Privacy Act of 1974; System of Records, 27553-27556 [2021-10707]

Download as PDF Federal Register / Vol. 86, No. 97 / Friday, May 21, 2021 / Notices • Each consignment is subject to inspection upon arrival in the United States. Each of the pest risk mitigation measures that would be required, along with evidence of their efficacy in removing pests of concern from the pathway, are described in detail in the RMD. Therefore, in accordance with § 319.56–4(c)(3), we are announcing the availability of our PRA and RMD for public review and comment. Those documents, as well as a description of the economic considerations associated with the importation of fresh melon fruit with stems under the revised conditions, may be viewed on the Regulations.gov website or in our reading room (see ADDRESSES above for a link to Regulations.gov and information on the location and hours of the reading room). You may request paper copies of these documents by calling or writing to the person listed under FOR FURTHER INFORMATION CONTACT. Please refer to the subject of the analysis you wish to review when requesting copies. After reviewing any comments we receive, we will announce our decision regarding the import status of fresh melon fruit with stems from Japan in a subsequent notice. If the overall conclusions of our analysis and the Administrator’s determination of risk remain unchanged following our consideration of the comments, then we will authorize the importation of fresh melon fruit with stems from Japan into the entire United States subject to the revised requirements specified in this notice. Authority: 7 U.S.C. 1633, 7701–7772, and 7781–7786; 21 U.S.C. 136 and 136a; 7 CFR 2.22, 2.80, and 371.3. Done in Washington, DC, this 17th day of May 2021. Mark Davidson, Administrator, Animal and Plant Health Inspection Service. [FR Doc. 2021–10706 Filed 5–20–21; 8:45 am] BILLING CODE 3410–34–P DEPARTMENT OF AGRICULTURE Animal and Plant Health Inspection Service jbell on DSKJLSW7X2PROD with NOTICES [Docket No. APHIS–2015–0023] Privacy Act of 1974; System of Records Animal and Plant Health Inspection Service, USDA. ACTION: Notice of a new system of records. AGENCY: VerDate Sep<11>2014 17:15 May 20, 2021 Jkt 253001 Pursuant to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a), and Office of Management and Budget Circular No. A–108, notice is given that the Animal and Plant Health Inspection Service (APHIS) of the U.S. Department of Agriculture (USDA) is proposing to add a new system of records, entitled USDA/APHIS–23, Integrated Plant Health Information System (IPHIS). This system maintains records of activities conducted pursuant to APHIS’ mission and responsibilities authorized by the Plant Protection Act (7 U.S.C. 7701 et seq.); the Honey Bee Act (7 U.S.C. 281 et seq.); and the Food Conservation and Energy Act 2008 (7 U.S.C. 8791 et seq.). DATES: This notice is effective upon publication, subject to a 30-day notice and comment period in which to comment on the routine uses described below. Comments, if any, must be submitted by June 21, 2021. ADDRESSES: You may submit comments by either of the following methods: • Federal eRulemaking Portal: Go to http://www.regulations.gov. Enter APHIS–2015–0023 in the Search filed. Select the Documents tab, then select the comment button in the list of documents. • Postal Mail/Commercial Delivery: Send your comment to Docket No. APHIS–2015–0023, Regulatory Analysis and Development, PPD, APHIS, Station 3A–03.8, 4700 River Road Unit 118, Riverdale, MD 20737–1238. Supporting documents and any comments we receive on this docket may be viewed at http:// www.regulations.gov or in our reading room, which is located in room 1620 of the USDA South Building, 14th Street and Independence Avenue SW, Washington, DC. Normal reading room hours are 8 a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure someone is there to help you, please call (202) 799–7039 before coming. FOR FURTHER INFORMATION CONTACT: For general questions, please contact Mr. Steven King, Information Technology Project Manager, Project Management Office, PPQ, APHIS, 4700 River Road, Riverdale, MD 20737; (301) 851–2118; Steven.A.King@usda.gov. For Privacy Act questions concerning this system of records notice, please contact Ms. Tonya Woods, Director, Freedom of Information and Privacy Act Staff, 4700 River Road Unit 50, Riverdale, MD 20737; (301) 851–4076; Tonya.G.Woods@usda.gov. For USDA Privacy Act questions, please contact the USDA Chief Privacy Officer, Information Security Center, Office of Chief Information Officer, USDA, Jamie SUMMARY: PO 00000 Frm 00002 Fmt 4703 Sfmt 4703 27553 L. Whitten Building, 1400 Independence Ave. SW, Washington, DC 20250; email: USDAPrivacy@ usda.gov. The U.S. Department of Agriculture’s (USDA’s), Animal and Plant Health Inspection Service (APHIS) is adding a new system of records, the Integrated Plant Health Information System (IPHIS), USDA/ APHIS–23. IPHIS is an information management system that APHIS uses to access, enter, and view data on plant health events that occur nationwide. IPHIS provides survey data, including locations, target pests, survey sample identification, and diagnostic test results; survey supply orders and inventory management; domestic emergency action notifications; and compliance agreements and inspection records to APHIS plant health personnel as well as cooperators outside the agency. Among other things, this information helps APHIS to prepare for plant pest and disease outbreaks and to monitor such outbreaks and devise effective responses to them; facilitate the export and interstate movement of agricultural products, including regulated articles; and communicate survey results to APHIS and APHIS contractors on a timely basis. APHIS will share information from the system in accordance with the requirements of the Privacy Act. A full list of routine uses is included in the routine uses section of the document published with this notice. A report on the new system of records, required by 5 U.S.C. 552a(r), as implemented by Office of Management and Budget Circular A–108, was sent to the Chairman, Committee on Homeland Security and Governmental Affairs, United States Senate; the Chairwoman, Committee on Oversight and Reform, House of Representatives; and the Administrator, Office of Information and Regulatory Affairs, Office of Management and Budget. SUPPLEMENTARY INFORMATION: Done in Washington, DC, this 17th day of May 2021. Mark Davidson, Administrator, Animal and Plant Health Inspection Service. SYSTEM NAME AND NUMBER: USDA/APHIS–23, Integrated Plant Health Information System (IPHIS). SECURITY CLASSIFICATION: Sensitive but unclassified. E:\FR\FM\21MYN1.SGM 21MYN1 27554 Federal Register / Vol. 86, No. 97 / Friday, May 21, 2021 / Notices SYSTEM LOCATION: The Animal and Plant Health Inspection Service (APHIS) Plant Protection and Quarantine (PPQ) program maintains the system of records for IPHIS. The IPHIS master data system resides within the Microsoft Azure Government data centers located in Boydton, VA, as the primary site, and in San Antonio, TX, as a secondary site for redundant or any disaster recovery plans. The Microsoft Azure environment is managed by Marketing and Regulatory Program Information Technology. Azure Backup Center provides native integrations to existing Azure services that enable management of system and data backup. The Backup Center uses the Azure Policy experience to help govern backups. It also leverages Azure Workbooks and Azure Monitor Logs to help view detailed reports on backups to insure viability and consistency. Azure Backup stores backed-up data in vaults—Recovery Services vaults and Backup vaults. A vault is an online-storage entity in Azure that’s used to hold data, such as backup copies, recovery points, and backup policies. Paper records generated from IPHIS are secured within the work units. SYSTEM MANAGER: Information Technology Project Manager, Project Management Office, PPQ, APHIS, 4700 River Road, Riverdale, MD 20737. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: The Plant Protection Act (7 U.S.C. 7701 et seq.); the Honey Bee Act (7 U.S.C. 281 et seq.); and the Food Conservation and Energy Act 2008 (7 U.S.C. 8791 et seq.). CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: jbell on DSKJLSW7X2PROD with NOTICES PURPOSES OF THE SYSTEM: IPHIS is a web-based data management system for use by APHIS plant health personnel as well as cooperators outside the agency (e.g., diagnostic laboratories, State, Tribal, and local governments, and academia). PPQ uses IPHIS to access, enter, and view data for plant health events nationwide. The following data are contained and provided to IPHIS users: Survey data, including the name of the plant pest, noxious weed, or biological control organism, source of data, specific crop/host, location, and environment; survey method; survey location and GPS coordinates; pest absence/presence; diagnostic results, including sample identification and confirmation method; survey supply orders; inventory management; emergency action notifications; tracking and control documentation; and VerDate Sep<11>2014 17:15 May 20, 2021 Jkt 253001 compliance agreements and inspection records. The information, as listed under categories of records, is collected, used, disseminated, or maintained to support the agency’s mission to protect and promote food, agriculture, natural resources, and related issues. The principle use of the information is for preparation, monitoring, and response to plant health-related issues. Specifically, the information will be used as an information tool to provide pest status and location and help cooperators from State, Tribal, and local governments, plant health officials, cooperators from academic institutions, and diagnostic laboratories to determine what effective action must be taken when a plant pest or noxious weed is found. Additional uses of the information will be to facilitate the export and interstate movement of agricultural products; to issue compliance agreements for the handling and interstate movement of regulated articles; to facilitate management of pests and beneficial organisms; to communicate the activities and results of survey detection to users on a timely basis; to monitor the distribution of pests; to respond to a plant health pest outbreak; to forecast survey supply needs; and to validate pest risk models. Certain IPHIS survey data that do not include personally identifiable information are exported to the National Agricultural Pest Information System (NAPIS). Purdue University owns and maintains NAPIS, which supports the web-based public interface pest tracker site for the Cooperative Agricultural Pest Survey Program. Categories of individuals covered by this system include individuals who enter into compliance agreements with APHIS or who are identified in emergency action notifications, including members of the public such as property owners, residents, and farmers. The system also contains information on APHIS employees and contractors or other entities working on behalf of APHIS. CATEGORIES OF RECORDS IN THE SYSTEM: The system collects information related to the point of contact for particular locations where surveys, seizures, and traces occur. The compliance agreement fields in IPHIS include the names, mailing addresses, and email addresses of individuals (property owners/residents) and business entities that handle regulated articles and agree to comply with the movement restrictions and domestic PO 00000 Frm 00003 Fmt 4703 Sfmt 4703 quarantine regulations. The emergency action notification fields in IPHIS contain the names, addresses, email addresses, and phone and fax numbers of owners or agents of regulated articles or regulated areas when agricultural officials have prescribed remedial measures due to agricultural pests. The system also includes information, such as names, addresses, email addresses, and phone and fax numbers, about APHIS employees and contractors or others working on behalf of APHIS. The IPHIS system will also collect agricultural survey data that includes additional categories of records such as survey location and GPS coordinates. RECORD SOURCE CATEGORIES: Information in this system comes primarily from the members of the public; regulated individuals and entities; APHIS employees; other Federal, State, Tribal, and local government agencies; diagnostic laboratories; and university cooperators. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, records maintained in the system may be disclosed outside the U.S. Department of Agriculture (USDA), as follows: (1) To cooperators from other Federal departments and their agencies; State, local, Tribal, and Territorial governments; plant health officials; cooperators from academic institutions; and diagnostic laboratories performing functions or working to respond to events declared to be emergencies of national significance determined to impact the U.S. critical infrastructure or other related emergency response functions performed for USDA, when necessary to accomplish an agency function related to this system of records; (2) When a record on its face, or in conjunction with other records indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program, statute, or by regulation, rule, or order issued pursuant thereto, APHIS may disclose the record to the appropriate agency, whether Federal, foreign, State, Tribal, local, or other public authority responsible for enforcing, investigating, or prosecuting such violation or charged with enforcing or implementing the statute, rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, E:\FR\FM\21MYN1.SGM 21MYN1 jbell on DSKJLSW7X2PROD with NOTICES Federal Register / Vol. 86, No. 97 / Friday, May 21, 2021 / Notices or prosecutive responsibility of the receiving entity; (3) To the Department of Justice when: (a) USDA or any component thereof; or (b) any employee of USDA in his or her official capacity, or any employee of the agency in his or her individual capacity where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and USDA determines that the records are relevant and necessary to the litigation and the use of such records by the Department of Justice is for a purpose that is compatible with the purpose for which USDA collected the records; (4) In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when USDA or other Agency representing USDA determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding; (5) To appropriate agencies, entities, and persons when: (a) USDA suspects or has confirmed that there has been a breach of the system of records; (b) USDA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, USDA (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with USDA’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm; (6) To another Federal agency or Federal entity, when information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach; (7) To Congressional office staff in response to an inquiry made at the written request of the individual to whom the record pertains; (8) To contractors and their agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for VerDate Sep<11>2014 17:15 May 20, 2021 Jkt 253001 USDA, when necessary to accomplish an agency function related to this system of records; and (9) To the National Archives and Records Administration (NARA) or to the General Services Administration for records management activities conducted under 44 U.S.C. 2904 and 2906. DISCLOSURE TO CONSUMER REPORTING AGENCIES: N/A. POLICIES AND PRACTICES FOR STORAGE OF RECORDS: Paper-based records are stored and maintained in USDA/APHIS offices in locked file cabinets that require presentation of employee identification for building admittance and access. Electronic records are maintained in an electronic database on a server in a secure data center or on the APHIS web server and website that is maintained by APHIS’ Information Technology Division. Information Technology personnel maintain backup media. POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: Records are retrieved by any of the data entry fields included in categories of records such as the name of the property owner, resident, and/or farmer, address, phone, fax, and/or email address, etc. System users can also retrieve records by data entry fields associated with agricultural surveys or investigations including location, site, activity, or diagnostic sample. POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: APHIS is working closely with NARA to update retention schedules. Records will be retained indefinitely pending NARA’s approval of a records retention schedule. ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: Physical security measures are in place to prevent unauthorized persons from accessing IPHIS. Electronic records are stored on secure file servers. IPHIS includes physical access controls, firewalls, intrusion detection systems, and system auditing to prevent unauthorized access. To access IPHIS, users are required to complete the USDA eAuthentication registration process and are validated through rolebased authentication and authorization. Cooperators have signed a General Memorandum of Understanding in which they have agreed to safeguard the confidentiality of such data and prohibit unauthorized access to the data provided by APHIS. They also agree not PO 00000 Frm 00004 Fmt 4703 Sfmt 4703 27555 to release any of the data provided by APHIS, and to refer any and all requests for the data provided to APHIS Legislative and Public Affairs, Freedom of Information and Privacy Act Office. Paper files are kept in a safeguarded environment with controlled access only by authorized personnel. All IPHIS users are also required to complete appropriate training to learn requirements for safeguarding records maintained under the Privacy Act. Azure safeguards records and ensures that privacy requirements are met in accordance with Federal and cybersecurity mandates. Azure provides continuous storage management, security administration, regular dataset backups, and contingency planning/ disaster recovery. Azure employs automated mechanisms to restrict access to media storage areas. This is done by requiring a successful multi-factor authentication to the APHIS Enterprise Infrastructure (AEI) on an authorized computing device which is a member of the AEI, and rights control based on administrator level special accounts. Azure also employs automated mechanisms to audit access attempts and access granted into these areas. This is done through the use of reports generated from the Azure Monitor Logs. RECORD ACCESS PROCEDURES: All requests for access to records must be in writing and should be submitted to the APHIS Privacy Act Officer, 4700 River Road Unit 50, Riverdale, MD 20737; or by facsimile (301) 734–5941; or by email APHISPrivacy@usda.gov. In accordance with 7 CFR 1.112 (Procedures for requests pertaining to individual records in a record system), the request must include the full name of the individual making the request; the name of the system of records; and preference of inspection, in person or by mail. In accordance with 7 CFR 1.113, prior to inspection of the records, the requester shall present sufficient identification (e.g., driver’s license, employee identification card, social security card, credit cards) to establish that the requester is the individual to whom the records pertain. In addition, if an individual submitting a request for access wishes to be supplied with copies of the records by mail, the requester must include with his or her request sufficient data for the agency to verify the requester’s identity. CONTESTING RECORD PROCEDURES: Individuals seeking to contest or amend records maintained in this system of records must direct their request to the address indicated in the ‘‘RECORD ACCESS PROCEDURES’’ E:\FR\FM\21MYN1.SGM 21MYN1 27556 Federal Register / Vol. 86, No. 97 / Friday, May 21, 2021 / Notices paragraph, above and must follow the procedures set forth in 7 CFR 1.116 (Request for correction or amendment to record). All requests must state clearly and concisely what record is being contested, the reasons for contesting it, and the proposed amendment to the record. NOTIFICATION PROCEDURES: Individuals may be notified if a record in this system of records pertains to them when the individuals request information utilizing the same procedures as those identified in the ‘‘RECORD ACCESS PROCEDURES’’ paragraph above. EXEMPTIONS PROMULGATED FOR THE SYSTEM: None. HISTORY: None. [FR Doc. 2021–10707 Filed 5–20–21; 8:45 am] BILLING CODE 3410–34–P DEPARTMENT OF AGRICULTURE Food and Nutrition Service Child Nutrition Programs: NonCompetitive Technology Innovation Grant Funding Food and Nutrition Service (FNS), USDA. ACTION: Notice and request for comment. AGENCY: This Notice announces the availability of non-competitive technology innovation grant funding, which will be distributed on a formula basis beginning in fiscal year (FY) 2021 among all eligible State agencies administering the Child Nutrition (CN) Programs and requests comment on this non-competitive approach. This noncompetitive grant opportunity replaces the competitive CN Technology Innovation Grants (TIG) previously administered by FNS in FYs 2017 and 2019. DATES: This non-competitive technology innovation grant funding is anticipated to be announced in late Spring 2021, and distributed to State agencies by late Summer 2021. Written comments must be received on or before June 21, 2021. FOR FURTHER INFORMATION CONTACT: Requests for additional information or comments concerning this notice may be sent to: J. Kevin Maskornick, Program Monitoring and Operational Support Division, Child Nutrition Programs, Food and Nutrition Service, United States Department of Agriculture, 1320 Braddock Place, Suite 401, Alexandria, Virginia 22314, 703–305–2537 or kevin.maskornick@usda.gov with jbell on DSKJLSW7X2PROD with NOTICES SUMMARY: VerDate Sep<11>2014 17:15 May 20, 2021 Jkt 253001 subject line ‘‘CNP Non-Competitive TIG Funding.’’ Comments may also be sent through the Federal eRulemaking Portal. Go to http://www.regulations.gov, and follow the online instructions for submitting comments electronically. The noncompetitive technology innovation grant funding was authorized by the Further Consolidated Appropriations Act, 2020 (Pub. L. 116–94) and Consolidated Appropriations Act, 2021 (Pub. L. 116– 260). Eligible State agencies accepting the non-competitive technology innovation grant funding will be required to submit to FNS, via www.grants.gov, a brief application, including streamlined project and budget narratives, describing the State agency’s intended use of the funding. State agencies will have three (3) years to expend the awarded funds and be required to submit bi-annual progress reports and quarterly financial reports to FNS. Final progress and financial status reports will be due 120 days after the termination date of the project. The public is invited to provide comment on the proposed use of the non-competitive grant funding approach described in this FR Notice. In each FYs 2020 and 2021, FNS received $25 million in State funding for the purpose of developing, improving, and maintaining automated information technology systems used to operate and manage all CN Programs (i.e., the National School Lunch Program, School Breakfast Program, Summer Food Service Program, and Child and Adult Care Food Program). In FY 2021, 54 States and territories (69 State agencies) are administering the CN Programs and therefore eligible to receive this funding. Funding will be offered by FNS to all eligible States and territories in an equal distribution based on total available funds for FYs 2020 and 2021 (i.e., $50 million). In FY 2021, each State will be offered approximately $925,926 for the purposes described above; amounts available in future fiscal years will be subject to the availability of funds and formula adjustments as determined appropriate by FNS. In States where more than one (1) eligible agency administers the CN Programs, the funding will be divided proportionally among those agencies based on the same distribution percentages used in the State Administrative Expense funding formula, as described in Section 7 of the SUPPLEMENTARY INFORMATION: PO 00000 Frm 00005 Fmt 4703 Sfmt 4703 Child Nutrition Act and per Title 7, Part 235 of the Code of Federal Regulations. Cynthia Long, Acting Administrator, Food and Nutrition Service. [FR Doc. 2021–10709 Filed 5–20–21; 8:45 am] BILLING CODE 3410–30–P DEPARTMENT OF AGRICULTURE Forest Service Siskiyou County Resource Advisory Committee Forest Service, USDA. Notice of meeting. AGENCY: ACTION: The Siskiyou County Resource Advisory Committee (RAC) will meet virtually via Microsoft Teams. The committee is authorized under the Secure Rural Schools and Community Self-Determination Act (the Act) and operates in compliance with the Federal Advisory Committee Act. The purpose of the committee is to improve collaborative relationships and to provide advice and recommendations to the Forest Service concerning projects and funding consistent with Title II of the Act. RAC information can be found at the following website: https:// www.fs.usda.gov/main/klamath/ workingtogether/advisorycommittees. DATES: Meetings will be held on: • Thursday, June 10, 2021, at 11:00 a.m., Pacifc Daylight Time; and • Thursday, June 24, 2021, at 11:00 a.m., Pacifc Daylight Time. All RAC meetings are subject to cancellation. For status of the meeting prior to attendance, please contact the person listed under FOR FURTHER INFORMATION CONTACT. ADDRESSES: The meeting will be held virtually via Microsoft Teams. Written comments may be submitted as described under SUPPLEMENTARY INFORMATION. All comments, including names and addresses when provided, are placed in the record and are available for public inspection and copying. The public may inspect comments received at the Mt. Shasta Ranger Station. Please call ahead at 530–926–4511 to facilitate entry into the building. FOR FURTHER INFORMATION CONTACT: Lejon Hamann, RAC Coordinator, by phone at 530–410–1935 or via email at lejon.hamann@usda.gov. Individuals who use telecommunication devices for the hearing-impaired (TDD) may call the Federal Information Relay Service (FIRS) at 1–800–877–8339 between 8:00 SUMMARY: E:\FR\FM\21MYN1.SGM 21MYN1

Agencies

[Federal Register Volume 86, Number 97 (Friday, May 21, 2021)]
[Notices]
[Pages 27553-27556]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-10707]


-----------------------------------------------------------------------

DEPARTMENT OF AGRICULTURE

Animal and Plant Health Inspection Service

[Docket No. APHIS-2015-0023]


Privacy Act of 1974; System of Records

AGENCY: Animal and Plant Health Inspection Service, USDA.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5 
U.S.C. 552a), and Office of Management and Budget Circular No. A-108, 
notice is given that the Animal and Plant Health Inspection Service 
(APHIS) of the U.S. Department of Agriculture (USDA) is proposing to 
add a new system of records, entitled USDA/APHIS-23, Integrated Plant 
Health Information System (IPHIS). This system maintains records of 
activities conducted pursuant to APHIS' mission and responsibilities 
authorized by the Plant Protection Act (7 U.S.C. 7701 et seq.); the 
Honey Bee Act (7 U.S.C. 281 et seq.); and the Food Conservation and 
Energy Act 2008 (7 U.S.C. 8791 et seq.).

DATES: This notice is effective upon publication, subject to a 30-day 
notice and comment period in which to comment on the routine uses 
described below. Comments, if any, must be submitted by June 21, 2021.

ADDRESSES: You may submit comments by either of the following methods:
     Federal eRulemaking Portal: Go to http://www.regulations.gov. Enter APHIS-2015-0023 in the Search filed. Select 
the Documents tab, then select the comment button in the list of 
documents.
     Postal Mail/Commercial Delivery: Send your comment to 
Docket No. APHIS-2015-0023, Regulatory Analysis and Development, PPD, 
APHIS, Station 3A-03.8, 4700 River Road Unit 118, Riverdale, MD 20737-
1238.
    Supporting documents and any comments we receive on this docket may 
be viewed at http://www.regulations.gov or in our reading room, which 
is located in room 1620 of the USDA South Building, 14th Street and 
Independence Avenue SW, Washington, DC. Normal reading room hours are 8 
a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure 
someone is there to help you, please call (202) 799-7039 before coming.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact 
Mr. Steven King, Information Technology Project Manager, Project 
Management Office, PPQ, APHIS, 4700 River Road, Riverdale, MD 20737; 
(301) 851-2118; [email protected]. For Privacy Act questions 
concerning this system of records notice, please contact Ms. Tonya 
Woods, Director, Freedom of Information and Privacy Act Staff, 4700 
River Road Unit 50, Riverdale, MD 20737; (301) 851-4076; 
[email protected]. For USDA Privacy Act questions, please contact 
the USDA Chief Privacy Officer, Information Security Center, Office of 
Chief Information Officer, USDA, Jamie L. Whitten Building, 1400 
Independence Ave. SW, Washington, DC 20250; email: 
[email protected].

SUPPLEMENTARY INFORMATION: The U.S. Department of Agriculture's 
(USDA's), Animal and Plant Health Inspection Service (APHIS) is adding 
a new system of records, the Integrated Plant Health Information System 
(IPHIS), USDA/APHIS-23.
    IPHIS is an information management system that APHIS uses to 
access, enter, and view data on plant health events that occur 
nationwide. IPHIS provides survey data, including locations, target 
pests, survey sample identification, and diagnostic test results; 
survey supply orders and inventory management; domestic emergency 
action notifications; and compliance agreements and inspection records 
to APHIS plant health personnel as well as cooperators outside the 
agency. Among other things, this information helps APHIS to prepare for 
plant pest and disease outbreaks and to monitor such outbreaks and 
devise effective responses to them; facilitate the export and 
interstate movement of agricultural products, including regulated 
articles; and communicate survey results to APHIS and APHIS contractors 
on a timely basis.
    APHIS will share information from the system in accordance with the 
requirements of the Privacy Act. A full list of routine uses is 
included in the routine uses section of the document published with 
this notice.
    A report on the new system of records, required by 5 U.S.C. 
552a(r), as implemented by Office of Management and Budget Circular A-
108, was sent to the Chairman, Committee on Homeland Security and 
Governmental Affairs, United States Senate; the Chairwoman, Committee 
on Oversight and Reform, House of Representatives; and the 
Administrator, Office of Information and Regulatory Affairs, Office of 
Management and Budget.

    Done in Washington, DC, this 17th day of May 2021.
Mark Davidson,
Administrator, Animal and Plant Health Inspection Service.


SYSTEM NAME AND NUMBER:
    USDA/APHIS-23, Integrated Plant Health Information System (IPHIS).

SECURITY CLASSIFICATION:
    Sensitive but unclassified.

[[Page 27554]]

SYSTEM LOCATION:
    The Animal and Plant Health Inspection Service (APHIS) Plant 
Protection and Quarantine (PPQ) program maintains the system of records 
for IPHIS. The IPHIS master data system resides within the Microsoft 
Azure Government data centers located in Boydton, VA, as the primary 
site, and in San Antonio, TX, as a secondary site for redundant or any 
disaster recovery plans. The Microsoft Azure environment is managed by 
Marketing and Regulatory Program Information Technology. Azure Backup 
Center provides native integrations to existing Azure services that 
enable management of system and data backup. The Backup Center uses the 
Azure Policy experience to help govern backups. It also leverages Azure 
Workbooks and Azure Monitor Logs to help view detailed reports on 
backups to insure viability and consistency. Azure Backup stores 
backed-up data in vaults--Recovery Services vaults and Backup vaults. A 
vault is an online-storage entity in Azure that's used to hold data, 
such as backup copies, recovery points, and backup policies. Paper 
records generated from IPHIS are secured within the work units.

SYSTEM MANAGER:
    Information Technology Project Manager, Project Management Office, 
PPQ, APHIS, 4700 River Road, Riverdale, MD 20737.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The Plant Protection Act (7 U.S.C. 7701 et seq.); the Honey Bee Act 
(7 U.S.C. 281 et seq.); and the Food Conservation and Energy Act 2008 
(7 U.S.C. 8791 et seq.).

PURPOSES OF THE SYSTEM:
    IPHIS is a web-based data management system for use by APHIS plant 
health personnel as well as cooperators outside the agency (e.g., 
diagnostic laboratories, State, Tribal, and local governments, and 
academia). PPQ uses IPHIS to access, enter, and view data for plant 
health events nationwide. The following data are contained and provided 
to IPHIS users: Survey data, including the name of the plant pest, 
noxious weed, or biological control organism, source of data, specific 
crop/host, location, and environment; survey method; survey location 
and GPS coordinates; pest absence/presence; diagnostic results, 
including sample identification and confirmation method; survey supply 
orders; inventory management; emergency action notifications; tracking 
and control documentation; and compliance agreements and inspection 
records. The information, as listed under categories of records, is 
collected, used, disseminated, or maintained to support the agency's 
mission to protect and promote food, agriculture, natural resources, 
and related issues.
    The principle use of the information is for preparation, 
monitoring, and response to plant health-related issues. Specifically, 
the information will be used as an information tool to provide pest 
status and location and help cooperators from State, Tribal, and local 
governments, plant health officials, cooperators from academic 
institutions, and diagnostic laboratories to determine what effective 
action must be taken when a plant pest or noxious weed is found. 
Additional uses of the information will be to facilitate the export and 
interstate movement of agricultural products; to issue compliance 
agreements for the handling and interstate movement of regulated 
articles; to facilitate management of pests and beneficial organisms; 
to communicate the activities and results of survey detection to users 
on a timely basis; to monitor the distribution of pests; to respond to 
a plant health pest outbreak; to forecast survey supply needs; and to 
validate pest risk models. Certain IPHIS survey data that do not 
include personally identifiable information are exported to the 
National Agricultural Pest Information System (NAPIS). Purdue 
University owns and maintains NAPIS, which supports the web-based 
public interface pest tracker site for the Cooperative Agricultural 
Pest Survey Program.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Categories of individuals covered by this system include 
individuals who enter into compliance agreements with APHIS or who are 
identified in emergency action notifications, including members of the 
public such as property owners, residents, and farmers. The system also 
contains information on APHIS employees and contractors or other 
entities working on behalf of APHIS.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system collects information related to the point of contact for 
particular locations where surveys, seizures, and traces occur. The 
compliance agreement fields in IPHIS include the names, mailing 
addresses, and email addresses of individuals (property owners/
residents) and business entities that handle regulated articles and 
agree to comply with the movement restrictions and domestic quarantine 
regulations. The emergency action notification fields in IPHIS contain 
the names, addresses, email addresses, and phone and fax numbers of 
owners or agents of regulated articles or regulated areas when 
agricultural officials have prescribed remedial measures due to 
agricultural pests. The system also includes information, such as 
names, addresses, email addresses, and phone and fax numbers, about 
APHIS employees and contractors or others working on behalf of APHIS.
    The IPHIS system will also collect agricultural survey data that 
includes additional categories of records such as survey location and 
GPS coordinates.

RECORD SOURCE CATEGORIES:
    Information in this system comes primarily from the members of the 
public; regulated individuals and entities; APHIS employees; other 
Federal, State, Tribal, and local government agencies; diagnostic 
laboratories; and university cooperators.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, records maintained in the system may be 
disclosed outside the U.S. Department of Agriculture (USDA), as 
follows:
    (1) To cooperators from other Federal departments and their 
agencies; State, local, Tribal, and Territorial governments; plant 
health officials; cooperators from academic institutions; and 
diagnostic laboratories performing functions or working to respond to 
events declared to be emergencies of national significance determined 
to impact the U.S. critical infrastructure or other related emergency 
response functions performed for USDA, when necessary to accomplish an 
agency function related to this system of records;
    (2) When a record on its face, or in conjunction with other records 
indicates a violation or potential violation of law, whether civil, 
criminal, or regulatory in nature, and whether arising by general 
statute or particular program, statute, or by regulation, rule, or 
order issued pursuant thereto, APHIS may disclose the record to the 
appropriate agency, whether Federal, foreign, State, Tribal, local, or 
other public authority responsible for enforcing, investigating, or 
prosecuting such violation or charged with enforcing or implementing 
the statute, rule, regulation, or order issued pursuant thereto, if the 
information disclosed is relevant to any enforcement, regulatory, 
investigative,

[[Page 27555]]

or prosecutive responsibility of the receiving entity;
    (3) To the Department of Justice when: (a) USDA or any component 
thereof; or (b) any employee of USDA in his or her official capacity, 
or any employee of the agency in his or her individual capacity where 
the Department of Justice has agreed to represent the employee; or (c) 
the United States Government, is a party to litigation or has an 
interest in such litigation, and USDA determines that the records are 
relevant and necessary to the litigation and the use of such records by 
the Department of Justice is for a purpose that is compatible with the 
purpose for which USDA collected the records;
    (4) In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body or official, when USDA or other 
Agency representing USDA determines that the records are relevant and 
necessary to the proceeding; or in an appropriate proceeding before an 
administrative or adjudicative body when the adjudicator determines the 
records to be relevant to the proceeding;
    (5) To appropriate agencies, entities, and persons when: (a) USDA 
suspects or has confirmed that there has been a breach of the system of 
records; (b) USDA has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, USDA 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (c) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with USDA's efforts to respond to the suspected or 
confirmed compromise and prevent, minimize, or remedy such harm;
    (6) To another Federal agency or Federal entity, when information 
from this system of records is reasonably necessary to assist the 
recipient agency or entity in (a) responding to a suspected or 
confirmed breach or (b) preventing, minimizing, or remedying the risk 
of harm to individuals, the recipient agency or entity (including its 
information systems, programs, and operations), the Federal Government, 
or national security, resulting from a suspected or confirmed breach;
    (7) To Congressional office staff in response to an inquiry made at 
the written request of the individual to whom the record pertains;
    (8) To contractors and their agents, grantees, experts, 
consultants, and others performing or working on a contract, service, 
grant, cooperative agreement, or other assignment for USDA, when 
necessary to accomplish an agency function related to this system of 
records; and
    (9) To the National Archives and Records Administration (NARA) or 
to the General Services Administration for records management 
activities conducted under 44 U.S.C. 2904 and 2906.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    N/A.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Paper-based records are stored and maintained in USDA/APHIS offices 
in locked file cabinets that require presentation of employee 
identification for building admittance and access. Electronic records 
are maintained in an electronic database on a server in a secure data 
center or on the APHIS web server and website that is maintained by 
APHIS' Information Technology Division. Information Technology 
personnel maintain backup media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by any of the data entry fields included in 
categories of records such as the name of the property owner, resident, 
and/or farmer, address, phone, fax, and/or email address, etc. System 
users can also retrieve records by data entry fields associated with 
agricultural surveys or investigations including location, site, 
activity, or diagnostic sample.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    APHIS is working closely with NARA to update retention schedules. 
Records will be retained indefinitely pending NARA's approval of a 
records retention schedule.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Physical security measures are in place to prevent unauthorized 
persons from accessing IPHIS. Electronic records are stored on secure 
file servers. IPHIS includes physical access controls, firewalls, 
intrusion detection systems, and system auditing to prevent 
unauthorized access. To access IPHIS, users are required to complete 
the USDA eAuthentication registration process and are validated through 
role-based authentication and authorization. Cooperators have signed a 
General Memorandum of Understanding in which they have agreed to 
safeguard the confidentiality of such data and prohibit unauthorized 
access to the data provided by APHIS. They also agree not to release 
any of the data provided by APHIS, and to refer any and all requests 
for the data provided to APHIS Legislative and Public Affairs, Freedom 
of Information and Privacy Act Office.
    Paper files are kept in a safeguarded environment with controlled 
access only by authorized personnel. All IPHIS users are also required 
to complete appropriate training to learn requirements for safeguarding 
records maintained under the Privacy Act. Azure safeguards records and 
ensures that privacy requirements are met in accordance with Federal 
and cybersecurity mandates. Azure provides continuous storage 
management, security administration, regular dataset backups, and 
contingency planning/disaster recovery. Azure employs automated 
mechanisms to restrict access to media storage areas. This is done by 
requiring a successful multi-factor authentication to the APHIS 
Enterprise Infrastructure (AEI) on an authorized computing device which 
is a member of the AEI, and rights control based on administrator level 
special accounts. Azure also employs automated mechanisms to audit 
access attempts and access granted into these areas. This is done 
through the use of reports generated from the Azure Monitor Logs.

RECORD ACCESS PROCEDURES:
    All requests for access to records must be in writing and should be 
submitted to the APHIS Privacy Act Officer, 4700 River Road Unit 50, 
Riverdale, MD 20737; or by facsimile (301) 734-5941; or by email 
[email protected]. In accordance with 7 CFR 1.112 (Procedures for 
requests pertaining to individual records in a record system), the 
request must include the full name of the individual making the 
request; the name of the system of records; and preference of 
inspection, in person or by mail. In accordance with 7 CFR 1.113, prior 
to inspection of the records, the requester shall present sufficient 
identification (e.g., driver's license, employee identification card, 
social security card, credit cards) to establish that the requester is 
the individual to whom the records pertain. In addition, if an 
individual submitting a request for access wishes to be supplied with 
copies of the records by mail, the requester must include with his or 
her request sufficient data for the agency to verify the requester's 
identity.

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest or amend records maintained in this 
system of records must direct their request to the address indicated in 
the ``RECORD ACCESS PROCEDURES''

[[Page 27556]]

paragraph, above and must follow the procedures set forth in 7 CFR 
1.116 (Request for correction or amendment to record). All requests 
must state clearly and concisely what record is being contested, the 
reasons for contesting it, and the proposed amendment to the record.

NOTIFICATION PROCEDURES:
    Individuals may be notified if a record in this system of records 
pertains to them when the individuals request information utilizing the 
same procedures as those identified in the ``RECORD ACCESS PROCEDURES'' 
paragraph above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

[FR Doc. 2021-10707 Filed 5-20-21; 8:45 am]
BILLING CODE 3410-34-P