77 FR 55 pgs. 16569-16572 - Privacy Act of 1974: Systems of Records

SECURITIES AND EXCHANGE COMMISSION

[Release No. PA-48; File No. S7-03-12]

Privacy Act of 1974: Systems of Records

AGENCY:

Securities and Exchange Commission.

ACTION:

Notice to revise two existing systems of records.

SUMMARY:

In accordance with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a, the Securities and Exchange Commission ("Commission" or "SEC") proposes to revise two existing systems of records. The two existing systems of records are "Administrative Audit System (SEC-14)" last published in the Federal Register Volume 63, Number 47 on Wednesday, March 11, 1992 and "Fitness Center Membership, Payment, and Fitness Records (SEC-48)", last published in the Federal Register Volume 64, Number 77 on Thursday, April, 22, 1999.

DATES:

The proposed systems will become effective April 30, 2012 unless further notice is given. The Commission will publish a new notice if the effective date is delayed to review comments or if changes are made based on comments received. To be assured of consideration, comments should be received on or before April 20, 2012.

ADDRESSES:

Comments may be submitted by any of the following methods:

Electronic Comments

• Use the Commission's Internet comment form ( http://www.sec.gov/rules/other.shtml ); or

• Send an email to rule-comments@sec.gov. Please include File Number S7-03-12 on the subject line.

Paper Comments

• Send paper comments in triplicate to Elizabeth M. Murphy, Secretary, U.S. Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-1090.

All submissions should refer to File Number S7-03-12. This file number should be included on the subject line if email is used. To help us process and review your comments more efficiently, please use only one method. The Commission will post all comments on the Commission's Internet Web site ( http://www.sec.gov/rules/other.shtml ). Comments are also available for Web site viewing and printing in the Commission's Public Reference Room, 100 F Street NE., Washington, DC 20549, on official business days between the hours of 10 a.m. and 3 p.m. All comments received will be posted without change; we do not edit personal identifying information from submissions. You should submit only information that you wish to make available publicly.

FOR FURTHER INFORMATION CONTACT:

Todd Scharf, Acting Chief Privacy Officer, Office of Information Technology, 202-551-8800.

SUPPLEMENTARY INFORMATION:

The Commission proposes to revise two existing systems of records, "Administrative Audit System (SEC-14)" and "Fitness Center Membership, Payment, and Fitness Records (SEC-48)". As described in the last published notice, the Administrative Audit System (SEC-14) records are used to ensure that all obligations and expenditures other than those in the pay and leave system are in conformance with laws, existing rules and regulations, and good business practice, and to maintain subsidiary records at the proper account and/or organizational level where responsibility for control of costs exists. Minor administrative changes to SEC-14 have been incorporated to reflect the Commission's current address in the following sections: Notification, Access and Contesting Records Procedures. Substantive changes to the notice have been made to the following sections: (1) System Name, reflecting the new title: "SEC Financial and Acquisition Management System"; (2) System Location reflecting the addition of a new off-site location of the records; (3) Categories of individuals reflecting the types of individuals whose personally identifiable information is contained in the system; (4) Categories of Records, adding new types of individually identifiable information; (5) Routine Uses, adding certain standard routine uses as applicable to this system of records (those numbered 1 through 10); and (6) Record Source, reflecting the sources from which records are received.

As described in the last published notice, the Fitness Center Membership, Payment, and Fitness Records (SEC-48) system is used to enable SEC Fitness Center staff to track fitness center membership, fee payments, and the physical fitness of members and to allow the SEC to provide a variety of health and fitness resources to its employees. Minor administrative changes to SEC-48 have been incorporated to reflect the Commission's current address in the following sections: System Location; and Notification, Access and Contesting Records Procedures. Substantive changes to the notice have been made to the following sections: (1) System Name, reflecting the new title: "SEC Employee's Health and Fitness Program Records"; and (2) Routine Use, adding standard routine uses as applicable to this system.

The Commission has submitted a report of the amended existing systems of records to the appropriate Congressional committees and to the Director of the Office of Management and Budget ("OMB") as required by 5 U.S.C. 552a(r) (Privacy Act of 1974) and guidelines issued by OMB on December 12, 2000 (65 FR 77677).

Accordingly, the Commission is proposing amendment of two existing systems of records to read as follows:

SEC-14

SYSTEM NAME:

SEC Financial and Acquisition Management System

SYSTEM LOCATION:

1. Securities and Exchange Commission, 100 F Street, NE., Washington, DC 20549. Files may also be maintained in the Commission's Regional Offices.

2. Federal Aviation Administration, Mike Munroney Aeronautical Center, AMZ-740, 6500 S. MacArthur Blvd., Headquarters Bldg. 1, Oklahoma City, OK 73169.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

SEC employees, contractors, vendors, interns, customers and members of the public.

CATEGORIES OF RECORDS IN THE SYSTEM:

Employee personnel information: Limited to SEC employees, and includes name, address, Social Security number (SSN); Business-related information: Limited to contractors/vendors and customers, and includes name of the company/agency, point of contact, telephone number, mailing address, email address, contract number, CAGE code, vendor number (system unique identifier), DUNS number, and TIN, which could be a SSN in the case of individuals set up as sole proprietors; and Financial information: Includes financial institution name, lockbox number, routing transit number, deposit account number, account type, debts (e.g., unpaid bills/invoices, overpayments, etc.), and remittance address.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

31 U.S.C. 3501, et seq. and 31 U.S.C. 7701(c). Where the employee identification number is the social security number, collection of this information is authorized by Executive Order 9397.

PURPOSE(S):

Serves as the core financial system and integrates program, financial and budgetary information. Records are collected to ensure that all obligations and expenditures other than those in the pay and leave system are in conformance with laws, existing rules and regulations, and good business practice, and to maintain subsidiary records at the proper account and/or organizational level where responsibility for control of costs exists.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. To appropriate agencies, entities, and persons when (a) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; (b) the SEC has determined that, as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the SEC or another agency or entity) that rely upon the compromised information; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

2. To other federal, state, local, or foreign law enforcement agencies; securities self-regulatory organizations; and foreign financial regulatory authorities to assist in or coordinate regulatory or law enforcement activities with the SEC.

3. In any proceeding where the federal securities laws are in issue or in which the Commission, or past or present members of its staff, is a party or otherwise involved in an official capacity.

4. To a federal, state, local, tribal, foreign, or international agency, if necessary to obtain information relevant to the SEC's decision concerning the hiring or retention of an employee; the issuance of a security clearance; the letting of a contract; or the issuance of a license, grant, or other benefit.

5. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.

6. To any persons during the course of any inquiry, examination, or investigation conducted by the SEC's staff, or in connection with civil litigation, if the staff has reason to believe that the person to whom the record is disclosed may have further information about the matters related therein, and those matters appeared to be relevant at the time to the subject matter of the inquiry.

7. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.

8. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.

9. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.

10. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.

11. To the OMB in connection with the review of private relief legislation as set forth in OMB Circular A-19 at any stage of the legislative coordination and clearance process as set forth in that circular.

12. To the Treasury, Government Accountability Office, or other appropriate agencies to provide appropriate audit documentation.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained in electronic and paper format. Electronic records are stored in computerized databases and/or on computer disc. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.

RETRIEVABILITY:

Records may be retrieved by a name of employee, social security number (SSN) for employees, SSN/Tax Identification Number (TIN) for vendors doing business with the SEC, Name for both employees and vendors, Vendor Number (system unique) for both employees and vendors, DUNS/DUNS + 4.

SAFEGUARDS:

Records are safeguarded in a secured environment. Buildings where records are stored have security cameras and 24 hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Access is limited to those personnel whose official duties require access. Computerized records are safeguarded through use of access codes and information technology security. Contractors and other recipients providing services to the Commission are contractually obligated to maintain equivalent safeguards.

RETENTION AND DISPOSAL:

These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.

SYSTEM MANAGER(S) AND ADDRESS:

Chief Financial Officer, Office of Financial Management, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-6041.

NOTIFICATION PROCEDURE:

All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-5100.

RECORD ACCESS PROCEDURES:

Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-5100.

CONTESTING RECORD PROCEDURES:

See Record Access Procedures above.

RECORD SOURCE CATEGORIES:

The information maintained in Department of Transportation, (DOT)/Enterprise Service Center (ESC): Purchase orders, vouchers, invoices, contracts, and electronic records; Department of Interior (DOI)/Federal Personnel Payroll System (FPPS): Travel applications, disgorgement information, or other paper records submitted by employees, vendors, and other sources, including claims filed by witnesses in SEC actions; Delphi-Prism: FedTraveler, Department of the Interior (DOI) Payroll System, Bureau of Public Debt, and EDGAR Momentum.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None

SEC-48

SYSTEM NAME:

Fitness Center Membership, Payment, and Fitness Records SEC Employee's Health and Fitness Program Records.

SYSTEM LOCATION:

Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549.

Aquila Fitness Consulting Systems, Ltd., 429 Lenox Avenue, Suite 4W21, Miami Beach, FL 33139-6532.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

SEC employees who voluntarily sign up for membership benefits for SEC fitness programs.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records may contain employee name, division, office address, email address, home address, home and cell telephone numbers, date of birth, health pre-screening questions, membership number, fee and payment information (including electronic debit information), and fitness progress charts.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 7901, et seq.

PURPOSE(S):

The system enables SEC Fitness Center staff to track Fitness Center membership, fee payments, and the physical fitness of members. The primary use of these records is to allow the SEC to provide a variety of health and fitness resources to its employees.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records or information contained therein may specifically be disclosed outside the Commission as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

1. To appropriate agencies, entities, and persons when (a) it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised; (b) the SEC has determined that, as a result of the suspected or confirmed compromise, there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the SEC or another agency or entity) that rely upon the compromised information; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the SEC's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

2. To produce summary descriptive statistics and analytical studies, as a data source for management information, in support of the function for which the records are collected and maintained or for related personnel management functions or manpower studies; may also be used to respond to general requests for statistical information (without personal identification of individuals) under the Freedom of Information Act.

3. To interns, grantees, experts, contractors, and others who have been engaged by the Commission to assist in the performance of a service related to this system of records and who need access to the records for the purpose of assisting the Commission in the efficient administration of its programs, including by performing clerical, stenographic, or data analysis functions, or by reproduction of records by electronic or other means. Recipients of these records shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.

4. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.

5. To members of Congress, the Government Accountability Office, or others charged with monitoring the work of the Commission or conducting records management inspections.

6. To a commercial contractor in connection with benefit programs administered by the contractor on the Commission's behalf, including, but not limited to, supplemental health, dental, disability, life and other benefit programs.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained in electronic and paper format. Electronic records are stored in computerized databases and/or on computer disc. Paper records and records on computer disc are stored in locked file rooms and/or file cabinets.

RETRIEVABILITY:

Records are retrieved by the individual's name or membership number.

SAFEGUARDS:

Records are safeguarded in a secured environment. Buildings where records are stored have security cameras and 24 hour security guard service. The records are kept in limited access areas during duty hours and in locked file cabinets and/or locked offices or file rooms at all other times. Access is limited to those personnel whose official duties require access. Computerized records are safeguarded through use of access codes and information technology security. Contractors and other recipients providing services to the Commission are contractually obligated to maintain equivalent safeguards.

RETENTION AND DISPOSAL:

These records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with records schedules of the United States Securities and Exchange Commission and as approved by the National Archives and Records Administration.

SYSTEM MANAGER(S) AND ADDRESS:

Associate Executive Director, Office of Human Resources, Securities and Exchange Commission, Operations Center, 6432 General Green Way, Mail Stop 0-1, Alexandria, VA 22312-2413.

NOTIFICATION PROCEDURE:

All requests to determine whether this system of records contains a record pertaining to the requesting individual may be directed to the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-5100.

RECORD ACCESS PROCEDURES:

Persons wishing to obtain information on the procedures for gaining access to or contesting the contents of these records may contact the FOIA/PA Officer, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-5100.

CONTESTING RECORD PROCEDURES:

See Record access procedures above.

RECORD SOURCE CATEGORIES:

All information is provided by Fitness Center members.

EXEMPTION CLAIMED FOR THE SYSTEM:

None.

Dated: March 15, 2012.

By the Commission.

Elizabeth M. Murphy,

Secretary.

[FR Doc. 2012-6788 Filed 3-20-12; 8:45 am]

BILLING CODE 8011-01-P