[Federal Register Volume 59, Number 154 (Thursday, August 11, 1994)]
[Unknown Section]
[Page 0]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 94-19579]
[[Page Unknown]]
[Federal Register: August 11, 1994]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Privacy Act of 1974; System of Records
AGENCY: Department of Health and Human Services (HHS), Health Care
Financing Administration (HCFA).
ACTION: Notice of new system of records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the provisions of the Privacy Act of 1974,
we are proposing to establish a new system of records, ``Individuals
Authorized Access to the Health Care Financing Administration (HCFA)
Data Center,'' HHS/HCFA/BDMS, No. 09-70-0064. We have provided
background information about the system in the SUPPLEMENTARY
INFORMATION section below.
DATES: HCFA filed a new system report with the Chairman of the
Committee on Government Operations of the House of Representatives; the
Chairman of the Committee on Governmental Affairs of the Senate; the
Administrator, Office of Information and Regulatory Affairs; and the
Office of Management and Budget (OMB) on August 4, 1994. The system of
records, including routine uses, will become effective 40 days from the
date published unless HCFA receives comments which would necessitate
changes to the system.
ADDRESS: Members of the public should address comments to Mr. Richard
A. De Meo, Privacy Act Officer, Office of Customer Relations and
Communications, Health Care Financing Administration, Room 2-H-4, East
Low Rise Building, 6325 Security Boulevard, Baltimore, Maryland 21207-
5187. Comments received will be available for inspection at this
location.
FOR FURTHER INFORMATION CONTACT:
Gene Strother, ADP Services Branch, Office of Computer Operations,
Bureau of Data Management and Strategy, Health Care Financing
Administration, Room 100, Lyon Building, 6325 Security Boulevard,
Baltimore, Maryland 21207-5187, telephone (410) 966-4088.
SUPPLEMENTARY INFORMATION: HCFA proposes to initiate a new system of
records that controls and monitors access to and use of HCFA
computerized information and resources, pursuant to the authority of 42
CFR 401.101-401.148 and section 1106(a) of the Social Security Act, 42
U.S.C. 1306(a). These regulations and directives establish the
conditions under which information about the access to and use of
HCFA's computerized information and resources shall be made available
to the public as well as Freedom of Information Act rules that apply to
such disclosures of information.
Subsection (b)(3) of the Privacy Act (5 U.S.C. 552a(b)(3)) permits
us to disclose information without the consent of the individual for
``routine uses''--that is, disclosure for purposes that are compatible
with the purpose for which we collect the information. The proposed
routine uses in the system meet the compatibility criteria since the
information is collected for the purposes of assigning, controlling,
tracking, and reporting authorized access to and use of HCFA's
computerized information and resources.
We anticipate that disclosure under the routine uses will not
result in any unwarranted adverse effects on personal privacy.
Dated: August 2, 1994.
Bruce C. Vladeck,
Administrator, Health Care Financing Administration.
Individuals Authorized Access to the Health Care Financing
Administration (HCFA) Data Center.
None.
Health Care Financing Administration, Bureau of Data Management and
Strategy, 7131 Rutherford Road, Baltimore, Maryland 21244.
Those individuals with an approved need for access to the computer
resources and information maintained by the Health Care Financing
Administration.
The system contains name, work address, work phone number, an
assigned user identification (UserID) number, an associated password,
and the software system(s) that the individual is authorized to use.
5 U.S.C. 552(e)(10)
This system is used for assigning, controlling, tracking, and
reporting authorized access to and use of HCFA's computerized
information and resources.
Disclosure may be made to:
1. To a congressional office, from the record of an individual in
response to an inquiry from the congressional office made at the
request of that individual.
2. To the Department of Justice, to a court or other tribunal, or
to another party before such tribunal, when:
a. HHS, or any component thereof; or
b. Any HHS employee in his or her official capacity; or
c. Any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or
d. The United States or any agency thereof when HHS determines that
the litigation is likely to affect HHS or any of its components;
Is a party to litigation or has an interest in such litigation, and HHS
determines that the use of such records by the Department of Justice,
the tribunal, or other party is relevant and necessary to the
litigation and would help in the effective representation of the
governmental party, provided, however, that in each case, HHS
determines that each disclosure is compatible with the purpose for
which the records were collected.
3. To a contractor for the purpose of collating, analyzing,
aggregating, or otherwise refining or processing records in this
system, or for developing, modifying, and/or manipulating it with ADP
software. Data would also be available to users incidental to
consultation, programming, operation, user assistance, or maintenance
for an ADP or telecommunications system containing or supporting
records in the system.
The records are maintained in magnetic media (e.g., magnetic tape
and computer diskettes) and in paper form.
Magnetic records may be retrieved by name or UserId number. Paper
records are retrieved by UserID number.
Physical safeguards are established in accordance with Department
standards and National Institute of Standards and Technology guidelines
(e.g., security codes will be used, limiting access to authorized
personnel. System securities are established in accordance with HHS
Information Resource Management (IRM) Circular #10, Automated
Information Systems Security Program, and HCFA Automated Information
Systems (AIS) Guide, Systems Security Policies. All HCFA agency
employees and contractor personnel will be notified of the
confidentiality of the records and of criminal sanctions for
unauthorized disclosure of the information.
HCFA retains hardcopy for 3 years following expiration of an
individual's authorized use of HCFA's computerized information and
resources. When an individual is no longer authorized access to HCFA's
computer resources, their record is deleted from magnetic media.
Director, Bureau of Data Management and Strategy, Health Care
Financing Administration, Room 1-A-1, Security Office Park Building,
6325 Security Boulevard, Baltimore, Maryland 21207-5187.
An individual can determine if this system contains a record about
him or her and its contents by writing to the system manager at the
above address. When requesting notification, the individual should
provide his or her name, assigned UserID number, and signature. Further
details of the procedure are contained in 45 CFR 5b.5.
Same as notification procedures. Requesters should reasonably
specify the records content being sought. They may also request an
accounting of disclosures that have been made of their records, if any.
Further details of the procedure are contained in 45 CFR 5b.5(a)(2).
Same as notification procedures. Requestors should reasonably
identify the record, specify the information they are contesting, and
state the corrective action sought. The statement should also contain
the reasons for the correction with supporting information to show how
the record is inaccurate, incomplete, untimely, or irrelevant. Further
details of the procedure are contained in 45 CFR 5b.7.
User identification (name, work address, work phone number) is
provided by HCFA by the individual. HCFA specifies the unique UserID
number and the software system(s) authorized for use by the individual.
None.
[FR Doc. 94-19579 Filed 8-10-94; 8:45 am]
BILLING CODE 4120-03-M