[Federal Register Volume 60, Number 118 (Tuesday, June 20, 1995)]
[Notices]
[Pages 32210-32212]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 95-14982]



=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF VETERANS AFFAIRS


Privacy Act of 1974, New Routine Use Statements Amendment of 
System; Notice

AGENCY: Department of Veterans Affairs.

ACTION: Notice; New routine use statements.

-----------------------------------------------------------------------

SUMMARY: As required by the Privacy Act of 1974, 5 U.S.C. 552a(e), 
notice is hereby given that the Department of Veterans Affairs (VA) is 
adding two new routine uses to, and is amending other parts of, a 
system of records.

DATES: Interested persons are invited to submit written comments, 
suggestions, or objections regarding the new routine uses. All relevant 
material received before July 20, 1995, will be considered. All written 
comments received will be available for public inspection in room 315, 
Information Management Service, 801 I St., NW, Washington, DC, 20001 
between the hours of 8 a.m. and 4:30 p.m., Monday through Friday, 
except holidays until July 31, 1995. If no public comment is received 
during the 30 day review period allowed for public comment, or unless 
otherwise published in the Federal Register by VA, the routine uses 
included herein are effective July 20, 1995. Other changes to the 
system of records notice contained herein are effective upon 
publication (June 20, 1995).

ADDRESSES: Written comments concerning the new routine uses may be 
mailed to the Secretary of Veterans Affairs (045A4), 810 Vermont 
Avenue, NW., Washington, DC 20420.

FOR FURTHER INFORMATION CONTACT:
John Muenzen, Information Resources Management Coordination and Field 
Support Division, Chief, Office of Information Technology (20M52), 
Veterans Benefits Administration, NW., Washington, DC 20420 (202) 273-
6947.

SUPPLEMENTARY INFORMATION: VA has published final rules (59 FR 47082 
(9-19-94)) amending its regulations to add sections 38 CFR 14.640 
through 14.643 to provide for expanded remote access to computerized 
claims records by individuals approved by the Department to represent 
claimants before VA in the preparation, presentation, and prosecution 
of claims for veterans' benefits.
    Those regulations provide that VA will disclose information 
concerning how these representatives use their access privileges in two 
circumstances for which routine uses do not currently exist. First, if 
VA is considering whether to revoke the individual representative's 
access privileges generally, VA will notify the representative's 
employer. Second, if the representative is licensed by a governmental 
entity, such as a state bar association, VA will report the conduct of 
the representative to that entity after revocation of access privileges 
if VA concludes that the conduct which was the basis for revocation of 
access privileges merits reporting.
    Consequently, VA is adding the following two new routine uses as 
part of the implementation of the remote access regulations.
    First, if VA is considering whether to deny or suspend or revoke an 
individual's access privileges generally, VA may then notify the 
representative's employer or any recognized service organization with 
which such a representative is affiliated. Second, if the 
representative is licensed by a governmental entity, such as a state 
bar association, VA will report the conduct of the representative to 
that entity after revocation of access privileges if VA concludes that 
the conduct which was the basis for revocation of access privileges 
merits reporting.
    Both routine sues satisfy the compatibility requirement of 
subsection (a)(7) of the Privacy Act. VA will gather this information 
for the purposes of determining whether it should grant, 
[[Page 32211]] deny, suspend or revoke an individual's remote access 
privileges to claimants' automated claim records generally, as well as 
ensuring the individual's continued compliance with the agency's 
requirements for exercise of the remote access privileges. This 
information concerns the qualifications and conduct of the individual, 
that is, the appropriateness of the individual to have remote access 
privileges to represent beneficiaries and claimants.
    State licensing entities, such as bar associations, routinely 
monitor and enforce the individual member's compliance with the rules 
of conduct which are intended, at least in part, to protect the public. 
Additionally, under the rules of these organizations, these persons 
normally have a responsibility to protect and preserve the 
confidentiality of information concerning their clients.
    VA's proposed routine use authorizing disclosures to state 
licensing entities would allow VA to provide those state licensing 
entities with information which is relevant to their enforcement 
activities concerning compliance with those rules. VA gathered the 
information, at least in part, to help ensure the confidentiality of 
the VA's information on people who are, in essence, the clients of the 
individuals who are licensed by the state governmental entities. The 
purposes are sufficiently similar that the disclosure satisfies the 
compatibility requirement of subsection (a)(7) of the Privacy Act.
    Veterans service organizations and other entities represent 
veterans on claims matters. To do so effectively, they must have access 
to the confidential claims records of those veterans. Part of their 
acceptance within the community they serve is a confidence on the 
public's part that they and their accredited representatives and 
employees will zealously protect the privacy of their clients. If 
veterans perceive that the confidentiality of their records will not be 
honored, it will limit the effectiveness of these organizations in 
representing their clients. Thus, in order to effectively represent 
veterans, they are concerned about ensuring that individuals whom they 
use to conduct their representational activities act in a manner 
consistent with the organization's goal of preserving the 
confidentiality of their clients' claim records.
    As we stated in regard to the routine use authorizing disclosure of 
records to state licensing entities, VA gathered the information about 
remote access users, at least in part, to help ensure the 
confidentiality of the VA's information on it claimants who are, in 
essence, the clients of the organization which uses the individual 
representatives and claims agents to prosecute the veterans claims. The 
purposes are sufficiently similar that the disclosure satisfies the 
compatibility requirement of subsection (a)(7) of the Privacy Act.
    VA has determined that release of information under the 
circumstances described above is a necessary and proper use of 
information in this system of records and that the specific routine 
uses proposed for the transfer of this information is appropriate.
    VA is also amending the storage policies and practices for the 
records in this system of records to reflect the policies and practices 
applicable to claimants' representatives and attorneys who are granted 
access to automated claimants' records.
    An altered system of records report and a copy of the revised 
system notice have been sent to the House of Representatives Committee 
on Government Reform and Oversight, the Senate Committee on 
Governmental Affairs, and the Office of Management and Budget (OMB) as 
required by 5 U.S.C. 552a(r) and guidelines issued by OMB (59 FR 37906, 
37916-18 (7-25-94)).
    The proposed routine uses will be added to the system of records 
entitled ``Veterans and Beneficiaries Identification and Records 
Location Subsystem--VA'' 38VA23) published at 49 FR 38095, August 26, 
1975, and amended at 41 FR 11631, March 19, 1976, 43 FR 23798, June 1, 
1978, 45 FR 77220, November 21, 1980, 47 FR 367, January 5, 1982, 48 FR 
45491, October 5, 1983, 50 FR 13448, April 4, 1985.

    Approved: June 5, 1995.
Jesse Brown,
Secretary of Veterans Affairs.
Notice of Amendment to System of Record

    In the system of records identified as 38VA23, ``Veterans and 
Beneficiaries Identification and Records Location Subsystem--VA,'' 
published at 40 FR 38095, August 26, 1975, and amended at 41 FR 11631, 
March 19, 1976, 43 FR 23798, June 1, 1978, 45 FR 77220, November 21, 
1980, 47 FR 367, January 5, 1982, 48 FR 45491, October 5, 1983, 50 FR 
13448, April 4, 1985, is amended by adding the information and revising 
the entries as shown below:
38VA23
    Veterans and Beneficiaries Identification and Records Location 
Subsystems--VA
    Records are maintained at the VA Data Processing Center, 1615 East 
Woodward Street, Austin, TX, 78722; VA Central Office, 810 Vermont 
Avenue, NW, Washington, DC 20420; VA Records Processing Center, PO Box 
5020, St. Louis, MO 63115 and at Neosho, MO.
* * * * *
* * * * *
    18. The name and address of a prospective, present, or former 
accredited representative, claims agent or attorney and any information 
concerning such individual relating to a suspension, revocation, or 
potential suspension or revocation of that individual's privilege of 
remote access to Veterans Benefits Administration automated claim 
records, may be disclosed to any recognized service organization with 
which the accredited representative is affiliated, and to any entity 
employing the individual to represent veterans on claims for veterans 
benefits.
    19. The name and address of a former accredited representative, 
claim agent or attorney, and any information concerning such 
individual, except a veterans' name and home address, which is relevant 
to a revocation of remote access privileges to Veterans Benefits 
Administration automated claim records may be disclosed to an 
appropriate governmental licensing organization where VA determines 
that the individual's conduct which resulted in revocation merits 
reporting.
* * * * *
    The basic file is on automated storage media (e.g., magnetic tapes 
and disks), with backup copies of the information on magnetic tape. 
Such information may be accessed through a data telecommunication 
terminal system designated the Benefits Delivery Network (BDN). BDN 
terminal locations include VA Central Office, regional offices, VBA 
Debt Management Center, some VA health care facilities, Department of 
Defense Finance and Accounting Service Centers and the U.S. Coast Guard 
Pay and Personnel Center. An adjunct file (at the Records Processing 
Center in St. Louis, MO) contains microfilm and paper documents of 
former manual Central Index claims numbers registers, partial 
[[Page 32212]] files of pensioners with service prior to 1930, 
personnel with service between 1940 and 1948 with VA insurance, and 
partial lists of other Armed Forces personnel indexed by service 
number. A duplicate of the microfilm is also located at VA Central 
Office.
    Remote on-line access is also made available to authorize 
representatives of claimants and to attorneys of record for claimants. 
A VA claimant must execute a prior written consent or a power of 
attorney authorizing access to his or her claims records before VA will 
allow the representative or attorney to have access to the claimant's 
automated claims records. Access by representatives and attorneys of 
record is to be used solely for the purpose of assisting an individual 
claimant whose records are accessed in a claim for benefits 
administered by VA.
    Information is retrievable by the use of name only, name and one or 
more numbers (service, social security, VA claims file and VA insurance 
file), name and one or more criteria (e.g., dates of birth, death and 
service), number only, or initials or first five letters of the last 
name with incorrect file number.
    Access to the basic file in the Austin DPC (Data Processing Center) 
is restricted to authorized VA employees and vendors. Accredited 
service organization representatives, VA-approved claims agents and 
attorneys acting under a declaration of representation so that these 
individuals can aid veterans in the preparation, presentation, and 
prosecution of claims under the laws administered by VA are provided 
read-only access.
    Access to BDN data telecommunications network is by authorization 
controlled by the site security officer who is responsible for 
authorizing access to the BDN by a claimant's representative or 
attorney approved for access in accordance with VA regulations. The 
site security officer is responsible for ensuring that the hardware, 
software and security practices of a representative or attorney satisfy 
VA security requirements before granting access. The security 
requirements applicable to access to automated claims files by VA 
employees also apply to access to automated claims files by claimants' 
representatives or attorneys. The security officer is assigned 
responsibility for privacy-security measures, especially for review of 
violation logs, information logs and control of password distribution, 
including password distribution for claimants' representatives.
    Access to the computer room where the basic file is maintained 
within the DPC is further restricted to authorized VA employees and 
vendor personnel on a ``need to know'' basis and is protected from 
unauthorized access by an alarm system, the Federal Protective Service, 
and VA security personnel. As to access to Target terminals, see 
Safeguards, Compensation, Pension, Education, and Rehabilitation 
Records--58VA21/22. Authorized terminals with access to the VBA 
Benefits Delivery Network are located only at VA regional officers, VA 
medical facilities, VA Central Office, VBA Debt Management Center, 
National Cemetery System facilities, Railroad Retirement Board through 
the Chicago Regional Office, the National Personnel Records Center, the 
U.S. Army Reserve Components Personnel and Administration Center at St. 
Louis, MO, and at remote sites nationwide. The adjunct file is 
accessible for official use only by personnel assigned to Systems 
Development Service (20M4), VA Central Office, Washington, DC, and the 
Administrative Division at VA Records Processing Center, St. Louis, MO.
* * * * *
    Director, VBA Systems Development Service (20M4), VA Central 
Office, 810 Vermont Ave., NW., Washington, DC 20420.
* * * * *
[FR Doc. 95-14982 Filed 6-16-95; 8:45 am]
BILLING CODE 8320-01-M