Privacy Act of 1974; System of Records, 40564-40566 [2021-16016]

Download as PDF khammond on DSKJM1Z7X2PROD with NOTICES 40564 Federal Register / Vol. 86, No. 142 / Wednesday, July 28, 2021 / Notices Parties: Hoegh Autoliners AS and Nippon Yusen Kaisha. Filing Party: Kristen Chung; NYK Line (North America) Inc. Synopsis: The amendment removes all authority to jointly negotiate or procure terminal services in the United States. Proposed Effective Date: 7/19/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/1931. Agreement No.: 201326–001. Agreement Name: Sallaum Lines/ NYK Space Charter Agreement. Parties: Sallaum Lines Switzerland SA and Nippon Yusen Kaisha. Filing Party: Kristen Chung; NYK Line (North America) Inc. Synopsis: This amendment removes all authority to jointly negotiate or procure terminal services in the United States and updates the names of the parties. Proposed Effective Date: 7/19/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/26450. Agreement No.: 012422–001. Agreement Name: Liberty Global Logistics/NYK Space Charter Agreement. Parties: Liberty Global Logistics LLC and Nippon Yusen Kaisha. Filing Party: Kristen Chung; NYK Line (North America) Inc. Synopsis: The amendment removes all authority to jointly negotiate or procure terminal services in the United States. Proposed Effective Date: 7/19/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/1893. Agreement No.: 012423–001. Agreement Name: Glovis/NYK Space Charter Agreement. Parties: Hyundai Glovis Co., Ltd. and Nippon Yusen Kaisha. Filing Party: Kristen Chung; NYK Line (North America) Inc. Synopsis: The amendment removes all authority to jointly negotiate or procure terminal services in the United States. Proposed Effective Date: 7/20/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/1894. Agreement No.: 012313–001. Agreement Name: NYK/EUKOR North America/Caribbean and Central America Space Charter Agreement. Parties: Nippon Yusen Kaisha and EUKOR Car Carriers, Inc. Filing Party: Kristen Chung; NYK Line (North America) Inc. Synopsis: The amendment removes all authority to jointly negotiate or VerDate Sep<11>2014 17:16 Jul 27, 2021 Jkt 253001 procure terminal services in the United States. Proposed Effective Date: 7/21/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/186. Agreement No.: 201298–001. Agreement Name: CMA CGM/COSCO SHIPPING China-U.S. West Coast Service Slot Charter Agreement. Parties: CMA CGM S.A. and COSCO SHIPPING Lines Co., Ltd. Filing Party: Robert Magovern; Cozen O’Connor. Synopsis: The amendment revises Articles 1, 5, and 8 of the Agreement to update the respective services on which the parties will exchange space under the Agreement. Proposed Effective Date: 7/21/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/21398. Agreement No.: 012227–001. Agreement Name: NYK/EUKOR North America/Far East Space Charter Agreement. Parties: Nippon Yusen Kaisha and EUKOR Car Carriers, Inc. Filing Party: Kristen Chung; NYK Line (North America) Inc. Synopsis: The amendment removes all authority to jointly negotiate or procure terminal services in the United States. Proposed Effective Date: 7/21/2021. Location: https://www2.fmc.gov/ FMC.Agreements.Web/Public/ AgreementHistory/276. Dated: July 23, 2021. Rachel E. Dickon, Secretary. [FR Doc. 2021–16090 Filed 7–27–21; 8:45 am] BILLING CODE P FEDERAL RETIREMENT THRIFT INVESTMENT BOARD Privacy Act of 1974; System of Records Federal Retirement Thrift Investment Board (FRTIB). ACTION: Notice of a new system of records. AGENCY: Pursuant to the Privacy Act of 1974, the Federal Retirement Thrift Investment Board (FRTIB) proposes to establish a new system of records. Records contained in this system will be used to implement FRTIB’s Insider Threat Program. DATES: This system will become effective upon its publication in today’s Federal Register, with the exception of the routine uses which will be effective SUMMARY: PO 00000 Frm 00121 Fmt 4703 Sfmt 4703 on August 27, 2021. FRTIB invites written comments on the routine uses and other aspects of this system of records. Submit any comments by August 27, 2021. ADDRESSES: You may submit written comments to FRTIB by any one of the following methods: • Federal eRulemaking Portal: http:// www.regulations.gov. Follow the website instructions for submitting comments. • Fax: 202–942–1676. • Mail or Hand Delivery: Office of General Counsel, Federal Retirement Thrift Investment Board, 77 K Street NE, Suite 1000, Washington, DC 20002. FOR FURTHER INFORMATION CONTACT: Dharmesh Vashee, General Counsel and Senior Agency Official for Privacy, Federal Retirement Thrift Investment Board, Office of General Counsel, 77 K Street NE, Suite 1000, Washington, DC 20002, (202) 942–1600. For access to any of the FRTIB’s systems of records, contact Amanda Haas, FOIA Officer, Office of General Counsel, at the above address and phone number. SUPPLEMENTARY INFORMATION: FRTIB proposes to establish a new system of records entitled, ‘‘FRTIB–23, Insider Threat Program Records.’’ FRTIB is committed to protecting FRTIB facilities, information, and information systems. In order to better protect these resources, FRTIB has established an Insider Threat Program to prevent, detect, and mitigate the effects of insider threats. An insider threat is an individual who has or had authorized access to an organization’s assets, and uses their access, either maliciously or unintentionally, to act in a way that could cause harm to FRTIB facilities, information systems, or data. FRTIB is not legally required to have an insider threat program under Executive Order 13587, as the agency does not maintain classified information. However, FRTIB has implemented this program as a best practice in order to protect the information that it maintains, including controlled unclassified information. FRTIB’s Insider Threat Program is based on standards developed by the National Institute of Standards and Technology and the National Insider Threat Task Force. The records compiled to administer the insider threat program may be from any program, record, or source, and may contain records pertaining to information security, personnel security, or physical security. FRTIB will publish regulations to exempt such material in the new system of records from certain requirements under the Privacy Act of 1974 (5 U.S.C. E:\FR\FM\28JYN1.SGM 28JYN1 Federal Register / Vol. 86, No. 142 / Wednesday, July 28, 2021 / Notices 552a), based on subsection (k)(2) of the Act. The collection and maintenance of these records is new. The implementation of this new system of records will be effective on July 28, 2021. FRTIB proposes to apply eleven routine uses to FRTIB–23. Dharmesh Vashee, General Counsel and Senior Agency Official for Privacy. SYSTEM NAME AND NUMBER: FRTIB–23, Insider Threat Program Records. SECURITY CLASSIFICATION: Unclassified. SYSTEM LOCATION: Records are located at the Federal Retirement Thrift Investment Board, 77 K Street NE, Suite 1000, Washington, DC 20002. Records may also be maintained at the business offices of third-party service providers. Records may also be maintained at additional locations for Business Continuity purposes. SYSTEM MANAGER: Insider Threat Program Manager, Federal Retirement Thrift Investment Board, 77 K Street NE, Suite 1000, Washington, DC 20002, (202) 942–1600. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 8474; 44 U.S.C. Chapter 35; 44 U.S.C. 3101. khammond on DSKJM1Z7X2PROD with NOTICES PURPOSE(S) OF THE SYSTEM: FRTIB’s Insider Threat Program is being implemented to prevent, detect, and mitigate the effects of insider threats, defined as, ‘‘the potential for an individual who has or had authorized access to an organization’s assets to use their access, either maliciously or unintentionally, to act in a way that could negatively affect the organization.’’ The Insider Threat Program system of records is being established to manage insider threat matters; facilitate insider threat activities, inquiries, and investigations; identify insider threats to FRTIB facilities, information, and information systems; track referrals of potential insider threats from FRTIB’s hotline; and to track referrals of potential insider threats to internal and external partners. FRTIB facilities, information, or information systems. CATEGORIES OF RECORDS IN THE SYSTEM: The categories of records compiled for each insider threat report, inquiry, or investigation may vary significantly based on the nature of each actual or potential insider threat incident. Categories of records in the Insider Threat Program system of records may include name; social security number; date of birth; place of birth; personal and business email address; personal and business phone number; work history; background investigation information (including any information derived from SF–85, SF–85P, and SF–86 forms and background investigation processes); user ID; user activity performed on FRTIB devices; correspondence sent or received on an FRTIB device or network; personnel records (including disciplinary records and performance records); records of access to FRTIB facilities; records of security violations; reports from FRTIB’s hotline for fraud, waste, abuse, and other misconduct; and law enforcement referrals. RECORD SOURCE CATEGORIES: To monitor, identify, and respond to potential insider threats, information in the system will be received on an asneeded basis depending on the nature of the inquiry or investigation from: FRTIB employees, contractors, vendors, or other individuals with access to FRTIB facilities, information, or information systems; FRTIB’s hotline for reporting fraud, waste, abuse, and other misconduct; information collected through user activity monitoring; officials from other foreign, federal, tribal, state, and local government agencies and organizations; nongovernment, commercial, public, and private agencies and organizations; and from relevant records, including information security databases and files; personnel security databases and files; FRTIB human resources databases and files; access records for FRTIB facilities; FRTIB contractor files; FRTIB’s Office of Technology Services; FRTIB telephone usage records; federal, state, tribal, territorial, and local law enforcement and investigatory records; other Federal agencies; and publicly available information. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES: This system collects information on current or former FRTIB employees, contractors, subcontractors, or any other individuals who have or have previously had authorized access to Information about covered individuals may be disclosed without consent as permitted by the Privacy Act of 1974, as amended, 5 U.S.C. 552a(b); and: VerDate Sep<11>2014 17:16 Jul 27, 2021 Jkt 253001 PO 00000 Frm 00122 Fmt 4703 Sfmt 4703 40565 1. Routine Use—Audit: A record from this system of records may be disclosed to an agency, organization, or individual for the purpose of performing an audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function when necessary to accomplish an agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to FRTIB officers and employees. 2. Routine Use—Breach Mitigation and Notification: Response to Breach of FRTIB Records: A record from this system of records may be disclosed to appropriate agencies, entities, and persons when (1) FRTIB suspects or has confirmed that there has been a breach of the system of records; (2) FRTIB has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, FRTIB (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with FRTIB’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm. 3. Routine Use—Response to Breach of Other Records: A record from this system of records may be disclosed to another Federal agency or Federal entity, when FRTIB determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach. 4. Routine Use—Congressional Inquiries: A record from this system of records may be disclosed to a Congressional office from the record of an individual in response to an inquiry from that Congressional office made at the request of the individual to whom the record pertains. 5. Routine Use—Contractors, et al.: A record from this system of records may be disclosed to contractors, grantees, experts, consultants, the agents thereof, and others performing or working on a contract, service, grant, cooperative agreement, interagency agreement, or other assignment for FRTIB, when E:\FR\FM\28JYN1.SGM 28JYN1 khammond on DSKJM1Z7X2PROD with NOTICES 40566 Federal Register / Vol. 86, No. 142 / Wednesday, July 28, 2021 / Notices necessary to accomplish an agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to FRTIB officers and employees. 6. Routine Use—Third-Party Service Providers: A record from this system of records may be disclosed to third-party service providers, including other government agencies, such as the Department of Justice, that provide support for FRTIB’s Insider Threat Program under a contract or interagency agreement. 7. Routine Use—Disclosure to Law Enforcement: Where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law—criminal, civil, or regulatory in nature—the relevant records may be referred to the appropriate federal, state, local, territorial, tribal, or foreign law enforcement authority or other appropriate entity charged with the responsibility for investigating or prosecuting such violation or charged with enforcing or implementing such law. 8. Routine Use—Litigation, DOJ or Outside Counsel: A record from this system of records may be disclosed to the Department of Justice, FRTIB’s outside counsel, other Federal agency conducting litigation or in proceedings before any court, adjudicative or administrative body, when: (1) FRTIB, or (2) any employee of FRTIB in his or her official capacity, or (3) any employee of FRTIB in his or her individual capacity where DOJ or FRTIB has agreed to represent the employee, or (4) the United States or any agency thereof, is a party to the litigation or has an interest in such litigation, and FRTIB determines that the records are both relevant and necessary to the litigation and the use of such records is compatible with the purpose for which FRTIB collected the records. 9. Routine Use—Litigation, Opposing Counsel: A record from this system of records may be disclosed to a court, magistrate, or administrative tribunal in the course of presenting evidence, including disclosures to opposing counsel or witnesses in the course of civil discovery, litigation, or settlement negotiations or in connection with criminal law proceedings or in response to a subpoena. 10. Routine Use—NARA/Records Management: A record from this system of records may be disclosed to the National Archives and Records Administration (NARA) or other Federal VerDate Sep<11>2014 17:16 Jul 27, 2021 Jkt 253001 Government agencies pursuant to the Federal Records Act. 11. Routine Use—Insider Threat Community of Practice: A record from this system of records may be disclosed to any Federal agency or group of agencies with responsibilities for activities related to counterintelligence or the detection of insider threats. (c)(3), (d)(1)–(4), (e)(1), (e)(4)(G)–(I), and (f) of the Privacy Act. The Agency has promulgated regulations implementing the Privacy Act at 5 CFR 1632.15 that establish this exemption. HISTORY: None. [FR Doc. 2021–16016 Filed 7–27–21; 8:45 am] BILLING CODE P POLICIES AND PRACTICES FOR STORAGE OF RECORDS: Records are maintained in paper and electronic form, including on computer databases and cloud-based services, all of which are securely stored. POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration [Docket No. FDA–2021–P–0299] Records are retrieved by name, phone number, case number, or internal FRTIB identification (including FRTIB email, username, etc.). Determination That EFUDEX (Fluorouracil) Topical Solution, 5 Percent, Was Not Withdrawn From Sale for Reasons of Safety or Effectiveness POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: AGENCY: These records are maintained in accordance with General Records Schedule 5.6 (Security Records), Items 210 through 240, issued by the National Archives and Records Administration (NARA). ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: FRTIB has adopted appropriate administrative, technical, and physical controls in accordance with FRTIB’s security program to protect the security, confidentiality, availability, and integrity of the information and to ensure that records are not disclosed to or accessed by unauthorized individuals. Access to the records in this system is limited to individuals who have the appropriate permissions and who have a need to know the information in order to perform their official duties. RECORD ACCESS PROCEDURES: Individuals seeking to access records within this system must submit a request pursuant to 5 CFR part 1630. Attorneys or other persons acting on behalf of an individual must provide written authorization from that individual, such as a Power of Attorney, in order for the representative to act on their behalf. CONTESTING RECORD PROCEDURES: See Record Access Procedures above. NOTIFICATION PROCEDURES: See Record Access Procedures above. EXEMPTIONS PROMULGATED FOR THE SYSTEM: Records in this system will be exempt, based on 5 U.S.C. 552a(k)(2), from the requirements in subsections PO 00000 Frm 00123 Fmt 4703 Sfmt 4703 Food and Drug Administration, HHS. ACTION: Notice. The Food and Drug Administration (FDA or Agency) has determined that EFUDEX (fluorouracil) topical solution, 5 percent, was not withdrawn from sale for reasons of safety or effectiveness. This determination means that FDA will not begin procedures to withdraw approval of the abbreviated new drug application (ANDA) that refers to this drug product, and it will allow FDA to continue to approve ANDAs that refer to the product as long as they meet relevant legal and regulatory requirements. FOR FURTHER INFORMATION CONTACT: Kaetochi Okemgbo, Center for Drug Evaluation and Research, Food and Drug Administration, 10903 New Hampshire Ave. Bldg. 51, Rm. 6272, Silver Spring, MD 20993–0002, 240– 825–9944, Kaetochi.Okemgbo@ fda.hhs.gov. SUPPLEMENTARY INFORMATION: In 1984, Congress enacted the Drug Price Competition and Patent Term Restoration Act of 1984 (Pub. L. 98–417) (the 1984 amendments), which authorized the approval of duplicate versions of drug products under an ANDA procedure. ANDA applicants must, with certain exceptions, show that the drug for which they are seeking approval contains the same active ingredient in the same strength and dosage form as the ‘‘listed drug,’’ which is a version of the drug that was previously approved. ANDA applicants do not have to repeat the extensive clinical testing otherwise necessary to gain approval of a new drug application (NDA). SUMMARY: E:\FR\FM\28JYN1.SGM 28JYN1

Agencies

[Federal Register Volume 86, Number 142 (Wednesday, July 28, 2021)]
[Notices]
[Pages 40564-40566]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-16016]


=======================================================================
-----------------------------------------------------------------------

FEDERAL RETIREMENT THRIFT INVESTMENT BOARD


Privacy Act of 1974; System of Records

AGENCY: Federal Retirement Thrift Investment Board (FRTIB).

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Privacy Act of 1974, the Federal Retirement 
Thrift Investment Board (FRTIB) proposes to establish a new system of 
records. Records contained in this system will be used to implement 
FRTIB's Insider Threat Program.

DATES: This system will become effective upon its publication in 
today's Federal Register, with the exception of the routine uses which 
will be effective on August 27, 2021. FRTIB invites written comments on 
the routine uses and other aspects of this system of records. Submit 
any comments by August 27, 2021.

ADDRESSES: You may submit written comments to FRTIB by any one of the 
following methods:
     Federal eRulemaking Portal: http://www.regulations.gov. 
Follow the website instructions for submitting comments.
     Fax: 202-942-1676.
     Mail or Hand Delivery: Office of General Counsel, Federal 
Retirement Thrift Investment Board, 77 K Street NE, Suite 1000, 
Washington, DC 20002.

FOR FURTHER INFORMATION CONTACT: Dharmesh Vashee, General Counsel and 
Senior Agency Official for Privacy, Federal Retirement Thrift 
Investment Board, Office of General Counsel, 77 K Street NE, Suite 
1000, Washington, DC 20002, (202) 942-1600. For access to any of the 
FRTIB's systems of records, contact Amanda Haas, FOIA Officer, Office 
of General Counsel, at the above address and phone number.

SUPPLEMENTARY INFORMATION: FRTIB proposes to establish a new system of 
records entitled, ``FRTIB-23, Insider Threat Program Records.'' FRTIB 
is committed to protecting FRTIB facilities, information, and 
information systems. In order to better protect these resources, FRTIB 
has established an Insider Threat Program to prevent, detect, and 
mitigate the effects of insider threats. An insider threat is an 
individual who has or had authorized access to an organization's 
assets, and uses their access, either maliciously or unintentionally, 
to act in a way that could cause harm to FRTIB facilities, information 
systems, or data.
    FRTIB is not legally required to have an insider threat program 
under Executive Order 13587, as the agency does not maintain classified 
information. However, FRTIB has implemented this program as a best 
practice in order to protect the information that it maintains, 
including controlled unclassified information. FRTIB's Insider Threat 
Program is based on standards developed by the National Institute of 
Standards and Technology and the National Insider Threat Task Force. 
The records compiled to administer the insider threat program may be 
from any program, record, or source, and may contain records pertaining 
to information security, personnel security, or physical security.
    FRTIB will publish regulations to exempt such material in the new 
system of records from certain requirements under the Privacy Act of 
1974 (5 U.S.C.

[[Page 40565]]

552a), based on subsection (k)(2) of the Act.
    The collection and maintenance of these records is new. The 
implementation of this new system of records will be effective on July 
28, 2021. FRTIB proposes to apply eleven routine uses to FRTIB-23.

Dharmesh Vashee,
General Counsel and Senior Agency Official for Privacy.

SYSTEM NAME AND NUMBER:
    FRTIB-23, Insider Threat Program Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Records are located at the Federal Retirement Thrift Investment 
Board, 77 K Street NE, Suite 1000, Washington, DC 20002. Records may 
also be maintained at the business offices of third-party service 
providers. Records may also be maintained at additional locations for 
Business Continuity purposes.

SYSTEM MANAGER:
    Insider Threat Program Manager, Federal Retirement Thrift 
Investment Board, 77 K Street NE, Suite 1000, Washington, DC 20002, 
(202) 942-1600.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 8474; 44 U.S.C. Chapter 35; 44 U.S.C. 3101.

PURPOSE(S) OF THE SYSTEM:
    FRTIB's Insider Threat Program is being implemented to prevent, 
detect, and mitigate the effects of insider threats, defined as, ``the 
potential for an individual who has or had authorized access to an 
organization's assets to use their access, either maliciously or 
unintentionally, to act in a way that could negatively affect the 
organization.''
    The Insider Threat Program system of records is being established 
to manage insider threat matters; facilitate insider threat activities, 
inquiries, and investigations; identify insider threats to FRTIB 
facilities, information, and information systems; track referrals of 
potential insider threats from FRTIB's hotline; and to track referrals 
of potential insider threats to internal and external partners.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    This system collects information on current or former FRTIB 
employees, contractors, subcontractors, or any other individuals who 
have or have previously had authorized access to FRTIB facilities, 
information, or information systems.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The categories of records compiled for each insider threat report, 
inquiry, or investigation may vary significantly based on the nature of 
each actual or potential insider threat incident.
    Categories of records in the Insider Threat Program system of 
records may include name; social security number; date of birth; place 
of birth; personal and business email address; personal and business 
phone number; work history; background investigation information 
(including any information derived from SF-85, SF-85P, and SF-86 forms 
and background investigation processes); user ID; user activity 
performed on FRTIB devices; correspondence sent or received on an FRTIB 
device or network; personnel records (including disciplinary records 
and performance records); records of access to FRTIB facilities; 
records of security violations; reports from FRTIB's hotline for fraud, 
waste, abuse, and other misconduct; and law enforcement referrals.

RECORD SOURCE CATEGORIES:
    To monitor, identify, and respond to potential insider threats, 
information in the system will be received on an as-needed basis 
depending on the nature of the inquiry or investigation from: FRTIB 
employees, contractors, vendors, or other individuals with access to 
FRTIB facilities, information, or information systems; FRTIB's hotline 
for reporting fraud, waste, abuse, and other misconduct; information 
collected through user activity monitoring; officials from other 
foreign, federal, tribal, state, and local government agencies and 
organizations; non-government, commercial, public, and private agencies 
and organizations; and from relevant records, including information 
security databases and files; personnel security databases and files; 
FRTIB human resources databases and files; access records for FRTIB 
facilities; FRTIB contractor files; FRTIB's Office of Technology 
Services; FRTIB telephone usage records; federal, state, tribal, 
territorial, and local law enforcement and investigatory records; other 
Federal agencies; and publicly available information.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    Information about covered individuals may be disclosed without 
consent as permitted by the Privacy Act of 1974, as amended, 5 U.S.C. 
552a(b); and:
    1. Routine Use--Audit: A record from this system of records may be 
disclosed to an agency, organization, or individual for the purpose of 
performing an audit or oversight operations as authorized by law, but 
only such information as is necessary and relevant to such audit or 
oversight function when necessary to accomplish an agency function 
related to this system of records. Individuals provided information 
under this routine use are subject to the same Privacy Act requirements 
and limitations on disclosure as are applicable to FRTIB officers and 
employees.
    2. Routine Use--Breach Mitigation and Notification: Response to 
Breach of FRTIB Records: A record from this system of records may be 
disclosed to appropriate agencies, entities, and persons when (1) FRTIB 
suspects or has confirmed that there has been a breach of the system of 
records; (2) FRTIB has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, FRTIB 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with FRTIB's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    3. Routine Use--Response to Breach of Other Records: A record from 
this system of records may be disclosed to another Federal agency or 
Federal entity, when FRTIB determines that information from this system 
of records is reasonably necessary to assist the recipient agency or 
entity in (1) responding to a suspected or confirmed breach or (2) 
preventing, minimizing, or remedying the risk of harm to individuals, 
the recipient agency or entity (including its information systems, 
programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    4. Routine Use--Congressional Inquiries: A record from this system 
of records may be disclosed to a Congressional office from the record 
of an individual in response to an inquiry from that Congressional 
office made at the request of the individual to whom the record 
pertains.
    5. Routine Use--Contractors, et al.: A record from this system of 
records may be disclosed to contractors, grantees, experts, 
consultants, the agents thereof, and others performing or working on a 
contract, service, grant, cooperative agreement, interagency agreement, 
or other assignment for FRTIB, when

[[Page 40566]]

necessary to accomplish an agency function related to this system of 
records. Individuals provided information under this routine use are 
subject to the same Privacy Act requirements and limitations on 
disclosure as are applicable to FRTIB officers and employees.
    6. Routine Use--Third-Party Service Providers: A record from this 
system of records may be disclosed to third-party service providers, 
including other government agencies, such as the Department of Justice, 
that provide support for FRTIB's Insider Threat Program under a 
contract or interagency agreement.
    7. Routine Use--Disclosure to Law Enforcement: Where a record, 
either alone or in conjunction with other information, indicates a 
violation or potential violation of law--criminal, civil, or regulatory 
in nature--the relevant records may be referred to the appropriate 
federal, state, local, territorial, tribal, or foreign law enforcement 
authority or other appropriate entity charged with the responsibility 
for investigating or prosecuting such violation or charged with 
enforcing or implementing such law.
    8. Routine Use--Litigation, DOJ or Outside Counsel: A record from 
this system of records may be disclosed to the Department of Justice, 
FRTIB's outside counsel, other Federal agency conducting litigation or 
in proceedings before any court, adjudicative or administrative body, 
when: (1) FRTIB, or (2) any employee of FRTIB in his or her official 
capacity, or (3) any employee of FRTIB in his or her individual 
capacity where DOJ or FRTIB has agreed to represent the employee, or 
(4) the United States or any agency thereof, is a party to the 
litigation or has an interest in such litigation, and FRTIB determines 
that the records are both relevant and necessary to the litigation and 
the use of such records is compatible with the purpose for which FRTIB 
collected the records.
    9. Routine Use--Litigation, Opposing Counsel: A record from this 
system of records may be disclosed to a court, magistrate, or 
administrative tribunal in the course of presenting evidence, including 
disclosures to opposing counsel or witnesses in the course of civil 
discovery, litigation, or settlement negotiations or in connection with 
criminal law proceedings or in response to a subpoena.
    10. Routine Use--NARA/Records Management: A record from this system 
of records may be disclosed to the National Archives and Records 
Administration (NARA) or other Federal Government agencies pursuant to 
the Federal Records Act.
    11. Routine Use--Insider Threat Community of Practice: A record 
from this system of records may be disclosed to any Federal agency or 
group of agencies with responsibilities for activities related to 
counterintelligence or the detection of insider threats.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in paper and electronic form, including on 
computer databases and cloud-based services, all of which are securely 
stored.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by name, phone number, case number, or 
internal FRTIB identification (including FRTIB email, username, etc.).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    These records are maintained in accordance with General Records 
Schedule 5.6 (Security Records), Items 210 through 240, issued by the 
National Archives and Records Administration (NARA).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    FRTIB has adopted appropriate administrative, technical, and 
physical controls in accordance with FRTIB's security program to 
protect the security, confidentiality, availability, and integrity of 
the information and to ensure that records are not disclosed to or 
accessed by unauthorized individuals. Access to the records in this 
system is limited to individuals who have the appropriate permissions 
and who have a need to know the information in order to perform their 
official duties.

RECORD ACCESS PROCEDURES:
    Individuals seeking to access records within this system must 
submit a request pursuant to 5 CFR part 1630. Attorneys or other 
persons acting on behalf of an individual must provide written 
authorization from that individual, such as a Power of Attorney, in 
order for the representative to act on their behalf.

CONTESTING RECORD PROCEDURES:
    See Record Access Procedures above.

NOTIFICATION PROCEDURES:
    See Record Access Procedures above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    Records in this system will be exempt, based on 5 U.S.C. 
552a(k)(2), from the requirements in subsections (c)(3), (d)(1)-(4), 
(e)(1), (e)(4)(G)-(I), and (f) of the Privacy Act. The Agency has 
promulgated regulations implementing the Privacy Act at 5 CFR 1632.15 
that establish this exemption.

HISTORY:
    None.
[FR Doc. 2021-16016 Filed 7-27-21; 8:45 am]
BILLING CODE P