[Federal Register Volume 60, Number 78 (Monday, April 24, 1995)]
[Notices]
[Pages 20156-20158]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 95-9988]
-----------------------------------------------------------------------
DEPARTMENT OF VETERANS AFFAIRS
Privacy Act of 1974, Amendment of System of Records,
Compensation, Pension, Education and Rehabilitation Records-VA (58VA21/
22)
AGENCY: Department of Veterans Affairs.
ACTION: Notice.
-----------------------------------------------------------------------
Notice is hereby given that the Department of Veterans Affairs (VA)
is considering adding two new routine uses to, and amending the storage
policies for the records in, the system of records entitled
Compensation, Pension, Education and Rehabilitation Records--VA
(58VA21/22) published at 41 FR 9294 (03/03/76), and amended at 43 FR
3984 (01/30/78), 43 FR 15026 (04/10/78), 43 FR 23797 (06/01/78), 45 FR
57641 (08/28/80), 45 FR 77220 (11/21/80), 47 FR 367 (01/05/82), 47 FR
16132 (04/14/482), 47 FR 4072 (09/15/82), 48 FR 1384 (01/12/83), 48 FR
15994 (04/13/83), 48 FR 39197 (08/29/83), 48 FR 52798 (11/22/83), 49 FR
23974 (06/08/84), 49 FR 36046 (09/13/84), 50 FR 10886 (03/18/85), 50 FR
31453 (06/28/85), 50 FR 31453 (08/02/85), 51 FR 24781 (07/08/86), 51 FR
25141 (07/10/86), 51 FR 28289 (08/06/86), 51 FR 36894 (10/16/86), 52 FR
4078 (02/09/87), 54 FR 36933 (09/05/89), 55 FR 28508 (07/11/90), 55 FR
42540 (10/19/90), 56 FR 15667 (04/17/91), 56 FR 16354 (04/22/91), 57 FR
12374 (04/09/92), 57 FR 44007 (09/23/92), 58 FR 38164 (07/15/93) and 58
FR 54643 (10/22/93).
VA has published a notice of final rulemaking (59 FR 47082
(September 14, 1994)) amending its regulations to add sections 38 CFR
14.640 through 14.643 to provide for expanded remote access to
computerized claims records by individuals approved by the Department
to represent claimants before VA in the preparation, presentation, and
prosecution of claims for veterans' benefits.
Those regulations provide that VA would disclose information
concerning how these representatives use their access privileges in two
circumstances for which routine uses do not currently exist. First, if
VA is considering whether to revoke the individual representative's
access privileges generally, VA will then notify the representative's
employer.
Second, if the representative is licensed by a governmental entity,
such as a state bar association, VA will report the conduct of the
representative to that entity after revocation of access privileges if
VA concludes that the conduct which was the basis for revocation of
access privileges merits reporting.
These two routine uses would add provisions to allow the release of
information concerning the conduct of individual representatives in
both these cases.
VA has determined that release of information under the
circumstances described above is a necessary and proper use of
information in this system of records and that a specific routine use
for transfer of this information is appropriate.
VA is also amending the storage policies and practices for the
records in this system of records to reflect the policies and practices
applicable to claimants' representatives and attorneys who are granted
access to automated claimant's record.
Interested persons are invited to submit written comments,
suggestions, or objections regarding the proposed amended routine use
statements to the Director, Office of Regulations Management(02), 810
Vermont Avenue, NW, Washington, DC 20420. All relevant material
received before May 24, 1995, will be considered. All written comments
received will be available for public inspection at the Office of
Regulations Management, room 1176, 801 I Street, NW., Washington, DC
20001 only between the hours of 8 am and 4:30 pm, Monday through Friday
(except holidays) until June 5, 1995.
If no public comment is received during the 30 day review period
allowed for public comment or unless otherwise published in the Federal
Register by the Department of Veterans Affairs, the amendments to
58VA21/22 included herein are effective May 24, 1995.
Approved: April 10, 1995.
Jesse Brown,
Secetary of Veterans Affairs.
Notice of Amendment to System of Records
The system of records identified as 58 VA 21/22, ``Compensation,
Pension, Education and Rehabilitation records--VA'' published at 41 FR
9294 (03/03/76) and amended at 43 FR 3984 (01/30/78), 43 FR 15026 (04/
10/78), 43 FR 23797 (06/01/78), 45 FR 57641 (08/28/80), 45 FR 77220
(11/21/80), 47 FR 367 (01/05/82), 47 FR 16132 (04/14/82), 47 FR 40742
(09/15/82), 48 FR 1384 (01/12/83), 48 FR 15994 (04/13/83), 48 FR 39197
(08/29/83), 48 FR 52798 (11/22/83), 49 FR 23974 (06/08/84), 49 FR 36046
(09/13/84), 50 FR 10886 (03/18/85), 50 FR 31453 (06/28/85), 50 FR 31453
(08/02/85), 51 FR 24781 (07/08/86), 51 FR 25141 (07/10/86), 51 FR 28289
(08/06/86), 51 FR 36894 (10/16/86), 52 FR 4078 (02/09/87), 54 FR 36933
(09/05/89), 55 FR 28508 (07/11/90), 55 FR 42540 (10/19/90), 56 FR 15667
(04/17/91), 56 FR 16354 (04/22/91), 57 FR 12374 (04/09/92), 57 FR 44007
(09/23/92), 58 FR 38164 (07/15/93) and 58 FR 54643 (10/22/93), is
amended by adding the following:
58 VA 21/22
Compensation, Pension, Education and Rehabilitation Records--VA.
* * * * *
* * * * *
59. The name and address of a prospective, present, or former
accredited representative, claims agent or attorney and any information
concerning such individual which is [[Page 20157]] relevant to a
refusal to grant access privileges to automated veterans claims
records, or a potential or past suspension or termination of such
access privileges may be disclosed to the entity employing the
individual to represent veterans on claims for veterans benefits.
60. The name and address of a former accredited representative,
claim agent or attorney, and any information concerning such
individual, except a veteran's name and home address, which is relevant
to a revocation of such access privileges may be disclosed to an
appropriate governmental licensing organization where VA determines
that the individual's conduct which resulted in revocation merits
reporting.
* * * * *
Records (or information contained in records) are maintained on
paper documents in claims file folders (e.g., ``C'' file folders,
educational file folders and vocational rehabilitation folders) and on
automated storage media (e.g., microfilm, microfiche, magnetic tape and
disks). Such information may be accessed through a data
telecommunication terminal system designated the Benefits Delivery
Network (BDN). BDN terminal locations include VA Central Office,
regional offices, some VA health care facilities, Department of Defense
Finance and Accounting Service Centers and the U.S. Coast Guard Pay and
Personnel Center.
Remote on-line access is also made available to authorized
representatives of claimants and to attorneys of record for claimants.
A VA claimant must execute a prior written consent or a power of
attorney authorizing access to his or her claims records before VA will
allow the representative or attorney to have access to the claimant's
automated claims records. Access by representatives and attorneys of
record is to be used solely for the purpose of assisting an individual
claimant whose records are accessed in a claim for benefits
administered by VA.
Information relating to receivable accounts owed to VA, designated
the Centralized Accounts Receivable System (CARS), is maintained on
magnetic tape, microfiche and microfilm. CARS is accessed through a
data telecommunications terminal system at St. Paul, Minnesota.
* * * * *
The proposed change should have no effect upon the current
RETREIVABILITY policies or practices.
* * * * *
1. Physical Security: (a) Access to working spaces and claims
folder file storage areas in VA regional offices and centers is
restricted to VA employees on a need-to-know basis. Generally, file
areas are locked after normal duty hours and the offices and centers
are protected from outside access by the Federal Protective Service or
other security personnel. Employee claims file records and claims file
records of public figures are stored in separate locked files. Strict
control measures are enforced to ensure that access to and disclosure
from these claims file records are limited to a need-to-know basis.
(b) Access to BDN data telecommunications network is by
authorization controlled by the site security officer who is
responsible for authorizing access to the BDN by a claimant's
representative or attorney approved for access in accordance with VA
regulations. The site security officer is responsible for ensuring that
the hardware, software and security practices of a representative or
attorney satisfy VA security requirements before granting access. The
security requirements applicable to access to automated claims files by
VA employees also apply to access to automated claims files by
claimants' representatives or attorneys. The security officer is
assigned responsibility for privacy-security measures, especially for
review of violation logs, information logs and control of password
distribution, including password distribution for claimants'
representatives.
(c) Access to data processing centers is generally restricted to
center employees, custodial personnel, Federal Protective Service and
other security personnel. Access to computer rooms is restricted to
authorized operational personnel through electronic locking devices.
All other persons provided access to computer rooms are escorted.
(d) Employee production records are identified by the confidential
BDN access number, not name, and are protected by management/
supervisory personnel from unauthorized disclosure in the same manner
as other confidential records maintained by supervisors.
2. BDN System Security: (a) Usage of the BDN system is protected by
the usage of ``logan'' identification passwords and authorized function
passwords. The passwords are changed periodically. These same
protections apply to remote access users.
(b) At the data processing centers, identification of magnetic
tapes and disks containing data is rigidly enforced using labeling
techniques. Automated storage media which are not in use are stored in
tape libraries which are secured in locked rooms. Access to programs is
controlled at three levels: Programming, auditing and operations.
Access to the data processing centers where HUD maintains CAIVRS is
generally restricted to center employees and authorized subcontractors.
Access to computer rooms is restricted to center employees and
authorized operational personnel through electronic locking devices.
All other persons granted access to computer rooms are escorted.
Files in CAIVRS use social security numbers as identifiers. Access
to information files is restricted to authorized employees of
participating agencies and authorized employees of lenders who
participate in the agencies' programs. Access is controlled by agency
distribution of passwords. Information in the system may be accessed by
use of a touch-tone telephone by authorized agency and lender employees
on a ``need-to-know'' basis.
* * * * *
Report of Intention to Alter Federal Notice of System of Records for
``Compensation, Pension, Education and Rehabilitation Records--VA'' 58
VA 21/22
Purpose
Amending this system of records will allow VA to use information
maintained by this system of records to be used to revoke the access of
claimant's representatives to the system of records for violation of
the provisions of 38 CFR 14.640 through 14.643.
Authority
Regulations 38 CFR 14.640 through 14.643.
Probable or Potential Effect on the Privacy of Individuals
These changes should have minimal effect on the privacy rights of
individuals. They will permit VA to use information contained in this
system of records to revoke access to this system to representatives of
claimants who violate the provisions of regulations 38 CFR 14.640
through 14.643.
Steps Taken to Minimize Risks
VA will safeguard individual records as required by the Privacy Act
of 1974. Access to working areas and claims [[Page 20158]] folder
storage areas in VA regional offices is restricted to VA employees on a
need to know basis. Files are locked afternormal duty hours and the
offices are protected from outside access by the Federal Protective
Service or other security personnel. Access to automated VA records by
VA employees and authorized representatives of claimants requires
clearance by the site security officer, whose responsibilities include
control of password distribution.
Satisfaction of Compatibility Requirements of Subsection (a)(7) of the
Privacy Act
These routine uses will permit VA to disclose information from the
BDN system to service organizations whenever VA contemplates revocation
of a representative's access privileges. These are necessary to protect
the integrity of the BDN system.
[FR Doc. 95-9988 Filed 4-21-95; 8:45 am]
BILLING CODE 8320-01-M