls, active intruder detection, and role-based 
access controls. Additional safeguards will vary by component and 
program. All records are protected from unauthorized access through 
appropriate administrative, physical, and technical safeguards. These 
safeguards include restricting access to authorized personnel who have 
a ``need to know,'' using locks, and password protection identification 
features. Treasury file areas are locked after normal duty hours and 
the facilities are protected by security personnel who monitor access 
to and egress from Treasury facilities.

Retention and disposal:
    Records are securely retained and disposed of in accordance with 
the National Archives and Records Administration's General Records 
Schedule 24, section 6, ``User Identification, Profiles, 
Authorizations, and Password Files.'' Inactive records will be 
destroyed or deleted 6 years after the user account is terminated or 
password is altered, or when no longer needed for investigative or 
security purposes, whichever is later.

System manager(s) and address:
    DASIT/CIO, Department of the Treasury, 1500 Pennsylvania Ave. NW., 
Washington, DC 20220.

Notification procedure:
    Individuals seeking notification of and access to any record 
contained in this system of records, or seeking to contest its content, 
may submit a request in writing, in accordance with Treasury's Privacy 
Act regulations (located at 31 CFR 1.26), to the Freedom of Information 
Act (FOIA) and Transparency Liaison, whose contact information can be 
found at https://www.treasury.gov/FOIA/Pages/index.aspx under ``FOIA 
Requester Service Centers and FOIA Liaison.'' If an individual believes 
more than one bureau maintains Privacy Act records concerning him or 
her, the individual may submit the request to the Office of Privacy, 
Transparency, and Records, FOIA and Transparency, Department of the 
Treasury, 1500 Pennsylvania Ave. NW., Washington, DC 20220.
    No specific form is required, but a request must be written and:
     Be signed and either notarized or submitted under 28 
U.S.C. 1746, a law that permits statements to be made under penalty of 
perjury as a substitute for notarization
     State that the request is made pursuant to the FOIA and/or 
Privacy Act disclosure regulations;
     Include information that will enable the processing office 
to determine the fee category of the user;
     Addressed to the bureau that maintains the record (in 
order for a request to be properly received by the Department, the 
request must be received in the appropriate bureau's disclosure 
office);
     Reasonably describe the records;
     Give the address where the determination letter is to be 
sent;
     State whether or not the requester wishes to inspect the 
records or have a copy made without first inspecting them; and
     Include a firm agreement from the requester to pay fees 
for search, duplication, or review, as appropriate. In the absence of a 
firm agreement to pay, the requester may submit a request for a waiver 
or reduction of fees, along with justification of how such a waiver 
request meets the criteria for a waiver or reduction of fees found in 
the FOIA statute at 5 U.S.C. 552(a)(4)(A)(iii).
    You may also submit your request online at https://rdgw.treasury.gov/foia/pages/gofoia.aspx and call 1-202-622-0930 with 
questions.

Record access procedures:
    See ``Notification procedure'' above.

Contesting record procedures:
    See ``Notification procedure'' above.

[[Page 1991]]

Record source categories:
    Information contained in this system is obtained from affected 
individuals, organizations, and facilities; public source data; other 
government agencies; and information already in other Treasury records 
systems.

Exemptions claimed for the system:
    None.
[FR Doc. 2015-00403 Filed 1-13-15; 8:45 am]
BILLING CODE 4810-25-P