Privacy Act of 1974; Proposed Modified System of Records, 45352-45354 [2016-16547]

Agencies

• Social Security Administration

[Federal Register Volume 81, Number 134 (Wednesday, July 13, 2016)]
[Notices]
[Pages 45352-45354]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2016-16547]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION

[Docket No. SSA-2016-0028]


Privacy Act of 1974; Proposed Modified System of Records

AGENCY: Social Security Administration (SSA).

ACTION: Modified System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act (5 U.S.C. 552a) we are 
issuing public notice of our intent to modify an existing system of 
records entitled, Electronic Freedom of Information Act (eFOIA) System 
(60-0340), last published at 70 FR 3571 (January 25, 2005). This notice 
publishes details of the proposed updates as set forth below under the 
caption SUPPLEMENTARY INFORMATION.

DATES: We invite public comment on this new system of records. In 
accordance with 5 U.S.C. 552a(e)(4) and (e)(11), the public is given a 
30-day period in which to submit comments. Therefore, please submit any 
comments by August 12, 2016.

ADDRESSES: The public, Office of Management and Budget (OMB), and 
Congress may comment on this publication by writing to the Executive 
Director, Office of Privacy and Disclosure, Office of the General 
Counsel, Social Security Administration, Room 617 Altmeyer Building, 
6401 Security Boulevard, Baltimore, Maryland 21235-6401, or through the 
Federal e-Rulemaking Portal at https://www.regulations.gov. All comments 
we receive will be available for public inspection at the above address 
and we will post them to https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Tristin Dorsey, Government Information 
Specialist, Privacy Implementation Division, Office of Privacy and 
Disclosure, Office of the General Counsel, Social Security 
Administration, Room 617 Altmeyer Building, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, telephone: (410) 965-2950, email: 
tristin.dorsey@ssa.gov.

SUPPLEMENTARY INFORMATION: We are modifying the system of records name 
from eFOIA System, SSA, Office of the General Counsel, Office of Public 
Disclosure to the Freedom of Information Act (FOIA) and Privacy Act 
Record Request and Appeal System to accurately reflect the system name, 
hereinafter referred to as the FOIA and Privacy Act Record Request and 
Appeal System. We are also modifying the notice throughout to correct 
miscellaneous stylistic formatting errors

[[Page 45353]]

of the previously published Notice, and to ensure the language reads 
consistently across multiple systems.
    We are modifying the system of records location by clarifying the 
name of the office, specifying that paper records are included in the 
categories of records in the system, explaining how the records are 
retrieved, revising the language in routine use No. 3 to remove 
erroneously placed language concerning the disclosure of tax return 
information, deleting previous routine uses Nos. 4 and 10 which are no 
longer applicable, and adding a new routine use to clarify that records 
may be provided to the National Archives and Records Administration, 
Office of Government Information Services, for all purposes set forth 
in 5 U.S.C. 552(h)(2)(A-B) and (3). The entire notice is being 
republished for ease of reference.
    In accordance with 5 U.S.C. 552a(r), we have provided a report to 
OMB and Congress on this modified system of records.

    Dated: June 14, 2016.
Glenn Sklar,
Acting Executive Director, Office of Privacy and Disclosure, Office of 
the General Counsel.
SOCIAL SECURITY ADMINISTRATION

SYSTEM NUMBER: 60-0340

SYSTEM NAME:
    Freedom of Information Act (FOIA) and Privacy Act Record Request 
and Appeal System.

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATION:
    Social Security Administration, Office of the General Counsel, 
Office of Privacy and Disclosure, 6401 Security Boulevard, Baltimore, 
Maryland 21235-6401.
    Social Security Administration, Office of Central Operations, 
Division of Earnings Records Operations, 6100 Wabash Avenue, Baltimore, 
Maryland 21290-3022; or regional offices in receipt of original 
requests (See Appendix C for address information).

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system maintains information about individuals who submit FOIA 
or Privacy Act requests, including Privacy Act amendments, or 
administrative appeals to SSA; individuals whose requests or records 
have been referred to SSA by other agencies; individuals who submit 
inquiries to SSA regarding federal agency compliance with the FOIA; 
attorneys representing individuals submitting such requests and 
appeals; and individuals who are the subject of such requests and 
appeals; and SSA personnel assigned to handle such requests and 
appeals.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system consists of records received, created, or compiled in 
response to FOIA and Privacy Act requests or administrative appeals, 
including: the original requests and administrative appeals; responses 
to such requests and administrative appeals; all related memoranda, 
correspondence, notes, and other related or supporting documentation; 
and, copies of requested records relating to original requests and 
administrative appeals. This system also consists of records related to 
inquiries submitted to SSA regarding federal agency compliance with the 
FOIA, and all records related to the resolution of such inquiries.

AUTHORITIES FOR MAINTENANCE OF THE SYSTEM:
    The system was established and is maintained to implement the 
provisions of the Freedom of Information Act (5 U.S.C. 552), Privacy 
Act (5 U.S.C. 552a), Records Management by Federal Agencies (44 U.S.C. 
3101), Section 1106 of the Social Security Act (42 U.S.C. 1306), and 
SSA Regulations (20 CFR parts 401 and 402).

PURPOSE(S):
    This system of records assists us in processing access requests and 
administrative appeals under the FOIA and the Privacy Act; supporting 
agency participation in litigation arising from requests and appeals; 
assigning, processing, and tracking FOIA workloads; and, providing 
management information reports.

ROUTINE USES OF RECORDS COVERED BY THE SYSTEM, INCLUDING CATEGORIES OF 
USERS AND THE PURPOSES OF SUCH USES:
    We will disclose records pursuant to the following routine uses; 
however, we will not disclose any information defined as ``return or 
return information'' under 26 U.S.C. 6103 of the Internal Revenue Code 
(IRC), unless authorized by a statute, the Internal Revenue Service 
(IRS), or IRS regulations.
    1. To the Office of the President in response to an inquiry from 
that office made on behalf of, and at the request of, the subject of 
record or a third party acting on the subject's behalf.
    2. To a congressional office in response to an inquiry from that 
office made on behalf of, and at the request of, the subject of the 
record or a third party acting on the subject's behalf.
    3. To the IRS, Department of Treasury, for the purpose of auditing 
SSA's compliance with the safeguard provisions of the IRC of 1986, as 
amended.
    4. To the Department of Justice (DOJ), a court or other tribunal, 
or another party before such court or tribunal, when
    (a) SSA, or any component thereof; or
    (b) any SSA employee in his/her official capacity; or
    (c) any SSA employee in his/her individual capacity where DOJ (or 
SSA where it is authorized to do so) has agreed to represent the 
employee; or
    (d) the United States or any agency thereof where SSA determines 
the litigation is likely to affect SSA or any of its components, is a 
party to the litigation or has an interest in such litigation, and SSA 
determines that the use of such records by DOJ, a court or other 
tribunal, or another party before the tribunal is relevant and 
necessary to the litigation, provided, however, that in each case, the 
agency determines that disclosure of the records to DOJ, court or other 
tribunal, or another party is a use of the information contained in the 
records that is compatible with the purpose for which the records were 
collected.
    5. To the National Archives and Records Administration (NARA) under 
44 U.S.C. 2904 and 2906.
    6. To student volunteers, individuals working under a personal 
services contract, and other workers who technically do not have the 
status of Federal employees, when they are performing work for SSA, as 
authorized by law, and they need access to personally identifiable 
information (PII) in SSA records in order to perform their assigned 
agency functions.
    7. To Federal, State and local law enforcement agencies and private 
security contractors, as appropriate, information necessary:
    (a) To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace, and the operation of SSA 
facilities; or
    (b) to assist investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupt the operation of SSA facilities.
    8. To contractors and other Federal agencies, as necessary, for the 
purpose of assisting SSA in the efficient administration of its 
programs. We will disclose information under this routine use only in 
situations in which SSA may enter into a contractual or similar 
agreement with a third party to assist in accomplishing an agency 
function relating to this system of records.

[[Page 45354]]

    9. To appropriate Federal, State, and local agencies, entities, and 
persons when:
    (a) We suspect or confirm that the security or confidentiality of 
information in this system of records has been compromised;
    (b) we determine that, as a result of the suspected or confirmed 
compromise, there is a risk of harm to economic or property interests, 
identity theft or fraud, or harm to the security or integrity of this 
system or other systems or programs that rely upon the compromised 
information; and
    (c) we determine that disclosing the information to such agencies, 
entities, and persons is necessary to assist in our efforts to respond 
to the suspected or confirmed compromise and prevent, minimize, or 
remedy such harm.
    10. To NARA, Office of Government Information Services (OGIS), to 
the extent necessary to fulfill its responsibilities in 5 U.S.C. 552(h) 
to review administrative agency policies, procedures and compliance 
with the FOIA, and to facilitate OGIS' offering of mediation services 
to resolve disputes between persons making FOIA requests and 
administrative agencies.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    We will maintain records in this system in paper and in electronic 
form.

RETRIEVABILITY:
    We will retrieve records in this system by the name and Social 
Security number (SSN) of the requester or appellant; case number 
assigned to the request or appeal; name of attorney representing the 
requester or appellant; the name of an individual who is the subject of 
such a request or appeal; or subject matter.

SAFEGUARDS:
    We retain electronic records with personal identifiers in secure 
storage areas accessible only by our authorized employees and 
contractors who have a need for the information when performing their 
official duties. Security measures include the use of access codes and 
profiles, personal identification number (PIN) and password, and 
personal identification verification (PIV) cards. We keep paper records 
in cabinets within secure areas, with access limited to only those 
employees who have an official need for access in order to perform 
their duties.
    We annually provide our employees and contractors with appropriate 
security awareness training that includes reminders about the need to 
protect PII and the criminal penalties that apply to unauthorized 
access to, or disclosure of, PII (5 U.S.C. 552a(i)(1)). Furthermore, 
employees and contractors with access to databases maintaining PII must 
sign a sanctions document annually acknowledging their accountability 
for inappropriately accessing or disclosing such information.

RETENTION AND DISPOSAL:
    We retain and dispose of records in accordance with NARA's General 
Records Schedule 4.2, Information Access and Protection Records (DAA-
GRS-2013-0007-0002).

SYSTEM MANAGER AND ADDRESS:
    Freedom of Information Officer, Social Security Administration, 
Office of the General Counsel, Office of Privacy and Disclosure, 6401 
Security Boulevard, Baltimore, Maryland 21235-6401.

NOTIFICATION PROCEDURES:
    Persons can determine if this system contains a record about them 
by writing to the system manager at the above address and providing 
their name, SSN, or other information that may be in this system of 
records that will identify them. Persons requesting notification by 
mail must include a notarized statement to us to verify their identity 
or must certify in the request that they are the person they claim to 
be and that they understand that the knowing and willful request for, 
or acquisition of, a record pertaining to another person under false 
pretenses is a criminal offense.
    Persons requesting notification of records in person must provide 
the same information, as well as provide an identity document, 
preferably with a photograph, such as a driver's license. Persons 
lacking identification documents sufficient to establish their identity 
must certify in writing that they are the person they claim to be and 
that they understand that the knowing and willful request for, or 
acquisition of, a record pertaining to another person under false 
pretenses is a criminal offense.
    Persons requesting notification by telephone must verify their 
identity by providing identifying information that parallels the 
information in the record about which they are requesting notification. 
If we determine that the identifying information the person provides by 
telephone is insufficient, we will require the person to submit a 
request in writing or in person. If a person requests information by 
telephone on behalf of another person, the subject person must be on 
the telephone with the requesting person and us in the same phone call. 
We will establish the subject person's identity (his or her name, SSN, 
address, date of birth, and place of birth, along with one other piece 
of information, such as mother's maiden name) and ask for his or her 
consent to provide information to the requesting person. These 
procedures are in accordance with our regulations (20 CFR 401.40 and 
401.45).

RECORD ACCESS PROCEDURES:
    Same as notification procedures. Persons must also reasonably 
describe the record contents they are seeking. These procedures are in 
accordance with our regulations (20 CFR 401.40(c)).

CONTESTING RECORD PROCEDURES:
    Same as notification procedures. Persons must also reasonably 
identify the record, specify the information they are contesting, and 
state the corrective action sought and the reasons for the correction 
with supporting justification showing how the record is incomplete, 
untimely, inaccurate, or irrelevant. These procedures are in accordance 
with our regulations (20 CFR 401.65(a)).

RECORD SOURCE CATEGORIES:
    We obtain information in this system of records primarily from the 
person to whom the record pertains.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE PRIVACY ACT:
    None.

[FR Doc. 2016-16547 Filed 7-12-16; 8:45 am]
 BILLING CODE 4191-02-P