Privacy Act of 1974; System of Records, 60496-60498 [2021-23821]
Download as PDF
60496
Federal Register / Vol. 86, No. 209 / Tuesday, November 2, 2021 / Notices
proposed rule change between the
Commission and any person, other than
those that may be withheld from the
public in accordance with the
provisions of 5 U.S.C. 552, will be
available for website viewing and
printing in the Commission’s Public
Reference Room, 100 F Street NE,
Washington, DC 20549, on official
business days between the hours of
10:00 a.m. and 3:00 p.m. Copies of such
filings will also be available for
inspection and copying at the principal
office of ICE Clear Credit and on ICE
Clear Credit’s website at https://
www.theice.com/clear-credit/regulation.
All comments received will be posted
without change. Persons submitting
comments are cautioned that we do not
redact or edit personal identifying
information from comment submissions.
You should submit only information
that you wish to make available
publicly. All submissions should refer
to File Number SR–ICC–2021–022 and
should be submitted on or before
November 23, 2021.
For the Commission, by the Division of
Trading and Markets, pursuant to delegated
authority.15
J. Matthew DeLesDernier,
Assistant Secretary.
[FR Doc. 2021–23813 Filed 11–1–21; 8:45 am]
BILLING CODE 8011–01–P
SECURITIES AND EXCHANGE
COMMISSION
[Release No. PA–57; File No. S7–14–21]
Privacy Act of 1974; System of
Records
Securities and Exchange
Commission.
ACTION: Notice of a new system of
records.
AGENCY:
The Securities and Exchange
Commission (SEC) established SEC–34,
Public Health and Safety Records under
the Privacy Act of 1974. This system of
records maintains information collected
in response to a public health
emergency. Information will be
collected from SEC personnel (political
appointees, employees, consultants,
detailees, interns, and volunteers),
contractors, visitors, job applicants, and
others who access or seek to access SEC
facilities or worksites to assist the SEC
with maintaining a safe and healthy
workplace and to protect its workforce
from risks associated with
communicable diseases.
DATES: The changes will become
effective December 2, 2021 to permit
jspears on DSK121TN23PROD with NOTICES1
SUMMARY:
15 17
CFR 200.30–3(a)(12).
VerDate Sep<11>2014
17:42 Nov 01, 2021
Jkt 256001
public comment on the new and revised
routine uses. The Commission will
publish a new notice if the effective date
is delayed to review comments or if
changes are made based on comments
received. To assure consideration,
comments should be received on or
before December 2, 2021.
ADDRESSES: Comments may be
submitted by any of the following
methods:
Electronic Comments
• Use the Commission’s internet
comment form (https://www.sec.gov/
rules/other.shtml); or
• Send an email to rule-comments@
sec.gov. Please include File Number S7–
14–21 on the subject line.
Paper Comments
Send paper comments to Vanessa A.
Countryman, Secretary, U.S. Securities
and Exchange Commission, 100 F Street
NE, Washington, DC 20549–1090. All
submissions should refer to S7–14–21.
This file number should be included on
the subject line if email is used. To help
process and review your comments
more efficiently, please use only one
method. The Commission will post all
comments on the Commission’s internet
website (https://www.sec.gov/rules/
other.shtml). Comments are also
available for website viewing and
printing in the Commission’s Public
Reference Room, 100 F Street NE,
Washington, DC 20549, on official
business days between the hours of 10
a.m. and 3 p.m. All comments received
will be posted without change; we do
not edit personal identifying
information from submissions. You
should submit only information that
you wish to make publicly available.
FOR FURTHER INFORMATION CONTACT: For
general and privacy related questions
please contact: Ronnette McDaniel,
Privacy and Information Assurance
Branch Chief, 202–551–7200 or
privacyhelp@sec.gov.
SUPPLEMENTARY INFORMATION: In order to
collect and maintain contractor, visitor
and job applicant disclosures, the SEC
established SEC–34, Public Health and
Safety Records, a system of records
under the Privacy Act. The SEC is
committed to maintaining a safe and
healthy workplace and to protect its
workforce from risks associated with a
public health emergency. To ensure and
maintain the safety of all SEC personnel
(political appointees, employees,
consultants, detailees, interns, and
volunteers), contractors, visitors, job
applicants, and others who access or
seek to access an SEC facility, space, or
worksite during a public health
PO 00000
Frm 00056
Fmt 4703
Sfmt 4703
emergency, the SEC may develop and
institute safety measures that require the
collection of personal information.
Records may include information on
individuals’ vaccination status and
information to support a request for
reasonable accommodation based on
disability or sincerely held religious
belief. Records also may include
information on individuals who have
been suspected or confirmed to have
contracted a disease or illness, or who
have been exposed to an individual who
had been suspected or confirmed to
have contracted a disease or illness,
related to a declared public health
emergency. Records may also include
information on the individual
circumstances surrounding the disease
or illness such as dates of suspected
exposure, testing results, symptoms,
treatments, and other related health
status information. Any contact tracing
conducted by SEC personnel will
involve collecting information about
SEC personnel, contractors and visitors
who are exhibiting symptoms or who
have tested positive for an infectious
disease in order to identify and notify
other SEC personnel, contractors and
visitors with whom they may have come
into contact and who may have been
exposed. Records may also include
information on individuals identified as
emergency contacts for SEC personnel.
Information from this system of
records will be collected, maintained,
and disclosed in accordance with
applicable law, regulations, and
statutes, including, but not limited to;
the Americans with Disabilities Act of
1990 and regulations and guidance
published by the U.S. Occupational
Safety and Health Administration, the
U.S. Equal Employment Opportunity
Commission, and the U.S. Centers for
Disease Control and Prevention.
SYSTEM NAME AND NUMBER:
SEC–34 Public Health and Safety
Records.
SECURITY CLASSIFICATION:
Non-classified.
SYSTEM LOCATION:
Securities and Exchange Commission
(SEC), 100 F Street NE, Washington, DC
20549. Files may also be maintained in
the following SEC Regional Offices:
Atlanta Regional Office (ARO), 950 East
Paces Ferry Road NE, Suite 900, Atlanta,
GA 30326–1382; Boston Regional Office
(BRO), 33 Arch Street, 24th Floor,
Boston, MA 02110–1424; Chicago
Regional Office (CHRO), 175 W Jackson
Boulevard, Suite 1450, Chicago, IL
60604; Denver Regional Office (DRO),
Byron Rogers Federal Office Building,
E:\FR\FM\02NON1.SGM
02NON1
Federal Register / Vol. 86, No. 209 / Tuesday, November 2, 2021 / Notices
1961 Stout Street, Suite 1700, Denver,
CO 80294–1961; Fort Worth Regional
Office (FWRO), Burnett Plaza, 801
Cherry Street, Suite 1900, Unit 18, Fort
Worth, TX 76102; Los Angeles Regional
Office (LARO), 444 South Flower Street,
Suite 900, Los Angeles, CA 90071;
Miami Regional Office (MIRO), 801
Brickell Avenue, Suite 1950, Miami, FL
33131; New York Regional Office
(NYRO), Brookfield Place, 200 Vesey
Street, Suite 400, New York, NY 10281–
1022; Philadelphia Regional Office
(PLRO), One Penn Center, 1617 John F.
Kennedy Boulevard, Suite 520,
Philadelphia, PA 19103–1844; Salt Lake
Regional Office (SLRO), 351 S West
Temple St., Suite 6.100, Salt Lake City,
UT 84101; and San Francisco Regional
Office (SFRO), 44 Montgomery Street,
Suite 2800, San Francisco, CA 94104.
SYSTEM MANAGER(S):
Chief Operating Officer, Securities
and Exchange Commission, 100 F Street
NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The authority to collect this
information derives from General Duty
Clause, Sections 5(a)(1) and 19(a) of the
Occupational Safety and Health (OSH)
Act of 1970 (29 U.S.C. 654(a)(1), 668(a));
Section 319 of the Public Health Service
Act (42 U.S.C. 247d); E.O. 12196,
Occupational Safety and Health
Programs for Federal Employees (Feb.
26, 1980); E.O 13991, Protecting the
Federal Workforce and Requiring MaskWearing; (Jan. 25, 2021); Executive
Order on Ensuring Adequate COVID
Safety Protocols for Federal Contractors
(September 9, 2021); Executive Order on
Requiring Coronavirus Disease 2019
Vaccination for Federal Employees
(September 9, 2021); OMB
Memorandum M–20–23 Aligning
Federal Agency Operations with the
National Guidelines for Opening Up
America Again (Apr. 20, 2020); and
OMB Memorandum M–21–15 COVID–
19 Safe Federal Workplace: Agency
Model Safety Principles (Jan. 24, 2021).
Information will be collected and
maintained in accordance with the
Americans with Disabilities Act of 1990
(42 U.S.C. 12101 et seq.)
jspears on DSK121TN23PROD with NOTICES1
PURPOSE(S) OF THE SYSTEM:
The information in the system is
collected to assist the SEC with
maintaining a safe and healthy
workplace and to protect its workforce
from risks associated with
communicable diseases that the
Secretary of the Department of Health
and Human Services has determined to
be a public health emergency pursuant
to Section 319(a) of the Public Health
VerDate Sep<11>2014
17:42 Nov 01, 2021
Jkt 256001
Service Act (42 U.S.C. 247d(a)) (‘‘Public
Health Emergency’’). Records in this
system may be collected, maintained,
and used to: (1) Determine who may be
allowed access to SEC facilities or
worksites and what testing or medical
screening is necessary before a person
may enter; (2) respond to a significant
risk of harm to SEC personnel,
contractors, and visitors, as well as to
any others in SEC facilities or worksites;
(3) document reports that SEC
personnel, contractors, or any persons
who have been in SEC facilities or
worksites may have or may have been
exposed to a communicable disease that
is the subject of a Public Health
Emergency; (4) perform contact tracing
investigations of and notifications to
SEC personnel, contractors, and visitors
known or suspected of exposure to
communicable diseases that are the
subject of a Public Health Emergency;
(5) inform federal, state, or local public
health authorities so that these
authorities may act to protect public
health as allowed or required by law; (6)
implement such actions (e.g., quarantine
or isolation) as necessary to prevent the
introduction, transmission, and spread
of a communicable disease that is the
subject of a Public Health Emergency by
SEC personnel, contractors, and persons
who have been in SEC facilities or
worksites; (7) comply with
Occupational Safety and Health
Administration Act recordkeeping
requirements; and (8) process employee
requests for reasonable accommodation
based on disability or sincerely held
religious belief.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
Individuals covered by this system
include all SEC personnel (political
appointees, employees, consultants,
detailees, interns, and volunteers),
contractors, visitors, job applicants, and
others who access or seek to access SEC
facilities or worksites. The system also
covers individuals identified as
emergency contacts for SEC staff.
CATEGORIES OF RECORDS IN THE SYSTEM:
Information collected and maintained
may include, but is not limited to:
—Biographical information: Name
and contact information.
—Health information: Body
temperature, dates of and symptoms
relating to a potential or actual exposure
to a pathogen, or immunization and/or
vaccination information.
—Information to support a request for
reasonable accommodation based on
disability or sincerely held religious
belief.
PO 00000
Frm 00057
Fmt 4703
Sfmt 4703
60497
—Contact tracing information: Dates
of visits to SEC facilities, locations
visited within the facility (e.g., office
and cubicle number), the duration of
time spent in the facility, dates the SEC
was made aware of the exposure, and
potential contacts between potentially
contagious persons and others in SEC
facilities.
—Testing Results: Negative results,
confirmed or unconfirmed positive test
results, and documents related to the
reasons for testing or other aspects of
test results.
—Subsequent actions taken by the
SEC to address an incident: Identifying
and contact information of individuals
who have been suspected or confirmed
to have contracted a communicable
disease that is the subject of a Public
Health Emergency, or who have been
exposed to an individual who has been
suspected or confirmed to have
contracted a communicable disease that
is the subject of a Public Health
Emergency; individual circumstances
and dates of suspected exposure;
symptoms; and treatments. The SEC
uses this information to maintain a safe
and healthy workplace and to protect its
workforce. Although it is not the intent
for the SEC to collect family medical
information, an individual may indicate
that they were exposed to specific
family members who have been
diagnosed with, or are suspected to
have, the disease in question. To the
extent this information may be acquired
inadvertently, such information will be
kept as a confidential medical record
and maintained separately from an
employee’s SEC personnel file.
RECORD SOURCE CATEGORIES:
The information in this system is
collected directly from the individual or
from the individual’s emergency
contact. Information may also be
collected from security systems that
monitor access to SEC facilities, such as
badging systems, video surveillance,
human resources systems, emergency
notification systems, and federal, state,
and local agencies assisting with the
response to a Public Health Emergency.
Information may also be collected from
SEC contractors or from property
management companies responsible for
managing office buildings that house
SEC facilities or worksites, including
the General Services Administration
(GSA).
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:
In addition to those disclosures
generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, these records
E:\FR\FM\02NON1.SGM
02NON1
jspears on DSK121TN23PROD with NOTICES1
60498
Federal Register / Vol. 86, No. 209 / Tuesday, November 2, 2021 / Notices
or information contained therein may
specifically be disclosed outside the
Commission as a routine use pursuant
to 5 U.S.C. 552a(b)(3) as follows:
1. To appropriate agencies, entities,
and persons when (a) it is suspected or
confirmed that the security or
confidentiality of information in the
system of records has been
compromised; (b) the SEC has
determined that, as a result of the
suspected or confirmed compromise,
there is a risk of harm to economic or
property interests, identity theft or
fraud, or harm to the security or
integrity of this system or other systems
or programs (whether maintained by the
SEC or another agency or entity) that
rely upon the compromised
information; and (c) the disclosure made
to such agencies, entities, and persons is
reasonably necessary to assist in
connection with the SEC’s efforts to
respond to the suspected or confirmed
compromise and prevent, minimize, or
remedy such harm.
2. To a Federal, State, or local agency
to the extent necessary to comply with
laws governing reporting of infectious
disease.
3. To SEC personnel, contractors,
visitors, emergency contacts, or others
to notify an individual (1) who has been
exposed or may have potentially been
exposed to a communicable disease that
is the subject of a Public Health
Emergency of information regarding the
exposure or potential exposure, or (2)
who may have reason to know of
circumstances that increase the risk of
such exposure. To the extent possible,
all information will be anonymized.
4. To another Federal agency, to a
court, or a party in litigation before a
court or in an administrative proceeding
being conducted by a Federal agency
when the SEC is a party to the judicial
or administrative proceeding where the
information is relevant and necessary to
the proceeding.
5. To employees, grantees, experts,
contractors, and others who have been
engaged by the Commission to assist in
the performance of a service related to
this system of records and who need
access to the records for the purpose of
assisting the Commission in the efficient
administration of its programs,
including by performing clerical,
stenographic, or data analysis functions,
or by reproduction of records by
electronic or other means. Recipients of
these records shall be required to
comply with the requirements of the
Privacy Act of 1974, as amended, 5
U.S.C. 552a.
6. To produce summary descriptive
statistics and analytical studies, as a
data source for management
VerDate Sep<11>2014
17:42 Nov 01, 2021
Jkt 256001
information, in support of the function
for which the records are collected and
maintained or for related personnel
management functions or manpower
studies; may also be used to respond to
general requests for statistical
information (without personal
identification of individuals) under the
Freedom of Information Act.
7. To a Congressional office from the
record of an individual in response to
an inquiry from the Congressional office
made at the request of that individual.
8. To members of Congress, the
Government Accountability Office, or
others charged with monitoring the
work of the Commission or conducting
records management inspections.
9. To another Federal agency or
Federal entity, when the SEC
determines that information from this
system of records is reasonably
necessary to assist the recipient agency
or entity in (1) responding to a
suspected or confirmed breach or (2)
preventing, minimizing, or remedying
the risk of harm to individuals, the
recipient agency or entity (including its
information systems, programs, and
operations), the Federal Government, or
national security, resulting from a
suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF
RECORDS:
Records in this system of records are
stored electronically or on paper in
secure facilities. Electronic records are
stored on the SEC’s secure network.
POLICIES AND PRACTICES FOR RETRIEVAL OF
RECORDS:
Information covered by this system of
records notice may be retrieved by the
name of the individual, contact
information, or by some combination
thereof.
POLICIES AND PRACTICES FOR RETENTION AND
DISPOSAL OF RECORDS:
The records will be maintained until
they become inactive, at which time
they will be retired or destroyed in
accordance with records schedules of
the United States Securities and
Exchange Commission, and as approved
by the National Archives and Records
Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL
SAFEGUARDS:
Access to SEC facilities, data centers,
and information or information systems
is limited to authorized personnel with
official duties requiring access. SEC
facilities are equipped with security
cameras, and, at certain SEC facilities,
24-hour security guard service.
Computerized records are safeguarded
in a secured environment. Security
PO 00000
Frm 00058
Fmt 4703
Sfmt 9990
protocols meet the promulgating
guidance as established by the National
Institute of Standards and Technology
(NIST) Security Standards from Access
Control to Data Encryption and Security
Assessment & Authorization (SA&A).
Records are maintained in a secure,
password-protected electronic system
that will utilize commensurate
safeguards that may include: Firewalls,
intrusion detection and prevention
systems, and role-based access controls.
Additional safeguards will vary by
program. All records are protected from
unauthorized access through
appropriate administrative, operational,
and technical safeguards. These
safeguards include: Restricting access to
authorized personnel who have a ‘‘need
to know’’; using locks; and password
protection identification features.
Contractors and other recipients
providing services to the Commission
shall be required to maintain equivalent
safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information
on the procedures for gaining access to
or contesting the contents of these
records may contact the FOIA/PA
Officer, Securities and Exchange
Commission, 100 F Street NE, Mail Stop
5100, Washington, DC 20549–2736.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this
system of records contains a record
pertaining to the requesting individual
may be directed to the FOIA/PA Officer,
Securities and Exchange Commission,
100 F Street NE, Mail Stop 5100,
Washington, DC 20549–2736.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
New SORN.
By the Commission.
Dated: October 27, 2021.
Vanessa A. Countryman,
Secretary.
[FR Doc. 2021–23821 Filed 11–1–21; 8:45 am]
BILLING CODE 8011–01–P
E:\FR\FM\02NON1.SGM
02NON1
Agencies
[Federal Register Volume 86, Number 209 (Tuesday, November 2, 2021)]
[Notices]
[Pages 60496-60498]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-23821]
-----------------------------------------------------------------------
SECURITIES AND EXCHANGE COMMISSION
[Release No. PA-57; File No. S7-14-21]
Privacy Act of 1974; System of Records
AGENCY: Securities and Exchange Commission.
ACTION: Notice of a new system of records.
-----------------------------------------------------------------------
SUMMARY: The Securities and Exchange Commission (SEC) established SEC-
34, Public Health and Safety Records under the Privacy Act of 1974.
This system of records maintains information collected in response to a
public health emergency. Information will be collected from SEC
personnel (political appointees, employees, consultants, detailees,
interns, and volunteers), contractors, visitors, job applicants, and
others who access or seek to access SEC facilities or worksites to
assist the SEC with maintaining a safe and healthy workplace and to
protect its workforce from risks associated with communicable diseases.
DATES: The changes will become effective December 2, 2021 to permit
public comment on the new and revised routine uses. The Commission will
publish a new notice if the effective date is delayed to review
comments or if changes are made based on comments received. To assure
consideration, comments should be received on or before December 2,
2021.
ADDRESSES: Comments may be submitted by any of the following methods:
Electronic Comments
Use the Commission's internet comment form (https://www.sec.gov/rules/other.shtml); or
Send an email to [email protected]. Please include
File Number S7-14-21 on the subject line.
Paper Comments
Send paper comments to Vanessa A. Countryman, Secretary, U.S.
Securities and Exchange Commission, 100 F Street NE, Washington, DC
20549-1090. All submissions should refer to S7-14-21. This file number
should be included on the subject line if email is used. To help
process and review your comments more efficiently, please use only one
method. The Commission will post all comments on the Commission's
internet website (https://www.sec.gov/rules/other.shtml). Comments are
also available for website viewing and printing in the Commission's
Public Reference Room, 100 F Street NE, Washington, DC 20549, on
official business days between the hours of 10 a.m. and 3 p.m. All
comments received will be posted without change; we do not edit
personal identifying information from submissions. You should submit
only information that you wish to make publicly available.
FOR FURTHER INFORMATION CONTACT: For general and privacy related
questions please contact: Ronnette McDaniel, Privacy and Information
Assurance Branch Chief, 202-551-7200 or [email protected].
SUPPLEMENTARY INFORMATION: In order to collect and maintain contractor,
visitor and job applicant disclosures, the SEC established SEC-34,
Public Health and Safety Records, a system of records under the Privacy
Act. The SEC is committed to maintaining a safe and healthy workplace
and to protect its workforce from risks associated with a public health
emergency. To ensure and maintain the safety of all SEC personnel
(political appointees, employees, consultants, detailees, interns, and
volunteers), contractors, visitors, job applicants, and others who
access or seek to access an SEC facility, space, or worksite during a
public health emergency, the SEC may develop and institute safety
measures that require the collection of personal information. Records
may include information on individuals' vaccination status and
information to support a request for reasonable accommodation based on
disability or sincerely held religious belief. Records also may include
information on individuals who have been suspected or confirmed to have
contracted a disease or illness, or who have been exposed to an
individual who had been suspected or confirmed to have contracted a
disease or illness, related to a declared public health emergency.
Records may also include information on the individual circumstances
surrounding the disease or illness such as dates of suspected exposure,
testing results, symptoms, treatments, and other related health status
information. Any contact tracing conducted by SEC personnel will
involve collecting information about SEC personnel, contractors and
visitors who are exhibiting symptoms or who have tested positive for an
infectious disease in order to identify and notify other SEC personnel,
contractors and visitors with whom they may have come into contact and
who may have been exposed. Records may also include information on
individuals identified as emergency contacts for SEC personnel.
Information from this system of records will be collected,
maintained, and disclosed in accordance with applicable law,
regulations, and statutes, including, but not limited to; the Americans
with Disabilities Act of 1990 and regulations and guidance published by
the U.S. Occupational Safety and Health Administration, the U.S. Equal
Employment Opportunity Commission, and the U.S. Centers for Disease
Control and Prevention.
SYSTEM NAME AND NUMBER:
SEC-34 Public Health and Safety Records.
SECURITY CLASSIFICATION:
Non-classified.
SYSTEM LOCATION:
Securities and Exchange Commission (SEC), 100 F Street NE,
Washington, DC 20549. Files may also be maintained in the following SEC
Regional Offices: Atlanta Regional Office (ARO), 950 East Paces Ferry
Road NE, Suite 900, Atlanta, GA 30326-1382; Boston Regional Office
(BRO), 33 Arch Street, 24th Floor, Boston, MA 02110-1424; Chicago
Regional Office (CHRO), 175 W Jackson Boulevard, Suite 1450, Chicago,
IL 60604; Denver Regional Office (DRO), Byron Rogers Federal Office
Building,
[[Page 60497]]
1961 Stout Street, Suite 1700, Denver, CO 80294-1961; Fort Worth
Regional Office (FWRO), Burnett Plaza, 801 Cherry Street, Suite 1900,
Unit 18, Fort Worth, TX 76102; Los Angeles Regional Office (LARO), 444
South Flower Street, Suite 900, Los Angeles, CA 90071; Miami Regional
Office (MIRO), 801 Brickell Avenue, Suite 1950, Miami, FL 33131; New
York Regional Office (NYRO), Brookfield Place, 200 Vesey Street, Suite
400, New York, NY 10281-1022; Philadelphia Regional Office (PLRO), One
Penn Center, 1617 John F. Kennedy Boulevard, Suite 520, Philadelphia,
PA 19103-1844; Salt Lake Regional Office (SLRO), 351 S West Temple St.,
Suite 6.100, Salt Lake City, UT 84101; and San Francisco Regional
Office (SFRO), 44 Montgomery Street, Suite 2800, San Francisco, CA
94104.
SYSTEM MANAGER(S):
Chief Operating Officer, Securities and Exchange Commission, 100 F
Street NE, Washington, DC 20549.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The authority to collect this information derives from General Duty
Clause, Sections 5(a)(1) and 19(a) of the Occupational Safety and
Health (OSH) Act of 1970 (29 U.S.C. 654(a)(1), 668(a)); Section 319 of
the Public Health Service Act (42 U.S.C. 247d); E.O. 12196,
Occupational Safety and Health Programs for Federal Employees (Feb. 26,
1980); E.O 13991, Protecting the Federal Workforce and Requiring Mask-
Wearing; (Jan. 25, 2021); Executive Order on Ensuring Adequate COVID
Safety Protocols for Federal Contractors (September 9, 2021); Executive
Order on Requiring Coronavirus Disease 2019 Vaccination for Federal
Employees (September 9, 2021); OMB Memorandum M-20-23 Aligning Federal
Agency Operations with the National Guidelines for Opening Up America
Again (Apr. 20, 2020); and OMB Memorandum M-21-15 COVID-19 Safe Federal
Workplace: Agency Model Safety Principles (Jan. 24, 2021). Information
will be collected and maintained in accordance with the Americans with
Disabilities Act of 1990 (42 U.S.C. 12101 et seq.)
PURPOSE(S) OF THE SYSTEM:
The information in the system is collected to assist the SEC with
maintaining a safe and healthy workplace and to protect its workforce
from risks associated with communicable diseases that the Secretary of
the Department of Health and Human Services has determined to be a
public health emergency pursuant to Section 319(a) of the Public Health
Service Act (42 U.S.C. 247d(a)) (``Public Health Emergency''). Records
in this system may be collected, maintained, and used to: (1) Determine
who may be allowed access to SEC facilities or worksites and what
testing or medical screening is necessary before a person may enter;
(2) respond to a significant risk of harm to SEC personnel,
contractors, and visitors, as well as to any others in SEC facilities
or worksites; (3) document reports that SEC personnel, contractors, or
any persons who have been in SEC facilities or worksites may have or
may have been exposed to a communicable disease that is the subject of
a Public Health Emergency; (4) perform contact tracing investigations
of and notifications to SEC personnel, contractors, and visitors known
or suspected of exposure to communicable diseases that are the subject
of a Public Health Emergency; (5) inform federal, state, or local
public health authorities so that these authorities may act to protect
public health as allowed or required by law; (6) implement such actions
(e.g., quarantine or isolation) as necessary to prevent the
introduction, transmission, and spread of a communicable disease that
is the subject of a Public Health Emergency by SEC personnel,
contractors, and persons who have been in SEC facilities or worksites;
(7) comply with Occupational Safety and Health Administration Act
recordkeeping requirements; and (8) process employee requests for
reasonable accommodation based on disability or sincerely held
religious belief.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by this system include all SEC personnel
(political appointees, employees, consultants, detailees, interns, and
volunteers), contractors, visitors, job applicants, and others who
access or seek to access SEC facilities or worksites. The system also
covers individuals identified as emergency contacts for SEC staff.
CATEGORIES OF RECORDS IN THE SYSTEM:
Information collected and maintained may include, but is not
limited to:
--Biographical information: Name and contact information.
--Health information: Body temperature, dates of and symptoms
relating to a potential or actual exposure to a pathogen, or
immunization and/or vaccination information.
--Information to support a request for reasonable accommodation
based on disability or sincerely held religious belief.
--Contact tracing information: Dates of visits to SEC facilities,
locations visited within the facility (e.g., office and cubicle
number), the duration of time spent in the facility, dates the SEC was
made aware of the exposure, and potential contacts between potentially
contagious persons and others in SEC facilities.
--Testing Results: Negative results, confirmed or unconfirmed
positive test results, and documents related to the reasons for testing
or other aspects of test results.
--Subsequent actions taken by the SEC to address an incident:
Identifying and contact information of individuals who have been
suspected or confirmed to have contracted a communicable disease that
is the subject of a Public Health Emergency, or who have been exposed
to an individual who has been suspected or confirmed to have contracted
a communicable disease that is the subject of a Public Health
Emergency; individual circumstances and dates of suspected exposure;
symptoms; and treatments. The SEC uses this information to maintain a
safe and healthy workplace and to protect its workforce. Although it is
not the intent for the SEC to collect family medical information, an
individual may indicate that they were exposed to specific family
members who have been diagnosed with, or are suspected to have, the
disease in question. To the extent this information may be acquired
inadvertently, such information will be kept as a confidential medical
record and maintained separately from an employee's SEC personnel file.
RECORD SOURCE CATEGORIES:
The information in this system is collected directly from the
individual or from the individual's emergency contact. Information may
also be collected from security systems that monitor access to SEC
facilities, such as badging systems, video surveillance, human
resources systems, emergency notification systems, and federal, state,
and local agencies assisting with the response to a Public Health
Emergency. Information may also be collected from SEC contractors or
from property management companies responsible for managing office
buildings that house SEC facilities or worksites, including the General
Services Administration (GSA).
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, these records
[[Page 60498]]
or information contained therein may specifically be disclosed outside
the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as
follows:
1. To appropriate agencies, entities, and persons when (a) it is
suspected or confirmed that the security or confidentiality of
information in the system of records has been compromised; (b) the SEC
has determined that, as a result of the suspected or confirmed
compromise, there is a risk of harm to economic or property interests,
identity theft or fraud, or harm to the security or integrity of this
system or other systems or programs (whether maintained by the SEC or
another agency or entity) that rely upon the compromised information;
and (c) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with the SEC's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
2. To a Federal, State, or local agency to the extent necessary to
comply with laws governing reporting of infectious disease.
3. To SEC personnel, contractors, visitors, emergency contacts, or
others to notify an individual (1) who has been exposed or may have
potentially been exposed to a communicable disease that is the subject
of a Public Health Emergency of information regarding the exposure or
potential exposure, or (2) who may have reason to know of circumstances
that increase the risk of such exposure. To the extent possible, all
information will be anonymized.
4. To another Federal agency, to a court, or a party in litigation
before a court or in an administrative proceeding being conducted by a
Federal agency when the SEC is a party to the judicial or
administrative proceeding where the information is relevant and
necessary to the proceeding.
5. To employees, grantees, experts, contractors, and others who
have been engaged by the Commission to assist in the performance of a
service related to this system of records and who need access to the
records for the purpose of assisting the Commission in the efficient
administration of its programs, including by performing clerical,
stenographic, or data analysis functions, or by reproduction of records
by electronic or other means. Recipients of these records shall be
required to comply with the requirements of the Privacy Act of 1974, as
amended, 5 U.S.C. 552a.
6. To produce summary descriptive statistics and analytical
studies, as a data source for management information, in support of the
function for which the records are collected and maintained or for
related personnel management functions or manpower studies; may also be
used to respond to general requests for statistical information
(without personal identification of individuals) under the Freedom of
Information Act.
7. To a Congressional office from the record of an individual in
response to an inquiry from the Congressional office made at the
request of that individual.
8. To members of Congress, the Government Accountability Office, or
others charged with monitoring the work of the Commission or conducting
records management inspections.
9. To another Federal agency or Federal entity, when the SEC
determines that information from this system of records is reasonably
necessary to assist the recipient agency or entity in (1) responding to
a suspected or confirmed breach or (2) preventing, minimizing, or
remedying the risk of harm to individuals, the recipient agency or
entity (including its information systems, programs, and operations),
the Federal Government, or national security, resulting from a
suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records in this system of records are stored electronically or on
paper in secure facilities. Electronic records are stored on the SEC's
secure network.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information covered by this system of records notice may be
retrieved by the name of the individual, contact information, or by
some combination thereof.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
The records will be maintained until they become inactive, at which
time they will be retired or destroyed in accordance with records
schedules of the United States Securities and Exchange Commission, and
as approved by the National Archives and Records Administration.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to SEC facilities, data centers, and information or
information systems is limited to authorized personnel with official
duties requiring access. SEC facilities are equipped with security
cameras, and, at certain SEC facilities, 24-hour security guard
service. Computerized records are safeguarded in a secured environment.
Security protocols meet the promulgating guidance as established by the
National Institute of Standards and Technology (NIST) Security
Standards from Access Control to Data Encryption and Security
Assessment & Authorization (SA&A). Records are maintained in a secure,
password-protected electronic system that will utilize commensurate
safeguards that may include: Firewalls, intrusion detection and
prevention systems, and role-based access controls. Additional
safeguards will vary by program. All records are protected from
unauthorized access through appropriate administrative, operational,
and technical safeguards. These safeguards include: Restricting access
to authorized personnel who have a ``need to know''; using locks; and
password protection identification features. Contractors and other
recipients providing services to the Commission shall be required to
maintain equivalent safeguards.
RECORD ACCESS PROCEDURES:
Persons wishing to obtain information on the procedures for gaining
access to or contesting the contents of these records may contact the
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE,
Mail Stop 5100, Washington, DC 20549-2736.
CONTESTING RECORD PROCEDURES:
See Record Access Procedures above.
NOTIFICATION PROCEDURES:
All requests to determine whether this system of records contains a
record pertaining to the requesting individual may be directed to the
FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE,
Mail Stop 5100, Washington, DC 20549-2736.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
New SORN.
By the Commission.
Dated: October 27, 2021.
Vanessa A. Countryman,
Secretary.
[FR Doc. 2021-23821 Filed 11-1-21; 8:45 am]
BILLING CODE 8011-01-P