Privacy Act of 1974; System of Records, 36178-36180 [2017-16331]

Download as PDF 36178 Federal Register / Vol. 82, No. 148 / Thursday, August 3, 2017 / Notices At any time within 60 days of the filing of the proposed rule change, the Commission summarily may temporarily suspend such rule change if it appears to the Commission that such action is necessary or appropriate in the public interest, for the protection of investors, or otherwise in furtherance of the purposes of the Act. If the Commission takes such action, the Commission will institute proceedings to determine whether the proposed rule change should be approved or disapproved. IV. Solicitation of Comments Interested persons are invited to submit written data, views, and arguments concerning the foregoing, including whether the proposed rule change is consistent with the Act. Comments may be submitted by any of the following methods: mstockstill on DSK30JT082PROD with NOTICES Electronic Comments • Use the Commission’s Internet comment form (http://www.sec.gov/ rules/sro.shtml); or • Send an email to rule-comments@ sec.gov. Please include File Number SR– C2–2017–022 on the subject line. Paper Comments • Send paper comments in triplicate to Secretary, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549–1090. All submissions should refer to File Number SR–C2–2017–022. This file number should be included on the subject line if email is used. To help the Commission process and review your comments more efficiently, please use only one method. The Commission will post all comments on the Commission’s Internet Web site (http://www.sec.gov/ rules/sro.shtml). Copies of the submission, all subsequent amendments, all written statements with respect to the proposed rule change that are filed with the Commission, and all written communications relating to the proposed rule change between the Commission and any person, other than those that may be withheld from the public in accordance with the provisions of 5 U.S.C. 552, will be available for Web site viewing and printing in the Commission’s Public Reference Room, 100 F Street NE., Washington, DC 20549 on official business days between the hours of 10:00 a.m. and 3:00 p.m. Copies of the filing also will be available for of the proposed rule change, or such shorter time as designated by the Commission. The Exchange has satisfied this requirement. VerDate Sep<11>2014 16:35 Aug 02, 2017 Jkt 241001 inspection and copying at the principal office of the Exchange. All comments received will be posted without change; the Commission does not edit personal identifying information from submissions. You should submit only information that you wish to make available publicly. All submissions should refer to File Number SR–C2– 2017–022 and should be submitted on or before August 24, 2017. For the Commission, by the Division of Trading and Markets, pursuant to delegated authority.13 Eduardo A. Aleman, Assistant Secretary. [FR Doc. 2017–16396 Filed 8–2–17; 8:45 am] BILLING CODE 8011–01–P SOCIAL SECURITY ADMINISTRATION [Docket No. SSA–2017–0040] Privacy Act of 1974; System of Records Deputy Commissioner of Systems, Social Security Administration (SSA). ACTION: Notice of a New System of Records. AGENCY: In accordance with the Privacy Act we are issuing public notice of our intent to establish a new system of records entitled, Customer Engagement Tools (CET) Record System (60–0383), hereinafter called the CET Record System. We will use this system to maintain the information we collect during our electronic communications with those individuals who have created a my Social Security account and have been authenticated to use online electronic services via the my Social Security web portal, and who choose to communicate with us using an electronic communication method, such as the Click-to-Chat tool. This notice publishes details of the system as set forth under the caption SUPPLEMENTARY INFORMATION. DATES: The System of Records Notice (SORN) is applicable August 3, 2017, with the exception of the routine uses which are applicable [insert date]. We invite public comment on the routine uses or other aspects of this SORN. In accordance with 5 U.S.C. 552a(e)(4) and (e)(11), the public is given a 30-day period in which to submit comments. Therefore, please submit any comments by September 5, 2017. ADDRESSES: The public, Office of Management and Budget (OMB), and Congress may comment on this SUMMARY: 13 17 PO 00000 CFR 200.30–3(a)(12). Frm 00065 Fmt 4703 Sfmt 4703 publication by writing to the Executive Director, Office of Privacy and Disclosure, Office of the General Counsel, SSA, Room 617 Altmeyer Building, 6401 Security Boulevard, Baltimore, Maryland 21235–6401, or through the Federal e-Rulemaking Portal at http://www.regulations.gov. All comments we receive will be available for public inspection at the above address and we will post them to http:// www.regulations.gov. FOR FURTHER INFORMATION CONTACT: Pamela J. Carcirieri, Supervisory Government Information Specialist, Privacy Implementation Division, Office of Privacy and Disclosure, Office of the General Counsel, SSA, Room 617, Altmeyer Building, 6401 Security Boulevard, Baltimore, Maryland 21235– 6401, telephone (410) 965–0355, email: Pamela.Carcirieri@ssa.gov or Elizabeth Boorstein, Government Information Specialist, Privacy Implementation Division, Office of Privacy and Disclosure, Office of the General Counsel, Social Security Administration, Room 617 Altmeyer Building, 6401 Security Boulevard, Baltimore, Maryland 21235–6401, telephone: (410) 966–2824, email: Elizabeth.Boorstein@ssa.gov. SUPPLEMENTARY INFORMATION: We are establishing the CET Record System to cover information we collect about individuals who choose to use one of our electronic communication options to conduct business with SSA online. These communication options provide service to our customers, and will assist individuals who prefer to communicate with us in a dynamic and electronic environment. In accordance with 5 U.S.C. 552a(r), we have provided a report to OMB and Congress on this new system of records. Dated: April 3, 2017. Mary Ann Zimmerman, Acting Executive Director, Office of Privacy and Disclosure, Office of the General Counsel. SYSTEM NAME AND NUMBER: Customer Engagement Tools (CET) Record System, 60–0383. SECURITY CLASSIFICATION: Unclassified. SYSTEM LOCATION: Social Security Administration, Deputy Commissioner of Systems, Office of IT Business Support, Office of IT Enterprise Business Support, Robert M. Ball Building, 6401 Security Boulevard, Baltimore, MD 21235. SYSTEM MANAGER(S): Social Security Administration, Deputy Commissioner of Systems, E:\FR\FM\03AUN1.SGM 03AUN1 Federal Register / Vol. 82, No. 148 / Thursday, August 3, 2017 / Notices Office of IT Business Support, Office of IT Enterprise Business Support, Robert M. Ball Building, 6401 Security Boulevard, Baltimore, MD 21235. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: General authority to maintain the system is contained in sections 205(a) and 702(a)(5) of the Social Security Act, as amended (42 U.S.C. 405(a) and 902(a)(5)). PURPOSE(S) OF THE SYSTEM: We will use this system to maintain the information we collect during our electronic communications with individual’s who choose to communicate with us via one of our electronic communication options to conduct business with SSA online. The CET Record System will allow us to better serve online users by providing informational and programmatic responses to authenticated my Social Security users via designated subject experts throughout the country. Furthermore, transcripts and communication records may be used for employee performance assessments, employee conduct issues, and employee disciplinary actions. These materials may also be used to help determine individual employee, unit, and officewide training needs, as well as the quality of responses, trends, public reactions to policies, legislation, and other public announcements. The transcripts and records may be used to train SSA management service observers to ensure uniform and consistent evaluation criteria and as documentation for any disciplinary and performance-based actions. The transcripts and records may be redacted of beneficiary information if the information is not relevant and necessary for this purpose, or changed to protect privacy, before use. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: Individuals who have created a my Social Security account and have been authenticated to use online electronic services via the my Social Security web portal. mstockstill on DSK30JT082PROD with NOTICES CATEGORIES OF RECORDS IN THE SYSTEM: This system maintains information either provided by an individual or collected in transcripts and records during the electronic communication with a designated SSA employee. This information may include the individual’s name, SSN, date of birth, parent name(s), address, and place of birth. Additional information may be included in the electronic communication, which may include information about an individual’s Social VerDate Sep<11>2014 16:35 Aug 02, 2017 Jkt 241001 Security benefits or other business the individual has with the agency. Information about the designated SSA employee will also be collected, including the employee’s Personal Identification Number (PIN) and chosen display name. RECORD SOURCE CATEGORIES: We obtain information in this system from those individuals who choose to communicate with us using an electronic communication method. Depending on the individual’s inquiry, we may also access individuals’ information from other SSA sources, such as the Enumeration System, the Integrated Client Data Base, and the Title II systems, to help resolve their questions or concerns. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: We will disclose records pursuant to the following routine uses; however, we will not disclose any information defined as ‘‘return or return information’’ under 26 U.S.C. 6103 of the Internal Revenue Service Code, unless authorized by statute, the Internal Revenue Service (IRS), or IRS regulations. 1. To a congressional office in response to an inquiry from that office made on behalf of, and at the request of, the subject of the record or third party acting on the subject’s behalf. 2. To the Office of the President in response to an inquiry from that office made on behalf of, and at the request of, the subject of record or a third party acting on the subject’s behalf. 3. To the Department of Justice (DOJ), a court or other tribunal, or another party before such court or tribunal, when: (a) SSA, or any component thereof; or (b) any SSA employee in his/her official capacity; or: (c) any SSA employee in his/her individual capacity where DOJ (or SSA where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where SSA determines the litigation is likely to SSA or any of its components, is a party to the litigation or has an interest in such litigation, and SSA determines that the use of such records by DOJ, a court or other tribunal, or another party before the tribunal is relevant and necessary to the litigation, provided, however, that in each case, the agency determines that disclosure of the records to DOJ, court or other tribunal, or another party is a use of the information contained in the records that is compatible with the PO 00000 Frm 00066 Fmt 4703 Sfmt 4703 36179 purpose for which the records were collected. 4. To contractors and other Federal agencies, as necessary, for assisting SSA in the efficient administration of its programs. We will disclose information under this routine use only when SSA enters into a contractual or similar agreement with the contractor or agency. 5. To student volunteers, individuals working under a personal services contract, and other workers who technically do not have the status of Federal employees, when they are performing work for SSA, as authorized by law, and they need access to personally identifiable information (PII) in SSA records in order to perform their assigned agency functions. 6. To Federal, State and local law enforcement agencies and private security contractors, as appropriate, information necessary: (a) To enable them to protect the safety of SSA employees and customers, the security of the SSA workplace, and the operation of SSA facilities, or (b) to assist in investigations or prosecutions with respect to activities that affect such safety and security or activities that disrupt the operation of SSA facilities. 7. To the National Archives and Records Administration (NARA) under 44 U.S.C. 2904 and 2906. 8. To appropriate Federal, State, and local agencies, entities, and persons when: (a) We suspect or confirm that the security or confidentiality of information in this system of records has been compromised; (b) we determine that, as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interests, identify theft or fraud, or harm to the security or integrity of this system or other systems or programs that rely upon the compromised information; and (c) we determine that disclosing the information to such agencies, entities, and persons is necessary to assist in our efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. 9. To another Federal agency or Federal entity, when the SSA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in: (a) Responding to a suspected or confirmed breach; or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information E:\FR\FM\03AUN1.SGM 03AUN1 36180 Federal Register / Vol. 82, No. 148 / Thursday, August 3, 2017 / Notices systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach. 10. To the Equal Employment Opportunity Commission when requested in connection with investigation into alleged or possible discriminatory practices in the Federal sector, examination of Federal afimative employment programs, compliance by Federal agencies with the Uniform Guidelines on Employee Selection Procedures, or other functions vested in the Commission. 11. To the Merit Systems Protection Board or the Office of Special Counsel in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigations of alleged or possible prohibited personnel practices, and other such functions promulgated in 5 U.S.C. Chapter 12, or as may be required by law. 12. To the Federal Labor Relations Authority, the Office of the Special Counsel, the Federal Mediation and Conciliation Service, the Federal Service Impasses Panel, or an arbitrator requesting information in connection with the investigations of allegations of unfair practices, matters before an arbitrator or the Federal Service Impasses Panel. POLICIES AND PRACTICES FOR STORAGE OF RECORDS: We will maintain records in this system in paper and electronic form. POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: We may retrieve records by the individual’s name, the individual’s SSN, topic of chat, date of communication, an employee’s name, or an employee’s personal identification number (PIN). mstockstill on DSK30JT082PROD with NOTICES POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: These records are currently unscheduled. We retain records in accordance with NARA approved records schedules. In accordance with NARA rules codified at 36 CFR 1225.16, we maintain unscheduled records until NARA approves an agency-specific records schedule or publishes a corresponding General Records Schedule. ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: We retain electronic and paper files with personal identifiers in secure storage areas accessible only by our authorized employees and contractors who have a need for the information VerDate Sep<11>2014 16:35 Aug 02, 2017 Jkt 241001 when performing their official duties. Security measures include, but are not limited to, the use of codes and profiles, PIN and password, and personal identification verification cards. We keep paper records in locked cabinets within secure areas, with access limited to only those employees who have an official need for access in order to perform their duties. We annually provide our employees and contractors with appropriate security awareness training that includes reminders about the need to protect PII and the criminal penalties that apply to unauthorized access to, or disclosure of, PII (5 U.S.C. 552a(i)(1)). Furthermore, employees and contractors with access to databases maintaining PII must sign a sanctions document annually, acknowledging their accountability for inappropriately accessing or disclosing such information. RECORD ACCESS PROCEDURES: CONTESTING RECORD PROCEDURES: Same as record access procedures. Individuals should also reasonably identify the record, specify the Frm 00067 Fmt 4703 Sfmt 4703 NOTIFICATION PROCEDURES: Same as record access procedures. These procedures are in accordance with our regulations at 20 CFR 401.40 and 401.45. EXEMPTIONS PROMULGATED FOR THE SYSTEM: None. HISTORY: None. [FR Doc. 2017–16331 Filed 8–2–17; 8:45 am] BILLING CODE 4191–02–P DEPARTMENT OF STATE [Public Notice: 10065] Individuals may submit requests for information about whether this system contains a record about them by submitting a written request to the system manager at the above address, which includes their name, SSN, or other information that may be in this system of records that will identify them. Individuals requesting notification of, or access to, a record by mail must include (1) a notarized statement to us to verify their identity or (2) must certify in the request that they are the individual they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense. Individuals requesting notification of, or access to, records in person must provide their name, SSN, or other information that may be in this system of records that will identify them, as well as provide an identity document, preferably with a photograph, such as a driver’s license. Individuals lacking identification documents sufficient to establish their identity must certify in writing that they are the individual they claim to be and that they understand that the knowing and willful request for, or acquisition of, a record pertaining to another individual under false pretenses is a criminal offense. These procedures are in accordance with our regulations at 20 CFR 401.40 and 401.45. PO 00000 information they are contesting, and state the corrective action sought and the reasons for the correction with supporting justification showing how the record is incomplete, untimely, inaccurate, or irrelevant. These procedures are in accordance with our regulations at 20 CFR 401.65(a). 60-Day Notice of Proposed Information Collection: Supplemental Questions for Visa Applicants Notice of request for public comment. ACTION: The Department of State is seeking Office of Management and Budget (OMB) approval for the information collection described below. In accordance with the Paperwork Reduction Act of 1995, we are requesting comments on this collection from all interested individuals and organizations. The purpose of this notice is to allow 60 days for public comment preceding submission of the collection to OMB. DATES: The Department will accept comments from the public up to October 2, 2017. ADDRESSES: You may submit comments by any of the following methods: • Web: Persons with access to the Internet may comment on this notice by going to www.Regulations.gov. You can search for the document by entering ‘‘Docket Number: DOS–2017–0032’’ in the Search field. Then click the ‘‘Comment Now’’ button and complete the comment form. • Email: PRA_BurdenComments@ state.gov. You must include the DS form number (if applicable), information collection title, and the OMB control number in any correspondence. FOR FURTHER INFORMATION CONTACT: Direct requests for additional information regarding the collection listed in this notice, including requests SUMMARY: E:\FR\FM\03AUN1.SGM 03AUN1

Agencies

[Federal Register Volume 82, Number 148 (Thursday, August 3, 2017)]
[Notices]
[Pages 36178-36180]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-16331]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION

[Docket No. SSA-2017-0040]


Privacy Act of 1974; System of Records

AGENCY: Deputy Commissioner of Systems, Social Security Administration 
(SSA).

ACTION: Notice of a New System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act we are issuing public 
notice of our intent to establish a new system of records entitled, 
Customer Engagement Tools (CET) Record System (60-0383), hereinafter 
called the CET Record System. We will use this system to maintain the 
information we collect during our electronic communications with those 
individuals who have created a my Social Security account and have been 
authenticated to use online electronic services via the my Social 
Security web portal, and who choose to communicate with us using an 
electronic communication method, such as the Click-to-Chat tool. This 
notice publishes details of the system as set forth under the caption 
SUPPLEMENTARY INFORMATION.

DATES: The System of Records Notice (SORN) is applicable August 3, 
2017, with the exception of the routine uses which are applicable 
[insert date]. We invite public comment on the routine uses or other 
aspects of this SORN. In accordance with 5 U.S.C. 552a(e)(4) and 
(e)(11), the public is given a 30-day period in which to submit 
comments. Therefore, please submit any comments by September 5, 2017.

ADDRESSES: The public, Office of Management and Budget (OMB), and 
Congress may comment on this publication by writing to the Executive 
Director, Office of Privacy and Disclosure, Office of the General 
Counsel, SSA, Room 617 Altmeyer Building, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, or through the Federal e-Rulemaking 
Portal at http://www.regulations.gov. All comments we receive will be 
available for public inspection at the above address and we will post 
them to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Pamela J. Carcirieri, Supervisory 
Government Information Specialist, Privacy Implementation Division, 
Office of Privacy and Disclosure, Office of the General Counsel, SSA, 
Room 617, Altmeyer Building, 6401 Security Boulevard, Baltimore, 
Maryland 21235-6401, telephone (410) 965-0355, email: 
Pamela.Carcirieri@ssa.gov or Elizabeth Boorstein, Government 
Information Specialist, Privacy Implementation Division, Office of 
Privacy and Disclosure, Office of the General Counsel, Social Security 
Administration, Room 617 Altmeyer Building, 6401 Security Boulevard, 
Baltimore, Maryland 21235-6401, telephone: (410) 966-2824, email: 
Elizabeth.Boorstein@ssa.gov.

SUPPLEMENTARY INFORMATION: We are establishing the CET Record System to 
cover information we collect about individuals who choose to use one of 
our electronic communication options to conduct business with SSA 
online. These communication options provide service to our customers, 
and will assist individuals who prefer to communicate with us in a 
dynamic and electronic environment.
    In accordance with 5 U.S.C. 552a(r), we have provided a report to 
OMB and Congress on this new system of records.

    Dated: April 3, 2017.
Mary Ann Zimmerman,
Acting Executive Director, Office of Privacy and Disclosure, Office of 
the General Counsel.
SYSTEM NAME AND NUMBER:
    Customer Engagement Tools (CET) Record System, 60-0383.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Social Security Administration, Deputy Commissioner of Systems, 
Office of IT Business Support, Office of IT Enterprise Business 
Support, Robert M. Ball Building, 6401 Security Boulevard, Baltimore, 
MD 21235.

SYSTEM MANAGER(S):
    Social Security Administration, Deputy Commissioner of Systems,

[[Page 36179]]

Office of IT Business Support, Office of IT Enterprise Business 
Support, Robert M. Ball Building, 6401 Security Boulevard, Baltimore, 
MD 21235.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    General authority to maintain the system is contained in sections 
205(a) and 702(a)(5) of the Social Security Act, as amended (42 U.S.C. 
405(a) and 902(a)(5)).

PURPOSE(S) OF THE SYSTEM:
    We will use this system to maintain the information we collect 
during our electronic communications with individual's who choose to 
communicate with us via one of our electronic communication options to 
conduct business with SSA online. The CET Record System will allow us 
to better serve online users by providing informational and 
programmatic responses to authenticated my Social Security users via 
designated subject experts throughout the country.
    Furthermore, transcripts and communication records may be used for 
employee performance assessments, employee conduct issues, and employee 
disciplinary actions. These materials may also be used to help 
determine individual employee, unit, and office-wide training needs, as 
well as the quality of responses, trends, public reactions to policies, 
legislation, and other public announcements. The transcripts and 
records may be used to train SSA management service observers to ensure 
uniform and consistent evaluation criteria and as documentation for any 
disciplinary and performance-based actions. The transcripts and records 
may be redacted of beneficiary information if the information is not 
relevant and necessary for this purpose, or changed to protect privacy, 
before use.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who have created a my Social Security account and have 
been authenticated to use online electronic services via the my Social 
Security web portal.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system maintains information either provided by an individual 
or collected in transcripts and records during the electronic 
communication with a designated SSA employee. This information may 
include the individual's name, SSN, date of birth, parent name(s), 
address, and place of birth. Additional information may be included in 
the electronic communication, which may include information about an 
individual's Social Security benefits or other business the individual 
has with the agency. Information about the designated SSA employee will 
also be collected, including the employee's Personal Identification 
Number (PIN) and chosen display name.

RECORD SOURCE CATEGORIES:
    We obtain information in this system from those individuals who 
choose to communicate with us using an electronic communication method. 
Depending on the individual's inquiry, we may also access individuals' 
information from other SSA sources, such as the Enumeration System, the 
Integrated Client Data Base, and the Title II systems, to help resolve 
their questions or concerns.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    We will disclose records pursuant to the following routine uses; 
however, we will not disclose any information defined as ``return or 
return information'' under 26 U.S.C. 6103 of the Internal Revenue 
Service Code, unless authorized by statute, the Internal Revenue 
Service (IRS), or IRS regulations.
    1. To a congressional office in response to an inquiry from that 
office made on behalf of, and at the request of, the subject of the 
record or third party acting on the subject's behalf.
    2. To the Office of the President in response to an inquiry from 
that office made on behalf of, and at the request of, the subject of 
record or a third party acting on the subject's behalf.
    3. To the Department of Justice (DOJ), a court or other tribunal, 
or another party before such court or tribunal, when:
    (a) SSA, or any component thereof; or
    (b) any SSA employee in his/her official capacity; or:
    (c) any SSA employee in his/her individual capacity where DOJ (or 
SSA where it is authorized to do so) has agreed to represent the 
employee; or
    (d) the United States or any agency thereof where SSA determines 
the litigation is likely to SSA or any of its components, is a party to 
the litigation or has an interest in such litigation, and SSA 
determines that the use of such records by DOJ, a court or other 
tribunal, or another party before the tribunal is relevant and 
necessary to the litigation, provided, however, that in each case, the 
agency determines that disclosure of the records to DOJ, court or other 
tribunal, or another party is a use of the information contained in the 
records that is compatible with the purpose for which the records were 
collected.
    4. To contractors and other Federal agencies, as necessary, for 
assisting SSA in the efficient administration of its programs. We will 
disclose information under this routine use only when SSA enters into a 
contractual or similar agreement with the contractor or agency.
    5. To student volunteers, individuals working under a personal 
services contract, and other workers who technically do not have the 
status of Federal employees, when they are performing work for SSA, as 
authorized by law, and they need access to personally identifiable 
information (PII) in SSA records in order to perform their assigned 
agency functions.
    6. To Federal, State and local law enforcement agencies and private 
security contractors, as appropriate, information necessary:
    (a) To enable them to protect the safety of SSA employees and 
customers, the security of the SSA workplace, and the operation of SSA 
facilities, or
    (b) to assist in investigations or prosecutions with respect to 
activities that affect such safety and security or activities that 
disrupt the operation of SSA facilities.
    7. To the National Archives and Records Administration (NARA) under 
44 U.S.C. 2904 and 2906.
    8. To appropriate Federal, State, and local agencies, entities, and 
persons when:
    (a) We suspect or confirm that the security or confidentiality of 
information in this system of records has been compromised;
    (b) we determine that, as a result of the suspected or confirmed 
compromise, there is a risk of harm to economic or property interests, 
identify theft or fraud, or harm to the security or integrity of this 
system or other systems or programs that rely upon the compromised 
information; and
    (c) we determine that disclosing the information to such agencies, 
entities, and persons is necessary to assist in our efforts to respond 
to the suspected or confirmed compromise and prevent, minimize, or 
remedy such harm.
    9. To another Federal agency or Federal entity, when the SSA 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in:
    (a) Responding to a suspected or confirmed breach; or
    (b) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information

[[Page 36180]]

systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    10. To the Equal Employment Opportunity Commission when requested 
in connection with investigation into alleged or possible 
discriminatory practices in the Federal sector, examination of Federal 
afimative employment programs, compliance by Federal agencies with the 
Uniform Guidelines on Employee Selection Procedures, or other functions 
vested in the Commission.
    11. To the Merit Systems Protection Board or the Office of Special 
Counsel in connection with appeals, special studies of the civil 
service and other merit systems, review of rules and regulations, 
investigations of alleged or possible prohibited personnel practices, 
and other such functions promulgated in 5 U.S.C. Chapter 12, or as may 
be required by law.
    12. To the Federal Labor Relations Authority, the Office of the 
Special Counsel, the Federal Mediation and Conciliation Service, the 
Federal Service Impasses Panel, or an arbitrator requesting information 
in connection with the investigations of allegations of unfair 
practices, matters before an arbitrator or the Federal Service Impasses 
Panel.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    We will maintain records in this system in paper and electronic 
form.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    We may retrieve records by the individual's name, the individual's 
SSN, topic of chat, date of communication, an employee's name, or an 
employee's personal identification number (PIN).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are currently unscheduled. We retain records in 
accordance with NARA approved records schedules. In accordance with 
NARA rules codified at 36 CFR 1225.16, we maintain unscheduled records 
until NARA approves an agency-specific records schedule or publishes a 
corresponding General Records Schedule.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    We retain electronic and paper files with personal identifiers in 
secure storage areas accessible only by our authorized employees and 
contractors who have a need for the information when performing their 
official duties. Security measures include, but are not limited to, the 
use of codes and profiles, PIN and password, and personal 
identification verification cards. We keep paper records in locked 
cabinets within secure areas, with access limited to only those 
employees who have an official need for access in order to perform 
their duties.
    We annually provide our employees and contractors with appropriate 
security awareness training that includes reminders about the need to 
protect PII and the criminal penalties that apply to unauthorized 
access to, or disclosure of, PII (5 U.S.C. 552a(i)(1)). Furthermore, 
employees and contractors with access to databases maintaining PII must 
sign a sanctions document annually, acknowledging their accountability 
for inappropriately accessing or disclosing such information.

RECORD ACCESS PROCEDURES:
    Individuals may submit requests for information about whether this 
system contains a record about them by submitting a written request to 
the system manager at the above address, which includes their name, 
SSN, or other information that may be in this system of records that 
will identify them. Individuals requesting notification of, or access 
to, a record by mail must include (1) a notarized statement to us to 
verify their identity or (2) must certify in the request that they are 
the individual they claim to be and that they understand that the 
knowing and willful request for, or acquisition of, a record pertaining 
to another individual under false pretenses is a criminal offense.
    Individuals requesting notification of, or access to, records in 
person must provide their name, SSN, or other information that may be 
in this system of records that will identify them, as well as provide 
an identity document, preferably with a photograph, such as a driver's 
license. Individuals lacking identification documents sufficient to 
establish their identity must certify in writing that they are the 
individual they claim to be and that they understand that the knowing 
and willful request for, or acquisition of, a record pertaining to 
another individual under false pretenses is a criminal offense.
    These procedures are in accordance with our regulations at 20 CFR 
401.40 and 401.45.

CONTESTING RECORD PROCEDURES:
    Same as record access procedures. Individuals should also 
reasonably identify the record, specify the information they are 
contesting, and state the corrective action sought and the reasons for 
the correction with supporting justification showing how the record is 
incomplete, untimely, inaccurate, or irrelevant. These procedures are 
in accordance with our regulations at 20 CFR 401.65(a).

NOTIFICATION PROCEDURES:
    Same as record access procedures. These procedures are in 
accordance with our regulations at 20 CFR 401.40 and 401.45.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.
[FR Doc. 2017-16331 Filed 8-2-17; 8:45 am]
BILLING CODE 4191-02-P