Privacy Act of 1974; System of Records, 52550-52552 [2021-20362]

Agencies

• DEPARTMENT OF VETERANS AFFAIRS

[Federal Register Volume 86, Number 180 (Tuesday, September 21, 2021)]
[Notices]
[Pages 52550-52552]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-20362]


-----------------------------------------------------------------------

DEPARTMENT OF VETERANS AFFAIRS


Privacy Act of 1974; System of Records

AGENCY: Department of Veterans Affairs (VA), Financial Services Center 
(FSC).

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The system maintains a system for operating, auditing, and 
managing the charge card program involving commercial purchases 
authorized by VA employees.

DATES: Comments on this modified system of records must be received no 
later than 30 days after date of publication in the Federal Register. 
If no public comment is received during the period allowed for comment 
or unless otherwise published in the Federal Register by VA, the 
modified system of records will become effective a minimum of 30 days 
after date of publication in the Federal Register. If VA receives 
public comments, VA shall review the comments to determine whether any 
changes to the notice are necessary.

ADDRESSES: Comments may be submitted through www.Regulations.gov or 
mailed to VA Privacy Service, 810 Vermont Avenue NW, (005R1A), 
Washington, DC 20420. Comments should indicate that they are submitted 
in response to Purchase Credit Card Program-VA (131VA047). Comments 
received will be available at regulations.gov for public viewing, 
inspection or copies.

FOR FURTHER INFORMATION CONTACT: Lori Thomas, Financial Services 
Center, Department of Veterans Affairs, 1615 Woodward Street, Austin, 
TX 78772, (512) 460-5189 or [email protected].

SUPPLEMENTARY INFORMATION: The General Services Administration 
established a governmentwide charge card service. This service is used 
as a payment mechanism and is designed to provide better financial and 
cash management controls over the Federal Government's low dollar value 
procurements. Individual employees are selected by their agencies to 
obtain and use the Government's purchase card, called SmartPay3, to aid 
in the employee's procurement responsibilities. An individual employee 
obtains a purchase card by applying to a private contractor bank. This 
application is given to the Agency/Organization Program Coordinator, 
who serves as the focal point for coordination of applications, 
issuance and destruction of cards, establishment of reports, and 
administrative training. This Program Coordinator also serves as a 
liaison between the agency and the bank. Prior to obtaining this 
account, an employee receives a delegation of authority from his/her 
agency, which indicates the maximum dollar amount

[[Page 52551]]

for each single purchase made and a monthly dollar limit for total 
purchases. At the close of each billing cycle, each employee receives a 
``Statement of Account'' from the bank that itemizes each transaction. 
In order to successfully participate in the SmartPay3 purchase card 
program, VA must maintain certain records on the employees who have 
obtained a purchase card. This information includes name, address, 
employment information, telephone numbers, information needed for 
identification verification, charge card applications, charge card 
statements, terms and conditions for use of the charge card, and 
monthly report from contractor(s) showing charges to individual account 
numbers, balances and other types of account analysis.

Signing Authority

    The Senior Agency Official for Privacy, or designee, approved this 
document and authorized the undersigned to sign and submit the document 
to the Office of the Federal Register for publication electronically as 
an official document of the Department of Veterans Affairs. Dominic A. 
Cussatt, Acting Assistant Secretary of Information and Technology and 
Chief Information Officer, approved this document on August 4, 2021 for 
publication.

     Dated: September 16, 2021.
Amy L. Rose,
Program Analyst, VA Privacy Service, Office of Information Security, 
Office of Information and Technology, Department of Veterans Affairs.

SYSTEM NAME AND NUMBER:
    Purchase Credit Card Program-VA (131VA047).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    This system of record is located in the Financial Services Center, 
Austin, TX.

SYSTEM MANAGER(S):
    Lori Thomas, Division Chief of Charge Card Services Division, 
Financial Services Center, Department of Veterans Affairs, 1615 
Woodward Street, Austin, TX, 78772, (512) 460- 5189 or 
[email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Federal Acquisition Regulation (FAR), part 13, 48 CFR, part 13, and 
Public Law 93-579. Section 7(b).

PURPOSE(S) OF THE SYSTEM:
    To maintain a system for operating, auditing, and managing the 
purchase card program involving commercial purchases by authorized VA 
employees.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals covered by the system are current VA employees who have 
their own Government assigned charge card, or who have had a charge 
card.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records include name, work addresses, work telephone numbers, 
information needed for identification verification, charge card 
applications, charge card statements, terms and conditions for use of 
the charge card, and monthly report from contractor(s) showing charges 
to individual account numbers, balances, and other types of account 
analysis.

RECORD SOURCE CATEGORIES:
    Transactional data from the contracting bank.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    1. Congress. VA may disclose information to a Member of Congress or 
staff acting upon the Member's behalf when the Member or staff requests 
the information on behalf of, and at the request of, the individual who 
is the subject of the record.
    2. Data Breach Response and Remediation, for VA. VA may disclose 
information to appropriate agencies, entities, and persons when (1) VA 
suspects or has confirmed that there has been a breach of the system of 
records, (2) VA has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, VA (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with VA's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm involving.
    3. Data Breach Response and Remediation, for Another Federal 
Agency. VA may disclose information to another Federal agency or 
Federal entity, when VA determines that the information is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    4. Law Enforcement. VA may disclose information that, either alone 
or in conjunction with other information, indicates a violation or 
potential violation of law, whether civil, criminal, or regulatory in 
nature, to a Federal, state, local, territorial, tribal, or foreign law 
enforcement authority or other appropriate entity charged with the 
responsibility of investigating or prosecuting such violation or 
charged with enforcing or implementing such law. The disclosure of the 
names and addresses of VA employees, from VA records under this routine 
use must also comply with the provisions of 38 U.S.C. 5701.
    5. DoJ for Litigation or Administrative Proceeding. VA may disclose 
information to the Department of Justice (DoJ), or in a proceeding 
before a court, adjudicative body, or other administrative body before 
which VA is authorized to appear, when:
    (a) VA or any component thereof;
    (b) Any VA employee in his or her official capacity;
    (c) Any VA employee in his or her official capacity where DoJ has 
agreed to represent the employee; or
    (d) The United States, where VA determines that litigation is 
likely to affect the agency or any of its components, is a party to 
such proceedings or has an interest in such proceedings, and VA 
determines that use of such records is relevant and necessary to the 
proceedings.
    6. Contractors. VA may disclose information to contractors, 
grantees, experts, consultants, students, and others performing or 
working on a contract, service, grant, cooperative agreement, or other 
assignment for VA, when reasonably necessary to accomplish an agency 
function related to the records.
    7. OPM. VA may disclose information to the Office of Personnel 
Management (OPM) in connection with the application or effect of civil 
service laws, rules, regulations, or OPM guidelines in particular 
situations.
    8. EEOC. VA may disclose information to the Equal Employment 
Opportunity Commission (EEOC) in connection with investigations of 
alleged or possible discriminatory practices, examination of Federal 
affirmative employment programs, or other functions of the Commission 
as authorized by law.
    9. FLRA. VA may disclose information to the Federal Labor Relations 
Authority (FLRA) in connection with: The investigation and resolution 
of allegations of unfair labor practices, the

[[Page 52552]]

resolution of exceptions to arbitration awards when a question of 
material fact is raised; matters before the Federal Service Impasses 
Panel; and the investigation of representation petitions and the 
conduct or supervision of representation elections.
    10. MSPB. VA may disclose information to the Merit Systems 
Protection Board (MSPB) and the Office of the Special Counsel in 
connection with appeals, special studies of the civil service and other 
merit systems, review of rules and regulations, investigation of 
alleged or possible prohibited personnel practices, and such other 
functions promulgated in 5 U.S.C. 1205 and 1206, or as authorized by 
law.
    11. NARA. VA may disclose information to NARA in records management 
inspections conducted under 44 U.S.C. 2904 and 2906, or other functions 
authorized by laws and policies governing NARA operations and VA 
records management responsibilities.
    12. Federal Agencies, Courts, Litigants, for Litigation or 
Administrative Proceedings. VA may disclose information to another 
federal agency, court, or party in litigation before a court or in an 
administrative proceeding conducted by a Federal agency, when the 
government is a party to the judicial or administrative proceeding.
    13. Law Enforcement, for Locating Fugitive. In compliance with 38 
U.S.C. 5313B(d), VA may disclose information to any Federal, state, 
local, territorial, tribal, or foreign law enforcement agency in order 
to identify, locate, or report a known fugitive felon. If the 
disclosure is in response to a request from a law enforcement entity, 
the request must meet the requirements for a qualifying law enforcement 
request under the Privacy Act, 5 U.S.C. 552a(b)(7).
    14. OMB. VA may disclose information to the Office of Management 
and Budget (OMB) for the performance of its statutory responsibilities 
for evaluating Federal programs.
    15. Treasury, to Report Earnings as Income. VA may disclose 
information to the Department of the Treasury to report calendar year 
earnings of $600 or more for income tax reporting purposes.
    16. APA. VA may disclose information as necessary, to comply with 
the requirements of the Administrative Procedure Act (APA) to make 
available for public review comments submitted in response to VA's 
solicitation of public comments as part of the agency's notice and 
rulemaking activities under the APA if VA determines that release of 
personally identifiable information, such as an individual's telephone 
number, is integral to the public's understanding of the comment 
submitted
    17. Unions. VA may disclose information identified in 5 U.S.C. 
7114(b)(4) to officials of labor organizations recognized under 5 
U.S.C. Chapter 71 when relevant and necessary to their duties of 
exclusive representation concerning personnel policies, practices, and 
matters affecting working conditions.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The FSC Purchase Card program retains only electronic data on its 
servers for transaction purposes for a period of 6 years.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    These records may be retrieved using various combinations of name 
or identification number (charge card number) of the individual on whom 
the records are maintained.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    In accordance with General Records Schedule 1.1, Item #10, records 
are destroyed 6 years after final payment or cancellation, but longer 
retention is authorized for business use.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to these records is restricted to authorized VA employees or 
contractors, on a ``need to know'' basis. Offices where these records 
are maintained are locked after working hours and are protected from 
outside access by the Federal Protective Service, other security 
officers, and alarm systems. Access to computerized records is 
restricted to authorized VA employees or contractors, by means of 
unique user identification and passwords.

RECORD ACCESS PROCEDURES:
    Individuals seeking information concerning the existence of a 
record pertaining to them must submit a written request to the VA 
station where the records are maintained. Such requests must contain a 
reasonable description of the records requested. In addition, 
identification of the individual requesting the information will be 
required in the written request and will consist of the requester's 
name, signature, and address, as a minimum.

CONTESTING RECORD PROCEDURES:
    (See Notification procedure above.)

NOTIFICATION PROCEDURES:
    Please contact Lori Thomas, Division Chief of Charge Card Services 
Division, Financial Services Center, Department of Veterans Affairs, 
1615 Woodward Street, Austin, TX 78772, (512) 460-5189 or 
[email protected].

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    There is no category of records in this system that has been 
identified as exempt from any section of the Privacy Act.

HISTORY:
    Purchase Credit Card Program-VA (131VA047) was published on 
February 11, 2005 at 70 FR 7320.

[FR Doc. 2021-20362 Filed 9-20-21; 8:45 am]
BILLING CODE P