Privacy Act of 1974; System of Records, 73353-73356 [2020-25298]

Download as PDF Federal Register / Vol. 85, No. 222 / Tuesday, November 17, 2020 / Notices respond to, a collection of information unless the collection of information displays a valid OMB control number. Books or records relating to a collection of information must be retained as long as their contents may become material in the administration of any internal revenue law. Generally, tax returns and tax return information are confidential, as required by 26 U.S.C. 6103. Request for Comments: Comments submitted in response to this notice will be summarized and/or included in the request for OMB approval. All comments will become a matter of public record. Comments are invited on: (a) Whether the collection of information is necessary for the proper performance of the functions of the agency, including whether the information shall have practical utility; (b) the accuracy of the agency’s estimate of the burden of the collection of information; (c) ways to enhance the quality, utility, and clarity of the information to be collected; (d) ways to minimize the burden of the collection of information on respondents, including through the use of automated collection techniques or other forms of information technology; and (e) estimates of capital or start-up costs and costs of operation, maintenance, and purchase of services to provide information. Approved: November 12, 2020. Sara L. Covington, IRS Tax Analyst. [FR Doc. 2020–25339 Filed 11–16–20; 8:45 am] BILLING CODE 4830–01–P DEPARTMENT OF THE TREASURY Privacy Act of 1974; System of Records Department of the Treasury. Notice of a modified system of AGENCY: ACTION: records. In accordance with the requirements of the Privacy Act of 1974, as amended, the Department is publishing its modified Privacy Act systems of record. DATES: Submit comments on or before December 17, 2020. ADDRESSES: Comments may be submitted to the Federal eRulemaking Portal electronically at https:// www.regulations.gov. Comments can also be sent to the Deputy Assistant Secretary for Privacy, Transparency, and Records, Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220, Attention: Revisions to Privacy Act Systems of Records. All comments received, SUMMARY: VerDate Sep<11>2014 19:46 Nov 16, 2020 Jkt 253001 including attachments and other supporting documents, are part of the public record and subject to public disclosure. All comments received will be posted without change to www.regulations.gov, including any personal information provided. You should submit only information that you wish to make publicly available. For general questions and for privacy issues please contact: Ryan Law, Deputy Assistant Secretary for Privacy, Transparency, and Records (202–622– 5710), Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220. FOR FURTHER INFORMATION CONTACT: Pursuant to the Privacy Act of 1974, 5 U.S.C. 552 and the Office of Management and Budget (OMB) Circular No. A–130, the Department of the Treasury has completed a review of Treasury .015— General Information Technology Access Account Records Privacy Act system of records notice to identify minor changes that will more accurately describe the record. Minor changes throughout the document are editorial in nature and consist principally of changes to system locations, system manager addresses, and revisions to titles. The notice was last published in its entirety on November 7, 2016, at 81 FR 78266. The categories of records have been updated to include such information as driver’s license numbers, photographs, and universally unique identifier (UUID). Finally, the routine uses have been updated to include the breach response routine uses (M) and (N) published at 85 FR 36460 in accordance with OMB M–17–12 for the disclosure of information necessary to respond to a breach either of Treasury’s PII or, appropriate, to assist another agency in its response to a breach. The system enables Treasury to maintain: Account information required for approved access to information technology; contractor-provided identity proofing, authentication, and group affiliation verification in support of Treasury Bureaus and Departmental Offices; lists of individuals who are appropriate organizational points of contact; and lists of individuals who are emergency points of contact. In addition, the system will enable Treasury to collect records allowing individuals access to specific meetings and programs where supplemental information is required and, where appropriate, to facilitate collaboration by allowing individuals in the same operational program to share information. SUPPLEMENTARY INFORMATION: PO 00000 Frm 00096 Fmt 4703 Sfmt 4703 73353 Treasury has provided a report of this system of records to the Committee on Oversight and Government Reform of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate, and OMB, pursuant to 5 U.S.C. 552a(r) and OMB Circular A–108, ‘‘Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act,’’ dated December 23, 2016. Ryan Law, Deputy Assistant Secretary for Privacy, Transparency, and Records. SYSTEM NAME AND NUMBER: Department of the Treasury .015— General Information Technology Access Account Records. SECURITY CLASSIFICATION: Unclassified. SYSTEM LOCATION: The records are located at Main Treasury and in other Treasury bureaus and offices, both in Washington, DC and at field locations as follows: (1) Departmental Offices: 1500 Pennsylvania Ave. NW, Washington, DC 20220; (2) Alcohol and Tobacco Tax and Trade Bureau: 1310 G St. NW, Washington, DC 20220. (3) Office of the Comptroller of the Currency: Constitution Center, 400 Seventh St. SW, Washington, DC 20024; (4) Fiscal Service: Liberty Center Building, 401 14th St. SW, Washington, DC 20227; (5) Internal Revenue Service: 1111 Constitution Ave. NW, Washington, DC 20224; (6) United States Mint: 801 Ninth St. NW, Washington, DC 20220; (7) Bureau of Engraving and Printing: Eastern Currency Facility, 14th and C Streets SW, Washington, DC 20228 and Western Currency Facility, 9000 Blue Mound Rd., Fort Worth, TX 76131; (8) Financial Crimes Enforcement Network: Vienna, VA 22183; (9) Special Inspector General for the Troubled Asset Relief Program (SIGTARP): 1801 L St. NW, Washington, DC 20220; (10) Office of Inspector General: 740 15th St. NW, Washington, DC 20220; and (11) Office of the Treasury Inspector General for Tax Administration: 1125 15th St. NW, Suite 700A, Washington, DC 20005. SYSTEM MANAGER(S): DASIT/CIO, Department of the Treasury, 1500 Pennsylvania Ave. NW, Washington, DC 20220. E:\FR\FM\17NON1.SGM 17NON1 73354 Federal Register / Vol. 85, No. 222 / Tuesday, November 17, 2020 / Notices AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 44 U.S.C. 3101; E.O. 9397, as amended by E.O. 13487; and 44 U.S.C. 3534. PURPOSE(S) OF THE SYSTEM: This system will allow Treasury to collect a discrete set of personally identifiable information to allow authorized individuals (including members of the public) access to, or interact with, Treasury information technology resources, and allow Treasury to track use of its information technology resources. The system enables Treasury to maintain: Account information required for approved access to information technology; lists of individuals who are appropriate organizational points of contact; and lists of individuals who are emergency points of contact. The system will also enable Treasury to provide individuals access to certain meetings and programs where additional information is required and, where appropriate, facilitate collaboration by allowing individuals in the same operational program to share information. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: • All persons who are authorized to access Treasury information technology resources (either directly or via contractor-provided validation services), including employees, contractors, grantees, fiscal agents, financial agents, interns, detailees, members of the public, and any lawfully designated representative of the above as well as representatives of federal, state, territorial, tribal, local, international, or foreign government agencies or entities, in furtherance of the Treasury mission. • Individuals who serve on Treasury boards and committees; • Individuals who provide personal information to Treasury or a Treasury contractor to facilitate access to Treasury information technology resources; • Industry points-of-contact providing business contact information for conducting business with government agencies; • Industry points-of-contact emergency contact information in case of an injury or medical notification; • Individuals who voluntarily join a Treasury-owned and operated web portal for collaboration purposes; and • Individuals who request access but are denied, or who have had their access to Treasury information systems revoked. CATEGORIES OF RECORDS IN THE SYSTEM: • Driver’s License Numbers; VerDate Sep<11>2014 19:46 Nov 16, 2020 Jkt 253001 • Photographs; • Universally Unique Identifier (UUID) or other assigned identifier; • Social Security number; • Business name; • Job title; • Business contact information; • Personal contact information; • Pager numbers; • Others phone numbers or contact information provided by individuals while on travel or otherwise away from the office or home; • Citizenship; • Level of access; • Home addresses; • Business addresses; • Personal and business electronic mail addresses of senders and recipients; • Justification for access to Treasury computers, networks, or systems; • Verification of training requirements or other prerequisite requirements for access to Treasury computers, networks, or systems; • Records on the authentication of a request for access to a Treasury IT resource, including names, phone numbers of other contacts, and positions or business/organizational affiliations and titles of individuals who can verify an individual’s need for access to a Treasury IT resource and validate their identity before access is granted. • Records on access to Treasury computers and networks including user IDs and passwords; • Registration numbers or IDs associated with Treasury information technology resources; • Date and time of access to Treasury IT resources; • Tax returns and tax return information; • Logs of activity when accessing and using Treasury information technology resources; • Internet Protocol address of visitors to Treasury websites (a unique number identifying the computer from which a member of the public or others access Treasury IT resources); and • Logs of individuals’ internet activity while using Treasury IT resources. RECORD SOURCE CATEGORIES: Information contained in this system is obtained from affected individuals, organizations, and facilities; public source data; other government agencies; and information already in other Treasury records systems. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES: Disclosure of tax returns and tax return information may be made only as PO 00000 Frm 00097 Fmt 4703 Sfmt 4703 allowed by 26 U.S.C. 6103. In addition to those disclosures generally permitted under 5 U.S.C. 552a (b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside Treasury as a routine use pursuant to 5 U.S.C. 552a (b) (3), as follows: A. To the Department of Justice (including United States Attorneys’ Offices) or other federal agencies conducting litigation or in proceedings before any court or adjudicative or administrative body, when it is relevant or necessary to the litigation and one of the following is a party to the litigation or has an interest in such litigation: 1. Treasury or any component thereof; 2. Any employee of Treasury in his/ her official capacity; 3. Any employee of Treasury in his/ her individual capacity where the Department of Justice or Treasury has agreed to represent the employee; or 4. The United States or any agency thereof. B. To a congressional office from the record of an individual in response to an inquiry from that congressional office made at the request of the individual to whom the record pertains. C. To the National Archives and Records Administration or General Services Administration pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906. D. To an agency or organization for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function. E. To appropriate agencies, entities, and persons when: 1. Treasury suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; 2. The disclosure made to such agencies, entities, and persons as is reasonably necessary to assist in connection with Treasury’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. F. To contractors and their agents, grantees, experts, consultants, fiscal agent, financial agents, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for Treasury, when necessary to accomplish an agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on E:\FR\FM\17NON1.SGM 17NON1 Federal Register / Vol. 85, No. 222 / Tuesday, November 17, 2020 / Notices disclosure as are applicable to Treasury officers and employees. G. To an appropriate federal, state, tribal, local, international, or foreign law enforcement agency or other appropriate authority charged with investigating or prosecuting a violation or enforcing or implementing a law, rule, regulation, or order, where a record, either on its face or in conjunction with other information, indicates a violation or potential violation of law, which includes criminal, civil, or regulatory violations and such disclosure is proper and consistent with the official duties of the person making the disclosure. H. To sponsors, employers, contractors, facility operators, grantees, experts, fiscal agents, financial agents, and consultants in connection with establishing an access account for an individual or maintaining appropriate points of contact and when necessary to accomplish a Treasury mission function or objective related to this system of records. I. To other individuals in the same operational program supported by an information technology resource, where appropriate notice to the individual has been made that his or her contact information will be shared with other members of the same operational program in order to facilitate collaboration. J. To federal agencies such as the Office of Personnel Management, the Merit Systems Protection Board, the Office of Management and Budget, the Federal Labor Relations Authority, the Government Accountability Office, and the Equal Employment Opportunity Commission in the fulfillment of these agencies’ official duties. K. To international, federal, state, local, tribal, or private entities for the purpose of the regular exchange of business contact information in order to facilitate collaboration for official business. L. To the news media and the public, with the approval of the Senior Agency Official for Privacy, or her designee, in consultation with counsel, when there exists a legitimate public interest in the disclosure of the information or when disclosure is necessary to preserve confidence in the integrity of Treasury or is necessary to demonstrate the accountability of Treasury’s officers, employees, or individuals covered by the system, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy. M. To appropriate agencies, entities, and persons when (1) the Department of VerDate Sep<11>2014 19:46 Nov 16, 2020 Jkt 253001 the Treasury and/or Treasury bureau suspects or has confirmed that there has been a breach of the system of records; (2) the Department of the Treasury and/ or Treasury bureau has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Department of the Treasury and/or Treasury bureau(s) (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department of the Treasury’s and/or Treasury bureau’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm; N. To another Federal agency or Federal entity, when the Department of the Treasury and/or Treasury bureau determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach. POLICIES AND PRACTICES FOR STORAGE OF RECORDS: Records in this system are on paper and/or in digital or other electronic form. Digital and other electronic images are stored on a storage area network in a secured environment. Records, whether paper or electronic, may be stored at the Treasury Headquarters or at the bureau or office level. POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: Records may be retrieved by an identification number assigned by computer, by facility, by business affiliation, email address, or by the name of the individual, or other employee data fields previously identified in this System of Records Notice. POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: Records are securely retained and disposed of in accordance with the National Archives and Records Administration’s General Records Schedule 24, section 6, ‘‘User Identification, Profiles, Authorizations, and Password Files.’’ Inactive records will be destroyed or deleted 6 years after the user account is terminated or PO 00000 Frm 00098 Fmt 4703 Sfmt 4703 73355 password is altered, or when no longer needed for investigative or security purposes, whichever is later. ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: Information in this system is safeguarded in accordance with applicable laws, rules, and policies, including Treasury Directive 85–01, Department of the Treasury Information Technology (IT) Security Program. Further, Treasury .015—General Information Technology Access Account Records system of records security protocols will meet multiple National Institute of Standards and Technology security standards from authentication to certification and authorization. Records in the Treasury .015—General Information Technology Access Account Records system of records will be maintained in a secure, password protected electronic system that will utilize security hardware and software to include: Multiple firewalls, active intruder detection, and role-based access controls. Additional safeguards will vary by component and program. All records are protected from unauthorized access through appropriate administrative, physical, and technical safeguards. These safeguards include restricting access to authorized personnel who have a ‘‘need to know,’’ using locks, and password protection identification features. Treasury file areas are locked after normal duty hours and the facilities are protected by security personnel who monitor access to and egress from Treasury facilities. RECORD ACCESS PROCEDURES: See ‘‘Notification Procedures’’ below. CONTESTING RECORD PROCEDURES: See ‘‘Notification Procedures’’ below. NOTIFICATION PROCEDURES: Individuals seeking notification of and access to any record contained in this system of records, or seeking to contest its content, may submit a request in writing, in accordance with Treasury’s Privacy Act regulations (located at 31 CFR 1.26), to the Freedom of Information Act (FOIA) and Transparency Liaison, whose contact information can be found at https:// www.treasury.gov/FOIA/Pages/ index.aspx under ‘‘FOIA Requester Service Centers and FOIA Liaison.’’ If an individual believes more than one bureau maintains Privacy Act records concerning him or her, the individual may submit the request to the Office of Privacy, Transparency, and Records, FOIA and Transparency, Department of E:\FR\FM\17NON1.SGM 17NON1 73356 Federal Register / Vol. 85, No. 222 / Tuesday, November 17, 2020 / Notices U.S.-China Economic and Security Review Commission. ACTION: Notice of open public event. Commission. The Commission is mandated by Congress to investigate, assess, and report to Congress annually on ‘‘the national security implications of the economic relationship between the United States and the People’s Republic of China.’’ Pursuant to this mandate, the Commission will hold a virtual public release of its 2020 Annual Report to Congress in Washington, DC, on December 1, 2020. DATES: The release is scheduled for Tuesday, December 1, 2020 at 10:30 a.m. ADDRESSES: This release will be held online. Members of the public will be able to view a live webcast via the Commission’s website at www.uscc.gov. Please check the Commission’s website for possible changes to the event schedule and instructions on how to submit questions or participate in the question and answer session. Reservations are not required to attend. FOR FURTHER INFORMATION CONTACT: Any member of the public seeking further information concerning the event should contact Jameson Cunningham, 444 North Capitol Street NW, Suite 602, Washington, DC 20001; telephone: 202– 624–1496, or via email at jcunningham@ uscc.gov. Reservations are not required to attend. ADA Accessibility: For questions about the accessibility of the event or to request an accommodation, please contact Jameson Cunningham at 202– 624–1496, or via email at jcunningham@ uscc.gov. Requests for an accommodation should be made as soon as possible, and at least five business days prior to the event. SUPPLEMENTARY INFORMATION: Topics To Be Discussed: The Commission’s 2020 Annual Report to Congress addresses key findings and recommendations for Congressional action based upon the Commission’s hearings, research, and review of the areas designated by Congress in its mandate, including focused work this year on: China’s view of strategic competition with the United States; China’s promotion of alternative global norms and standards; China’s strategic aims in Africa; vulnerabilities in China’s financial system and risks for the United States; U.S.-China links in healthcare and biotechnology; China’s growing power projection and expeditionary capabilities; Taiwan; Hong Kong; and a review of economics, trade, security, political, and foreign affairs developments in 2020. Notice is hereby given of the following open public event of the U.S.China Economic and Security Review Authority: Congress created the U.S.-China Economic and Security Review Commission in 2000 in the National Defense Authorization Act (Pub. L. 106–398), as the Treasury, 1500 Pennsylvania Ave. NW, Washington, DC 20220. No specific form is required, but a request must be written and: • Be signed and either notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization; • State that the request is made pursuant to the FOIA and/or Privacy Act disclosure regulations; • Include information that will enable the processing office to determine the fee category of the user; • Addressed to the bureau that maintains the record (in order for a request to be properly received by the Department, the request must be received in the appropriate bureau’s disclosure office); • Reasonably describe the records; • Give the address where the determination letter is to be sent; • State whether or not the requester wishes to inspect the records or have a copy made without first inspecting them; and • Include a firm agreement from the requester to pay fees for search, duplication, or review, as appropriate. In the absence of a firm agreement to pay, the requester may submit a request for a waiver or reduction of fees, along with justification of how such a waiver request meets the criteria for a waiver or reduction of fees found in the FOIA statute at 5 U.S.C. 552(a)(4)(A)(iii). You may also submit your request online at https://rdgw.treasury.gov/foia/ pages/gofoia.aspx and call 1–202–622– 0930 with questions. EXEMPTIONS PROMULGATED FOR THE SYSTEM: None. HISTORY: Notice of this system of records was last published in full in the Federal Register on November 7, 2016 (81 FR 78266) as the Department of the Treasury .015—General Information Technology Access Account Records [FR Doc. 2020–25298 Filed 11–16–20; 8:45 am] BILLING CODE 4810–25–P U.S.-CHINA ECONOMIC AND SECURITY REVIEW COMMISSION Notice of Open Public Event AGENCY: SUMMARY: VerDate Sep<11>2014 19:46 Nov 16, 2020 Jkt 253001 PO 00000 Frm 00099 Fmt 4703 Sfmt 4703 amended by Division P of the Consolidated Appropriations Resolution, 2003 (Pub. L. 108–7), as amended by Public Law 109–108 (November 22, 2005), as amended by Public Law 113–291 (December 19, 2014). Dated: November 12, 2020. Daniel W. Peck, Executive Director, U.S.-China Economic and Security Review Commission. [FR Doc. 2020–25347 Filed 11–16–20; 8:45 am] BILLING CODE 1137–00–P DEPARTMENT OF VETERANS AFFAIRS Privacy Act of 1974; Matching Program AGENCY: Department of Veterans Affairs (VA). Notice of a new matching program. ACTION: This re-established computer matching agreement (CMA) sets forth the terms, conditions, and safeguards under which the Internal Revenue Service (IRS) will disclose return information, relating to unearned income, to the Department of Veterans Affairs (VA), Veterans Benefits Administration (VBA) for the Disclosure of Information to Federal, State and Local Agencies (DIFSLA). The purpose of this CMA is to make available to VBA certain return information needed to determine eligibility for, and amount of benefits for, VBA applicants and beneficiaries of needs-based benefits, and to adjust income-dependent benefit payments, as prescribed by law. Currently, the most cost effective and efficient way to verify annual income of applicants, and recipients of these benefits, is through a computer match. DATES: Comments on this matching notice must be received no later than 30 days after date of publication in the Federal Register. If no public comments are received during the period allowed for comment, the re-established agreement will become effective January 1, 2021 provided it is a minimum of 30 days after the publication date. If VA receives public comments, VA shall review the substance of the comments to determine whether or not VA needs to take other actions. The CMA will be effective 30 days after the publication date even, if public comments are received. This matching program will be valid for 18 months from the effective date of this notice. ADDRESSES: Comments may be submitted through www.Regulations.gov or mailed to VA Privacy Service, 810 Vermont Avenue NW, (005R1A), Washington, DC 20420. Comments should indicate that they are submitted SUMMARY: E:\FR\FM\17NON1.SGM 17NON1

Agencies

[Federal Register Volume 85, Number 222 (Tuesday, November 17, 2020)]
[Notices]
[Pages 73353-73356]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-25298]


-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY


Privacy Act of 1974; System of Records

AGENCY: Department of the Treasury.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the requirements of the Privacy Act of 
1974, as amended, the Department is publishing its modified Privacy Act 
systems of record.

DATES: Submit comments on or before December 17, 2020.

ADDRESSES: Comments may be submitted to the Federal eRulemaking Portal 
electronically at https://www.regulations.gov. Comments can also be sent 
to the Deputy Assistant Secretary for Privacy, Transparency, and 
Records, Department of the Treasury, 1500 Pennsylvania Avenue NW, 
Washington, DC 20220, Attention: Revisions to Privacy Act Systems of 
Records. All comments received, including attachments and other 
supporting documents, are part of the public record and subject to 
public disclosure. All comments received will be posted without change 
to www.regulations.gov, including any personal information provided. 
You should submit only information that you wish to make publicly 
available.

FOR FURTHER INFORMATION CONTACT: For general questions and for privacy 
issues please contact: Ryan Law, Deputy Assistant Secretary for 
Privacy, Transparency, and Records (202-622-5710), Department of the 
Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220.

SUPPLEMENTARY INFORMATION: Pursuant to the Privacy Act of 1974, 5 
U.S.C. 552 and the Office of Management and Budget (OMB) Circular No. 
A-130, the Department of the Treasury has completed a review of 
Treasury .015--General Information Technology Access Account Records 
Privacy Act system of records notice to identify minor changes that 
will more accurately describe the record. Minor changes throughout the 
document are editorial in nature and consist principally of changes to 
system locations, system manager addresses, and revisions to titles. 
The notice was last published in its entirety on November 7, 2016, at 
81 FR 78266.
    The categories of records have been updated to include such 
information as driver's license numbers, photographs, and universally 
unique identifier (UUID). Finally, the routine uses have been updated 
to include the breach response routine uses (M) and (N) published at 85 
FR 36460 in accordance with OMB M-17-12 for the disclosure of 
information necessary to respond to a breach either of Treasury's PII 
or, appropriate, to assist another agency in its response to a breach.
    The system enables Treasury to maintain: Account information 
required for approved access to information technology; contractor-
provided identity proofing, authentication, and group affiliation 
verification in support of Treasury Bureaus and Departmental Offices; 
lists of individuals who are appropriate organizational points of 
contact; and lists of individuals who are emergency points of contact. 
In addition, the system will enable Treasury to collect records 
allowing individuals access to specific meetings and programs where 
supplemental information is required and, where appropriate, to 
facilitate collaboration by allowing individuals in the same 
operational program to share information.
    Treasury has provided a report of this system of records to the 
Committee on Oversight and Government Reform of the House of 
Representatives, the Committee on Homeland Security and Governmental 
Affairs of the Senate, and OMB, pursuant to 5 U.S.C. 552a(r) and OMB 
Circular A-108, ``Federal Agency Responsibilities for Review, 
Reporting, and Publication under the Privacy Act,'' dated December 23, 
2016.

Ryan Law,
Deputy Assistant Secretary for Privacy, Transparency, and Records.

SYSTEM NAME AND NUMBER:
    Department of the Treasury .015--General Information Technology 
Access Account Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    The records are located at Main Treasury and in other Treasury 
bureaus and offices, both in Washington, DC and at field locations as 
follows:
    (1) Departmental Offices: 1500 Pennsylvania Ave. NW, Washington, DC 
20220;
    (2) Alcohol and Tobacco Tax and Trade Bureau: 1310 G St. NW, 
Washington, DC 20220.
    (3) Office of the Comptroller of the Currency: Constitution Center, 
400 Seventh St. SW, Washington, DC 20024;
    (4) Fiscal Service: Liberty Center Building, 401 14th St. SW, 
Washington, DC 20227;
    (5) Internal Revenue Service: 1111 Constitution Ave. NW, 
Washington, DC 20224;
    (6) United States Mint: 801 Ninth St. NW, Washington, DC 20220;
    (7) Bureau of Engraving and Printing: Eastern Currency Facility, 
14th and C Streets SW, Washington, DC 20228 and Western Currency 
Facility, 9000 Blue Mound Rd., Fort Worth, TX 76131;
    (8) Financial Crimes Enforcement Network: Vienna, VA 22183;
    (9) Special Inspector General for the Troubled Asset Relief Program 
(SIGTARP): 1801 L St. NW, Washington, DC 20220;
    (10) Office of Inspector General: 740 15th St. NW, Washington, DC 
20220; and
    (11) Office of the Treasury Inspector General for Tax 
Administration: 1125 15th St. NW, Suite 700A, Washington, DC 20005.

SYSTEM MANAGER(S):
    DASIT/CIO, Department of the Treasury, 1500 Pennsylvania Ave. NW, 
Washington, DC 20220.

[[Page 73354]]

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    44 U.S.C. 3101; E.O. 9397, as amended by E.O. 13487; and 44 U.S.C. 
3534.

PURPOSE(S) OF THE SYSTEM:
    This system will allow Treasury to collect a discrete set of 
personally identifiable information to allow authorized individuals 
(including members of the public) access to, or interact with, Treasury 
information technology resources, and allow Treasury to track use of 
its information technology resources. The system enables Treasury to 
maintain: Account information required for approved access to 
information technology; lists of individuals who are appropriate 
organizational points of contact; and lists of individuals who are 
emergency points of contact. The system will also enable Treasury to 
provide individuals access to certain meetings and programs where 
additional information is required and, where appropriate, facilitate 
collaboration by allowing individuals in the same operational program 
to share information.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
     All persons who are authorized to access Treasury 
information technology resources (either directly or via contractor-
provided validation services), including employees, contractors, 
grantees, fiscal agents, financial agents, interns, detailees, members 
of the public, and any lawfully designated representative of the above 
as well as representatives of federal, state, territorial, tribal, 
local, international, or foreign government agencies or entities, in 
furtherance of the Treasury mission.
     Individuals who serve on Treasury boards and committees;
     Individuals who provide personal information to Treasury 
or a Treasury contractor to facilitate access to Treasury information 
technology resources;
     Industry points-of-contact providing business contact 
information for conducting business with government agencies;
     Industry points-of-contact emergency contact information 
in case of an injury or medical notification;
     Individuals who voluntarily join a Treasury-owned and 
operated web portal for collaboration purposes; and
     Individuals who request access but are denied, or who have 
had their access to Treasury information systems revoked.

CATEGORIES OF RECORDS IN THE SYSTEM:
     Driver's License Numbers;
     Photographs;
     Universally Unique Identifier (UUID) or other assigned 
identifier;
     Social Security number;
     Business name;
     Job title;
     Business contact information;
     Personal contact information;
     Pager numbers;
     Others phone numbers or contact information provided by 
individuals while on travel or otherwise away from the office or home;
     Citizenship;
     Level of access;
     Home addresses;
     Business addresses;
     Personal and business electronic mail addresses of senders 
and recipients;
     Justification for access to Treasury computers, networks, 
or systems;
     Verification of training requirements or other 
prerequisite requirements for access to Treasury computers, networks, 
or systems;
     Records on the authentication of a request for access to a 
Treasury IT resource, including names, phone numbers of other contacts, 
and positions or business/organizational affiliations and titles of 
individuals who can verify an individual's need for access to a 
Treasury IT resource and validate their identity before access is 
granted.
     Records on access to Treasury computers and networks 
including user IDs and passwords;
     Registration numbers or IDs associated with Treasury 
information technology resources;
     Date and time of access to Treasury IT resources;
     Tax returns and tax return information;
     Logs of activity when accessing and using Treasury 
information technology resources;
     Internet Protocol address of visitors to Treasury websites 
(a unique number identifying the computer from which a member of the 
public or others access Treasury IT resources); and
     Logs of individuals' internet activity while using 
Treasury IT resources.

RECORD SOURCE CATEGORIES:
    Information contained in this system is obtained from affected 
individuals, organizations, and facilities; public source data; other 
government agencies; and information already in other Treasury records 
systems.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    Disclosure of tax returns and tax return information may be made 
only as allowed by 26 U.S.C. 6103. In addition to those disclosures 
generally permitted under 5 U.S.C. 552a (b) of the Privacy Act, all or 
a portion of the records or information contained in this system may be 
disclosed outside Treasury as a routine use pursuant to 5 U.S.C. 552a 
(b) (3), as follows:
    A. To the Department of Justice (including United States Attorneys' 
Offices) or other federal agencies conducting litigation or in 
proceedings before any court or adjudicative or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    1. Treasury or any component thereof;
    2. Any employee of Treasury in his/her official capacity;
    3. Any employee of Treasury in his/her individual capacity where 
the Department of Justice or Treasury has agreed to represent the 
employee; or
    4. The United States or any agency thereof.
    B. To a congressional office from the record of an individual in 
response to an inquiry from that congressional office made at the 
request of the individual to whom the record pertains.
    C. To the National Archives and Records Administration or General 
Services Administration pursuant to records management inspections 
being conducted under the authority of 44 U.S.C. 2904 and 2906.
    D. To an agency or organization for the purpose of performing audit 
or oversight operations as authorized by law, but only such information 
as is necessary and relevant to such audit or oversight function.
    E. To appropriate agencies, entities, and persons when:
    1. Treasury suspects or has confirmed that the security or 
confidentiality of information in the system of records has been 
compromised;
    2. The disclosure made to such agencies, entities, and persons as 
is reasonably necessary to assist in connection with Treasury's efforts 
to respond to the suspected or confirmed compromise and prevent, 
minimize, or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants, 
fiscal agent, financial agents, and others performing or working on a 
contract, service, grant, cooperative agreement, or other assignment 
for Treasury, when necessary to accomplish an agency function related 
to this system of records. Individuals provided information under this 
routine use are subject to the same Privacy Act requirements and 
limitations on

[[Page 73355]]

disclosure as are applicable to Treasury officers and employees.
    G. To an appropriate federal, state, tribal, local, international, 
or foreign law enforcement agency or other appropriate authority 
charged with investigating or prosecuting a violation or enforcing or 
implementing a law, rule, regulation, or order, where a record, either 
on its face or in conjunction with other information, indicates a 
violation or potential violation of law, which includes criminal, 
civil, or regulatory violations and such disclosure is proper and 
consistent with the official duties of the person making the 
disclosure.
    H. To sponsors, employers, contractors, facility operators, 
grantees, experts, fiscal agents, financial agents, and consultants in 
connection with establishing an access account for an individual or 
maintaining appropriate points of contact and when necessary to 
accomplish a Treasury mission function or objective related to this 
system of records.
    I. To other individuals in the same operational program supported 
by an information technology resource, where appropriate notice to the 
individual has been made that his or her contact information will be 
shared with other members of the same operational program in order to 
facilitate collaboration.
    J. To federal agencies such as the Office of Personnel Management, 
the Merit Systems Protection Board, the Office of Management and 
Budget, the Federal Labor Relations Authority, the Government 
Accountability Office, and the Equal Employment Opportunity Commission 
in the fulfillment of these agencies' official duties.
    K. To international, federal, state, local, tribal, or private 
entities for the purpose of the regular exchange of business contact 
information in order to facilitate collaboration for official business.
    L. To the news media and the public, with the approval of the 
Senior Agency Official for Privacy, or her designee, in consultation 
with counsel, when there exists a legitimate public interest in the 
disclosure of the information or when disclosure is necessary to 
preserve confidence in the integrity of Treasury or is necessary to 
demonstrate the accountability of Treasury's officers, employees, or 
individuals covered by the system, except to the extent it is 
determined that release of the specific information in the context of a 
particular case would constitute an unwarranted invasion of personal 
privacy.
    M. To appropriate agencies, entities, and persons when (1) the 
Department of the Treasury and/or Treasury bureau suspects or has 
confirmed that there has been a breach of the system of records; (2) 
the Department of the Treasury and/or Treasury bureau has determined 
that as a result of the suspected or confirmed breach there is a risk 
of harm to individuals, the Department of the Treasury and/or Treasury 
bureau(s) (including its information systems, programs, and 
operations), the Federal Government, or national security; and (3) the 
disclosure made to such agencies, entities, and persons is reasonably 
necessary to assist in connection with the Department of the Treasury's 
and/or Treasury bureau's efforts to respond to the suspected or 
confirmed breach or to prevent, minimize, or remedy such harm;
    N. To another Federal agency or Federal entity, when the Department 
of the Treasury and/or Treasury bureau determines that information from 
this system of records is reasonably necessary to assist the recipient 
agency or entity in (1) responding to a suspected or confirmed breach 
or (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system are on paper and/or in digital or other 
electronic form. Digital and other electronic images are stored on a 
storage area network in a secured environment. Records, whether paper 
or electronic, may be stored at the Treasury Headquarters or at the 
bureau or office level.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by an identification number assigned by 
computer, by facility, by business affiliation, email address, or by 
the name of the individual, or other employee data fields previously 
identified in this System of Records Notice.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are securely retained and disposed of in accordance with 
the National Archives and Records Administration's General Records 
Schedule 24, section 6, ``User Identification, Profiles, 
Authorizations, and Password Files.'' Inactive records will be 
destroyed or deleted 6 years after the user account is terminated or 
password is altered, or when no longer needed for investigative or 
security purposes, whichever is later.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Information in this system is safeguarded in accordance with 
applicable laws, rules, and policies, including Treasury Directive 85-
01, Department of the Treasury Information Technology (IT) Security 
Program. Further, Treasury .015--General Information Technology Access 
Account Records system of records security protocols will meet multiple 
National Institute of Standards and Technology security standards from 
authentication to certification and authorization. Records in the 
Treasury .015--General Information Technology Access Account Records 
system of records will be maintained in a secure, password protected 
electronic system that will utilize security hardware and software to 
include: Multiple firewalls, active intruder detection, and role-based 
access controls. Additional safeguards will vary by component and 
program. All records are protected from unauthorized access through 
appropriate administrative, physical, and technical safeguards. These 
safeguards include restricting access to authorized personnel who have 
a ``need to know,'' using locks, and password protection identification 
features. Treasury file areas are locked after normal duty hours and 
the facilities are protected by security personnel who monitor access 
to and egress from Treasury facilities.

RECORD ACCESS PROCEDURES:
    See ``Notification Procedures'' below.

CONTESTING RECORD PROCEDURES:
    See ``Notification Procedures'' below.

NOTIFICATION PROCEDURES:
    Individuals seeking notification of and access to any record 
contained in this system of records, or seeking to contest its content, 
may submit a request in writing, in accordance with Treasury's Privacy 
Act regulations (located at 31 CFR 1.26), to the Freedom of Information 
Act (FOIA) and Transparency Liaison, whose contact information can be 
found at https://www.treasury.gov/FOIA/Pages/index.aspx under ``FOIA 
Requester Service Centers and FOIA Liaison.'' If an individual believes 
more than one bureau maintains Privacy Act records concerning him or 
her, the individual may submit the request to the Office of Privacy, 
Transparency, and Records, FOIA and Transparency, Department of

[[Page 73356]]

the Treasury, 1500 Pennsylvania Ave. NW, Washington, DC 20220.
    No specific form is required, but a request must be written and:
     Be signed and either notarized or submitted under 28 
U.S.C. 1746, a law that permits statements to be made under penalty of 
perjury as a substitute for notarization;
     State that the request is made pursuant to the FOIA and/or 
Privacy Act disclosure regulations;
     Include information that will enable the processing office 
to determine the fee category of the user;
     Addressed to the bureau that maintains the record (in 
order for a request to be properly received by the Department, the 
request must be received in the appropriate bureau's disclosure 
office);
     Reasonably describe the records;
     Give the address where the determination letter is to be 
sent;
     State whether or not the requester wishes to inspect the 
records or have a copy made without first inspecting them; and
     Include a firm agreement from the requester to pay fees 
for search, duplication, or review, as appropriate. In the absence of a 
firm agreement to pay, the requester may submit a request for a waiver 
or reduction of fees, along with justification of how such a waiver 
request meets the criteria for a waiver or reduction of fees found in 
the FOIA statute at 5 U.S.C. 552(a)(4)(A)(iii).
    You may also submit your request online at https://rdgw.treasury.gov/foia/pages/gofoia.aspx and call 1-202-622-0930 with 
questions.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    Notice of this system of records was last published in full in the 
Federal Register on November 7, 2016 (81 FR 78266) as the Department of 
the Treasury .015--General Information Technology Access Account 
Records

[FR Doc. 2020-25298 Filed 11-16-20; 8:45 am]
BILLING CODE 4810-25-P
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.