[Federal Register Volume 65, Number 240 (Wednesday, December 13, 2000)]
[Notices]
[Pages 77953-77956]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 00-31655]


=======================================================================
-----------------------------------------------------------------------

SOCIAL SECURITY ADMINISTRATION


Privacy Act of 1974; Report of New System of Records and Routine 
Uses

AGENCY: Social Security Administration.

ACTION: New system of records and routine uses.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act, 5 U.S.C. 552a(e)(4) and 
(e)(11), we are issuing public notice of our intent to establish a new 
system of records. The proposed system of records is entitled Records 
of Individuals Authorized Entry into Secured Areas by Digital Lock 
Systems, Electronic Key Card Systems or Other Electronic Access 
Devices, SSA/RO 60-0270. The proposed system will maintain records on 
individuals authorized to enter secured areas in SSA regional offices, 
field offices, teleservice centers, program service centers, hearing 
offices and satellite facilities. We invite public

[[Page 77954]]

comments on the proposed system and the routine uses.

DATES: We filed a report of the proposed system with the Chairman, 
Committee on Government Reform and Oversight, House of Representatives, 
the Chairman, Committee on Governmental Affairs, United States Senate, 
and the Director, Office of Information and Regulatory Affairs, Office 
of Management and Budget on December 4, 2000. We have requested OMB to 
waive the 40-day advance notice period. If OMB does not waive the 40-
day advance period, we will not implement the proposed system until 
January 15, 2001, unless we receive comments on or before that date 
that would result in a contrary determination.

ADDRESSES: Interested individuals may comment on this publication by 
writing to the SSA Privacy Officer, Social Security Administration, 3-
A-6 Operations Building, 6401 Security Boulevard, Baltimore, Maryland 
21235. All comments received will be available at the above address for 
public inspection and photocopying between 8 a.m. and 4:30 p.m., Monday 
through Friday.

FOR FURTHER INFORMATION CONTACT: Ms. Cetta Ruzicka, Social Insurance 
Policy Specialist, Office of Disclosure Policy, Social Security 
Administration, 3-A-6 Operations Building, 6401 Security Boulevard, 
Baltimore, Maryland 21235, Telephone (410) 965-1743.

SUPPLEMENTARY INFORMATION:

I. Purpose of the Proposed System

    SSA is responsible for ensuring the safety of personnel and for 
safeguarding government records and property in its facilities. Through 
the use of digital lock systems, electronic key card systems or other 
electronic access devices, SSA is able to monitor and control the 
access to its facilities. The digital lock systems, electronic key card 
systems and other electronic access devices have the capacity to 
maintain entry and exit data, such as the name and/or personal 
identification number (PIN) of the individual entering the secured 
area, the location of the secured area, the date of the entry and the 
time of the entry and exit. Data in the system is used for security 
purposes and may be used in a disciplinary action.

II. Collection and Maintenance of Data in the Proposed System

    SSA security personnel will assign a PIN to each individual who is 
authorized to enter secured areas. For electronic key card systems, the 
name of the individual and assigned PIN will be encoded on the key 
card. Security personnel will maintain a computer file of the name of 
the individual and the assigned PIN.
    To enter secured areas, an individual manually enters his or her 
PIN into the digital or electronic access device, or in the case of an 
electronic key card system, the individual uses his or her key card to 
facilitate entry. These systems maintain a record of the name and/or 
PIN of the individual, the entry point, the date of the entry and the 
time of the entry. Some digital lock systems and electronic lock system 
are connected to computer systems that maintain the information in 
computer files. Information will be retrieved by individuals' names 
and/or PINs.
    Only authorized SSA personnel will download and print information 
from computer files, digital lock systems, electronic key card systems 
or other electronic access devices. The information will be maintained 
in file folders and disclosed to Agency personnel on a need-to-know 
basis or to other individuals or entities consistent with the routine 
uses below.

III. Proposed Routine Uses of Information in the System

    We are proposing to establish routine uses of information that will 
be maintained in the system as discussed below.
    1. To disclose pertinent information to the appropriate Federal, 
state or local agency responsible for investigating, prosecuting, 
enforcing or implementing a statute, rule or regulation, or order when 
the Agency becomes aware of an indication of a violation of civil or 
criminal law or regulations pertaining to this system of records.
    We contemplate disclosing information under this routine use to law 
enforcement entities that are responsible for investigating alleged 
violations of civil or criminal statutes or alleged violations of 
Standards of Conduct governing Federal employees.
    2. To a congressional office in response to an inquiry from that 
office made at the request of the subject of the record.
    We contemplate disclosing information under this routine use only 
in situations in which an individual may ask his or her congressional 
representative to intercede in an SSA matter on his or her behalf. 
Information will be disclosed when the congressional representative 
makes an inquiry and presents evidence that he or she is acting on 
behalf of the individual whose record is requested.
    3. To the Department of Justice (DOJ), a court or other tribunal 
(including an adjudicative or administrative body, or other third-party 
before such tribunal when:
    (a) SSA, or any component thereof; or
    (b) Any SSA employee in his/her official capacity; or
    (c) Any SSA employee in his/her individual capacity where DOJ (or 
SSA where it is authorized to do so) has agreed to represent the 
employee; or
    (d) The United States or any agency thereof where SSA determines 
that the litigation is likely to affect the operations of SSA or any of 
its components is a party to litigation or has an interest in such 
litigation; and SSA determines that the use of such records by DOJ, the 
court or other tribunal is relevant and necessary to the litigation.
    We contemplate disclosing information under this routine use, as 
necessary, to enable the Department of Justice to effectively defend 
SSA, its components or employees. We contemplate disclosing information 
under this routine use when SSA has an interest in litigation involving 
the proposed systems of records and/or the records contained therein.
    4. Nontax return information which is not restricted from 
disclosure by federal law may be disclosed to the General Services 
Administration (GSA) and the National Archives and Records 
Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by NARA 
Act of 1984, for the use of those agencies in conducting records 
management studies.
    The Administrator of GSA and the Archivist of NARA are charged by 
44 U.S.C. 2904 with promulgating standards, procedures and guidelines 
regarding records management and conducting records management studies. 
Section 2906 of that law, also amended by the NARA Act of 1984, 
provides that GSA and NARA are to have access to federal agencies' 
records and that agencies are to cooperate with GSA and NARA. In 
carrying out these responsibilities, it may be necessary for GSA and 
NARA to have access to this proposed system of records. In such 
instances, the routine use will facilitate disclosure.

IV. Compatibility of Proposed Routine Use

    The Privacy Act (5 U.S.C. 552a(b)(3)) and our disclosure 
regulations (20 CFR Part 401) permit us to disclose information under a 
published routine use for a purpose which is compatible with the 
purpose for which we collected the information. Section 401.150(c) of 
the regulations permits us to disclose information under a routine use 
where necessary to assist in carrying out SSA

[[Page 77955]]

programs. Section 401.120 of the regulations provides that we will 
disclose information when a law specifically requires the disclosure. 
The proposed routine uses numbered 1-3 above will ensure efficient 
administration of Social Security programs; the disclosures that would 
be made under routine use number 4 is required by Federal law. Thus, 
all of the routine uses are appropriate and meet the relevant statutory 
and regulatory criteria.

V. Records Storage Medium and Safeguards

    We will maintain information in digital lock systems, electronic 
key card systems, or other electronic access devices, computer memory 
(including floppy diskettes) and paper form. Only SSA security 
personnel who have a need for the information in the performance of 
their official duties will be permitted to retrieve information.

VI. Effect of the System on Individuals

    The proposed system will maintain information that could lead to 
administrative, civil or criminal action. This action would occur only 
after an investigation. Individuals will be afforded all appropriate 
due process and appeal rights. Thus, we do not anticipate that the 
proposed system will have any unwarranted adverse effect on the privacy 
of individuals.

    Dated: December 4, 2000.
Kenneth S. Apfel,
Commissioner of Social Security.

Social Security Administration Notice of System of Records Required 
by the Privacy Act of 1974

    System number: SSA, RO-60-0270.
    System name: Records of Individuals Authorized Entry into Secured 
Areas by Digital Lock Systems, Electronic Key Card Systems or Other 
Electronic Access Devices, SSA.
    Security classification: None.
    System Location: Social Security Administration, Offices of the 
Regional Commissioners.
    Categories of individuals covered by the system: Those individuals 
who are authorized entry into secured areas in regional offices, field 
offices, teleservice centers, program service centers, hearings offices 
and satellite facilities.
    Categories of records in the system: This system of records 
contains the name and/or personal identifying number(s) for each 
individual who is authorized to enter secured areas in regional 
offices, field offices, teleservice centers, program service centers, 
hearing offices and satellite facilities. The system also contains the 
entry point, the date of entry and the time of entry.

    Authority for maintenance of the system: 42 U.S.C. 902 and 1302; 
5 U.S.C. 552a(e)(10); 41 CFR 101-20.302.

    Purpose(s): The principal purpose is to maintain a record of 
individuals who entered secured areas in the Social Security 
Administration's facilities and to ensure the security of personnel and 
property. The system of record may also be used in a disciplinary 
action.
    Routine uses of records maintained by the system, including 
categories of users and the purposes of such uses: Disclosure may be 
made for routine uses as indicated below:
    1. To disclose pertinent information to the appropriate Federal, 
state or local agency responsible for investigating, prosecuting, 
enforcing or implementing a statute, rule or regulation, or order when 
the Agency becomes aware of an indication of a violation of civil or 
criminal law or regulations pertaining to this system of records.
    2. To a congressional office in response to an inquiry from that 
office made at the request of the subject of the record.
    3. To the Department of Justice (DOJ), a court or other tribunal, 
(including an adjudicative or administrative body) or other third-party 
before such tribunal when:
    (a) SSA, or any component thereof; or
    (b) Any SSA employee in his/her official capacity; or
    (c) Any SSA employee in his/her individual capacity where DOJ (or 
SSA where it is authorized to do so) has agreed to represent the 
employee; or
    (d) The United States or any agency thereof where SSA determines 
that the litigation is likely to affect the operations of SSA or any of 
its components is a party to litigation or has an interest in such 
litigation: and SSA determines that the use of such records by DOJ, the 
court or other tribunal is relevant and necessary to the litigation.
    4. Nontax return information which is not restricted from 
disclosure by federal law may be disclosed to the General Services 
(GSA) and the National Archives and Records Administration (NARA) under 
44 U.S.C. 2904 and 2906, as amended by NARA Act of 1984, for the use of 
those agencies in conducting records management studies.

Policies and Practices for Storing, Retrieving, Accessing, Retaining 
and Disposing of Records in the System

    Storage: Records in this system are stored in the digital lock 
systems, electronic key card systems, other electronic access devices, 
computer memory (including floppy diskettes) and paper form.
    Retrievability: Records in this system may be retrieved by name of 
the individual, by assigned personal identifying number(s), by date, by 
time period, and by entry point.
    Safeguards: Only authorized SSA personnel have access to this 
system of records. Employees who are authorized to retrieve records 
will be assigned a personal identification number (PIN) and passwords. 
The information will be processed in a manner that will protect 
confidentiality and in such a way that unauthorized individuals cannot 
retrieve it by means of computer, remote terminal or other means. The 
paper records that result from the digital lock or other electronic 
access systems are kept in locked cabinets or in otherwise secure 
areas. All SSA employees, including contractor personnel, having access 
to data in the system of records are required to adhere to SSA rules 
concerning safeguards, access, and use of the data. They also are 
informed of the criminal penalties of the Privacy Act for unauthorized 
access to or disclosure of information maintained in this system of 
records.
    Retention and disposal: SSA retains records in this system up to 3 
years following the expiration of an individual's authority to enter 
into secured areas. SSA destroys a paper record by shredding and a non-
paper record by deleting-wiping it from the digital, magnetic and/or 
computer memory.
    System manager(s) and address: The systems manager will be the 
Regional Security Officer (or his/her designee) in those Regions where 
SSA purchases digital lock systems, electronic key card systems or 
other electronic access devices.
    Region I--Boston: Social Security Administration, Regional Security 
Officer, Room 1975, JFK Federal Building, Boston, Massachusetts 02203-
1101, Telephone: (617) 565-2852.
    Region II--New York: Social Security Administration, Regional 
Security Officer, 26 Federal Plaza, Room 4011, New York, New York 
10278, Telephone: (212) 264-1716.
    Region III--Philadelphia: Social Security Administration, P.O. Box 
8788, Philadelphia, Pennsylvania 19101, Telephone: (215) 597-8531.
    Region IV--Atlanta: Social Security Administration, Atlanta 
Regional Security Office, Security and Integrity Team, P.O. Box 10085, 
Birmingham, Alabama 35202, Telephone: (205) 801-1300.

[[Page 77956]]

    Region V--Chicago: Social Security Administration, Center for 
Material Resources, Security and Integrity Section, Box 87479, Chicago, 
Illinois 60680, Telephone: (312) 353-1224.
    Region VI--Dallas: Social Security Administration, MB-1 Room 1400, 
Management and Budget, ATTN: RSO, 1200 Main Tower Building, Suite M110 
Dallas, Texas 75202-4324, Telephone: (214) 767-4331.
    Region VII--Kansas City: Social Security Administration, MAMPSC, 
SIS, 601 East Twelfth Street, P.O. Box 15625, Kansas City, Missouri 
64106, Telephone: (816) 426-3095.
    Region VIII--Denver: Social Security Administration /M&B/BFS, Attn: 
Regional Security Office, 1961 Stout Street, Room 325, Denver, Colorado 
80294-3538, Telephone: (303) 844-3347.
    Region IX--San Francisco: Social Security Administration, FHFB, 
Field Facilities Team, P.O. Box 4205, Richmond, California 98402, 
Telephone: (510) 970-8340.
    Region X--Seattle: Social Security Administration, Security and 
Integrity Team, Suite 2900, M/S-291B, 701 Fifth Avenue, Seattle, 
Washington 98104-7006, Telephone: (206) 615-2150.
    Notification procedure: An individual may determine if this system 
contains a record about him or her by writing to the systems manager. 
When requesting notification, the individual should provide his or her 
name and/or personal identifying number(s) and refer to this system.
    Record access procedures: Same as notification procedures. 
Requestors should also reasonably specify the contents of the record 
being sought.
    Contesting record procedures: Same as notification procedures. 
Requestors should also reasonably: identify the particular record; 
specify whether he/she is seeking an addition to or a deletion or 
substitution of the record; and state his/her reason(s) for requesting 
corrective action or amendment to the record (e.g., why it is not 
accurate, timely, complete, relevant or necessary).
    Record source categories: SSA obtains information in this system 
from the individuals who are covered by the system or the security 
personnel.
    Systems exempted from certain provisions of the Privacy Act: None.

[FR Doc. 00-31655 Filed 12-12-00; 8:45 am]
BILLING CODE 4190-11-P