88 FR 219 pgs. 78292-78294 - Privacy Act of 1974; System of Records
Type: NOTICEVolume: 88Number: 219Pages: 78292 - 78294
Pages: 78292, 78293, 78294FR document: [FR Doc. 2023-25194 Filed 11-14-23; 8:45 am]
Agency: Architectural and Transportation Barriers Compliance Board
Official PDF Version: PDF Version
[top]
ARCHITECTURAL AND TRANSPORTATION BARRIERS COMPLIANCE BOARD
Privacy Act of 1974; System of Records
AGENCY:
Architectural and Transportation Barriers Compliance Board.
ACTION:
Notice; proposed new system of records.
SUMMARY:
In accordance with the Privacy Act of 1974, as amended, the Architectural and Transportation Barriers Compliance Board (Access Board or Board) gives notice of the establishment of a new Privacy Act System of Records, entitled, "USAB.002-Complaint Tracking System". This system of records covers records related to the investigation and adjudication of complaints filed with the agency alleging violations of the Architectural Barriers Act.
DATES:
This Notice is effective on publication, with the exception of the routine uses. The routine uses will be effective 30 days after publication, unless comments are received that dictate otherwise. Written comments should be submitted December 15, 2023.
ADDRESSES:
You may submit comments on this notice by any of the following methods:
• Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Email: privacy@access-board.gov.
• Mail: Office of General Counsel, U.S. Access Board, 1331 F Street NW, Suite 1000, Washington, DC 20004-1111.
Instructions: All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.
FOR FURTHER INFORMATION CONTACT:
Wendy Marshall, Attorney-Advisor and Privacy Officer, (202) 272-0043, marshall@access-board.gov.
SUPPLEMENTARY INFORMATION:
The Access Board is publishing this notice to inform the public of the creation of a new system of records relating to the investigation and adjudication of complaints filed with the agency alleging violations of the Architectural Barriers Act of 1968 (ABA). The ABA requires that buildings or facilities that were constructed or altered by or on behalf of the United States, or leased or financed in whole or in part by the United States, after August 12, 1968, be accessible to individuals with disabilities. The Access Board enforces the ABA through the investigation of complaints filed by members of the public or federal employees. See 29 U.S.C. 792(b)(1). Complaints may be submitted by any person and may be filed anonymously. Once a complaint is filed, it is electronically entered into the agency's complaint tracking system and the Board investigates the complaint according to the procedures in 36 CFR part 1150. Complainants who choose to provide their contact information (name, phone number, email address, and/or physical mailing address), will be kept up to date on the status of the investigation and any corrective action taken by the agency or department in question. In the past, this information was not considered to be kept in a system of records, because while the contact information was contained within the complaint system, individual complaints were not pulled by an identifier related to the complainant. The Board recently updated to a new platform for this system and now believes it necessary to establish this system as a system of records, so that on occasion the compliance specialist can pull specific complaints by complainant name or email address. This will not change the processing of the complaint and complaints can still be filed anonymously or complainants can choose which personally identifying information to provide, such as just their name and email.
SYSTEM NAME:
USAB.002-Complaint Tracking System.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
U.S. Access Board, 1331 F Street NW, Suite 1000, Washington, DC 20004.
SYSTEM MANAGER:
Senior Compliance Specialist, U.S. Access Board, 1331 F Street NW, Suite 1000, Washington, DC 20004.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
29 U.S.C. 792(b)(1); 42 U.S.C. 4151 et seq.; 36 CFR 1150; and 36 CFR 1191.
PURPOSE(S) OF THE SYSTEM:
[top] This system of records supports the receipt and investigation of complaints alleging violations of the ABA, to
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by this system include any individual that chooses to file a complaint alleging a violation of the ABA with the Board and to provide personally identifiable information with that complaint.
CATEGORIES OF RECORDS IN THE SYSTEM:
Name, email address, physical address, and phone number of individual filing complaint; any additional information about the complainant, including potentially the nature of the individual's disability, provided by the complainant relating to the filing of the complaint; communications between the complainant and the compliance specialist regarding the complaint; communications between the compliance specialist and the agency in charge of the facility or building regarding the complaint and any corrective action to be taken.
RECORD SOURCE CATEGORIES:
Records in the system are obtained from individual members of the public or employees of federal agencies who file a complaint, agency officials from the Federal agency that manages the building or facility named in the complaint, and the compliance specialist who processes and investigates the complaint.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
The identity of the complainant may only be disclosed with written authorization, as required in 36 CFR 1150.12(b). The routine uses of the records maintained in the Complaint Tracking System include, in addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, disclosures outside the agency as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. Disclosure to a Federal Agency-To disclose information to a Federal agency for the purpose of investigation and informal or formal resolution of the alleged violation of the ABA or if requested by another Federal agency pursuant to an administrative, civil, or criminal legal proceeding in which the Federal agency is a party.
2. Contractors, Experts, and Consultants-To contractors, experts, consultants, and the agents thereof, and others performing or working on a contract, service, cooperative agreement, or other assignment for the Access Board when necessary to accomplish an agency function. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as Access Board employees.
3. Congressional Inquiries-A record from this system of records may be disclosed to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of the individual.
4. Law Enforcement-In the event that a system of records maintained by the Access Board to carry out its functions indicates a violation or potential violation of law, whether criminal, civil, or regulatory in nature, and whether arising by general statute or particular program pursuant thereto, the relevant records in the system of records may be disclosed to the appropriate agency, whether Federal, state, local, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto.
5. Disclosure in Litigation-A record from this system of records may be disclosed in a proceeding before a court or other adjudicative body in which the Access Board, an employee of the Access Board in his or her official capacity, or an employee of the Access Board in his or her individual capacity if the Access Board (or the Department of Justice ("DOJ")) has agreed to represent him or her is a party, or the United States or any other Federal agency is a party and the Access Board determines that it has an interest in the proceeding, if the Access Board determines that the record is relevant to the proceeding and that the use is compatible with the purpose for which the Access Board collected the information.
6. Disclosure to the Department of Justice in Litigation-When the Access Board, an employee of the Access Board in his or her official capacity, or an employee of the Access Board in his or her individual capacity whom the Access Board has agreed to represent is a party to a proceeding before a court or other adjudicative body, or the United States or any other Federal agency is a party and the Access Board determines that it has an interest in the proceeding, a record from this system of records may be disclosed to the DOJ if the Access Board is consulting with the DOJ regarding the proceeding or has decided that the DOJ will represent the Access Board, or its interest, in the proceeding and the Access Board determines that the record is relevant to the proceeding and that the use is compatible with the purpose for which the Access Board collected the information.
7. Disclosure in Response to a Federal Data Breach-A record from this system of records may be disclosed to appropriate agencies, entities, and persons when (1) the Access Board suspects or has confirmed that there has been a breach of the system of records; (2) the Access Board has determined that, as a result of the suspected or confirmed breach, there is a risk of harm to individuals, the Board (including its information systems, operations, and programs), the Federal government or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Access Board's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
8. Records Management-To the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906.
9. Assistance to Federal Agencies and Entities-To another Federal agency or Federal entity, when the Board determines that information from this system is reasonably necessary to assist the recipient agency or entity in: (a) Responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, program, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
[top] Records in this system consist of electronic records. Electronic records are maintained within a restricted access system, namely the Board's Complaint Tracking System. Access is limited to the system owner(s) and other agency personnel who have an official need for access to perform their duties ( e.g., contractor who manages the system and compliance staff). Access
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are routinely retrieved by Access Board complaint number or the name of the facility to which a complaint relates. Records can also be retrieved by a variety of other fields, including the name and/or email address of the complainant, while this is not the routine method of retrieval, it is available for use by the compliance specialist, when needed.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Electronic records are retained in accordance with the Access Board File Plan 500- Complaint Files, which prescribes a three-year retention period. For administrative program files, the retention period dates from file supersession. For these records, five years after the closure of the complaint the files are transferred to Washington National Records Center (WNRC). Ten years after closure, these records are eligible for destruction, electronic records are securely destroyed or erased using methods prescribed by the National Institute of Standards and Technology.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Access to system records is restricted to authorized Access Board personnel who are system owners or have an official need to access such records to perform their duties. Electronic records are stored in a restricted-access separate system. Access to electronic records is controlled by technical safeguards through assignment of system roles and permissions, secure log-ins, multi-factor authentication, time-out features, firewalls, and cybersecurity monitoring systems. Access Board policy also requires all emails, email strings, and attachments that contain sensitive personally identifiable information to be protected by encryption or password protection before transmission, absent express waiver from an agency privacy officer.
RECORD ACCESS PROCEDURES:
Individuals seeking access to, or notification of, any record contained in this system of records, or seeking to contest its content, may inquire in writing in accordance with instructions appearing in the Access Board's Privacy Act Implementation rule, 36 CFR part 1121, which also appear on the Access Board's website at www.access-board.gov/privacy.
CONTESTING RECORD PROCEDURES:
See "Record Access Procedures," above.
NOTIFICATION PROCEDURE:
See "Record Access Procedures," above.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
None.
Christopher Kuczynski,
Senior Agency Official for Privacy, General Counsel.
[FR Doc. 2023-25194 Filed 11-14-23; 8:45 am]
BILLING CODE 8150-01-P