Privacy Act of 1974; System of Records, 1594-1599 [2024-00325]

Agencies

• DEPARTMENT OF THE INTERIOR
• Office of the Secretary

[Federal Register Volume 89, Number 7 (Wednesday, January 10, 2024)]
[Notices]
[Pages 1594-1599]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-00325]


-----------------------------------------------------------------------

DEPARTMENT OF THE INTERIOR

Office of the Secretary

[DOI-2023-0023; DS65100000 DWSN00000.000000 24XD4523WS DP.65102]


Privacy Act of 1974; System of Records

AGENCY: Office of the Secretary, Interior.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the Department of the Interior (DOI, Department) is issuing a 
public notice of its intent to modify the Privacy Act system of 
records, INTERIOR/DOI-10, Incident Management, Analysis and Reporting 
System. DOI is revising this notice to change the title of the system, 
propose new and modified routine uses, and update all sections of the 
system notice to accurately reflect the scope of the system. This 
modified system will be included in DOI's inventory of systems of 
records.

DATES: This modified system will be effective upon publication. New and 
modified routine uses will be effective February 9, 2024. Submit 
comments on or before February 9, 2024.

ADDRESSES: You may send comments identified by docket number [DOI-2023-
0023] by any of the following methods:
     Federal eRulemaking Portal: https://www.regulations.gov. 
Follow the instructions for sending comments.
     Email: [email protected]. Include docket number 
[DOI-2023-0023] in the subject line of the message.
     U.S. Mail or Hand-Delivery: Teri Barnett, Departmental 
Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, 
Room 7112, Washington, DC 20240.
    Instructions: All submissions received must include the agency name 
and docket number [DOI-2023-0023]. All comments received will be posted 
without change to https://www.regulations.gov, including any personal 
information provided.
    Docket: For access to the docket to read background documents or 
comments received, go to https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: Teri Barnett, Departmental Privacy 
Officer, U.S. Department of the Interior, 1849 C Street NW, Room 7112, 
Washington, DC 20240, [email protected] or (202) 208-1605.

SUPPLEMENTARY INFORMATION:

I. Background

    The DOI Office of Law Enforcement and Security (OLES) maintains the 
INTERIOR/DOI-10, Incident Management, Analysis and Reporting System, as 
a unified Department-wide law enforcement records management system. 
This system of records helps DOI protect life and resources, manage law 
enforcement incidents and investigations, measure performance, meet 
reporting requirements, and foster public trust through transparent and 
accountable law enforcement programs. The system also provides the 
capability to prevent, detect, and investigate known and suspected 
criminal activity and violations of fish and wildlife laws; transmit 
information to Federal law enforcement databases and repositories; 
analyze and prioritize protection efforts; provide information to 
justify law enforcement funding requests and expenditures; assist in 
managing visitor use and protection programs; investigate, detain and 
apprehend those committing crimes on DOI properties, including National 
Wildlife Refuges, National Parks, and Tribal reservations (for the 
purpose of this system of

[[Page 1595]]

records notice, Tribal reservations include contiguous areas policed by 
Tribal or Bureau of Indian Affairs (BIA) law enforcement officers) 
managed by Native American Tribes under BIA; and investigate and 
prevent visitor accidents and injuries on DOI properties or Tribal 
reservations. Incident and non-incident data related to criminal 
activity will be collected in support of law enforcement, homeland 
security, and security (physical, personnel, suitability, and 
industrial) activities. This may include data documenting criminal and 
administrative investigations and other law enforcement activities, use 
of force and critical incidents, traffic safety, property damage 
claims, motor vehicle crashes, domestic violence incidents, and 
information sharing and analysis activities. This notice covers all DOI 
law enforcement records, investigations, and case files in any medium 
that are created, collected, maintained, or managed by DOI bureaus and 
offices, excluding the Office of Inspector General, which maintains its 
own investigations system of records. DOI law enforcement bureaus and 
offices include OLES, Office of the Secretary, BIA, Bureau of Land 
Management, Bureau of Reclamation, the U.S. Fish and Wildlife Service, 
and the National Park Service. The OLES has Department-wide 
coordination and oversight responsibilities of law enforcement 
activities; however, each bureau and office is responsible for managing 
their records in this system for the administration of their law 
enforcement programs.
    DOI is proposing to change the title of the system of records to 
INTERIOR/DOI-10, DOI Law Enforcement Records Management System (LE RMS) 
to reflect the modified scope of the system; update the system manager 
and system location sections; expand on categories of individuals 
covered by the system, the categories of records and records source 
categories sections; update authorities for maintenance of the system; 
update the storage, safeguards, and records retention schedule; update 
the notification, records access and contesting procedures; and provide 
general updates in accordance with the Privacy Act of 1974 and Office 
of Management and Budget (OMB) Circular A-108, Federal Agency 
Responsibilities for Review, Reporting, and Publication under the 
Privacy Act.
    DOI is also changing the routine uses from a numeric to alphabetic 
list and is proposing to modify existing routine uses to provide 
clarity and transparency and reflect updates consistent with standard 
DOI routine uses. The notice of disclosure to consumer reporting 
agencies in former routine use 13 was moved to the end of this section. 
Routine use A has been modified to further clarify disclosures to the 
Department of Justice or other Federal agencies when necessary in 
relation to litigation or judicial proceedings. Routine use B has been 
modified to clarify disclosures to a congressional office to respond to 
or resolve an individual's request made to that office. Routine use H 
has been modified to expand the sharing of information with territorial 
organizations in response to court orders or for discovery purposes 
related to litigation. Routine use I has been modified to include the 
sharing of information with grantees and shared service providers that 
perform services requiring access to these records on DOI's behalf to 
carry out the purposes of the system. Routine use J was slightly 
modified to allow DOI to share information with appropriate Federal 
agencies or entities when reasonably necessary to prevent, minimize, or 
remedy the risk of harm to individuals or the Federal Government 
resulting from a breach in accordance with OMB Memorandum M-17-12, 
Preparing for and Responding to a Breach of Personally Identifiable 
Information. Routine use N was modified to clarify the sharing of 
information with the news media and the public to assure public safety 
related to potential or imminent threats to life, health, or property. 
Routine use P was modified to add the sharing of information when 
permitted by Federal law, statute, regulation, executive order, and DOI 
policy. Routine use Q was modified to add shared service providers who 
may need to access records in order to perform authorized activities on 
DOI's behalf.
    Proposed routine use O allows DOI to share information with the 
news media and the public where there exists a legitimate public 
interest in the disclosure of information and it is necessary to 
preserve the confidence in the integrity of the DOI, demonstrate DOI's 
commitment to serving the public and the accountability of its officers 
and employees. Proposed routine use T allows DOI to share information 
with adjudicative or regulatory agencies when necessary and appropriate 
to adjudicate decisions affecting individuals who are subjects of 
investigations or covered by this system notice. Proposed routine use U 
allows DOI to share information with complainants, victims, family 
members, and representatives to the extent necessary to provide 
information on results of investigations or cases or matters they may 
be involved in. Proposed routine use V allows DOI to share information 
with an official or employee regarding a matter within that 
individual's area of responsibility or when relevant and necessary to 
respond to official inquiries by the Department or other authority. 
Proposed routine use W allows DOI to share information with Tribal 
organizations when necessary and relevant under the Indian Self-
Determination and Education Assistance Act.
    Pursuant to the Privacy Act, 5 U.S.C. 552a(b)(12), DOI may disclose 
information from this system to consumer reporting agencies as defined 
in the Fair Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal 
Claims Collection Act of 1966 (31 U.S.C. 3701(a)(3)) to aid in the 
collection of outstanding debts owed to the Federal Government.
    In a Notice of Proposed Rulemaking published separately in the 
Federal Register, DOI is proposing to claim additional exemptions for 
records maintained in this system pursuant to the Privacy Act of 1974, 
5 U.S.C. 552a(k)(1), (k)(3), (k)(5), and (k)(6).

II. Privacy Act

    The Privacy Act of 1974, as amended, embodies fair information 
practice principles in a statutory framework governing the means by 
which Federal agencies collect, maintain, use, and disseminate 
individuals' records. The Privacy Act applies to records about 
individuals that are maintained in a ``system of records.'' A ``system 
of records'' is a group of any records under the control of an agency 
from which information is retrieved by the name of an individual or by 
some identifying number, symbol, or other identifying particular 
assigned to the individual. The Privacy Act defines an individual as a 
United States citizen or lawful permanent resident. Individuals may 
request access to their own records that are maintained in a system of 
records in the possession or under the control of DOI by complying with 
DOI Privacy Act regulations at 43 CFR part 2, subpart K, and following 
the procedures outlined in the Records Access, Contesting Record, and 
Notification Procedures sections of this notice.
    The Privacy Act requires each agency to publish in the Federal 
Register a description denoting the existence and character of each 
system of records that the agency maintains and the routine uses of 
each system. The INTERIOR/DOI-10, DOI Law Enforcement Records 
Management System (LE RMS), system of records notice is published in 
its entirety below. In accordance with 5

[[Page 1596]]

U.S.C. 552a(r), DOI has provided a report of this system of records to 
the Office of Management and Budget and to Congress.

III. Public Participation

    You should be aware your entire comment including your personally 
identifiable information, such as your address, phone number, email 
address, or any other personal information in your comment, may be made 
publicly available at any time. While you may request to withhold your 
personally identifiable information from public review, we cannot 
guarantee we will be able to do so.

SYSTEM NAME AND NUMBER:
    INTERIOR/DOI-10, DOI Law Enforcement Records Management System (LE 
RMS).

SECURITY CLASSIFICATION:
    Classified and Unclassified.

SYSTEM LOCATION:
    Office of Law Enforcement and Security, U.S. Department of the 
Interior, 1849 C Street NW, Washington, DC 20240; Albuquerque Data 
Center, 1011 Indian School Road, Northwest, Albuquerque, NM 87104; DOI 
facilities and data centers; DOI-approved cloud service providers; and 
DOI bureaus and offices that manage law enforcement programs as 
identified in the System Manager section below.

SYSTEM MANAGER(S):
    (1) Director, Office of Law Enforcement and Security, U.S. 
Department of the Interior, 1849 C Street NW, Mail Stop Room 3411, 
Washington, DC 20240.
    (2) Bureau of Indian Affairs, Office of Justice Services, 1849 C 
Street NW, Mail Stop MS-3662-MIB, Washington, DC 20240.
    (3) Director, Office of Law Enforcement and Security, Bureau of 
Land Management, 1849 C Street NW, Mail Stop: Fifth Floor, Room #5618, 
Washington, DC 20240.
    (4) Bureau of Reclamation, Policy and Programs Directorate, Denver 
Security Division, Supervisory Security Specialist, P.O. Box 25007, 
Denver, CO 80225.
    (5) Director, Office of Law Enforcement, U.S. Fish and Wildlife 
Service, MS: OLE, 5275 Leesburg Pike, Falls Church, Virginia 22041.
    (6) National Park Service, Program Manager, National Park Service 
Law Enforcement, Security, and Emergency Services, U.S. Department of 
the Interior, 1849 C Street NW, Mailstop 2560, Washington, DC 20240.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Uniform Federal Crime Reporting Act, 28 U.S.C. 534; Intelligence 
Reform and Terrorism Prevention Act of 2004 (Pub. L. 108-458); Homeland 
Security Act of 2002 (Pub. L. 107-296); USA PATRIOT ACT of 2001 (Pub. 
L. 107-56); USA PATRIOT Improvement Act of 2005 (Pub. L. 109-177); 
Tribal Law and Order Act of 2010 (Pub. L. 111-211); Fish and Wildlife 
Act of 1956, 16 U.S.C. 742a-742j-l; Refuge Recreation Act, 16 U.S.C. 
460k-460k-4; Endangered Species Act of 1973, 16 U.S.C. 1531-1544; Lacey 
Act, 18 U.S.C. 42; Executive Order 14074: Advancing Effective, 
Accountable Policing and Criminal Justice Practices to Enhance Public 
Trust and Public Safety, May 25, 2022; Homeland Security Presidential 
Directive 7--Critical Infrastructure Identification, Prioritization, 
and Protection; Homeland Security Presidential Directive 12--Policy for 
a Common Identification Standard for Federal Employees and Contractors; 
Criminal Intelligence Systems Operating Policies, 28 CFR part 23; Law 
and Order, 25 CFR part 10, Indian Country Detention Facilities and 
Programs; Courts of Indian Offenses and Law and Order Code, 25 CFR part 
11; and Indian Country Law Enforcement, 25 CFR part 12.

PURPOSE(S) OF THE SYSTEM:
    The LE RMS system of records is an incident management and 
reporting system used to prevent, detect, and investigate known and 
suspected criminal activity; protect natural and cultural resources; 
capture, integrate and share law enforcement and related information 
and observations from other sources; measure performance of law 
enforcement programs and management of emergency incidents; meet 
reporting requirements; foster public trust through transparent and 
accountable law enforcement programs; transmit information to Federal 
law enforcement databases and repositories; analyze and prioritize 
protection efforts; assist in managing visitor use and protection 
programs; enable the ability to investigate, detain and apprehend those 
committing crimes on DOI properties or Tribal reservations; and to 
investigate and prevent visitor accident incidents and injuries on DOI 
properties or Tribal reservations.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The categories of individuals covered in the system include current 
and former Federal employees, consultants, contractors, subcontractors, 
and grantees; Federal, Tribal, State, local and foreign law enforcement 
officers and officials; witnesses, complainants, informants, and 
parties who have been identified as potential subjects or parties to an 
investigation; and individuals or entities who are or have been the 
subject of investigations and other individuals associated with alleged 
violation(s) of Federal law, regulations, or rules of conduct.
    Additionally, this system contains information regarding members of 
the general public, including individuals and/or groups of individuals 
involved with law enforcement incidents involving Federal assets or 
occurring on public lands and Tribal reservations, such as witnesses, 
individuals making complaints, individuals involved in reports of 
traffic accidents on DOI managed properties and Tribal reservations, 
and individuals being investigated or arrested for criminal or traffic 
offenses or involved in certain types of non-criminal incidents.

CATEGORIES OF RECORDS IN THE SYSTEM:
    The system includes law enforcement incident reports, law 
enforcement personnel records, and law enforcement training records, 
which contain the following information: names, home addresses, work 
addresses, telephone numbers, email addresses and other contact 
information, emergency contact information; dates of birth, place of 
birth; gender, ethnicity and race; biometric information such as 
physical or distinguishing attributes of an individual; Social Security 
numbers, driver's license numbers, passport numbers, identification 
numbers for non-citizens, Federal Bureau of Investigation (FBI) 
Universal Control Numbers, State identification numbers; Tribal 
identification numbers or other Tribal enrollment data; vehicle 
identification numbers, license plate numbers, boat registration or 
hull number; work history, educational history, affiliations, and other 
related data; criminal history, arrest and incarceration records, prior 
contacts with law enforcement, and records related to the transport of 
individuals.
    Incident and investigation records related to or documenting 
criminal and administrative investigations and other law enforcement 
activities, use of force, critical incidents, traffic safety, property 
damage claims, motor vehicle crashes, domestic violence incidents, 
information sharing and analysis, and other law enforcement activities 
may include, but are not limited to: incident reports, case files and 
notes; attachments such as photos or digital images, video recordings 
from body worn cameras, vehicle mounted

[[Page 1597]]

cameras, hand-held cameras or devices, closed circuit television or 
other surveillance including sketches; medical reports; correspondence, 
email and text messages; letters, memoranda, and other documents citing 
complaints of alleged criminal, civil, or administrative misconduct; 
reports of investigations with related statements, affidavits or 
records obtained during investigations; prior criminal or noncriminal 
records of individuals related to investigations; reports from or to 
other law enforcement bodies; information obtained from informants; 
identifying information on suspects and allegations made against 
suspects; and public source materials; and information concerning 
response to and outcome of incidents and investigations.
    Records in this system also include information concerning Federal 
civilian employees and contractors, Federal, Tribal, State, and local 
law enforcement officers and may contain information regarding an 
officer's name, contact information, station and career history, 
firearms qualifications, medical history, background investigation and 
status, date of birth, and Social Security number. Information 
regarding officers' equipment, such as firearms, electronic control 
devices, body armor, vehicles, computers and special equipment related 
skills is also included in this system.

RECORD SOURCE CATEGORIES:
    Sources of information in the system include current and former DOI 
officials and employees; officials of Federal, State, Tribal, local, 
and foreign law enforcement and non-law enforcement agencies and 
organizations including the FBI and Department of Justice; subjects of 
investigations, complainants, informants, suspects, victims, witnesses, 
private citizens, and visitors to Federal properties; photos and 
recordings captured from law enforcement body worn cameras, vehicle 
mounted cameras, hand-held cameras or other devices, closed circuit 
television, or other surveillance methods; and public source materials. 
Records may also be obtained from other internal and external sources 
such as personnel, training or other systems of records, DOI personnel, 
contractors, and other parties for matters related to the maintenance 
of this system, and information sharing partners.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside DOI as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (DOJ), including Offices of the 
U.S. Attorneys, or other Federal agency conducting litigation or in 
proceedings before any court, adjudicative, or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    (1) DOI or any component of DOI;
    (2) Any other Federal agency appearing before the Office of 
Hearings and Appeals;
    (3) Any DOI employee or former employee acting in their official 
capacity;
    (4) Any DOI employee or former employee acting in their individual 
capacity when DOI or DOJ has agreed to represent that employee or pay 
for private representation of the employee; or
    (5) The United States Government or any agency thereof, when DOJ 
determines that DOI is likely to be affected by the proceeding.
    B. To a congressional office when requesting information on behalf 
of, and at the request of, the individual who is the subject of the 
record, to the extent the records have not been exempted from 
disclosure pursuant to 5 U.S.C. 552a(j) and (k).
    C. To the Executive Office of the President in response to an 
inquiry from that office made at the request of the subject of a record 
or a third party on that person's behalf, or for a purpose compatible 
with the reason for which the records are collected or maintained, to 
the extent the records have not been exempted from disclosure pursuant 
to 5 U.S.C. 552a(j) and (k).
    D. To any criminal, civil, or regulatory law enforcement authority 
(whether Federal, State, territorial, local, Tribal or foreign) when a 
record, either alone or in conjunction with other information, 
indicates a violation or potential violation of law--criminal, civil, 
or regulatory in nature, and the disclosure is compatible with the 
purpose for which the records were compiled.
    E. To an official of another Federal agency to provide information 
needed in the performance of official duties related to reconciling or 
reconstructing data files or to enable that agency to respond to an 
inquiry by the individual to whom the record pertains.
    F. To Federal, State, territorial, local, Tribal, or foreign 
agencies that have requested information relevant or necessary to the 
hiring, firing or retention of an employee or contractor, or the 
issuance of a security clearance, license, contract, grant or other 
benefit, when the disclosure is compatible with the purpose for which 
the records were compiled.
    G. To representatives of the National Archives and Records 
Administration (NARA) to conduct records management inspections under 
the authority of 44 U.S.C. 2904 and 2906.
    H. To State, territorial and local governments and Tribal 
organizations to provide information needed in response to court order 
and/or discovery purposes related to litigation, when the disclosure is 
compatible with the purpose for which the records were compiled.
    I. To an expert, consultant, grantee, shared service provider, or 
contractor (including employees of the contractor) of DOI that performs 
services requiring access to these records on DOI's behalf to carry out 
the purposes of the system.
    J. To appropriate agencies, entities, and persons when:
    (1) DOI suspects or has confirmed that there has been a breach of 
the system of records;
    (2) DOI has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DOI (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and
    (3) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with DOI's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    K. To another Federal agency or Federal entity, when DOI determines 
that information from this system of records is reasonably necessary to 
assist the recipient agency or entity in:
    (1) responding to a suspected or confirmed breach; or
    (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    L. To the Office of Management and Budget (OMB) during the 
coordination and clearance process in connection with legislative 
affairs as mandated by OMB Circular A-19.
    M. To the Department of the Treasury to recover debts owed to the 
United States.
    N. To the news media and the public in support of the law 
enforcement activities, including obtaining public

[[Page 1598]]

assistance with identifying and locating criminal suspects and lost or 
missing individuals, providing the public with alerts about dangerous 
individuals, and assuring public safety related to potential or 
imminent threats to life, health, or property.
    O. To the news media and the public (including select members of 
the public, such as victims' family members) when:
    (1) Release of the specific information would not constitute an 
unwarranted invasion of personal privacy, and
    (2) There exists a legitimate public interest in the disclosure of 
the information and its release would:
    (a) Preserve public confidence and trust in the integrity of DOI;
    (b) Demonstrate DOI's commitment to serving the public and 
achieving its mission; or
    (c) Reveal the accountability of DOI's officers, employees, or 
individuals covered by the system.
    P. To the Department of Justice, the Department of Homeland 
Security, or other Federal, State, Tribal, and local law enforcement 
agencies for the purpose of information exchange on law enforcement 
activity or as required by Federal law, statute, regulation, executive 
order, and DOI policy.
    Q. To agency contractors, grantees, shared service providers, or 
volunteers for DOI or other Federal Departments who have been engaged 
to assist the Government in the performance of a contract, grant, 
cooperative agreement, or other activity related to this system of 
records and who need to have access to the records in order to perform 
the activity.
    R. To any of the following entities or individuals, for the purpose 
of providing information on traffic accidents, personal injuries, or 
the loss or damage of property:
    (1) Individuals involved in such incidents;
    (2) Persons injured in such incidents;
    (3) Owners of property damaged, lost or stolen in such incidents; 
and/or
    (4) These individuals' duly verified insurance companies, personal 
representatives, administrators of estates, and/or attorneys.
    The release of information under these circumstances should only 
occur when it will not interfere with ongoing law enforcement 
proceedings; risk the health or safety of an individual; reveal the 
identity of an information or witness that has received an explicit 
assurance of confidentiality; or reveal protected or confidential law 
enforcement techniques and practices. Social Security numbers and 
Tribal identification numbers should not be released under these 
circumstances unless the Social Security number or Tribal 
identification number belongs to the individual requester.
    S. To any criminal, civil, or regulatory authority (whether 
Federal, State, territorial, local, Tribal or foreign) for the purpose 
of providing background search information on individuals for legally 
authorized purposes, including but not limited to background checks on 
individuals residing in a home with a minor or individuals seeking 
employment opportunities requiring background checks.
    T. To an administrative forum, including ad hoc forums, which may 
include an Administrative Law Judge, public hearings/proceedings, or 
other established adjudicatory or regulatory agencies (e.g., the Merit 
Systems Protection Board, the National Labor Relations Board), or other 
agencies with similar or related statutory responsibilities, where 
necessary to adjudicate decisions affecting individuals who are the 
subject of investigations and/or who are covered by this system, to 
affect any necessary remedial actions, disciplinary or other 
appropriate personnel action, or other law enforcement related actions, 
where appropriate.
    U. To complainants, victims, decedent's estate representative, or 
family members of victims, and their attorney or legal representative, 
to the extent necessary to provide such persons with information 
concerning the results of an investigation or case arising from the 
matters of which they complained and/or of which they were the subject 
of law enforcement activity.
    V. To a former official or employee of the Department when relevant 
and necessary to respond to an official inquiry by a Federal, State, or 
local government entity or professional licensing authority, in 
accordance with applicable Department regulations; or to facilitate 
communications with a former official or employee that may be necessary 
for personnel-related or other official purposes where the Department 
requires information and/or consultation assistance regarding a matter 
within that person's former area of responsibility.
    W. To Tribal organizations when necessary and relevant to the 
assumption of a program under Public Law 93-638, the Indian Self-
Determination and Education Assistance Act, 25 U.S.C. 450 et seq.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic records are maintained in information systems or stored 
on magnetic disc, tape or digital media. Paper records are maintained 
in file cabinets in secure facilities.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by multiple identifiers including Social 
Security number, first or last name, badge number, address, phone 
number, vehicle information and physical attributes.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records in this system are retained and disposed of in accordance 
with Office of the Secretary Records Schedule 8151, Incident, 
Management, Analysis and Reporting System, which was approved by the 
National Archives and Records Administration (NARA) (N1-048-09-5), and 
other NARA approved bureau or office records schedules. The specific 
record schedule for each type of record or form is dependent on the 
subject matter and records series. After the retention period has 
passed, temporary records are disposed of in accordance with the 
applicable records schedule and DOI policy. Disposition methods include 
burning, pulping, shredding, erasing, and degaussing in accordance with 
Departmental records policy. Permanent records that are no longer 
active or needed for agency use are transferred to the National 
Archives for permanent retention in accordance with NARA guidelines.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The records contained in this system are safeguarded in accordance 
with 43 CFR 2.226 and other applicable security and privacy rules and 
policies. During normal hours of operation, paper records are 
maintained in locked file cabinets under the control of authorized 
personnel. Computer servers on which electronic records are stored are 
located in secured DOI controlled facilities with physical, technical 
and administrative levels of security to prevent unauthorized access to 
the DOI network and information assets. Access granted to authorized 
personnel is password-protected, and each person granted access to the 
system must be individually authorized to use the system. A Privacy Act 
Warning Notice appears on computer monitor screens when records 
containing information on individuals are first displayed. Data 
exchanged between the servers and the system is encrypted. Backup tapes 
are encrypted and stored in a locked and controlled room in a secure, 
off-site location.

[[Page 1599]]

    Computerized records systems follow the National Institute of 
Standards and Technology privacy and security standards as developed to 
comply with the Privacy Act of 1974, as amended, 5 U.S.C. 552a; 
Paperwork Reduction Act of 1995, 44 U.S.C. 3501 et seq.; Federal 
Information Security Modernization Act of 2014, 44 U.S.C. 3551 et seq.; 
and the Federal Information Processing Standards 199: Standards for 
Security Categorization of Federal Information and Information Systems. 
Security controls include user identification, passwords, database 
permissions, encryption, firewalls, audit logs, and network system 
security monitoring, and software controls.
    Access to records in the system is limited to authorized personnel 
who have a need to access the records in the performance of their 
official duties, and each user's access is restricted to only the 
functions and data necessary to perform that person's job 
responsibilities. System administrators and authorized users are 
trained and required to follow established internal security protocols 
and must complete all security, privacy, and records management 
training and sign the DOI Rules of Behavior. A Privacy Impact 
Assessment was conducted to ensure that Privacy Act requirements are 
met and appropriate privacy controls were implemented to safeguard the 
personally identifiable information contained in the system.

RECORD ACCESS PROCEDURES:
    DOI has exempted portions of this system from the access provisions 
of the Privacy Act of 1974 pursuant to 5 U.S.C. 552a(j) and (k). DOI 
will make access determinations on a case-by-case basis.
    To the extent that portions of this system are not exempt, an 
individual requesting access to their records should send a written 
inquiry to the applicable System Manager identified above. DOI forms 
and instructions for submitting a Privacy Act request may be obtained 
from the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must include a general 
description of the records sought and the requester's full name, 
current address, and sufficient identifying information such as date of 
birth or other information required for verification of the requester's 
identity. The request must be signed and dated and be either notarized 
or submitted under penalty of perjury in accordance with 28 U.S.C. 
1746. The request must include the specific bureau or office that 
maintains the record to facilitate location of the applicable records. 
Requests submitted by mail must be clearly marked ``PRIVACY ACT REQUEST 
FOR ACCESS'' on both the envelope and letter. A request for access must 
meet the requirements of 43 CFR 2.238.

CONTESTING RECORD PROCEDURES:
    DOI has exempted portions of this system from the amendment 
provisions of the Privacy Act of 1974 pursuant to 5 U.S.C. 552a(j) and 
(k). DOI will make amendment determinations on a case-by-case basis.
    To the extent that portions of this system are not exempt, an 
individual requesting amendment of their records should send a written 
request to the applicable System Manager as identified above. DOI 
instructions for submitting a request for amendment of records are 
available on the DOI Privacy Act Requests website at https://www.doi.gov/privacy/privacy-act-requests. The request must clearly 
identify the records for which amendment is being sought, the reasons 
for requesting the amendment, and the proposed amendment to the record. 
The request must include the requester's full name, current address, 
and sufficient identifying information such as date of birth or other 
information required for verification of the requester's identity. The 
request must be signed and dated and be either notarized or submitted 
under penalty of perjury in accordance with 28 U.S.C. 1746. Requests 
submitted by mail must be clearly marked ``PRIVACY ACT REQUEST FOR 
AMENDMENT'' on both the envelope and letter. A request for amendment 
must meet the requirements of 43 CFR 2.246.

NOTIFICATION PROCEDURES:
    DOI has exempted portions of this system from the notification 
procedures of the Privacy Act of 1974 pursuant to 5 U.S.C. 552a(j) 
and(k). DOI will make notification determinations on a case-by-case 
basis.
    To the extent that portions of this system are not exempt, an 
individual requesting notification of the existence of records about 
them should send a written inquiry to the applicable System Manager as 
identified above. DOI instructions for submitting a request for 
notification are available on the DOI Privacy Act Requests website at 
https://www.doi.gov/privacy/privacy-act-requests. The request must 
include a general description of the records and the requester's full 
name, current address, and sufficient identifying information such as 
date of birth or other information required for verification of the 
requester's identity. The request must be signed and dated and be 
either notarized or submitted under penalty of perjury in accordance 
with 28 U.S.C. 1746. Requests submitted by mail must be clearly marked 
``PRIVACY ACT INQUIRY'' on both the envelope and letter. A request for 
notification must meet the requirements of 43 CFR 2.235.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    This system contains law enforcement and investigatory records that 
are exempt from certain provisions of the Privacy Act of 1974, 5 U.S.C. 
552a(j) and (k). In accordance with 5 U.S.C. 553(b), (c) and (e), DOI 
has promulgated rules separately in the Federal Register to claim 
exemptions for this system pursuant to 5 U.S.C. 552a(j)(2), (k)(1), 
(k)(2), (k)(3), (k)(5), and (k)(6).
    Pursuant to 5 U.S.C. 552a(j)(2), DOI has exempted this system from 
the provisions of the Privacy Act except subsections (b), (c)(1) and 
(2), (e)(4)(A) through (F), (e)(6), (7), (9), (10), and (11), and (i). 
DOI has also exempted portions of this system from subsections (c)(3), 
(d), (e)(1), (e)(4)(G), (H), and (I), and (f) of the Privacy Act 
pursuant to 5 U.S.C. 552a (k)(1), (k)(2), (k)(3), (k)(5), and (k)(6). 
Additionally, when this system receives a record from another system 
that is exempted in that source system under 5 U.S.C. 552a(j) or (k), 
DOI claims the same exemptions for those records that are claimed in 
the primary systems of records from which they originated and any 
additional exemptions set forth here.

HISTORY:
    79 FR 31974 (June 3, 2014); modification published at 86 FR 50156 
(September 7, 2021).

Teri Barnett,
Departmental Privacy Officer, Department of the Interior.
[FR Doc. 2024-00325 Filed 1-9-24; 8:45 am]
BILLING CODE 4334-63-P