Privacy Act of 1974; System of Records, 66692-66694 [2022-24102]
Download as PDF
<![CDATA[
66692
Federal Register / Vol. 87, No. 213 / Friday, November 4, 2022 / Notices
[FRL–10306–01–OMS]
National and Governmental Advisory
Committees to the U.S. Representative
to the Commission for Environmental
Cooperation (CEC)
Environmental Protection
Agency (EPA).
ACTION: Notice of meeting.
AGENCY:
Under the Federal Advisory
Committee Act, the Environmental
Protection Agency (EPA) gives notice of
a public meeting of the National
Advisory Committee (NAC) and the
Government Advisory Committee
(GAC). The NAC and GAC provide
advice to the EPA Administrator on a
broad range of environmental policy,
technology, and management issues.
NAC and GAC members represent
academia, business/industry, nongovernmental organizations, and state,
local and tribal governments. The
purpose of this meeting is to provide
advice to the EPA Administrator on
ways to strengthen community
resilience to extreme events and other
matters related to the Commission for
Environmental Cooperation.
DATES: December 9, 2022, from 12 p.m.–
4 p.m. (EST). A copy of the agenda will
be posted at www.epa.gov/faca/nac-gac.
The meeting will be conducted
virtually and is open to the public with
limited access available on a first-come,
first-served basis. Members of the public
wishing to participate in the video/
teleconference, should contact Clifton
Townsend at townsend.clifton@epa.gov
by December 1st. Requests to make oral
comments or submit written public
comments to NAC and GAC should also
be directed to Clifton Townsend at least
five business days prior to the video/
teleconference. Requests for
accessibility and/or accommodations for
individuals with disabilities should be
directed to Clifton Townsend at the
email address listed above. To ensure
adequate time for processing, please
make requests for accommodations at
least 10 days prior to the video/
teleconference.
SUMMARY:
khammond on DSKJM1Z7X2PROD with NOTICES
FOR FURTHER INFORMATION CONTACT:
Clifton Townsend in the Federal
Advisory Committee Management
Division in the Office of Mission
Support (1601M), Environmental
Protection Agency, 1200 Pennsylvania
Avenue NW, Washington, DC 20460;
telephone number: (202) 564–1576;
email address: townsend.clifton@
epa.gov.
VerDate Sep<11>2014
18:12 Nov 03, 2022
Jkt 259001
The NAC
and GAC are Presidential federal
advisory committees that advise the
U.S. Government via the EPA
Administrator on trade and
environment matters related to the
Environmental Cooperation Agreement
(ECA), which entered into force at the
same time as the United States-Mexico
Canada Agreement (USMCA). The NAC
and GAC were created in 1994 and
operate in accordance with the Federal
Advisory Committee Act. Establishment
of the committees is authorized under
article 11 of the ECA.
SUPPLEMENTARY INFORMATION:
ENVIRONMENTAL PROTECTION
AGENCY
Dated: October 31, 2022.
Clifton Townsend,
Environmental Scientist.
[FR Doc. 2022–24093 Filed 11–3–22; 8:45 am]
BILLING CODE 6560–50–P
ENVIRONMENTAL PROTECTION
AGENCY
[FRL–10149–01–OMS]
Privacy Act of 1974; System of
Records
Office of Mission Support
(OMS), Environmental Protection
Agency (EPA).
ACTION: Notice of a new system of
records.
AGENCY:
The U.S. Environmental
Protection Agency’s (EPA) Office of
Mission Support is giving notice that it
proposes to create a new system of
records pursuant to the provisions of the
Privacy Act of 1974. The Data
Management and Analytics Platform
(DMAP) is an existing analytical tool
that EPA uses to store data and to create
data maps, pie charts, and run statistics.
EPA intends to expand DMAP to
include personally identifiable
information already collected by the
EPA from databases recording drinking
water intake locations; EPA property
databases; and EPA personnel
information databases.
DATES: Persons wishing to comment on
this system of records notice must do so
by December 5, 2022. New routine uses
for this new system of records will be
effective December 5, 2022.
ADDRESSES: Submit your comments,
identified by Docket ID No. EPA–HQ–
OMS–2022–0383, by one of the
following methods:
Federal eRulemaking Portal: https://
www.regulations.gov. Follow the online
instructions for submitting comments.
Email: docket_oms@epa.gov. Include
the Docket ID number in the subject line
of the message.
Fax: (202) 566–1752.
SUMMARY:
PO 00000
Frm 00054
Fmt 4703
Sfmt 4703
Mail: OMS Docket, Environmental
Protection Agency, Mail Code: 2822T,
1200 Pennsylvania Ave. NW,
Washington, DC 20460.
Hand Delivery: OMS Docket, EPA/DC,
WJC West Building, Room 3334, 1301
Constitution Ave. NW, Washington, DC
20460. Such deliveries are only
accepted during the Docket’s normal
hours of operation, and special
arrangements should be made for
deliveries of boxed information.
Instructions: Direct your comments to
Docket ID No. EPA–HQ–OMS–2022–
0383. The EPA’s policy is that all
comments received will be included in
the public docket without change and
may be made available online at https://
www.regulations.gov, including any
personal information provided, unless
the comment includes information
claimed to be Controlled Unclassified
Information (CUI) or other information
for which disclosure is restricted by
statute. Do not submit information that
you consider to be CUI or otherwise
protected through https://
www.regulations.gov. The https://
www.regulations.gov website is an
‘‘anonymous access’’ system for the
EPA, which means the EPA will not
know your identity or contact
information. If you submit an electronic
comment, the EPA recommends that
you include your name and other
contact information in the body of your
comment. If the EPA cannot read your
comment due to technical difficulties
and cannot contact you for clarification,
the EPA may not be able to consider
your comment. If you send an email
comment directly to the EPA without
going through https://
www.regulations.gov, your email
address will be automatically captured
and included as part of the comment
that is placed in the public docket and
made available on the internet.
Electronic files should avoid the use of
special characters, any form of
encryption, and be free of any defects or
viruses. For additional information
about the EPA public docket, visit the
EPA Docket Center homepage at https://
www.epa.gov/dockets.
Docket: All documents in the docket
are listed in the https://
www.regulations.gov index. Although
listed in the index, some information is
not publicly available, e.g., CUI or other
information for which disclosure is
restricted by statute. Certain other
material, such as copyrighted material,
will be publicly available only in hard
copy. Publicly available docket
materials are available either
electronically in https://
www.regulations.gov or in hard copy at
the OMS Docket, EPA/DC, WJC West
E:\FR\FM\04NON1.SGM
04NON1
Federal Register / Vol. 87, No. 213 / Friday, November 4, 2022 / Notices
Building, Room 3334, 1301 Constitution
Ave. NW, Washington, DC 20460. The
Public Reading Room is normally open
from 8:30 a.m. to 4:30 p.m., Monday
through Friday excluding legal holidays.
The telephone number for the Public
Reading Room is (202) 566–1744, and
the telephone number for the OMS
Docket is (202) 566–1752. Further
information about EPA Docket Center
services and current operating status is
available at https://www.epa.gov/
dockets.
FOR FURTHER INFORMATION CONTACT:
enviromail_group@epa.gov, to the
attention of DMAP System Owner:
Shane Knipschild.
SUPPLEMENTARY INFORMATION: EPA’s
Data Management and Analytics
Platform (DMAP) is designed to help
users better understand environmental
data by allowing them to visualize them
in graphics, like maps and pie charts,
and combine them together across data
systems. DMAP is available to EPA
agency employees and partners who
have a mission-based need to access the
data therein. DMAP users maintain
control over the workspaces created for
them and may use the system to develop
analytic products as needed to support
mission needs. DMAP is populated by
data from other EPA systems as well as
data purchased under commercial
license. EPA intends to expand DMAP
to include personally identifiable
information already collected by the
EPA from these sources.
SYSTEM NAME AND NUMBER:
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
The system is managed by the Office
of Mission Support, Environmental
Protection Agency, 1301 Constitution
Ave. NW, Washington, DC 20460.
Electronically stored information is
hosted at Amazon Web Services US East
(Northern Virginia).
SYSTEM MANAGER(S):
khammond on DSKJM1Z7X2PROD with NOTICES
Shane Knipschild, Program Analyst,
1301 Constitution Avenue NW
Washington, DC 20460, 202–566–2712,
Knipschild.shane@epa.gov.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
44 U.S.C. 3506, Federal Agency
Responsibilities; 5 U.S.C. 301,
Departmental Regulations; 40 U.S.C.
1401, the Clinger-Cohen Act; and 44
U.S.C. 3541 et seq., Federal Information
Security Modernization Act of 2014;
Public Law 107–347.
18:12 Nov 03, 2022
Jkt 259001
The purpose of this system is to
provide EPA staff and partners with a
platform to access and analyze data sets
collected from other EPA managed
systems and purchased commercial
sources. DMAP allows EPA staff and
contractors to combine these data in
analytic views such as maps and
dashboards. EPA intends to use DMAP
for administrative purposes, such as
provision of information technology
services in EPA facilities and to use
DMAP in support of its programmatic
activities, such as to facilitate other
statistical analysis of the data across the
source systems.
CATEGORIES OF INDIVIDUALS COVERED BY THE
SYSTEM:
The categories of individuals on
whom records will be maintained
include federal employees, contractors
and members of the public.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records maintained in the system will
include contact email, contact
extension, contact name, and contact
phone number, property owner name,
property address and coordinate
location information.
RECORD SOURCE CATEGORIES:
The categories of sources of the
records in the system include data from
internal EPA systems, such as
ServiceNow (EPA–78) and Emergency
Response (EPA–74) as well as data
purchased under commercial license.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
PURPOSES OF SUCH USES:
Data Management and Analytics
Platform (DMAP), EPA–97.
VerDate Sep<11>2014
PURPOSE(S) OF THE SYSTEM:
The routine uses below are both
related to and compatible with the
original purpose for which the
information was collected. The
following general routine uses apply to
this system (86 FR 62527): A, D, E, F,
G, H, I, J, K, L, M.
Additional routine uses that apply to
this system are:
1. Records may be disclosed to
federal, state, local, and tribal
authorities in conformity with federal,
state, local, and tribal laws when
necessary to protect the environment or
public health or safety, including
carrying out an investigation or
response.
2. In case of emergency, EPA may
share information with members of the
public to assure protection of the
environment or public health and
safety.
POLICIES AND PRACTICES FOR STORAGE OF
RECORDS:
These records are maintained
electronically via EPA-managed cloud-
PO 00000
Frm 00055
Fmt 4703
Sfmt 4703
66693
based storage services. The cloud
storage services are located at Amazon
Web Services East (Northern Virginia),
and are managed by Office of Mission
Support, Office of Information
Management, Information Access and
Analysis Division. Backup files will be
maintained according to EPA backup
protocols as documented in FISMA
compliant DMAP system security plan.
Digital records are maintained in a
secure password protected environment
and are encrypted. Access to digital
records is limited to those who have a
need to know. Permission level
assignments will allow users access
only to those functions for which they
are authorized. All records are
maintained in encrypted formats and in
restricted folders.
POLICIES AND PRACTICES FOR RETRIEVAL OF
RECORDS:
Personal information will be retrieved
by contact name, contact email, contact
extension, contact phone number, or
address.
POLICIES AND PRACTICES FOR RETENTION AND
DISPOSAL OF RECORDS:
DMAP follows the EPA Records
Policy for retention and disposal, per
schedule 1012 (Information and
Technology Management) and schedule
1049 (Information Access and
Protection Records). https://
www.epa.gov/records/epa-recordspolicy-and-guidance.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL
SAFEGUARDS:
Security controls used to protect
personal sensitive data in DMAP are
commensurate with those required for
an information system rated
MODERATE for confidentiality,
integrity, and availability, as prescribed
in National Institute of Standards and
Technology (NIST) Special Publication,
800–53, ‘‘Security and Privacy Controls
for Information Systems and
Organizations,’’ Revision 5.
1. Administrative Safeguards: Those
accessing the DMAP system are required
to complete annual privacy and security
trainings. Background checks and PIV
cards are required for system
administrators.
2. Technical Safeguards: Information
is maintained in a secure username/
password protected environment.
Permission-level assignments allow
users access only to those functions for
which they are authorized. Audit logs
are reviewed on a monthly basis to
identify system access outside of normal
business hours, anomalous user
accounts or server names, or login
failures. No external access to DMAP is
E:\FR\FM\04NON1.SGM
04NON1
66694
Federal Register / Vol. 87, No. 213 / Friday, November 4, 2022 / Notices
available without formal onboarding
through system administrators.
3. Physical Safeguards: Access to all
information and hardware is maintained
in a secure, access-controlled facility
managed under conditions specified in
EPA’s AWS cloud provider agreement.
RECORD ACCESS PROCEDURES:
All requests for access to personal
records should cite the Privacy Act of
1974 and reference the type of request
being made (i.e., access). Requests must
include: (1) the name and signature of
the individual making the request; (2)
the name of the Privacy Act system of
records to which the request relates; (3)
a statement whether a personal
inspection of the records or a copy of
them by mail is desired; and (4) proof
of identity. A full description of EPA’s
Privacy Act procedures for requesting
access to records is included in EPA’s
Privacy Act regulations at 40 CFR part
16.
CONTESTING RECORD PROCEDURES:
Requests for correction or amendment
must include: (1) the name and
signature of the individual making the
request; (2) the name of the Privacy Act
system of records to which the request
relates; (3) a description of the
information sought to be corrected or
amended and the specific reasons for
the correction or amendment; and (4)
proof of identity. A full description of
EPA’s Privacy Act procedures for the
correction or amendment of a record is
included in EPA’s Privacy Act
regulations at 40 CFR part 16.
NOTIFICATION PROCEDURES:
Individuals who wish to be informed
whether a Privacy Act system of records
maintained by EPA contains any record
pertaining to them, should make a
written request to the EPA, Attn:
Agency Privacy Officer, MC 2831T,
1200 Pennsylvania Ave. NW,
Washington, DC 20460, or by email at:
privacy@epa.gov. A full description of
EPA’s Privacy Act procedures is
included in EPA’s Privacy Act
regulations at 40 CFR part 16.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
khammond on DSKJM1Z7X2PROD with NOTICES
None.
HISTORY:
None.
Vaughn Noga,
Senior Agency Official for Privacy.
[FR Doc. 2022–24102 Filed 11–3–22; 8:45 am]
BILLING CODE 6560–50–P
VerDate Sep<11>2014
18:12 Nov 03, 2022
Jkt 259001
ENVIRONMENTAL PROTECTION
AGENCY
[FRL–10360–01–OW]
Meeting of the National Drinking Water
Advisory Council
Environmental Protection
Agency (EPA).
ACTION: Notice of a public meeting.
AGENCY:
The U.S. Environmental
Protection Agency’s (EPA) Office of
Ground Water and Drinking Water is
announcing a virtual meeting of the
National Drinking Water Advisory
Council (NDWAC or Council) as
authorized under the Safe Drinking
Water Act (SDWA). The purpose of the
meeting is for EPA to update the
Council on Safe Drinking Water Act
programs and to consult with the
NDWAC as required by the SDWA on a
proposed National Primary Drinking
Water Regulation (NPDWR): Lead and
Copper Rule Improvements. Additional
details including other topics for
discussion will be provided in the
meeting agenda, which will be posted
on EPA’s NDWAC website. See the
SUPPLEMENTARY INFORMATION section of
this announcement for more
information.
SUMMARY:
The meeting will be held on
November 30, 2022, from 10:30 a.m. to
5 p.m., eastern time.
ADDRESSES: This will be a virtual
meeting. There will be no in-person
gathering for this meeting. For more
information about attending, providing
oral statements, and accessibility for the
meeting, as well as sending written
comments, see the SUPPLEMENTARY
INFORMATION section of this
announcement.
DATES:
FOR FURTHER INFORMATION CONTACT:
Elizabeth Corr, NDWAC Designated
Federal Officer, Office of Ground Water
and Drinking Water (Mail Code 4601),
U.S. Environmental Protection Agency,
1200 Pennsylvania Avenue NW,
Washington, DC 20460; telephone
number: (202) 564–3798; email address:
corr.elizabeth@epa.gov.
SUPPLEMENTARY INFORMATION: Attending
the Meeting: The meeting will be open
to the general public. The meeting
agenda and information on how to
register for and attend the meeting
online will be provided on EPA’s
website at: https://www.epa.gov/ndwac
prior to the meeting.
Oral Statements: EPA will allocate
one hour for the public to present oral
comments during the meeting. Oral
statements will be limited to three
PO 00000
Frm 00056
Fmt 4703
Sfmt 4703
minutes per person during the public
comment period. It is preferred that
only one person present a statement on
behalf of a group or organization.
Persons interested in presenting an oral
statement should send an email to
NDWAC@epa.gov by noon, eastern time,
on November 22, 2022.
Written Statements: Any person who
wishes to file a written statement can do
so before or after the Council meeting.
Send written statements by email to
NDWAC@epa.gov or see the FOR
FURTHER INFORMATION CONTACT section if
sending statements by mail. Written
statements received by noon, eastern
time, on November 22, 2022, will be
distributed to all members of the
Council prior to the meeting. Statements
received after that time will become part
of the permanent file for the meeting
and will be forwarded to the Council
members after conclusion of the
meeting. Members of the public should
be aware that their personal contact
information, if included in any written
comments, may be posted to the
NDWAC website. Copyrighted material
will not be posted without the explicit
permission of the copyright holder.
Accessibility: For information on
access or services for individuals with
disabilities, or to request
accommodations for a disability, please
contact Elizabeth Corr by email at
corr.elizabeth@epa.gov, or by phone at
(202) 564–3798, preferably at least 10
days prior to the meeting to allow as
much time as possible to process your
request.
National Drinking Water Advisory
Council: The NDWAC was created by
Congress on December 16, 1974, as part
of the Safe Drinking Water Act (SDWA)
of 1974, Public Law 93–523, 42 U.S.C.
300j–5, and is operated in accordance
with the provisions of the Federal
Advisory Committee Act (FACA), 5
U.S.C. App. 2. The NDWAC was
established to advise, consult with, and
make recommendations to the EPA
Administrator on matters relating to
activities, functions, policies, and
regulations under the SDWA. General
information concerning the NDWAC is
available at: https://www.epa.gov/
ndwac.
Jennifer L. McLain,
Director, Office of Ground Water and Drinking
Water.
[FR Doc. 2022–23991 Filed 11–3–22; 8:45 am]
BILLING CODE 6560–50–P
E:\FR\FM\04NON1.SGM
04NON1
]]>Agencies
[Federal Register Volume 87, Number 213 (Friday, November 4, 2022)]
[Notices]
[Pages 66692-66694]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2022-24102]
-----------------------------------------------------------------------
ENVIRONMENTAL PROTECTION AGENCY
[FRL-10149-01-OMS]
Privacy Act of 1974; System of Records
AGENCY: Office of Mission Support (OMS), Environmental Protection
Agency (EPA).
ACTION: Notice of a new system of records.
-----------------------------------------------------------------------
SUMMARY: The U.S. Environmental Protection Agency's (EPA) Office of
Mission Support is giving notice that it proposes to create a new
system of records pursuant to the provisions of the Privacy Act of
1974. The Data Management and Analytics Platform (DMAP) is an existing
analytical tool that EPA uses to store data and to create data maps,
pie charts, and run statistics. EPA intends to expand DMAP to include
personally identifiable information already collected by the EPA from
databases recording drinking water intake locations; EPA property
databases; and EPA personnel information databases.
DATES: Persons wishing to comment on this system of records notice must
do so by December 5, 2022. New routine uses for this new system of
records will be effective December 5, 2022.
ADDRESSES: Submit your comments, identified by Docket ID No. EPA-HQ-
OMS-2022-0383, by one of the following methods:
Federal eRulemaking Portal: https://www.regulations.gov. Follow the
online instructions for submitting comments.
Email: [email protected]. Include the Docket ID number in the
subject line of the message.
Fax: (202) 566-1752.
Mail: OMS Docket, Environmental Protection Agency, Mail Code:
2822T, 1200 Pennsylvania Ave. NW, Washington, DC 20460.
Hand Delivery: OMS Docket, EPA/DC, WJC West Building, Room 3334,
1301 Constitution Ave. NW, Washington, DC 20460. Such deliveries are
only accepted during the Docket's normal hours of operation, and
special arrangements should be made for deliveries of boxed
information.
Instructions: Direct your comments to Docket ID No. EPA-HQ-OMS-
2022-0383. The EPA's policy is that all comments received will be
included in the public docket without change and may be made available
online at https://www.regulations.gov, including any personal
information provided, unless the comment includes information claimed
to be Controlled Unclassified Information (CUI) or other information
for which disclosure is restricted by statute. Do not submit
information that you consider to be CUI or otherwise protected through
https://www.regulations.gov. The https://www.regulations.gov website is
an ``anonymous access'' system for the EPA, which means the EPA will
not know your identity or contact information. If you submit an
electronic comment, the EPA recommends that you include your name and
other contact information in the body of your comment. If the EPA
cannot read your comment due to technical difficulties and cannot
contact you for clarification, the EPA may not be able to consider your
comment. If you send an email comment directly to the EPA without going
through https://www.regulations.gov, your email address will be
automatically captured and included as part of the comment that is
placed in the public docket and made available on the internet.
Electronic files should avoid the use of special characters, any form
of encryption, and be free of any defects or viruses. For additional
information about the EPA public docket, visit the EPA Docket Center
homepage at https://www.epa.gov/dockets.
Docket: All documents in the docket are listed in the https://www.regulations.gov index. Although listed in the index, some
information is not publicly available, e.g., CUI or other information
for which disclosure is restricted by statute. Certain other material,
such as copyrighted material, will be publicly available only in hard
copy. Publicly available docket materials are available either
electronically in https://www.regulations.gov or in hard copy at the
OMS Docket, EPA/DC, WJC West
[[Page 66693]]
Building, Room 3334, 1301 Constitution Ave. NW, Washington, DC 20460.
The Public Reading Room is normally open from 8:30 a.m. to 4:30 p.m.,
Monday through Friday excluding legal holidays. The telephone number
for the Public Reading Room is (202) 566-1744, and the telephone number
for the OMS Docket is (202) 566-1752. Further information about EPA
Docket Center services and current operating status is available at
https://www.epa.gov/dockets.
FOR FURTHER INFORMATION CONTACT: [email protected], to the
attention of DMAP System Owner: Shane Knipschild.
SUPPLEMENTARY INFORMATION: EPA's Data Management and Analytics Platform
(DMAP) is designed to help users better understand environmental data
by allowing them to visualize them in graphics, like maps and pie
charts, and combine them together across data systems. DMAP is
available to EPA agency employees and partners who have a mission-based
need to access the data therein. DMAP users maintain control over the
workspaces created for them and may use the system to develop analytic
products as needed to support mission needs. DMAP is populated by data
from other EPA systems as well as data purchased under commercial
license. EPA intends to expand DMAP to include personally identifiable
information already collected by the EPA from these sources.
SYSTEM NAME AND NUMBER:
Data Management and Analytics Platform (DMAP), EPA-97.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
The system is managed by the Office of Mission Support,
Environmental Protection Agency, 1301 Constitution Ave. NW, Washington,
DC 20460. Electronically stored information is hosted at Amazon Web
Services US East (Northern Virginia).
SYSTEM MANAGER(S):
Shane Knipschild, Program Analyst, 1301 Constitution Avenue NW
Washington, DC 20460, 202-566-2712, [email protected].
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
44 U.S.C. 3506, Federal Agency Responsibilities; 5 U.S.C. 301,
Departmental Regulations; 40 U.S.C. 1401, the Clinger-Cohen Act; and 44
U.S.C. 3541 et seq., Federal Information Security Modernization Act of
2014; Public Law 107-347.
PURPOSE(S) OF THE SYSTEM:
The purpose of this system is to provide EPA staff and partners
with a platform to access and analyze data sets collected from other
EPA managed systems and purchased commercial sources. DMAP allows EPA
staff and contractors to combine these data in analytic views such as
maps and dashboards. EPA intends to use DMAP for administrative
purposes, such as provision of information technology services in EPA
facilities and to use DMAP in support of its programmatic activities,
such as to facilitate other statistical analysis of the data across the
source systems.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The categories of individuals on whom records will be maintained
include federal employees, contractors and members of the public.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records maintained in the system will include contact email,
contact extension, contact name, and contact phone number, property
owner name, property address and coordinate location information.
RECORD SOURCE CATEGORIES:
The categories of sources of the records in the system include data
from internal EPA systems, such as ServiceNow (EPA-78) and Emergency
Response (EPA-74) as well as data purchased under commercial license.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND PURPOSES OF SUCH USES:
The routine uses below are both related to and compatible with the
original purpose for which the information was collected. The following
general routine uses apply to this system (86 FR 62527): A, D, E, F, G,
H, I, J, K, L, M.
Additional routine uses that apply to this system are:
1. Records may be disclosed to federal, state, local, and tribal
authorities in conformity with federal, state, local, and tribal laws
when necessary to protect the environment or public health or safety,
including carrying out an investigation or response.
2. In case of emergency, EPA may share information with members of
the public to assure protection of the environment or public health and
safety.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
These records are maintained electronically via EPA-managed cloud-
based storage services. The cloud storage services are located at
Amazon Web Services East (Northern Virginia), and are managed by Office
of Mission Support, Office of Information Management, Information
Access and Analysis Division. Backup files will be maintained according
to EPA backup protocols as documented in FISMA compliant DMAP system
security plan. Digital records are maintained in a secure password
protected environment and are encrypted. Access to digital records is
limited to those who have a need to know. Permission level assignments
will allow users access only to those functions for which they are
authorized. All records are maintained in encrypted formats and in
restricted folders.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Personal information will be retrieved by contact name, contact
email, contact extension, contact phone number, or address.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
DMAP follows the EPA Records Policy for retention and disposal, per
schedule 1012 (Information and Technology Management) and schedule 1049
(Information Access and Protection Records). https://www.epa.gov/records/epa-records-policy-and-guidance.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Security controls used to protect personal sensitive data in DMAP
are commensurate with those required for an information system rated
MODERATE for confidentiality, integrity, and availability, as
prescribed in National Institute of Standards and Technology (NIST)
Special Publication, 800-53, ``Security and Privacy Controls for
Information Systems and Organizations,'' Revision 5.
1. Administrative Safeguards: Those accessing the DMAP system are
required to complete annual privacy and security trainings. Background
checks and PIV cards are required for system administrators.
2. Technical Safeguards: Information is maintained in a secure
username/password protected environment. Permission-level assignments
allow users access only to those functions for which they are
authorized. Audit logs are reviewed on a monthly basis to identify
system access outside of normal business hours, anomalous user accounts
or server names, or login failures. No external access to DMAP is
[[Page 66694]]
available without formal onboarding through system administrators.
3. Physical Safeguards: Access to all information and hardware is
maintained in a secure, access-controlled facility managed under
conditions specified in EPA's AWS cloud provider agreement.
RECORD ACCESS PROCEDURES:
All requests for access to personal records should cite the Privacy
Act of 1974 and reference the type of request being made (i.e.,
access). Requests must include: (1) the name and signature of the
individual making the request; (2) the name of the Privacy Act system
of records to which the request relates; (3) a statement whether a
personal inspection of the records or a copy of them by mail is
desired; and (4) proof of identity. A full description of EPA's Privacy
Act procedures for requesting access to records is included in EPA's
Privacy Act regulations at 40 CFR part 16.
CONTESTING RECORD PROCEDURES:
Requests for correction or amendment must include: (1) the name and
signature of the individual making the request; (2) the name of the
Privacy Act system of records to which the request relates; (3) a
description of the information sought to be corrected or amended and
the specific reasons for the correction or amendment; and (4) proof of
identity. A full description of EPA's Privacy Act procedures for the
correction or amendment of a record is included in EPA's Privacy Act
regulations at 40 CFR part 16.
NOTIFICATION PROCEDURES:
Individuals who wish to be informed whether a Privacy Act system of
records maintained by EPA contains any record pertaining to them,
should make a written request to the EPA, Attn: Agency Privacy Officer,
MC 2831T, 1200 Pennsylvania Ave. NW, Washington, DC 20460, or by email
at: [email protected]. A full description of EPA's Privacy Act procedures
is included in EPA's Privacy Act regulations at 40 CFR part 16.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
None.
Vaughn Noga,
Senior Agency Official for Privacy.
[FR Doc. 2022-24102 Filed 11-3-22; 8:45 am]
BILLING CODE 6560-50-P
