82 FR 172 pgs. 42274-42277 - Privacy Act of 1974; System of Records
Type: NOTICEVolume: 82Number: 172Pages: 42274 - 42277Pages: 42274, 42275, 42276, 42277
FR document: [FR Doc. 2017-18904 Filed 9-6-17; 8:45 am]
Agency: American Battle Monuments Commission
Official PDF Version: PDF Version
AMERICAN BATTLE MONUMENTS COMMISSION
Privacy Act of 1974; System of Records
American Battle Monuments Commission.
Notice of a New System of Records.
Pursuant to the Privacy Act of 1974, as amended, the American Battle Monuments Commission establishes a new system of records titled, "ABMC-6, Personnel and Payroll System". This system allows the American Battle Monuments Commission to ensure proper payment for salary and benefits, and to track time worked, leave, or other absences for reporting and compliance purposes. Once this notice and the associated routine uses go into effect, the American Battle Monuments Commission will rescind two previously published system of records notices, "ABMC-1, Official Personnel Records", and "ABMC-2, General Financial Records", as the related records will be maintained under this newly established system of records.
In accordance with 5 U.S.C. 552a(e)(4) and (11), this system of records notice is effective upon publication, with the exception of the routine uses, which will go into effect 30 days after publication of this notice, on September 7, 2017, unless comments have been received from interested members of the public requiring modification and republication of the notice. Please submit any comments by October 10, 2017.
Any person interested in commenting on the establishment of this new system of records may do so by: Submitting comments in writing to Jamilyn Smyser, Program Management Officer, American Battle Monuments Commission, 2300 Clarendon Boulevard, Suite 500, Arlington, Virginia 22201; or emailing comments to email@example.com.
FOR FURTHER INFORMATION CONTACT:
Senior Agency Official for Privacy, American Battle Monuments Commission, 2300 Clarendon Boulevard, Suite 500, Arlington, VA 22201; or by telephone at 703-696-6900.
The American Battle Monuments Commission (ABMC) builds and maintains suitable memorials commemorating the service of American Armed Forces and maintains permanent American military cemeteries in foreign countries. ABMC employs U.S. citizens, lawful permanent residents, and non-U.S. citizens or nationals from foreign countries. ABMC maintains the ABMC-6, Personnel and Payroll System, to manage payroll and personnel data for ABMC employees, ensure proper payment of salary and benefits to ABMC personnel, and track time worked and leave or other absences for reporting and compliance purposes. ABMC is publishing this new system of records notice to reflect updates to ABMC payroll and personnel data processes and services.
ABMC has entered into an agreement with the Department of the Interior (DOI) Interior Business Center (IBC), a Federal agency shared service provider, to provide payroll and personnel processing services through DOI's Federal Personnel and Payroll System (FPPS). Although DOI will host and process payroll and personnel data on behalf of ABMC, ABMC will retain ownership and control over its own data. ABMC has included a routine use in this notice to permit sharing of records with DOI for hosting and support services. Individuals seeking access to their records owned and maintained by ABMC must submit their requests to ABMC as outlined in the Record Access Procedures, Contesting Record Procedures, and Notification Procedures sections below.
II. Privacy Act
The Privacy Act of 1974, as amended, embodies fair information practice principles in a statutory framework governing the means by which Federal agencies collect, maintain, use, and disseminate individuals' records. The Privacy Act applies to records about individuals that are maintained in a "system of records." A "system of records" is a group of any records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual.
The Privacy Act requires each agency to publish in the Federal Register a description denoting the existence and character of each system of records that the agency maintains and the routine uses of each system. The ABMC-6, Personnel and Payroll System, system of records notice is published in its entirety below. In accordance with 5 U.S.C. 552a(r), ABMC has provided a report of this system of records to the Office of Management and Budget and to Congress.
Dated: August 21, 2017.
Senior Agency Official for Privacy.
SYSTEM NAME AND NUMBER
ABMC-6, Personnel and Payroll System.
The ABMC-6, Personnel and Payroll System, system of records is centrally managed by the American Battle Monuments Commission, 2300 Clarendon Boulevard, Suite 500, Arlington, VA 22201-3367. Electronic payroll and personnel records processed through the FPPS under a shared service agreement with DOI are located at the U.S. Department of the Interior, Interior Business Center, Human Resources and Payroll Services, 7301 W Mansfield Ave. MS D-2000 Denver, CO 80235.
Chief Human Resources, American Battle Monuments Commission, 2300 Clarendon Boulevard, Suite 500, Arlington, VA 22201.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
36 U.S.C. 2102; 5 U.S.C. Chapter 55; 5 CFR part 293; and Executive Order 9397 as amended by Executive Order 13478, relating to Federal agency use of Social Security numbers.
PURPOSE(S) OF THE SYSTEM:
[top] The purpose of the system is to allow ABMC to collect and maintain records on current and former employees to ensure proper payment for salary and benefits, and to track time worked, leave, or other absences for reporting and compliance purposes.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The system maintains records concerning current and former ABMC employees, including volunteers and emergency employees, and limited information regarding employee spouses, dependents, emergency contacts, or in the case of an estate, a trustee who meets the definition of "individual" as that term is defined in the Privacy Act. The Privacy Act defines an individual as a United States citizen or an alien lawfully admitted for permanent residence. Although ABMC employs U.S. citizens, lawful permanent residents, and nationals from foreign countries, the ABMC-6 system of records only maintains records concerning ABMC employees who are U.S. citizens and lawful permanent residents.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system maintains records including:
• Employee biographical and employment information : Employee name, other names used, citizenship, gender, date of birth, group affiliation, marital status, Social Security number (SSN), truncated SSN, legal status, place of birth, records related to position, occupation, duty location, security clearance, financial information, medical information, disability information, education information, driver's license, race/ethnicity, personal telephone number, personal email address, military status/service, mailing/home address, Taxpayer Identification Number, bank account information, professional licensing and credentials, family relationships, age, involuntary debt (garnishments or child support payments), employee common identifier (ECI), user identification and any other employment information.
• Third-party information : Spouse information, emergency contact, beneficiary information, savings bond co-owner name(s) and information, family members and dependents information.
• Salary and benefits information : Salary data, retirement data, tax data, deductions, health benefits, deductions, allowances, union dues, insurance data, Flexible Spending Account, Thrift Savings Plan contributions, pay plan, payroll records, awards, court order information, back pay information, debts owed to the government as a result of overpayment, refunds owed, or a debt referred for collection on a transferred employee or emergency worker.
• Timekeeping information : Time and attendance records, leave records, the system may also maintain records including other information required to administer payroll, leave, and related functions.
RECORD SOURCE CATEGORIES:
Information is obtained from individuals on whom the records are maintained, official personnel records of individuals on whom the records are maintained, supervisors, timekeepers, previous employers, the Internal Revenue Service and state tax agencies, the Department of the Treasury, other Federal agencies, courts, state child support agencies, employing agency accounting offices, and third-party benefit providers.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information maintained in this system may be disclosed to authorized entities outside ABMC for purposes determined to be relevant and necessary as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ), including Offices of the U.S. Attorneys, or other Federal agencies conducting litigation or in proceedings before any court, adjudicative, or administrative body, when it is relevant or necessary to the litigation and one of the following is a party to the litigation or has an interest in such litigation:
(2) Any employee or former employee of ABMC in his or her official capacity;
(3) Any employee or former employee of ABMC in his or her individual capacity when DOJ or ABMC has agreed to represent the employee; or
(4) The U.S. Government or any agency thereof.
B. To a congressional office in response to a written inquiry that an individual covered by the system, or the heir of such individual if the covered individual is deceased, has made to the office.
C. To the Office of Management and Budget (OMB) during the coordination and clearance process in connection with legislative affairs as mandated by OMB Circular A-19.
D. To other Federal agencies who provide payroll and personnel processing services under a cross-servicing agreement for purposes relating to ABMC employee payroll and personnel processing.
E. To another federal agency as required for payroll purposes, including to the Department of the Treasury for preparation of payroll and to issue checks and electronic funds transfer.
F. To the Office of Personnel Management, the Merit System Protection Board, Federal Labor Relations Authority, or the Equal Employment Opportunity Commission when requested in the performance of their authorized duties.
G. To appropriate Federal and state agencies to provide reports including data on unemployment insurance.
H. To State offices of unemployment compensation to assist in processing an individual's unemployment, survivor annuity, or health benefit claim, or for records reconciliation purposes.
I. To Federal Employee's Group Life Insurance or Health Benefits carriers in connection with survivor annuity or health benefits claims or records reconciliations.
J. To the Internal Revenue Service and State and local tax authorities for which an employee is or was subject to tax regardless of whether tax is or was withheld in accordance with Treasury Fiscal Requirements, as required.
K. To the Internal Revenue Service or to another Federal agency or its contractor to disclose debtor information solely to aggregate information for the Internal Revenue Service to collect debts owed to the Federal government through the offset of tax refunds.
L. To any creditor Federal agency seeking assistance for the purpose of that agency implementing administrative or salary offset procedures in the collection of unpaid financial obligations owed the United States Government from an individual.
M. To any Federal agency where the individual debtor is employed or receiving some form of remuneration for the purpose of enabling that agency to collect debts on the employee's behalf by administrative or salary offset procedures under the provisions of the Debt Collection Act of 1982.
N. To the Internal Revenue Service, and state and local authorities for the purposes of locating a debtor to collect a claim against the debtor.
O. To any source from which additional information is requested by ABMC relevant to an ABMC determination concerning an individual's pay, leave, or travel expenses, to the extent necessary to identify the individual, inform the source of the purpose(s) of the request, and to identify the type of information requested.
[top] P. To the Social Security Administration and the Department of the Treasury to disclose pay data on an annual basis.
Q. To the Social Security Administration to credit the employee or emergency worker account for Old-Age, Survivors, and Disability Insurance (OASDI) and Medicare deductions.
R. To the Federal Retirement Thrift Investment Board's record keeper, which administers the Thrift Savings Plan, to report deductions, contributions, and loan payments.
S. To a Federal agency or in response to a congressional inquiry when additional or statistical information is requested relevant to the ABMC Transit Fare Subsidy Program.
T. To the Department of Health and Human Services for the purpose of providing information on new hires and quarterly wages as required under the Personal Responsibility and Work Opportunity Reconciliation Act of 1996.
U. To the Office of Child Support Enforcement, Administration for Children and Families, Department of Health and Human Services for the purposes of locating individuals to establish paternity; establishing and modifying orders of child support; identifying sources of income; and for other child support enforcement actions as required by the Personal Responsibility and Work Opportunity Reconciliation Act (Welfare Reform Law, Pub. L. 104-193).
V. To the Office of Personnel Management or its contractors in connection with programs administered by that office, including, but not limited to, the Federal Long Term Care Insurance Program, the Federal Dental and Vision Insurance Program, the Flexible Spending Accounts for Federal Employees Program, and the electronic Human Resources Information Program.
W. To charitable institutions, when an employee designates an institution to receive contributions through salary deduction.
X. To any criminal, civil, or regulatory law enforcement authority (whether Federal, state, territorial, local, tribal or foreign) when a record, either alone or in conjunction with other information, indicates a violation or potential violation of law-criminal, civil, or regulatory in nature.
Y. To the National Archives and Records Administration (NARA) to conduct records management inspections under the authority of 44 U.S.C. 2904 and 2906.
Z. To an expert, consultant, grantee, or contractor (including employees of the contractor) of ABMC that performs services requiring access to these records on ABMC's behalf to carry out the purposes of the system, including employment verifications, unemployment claims, and W-2 services.
AA. To the Department of Labor for processing claims for employees, emergency workers, or volunteers injured on the job or claiming occupational illness.
BB. To appropriate agencies, entities, and persons when:
(1) ABMC suspects or has confirmed that there has been a breach of the system of records,
(2) ABMC has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, ABMC (including its information systems, programs, and operations), the Federal Government, or national security; and
(3) The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with ABMC's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
CC. To another Federal agency or Federal entity, when ABMC determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in:
(1) Responding to a suspected or confirmed breach; or
(2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
DD. To another Federal agency to provide information needed in the performance of official duties related to reconciling or reconstructing data files or to enable that agency to respond to an inquiry by the individual to whom the record pertains.
EE. To Federal, state, territorial, local, tribal, or foreign agencies that have requested information relevant or necessary to the hiring, firing or retention of an employee or contractor, or to the issuance of a security clearance, license, contract, grant or other benefit.
FF. To an agency or organization for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function.
GG. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body, when the Department of Justice determines that the records are arguably relevant to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.
HH. To the news media and the public, with the approval of the Agency Privacy Officer in consultation with counsel, when there exists a legitimate public interest in the disclosure of the information or when disclosure is necessary to preserve confidence in the integrity of ABMC or is necessary to demonstrate the accountability of ABMC's officers, employees, or individuals covered by the system, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Paper records are maintained in file folders stored within locking filing cabinets or locked rooms in secured facilities with controlled access. Electronic records are stored in computers, removable drives, storage devices, electronic databases, and other electronic media under the control of ABMC, and in other Federal agency systems pursuant to interagency sharing agreements.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by name, SSN, ECI, birth date, organizational code, or other assigned person.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records are maintained in accordance with General Records Schedule (GRS) 1.0 "Finance", and GRS 2.0 "Human Resources", which are approved by the National Archives and Records Administration. The system generally maintains temporary records, and retention periods vary based on the type of record under each item and the needs of the agency. Paper records are disposed of by shredding or pulping, and records maintained on electronic media are degaussed or erased in accordance with the applicable records retention schedule and NARA guidelines.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
[top] The records maintained in this system are safeguarded in accordance with ABMC security and privacy rules and policies. During normal hours of operations, paper records are maintained in locked files cabinets under the control of authorized personnel. Information technology systems follow the National Institute of Standards and Technology privacy and security standards developed to comply with the Privacy Act of 1974 as amended, 5 U.S.C. 552a; the Paperwork Reduction Act of 1995, Pub. L. 104-13; the Federal Information Security Modernization Act of 2014, Pub L. 113-283, as codified at 44 U.S.C. 3551 et seq.; and the Federal Information Processing Standard 199, Standards for Security Categorization of Federal Information and Information Systems. Computer servers on which electronic records are stored are located in secured ABMC and DOI facilities with physical, technical and administrative levels of security to prevent unauthorized access to the ABMC and DOI network and information assets. Security controls include encryption, firewalls, audit logs, and network system security monitoring. Electronic data is protected through user identification, passwords, database permissions and software controls. Access to records in the system is limited to authorized personnel who have a need to access the records in the performance of their official duties, and each person's access is restricted to only the functions and data necessary to perform that person's job responsibilities. System administrators and authorized users for both ABMC and DOI are trained and required to follow established internal security protocols and must complete all security, privacy, and records management training, and sign Rules of Behavior for each agency.
RECORD ACCESS PROCEDURES:
An individual may request records on himself or herself by sending a signed, written inquiry to American Battle Monuments Commission, Office of the General Counsel, 2300 Clarendon Boulevard, Suite 500, Arlington VA 22201, or by calling the Office of the General Counsel at (703) 696-6902 on business days, between the hours of 9 a.m. and 5 p.m., to schedule an appointment to make such a request in person. Requests for records access must meet the requirements of ABMC Privacy Act regulations at 36 CFR part 407.
CONTESTING RECORD PROCEDURES:
An individual requesting amendment or correction of his or her records should send a signed, written request to American Battle Monuments Commission, Office of the General Counsel, 2300 Clarendon Boulevard, Suite 500, Arlington VA 22201. Requests for amendment or correction must meet the requirements of ABMC Privacy Act regulations at 36 CFR Sections 407.6 and 407.7.
An individual may inquire whether this system of records maintains records about him or her by sending a signed, written inquiry to American Battle Monuments Commission, Office of the General Counsel, 2300 Clarendon Boulevard, Suite 500, Arlington VA 22201, or by calling the Office of the General Counsel at (703) 696-6902 on business days, between the hours of 9 a.m. and 5 p.m., to schedule an appointment to make such a request in person. Requests for notifications must meet the requirements of ABMC Privacy Act regulations at 36 CFR part 407.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
[FR Doc. 2017-18904 Filed 9-6-17; 8:45 am]
BILLING CODE 6120-01-P