79 FR 48 pgs. 13977-13981 - Privacy Act of 1974; Deletion of System of Records USDA/OES-1, Correspondence and Document Management System, and Creation of Two New Systems of Records: USDA/OES-2, Correspondence and Document Management System; and USDA/RD-2, Enterprise Content Management
Type: NOTICEVolume: 79Number: 48Pages: 13977 - 13981
Pages: 13977, 1397813979, 13980, 13981, FR document: [FR Doc. 2014-05351 Filed 3-11-14; 8:45 am]
Agency: Agriculture Department
Official PDF Version: PDF Version
[top]
DEPARTMENT OF AGRICULTURE
Office of the Secretary
Privacy Act of 1974; Deletion of System of Records USDA/OES-1, Correspondence and Document Management System, and Creation of Two New Systems of Records: USDA/OES-2, Correspondence and Document Management System; and USDA/RD-2, Enterprise Content Management
AGENCY:
Office of the Secretary, USDA.
ACTION:
Notice of deletion of system of records and creation of two new systems of records; request for comment.
SUMMARY:
In accordance with the Privacy Act of 1974, as amended, the U.S. Department of Agriculture (USDA) gives notice of deletion of an existing system of records, USDA/OES-1, Enterprise Content Management, and the creation of two new systems of records entitled USDA/OES-2, Correspondence and Document Management System, and USDA/RD-2, Enterprise Content Management.
DATES:
This notice will be adopted without further publication in the Federal Register on May 12, 2014 unless modified by a subsequent notice to incorporate comments received from the public. Written or electronic comments must be received by the contact person listed below on or before April 11, 2014.
ADDRESSES:
You may submit written or electronic comments on this notice by any of the following methods:
• Federal eRulemaking Portal: http://www.regulations.gov . Follow the online instructions for submitting comments.
• Mail: Director of the Office of the Executive Secretariat (OES), U.S. Department of Agriculture, 1400 Independence Avenue SW., Washington, DC 20250-3300.
• Email: Sally.Liska@osec.usda.gov .
• Fax: (202) 720-2166.
All comments will become a matter of public record and should be identified as "Correspondence and Document Management/Enterprise Content Management System of Records Comment," making reference to the date and page number of this issue of the Federal Register . Comments will be available for public inspection in the above office during regular business hours (7 CFR 1.27(b)). Please call Sally Liska at (202) 720-7100 to make an appointment to read comments.
FOR FURTHER INFORMATION CONTACT:
Director of the Office of the Executive Secretariat (OES), U.S. Department of Agriculture, 1400 Independence Avenue SW., Washington, DC 20250-3300, telephone: (202) 720-7100.
SUPPLEMENTARY INFORMATION:
Pursuant to the Privacy Act of 1974, notice is given that USDA proposes to delete the Privacy Act system of records entitled "USDA/OES-1, USDA Enterprise Content Management (ECM)" and create two new Privacy Act systems of records entitled "USDA/OES-2, Correspondence and Document Management System," and "USDA/RD-2, Enterprise Content Management." The proposed changes are needed to reflect USDA organizational governance changes that will result from the upgrade of one of the information system modules currently included in the USDA/OES-1.
The current system of records entitled USDA/OES-1 addresses three components or modules within ECM: the Enterprise Correspondence Management Module (ECMM), the General Use Module (GUM), and the Content Analysis Module (CAM). ECM is administered and maintained by Rural Development (RD). One of the ECM modules (ECMM) is being replaced by a new information system, the Correspondence and Document Management System (CDMS). The new CDMS application is being developed on a separate cloud-based platform and will be administered and maintained by the Office of the Executive Secretariat (OES). USDA proposes to align the systems of records with the respective USDA organizations responsible for information system administration. As such, USDA proposes to delete the system of records USDA/OES-1 and incorporate remaining and new ECM modules into a new system of records USDA/RD-2, and create a new system of records USDA/OES-2 to address the new CDMS.
USDA/OES-2 Correspondence and Document Management System
Pursuant to the Privacy Act, 5 U.S.C. 552a, USDA is creating a new system of records, Correspondence and Document Management System (CDMS) to be maintained by the Office of the Executive Secretariat. CDMS will be designed for use by the employees and officers of USDA to manage documents associated with a wide range of Secretarial and other controlled correspondence. CDMS will include information regarding individuals, primarily information such as the name, address, and other contact information incidental to their correspondence addressed to the Secretary of Agriculture and various other officers and employees of USDA. In a few cases, it includes supplementary information about the individual, most often voluntarily provided by that individual.
The purpose of CDMS is to help USDA employees manage correspondence and other documents at any organizational level from initial receipt through completion and archival storage. Department officials are included in the correspondence drafting and policymaking process through a managed clearance and control system. The system incorporates workflow capabilities that enable documents to be routed within or among USDA agencies and offices for collaborative input or review, and security that ensures information is available only to authorized personnel.
The system will be developed on a secure, cloud-based platform. This cloud-based solution is in adherence with the December 2010 "25 Point Implementation Plan to Reform Federal Information Technology Management," published by Vivek Kundra, then U.S. Chief Information Officer. The "cloud first" mandate launched by the Office of Management and Budget requires government technology managers to choose a cloud-based solution whenever a secure, reliable, cost-effective cloud option exists before any information technology development programs are implemented.
USDA/RD-2 Enterprise Content Management
[top] Pursuant to the Privacy Act, 5 U.S.C. 552a, USDA is creating a new system of
The purpose of ECM is to help USDA employees manage documents at any organizational level from initial receipt through completion and archival storage. At present, there are 20 modules that comprise ECM, 17 of which include personally identifiable information: General Use Module (GUM), Packers and Stockyards Automated System (PSAS), Packers and Stockyards workflow module (GIPSA), COD Telephone and Utilities (COD), Invoice Processing (IP), Acquisition Management (AQM), ASCBF Miscellaneous Payments (MisPay), Content Analysis Module (CAM), Acquisition Approval Requests (AAR), Agriculture Foreign Investment Disclosure Act (AFIDA), Customer Service Call Management Module (CSCM), DCFO Receipt Module (DCFO), Farm Loan Program Module (FLP), Federal Grain Inspection Service Module (FGIS), Grants Review Module (GR), Performance Appraisal Module (PA), Rural Business Service Module (RBS), OGC Case Management Module (OGC), Tax Service Module (Tax), and Electronic Personal Security Folder Module (e-PSF).
Signed in Washington, DC, on February 18, 2014.
Thomas J. Vilsack,
Secretary.
USDA/OES-2 CORRESPONDENCE AND DOCUMENT MANAGEMENT SYSTEM
SYSTEM NAME:
USDA Correspondence and Document Management System (CDMS) USDA/OES-02.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
The system will be located on the Salesforce Force.com cloud-based platform at a secure computing facility in Ashburn, Virginia.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals corresponding with USDA, from the public, private, and political sectors; system users, managers, and Systems Administrators.
CATEGORIES OF RECORDS IN THE SYSTEM:
Categories of records in this system may include the following: correspondence inquiries from the public, private, political, and internal sectors, and related documents, from the beginning of the inquiry up to and including the resolution and response back to the originator; and internal directives, memoranda of understanding, and other internal controlled correspondence that requires signature by the Secretary, Deputy Secretary, or Agency heads. The system will include information regarding individuals, primarily information such as the name, address, and other contact information incidental to their correspondence addressed to the Secretary of Agriculture and various other officers and employees of USDA. In a few cases, it may also include other information about the individual, voluntarily provided by that individual in the correspondence.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
44 U.S.C. 3101, et seq.; 44 U.S.C. 3504 note; 44 U.S.C. 3501, et seq.; 44 U.S.C. 3541, et seq.
PURPOSE(S):
CDMS will be designed for use by the employees and officers of USDA to manage documents associated with a wide range of Secretarial and other controlled correspondence including incoming and outgoing correspondence and drafts. Built-in Customer Relationship Management (CRM) features will allow Department officials to monitor the incoming and outgoing correspondence and drafts throughout the process.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
1. Information may be disclosed to the Department of Justice when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records by the Department of Justice is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.
2. Information may be disclosed to a court or adjudicative body in a proceeding when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity; or (c) any employee of the agency in his or her individual capacity where the agency has agreed to represent the employee; or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.
3. When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate agency, whether Federal, foreign, State, local, or Tribal, or other public authority responsible for enforcing, investigating, or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, or prosecutorial responsibility of the receiving entity.
4. Information may be disclosed to a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained.
5. Records from this system of records may be disclosed to the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906.
6. Information may be disclosed to agency contractors, grantees, experts, consultants, or volunteers who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).
[top] 7. Information may be disclosed to appropriate agencies, entities, and persons when (1) the Department suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
None.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
These records are maintained in hard copy formats at USDA and in electronic format on servers and computers located in the United States and managed by the SalesForce cloud solution provider.
RETRIEVABILITY:
These records may be retrieved by the document control number, date, name of correspondent, or subject.
SAFEGUARDS:
Computer records are maintained in a secure password-protected environment managed by the cloud solution provider, and access is limited to those who have a need to know. Access to the physical application servers is strictly controlled using multiple physical access control security systems. Permission-level assignments allow users access only to those functions for which they are authorized. System users, managers, and CDMS System Administrators have access to the data in the system. Access is controlled by the e-Authentication System on the USDA Intranet, and roles are determined by the application administrators. Paper records are maintained in a secure, limited-access area, which is locked during non-duty hours. Access to the paper records is monitored and controlled by USDA employees in the Office of the Executive Secretariat.
RETENTION AND DISPOSAL:
The retention of data in the system is in accordance with applicable USDA Records Disposition Schedules as approved by the National Archives and Records Administration. Records are maintained for varying periods of time, and temporary records are disposed of by shredding when the retention period is complete.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Office of the Executive Secretariat, U.S. Department of Agriculture, 1400 Independence Avenue SW., Washington, DC 20250.
NOTIFICATION PROCEDURES:
Individuals who want to know whether this system of records contains information about them, who want to access their records, or who want to contest the contents of a record, should make a written request to the Director, Office of the Executive Secretariat, U.S. Department of Agriculture, 1400 Independence Avenue SW., Washington, DC 20250. Individuals must furnish the following information for their records to be located and identified:
A. Full name or other identifying information necessary or helpful in locating the record;
B. Why you believe the system may contain your personal information;
C. A statement indicating the type of request being made (i.e., access, correction, or amendment) and whether a personal inspection of the records or a copy of them by mail is desired;
D. Signature.
RECORD ACCESS PROCEDURES:
Individuals wishing to request access to their records should follow the Notification Procedures. Individuals requesting access are also required to provide adequate identification, such as a driver's license, employee identification card, social security card, or other identifying document. Additional identification procedures may be required in some instances.
CONTESTING RECORD PROCEDURES:
Individuals requesting correction or amendment of their records should follow the Notification Procedures and the Record Access Procedures and also identify the record or information to be changed, giving specific reasons for the change.
RECORD SOURCE CATEGORIES:
Information in this system of records is primarily provided by the individual corresponding with USDA or Agency officials, such as managers and supervisors, responding to individuals or Members of Congress.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
None.
USDA/RD-2 Enterprise Content Management
SYSTEM NAME:
Enterprise Content Management (ECM) USDA/RD-2
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
The system is hosted on servers located within secure USDA computing environments at the National Information Technology Center in Kansas City, Missouri, and at the Information Technology Services Web Farm in St. Louis, Missouri. Paper records are stored and maintained in limited-access areas, which are locked during business hours. Access to the paper records is monitored and controlled by USDA employees in the offices of the respective ECM module business owners.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals corresponding with USDA; individuals and groups doing business with USDA from the public, private, and political sectors; system users, managers, and systems administrators; and USDA contractors.
CATEGORIES OF RECORDS IN THE SYSTEM:
Invoices from entities doing business with USDA; documents related to USDA regulatory activity; loan and grant applications; agency funding requests; USDA personnel documents, handbooks, policies and procedure documentation; security checks on USDA employees and contractors; and work and case-tracking documents from the Office of General Counsel.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
44 U.S.C. 3101, et seq.; 44 U.S.C. 3504 note;, 44 U.S.C. 3501 et seq., 44 U.S.C. 3541, et seq.
PURPOSE(S):
The ECM system is designed for use by the employees and officers of USDA to manage documents associated with a wide range of administrative and business processes. There are 20 components or modules used by various USDA offices and agencies to manage workflow, correspondence, and other business processes; 17 of these modules include personally indentifiable information and are listed below:
[top] 1. General Use Module (GUM) is used by multiple USDA agencies and offices to manage administrative document processes. These processes include managing Rural Development Multi-Family Housing tenant certifications, payments, audits, and back-file of older documents, as well as Centralized Servicing Center audits and compliance documents. Guaranteed loan lender review processes are also handled within ECM. Operations Center ID requests are stored in ECM as well as
2. Packers and Stockyards Automated System (PSAS) is used by the Grain Inspection, Packers and Stockyards Administration (GIPSA) to store data on GIPSA-regulated entities. For more detailed information, see 78 FR 20087, April 3, 2013.
3. Packers and Stockyards workflow module (GIPSA) is used by the USDA Packers and Stockyards Program (P&SP) under GIPSA to track tasks and documents related to the various regulatory activities. For more detailed information, see 78 FR 20087, April 3, 2013.
4. COD Telephone and Utilities (COD) is an ECM module implemented to process USDA telephone and utility invoices. Documents in this Module include copies of telephone bills and utility invoices from USDA Offices. This module assists with the electronic transfer of information into the invoice payment system.
5. Invoice Processing (IP) is used by USDA agencies and offices to store all USDA invoices in a centralized repository. This module assists USDA employees with processing and tracking the status of the invoices and transmitting the invoices to the various USDA payment systems.
6. Acquisition Management (AQM) is used by the Forest Service to manage the document approval of acquisition requests for their procurement staff. This module allows Forest Service employees to view and approve/deny funding requests.
7. ASCBF Miscellaneous Payments (MisPay) is used by the Forest Service to store documents related to payments made outside of the Integrated Acquisition System (IAS). Information stored in ECM includes vendor information including contract number, vendor name, address, and invoice amount.
8. Acquisition Approval Requests (AAR) is used by the Office of the Chief Information Officer in Washington, DC, to Manage Information Technology acquisition requests greater than $25,000.00. This module allows USDA employees to review and approve/deny the requests.
9. Customer Service Call Management Module (CSCM) is used to track incoming telephone calls made to the National Agricultural Statistics Service (NASS) and keep a running record of telephone inquiries made to that Agency.
10. DCFO Receipt Module (DCFO) is used to track and store funds requests and receipts processed by the staff of the Deputy Chief Financial Officer for Rural Development in St. Louis. DCFO is used for processing these funds requests including pre-authorized debits, customer initiated payments, and requests for wire transfer.
11. Farm Loan Program Module (FLP) is used by the Farm Service Agency (FSA) to manage their internal work assignments, such as requests for updating Farm Program Loan information and servicing actions performed on FLP loans.
12. Grants Review Module (GR) is used by Rural Development, Rural Utilities Service (RUS) to track the review of broadband grant applications. RUS staff uses the module to review the applications and approve/deny them.
13. Performance Appraisal Module (PA) is used by the Food and Nutrition Service (FNS) to store employee performance appraisals.
14. Rural Business Service Module (RBS) is used by the Rural Business Service Alternative Agriculture Research to store Business and Cooperative Program Assessment Reviews (BCPAR) documentation.
15. OGC Case Management Module (OGC) is used by OGC to manage and track work assignments and store documents relating to those assignments. For more detailed information, see 43 FR 51321, November 2, 1978.
16. Tax Service Module (TAX) is used by the Rural Development Centralized Servicing Center to process property tax documents by verifying the property information and processing the payment of the property taxes.
17. Electronic Personal Security Folder Module (e-PSF) is used by the Office of Homeland Security and Emergency Coordination (OHSEC) to adjudicate contractor and USDA personnel security reviews by reviewing and analyzing investigations of USDA employee and contractor candidates and determining eligibility for Federal or Federal contractor employment.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
1. Information may be disclosed to the Department of Justice when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records by the Department of Justice is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.
2. When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate agency, whether Federal, foreign, State, local, or Tribal, or other public authority responsible for enforcing, investigating, or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, or prosecutorial responsibility of the receiving entity.
3. Information may be disclosed to a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained.
4. Records from this system of records may be disclosed to the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906.
5. Information may be disclosed to agency contractors, grantees, experts, consultants, or volunteers who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).
[top] 6. Information may be disclosed to appropriate agencies, entities, and persons when (1) the Department suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or
7. To an agency, organization, or individual for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function.
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
None.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
These records are maintained on servers located within secure computing Environments at the National Information Technology Center in Kansas City, Missouri.
RETRIEVABILITY:
These records may be retrieved by the document control number, date, data fields associated with the document, subject, or content within the document.
SAFEGUARDS:
Computer records are maintained in a secure password-protected environment managed by the cloud solution provider, and access is limited to those who have a need to know. Access to the physical application servers is strictly controlled using multiple physical access control security systems. Permission-level assignments allow users access only to those functions for which they are authorized. System users, managers, and System Administrators have access to the data in the system. Access is controlled by the e-Authentication System on the USDA Intranet, and roles are determined by the application administrators. Paper records are maintained in a secure, limited-access area, which is locked during non-duty hours, and which requires a USDA employee identification badge or visitor pass to enter.
RETENTION AND DISPOSAL:
The retention of data in the system is in accordance with applicable USDA Records Disposition Schedules as approved by the National Archives and Records Administration. Hard-copy records are maintained by varying periods of time, and temporary records are disposed of by shredding when the retention period is complete.
SYSTEM MANAGER(S) AND ADDRESS:
U.S. Department of Agriculture, Rural Development, Office of the Chief Information Officer, Enterprise Technologies Branch, Branch Chief, 4300 Goodfellow Blvd., St. Louis, MO 63120
NOTIFICATION PROCEDURES:
Individuals who want to know whether this system of records contains information about them, who want to access their records, or who want to contest the contents of a record, should make a written request to the Office of the Chief Information Officer, Enterprise Technologies Branch, Branch Chief, 4300 Goodfellow Blvd., St. Louis, MO 63120. Individuals must furnish the following information for their records to be located and identified:
A. Full name or other identifying information necessary or helpful in locating the record;
B. Why you believe the system may contain your personal information;
C. A statement indicating the type of request being made (i.e., access, correction, or amendment) and whether a personal inspection of the records or a copy of them by mail is desired;
D. Signature.
RECORD ACCESS PROCEDURES:
Individuals wishing to request access to their records should follow the Notification Procedures. Individuals requesting access are also required to provide adequate identification, such as a driver's license, employee identification card, social security card, or other identifying document. Additional identification procedures may be required in some instances.
CONTESTING RECORD PROCEDURES:
Individuals requesting correction or amendment of their records should follow the Notification Procedures and the Record Access Procedures and also identify the record or information to be changed, giving specific reasons for the change.
RECORD SOURCE CATEGORIES:
Information in this system of records is primarily provided by the individual or entities corresponding or doing business with USDA.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
Pursuant to 5 U.S.C. 552a(k)(5) the e-PSF and Performance Appraisal Modules are claiming an exemption. In addition, any records contained in the OGC Case Management Module that may be exempt from disclosure in accordance with another Privacy Act System of Records are also exempt under this system.
[FR Doc. 2014-05351 Filed 3-11-14; 8:45 am]
BILLING CODE 3410-9X-P