[Federal Register Volume 67, Number 187 (Thursday, September 26, 2002)]
[Notices]
[Pages 60742-60794]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 02-23965]
[[Page 60741]]
-----------------------------------------------------------------------
Part III
Department of Health and Human Services
-----------------------------------------------------------------------
National Institutes of Health
-----------------------------------------------------------------------
Privacy Act of 1974; Annual Publication of Systems of Records; Notice
��Federal Register / Vol. 67, No. 187 / Thursday, September 26, 2002 /
Notices��
[[Page 60742]]
-----------------------------------------------------------------------
DEPARTMENT OF HEALTH AND HUMAN SERVICES
National Institutes of Health
Privacy Act of 1974; Annual Publication of Systems of Records
AGENCY: National Institutes of Health, HHS.
ACTION: Privacy Act: Annual Re-publication of Notices of Revised
Systems of Records.
-----------------------------------------------------------------------
SUMMARY: The National Institutes of Health (NIH) has conducted a
comprehensive review of all Privacy Act systems of records and is
publishing the resulting revisions. None of the revisions meet the OMB
criteria for a new or altered system of records requiring an advance
period for public comment. These changes are in compliance with
Circular A-130, Appendix 1. The notices re-published below are complete
and accurate as of August 31, 2002
SUPPLEMENTARY INFORMATION: The following information summarizes the
current status of systems of records which had minor modifications
during 1998 and lists all systems maintained by NIH:
A. System Name
The following systems have been updated to reflect a change in the
name of the system.
09-25-0005, Administration: Library Operations and User I.D. File, HHS/
NIH/OD
09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/
NIH/CC
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC
(Grant/Contract/Cooperative Agreement/Chartered Advisory Committee
Information), HHS/NIH/OER and HHS/NIH/CMO
09-25-0054, Administration: Property Accounting, HHS/NIH/ORS
09-25-0140, International Activities: International Scientific
Researchers in Intramural Laboratories at the National Institutes of
Health, HHS/NIH/FIC
09-25-0158, Administration: Records of Applicants and Awardees of the
NIH Intramural Research Training Awards Program, HHS/NIH/OD
09-25-0168, Invention, Patent, and Licensing Documents Submitted to the
Public Health Service by its Employees, Grantees, Fellowship
Recipients, and Contractors, HHS/PHS/FDA/NIH/OTT
09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the
National Institutes of Health (NIH), HHS/NIH/OD
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
09-25-0213, Administration: Employee Conduct Investigative Records,
HHS/NIH/OM/OA/OMA
B. Security Classification
None.
C. System Location
The following systems have been updated to reflect a change in the
system location or location address. These changes do not affect the
access by the individual to the individual's records.
09-25-0005, Administration: Library Operations and User I.D. File, HHS/
NIH/OD
09-25-0007, Administration: NIH Safety Glasses Issuance Program, HHS/
NIH/ORS
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0033, International Activities: Fellowships Awarded by Foreign
Organizations, HHS/NIH/FIC
09-25-0034, International Activities: Scholars-in-Residence Program,
HHS/NIH/FIC
09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC
(Grant/Contract/Cooperative Agreement/Chartered Advisory Committee
Information), HHS/NIH/OER and HHS/NIH/CMO
09-25-0041, Research Resources: Scientists Requesting Hormone
Distribution, HHS/NIH/NIDDK
09-25-0054, Administration: Property Accounting, HHS/NIH/ORS
09-25-0078, Administration: Consultant File, HHS/NIH/NHLBI
09-25-0087, Administration: Senior Staff, HHS/NIH/NIAID
09-25-0099, Clinical Research: Patient Medical Records, HHS/NIH/CC
09-25-0105, Administration: Health Records of Employees, Visiting
Scientists, Fellows, and Others Who Receive Medical Care Through the
Employee Health Unit, HHS/NIH/ORS
09-25-0106, Administration: Office of the NIH Director and Institute/
Center Correspondence Records, HHS/NIH/OD
09-25-0108, Personnel: Guest Researchers, Special Volunteers, and
Scientists Emeriti, HHS/NIH/OHRM
09-25-0115, Administration: Curricula Vitae of Consultants and Clinical
Investigators, HHS/NIH/NIAID
09-25-0140, International Activities: International Scientific
Researchers in Intramural Laboratories at the National Institutes of
Health, HHS/NIH/FIC
09-25-0168, Invention, Patent, and Licensing Documents Submitted to the
Public Health Service by its Employees, Grantees, Fellowship
Recipients, and Contractors, HHS/PHS/FDA/NIH/OTT
09-25-0169, Medical Staff-Credentials Files, HHS/NIH/CC
09-25-0203, National Institute on Drug Abuse, Intramural Research
Program, Federal Prisoner and Non-Prisoner Research Files, HHS/NIH/NIDA
09-25-0210, Shipment Records of Drugs of Abuse to Authorized
Researchers, HHS/NIH/NIDA
D. Categories of Individuals Covered by the System
The following systems have been updated to reflect a change in the
categories of individuals covered by the system.
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the
National Institutes of Health, (NIH), HHS/NIH/OD
09-25-0207, Subject-Participants in Pharmacokinetic Studies on Drugs of
Abuse and on Treatment Medications, HHS/NIH/NIDA
09-25-0208, Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
E. Categories of Records in the System
The following systems have been updated to reflect a change in the
categories of records in the system.
09-25-0011, Clinical Research: Blood Donor Records, HHS/NIH/CC
09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK
F. Legal Authority for Maintenance of the System
None of the systems have been updated to reflect a change in the
legal authority for the maintenance of the system.
G. Purpose
The following systems have been updated to reflect a change in the
purpose of the system.
09-25-0041, Research Resources: Scientists Requesting Hormone
Distribution, HHS/NIH/NIDDK
[[Page 60743]]
09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK
09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the
National Institutes of Health (NIH), HHS/NIH/OD
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
H. Routine Uses of Records
The following systems have been updated to reflect a change in the
routine uses of the system.
09-25-0005, Administration: Library Operations and User I.D. File, HHS/
NIH/OD
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0099, Clinical Research: Patient Medical Records, HHS/NIH/CC
09-25-0158, Administration: Records of Applicants and Awardees of the
NIH Intramural Research Training Awards Program, HHS/NIH/OD
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
I. Storage
The following systems have been updated to reflect a change in the
storage of the system.
09-25-0005, Administration: Library Operations and User I.D. File, HHS/
NIH/OD
09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/
NIH/CC
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC
(Grant/Contract/Cooperative Agreement/Chartered Advisory Committee
Information), HHS/NIH/OER and HHS/NIH/CMO
09-25-0108, Personnel: Guest Researchers, Special Volunteers, and
Scientists Emeriti, HHS/NIH/OHRM
09-25-0158, Administration: Records of Applicants and Awardees of the
NIH Intramural Research Training Awards Program, HHS/NIH/OD
09-25-0169, Medical Staff-Credentials Files, HHS/NIH/CC
09-25-0202, Patient Records on PHS Beneficiaries (1935-1974) and
Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals
in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA
J. Retrieval
The following system has been updated to reflect a change in the
retrieval of the system.
09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK
K. Safeguards
The following systems have been updated to reflect a change in the
safeguards of the system.
09-25-0005, Administration: Library Operations and User I.D. File, HHS/
NIH/OD
09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/
NIH/CC
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC
(Grant/Contract/Cooperative Agreement/Chartered Advisory Committee
Information), HHS/NIH/OER and HHS/NIH/CMO
09-25-0106, Administration: Office of the NIH Director and Institute/
Center Correspondence Records, HHS/NIH/OD
09-25-0115, Administration: Curricula Vitae of Consultants and Clinical
Investigators, HHS/NIH/NIAID
09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK
09-25-0202, Patient Records on PHS Beneficiaries (1935-1974) and
Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals
in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
09-25-0210, Shipment Records of Drugs of Abuse to Authorized
Researchers, HHS/NIH/NIDA
L. Retention and Disposal
The following systems have been updated to reflect a change in the
retention and disposal of the system.
09-25-0207, Subject-Participants in Pharmacokinetic Studies on Drugs of
Abuse and on Treatment Medications, HHS/NIH/NIDA
09-25-0208, Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
M. System Manager(s) and Address
The following systems have been updated to reflect a change in the
name and/or address of the system manager(s).
09-25-0005, Administration: Library Operations and User I.D. File, HHS/
NIH/OD
09-25-0007, Administration: NIH Safety Glasses Issuance Program, HHS/
NIH/ORS
09-25-0011, Clinical Research: Blood Donor Records, HHS/NIH/CC
09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/
NIH/CC
09-25-0014, Clinical Research: Student Records, HHS/NIH/CC
09-25-0033, International Activities: Fellowships Awarded by Foreign
Organizations, HHS/NIH/FIC
09-25-0034, International Activities: Scholars-in-Residence Program,
HHS/NIH/FIC
09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC
(Grant/Contract/Cooperative Agreement/Chartered Advisory Committee
Information), HHS/NIH/OER and HHS/NIH/CMO
09-25-0041, Research Resources: Scientists Requesting Hormone
Distribution, HHS/NIH/NIDDK
09-25-0054, Administration: Property Accounting, HHS/NIH/ORS
09-25-0078, Administration: Consultant File, HHS/NIH/NHLBI
09-25-0087, Administration: Senior Staff, HHS/NIH/NIAID
09-25-0099, Clinical Research: Patient Medical Records, HHS/NIH/CC
09-25-0105, Administration: Health Records of Employees, Visiting
Scientists, Fellows, and Others Who Receive Medical Care Through the
Employee Health Unit, HHS/NIH/ORS
09-25-0106, Administration: Office of the NIH Director and Institute/
Center Correspondence Records, HHS/NIH/OD
09-25-0108, Personnel: Guest Researchers, Special Volunteers, and
Scientists Emeriti, HHS/NIH/OHRM
09-25-0115, Administration: Curricula Vitae of Consultants and Clinical
Investigators, HHS/NIH/NIAID
09-25-0118, Contracts: Professional Services Contractors, HHS/NIH/NCI
09-25-0121, International Activities: Senior International Fellowships
Program, HHS/NIH/FIC
09-25-0124, Administration: Pharmacology Research Associates, HHS/NIH/
NIGMS
09-25-0140, International Activities: International Scientific
Researchers in Intramural Laboratories at the National Institutes of
Health, HHS/NIH/FIC
09-25-0156, Records of Participants in Programs and Respondents in
Surveys
[[Page 60744]]
Used to Evaluate Programs of the Public Health Service, HHS/PHS/NIH/OD
09-25-0158, Administration: Records of Applicants and Awardees of the
NIH Intramural Research Training Awards Program, HHS/NIH/OD
09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK
09-25-0166, Administration: Radiation and Occupational Safety and
Health Management Information Systems, HHS/NIH/ORS
09-25-0167, National Institutes of Health (NIH) TRANSHARE Program, HHS/
NIH/OD
09-25-0168, Invention, Patent, and Licensing Documents Submitted to the
Public Health Service by its Employees, Grantees, Fellowship
Recipients, and Contractors, HHS/PHS/FDA/NIH/OTT
09-25-0169, Medical Staff-Credentials Files, HHS/NIH/CC
09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the
National Institutes of Health (NIH), HHS/NIH/OD
09-25-0202, Patient Records on PHS Beneficiaries (1935-1974) and
Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals
in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA
09-25-0203, National Institute on Drug Abuse, Intramural Research
Program, Federal Prisoner and Non-Prisoner Research Files, HHS/NIH/NIDA
09-25-0207, Subject-Participants in Pharmacokinetic Studies on Drugs of
Abuse and on Treatment Medications, HHS/NIH/NIDA
09-25-0208, Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA
09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting New Drug Applications, HHS/NIH/
NIDA
09-25-0210, Shipment Records of Drugs of Abuse to Authorized
Researchers, HHS/NIH/NIDA
09-25-0211, Intramural Research Program Records of In- and Out-Patients
with Various Types of Alcohol Abuse and Dependence, Relatives of
Patients with Alcoholism, and Healthy Volunteers, HHS/NIH/NIAAA
09-25-0213, Administration: Employee Conduct Investigative Records,
HHS/NIH/OM/OA/OMA
09-25-0216, Administration: NIH Electronic Directory, HHS/NIH
N. Notification Procedure
The following systems have been updated to reflect a change in the
notification procedure of the system.
09-25-0041, Research Resources: Scientists Requesting Hormone
Distribution, HHS/NIH/NIDDK
09-25-0078, Administration: Consultant File, HHS/NIH/NHLBI
09-25-0115, Administration: Curricula Vitae of Consultants and Clinical
Investigators, HHS/NIH/NIAID
09-25-0156, Records of Participants in Programs and Respondents in
Surveys Used to Evaluate Programs of the Public Health Service, HHS/
PHS/NIH/OD
09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the
National Institutes of Health (NIH), HHS/NIH/OD
O. Record Access Procedure
The following system has been updated to reflect a change in the
record access procedure of the system.
09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/
NIH/CC
P. Contesting Record Procedure
None.
Q. Record Source Categories
The following systems have been updated to reflect a change in the
record source categories of the system.
09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/
NIH/CC
09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK
R. Systems Exempted From Certain Provisions of the Act
None.
S. No Changes
None.
T. Edits
None.
U. Published Prior to Update
System 09-25-0165, ``NIH Office of Loan Repayment and Scholarship
(OLRS) Records System, HHS/NIH/OD''was previously altered and updated.
It was published in the Federal Register on February 8, 2002.
V. Deleted Systems of Records
The following systems have been deleted.
09-25-0093, Administration: Authors, Reviewers, Editorial Board, and
Members of the Journal of the National Cancer Institute, HHS/NIH/NCI
09-25-0112, Grants and Cooperative Agreements: Research, Research
Training, Fellowship and Construction Applications and Related Awards,
HHS/NIH/OD
09-25-0161, Administration: NIH Consultant File, HHS/NIH/CSR
Dated: September 13, 2002.
Timothy J. Wheeles,
Director, Division of Management Support, OMA/OA/OM/OD/NIH.
09-25-0005
SYSTEM NAME:
Administration: Library Operations and NIH Library User I.D. File,
HHS/NIH.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
This system of records is an umbrella system comprising separate
sets of records located in National Institutes of Health (NIH)
facilities in Bethesda, Maryland, or facilities of contractors of the
NIH. Write to the appropriate System Manager listed below for list of
current contractor locations.
Clinical Center (CC), Building 10, Room 1L07, 10 Center Drive,
Bethesda, MD 20892.
National Library of Medicine (NLM), Building 38, Room 1S33, 8600
Rockville Pike, Bethesda, MD 20894.
National Library of Medicine (NLM), Building 38, Room 1N21, 8600
Rockville Pike, Bethesda, MD 20894.
National Library of Medicine (NLM), Building 38, Room B1E21, 8600
Rockville Pike, Bethesda, MD 20894.
National Technical Information Service (NTIS), Accounting
Department, 8001 Forbes Place, Room 208F, Springfield, VA 22151.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Users of library services.
CATEGORIES OF RECORDS IN THE SYSTEM:
Name, organization, address, phone number, photographs, issue date,
email address, signature, user code and identification number; and when
applicable, credit card number and billing information.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Section 301 of the Public Health Service Act, describing the
general powers and duties of the Public Health Service relating to
research and investigation (42 U.S.C. 241).
PURPOSE(S):
1. To monitor library material, services, and circulation control.
2. To provide user documentation.
3. To provide copying services (duplication of library materials).
4. To manage invoice and billing transactions for library services.
[[Page 60745]]
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
Disclosure may be made to a congressional office from the record of
an individual in response to an inquiry from the congressional office
made at the request of that individual.
The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has an
interest in such litigation, and HHS determines that the use of such
records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
Disclosure may be made to contractors and staff to monitor library
material, services, circulation control; to provide user documentation;
and to process or refine the records. Recipients are required to
maintain Privacy Act safeguards with respect to those records.
Disclosure may be made for billing purposes to: (a) contractors
providing copying services and (b) NTIS for document delivery services.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored on computer tape and disk, paper and file cards.
RETRIEVABILITY:
Records are retrieved by name, user code and/or identification
number.
SAFEGUARDS:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to Library staff members
who need to verify that Library identification cards have been issued
to those Library users requesting services such as reference and
interlibrary loans. Other one-time and special access by other
employees is granted on a need-to-know basis as specifically authorized
by the system manager. The contractor maintains a list of personnel
having authority to access records to perform their duties.
2. Physical Safeguards: The offices housing the cabinets and file
drawers for storage of records are locked during all library off-duty
hours. During all duty hours offices are attended by employees who
maintain the files. The contractor has secured records storage areas
which are not left unattended during the working hours and file
cabinets which are locked after hours.
3. Procedural Safeguards: Access to the file is strictly controlled
by employees who maintain the files. Records may be removed from files
only at the request of the system manager or other authorized
employees. Access to computerized records is controlled by the use of
security codes known only to authorized users. Contractor personnel
receive instruction concerning the significance of safeguards under the
Privacy Act.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 8000-D-2, which allows records to be kept until
superseded or for a maximum period of six years. Refer to the NIH
Manual Chapter for specific conditions on disposal.
SYSTEM MANAGER(S) AND ADDRESS:
Management Analyst, Office of Administration, National Library of
Medicine (NLM), Building 38A, Room B2N12, 8600 Rockville Pike,
Bethesda, MD 20894.
Chief, Reference and Bibliographic Services Section, Library
Branch, Office of Research Services, Office of the Director (OD),
Building 10, Room 1L21, 10 Center Drive, Bethesda, MD 20892.
Head, Quality Assurance Unit, Preservation and Collection
Management Section, Public Services Division, Library Operations,
National Library of Medicine (NLM), Building 38, Room B1E21, 8600
Rockville Pike, Bethesda, MD 20894.
Chief, Public Services Division, Library Operations, National
Library of Medicine (NLM), Building 38, Room 1S33, 8600 Rockville Pike,
Bethesda, MD 20894.
Librarian, History of Medicine Division, National Library of
Medicine (NLM), Building 38, Room 1N21, 8600 Rockville Pike, Bethesda,
MD 20894.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
an accounting of disclosures that have been made of their records, if
any.
CONTESTING RECORD PROCEDURE:
Write to the official at the address specified under Notification
Procedures above, and reasonably identify the record and specify the
information to be contested, the corrective action sought, and the
reasons for the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely, or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Individual, NIH Library ID card data.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0007
SYSTEM NAME:
Administration: NIH Safety Glasses Issuance Program, HHS/NIH/ORS.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Health Unit, Occupational Medical Service, Division of Safety,
Office of Research Services (ORS), Building 13, Room G904, 13 South
Drive, Bethesda, MD 20892.
Write to the System Manager at the address below for the address of
any Federal Records Center where records from this system may be
stored.
[[Page 60746]]
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
NIH employees who apply for safety glasses.
CATEGORIES OF RECORDS IN THE SYSTEM:
Explanation of eye impact and hazard occupation.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5. U.S.C. 7902.
PURPOSE(S):
Records are used for proper distribution of safety glasses and for
proof of delivery.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
Disclosure may be made to a congressional office from the record of
an individual in response to an inquiry from the congressional office
made at the request of that individual.
The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical and
procedural safeguards such as the following:
1. Authorized Users: Access is limited to personnel involved in
safety glasses issuance program, to supervisors of employees who have
requested glasses, and to personnel involved in accounting.
2. Physical Safeguards: Record storage locations are locked when
unattended.
3. Procedural Safeguards: Access to file rooms and files is
controlled by system manager or designee.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1300-B-3, which allows records to be kept for a
maximum period of five years. Refer to the NIH Manual Chapter for
specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Deputy Director, Division of Safety, Office of Research Services
(ORS), Building 31, Room 1C02, 31 Center Drive, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official at the address specified under Notification
Procedures above, and reasonably identify the record and specify the
information to be contested, the corrective action sought, and the
reasons for the correction, with supporting information to how the
record is inaccurate, incomplete, untimely or irrelevant. The right to
contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Previous employer and education institutions.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0011
SYSTEM NAME:
Clinical Research: Blood Donor Records, HHS/NIH/CC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Transfusion Medicine Department, Clinical Center (CC), Building 10,
Room 1C711, 10 Center Drive, Bethesda, MD 20892-1184.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Donors of blood and blood components to be used in the NIH Clinical
Center for patient infusions.
CATEGORIES OF RECORDS IN THE SYSTEM:
Past donations, blood types, phenotypes. Laboratory results of
infectious disease testing, serologic reactions on all blood samples,
donations of blood or blood components.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
``Preparation of Biological Products'' of the Public Health Service
Act (42 U.S.C. 263).
PURPOSE(S):
1. To provide a means for contacting blood donors for patient care
and research.
2. To provide a medical history of all donors for the transfusion
records of each blood unit.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to HHS contractors and their staff in
order to accomplish the purposes for which the records are collected.
The recipients are required to comply with the requirements of the
Privacy Act with respect to such records.
2. Certain diseases and conditions, including infectious diseases,
may be reported to State or Federal government as required by State or
Federal law.
3. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
4. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any employee of the
Department in his or her official capacity; (b) the United States where
the Department determines
[[Page 60747]]
that the claim, if successful, is likely to directly affect the
operations of the Department or any of its components; or (c) any
Department employee in his or her individual capacity where the Justice
Department has agreed to represent such employee, for example in
defending against a claim based upon an individual's mental or physical
condition and alleged to have arisen because of activities of the
Public Health Service in connection with such individual, the
Department may disclose such records as it deems desirable or necessary
to the Department of Justice or other appropriate Federal agency to
enable that agency to present an effective defense, provided that such
disclosure is compatible with the purpose for which the records were
collected.
5. (a) PHS may inform the sexual and/or needle-sharing partner(s)
of a subject individual who is infected with the human immunodeficiency
virus (HIV) of their exposure to HIV, under the following
circumstances: (1) The information has been obtained in the course of
clinical activities at PHS facilities carried out by PHS personnel or
contractors; (2) The PHS employee or contractor has made reasonable
efforts to counsel and encourage the subject individual to provide the
information to the individual's sexual or needle-sharing partner(s);
(3) The PHS employee or contractor determines that the subject
individual is unlikely to provide the information to the sexual or
needle-sharing partner(s) or that the provision of such information
cannot reasonably be verified; and (4) The notification of the
partner(s) is made, whenever possible, by the subject individual's
physician or by a professional counselor and shall follow standard
counseling practices.
(b) PHS may disclose information to State or local public health
departments, to assist in the notification of the subject individual's
sexual and/or needle-sharing partner(s), or in the verification that
the subject individual has notified such sexual or needle-sharing
partner(s).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in a computer file, on donor cards, and on
microfilm.
RETRIEVABILITY:
Records are retrieved by a unique control number assigned to each
individual donor.
SAFEGUARDS:
Access is granted only to authorized employees in the Department of
Transfusion Medicine including physicians, nurses, technologists,
computer operators, and the department's administrative officer.
1. Authorized Users: Access is granted only to authorized employees
of the Department of Transfusion Medicine including physicians, nurses
technologists, computer operators and the secretary to the Chief.
2. Physical Safeguards: Record facilities are locked when system
personnel are not present.
3. Procedural Safeguards: Access to manual files is limited to
authorized users. Access to computerized records is controlled by the
use of security codes known only to the authorized users.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 3000-E-50. Refer to the NIH Manual Chapter for
specific conditions on disposal.
SYSTEM MANAGER(S) AND ADDRESS:
Chief, Transfusion Medicine Department, Clinical Center (CC),
Building 10, Room 1C711, 10 Center Drive, Bethesda, MD 20892-1184.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
An individual who requests notification of or access to a medical
record shall, at the time the request is made, designate in writing, a
responsible representative, who may be a physician, who will be willing
to review the record and inform the subject individual of its contents
at the representative's discretion.
RECORD ACCESS PROCEDURE:
To obtain access to a record, contact the System Manager at the
address specified above. Requesters should provide the same information
as is required under the Notification Procedures above. Individuals may
also request listings of accountable disclosures that have been made of
their records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely, or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Data are collected from the individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0012
SYSTEM NAME:
Clinical Research: Candidate Healthy Volunteer Records, HHS/NIH/CC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Clinical Research Volunteer Program, Building 61, 10 Cloister
Court, Bethesda, MD 20892-4754.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Normally healthy individuals who volunteer to participate in NIH
studies.
CATEGORIES OF RECORDS IN THE SYSTEM:
Program application, health questionnaire and record of
participation.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241, 263.
PURPOSE(S):
1. To determine suitability for participation in the normal
volunteer program.
2. To document remuneration of normal volunteers.
3. To provide a record of participation to be used (a) in writing
letters of recommendation/reference for the volunteer, and (b)
preparing reports on the normal volunteer program.
[[Page 60748]]
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Clinical research data are made available to approved or
collaborating researchers, including HHS contractors and grantees.
2. Certain diseases and conditions, including infectious diseases,
may be reported to appropriate representatives of State or Federal
Government as required by State or Federal law.
3. Information may be used to respond to congressional inquiries
for constituents concerning admission to the NIH Clinical Center.
4. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Program applications and health questionnaires are stored in file
folders. Records of participation are stored in databases and date
files.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, procedural
safeguards such as the following:
1. Authorized Users: Access is granted only to the Healthy
Volunteer Program staff and to NIH physicians who have requested the
recruitment of volunteers for their clinical research projects.
2. Physical Safeguards: Access to the files is strictly controlled
by the files staff. Records may be removed from the file only at the
request of the system manager or other authorized employees. Record
facilities are locked when system personnel are not present.
3. Procedural Safeguards: Access to the files is strictly
controlled by the files staff. Records may be removed from the file
only at the request of the system manager or other authorized
employees.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1-``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 3000-E-61, which allows records to be kept for a
maximum period of three years after the volunteer period ends. Refer to
the NIH Manual Chapter for specific conditions on disposal.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Clinical Research Volunteer Program, Building 61,10
Cloister Court, Bethesda, MD 20892-4745.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
An individual who requests notification of or access to a medical
record shall, at the time the request is made, designate in writing, a
responsible representative, who may be a physician, who will be willing
to review the record and inform the subject individual of its contents
at the representative's discretion.
A parent or guardian who requests notification of, or access to, a
child's or incompetent person's medical record shall designate a family
physician or other health professional (other than a family member) to
whom the record, if any, will be sent. The parent or guardian must
verify relationship to the child or incompetent person as well as his
or her own identity.
RECORD ACCESS PROCEDURE:
To obtain access to a record, contact: Clinical Research Volunteer
Program, National Institutes of Health, 10 Cloister Court, Building 61,
Bethesda, MD 20892-4754 and provide the information described under
notification procedures above. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official at the address specified under notification
procedures above, and reasonably identify the record and specify the
information to be contested, the corrective action sought, and the
reasons for the correction, with supporting justification. The right to
contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Volunteer.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0014
SYSTEM NAME:
Clinical Research: Student Records, HHS/NIH/OD/OIR/OE.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Office of Education, Office of Intramural Research, Office of the
Director (OD), Building 2, Room 2E06, 2 Center Drive, Bethesda, MD
20892-1158.
Write to the System Manager at the address below for the address of
any Federal Records Center where records from this system may be
stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Potential and accepted Clinical and Research Fellows, medical
students, and other students in NIH training programs.
CATEGORIES OF RECORDS IN THE SYSTEM:
Application form, transcripts, references, evaluations.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241.
PURPOSE(S):
1. To identify candidates for clinical and research fellow,
clinical elective, and other training positions.
2. To maintain a permanent record of those individuals who have
received clinical research training at the NIH for historical and
reference uses.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Information may be used to respond to congressional inquiries
regarding constituents who have applied for training programs.
2. Information may be used to respond to hospitals and other
healthcare institutions seeking verification of training for physicians
who trained in NIH clinical programs.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders, electronic databases and disks.
RETRIEVABILITY:
Records are retrieved by name and year.
[[Page 60749]]
SAFEGUARDS:
Measures to prevent the unauthorized disclosure of information
covered under the Privacy Act are implemented for each training program
administered through the Office of Education.
1. Authorized Users: Staff in the Office of Education are
instructed to disclose information only to NIH personnel who are
involved in the evaluation and selection of candidates for intramural
training programs.
2. Physical Safeguards: Paper files and disks are stored in
cabinets in a locked room that is under constant surveillance by
security personnel. Electronic databases are accessible only with a
password on secure web sites.
3. Procedural safeguards: Access to the paper files is strictly
controlled by the Office of Education staff. Files may be removed only
with the approval of the system manager or other authorized
official(s).
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1-``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), items 2300-320-1-13, which allows records to be kept
up to a maximum period of ten years. Refer to the NIH Manual Chapter
for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Deputy Director, Office of Education, Office of Intramural
Research, Office of the Director (OD), Building 2, Room 2E06, 2 Center
Drive, Bethesda, MD 20892-1158.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
To obtain access to a record, contact the System Manager at the
above address and provide the information described under notification
procedures above. Requesters should also reasonably specify the record
contents being sought. Individuals may also request listings of
accountable disclosures that have been made of their records, if any.
CONTESTING RECORD PROCEDURE:
Write to the System Manager at the address specified above, and
reasonably identify the record and specify the information to be
contested, the corrective action sought, and the reasons for the
correction, with supporting justification. The right to contest records
is limited to information which is incomplete, irrelevant, incorrect,
or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Applicants, universities and teachers.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0033
SYSTEM NAME:
International Activities: Fellowships Awarded by Foreign
Organizations, HHS/NIH/FIC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Fogarty International Center (FIC), Building 31, Room B2C39, 31
Center Drive, Bethesda, MD 20892.
Write to System Manager at the address below for the address of any
Federal Records Center where records from this system may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
U.S. citizens qualified in health-related sciences submitting
applications through NIH for fellowships for study abroad.
CATEGORIES OF RECORDS IN THE SYSTEM:
Applications and associated records and reports.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
PURPOSE(S):
To perform scientific reviews and evaluations of applicants'
suitability of referral to awarding organization in foreign countries.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. After review by the operating agency review panel the
applications and all supporting documents are forwarded to the foreign
organizations or agencies making awards.
2. In addition, such application may be made available to
authorized employees and agents of the Federal Government for purposes
of investigations, inspections and audits, and, in appropriate cases,
to the Department of Justice for prosecution under civil and criminal
laws.
3. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
4. Disclosure may be made to the Department of Justice, or to a
court or other tribunal, when (a) HHS, or any component thereof; or (b)
any HHS employee in his or her official capacity; or (c) any HHS
employee in his or her individual capacity where the Department of
Justice (or HHS, where it is authorized to do so) has agreed to
represent the employee; or (d) the United States or any agency thereof
where HHS determines that the litigation is likely to affect HHS or any
of its components, is a party to litigation or has any interest in such
litigation, and HHS determines that the use of such records by the
Department of Justice, court or other tribunal is relevant and
necessary to the litigation and would help in the effective
representation of the governmental party, provided, however, that in
each case, HHS determines that such disclosure is compatible with the
purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders.
RETRIEVABILITY:
Records are retrieved by name and fellowship number.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical and
procedural safeguards such as the following:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to FIC program staff. Other
one-time and special access by other employees is granted on a need-to-
know basis as specifically authorized by the system manager.
2. Physical Safeguards: The records are maintained in locked file
cabinets, and offices are locked during off-duty hours.
3. Procedural Safeguards: Access to file rooms and files is
strictly controlled by files staff. Records may be removed from files
only at the request of the system manager or other authorized
employees.
[[Page 60750]]
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), items 2300-320-5, which allows records to be destroyed
after a maximum period of six years after the close of a case. Refer to
the NIH Manual Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Division of International Training and Research, Fogarty
International Center (FIC), Building 31, Room B2C39, 31 Center Drive,
Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
Requests for notification of or access to records should be
addressed to the System Manager, as listed above. The requester must
also verify his or her identity by providing either a notarization of
the request or a written certification that the requester is who he or
she claims to be and understands that the knowing and willful request
for acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely or irrelevant.
RECORD SOURCE CATEGORIES:
Applicants and persons supplying references.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0034
SYSTEM NAME:
International Activities: Scholars-in-Residence Program, HHS/NIH/
FIC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Fogarty International Center (FIC), Building 16, Room 202, 16
Center Drive, Bethesda, MD 20892.
Write to System Manager at the address below for the address of the
Federal Records Center where records may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Distinguished scientists and scholars invited to accept NIH
scholarships.
CATEGORIES OF RECORDS IN THE SYSTEM:
Employment and education histories; references.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 2421, ``International Cooperation'' of the PHS Act.
PURPOSE(S):
To administer and award scholarships to distinguished scientists.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Information is made available to authorized employees and agents
of the Federal Government for purposes of investigations, inspections
and audits, and in appropriate cases, to the Department of Justice for
prosecution under civil and criminal laws.
2. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
3. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, and
procedural safeguards such as the following:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to FIC program staff. Other
one-time and special access by other employees is granted on a need-to-
know basis as specifically authorized by the system manager.
2. Physical safeguards: Records are kept in file cabinets. Offices
are locked during off-duty hours.
3. Procedural safeguards: Access to files is strictly controlled by
files staff. Files may be removed only at the request of the system
manager or other authorized employee.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), items 2300-320-7 which allows records to be destroyed
after a maximum period of six years after the close of a case. Refer to
the NIH Manual Chapter for specific retention instructions.
SYSTEM MANAGER(S) AND ADDRESS(ES):
Director, Division of Advanced Studies and Policy Analysis, Fogarty
International Center (FIC), Building 16, Room 202, 16 Center Drive,
Bethesda, MD 20892-6705.
NOTIFICATION PROCEDURE:
Requests for notification of or access to records should be
addressed to the System Manager, as listed above. The requester must
also verify his or her identity by providing either a notarization of
the request or a written certification that the requester is who he or
she claims to be and understands that the knowing and willful request
for acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand dollar fine.
[[Page 60751]]
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought. The right to contest
records is limited to information which is incomplete, irrelevant,
incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Information is obtained from invitees, reference sources, and
persons supplying recommendations.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0036
SYSTEM NAME:
Extramural Awards and Chartered Advisory Committees (IMPAC 2),
Contract Information (DCIS), and Cooperative Agreement Information,
HHS/NIH.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Office of Policy for Extramural Research Administration, Office of
Extramural Research, Office of the Director (OD), Rockledge II, Room
2172, 6701 Rockledge Drive, Bethesda, MD 20892.
Office of Federal Advisory Committee Policy, Office of the Director
(OD), Building 31, Room 3B-59, 31 Center Drive, Bethesda, MD 20892.
Office of Acquisition Management and Policy, Office of the Director
(OD), 6100 Executive Boulevard, Room 6D01, Bethesda, MD 20892.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Principal investigators; program directors; program and projects
staff and others named in the application; National Research Service
Awards (NRSA) trainees and fellows; research career awardees; chartered
advisory committee members; contractor personnel; subcontractor
personnel; and consultants.
CATEGORIES OF RECORDS IN THE SYSTEM:
Funding applications, awards, associated records, trainee
appointments, current and historical information pertaining to
chartered advisory committees, and past performance information
pertaining to contractors.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5. U.S.C. 301; 42 U.S.C. 217a, 241, 282(b)(6), 284a, and 288. 48
CFR Subpart 15.3 and Subpart 42.15.
PURPOSE(S):
1. To support centralized grant programs of the Public Health
Service.
Services are provided in the areas of grant application assignment
and referral, initial review, council review, award processing and
grant accounting. The database is used to provide complete, accurate,
and up-to-date reports to all levels of management.
2. To maintain communication with former fellows and trainees who
have incurred a payback obligation through the National Research
Service Award Program.
3. To maintain current and historical information pertaining to the
establishment of chartered advisory committees of the National
Institutes of Health and the appointment or designation of their
members.
4. To maintain current and historical information pertaining to
contracts awarded by the National Institutes of Health, and performance
evaluations on NIH contracts and contracts awarded by other Federal
agencies that participate in the NIH Contractor Performance System.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to the National Technical Information
Service (NTIS), Department of Commerce, for dissemination of scientific
and fiscal information on funded awards (abstract of research projects
and relevant administrative and financial data).
2. Disclosure may be made to the cognizant audit agency for
auditing.
3. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
4. Disclosure may be made to qualified experts not within the
definition of Department employees as prescribed in Department
regulations for opinions as a part of the application review process.
5. Disclosure may be made to a Federal agency, in response to its
request, in connection with the issuance of a license, grant or other
benefit by the requesting agency, to the extent that the record is
relevant and necessary to the requesting agency's decision in the
matter.
6. Disclosure of past performance information pertaining to
contractors may be made to a Federal agency upon request. In addition,
routine access to past performance information on contractors will be
provided to Federal agencies that subscribe to the NIH Contractor
Performance System.
7. A record may be disclosed for a research purpose, when the
Department: (A) Has determined that the use or disclosure does not
violate legal or policy limitations under which the record was
provided, collected, or obtained; (B) has determined that the research
purpose (1) cannot be reasonably accomplished unless the record is
provided in individually identifiable form, and (2) justifies the risk
to the privacy of the individual that additional exposure of the record
might bring; (C) has required the recipient to (1) establish reasonable
administrative, technical, and physical safeguards to prevent
unauthorized use or disclosure of the record, (2) remove or destroy the
information that identifies the individual at the earliest time at
which removal or destruction can be accomplished consistent with the
purpose of the research project, unless the recipient has presented
adequate justification of a research or health nature for retaining
that information, and (3) make no further use or disclosure of the
record except (a) in emergency circumstances affecting the health or
safety of any individual, (b) for use in another research project,
under these same conditions, and with written authorization of the
Department, (c) for disclosure to a properly identified person for the
purpose of an audit related to the research project, if information
that would enable research subjects to be identified is removed or
destroyed at the earliest opportunity consistent with the purpose of
the audit, or (d) when required by law; and (D) has secured a written
statement attesting to the recipient's understanding of, and
willingness to abide by these provisions.
8. Disclosure may be made to a private contractor or Federal agency
for the purpose of collating, analyzing, aggregating or otherwise
refining records in this system. The contractor or Federal agency will
be required to maintain Privacy Act safeguards with respect to these
records.
9. Disclosure may be made to a grantee or contract institution in
connection with performance or administration under the conditions of
the particular award or contract.
10. Disclosure may be made to the Department of Justice, or to a
court or
[[Page 60752]]
other adjudicative body, from this system of records when (a) HHS, or
any component thereof; or (b) any HHS officer or employee in his or her
official capacity; or (c) any HHS officer or employee in his or her
individual capacity where the Department of Justice (or HHS, where it
is authorized to do so) has agreed to represent the officer or
employee; or (d) the United States or any agency thereof where HHS
determines that the proceeding is likely to affect HHS or any of its
components, is a party to proceeding or has any interest in the
proceeding, and HHS determines that the records are relevant and
necessary to the proceeding and would help in the effective
representation of the governmental party.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored by name, application, grant or contract ID
number, and contractor tax ID number.
RETRIEVABILITY:
Records are retrieved by name, application, grant or contract ID
number, and contractor tax ID number.
SAFEGUARDS:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to NIH extramural and
advisory committee staff, NIH contract management staff, and Federal
acquisition personnel. Other one-time and special access by other
employees is granted on a need-to-know basis as specifically authorized
by the System manager.
2. Physical Safeguards: Physical access to Office of Extramural
Research (OER) work areas is restricted to OER employees. Physical
access to the Office of Acquisition and Policy (OAMP) work areas is
restricted to OAMP employees. Physical access to Office of Federal
Advisory Committee Policy (OFACP) work areas is restricted to OFACP
employees. Access to the contractor performance files is restricted
through the use of secure socket layer encryption and through an IBM
password protection system. Only authorized government contracting
personnel are permitted access. Access is monitored and controlled by
OAMP.
3. Procedural Safeguards: Access to source data files is strictly
controlled by files staff. Records may be removed from files only at
the request of the System manager or other authorized employee. Access
to computer files is controlled by the use of registered accounts,
registered initials, keywords, and similar limited access systems.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 4000-A-2, which allows records to be destroyed
when no longer needed for administrative purposes. Refer to the NIH
Manual Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
For Extramural Awards: Director, Extramural Information Systems,
Division of Grants Compliance and Oversight in the Office of Policy for
Extramural Research Administration (OPERA), Office of Extramural
Research, Office of the Director (OD), Rockledge II, Room 2172, 6701
Rockledge Drive, Bethesda, MD 20892.
For Chartered Federal Advisory Committees of the National
Institutes of Health: Director, Office of Federal Advisory Committee
Policy, Office of the Director, Building 31, Room 3B-59, 31 Center
Drive, Bethesda, MD 20892.
For Contracts: Office of Acquisition Management and Policy, Office
of the Director (OD), 6100 Executive Boulevard, Room 6D01, Bethesda, MD
20892.
NOTIFICATION PROCEDURE:
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Privacy Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought and the reasons for
the correction, with supporting justification. The right to contest
records is limited to information which is incomplete, irrelevant,
incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Applicant institution, individual, individual's educational
institution and references, and participating Federal acquisition
personnel.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0041
SYSTEM NAME:
Research Resources: Scientists Requesting Hormone Distribution,
HHS/NIH/NIDDK.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
National Institute of Diabetes, and Digestive Kidney Diseases
(NIDDK), Democracy Plaza II, Room 693, 6707 Democracy Boulevard,
Bethesda, MD 20892-5460.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Scientists requesting hormones from the National Institute of
Diabetes, and Digestive Kidney Diseases.
CATEGORIES OF RECORDS IN THE SYSTEM:
Justification for request for hormones, including requester's
competence.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241, 263, 289a, 289c.
PURPOSE(S):
1. For review of applications requesting hormones and antibodies
for research purposes, prior to awarding these substances.
2. To determine if the requester is qualified to receive these
materials.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to NIDDK Contractors for distribution of
various hormones to requesters.
2. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
3. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any
[[Page 60753]]
employee of the Department in his or her official capacity; (b) the
United States where the Department determines that the claim, if
successful, is likely to directly affect the operations of the
Department or any of its components; or (c) any Department employee in
his or her individual capacity where the Justice Department has agreed
to represent such employee, the Department may disclose such records as
it deems desirable or necessary to the Department of Justice to enable
that Department to present an effective defense, provided that such
disclosure is compatible with the purpose for which the records were
collected.
Records may be disclosed to student volunteers, individuals working
under a personal services contract, and other individuals performing
functions for PHS who do not technically have the status of agency
employees, if they need the records in the performance of their agency
functions.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to staff working for the
contractor who need the records for hormone distribution, to NIH staff
who supervise the Hormone Distribution Program, and, as approved by the
system manager, to scientists and physicians who may have need of the
information for research.
2. Physical Safeguards: Records are kept in cabinets in offices
which are locked during off-duty hours and which have alarms.
3. Procedural Safeguards: Access to files is strictly controlled by
files staff. Files may be obtained only at the request of the system
manager or other authorized employee.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records
Control Schedule contained in NIH Manual Chapter 1743, Appendix 1--
Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 3000-G-3, which allows records to be kept as long
as they are useful in scientific research. Refer to the NIH Manual
Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Hormone Distribution Program, National Institute of
Diabetes, Digestive and Kidney Diseases (NIDDK), Democracy Plaza II,
Room 693, 6707 Democracy Boulevard, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists write to: Administrative Officer,
National Institute of Diabetes, Digestive and Kidney Diseases (NIDDK),
Building 31, Room 9A46, 31 Center Drive, Bethesda, MD 20892.
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought and the reasons for
the correction, with supporting justification. The right to contest
records is limited to information which is incomplete, irrelevant,
incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Data is obtained from the individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0054
SYSTEM NAME:
Administration: Property Accounting (Card Key System), HHS/NIH/ORS.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
NIH Computer Center, National Institutes of Health, Building 12A,
Room 1011, 12 South Drive, Bethesda, MD 20892.
Office of Research Services, Building 13, Room 215, 13 South Drive,
Bethesda, MD 20892-5758.
Facilities Engineering Branch, National Institute of Environmental
Health Sciences (NIEHS), 102-01, PO Box 12233, Research Triangle Park,
NC 27709.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Employees of the National Institutes of Health who are issued card
keys.
CATEGORIES OF RECORDS IN THE SYSTEM:
Property management.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301; 5 U.S.C. 5901; 5 U.S.C. 7903; 40 U.S.C. 318a; 42
U.S.C. 241.
PURPOSE(S):
Used for card keys issuance and control.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. In the event that a system of records maintained by this agency
to carry out its functions indicates a violation or potential violation
of law, whether civil, criminal or regulatory in nature, and whether
arising by general statute or particular program statute, or by
regulation, rule or order issued pursuant thereto, the relevant records
in the system of records may be referred, as a routine use, to the
appropriate agency, whether Federal, or foreign, charged with the
responsibility of investigating or prosecuting such violation or
charged with enforcing or implementing the statute, or rule, regulation
or order issued pursuant thereto.
3. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any employee of the
Department in his or her official capacity; (b) the United States where
the Department determines that the claim, if successful, is likely to
directly affect the operations of the Department or any of its
components; or (c) any Department employee in his or her individual
capacity where the Justice Department has agreed to represent such
employee, the Department may disclose such records as it deems
desirable or necessary to the Department of Justice to enable that
Department to present an effective defense, provided that such
disclosure is compatible with the purpose for which the records were
collected.
[[Page 60754]]
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders, and on magnetic media.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to officials whose duties
require use of the information. Other one-time and special access by
other employees is granted on a need-to-know basis as specifically
authorized by the system manager.
2. Physical Safeguards: Textual records are stored in offices which
are locked when not in use.
3. Procedural Safeguards: Computer files are password protected.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1300-C-14, which allows records to be destroyed
after all listed credentials are accounted for or three months after
the return of credentials to the issuing office. Refer to the NIH
Manual Chapter for specific instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Management Analyst, Division of Engineering Services, Office of
Research Services (ORS), Building 3, Room 112, 3 Center Drive,
Bethesda, MD 20892-0307.
Chief, Facilities Engineering Branch, National Institute of
Environmental Health Sciences (NIEHS), 102-01, PO Box 12233, Research
Triangle Park, NC 27709.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Data is obtained from the individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0078
SYSTEM NAME:
Administration: Consultant File, HHS/NIH/NHLBI.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
National Heart, Lung, and Blood Institute (NHLBI), Rockledge II,
6701 Rockledge Drive, Bethesda, MD 20892.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
List of consultants available for use in evaluation of National
Heart, Lung, and Blood Institute special grants and contracts.
CATEGORIES OF RECORDS IN THE SYSTEM:
Names and resumes.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241(d), 281.
PURPOSE(S):
1. To identify and select experts and consultants for program
reviews and evaluations.
2. For use in evaluation of NHLBI special grants and contracts.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any employee of the
Department in his or her official capacity; (b) the United States where
the Department determines that the claim, if successful, is likely to
directly affect the operations of the Department or any of its
components; or (c) any Department employee in his or her individual
capacity where the Justice Department has agreed to represent such
employee, the Department may disclose such records as it deems
desirable or necessary to the Department of Justice to enable that
Department to present an effective defense, provided that such
disclosure is compatible with the purpose for which the records were
collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Computer disk and file folders.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
1. Authorized Users: Data on computer files is accessed by keyword
known only to authorized users.
2. Physical Safeguards: Rooms where records are stored are locked
when not in use.
3. Procedural Safeguards: During regular business hours, rooms are
unlocked but are controlled by on-site personnel.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1100-G. Refer to the NIH Manual Chapter for
specific disposition instructions.
[[Page 60755]]
SYSTEM MANAGER(S) AND ADDRESS:
Chief, Review Branch, National Heart, Lung, and Blood Institute
(NHLBI), Rockledge II, Room 7178, 6701 Rockledge Drive, Bethesda, MD
20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, contact: Privacy Act Coordinator,
National Heart, Lung, and Blood Institute (NHLBI), Building 31, Room
5A33, 31 Center Drive, Bethesda, MD 20892-2490.
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under also pretenses is a criminal offense under the Act,
subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought. The right to contest
records is limited to information which is incomplete, irrelevant,
incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Subject individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0087
SYSTEM NAME:
Administration: Senior Staff, HHS/NIH/NIAID.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
National Institute of Allergy and Infectious Diseases (NIAID),
Building 31, Room 7A50, 31 Center Drive, Bethesda, MD 20892.
Write to System Manager at the address below for the address of the
Federal Records Center where records from this system may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Current and former key professional employees of the Institute, and
consultants.
CATEGORIES OF RECORDS IN THE SYSTEM:
Press releases, curricula vitae, nominations for awards, and
photographs.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241(d), 289a.
PURPOSE(S):
For background records to provide public announcements on National
Institute of Allergy and Infectious Diseases research.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
Disclosure may be made to a congressional office from the record of
an individual in response to an inquiry from the congressional office
made at the request of that individual.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Stored in file folders.
RETRIEVABILITY:
Retrieved by name.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, and
procedural safeguards such as the following:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to staff whose duties
require the use of such information. Authorized users are located in
the Office of the Director, NIAID. Other one time and special access by
other employees is granted on a need-to-know basis as specifically
authorized by the system manager.
2. Physical Safeguards: Records in this system are stored in file
folders which are kept in locked cabinets. The room is locked during
off-duty hours.
3. Procedural Safeguards: Access to files is strictly controlled by
files staff. Records may be removed from files only at the request of
the system manager or other authorized employee.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1100-G. Refer to the NIH Manual Chapter for
specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Office of Communications and Public Liaison, National
Institute of Allergy and Infectious Diseases (NIAID), Building 31, Room
7A-50, 31 Center Drive, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to: Privacy Act Coordinator,
National Institute of Allergy and Infectious Diseases (NIAID), 6700-B
Rockledge Drive, Room 2143, Bethesda, MD 20892. The requester must also
verify his or her identity by providing either a notarization of the
request or a written certification that the requester is who he or she
claims to be and understands that the knowing and willful request for
acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as record Notification Procedures. Requesters should also
reasonably specify the record contents being sought. Individuals may
also request listings of accountable disclosures that have been made of
their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager at the address above, and reasonably
identify the record and specify the information to be contested, and
state the corrective action sought and the reasons for the correction,
with supporting justification. The right to contest records is limited
to information which is incomplete, irrelevant, incorrect, or untimely
(obsolete).
RECORD SOURCE CATEGORIES:
Individuals and newspaper clippings.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0099
SYSTEM NAME:
Clinical Research: Patient Medical Records, HHS/NIH/CC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Medical Record Department, Clinical Center, Building 10, Room
1N208, 10
[[Page 60756]]
Center Drive, Bethesda, MD 20892-1192 and at private organizations
under contract. Write to the system manager for a list of current
locations.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Registered Clinical Center patients and some individuals not
registered as patients but seen in the Clinical Center for diagnostic
tests.
CATEGORIES OF RECORDS IN THE SYSTEM:
Medical treatment records.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241, 248: ``Research and Investigation,'' and
``Hospitals, Medical Examinations, and Medical Care.''
PURPOSE(S):
1. To provide a continuous history of the treatment afforded
individual patients in the Clinical Center.
2. To provide a data base for the clinical research conducted
within the hospital.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Information may be used to respond to Congressional inquiries
for constituents concerning their admission to NIH Clinical Center.
2. Social Work Department may give pertinent information to
community agencies to assist patients or their families.
3. Referring physicians receive medical information for continuing
patient care after discharge.
4. Information regarding diagnostic problems, or having unusual
scientific value may be disclosed to appropriate medical or medical
research organizations or consultants in connection with treatment of
patients or in order to accomplish the research purposes of this
system. For example, tissue specimens may be sent to the Armed Forces
Institute of Pathology; X-rays may be sent for the opinion of a
radiologist with extensive experience in a particular kind of
diagnostic radiology. The recipients are required to maintain Privacy
Act safeguards with respect to these records.
5. Records may be disclosed to representatives of the Joint
Commission on Accreditation of Hospitals conducting inspections to
ensure that the quality of the Clinical Center medical record-keeping
meets established standards.
6. Certain diseases and conditions, including infectious diseases,
may be reported to appropriate representatives of State or Federal
Government as required by State or Federal law.
7. Medical information may be disclosed in identifiable form to
tumor registries for maintenance of health statistics, e.g., for use in
epidemiologic studies.
8. The Department contemplates that it may contract with a private
firm for transcribing, updating, copying, or otherwise refining records
in this system. Relevant records will be disclosed to such a
contractor. The contractor will be required to comply with the
requirements of the Privacy Act with respect to such records.
9. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any employee of the
Department in his or her official capacity; (b) the United States where
the Department determines that the claim, if successful, is likely to
directly affect the operations of the Department or any of its
components; or (c) any Department employee in his or her individual
capacity where the Justice Department has agreed to represent such
employee, for example in defending against a claim based upon an
individual's mental or physical condition and alleged to have arisen
because of activities of the Public Health Service in connection with
such individual, the Department may disclose such records as it deems
desirable or necessary to the Department of Justice to enable that
agency to present an effective defense, provided that such disclosure
is compatible with the purpose for which the records were collected.
10.(a). PHS may inform the sexual and/or needle-sharing partner(s)
of a subject individual who is infected with the human immunodeficiency
virus (HIV) of their exposure to HIV, under the following
circumstances: (1) The information has been obtained in the course of
clinical activities at PHS facilities carried out by PHS personnel or
contractors; (2) The PHS employee or contractor has made reasonable
efforts to counsel and encourage the subject individual to provide the
information to the individual's sexual or needle-sharing partner(s);
(3) The PHS employee or contractor determines that the subject
individual is unlikely to provide the information to the sexual or
needle-sharing partner(s) or that the provision of such information
cannot reasonably be verified; and (4) The notification of the
partner(s) is made, whenever possible, by the subject individual's
physician or by a professional counselor and shall follow standard
counseling practices.
(b). PHS may disclose information to State or local public health
departments, to assist in the notification of the subject individual's
sexual and/or needle-sharing partner(s), or in the verification that
the subject individual has notified such sexual or needle-sharing
partner(s).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders and/or on microfiche, and on
computer tapes.
RETRIEVABILITY:
Records are retrieved by unit number and patient name.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, and
procedural safeguards such as the following:
1. Authorized Users: Employees maintaining records in this system
are instructed to grant regular access only to physicians and dentists
and other health care professionals officially participating in patient
care, to contractors, or to NIH researchers specifically authorized by
the system manager.
2. Physical Safeguards: All record facilities are locked when
system personnel are not present.
3. Procedural Safeguards: Access to files is strictly controlled by
the system manager. Records may be removed only by system personnel
following receipt of a request signed by an authorized user. Access to
computerized records is controlled by the use of security codes known
only to the authorized user. Codes are user- and function-specific.
Contractor compliance is assured through inclusion of Privacy Act
requirements in contract clauses, and through monitoring by contract
and project officers. Contractors who maintain records in this system
are instructed to make no disclosure of the records except as
authorized by the System Manager.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--
[[Page 60757]]
``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 3000-E-22, which allows records to be kept until
no longer needed for scientific reference. Refer to the NIH Manual
Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Medical Record Department, Clinical Center (CC), Building
10, Room 1N208, 10 Center Drive, Bethesda, MD 20892-1192.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
above address. The requester must provide tangible proof of identity,
such as a driver's license. If no identification papers are available,
the requester must verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
An individual who requests notification of or access to a medical/
dental record shall, at the time the request is made, designate in
writing a responsible representative who will be willing to review the
record and inform the subject individual of its contents at the
representative's discretion. The representative may be a physician, or
other health professional, or other responsible individual. The subject
individual will be granted direct access unless it is determined that
such access is likely to have an adverse effect on him or her. In that
case, the medical/dental record will be sent to the designated
representative. The individual will be informed in writing if the
record is sent to the representative.
A parent or guardian who requests notification of or access to a
child's/incompetent person's record shall designate a family physician
or other health professional (other than a family member) to whom the
record, if any, will be sent. The parent or guardian must verify
relationship to the child/incompetent person as well as his/her own
identity.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
identify the specific reports and related dates pertaining to the
information to be released. There may be a fee for reproducing more
than 20 pages of material. Individuals may also request listings of
accountable disclosures that have been made of their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager and reasonably identify the record and
specify the information to be contested, and state the corrective
action sought and your reasons for requesting the correction, along
with supporting information to show how the record is inaccurate,
incomplete, untimely or irrelevant. The right to contest records is
limited to information which is incomplete, irrelevant, incorrect, or
untimely (obsolete).
RECORD SOURCE CATEGORIES:
Referring physicians, other medical facilities (with patient's
consent), patients, relatives of patients.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0105
SYSTEM NAME:
Administration: Health Records of Employees, Visiting Scientists,
Fellows, and Others who Receive Medical Care Through the Employee
Health Unit, HHS/NIH/ORS.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Main Employee Health Unit, Occupational Medical Service, Building
10, 6th Floor Clinic, 10 Center Drive, Bethesda, MD 20892.
Auxiliary Employee Health Unit, Occupational Medical Service,
Building 13, Room G904, 13 South Drive, Bethesda, MD 20892.
Employee Health Unit, Rocky Mountain Laboratories, Hamilton,
Montana 59840.
Employee Assistance Program, Occupational Medical Service, Building
31, Room B2B57, 31 Center Drive, Bethesda, MD 20892.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Employees, fellows, visiting scientists, relatives of inpatients,
visitors, and others who receive medical care through the Employee
Health Unit.
CATEGORIES OF RECORDS IN THE SYSTEM:
Medical records.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 7901.
PURPOSE(S):
1. For medical treatment.
2. Upon researcher request with individual's written permission,
release of record for research purposes to medical personnel.
3. Upon request by HHS personnel offices for determination of
fitness for duty, and for disability retirement and other separation
actions.
4. For monitoring personnel to assure that safety standards are
maintained.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to Federal, State, and local government
agencies for adjudication of benefits under workman's compensation, and
for disability retirement and other separation actions.
2. To district office of OPEC, Department of Labor with copies to
the U.S. Office of Personnel Management for processing of disability
retirement and other separation actions.
3. Upon non-HHS agency request, for examination to determine
fitness for duty with copies to requesting agency and to the U.S.
Office of Personnel Management.
4. Disclosure may be made to a congressional office from the record
of an individual in response to any inquiry from the congressional
office made at the request of the individual.
5. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders.
[[Page 60758]]
RETRIEVABILITY:
Records are retrieved by name and social security number.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical and
procedural safeguards such as the following:
1. Authorized Users: Access is limited to authorized personnel
(system manager and staff; Occupational Medicine Service staff; and
personnel and administrative officers with need for information for
fitness for duty, disability, and other similar determinations).
2. Physical Safeguards: Files are maintained in locked cabinets.
3. Procedural Safeguards: Access to files is strictly controlled by
authorized staff.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule, Manual Chapter 1743 (HHS Records Management
Manual, Appendix B-361), item 2300-792-3.
SYSTEM MANAGER(S) AND ADDRESS:
Deputy Director, Division of Safety, Office of Research Services
(ORS), Building 31, Room 1C02, 31 Center Drive, Bethesda, MD 20892.
Chief, Rocky Mountain Operations Branch, Rocky Mountain
Laboratories, Hamilton, Montana 59840.
NOTIFICATION PROCEDURE:
Contact System Manager at appropriate treatment location listed
above, to determine if a record exists. The requester must also verify
his or her identity by providing either a notarization of the request
or a written certification that the requester is who he or she claims
to be and understands that the knowing and willful request for
acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to five thousand
dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requester should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Records contain data resulting from clinical and preventative
services provided at treatment location, and data received from
individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0106
SYSTEM NAME:
Administration: Office of the NIH Director and Institute/Center
Correspondence Records, HHS/NIH/OD.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Executive Secretariat, Office of the Director (OD), Building 1,
Room B1-55, 1 Center Drive, Bethesda, MD 20892-0122.
Machine Room, Executive Secretariat, Office of the Director (OD),
Building 31, Room 3B33, 31 Center Drive, Bethesda, MD 20892.
Office of Legislative Policy and Analysis, Office of the Director
(OD), Building 1, Room 244, 1 Center Drive, Bethesda, MD 20892.
Office of Science Education, Office of Science Policy, Office of
the Director (OD), Rockledge I, Room 724, 6705 Rockledge Drive,
Bethesda, MD 20892.
Institute/Center staff offices that retain correspondence files and
computer servers which store document images.
Write to the appropriate System Manager listed in Appendix I for a
list of current locations and for the address of the Federal Records
Center where records are stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals who have contacted the NIH Director or his/her
subordinates, or have been contacted in writing by one of these
officials.
CATEGORIES OF RECORDS IN THE SYSTEM:
Correspondence and other supporting documents; mailing lists.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301; 44 U.S.C. 3101.
PURPOSE(S):
1. To control, address, and track all correspondence documents
addressed or directed to the NIH Director or his/her subordinates, as
well as documents/supporting documents initiated by them, in order to
assure timely and appropriate attention.
2. Incoming correspondence and supporting documentation is
forwarded to other HHS components when a response from them is
warranted.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. Disclosure may be made from this system of records by the
Department of Health and Human Services (HHS) to the Department of
Justice, or to a court or other tribunal, when (a) HHS, or any
component thereof; or (b) any HHS employee in his or her official
capacity; or (c) any HHS employee in his or her individual capacity
where the Department of Justice (or HHS, where it is authorized to do
so) has agreed to represent the employee; or (d) the United States or
any agency thereof where HHS determines that the litigation is likely
to affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored by computer index, optical image and in file
folders.
RETRIEVABILITY:
Records are retrieved by name, document number, date, and subject.
SAFEGUARDS:
1. Authorized Users: Access to textual records is limited to
authorized personnel (system managers and staff).
2. Physical Safeguards: Physical access to records and to computer
servers containing records is restricted to authorized personnel.
[[Page 60759]]
3. Procedural Safeguards: Access to textual records is strictly
controlled by system managers and staff. Records may be removed from
files only at the request of system managers or other authorized
employees. Computer files are password protected.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1700-C, which allows records to be kept for a
maximum period of ten years. Refer to the NIH Manual Chapter for
specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
System Managers are listed in Appendix I; each maintains full
responsibility for their specific correspondence system.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the appropriate System
Manager as listed in Appendix I.
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought and the reasons for
the correction. The right to contest records is limited to information
which is incomplete, irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Records are derived from incoming and outgoing correspondence.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
Appendix I: System Managers
Information Systems Manager, Executive Secretariat, Office of
the Director (OD), Building 1, Room B146, 1 Center Drive, Bethesda,
MD 20892-0122.
Acting Associate Director, Office of Legislative Policy and
Analysis, Office of the Director (OD), Building 1, Room 244, 1
Center Drive, Bethesda, MD 20892-0160.
Privacy Act Systems Manager, Office of Science Education, Office
of Science Policy, Office of the Director (OD), Rockledge I, Room
729, 6705 Rockledge Drive, Bethesda, MD 20892-7984.
Secretary to the Director, National Cancer Institute (NCI),
Building 31, Room 11A48, 31 Center Drive, Bethesda, MD 20892-2590.
Secretary to the Director, Office of the Director, National
Heart, Lung, and Blood Institute (NHLBI), Building 31, Room 5A52, 31
Center Drive, Bethesda, MD 20892-2486.
Director, Office of Communication and Public Liaison, National
Institute of Diabetes and Digestive and Kidney (NIDDK), Building 31,
Room 9A04, 31 Center Drive, Bethesda, MD 20892-2560.
Executive Secretariat, National Institute of Environmental
Health Sciences (NIEHS), PO Box 12233, South Campus, Building 2,
Room B201, Research Triangle Park, NC 27709-B201.
Secretary to the Director, National Eye Institute (NEI),
Building 31, Room 6A03, 31 Center Drive, Bethesda, MD 20892-2510.
Executive Assistant to the Director, National Institute of
Arthritis and Musculoskeletal and Skin Diseases (NIAMS), Building
31, Room 4C32, 31 Center Drive, Bethesda, MD 20892-2350.
Chief, Administrative Management Branch, National Institute on
Deafness and Other Communication Disorders (NIDCD), Building 31,
Room 3C02, 31 Center Drive, Bethesda, MD 20892-2320.
Secretary to the Director, National Institute of General Medical
Sciences (NIGMS), Natcher Building, Room 2AN12D, 45 Center Drive,
Bethesda, MD 20892-6200.
Secretary to the Director, Office of the Director, National
Library of Medicine (NLM), Building 38, Room 2E17, 8600 Rockville
Pike, Bethesda, MD 20894-6075.
Secretary to the Director, Fogarty International Center (FIC),
Building 31, Room B2C02, 31 Center Drive, Bethesda, MD 20892-2220.
Special Assistant for Liaison Activities, Office of AIDS
Research, Office of the Director (OD), Building 2, Room 4E14, 2
Center Drive, Bethesda, MD 20892.
Executive Secretariat, National Institute on Drug Abuse (NIDA),
Neuroscience Center, 6001 Executive Boulevard, Room 5101, Bethesda,
MD 20892-9585.
Executive Secretariat, National Institute on Alcohol Abuse and
Alcoholism (NIAAA), Willco Building, Room 400, 6000 Executive
Boulevard, Bethesda, MD 20892-7003.
Executive Secretariat, National Institute of Mental Health
(NIMH), Neuroscience Center, 6001 Executive Boulevard, Room 8208,
Bethesda, MD 20892-9667.
Director, Office of Communications, National Center for
Complementary and Alternative Medicine (NCCAM), Democracy Plaza II,
Room 401, 6707 Democracy Boulevard, Bethesda, MD 20892-5475.
Privacy Act Coordinator, National Institute of Biomedical
Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31
Center Drive, Bethesda, MD 20892-2077.
Privacy Act Coordinator, National Center on Minority Health and
Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707
Democracy Boulevard, Bethesda, MD 20892-5465.
09-25-0108
SYSTEM NAME:
Personnel: Guest Researchers, Special Volunteers, and Scientists
Emeriti, HHS/NIH/OHRM.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
This system is located in the Personnel/Administrative Offices of
individual Institutes/Centers of the National Institutes of Health.
These records are interspersed with staff records and filed
alphabetically.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals using NIH facilities who are not NIH employees.
CATEGORIES OF RECORDS IN THE SYSTEM:
Personal information including name, address, date and place of
birth, education, employment, purpose for which NIH facilities are
desired, outside sponsor, and NIH sponsor.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241(a)(2), 42 U.S.C. 282(b)(10), and 42 U.S.C.
284(b)(1)(k).
PURPOSE(S):
To determine eligibility to use NIH facilities, to document the
individual's presence at NIH, and to record that the individual is not
an employee.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to U.S. Office of Personnel Management
for program evaluation purposes; to General Accounting Office for fund
disbursement determinations.
2. Disclosure may be made to institutions providing financial
support.
3. Disclosure may be made to a congressional office from the record
of an individual in response to a verified inquiry from the
congressional office made at the request of that individual.
[[Page 60760]]
4. Disclosure may be made to the Department of Justice or to a
court or other tribunal, when (a) HHS, or any component thereof; or (b)
any HHS employee in his or her official capacity; or (c) any HHS
employee in his or her individual capacity where the Department of
Justice (or HHS, where it is authorized to do so) has agreed to
represent the employee; or (d) the United States or any agency thereof
where HHS determines that the litigation is likely to affect HHS or any
of its components, is a party to litigation or has any interest in such
litigation, and HHS determines that the use of such records by the
Department of Justice, court or other tribunal is relevant and
necessary to the litigation and would help in the effective
representation of the governmental party, provided, however, that in
each case, HHS determines that such disclosure is compatible with the
purpose for which the records were collected.
5. Records may be disclosed to student volunteers, individuals
working under a personal services contract, and other individuals
performing functions for PHS who do not technically have the status of
agency employees, if they need the records in the performance of their
agency functions.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
File folders and computer programs.
RETRIEVABILITY:
Records are retrieved by name.
SAFEGUARDS:
For each location and for the particular records maintained in each
project. Each site implements personnel, physical and procedural
safeguards such as the following:
1. Authorized Users: Access is granted only to personnel staff,
administrative office staff and management officials directly involved
in the administration of the Guest Researcher, Special Volunteer and
Scientist Emeriti programs.
2. Physical Safeguards: Record facilities are locked when system
personnel are not present.
3. Procedural Safeguards: Access to files is strictly controlled by
system personnel. Records may be removed from the file only with the
approval of the system manager or other authorized employees.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 2300-320-3(a), which allows records to be
destroyed after a maximum period of two years after the individual
completes work at NIH. Refer to the NIH Manual Chapter for specific
disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Personnel/Principal or Senior Administrative Officers of National
Institutes of Health Institutes/Centers.
NOTIFICATION PROCEDURE:
To determine if a record exists and where it is located, contact
the Privacy Act Coordinator, Office of Human Resource Management,
Office of the Director (OD), Building 31, Room 1C39, 31 Center Drive,
Bethesda, MD 20892.
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Contact the Personnel Officer or Administrative Officer in whose
office the record is located and provide verification of identity as
described under notification procedure above. Requesters should also
reasonably specify the record contents being sought. Individuals may
also request listings of accountable disclosures that have been made of
their records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Subject individual, NIH sponsor, funding institution.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0115
SYSTEM NAME:
Administration: Curricula Vitae of Consultants and Clinical
Investigators, HHS/NIH/NIAID.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
National Institute of Allergy and Infectious Diseases (NIAID),
6700-B Rockledge Drive, Room 3134, Bethesda, MD 20892-7630.
McKesson BioServices Corporation, 7501 Standish Place, Rockville,
MD 20850.
Write to the System Manager at the address below for the address of
the Federal Records Center where records are stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Consultants and Clinical Investigators under National Institute of
Allergy and Infectious Diseases (NIAID) Investigational New Drug
Applications.
CATEGORIES OF RECORDS IN THE SYSTEM:
Curricula vitae.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241, 289a.
PURPOSE(S):
1. To maintain a record of the investigators under Investigational
New Drug (IND) applications.
2. To appoint consultants to the NIAID Institutional Review Board
(IRB).
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
[[Page 60761]]
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Stored in books.
RETRIEVABILITY:
Retrieved by name.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, and
procedural safeguards such as the following:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to NIAID staff whose duties
require the use of such information. Authorized users are located in
the Office of Clinical Research Affairs, Division of Microbiology and
Infectious Diseases, NIAID. Other one-time and special access by other
employees is granted on a need-to-know basis as specifically authorized
by the system manager.
2. Physical Safeguards: Building is locked during off-duty hours.
3. Procedural safeguards: Access to files is strictly controlled by
files staff. Records may be removed from files only at the request of
the System Manager or other authorized employee.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1100-G. Refer to the NIH Manual Chapter for
specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Office of Clinical Research Affairs, Division of
Microbiology and Infectious Diseases, National Institute of Allergy and
Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 3134,
Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to: Privacy Act Coordinator,
National Institute of Allergy and Infectious Disease (NIAID), 6700-B
Rockledge Drive, Room 2143, Bethesda, MD 20892.
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Individuals.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0118
SYSTEM NAME:
Contracts: Professional Services Contractors, HHS/NIH/NCI.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Write to System Manager at the address below for the address of the
Federal Records Center where records may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals under contract with the National Cancer Institute.
CATEGORIES OF RECORDS IN THE SYSTEM:
Professional services contracts.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241(d), 281.
PURPOSE(S):
Used by staff for general administrative purposes to assure
compliance with contract program requirements.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any employee of the
Department in his or her official capacity; (b) the United States where
the Department determines that the claim, if successful, is likely to
directly affect the operations of the Department or any of its
components; or (c) any Department employee in his or her individual
capacity where the Justice Department has agreed to represent such
employee, the Department may disclose such records as it deems
desirable or necessary to the Department of Justice to enable that
Department to present an effective defense, provided such disclosure is
compatible with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Stored in file folders.
RETRIEVABILITY:
Retrieved by name.
SAFEGUARDS:
1. Authorized Users: Access is limited to authorized personnel
(system manager and staff).
2. Physical Safeguards: Records are maintained in offices which are
locked when not in use
3. Procedural Safeguards: Access to files is strictly controlled by
system manager and staff.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 2600-A-4, which allows records to be destroyed
after a maximum period of six years and three months after final
payment. Refer to the NIH Manual Chapter for specific disposition
instructions.
SYSTEM MANAGER(S) AND ADDRESS:
ARC Manager, Division of Cancer Treatment and Diagnosis (DCTD),
National Cancer Institute (NCI),
[[Page 60762]]
Building 31, Room 3A44, 31 Center Drive, Bethesda, MD 20892.
ARC Manager, Office of the Director (OD), National Cancer Institute
(NCI), Building 31, Room 11A35, 31 Center Drive, Bethesda, MD 20892.
ARC Manager, Executive Plaza (EP), National Cancer Institute (NCI),
Building 6116, Room 220, 6116 Executive Boulevard, Bethesda, MD 20892.
ARC Manager, Building 6116, National Cancer Institute (NCI), 6116
Executive Boulevard, Room 200, Bethesda, MD 20892.
ARC Manager, Division of Cancer Prevention (DCP), National Cancer
Institute (NCI), Executive Plaza North, Room 3060, 6130 Executive
Boulevard, Bethesda, MD 20892.
ARC Manager, Division of Cancer Biology (DCB), National Cancer
Institute (NCI), Executive Plaza North, Room 500, 6130 Executive
Boulevard, Bethesda, MD 20892.
ARC Manager, Division of Cancer Control and Population Sciences
(DCCPS), National Cancer Institute (NCI), Executive Plaza North, Room
3038, 6130 Executive Boulevard, Bethesda, MD 20892.
ARC Manager, Building 41, National Cancer Institute (NCI), Building
41, Room A101, 41 Medlars Drive, Bethesda, MD 20892.
ARC Manager, Building 37, National Cancer Institute (NCI), Building
37, Room 5A15, 37 Convent Drive, Bethesda, MD 20892.
ARC Manager, Frederick Cancer Research and Development Center
(FCRDC), National Cancer Institute (NCI), Building 578, Room 23,
Frederick, MD 21702.
ARC Manager, Division of Cancer Epidemiology and Genetics (DCEG),
National Cancer Institute (NCI), Executive Plaza South, Room 8086, 6120
Executive Boulevard, Bethesda, MD 20892.
ARC Manager, Center for Cancer Research (CCR), National Cancer
Institute (NCI), Building 31, Room 3A19, 31 Center Drive, Bethesda, MD
20892.
ARC Manager, Building 10A, National Cancer Institute (NCI),
Building 10, Room 12N210, 10 Center Drive, Bethesda, MD 20892.
ARC Manager, Building 10B, National Cancer Institute (NCI),
Building 10, Room 12N210, 10 Center Drive, Bethesda, MD 20892.
ARC Manager, Information Technology (IT), National Cancer Institute
(NCI), Building 6116, Room 503, 6116 Executive Boulevard, Bethesda, MD
20892.
NOTIFICATION PROCEDURE:
Write to the appropriate System Manager listed above to determine
if a record exists. The requester must also verify his or her identity
by providing either a notarization of the request or a written
certification that the requester is who he or she claims to be and
understands that the knowing and willful request for acquisition of a
record pertaining to an individual under false pretenses is a criminal
offense under the Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought and the reasons for
the correction, with supporting justification. The right to contest
records is limited to information which is incomplete, irrelevant,
incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Individuals in the system.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0121
SYSTEM NAME:
International Activities: Senior International Fellowships Program,
HHS/NIH/FIC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Division of International Training and Research, Fogarty
International Center (FIC), Building 31, Room B2C39, 31 Center Drive,
Bethesda, MD 20892.
Write to System Manager at the address below for the address of the
Federal Records Center where records from this system are stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Applicants for Senior International Fellowships.
CATEGORIES OF RECORDS IN THE SYSTEM:
Applications and associated records and reports.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 242e.
PURPOSE(S):
For award and administration of fellowships to outstanding faculty
members in mid-career from U.S biomedical research and educational
institutions for study abroad.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Each fellow's home institution receives a notice of award and
funding for the fellowship.
2. Applications are made available to authorized employees and
agents of the U.S., including the General Accounting Office for
purposes of investigations, inspections and audits, and in appropriate
cases, to the Department of Justice for proper action under civil and
criminal laws.
3. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
4. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
File folders and computer disks.
RETRIEVABILITY:
Name and fellowship number.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
[[Page 60763]]
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, procedural
safeguards such as the following:
1. Authorized Users: Employees who maintain records in this system
are instructed to grant regular access only to Fogarty International
Center (FIC) program staff. Other one-time and special access by other
employees is granted on a need-to-know basis as specifically authorized
by the system manager.
2. Physical Safeguards: The records are stored in locked file
cabinets and offices are locked during off-duty hours.
3. Procedural Safeguards: Access to files is strictly controlled by
files staff. Records may be removed from files only at the request of
the system manager or other authorized employees. For computerized
records access is controlled by the use of security codes known to
authorized users and access codes are changed periodically. The
computer system maintains an audit record of all requests for access.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 2300-320-7, which allows records to be destroyed
after a maximum period of six years after the close of a case. Refer to
the NIH Manual Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Division of International Training and Research, Fogarty
International Center (FIC), Building 31, Room B2C39, 31 Center Drive,
Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
Requests for notification of or access to records should be
addressed to the System Manager, listed above. The requester must also
verify his or her identity by providing either a notarization of the
request or a written certification that the requester is who he or she
claims to be and understands that the knowing and willful request for
acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official under Notification Procedures above, and
reasonably identify the record and specify the information to be
contested, and state the corrective action sought and the reasons for
the correction. The right to contest records is limited to information
which is incomplete, irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Information obtained from applicants and persons supplying
recommendations through the Center for Scientific Review.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0124
SYSTEM NAME:
Administration: Pharmacology Research Associates, HHS/NIH/NIGMS.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Director, PRAT Program, Pharmacological Sciences, National
Institute of General Medical Sciences (NIGMS), Natcher Building, Room
2AS43D, 45 Center Drive, Bethesda, MD 20892.
Write to System Manager at the address below for the address of the
Federal Records Center where records are stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Applicants for positions as Pharmacology Research Associates with
the National Institute of General Medical Sciences (NIGMS) and current
and former Pharmacology Research Associates.
CATEGORIES OF RECORDS IN THE SYSTEM:
Individual application forms, addresses, telephone numbers, lists
of awards received, research keywords, preceptor and institute during
time of fellowship for former fellows, academic transcripts, reprints
and references, curricula vitae and salary adjustment memorandum for
fellows.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 209.
PURPOSE(S):
For review, award and administration of the Pharmacology Research
Associate Program (PRAT).
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
File folders.
RETRIEVABILITY:
By name of applicant.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for each location and for the particular records maintained
in each project. Each site implements personnel, physical, and
procedural safeguards such as the following:
1. Authorized Users: Employees who maintain the system are
instructed to grant access only to authorized personnel (System manager
and staff assigned to the program).
2. Physical Safeguards: The records are maintained in locked file
cabinets
[[Page 60764]]
when not in use and system location is locked during non-working hours.
3. Procedural Safeguards: Access to files is strictly controlled by
responsible individuals who have been instructed in the Privacy Act
requirements. Records are returned to the locked cabinets when not in
use.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 2300-320-2(a). Refer to the NIH Manual Chapter
for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, PRAT Program, Pharmacological Sciences, National
Institute of General Medical Sciences (NIGMS), Natcher Building, Room
2AS49K, 45 Center Drive, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to System Manager and
provide the following information: applicant's name and date of
application. The requester must also verify his or her identity by
providing either a notarization of the request or a written
certification that the requester is who he or she claims to be and
understands that the knowing and willful request for acquisition of a
record pertaining to an individual under false pretenses is a criminal
offense under the Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above, and reasonably identify the record and specify the
information to be contested, the corrective action sought. The right to
contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Information obtained from applicants, university registrars, and
persons supplying recommendations through the PRAT Program. Salary
adjustment memos from preceptors. Information on former fellows
obtained from former fellows.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0140
SYSTEM NAME:
International Activities: International Scientific Researchers in
Intramural Laboratories at the National Institutes of Health, HHS/NIH/
FIC/ORS/DIRS.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Center for Information Technology (CIT), Building 12A, Room 3061,
12 South Drive, Bethesda, Maryland 20892.
Ancillary records are located in the Office of the Associate
Director for Intramural Affairs, laboratories, administrative and
personnel offices where participants are assigned. Write to System
manager at the address below for the address of the Federal Records
Center where records are stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Health scientists at all levels of their pre- and postdoctoral or
equivalent research careers who are invited to the National Institutes
of Health to conduct research related to their doctoral studies, for
further postdoctoral training, or to conduct research in their
biomedical specialties under the auspices of FIC's administration of
International Activities. Most of these scientists are foreign, however
some may be resident aliens .
Individuals in these categories include the following: Visiting
Scientists (i.e., Title 42 employees) and Foreign Special Experts (also
employees) and Visiting Fellows, Guest Researchers, Exchange
Scientists, International Research Fellows, Fogarty Scholars, and
Special Volunteers.
CATEGORIES OF RECORDS IN THE SYSTEM:
History of fellowship, employment and/or stay at NIH; education,
previous institution of affiliation, immigration data, and references.
For payroll purposes, social security numbers are requested of all
applicants accepted into the program.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 242l and Section 307 of the Public Health Service Act.
PURPOSE(S):
To document the individual's presence at the NIH, to record
immigration history of the individual in order to verify continued
eligibility in existing programs, and to meet requirements in the code
of Federal Regulations (8 CFR, ``Aliens and Nationality,'' and 22 CFR,
``Foreign Relations'').
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Information is made available to authorized employees and agents
of the U.S. Government including, but not limited to, the General
Accounting Office, the Internal Revenue Service, the FBI and
Immigration and Naturalization Service, Department of Justice, and the
Department of State for purposes of investigations, inspections and
audits.
2. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of the individual.
3. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has
any interest in such litigation, and HHS determines that the use of
such records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders, computer hard disks and tapes,
and computer diskettes.
RETRIEVABILITY:
By name, country of citizenship, country of birth, gender,
fellowship case number, visa and immigration status, program category,
NIH institute and lab, sponsor, degree attained, stipend or salary
level, dates of stay at NIH, termination date, work address and
telephone number, and home address.
[[Page 60765]]
SAFEGUARDS:
A variety of safeguards is implemented for the various sets of
records included under this system according to the sensitivity of the
data they contain.
1. Authorized Users: NIH administrative and personnel staff
screened by FIC staff to access information on a need-to-know basis.
Only FIC staff are authorized to add, change, or delete data. Access by
other employees is granted on a need-to-know basis as specifically
authorized by the system manager.
2. Physical Safeguards: The records are maintained in file cabinets
in offices that are locked during off-duty hours.
3. Procedural Safeguards: Access to files is strictly controlled by
files staff. Records may be removed from files only at the request of
the system manager or other authorized employees. For computerized
records, access is controlled by the use of security codes known only
to authorized users; access codes are changed periodically. The
computer system maintains an audit record of all requests for access.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 2300-320, which allows records to be destroyed
after a maximum period of six years after the close of a case. Refer to
the NIH Manual Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS
Director, Division of Intramural Research Services, Office of
Research Services (ORS), Building 31, Room 3B65, 31 Center Drive,
Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
Write to the System Manager to determine if a record exists. The
requester must also verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedure. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official listed under Notification Procedure above, and
reasonably identify the record, and specify the information to be
contested, and state the corrective action sought and the reasons for
the correction. The right to contest records is limited to information
which is incomplete, irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Subject individuals and other Federal agencies.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0156
SYSTEM NAME:
Records of Participants in Programs and Respondents in Surveys Used
to Evaluate Programs of the Public Health Service, HHS/PHS/NIH/OD.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
This system of records is an umbrella system comprising separate
sets of records located either in the organizations responsible for
conducting evaluations or at the sites of programs or activities under
evaluation. Locations include Public Health Service (PHS) facilities,
or facilities of contractors of the PHS. Write to the appropriate
System manager below for a list of current locations.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by this system are those who provide
information or opinions that are useful in evaluating programs or
activities of the PHS other persons who have participated in or
benefitted from PHS programs or activities; or other persons included
in evaluation studies for purposes of comparison. Such individuals may
include (1) participants in research studies; (2) applicants for and
recipients of grants, fellowships, traineeships or other awards; (3)
employees, experts and consultants; (4) members of advisory committees;
(5) other researchers, health care professionals, or individuals who
have or are at risk of developing diseases or conditions studied by
PHS; (6) persons who provide feedback about the value or usefulness of
information they receive about PHS programs, activities or research
results; (7) persons who have received Doctorate level degrees from
U.S. institutions; (8) persons who have worked or studied at U.S.
institutions that receive(d) institutional support from PHS.
CATEGORIES OF RECORDS IN THE SYSTEM:
This umbrella system of records covers a varying number of separate
sets of records used in different evaluation studies. The categories of
records in each set depend on the type of program being evaluated and
the specific purpose of the evaluation. In general, the records contain
two types of information: (1) Information identifying subject
individuals, and (2) information which enables PHS to evaluate its
programs and services.
1. Identifying information usually consists of a name and address,
but it might also include a patient identification number, grant
number, social security number, or other identifying number as
appropriate to the particular group included in an evaluation study.
2. Information used for evaluation varies according to the program
evaluated. Categories of evaluative information include personal data
and medical data on participants in clinical and research programs;
personal data, publications, professional achievements and career
history of researchers; and opinions and other information received
directly from individuals in evaluation surveys and studies of PHS
programs.
The system does not include any master list, index or other central
means of identifying all individuals whose records are included in the
various sets of records covered by the system.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Authority for this system comes from the authorities regarding the
establishment of the National Institutes of Health, its general
authority to conduct and fund research and to provide training
assistance, and its general authority to maintain records in connection
with these and its other functions (42 U.S.C. 203, 241, 289l-1 and 44
U.S.C. 3101), and Section 301 and 493 of the Public Health Service Act.
[[Page 60766]]
PURPOSE(S):
This system supports evaluation of the policies, programs,
organization, methods, materials, activities or services used by PHS in
fulfilling its legislated mandate for (1) conduct and support of
biomedical research into the causes, prevention and cure of diseases;
(2) support for training of research investigators; (3) communication
of biomedical information.
This system is not used to make any determination affecting the
rights, benefits or privileges of any individual.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to HHS contractors and collaborating
researchers, organizations, and State and local officials for the
purpose of conducting evaluation studies or collecting, aggregating,
processing or analyzing records used in evaluation studies. The
recipients are required to protect the confidentiality of such records.
2. Disclosure may be made to organizations deemed qualified by the
Secretary to carry out quality assessments, medical audits or
utilization review.
3. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
4. The Department may disclose information from this system of
records to the Department of Justice, to court or other tribunal, or to
another party before such tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS or any of its components, is a party to
litigation or has an interest in such litigation, and HHS determines
that the use of such records by the Department of Justice, the
tribunal, or the other party is relevant and necessary to the
litigation and would help in the effective representation of the
governmental party, provided, however, that in each case, HHS
determines that such disclosure is compatible with the purpose for
which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Data may be stored in file folders, bound notebooks, or computer-
accessible media (e.g., magnetic tapes, disks, cartridges, CD-ROMs,
etc.).
RETRIEVABILITY:
Information is retrieved by name and/or participant identification
number within each evaluation study. There is no central collection of
records in this system, and no central means of identifying individuals
whose records are included in the separate sets of records that are
maintained for particular evaluation studies.
SAFEGUARDS:
A variety of safeguards are implemented for the various sets of
records in this system according to the sensitivity of the data each
set contains. Information already in the public domain, such as titles
and dates of publications, is not restricted. However, sensitive
information, such as personal or medical history or individually
identified opinions, is protected according to its level of
sensitivity. Records derived from other systems of records will be
safeguarded at a level at least as stringent as that required in the
original systems. Minimal safeguards for the protection of information
which is not available to the general public include the following:
1. Authorized Users: Regular access to information in a given set
of records is limited to PHS or to contractor employees who are
conducting, reviewing or contributing to a specific evaluation study.
Other access is granted only on a case-by-case basis, consistent with
the restrictions required by the Privacy Act (e.g., when disclosure is
required by the Freedom of Information Act), as authorized by the
system manager or designated responsible official.
2. Physical Safeguards: Records are stored in closed or locked
containers, in areas which are not accessible to unauthorized users,
and in facilities which are locked when not in use. Records collected
in each evaluation project are maintained separately from those of
other projects. Sensitive records are not left exposed to unauthorized
persons at any time. Sensitive data in machine-readable form may be
encrypted.
3. Procedural Safeguards: Access to records is controlled by
responsible employees and is granted only to authorized individuals
whose identities are properly verified. Data stored in mainframe
computers is accessed only through the use of keywords known only to
authorized personnel. When personal computers are used, magnetic media
(e.g. diskettes, CD-ROMs, etc.) are protected as under Physical
Safeguards. When data is stored within a personal computer (i.e., on a
``hard disk''), the machine itself is treated as though it were a
record, or records, under Physical Safeguards. Contracts for operation
of this system of records require protection of the records in
accordance with these safeguards; PHS project and contracting officers
monitor contractor compliance.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1100-C-2. Refer to the NIH Manual Chapter for
specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
See Appendix I.
Policy coordination for this system is provided by: Acting
Director, Office of Reports and Analysis, Office of Extramural
Research, Office of the Director (OD), Building 1, Room 252, 1 Center
Drive, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the official of the
organization responsible for the evaluation, as listed in Appendix II.
If you are not certain which component of PHS was responsible for the
evaluation study, or if you believe there are records about you in
several components of PHS, write to: NIH Privacy Act Officer, 6011
Executive Boulevard, Room 601, Bethesda, MD 20892-7669.
Requesters must provide the following information:
1. Full name, and name(s) used while studying or employed;
2. Name and location of the evaluation study or other PHS program
in which the requester participated or the institution at which the
requester was a student or employee, if applicable;
3. Approximate dates of participation, matriculation or employment,
if applicable.
[[Page 60767]]
The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
An individual who requests notification of or access to a medical
record shall, at the time the request is made, designate in writing, a
responsible representative, who may be a physician, other health
professional, or other responsible individual, who will be willing to
review the record and inform the subject individual of its contents at
the representative's discretion.
A parent or guardian who requests notification of, or access to, a
child's or incompetent person's medical record shall designate a family
physician or other health professional (other than a family member) to
whom the record, if any, will be sent. The parent or guardian must
verify relationship to the child or incompetent person as well as his
or her own identity.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely or irrelevant. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Information contained in these records is obtained directly from
individual participants; from systems of records 09-25-0036,
``Extramural Awards and Chartered Advisory Committees: IMPAC (Grants/
Contract Information/Cooperative Agreement Information/Chartered
Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO;'' 09-25-
0112, ``Grants and Cooperative Agreements: Research, Research Training,
Fellowship and Construction Applications and Related Awards, HHS/NIH/
OD;'' NSF-6, ``Doctorate Record File,'' NSF-43, ``Doctorate Work
History File'' (previously entitled NSF-43, ``Roster and Survey of
Doctorate Holders in The United States'' and other records maintained
by the operating programs of NIH; the National Academy of Sciences,
professional associations such as the AAMC and ADA, and other
contractors; grantees or collaborating researchers; or publicly
available sources such as bibliographies.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
Appendix I: System Managers
Office of Reports and Analysis, Office of Extramural Research,
Office of the Director (OD), Rockledge II, Room 6212, 6701 Rockledge
Drive, Bethesda, MD 20892.
Director, Office of Human Resource Management, Office of the
Director (OD), Building 1, Room B160, 1 Center Drive, Bethesda, MD
20892.
Program Analyst, Office of Science and Technology, PSR, National
Heart, Lung and Blood Institute (NHLBI), Building 31, Room 5A03, 31
Center Drive, Bethesda, MD 20892-2482.
Associate Director for Health Information Programs Development,
National Library of Medicine (NLM), Building 38, Room 2S20, 8600
Rockville Pike, Bethesda, MD 20894.
Associate Director for Science Policy and Legislation, National
Eye Institute (NEI), Building 31, Room 6A25, 31 Center Drive,
Bethesda, MD 20892-2510.
Public Health Educator, Office of Cancer Communications,
National Cancer Institute (NCI), Building 31, Room 10A03, 31 Center
Drive, Bethesda, MD 20892.
Chief, Office of Planning, Analysis, National Institute on Aging
(NIA), Building 31, Room 5C05, 31 Center Drive, Bethesda, MD 20892.
Associate Director for Science Policy, Analysis, and
Communication, National Institute of Child Health and Human
Development (NICHD), Building 31, Room 2A18, 31 Center Drive,
Bethesda, MD 20892.
Chief, Science Policy and Planning Branch, National Institute on
Deafness and Other Communication Disorders (NIDCD), Building 31,
Room 3C27, 31 Center Drive, Bethesda, MD 20892-2320.
Evaluation Officer, Office of Science Policy and Analysis,
National Institute of Dental and Craniofacial Research (NIDCR),
Building 31, Room 5B55, 31 Center Drive, Bethesda, MD 20892-2190.
Program Analyst, Office of Program Planning and Evaluation,
National Institute of Environmental Health Sciences (NIEHS), PO Box
12233, Research Triangle Park, NC 27709.
Chief, Office of Program Analysis and Evaluation, National
Institute of General Medical Sciences (NIGMS), Natcher Building,
Room 2AS55F, 45 Center Drive, Bethesda, MD 20892.
Director, Division of Advanced Studies and Policy Analyses,
Fogarty International Center (FIC), Building 16, Room 202, 16 Center
Drive, Bethesda, MD 20892-6705.
Information Officer, Center for Scientific Review (CSR),
Rockledge II, Room 6160, 6701 Rockledge Drive, Bethesda, MD 20892.
Director, Office of Science Policy and Public Liaison, National
Center for Research Resources (NCRR), Rockledge II, Room 5046, 6701
Rockledge Drive, Bethesda, MD 20892.
Chief, Office of Planning, Analysis and Evaluation, National
Institute of Nursing Research (NINR), Building 31, Room 5B09, 31
Center Drive, Bethesda, MD 20892.
Policy Analyst, Division of Policy and Education, Office of
Research Integrity, U.S. Public Health Service, 5515 Security Lane,
Suite 700, Rockwall II Building, Rockville, MD 20852.
Contract Officer, National Institute of Mental Health (NIMH),
6001 Executive Boulevard, Room 6107, Bethesda, MD 20892.
Program Evaluation Team, Office of Scientific Affairs, National
Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building,
Room 409, 6000 Executive Boulevard, Bethesda, MD 20892-7003.
Evaluation Officer, Office of Science Policy and Operations,
National Center for Complementary and Alternative Medicine (NCCAM),
Democracy Plaza II, Room 401, 6707 Democracy Boulevard, Bethesda, MD
20892-5475.
Privacy Act Coordinator, National Institute of Biomedical
Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31
Center Drive, Bethesda, MD 20892-2077.
Privacy Act Coordinator, National Center on Minority Health and
Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707
Democracy Boulevard, Bethesda, MD 20892-5465.
Appendix II: Notification and Access Officials
Acting Director, Office of Reports and Analysis, Office of
Extramural Research, Office of the Director (OD), Building 1, Room
252, 1 Center Drive, Bethesda, MD 20892.
Director, Office of Human Resources Management, Office of the
Director (OD), Building 1, Room B160, 1 Center Drive, Bethesda, MD
20892.
Privacy Act Coordinator, National Heart, Lung, and Blood
Institute (NHLBI), Building 31, Room 5A33, 31 Center Drive,
Bethesda, MD 20892.
Assistant Director for Planning and Evaluation, National Library
of Medicine (NLM), Building 38, Room 2S18, 8600 Rockville Pike,
Bethesda, MD 20894.
Program Evaluation Team, Office of Scientific Affairs, National
Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building,
Room 409, 6000 Executive Boulevard, Bethesda, MD 20892-7003.
Contract Officer, National Institute of Mental Health (NIMH),
6001 Executive Boulevard, Room 6107, Bethesda, MD 20892.
Executive Officer, National Eye Institute (NEI), Building 31,
Room 6A03, 31 Center Drive, Bethesda, MD 20892-2510.
Director, Division of Advanced Studies and Policy Analysis,
Fogarty International Center (FIC), Building 16, Room 202, 16 Center
Drive, Bethesda, MD 20892-6705.
[[Page 60768]]
Information Officer, Center for Scientific Review (CSR),
Rockledge II, Room 6160, 6701 Rockledge Drive, Bethesda, MD 20892.
Director, Office of Science Policy and Public Liaison, National
Center for Research Resources (NCRR), Rockledge II, Room 5046, 6701
Rockledge Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Cancer Institute (NCI),
Building 31, Room 10A30, 31 Center Drive, Bethesda, MD 20892.
09-25-0158
SYSTEM NAME:
Administration: Records of Applicants and Awardees of the NIH
Intramural Research Training Awards Program, HHS/NIH/OD/OIR/OE.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
This system is located in each of the intramural offices and
laboratories where the Intramural Research Training Awards (IRTA)
Fellow is located and assigned, including the respective Scientific
Director's office, the administrative and personnel offices, and in
Personnel branches responsible for administering the IRTA Program, and
the Office of Education, Office of Intramural Research, Office of the
Director, Building 2, Room 2E04, 2 Center Drive, Bethesda, MD 20892.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Applicants for IRTA Fellowships, current IRTA Fellows, and former
IRTA Fellows.
CATEGORIES OF RECORDS IN THE SYSTEM:
These records contain information relating to education and
training, employment history, scientific publications; research goals;
letters of reference; and personal information such as name, date of
birth, social security number, home address and citizenship; and
information related to fellowship awards such as stipend levels,
training assignments, training expenses and travel allowances.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 284(b)(1)(C), 286b-3, and 287c-1 authorizes PHS to make
awards for biomedical research and research training.
PURPOSE(S):
Records in this system are used to determine individuals'
eligibility and evaluate their qualifications for IRTA Fellowships; to
document the basis for management actions relating to Fellowships that
are awarded; and to provide data for program evaluation.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to the Office of Human Resource
Management for evaluation of NIH Personnel programs.
2. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the written request of that individual.
3. Disclosure may be made to the Department of Justice or to a
court or other tribunal from this system of records, when (a) HHS, or
any component thereof; or (b) any HHS employee in his or her official
capacity; or (c) any HHS employee in his or her individual capacity
where the Department of Justice (or HHS, where it is authorized to do
so) has agreed to represent the employee; or (d) the United States or
any agency thereof where HHS determines that the litigation is likely
to affect HHS or any of its components, is a party to litigation or has
an interest in such litigation, and HHS determines that the use of such
records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
4. Disclosure may be made to a Federal, State or local agency
maintaining civil, criminal or other pertinent records, such as current
licenses, if necessary to obtain a record relevant to an agency
decision concerning the selection or retention of a fellow.
5. Disclosure may be made to a Federal agency, in response to its
request, in connection with hiring or retention of an employee, the
issuance of a security clearance, an investigation of an employee, the
letting of a contract, or the issuance of a license, grant, or other
benefit by the requesting agency, to the extent that the record is
relevant and necessary to the requesting agency's decision on the
matter.
Records may be disclosed to student volunteers, individuals working
under a personal services contract, and other individuals performing
functions for PHS who do not technically have the status of agency
employees, if they need the records in the performance of their agency
functions.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored in file folders, and on magnetic tapes and disks
and computer programs.
RETRIEVABILITY:
Records are retrieved by name, social security number, or institute
list number.
SAFEGUARDS:
1. Authorized Users: Access is granted only to NIH scientists,
administrative office staff, personnel staff and financial management
staff directly involved in the administration of the IRTA Program.
2. Physical Safeguards: File folders are kept in locked drawers or
locked rooms when system personnel are not present.
3. Procedural Safeguards: Access to file folders is controlled by
system personnel. Records may be removed from the files only with the
approval of the system manager or other authorized employees. Data
stored in the automated system is accessed through the use of keywords
known only to authorized personnel.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1 -``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 4000-E-3. Refer to the NIH Manual Chapter for
specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Personnel/Principal or Senior Administrative Officers of the
National
Institutes of Health Institutes/Centers. Contact the individual
listed under notification procedure for the name and address of the
appropriate System Manager.
NOTIFICATION PROCEDURE:
To determine if a record exists and where it is located, contact:
Chief, Staffing Management Branch, Office of Human Resource Management,
Building 31, Room 1C31, 31 Center Drive, Bethesda, MD 20892.
The requestor must also verify his or her identity by providing
either a
[[Page 60769]]
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Write to the official specified under the Notification Procedures
above, and reasonably identify the record and specify the information
being contested, the corrective action sought, and your reasons for
requesting the correction, along with supporting information to show
how the record is untimely, incomplete, irrelevant or inaccurate. The
right to contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Applicants, persons and institutions supplying references.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0160
SYSTEM NAME:
United States Renal Data System (USRDS), HHS/NIH/NIDDK.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Records are located at contractor operated coordinating center.
Write to the System manager at address below for address of current
location. U.S. Renal Data System, Coordinating Center (CC), 914 South
8th Street, Suite D-206, Minneapolis, MN 55404.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Persons with end-stage renal disease (ESRD), providers of ESRD
services.
CATEGORIES OF RECORDS IN THE SYSTEM:
Health and medical record data; fiscal information; patient names,
social security number, Centers for Medicare and Medical Services (CMS)
beneficiary ID, patient demographic, epidemiologic and survival
characteristics; physician provider characteristics; facility provider
characteristics.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241a, 289c, as last amended by Pub. L. 100-607, November
4, 1988 under the Health Omnibus Programs Extension of 1988.
PURPOSE(S):
1. To design and implement a consolidated renal disease system that
will provide the biostatistical, data management and analytical
expertise necessary to characterize the total renal patient population
and describe the distribution of patients by sociodemographic variables
across treatment modalities.
2. To report on the incidence, prevalence, and mortality rates of
renal disease by primary diagnosis.
3. To identify the modalities of treatment best suited to
individual patients. To compare the various treatment alternatives to
examine the prevention and progression of renal disease by morbidity,
mortality, and quality of life criteria.
4. To identify problems and opportunities for more focused
investigations of renal research issues currently unaddressed by the
consolidated data system.
5. To share data with other PHS agencies and CMS for their use in
research analysis and program administration.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure from the record of an individual may be made to the
Department of Justice, or to a court or other tribunal, when (a) HHS,
or any component thereof; or (b) any HHS employee in his or her
official capacity; or (c) any HHS employee in his or her official
capacity where the Department of Justice (or HHS, where it is
authorized to do so) has agreed to represent the employee; or (d) the
United States or any agency thereof where HHS determines that the
litigation is likely to affect HHS or any of its components, is a party
to litigation or has an interest in such litigation, and HHS determines
that the use of such records by the Department of Justice, the court or
other tribunal is relevant and necessary to the litigation and would
help in the effective representation of the governmental party,
provided, however, that in each case, HHS determines that such
disclosure is compatible with the purpose for which the records were
collected.
2. Disclosure may be made to a Congressional office from the record
of an individual in response to a written inquiry from the
Congressional office made at the written request of the individual.
3. Disclosure may be made to the HHS contractor for the purpose of
collating, analyzing, aggregating or otherwise refining or processing
records in this system for developing, modifying and/or manipulating
ADP software. Data would also be disclosed to contractors incidental to
consultation, programming, operation, user assistance, or maintenance
for an ADP or telecommunications systems containing or supporting
records in the system. The contractor shall be required to maintain
Privacy Act safeguards with respect to such records.
4. A record may be disclosed for a research purpose, when the
Department: (A) Has determined that the use or disclosure does not
violate legal or policy limitations under which the record was
provided, collected, or obtained; (B) Has determined that the research
purpose (1) cannot be reasonably accomplished unless the record is
provided in individually identifiable form, and (2) warrants the risk
to the privacy of the individual that additional exposure of the record
might bring; (C) Has required the recipient to (1) establish reasonable
administrative, technical, and physical safeguards to prevent
unauthorized use or disclosure of the record, (2) remove or destroy the
information that identifies the individual at the earliest time at
which removal or destruction can be accomplished consistent with the
purpose of the research project, unless the recipient has presented
adequate justification of a research or health nature for retaining
such information, and (3) make no further use or disclosure of the
record except (a) in emergency circumstances affecting the health or
safety of any individual, (b) for use in another research project,
under these same conditions, and with written authorization of the
Department, (c) for disclosure to a properly identified person for the
purpose of an audit related to the research project, if information
that would enable research subjects to be identified is removed or
destroyed at the earliest opportunity consistent with the purpose of
the audit, or (d) when required by law; (D) Has secured a written
statement attesting to the recipients understanding of, and willingness
to abide by these provisions.
Records may be disclosed to student volunteers, individuals working
under a personal services contract, and other individuals performing
functions for PHS who do not technically have the status of agency
employees, if they need the records in the performance of their agency
functions.
[[Page 60770]]
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Electronic medium; selected hard copy backup.
RETRIEVABILITY:
Information will be retrieved by patient identification number such
as social security number and CMS beneficiary ID. Individual patient
data provided only as noted above. Statistical data provided as noted
above and to the general public as part of periodic published reports.
SAFEGUARDS:
A variety of safeguards are implemented for the various sets of
records in this system according to the sensitivity of the records:
1. Authorized Users: Regular access is limited to National
Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), CMS
and contract personnel who have a need for the data in performance of
their duties as determined by the system manager.
2. Physical Safeguards: Records are stored in areas where access is
restricted to areas where data are maintained and processed; data tapes
and hard copy data are stored in locked files in secured areas;
terminal access controlled by user ID and keywords; off-site data
backups in two locations--a remote area of the same building and a
separate building; and fire protection secured by Halon fire
extinguisher system and fire alarm system present in the computer room.
3. Procedural Safeguards: Contractors who maintain records in this
system are instructed to make no further disclosure of the records
except as authorized by the system manager and permitted by the Privacy
Act.
Privacy Act requirements are specifically included in contracts and
in agreements with grantees or collaborators participating in research
activities supported by this system. HHS project directors, contract
officers, and project officers oversee compliance with these
requirements.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 3000-G-3(b), which allows records to be kept as
long as they are useful in scientific research. Refer to the NIH Manual
Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Epidemiology Program Director, National Institute of Diabetes and
Digestive and Kidney Diseases (NIDDK), Division of Kidney, Urologic and
Hematologic Diseases, Rockledge II, Room 615, 6701 Democracy Boulevard,
Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
address noted above. Provide notarized signature as proof of identity.
The request should include as much of the following information as
possible: (a) Full name; (b) title of project individual participated
in; and (c) approximate dates of participation.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
listings of accountable disclosures that have been made of their
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager at the address specified under
notification procedures above and reasonably identify the record,
specify the information being contested, and state the corrective
action sought, with supporting information to show how the record is
inaccurate, incomplete, untimely, or irrelevant. The right to contest
records is limited to information which is incomplete, irrelevant,
incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
The majority of health, medical, fiscal and other demographic
information on patients and health care providers is from the end stage
renal disease program of the Centers for Medicare and Medicaid Services
(CMS). Additional data comes from other CMS Medicare patient records,
the National Death Index, and other sources of non-Medicare ESRD
patient records such as the NIH Continuous Ambulatory Peritoneal
Dialysis (CAPD) Registry, the United Network of Organ Sharing (UNOS)
transplant patients, the Veteran's Administration, and the Indian
Health Service.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0166
SYSTEM NAME:
Administration: Radiation and Occupational Safety and Health
Management Information Systems, HHS/NIH/ORS.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Radiation Safety Branch, Division of Safety, Office of Research
Services (ORS), Building 21, Room 134, 21 Wilson Drive, Bethesda, MD
20892.
Occupational Safety and Health Branch, Division of Safety, Office
of Research Services (ORS), Building 13, Room 3K04, 13 South Drive,
Bethesda, Maryland 20892.
Write to appropriate System Manager at the address below for the
address of contractor locations, including the address of any Federal
Records Center where records from this system may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Radiation Safety Branch (RSB): NIH employees using radioactive
materials or radiation producing machinery, contractor employees who
provide service to the Radiation Safety Branch and any other
individuals who could potentially be exposed to radiation or
radioactivity as a result of NIH operations and who, therefore, must be
monitored in accordance with applicable regulations.
Occupational Safety and Health Branch (OSHB): Individuals
(including NIH employees and NIH service contract employees) who use or
come into contact with potentially hazardous biological or chemical
materials, and participants of occupational safety and health
monitoring/surveillance programs.
CATEGORIES OF RECORDS IN THE SYSTEM:
Employee name, title, organizational affiliation, birth date,
social security number (optional), work address, work telephone number,
name of supervisor, and other necessary employment information;
radiation/occupational safety and health training information; medical
and technical information pertaining to safety and health related
initiatives; research protocols and other related documents used to
monitor and track radiation exposure and exposure to potentially
hazardous biological or chemical materials; radiation materials usage
data; and incident data.
[[Page 60771]]
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
42 U.S.C. 241, regarding the general powers and duties of the
Public Health Service relating to research and investigation; 5 U.S.C.
7902 regarding agency safety programs; and 42 U.S.C. 2201, regarding
general duties of the Nuclear Regulatory Commission including the
setting of standards to cover the possession and use of nuclear
materials in order to protect health.
PURPOSE(S):
1. To provide adequate administrative controls to assure compliance
with internal NIH policies, and applicable regulations of the
Occupational Safety and Health Administration (OSHA), Department of
Labor, and other Federal and/or State agencies which may establish
health and safety requirements or standards. Ensure legal compliance
with requirements of Nuclear Regulatory Commission to maintain internal
and external radiation exposure data.
2. To identify, evaluate and monitor use or contact (including
incident follow-up) with: radiation (exposure maintained at lowest
levels reasonable); biological and/or chemical (potentially hazardous
materials). To monitor, track, and assess the use of personal
protective equipment in the work place to ensure availability,
effectiveness, and proper maintenance. To address emergent safety and
health issues or concerns.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual
2. Disclosure may be made to the Department of Justice or to a
court or other tribunal from this system of records, when (a) HHS, or
any component thereof; or (b) any HHS employee in his or her official
capacity; or (c) any HHS employee in his or her individual capacity
where the Department of Justice (or HHS, where it is authorized to do
so) has agreed to represent the employee; or (d) the United States of
any agency thereof where HHS determines that the litigation is likely
to affect HHS or any of its components, is a party to litigation or has
an interest in such litigation, and HHS determines that the use of such
records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
3. Disclosure may be made to contractors for the purpose of
processing or refining the records. Contracted services may include
monitoring, testing, sampling, surveying, evaluating, transcription,
collation, computer input, and other records processing. The contractor
shall be required to maintain Privacy Act safeguards with respect to
such records.
4. Disclosure may be made to: (a) Officials of the United States
Nuclear Regulatory Commission which, by Federal regulation, licenses,
inspects and enforces the regulations governing the use of radioactive
materials; and (b) OSHA, which provides oversight to ensure that safe
and healthful work conditions are maintained for employees. Disclosure
will also be permitted to other Federal and/or State agencies which may
establish health and safety requirements or standards.
5. Radiation exposure and/or training and experience history may be
transferred to new employer.
6. A record may be disclosed for a research purpose, when the
Department: (A) Has determined that the use or disclosure does not
violate legal or policy limitations under which the record was
provided, collected, or obtained; (B) has determined that the research
purpose (1) cannot be reasonably accomplished unless the record is
provided in individually identifiable form, and (2) warrants the risk
to the privacy of the individual that additional exposure of the record
might bring; (C) has required the recipient to (1) establish reasonable
administrative, technical, and physical safeguards to prevent
unauthorized use or disclosure of the record, (2) remove or destroy the
information that identifies the individual at the earliest time at
which removal or destruction can be accomplished consistent with the
purpose of the research project, unless the recipient has presented
adequate justification of a research or health nature for retaining
such information, and (3) make no further use or disclosure of the
record except (a) in emergency circumstances affecting the health or
safety of any individual, (b) for use in another research project,
under these same conditions, and with written authorization of the
Department, (c) for disclosure to a properly identified person for the
purpose of an audit related to the research project, if information
that would enable research subjects to be identified is removed or
destroyed at the earliest opportunity consistent with the purpose of
the audit, or (d) when required by law; (D) has secured a written
statement attesting to the recipient's understanding of, and
willingness to abide by these provisions.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are maintained in file cabinets or in computer databases
maintained by the RSB and OSHB. Records may be stored in file folders,
binders, magnetic tapes, magnetic disks, optical disks and/or other
types of data storage devices.
RETRIEVABILITY:
Records are retrieved by name, social security number, office
address, or unique RSB or OSHB assigned identification number.
SAFEGUARDS:
1. Authorized Users: Employees who maintain this system are
instructed to grant regular access only to RSB/OSHB staff, authorized
contractor personnel, U.S. Nuclear Regulatory Commission Inspectors,
Radiation Safety Committee Members, Biosafety Committee members, and
other appropriate NIH administrative and management personnel with a
need to know. Access to information is thus limited to those with a
need to know.
2. Physical Safeguards: Rooms where records are stored are locked
when not in use. During regular business hours, rooms are unlocked but
are controlled by on-site personnel. Individually identifiable records
are kept in locked file cabinets or rooms under the direct control of
the Project Director.
3. Procedural Safeguards: Names and other identifying particulars
are deleted when data from original records are encoded for analysis.
Data stored in computers is accessed through the use of keywords known
only to authorized users. All users of personal information in
connection with the performance of their jobs (see Authorized Users,
above) will protect information from public view and from unauthorized
personnel entering an unsupervised office. The computer terminals are
in secured areas and keywords needed to access data files will be
changed frequently.
4. Additional RSB Technical Safeguards: Computerized records are
accessible only through a series of code or keyword commands available
from and under direct control of the Project Director or his/her
delegated representatives. The computer records are secured by a
multiple level security system which is capable of controlling access
to the individual data field level.
[[Page 60772]]
Persons having access to the computer database can be restricted to a
confined application which only permits a narrow ``view'' of the data.
Data on computer files is accessed by keyword known only to authorized
users who are NIH or contractor employees involved in work for the
program.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361): item 1300-B which applies to Division of Safety
records. Refer to the NIH Manual Chapter for specific disposition
instructions. Radiation exposure records are retained under item 1300-
B-10, which does not allow disposal at this time.
SYSTEM MANAGER(S) AND ADDRESS:
Assistant Chief, Information Technology, Radiation Safety Branch,
Division of Safety, Office of Research Services (ORS), National
Institutes of Health, Building 21, Room 134, 21 Wilson Drive, Bethesda,
Maryland 20892.
Chief, Occupational Safety and Health Branch, Division of Safety,
Office of Research Services (ORS), Building 13, Room 3K04, 13 South
Drive, Bethesda, Maryland 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the appropriate System
Manager as listed above. The requester must also verify his or her
identity by providing either a notarization of the request or a written
certification that the requester is whom he or she claims to be. The
request should include: (a) Full name, and (b) appropriate dates of
participation.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
an accounting of disclosure of their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the appropriate System Manager specified above and
reasonably identify the record, specify the information to be
contested, and state the corrective action sought with supporting
documentation. The right to contest records is limited to information
which is incomplete, irrelevant, incorrect, or untimely (obsolete).
RECORD SOURCE CATEGORIES:
Information is obtained from the subject individual, previous
employers and educational institutions, contractors, safety and health
monitoring/surveillance records, employee interviews, site visits, or
other relevant NIH organizational components.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0167
SYSTEM NAME:
National Institutes of Health (NIH) TRANSHARE Program, HHS/NIH/OD.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Employee Transportation Services Office, National Institutes of
Health, Building 31, Room B3B08, 31 Center Drive, Bethesda, MD 20892.
Recreation and Welfare Association Activities Desk, National
Institutes of Health, Building 31, Room B1W30A, 31 Center Drive,
Bethesda, MD 20892.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
NIH employees who apply for and participate in the NIH TRANSHARE
Program.
CATEGORIES OF RECORDS IN THE SYSTEM:
Name, home address, parking hanger permit number, unique computer
identification number, NIH TRANSHARE commuter card number, NIH pay
plan, grade level, office phone number, building and room, Institute/
Center designation, name of supervisor, commute mode to work, and type
of fare media used.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Section 629 of Pub. L. 101-509, ``State or Local Government
Programs Encouraging Employee Use of Public Transportation; Federal
Agency Participation,'' found at 5 U.S.C. note prec. section 7901.
PURPOSE(S):
1. To manage the NIH TRANSHARE Program, including receipt and
processing of employee applications, and coordination of the fare media
distribution to employees.
2. To monitor the use of appropriated funds used to support the NIH
TRANSHARE Program.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING
CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation, and HHS
determines that the use of such records by the Department of Justice,
court or other tribunal is relevant and necessary to the litigation and
would help in the effective representation of the governmental party,
provided, however, that in each case HHS determines that such
disclosure is compatible with the purpose for which the records were
collected.
3. NIH may disclose applicant's name, unique computer
identification number, NIH TRANSHARE commuter card number, and type of
participant's fare media to be disbursed to cashiers of the Recreation
and Welfare Association of the National Institutes of Health, Inc. (R&W
Association) who are responsible for distribution of fare media.
Cashiers are required to maintain Privacy Act safeguards with respect
to such records.
4. Disclosure may be made to organizations deemed qualified by the
Secretary to carry out quality assessments or utilization review.
5. NIH may disclose statistical reports containing information from
this system of records to city, county, State, and Federal Government
agencies (including the General Accounting Office).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are maintained in file folders and computer disks.
[[Page 60773]]
RETRIEVABILITY:
Records are retrieved by name and NIH TRANSHARE commuter card
number.
SAFEGUARDS:
1. Authorized Users: Data on computer files is accessed by keyword
known only to authorized users who are ETSO employees and cashiers of
the R&W Association who are responsible for implementing the Program.
Cashier access will be limited to applicant's name, unique computer
identification number, NIH TRANSHARE computer card number, and type of
fare media disbursed. Access to information is thus limited to those
with a need to know.
2. Physical Safeguards: Rooms where records are stored are locked
when not in use. During regular business hours, rooms are unlocked but
are controlled by on-site personnel.
3. Procedural and Technical Safeguards: A password is required to
access the terminal, and a data set name controls the release of data
to only authorized users. All users of personal information in
connection with the performance of their jobs (see Authorized Users,
above) protect information from public view and from unauthorized
personnel entering an unsupervised office.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1500-A-3. Records are retained for a maximum of
two years following the last month of an employee's participation in
the NIH TRANSHARE Program. Paper copies are destroyed by shredding.
Computer files are destroyed by deleting the record from the file.
SYSTEM MANAGER(S) AND ADDRESS
Traffic Management Specialist, Employee Transportation Service
Officer, Division of Security Operations, Office of Research Services
(ORS), Building 31, Room B3B08, 31 Center Drive, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager listed
above. The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be. The request should
include: (a) full name, and (b) appropriate dates of participation. The
requester must also understand that the knowing and willful request for
acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand dollar fine.
RECORD ACCESS PROCEDURE:
Write to the System Manager specified above to attain access to
records and provide the same information as is required under the
Notification Procedures. Requesters should also reasonably specify the
record contents being sought. Individuals may also request an
accounting of disclosure of their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager specified above and reasonably identify
the record, specify the information to be contested, the corrective
action sought, and your reasons for requesting the correction, along
with supporting information to show how the record is inaccurate,
incomplete, untimely or irrelevant. The right to contest records is
limited to information which is incomplete, irrelevant, incorrect, or
untimely (obsolete).
RECORD SOURCE CATEGORIES:
Subject individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0168
SYSTEM NAME:
Invention, Patent, and Licensing Documents Submitted to the Public
Health Service by its Employees, Grantees, Fellowship Recipients, and
Contractors, HHS/NIH/OD.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Office of Technology Transfer, Office of Intramural Research,
Office of the Director (OD), 6011 Executive Boulevard, Room 325,
Bethesda, MD 20892.
Office of Financial Management, Office of the Director (OD),
Building 31, Room B1B55, 31 Center Drive, Bethesda, Maryland 20892.
Office of Reports and Analysis, Office of Extramural Research,
Office of the Director (OD), Building 1, Room 252, 1 Center Drive,
Bethesda, MD 20892-2184.
Public Health Service (PHS) Technology Development Coordinators and
PHS Contract Attorneys retain files supplemental to the records
maintained by the Office of Technology Transfer.
Extramural Inventions and Technology Resources Branch, Office of
Policy for Extramural Research Administration, Office of Extramural
Research, Office of the Director (OD), Rockledge I, Room 1040, 6705
Rockledge Drive, Bethesda, MD 20892-7980.
Write to the System Manager at the address below for office
locations.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
PHS employees, grantees, fellowship recipients and contractors who
have reported inventions, applied for patents, have been granted
patents, and/or are receiving royalties from patents.
CATEGORIES OF RECORDS IN THE SYSTEM:
Inventor name, address, social security number (required if
inventor is receiving royalties, otherwise optional), title and
description of the invention, Employee Invention Report (EIR) number,
Case/Serial Number, prior art related to the invention, evaluation of
the commercial potential of the invention, prospective licensees'
intended development of the invention, associated patent prosecution
and licensing documents and royalty payment information.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
35 U.S.C. 200 and 15 U.S.C. 3710 provide authority to maintain the
records; 37 CFR Part 401 ``Rights to Inventions Made by Nonprofit
Organizations and Small Business Firms under Government Grants,
Contracts, and Cooperative Agreements;'' 37 CFR Part 404 ``Licensing of
Government Owned Inventions;'' and 45 CFR Part 7 ``Employee
Inventions.''
PURPOSE(S):
Records in this system are used to: (1) Obtain patent protection of
inventions submitted by PHS employees; (2) monitor the development of
inventions made by grantees, fellowship recipients and contractors and
protect the government rights to patents made with NIH support; (3)
grant licenses to patents obtained through the invention reports; and
(4) provide royalty payments to PHS inventors, non-government
contractors, and non-profit and educational institutions.
[[Page 60774]]
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. Disclosure may be made to the Department of Justice or to a
court or other tribunal from this system of records, when (a) HHS, or
any component thereof; or (b) any HHS employee in his or her official
capacity; or (c) any HHS employee in his or her individual capacity
where the Department of Justice (or HHS, where it is authorized to do
so) has agreed to represent the employee; or (d) the United States or
any agency thereof where HHS determines that the litigation is likely
to affect HHS or any of its components, is a party to litigation or has
an interest in such litigation, and HHS determines that the use of such
records by the Department of Justice, court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case HHS determines that such disclosure is compatible
with the purpose for which the records were collected. Disclosure may
also be made to the Department of Justice to obtain legal advice
concerning issues raised by the records in this system.
3. In the event that a system of records maintained by this agency
to carry out its functions indicates a violation or potential violation
of law, whether civil, criminal, or regulatory in nature, and whether
arising by general statute or particular program statute, or by
regulation, rule or order issued pursuant thereto, the relevant records
in the system of records may be referred to the appropriate agency,
whether Federal, State, or local, charged with enforcing or
implementing the statute or rule, regulation or order issued pursuant
thereto.
4. NIH may disclose records to Department contractors and
subcontractors for the purpose of collecting, compiling, aggregating,
analyzing, or refining records in the system. Contractors maintain, and
are also required to ensure that subcontractors maintain, Privacy Act
safeguards with respect to such records.
5. NIH may disclose information from this system of records for the
purpose of obtaining patent protection for PHS inventions and licenses
for these patents to: (a) Scientific personnel, both in this agency and
other Government agencies, and in non-Governmental organizations such
as universities, who possess the expertise to understand the invention
and evaluate its importance as a scientific advance; (b) contract
patent counsel and their employees and foreign contract personnel
retained by the Department for patent searching and prosecution in both
the United States and foreign patent offices; (c) all other Government
agencies whom PHS contacts regarding the possible use, interest in, or
ownership rights in PHS inventions; (d) prospective licensees or
technology finders who may further make the invention available to the
public through sale or use; (e) parties, such as supervisors of
inventors, whom PHS contacts to determine ownership rights, and those
parties contacting PHS to determine the Government's ownership; and (f)
the United States and foreign patent offices involved in the filing of
PHS patent applications.
6. NIH will report to the Treasury Department, Internal Revenue
Service (IRS), as taxable income, the amount of royalty payment paid to
PHS inventors.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
The records will be stored in file folders, computer tapes and
computer disks.
RETRIEVABILITY:
Records are retrieved by name of the inventor, EIR number, or
keywords relating to the nature of the invention, Case/Serial Number,
Licensing Number, internal reference numbers, contractor, agency,
Institute, and/or Center.
SAFEGUARDS:
1. Authorized Users: Data on computer files is accessed by password
known only to authorized users who are NIH or contractor employees
involved in patenting and licensing of PHS inventions. Access to
information is thus limited to those with a need to know.
2. Physical Safeguards: Records are stored in a dedicated file room
or in locking file cabinets in file folders. During normal business
hours, OTT Records Management on-site contractor personnel regulate
availability of the files. During evening and weekend hours the offices
are locked and the building is closed.
3. Procedural and Technical Safeguards: Data stored in computers
will be accessed through the use of passwords known only to the
authorized users. A password is required to access the database. All
users of personal information in connection with the performance of
their jobs (see Authorized Users, above) protect information, including
confidential business information submitted by potential licensees,
from public view and from unauthorized personnel entering an
unsupervised office.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 1100-L, which allows records to be kept for a
maximum of thirty years. Refer to the NIH Manual Chapter for specific
disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Freedom of Information Act Coordinator, Office of Technology
Transfer, Office of Intramural Research, Office of the Director (OD),
6011 Executive Boulevard, Room 325, Bethesda, MD 20892.
Office of Reports and Analysis, Office of Extramural Research,
Office of the Director (OD), Building 1, Room 252, 1 Center Drive,
Bethesda, Maryland 20892-2184.
Extramural Inventions and Technology Resources Branch, Office of
Policy for Extramural Research Administration, Office of Extramural
Research, Office of the Director (OD), Rockledge I, 6705 Rockledge
Drive, Room 1040, Bethesda, MD 20892-7980.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager listed
above. The requester must also verify his or her identity by providing
either a notarization of the request or a written certification that
the requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine. The request should
include: (a) Full name, and (b) appropriate identifying information on
the nature of the invention.
[[Page 60775]]
RECORD ACCESS PROCEDURE:
Write to the System Manager specified above to attain access to
records and provide the same information as is required under the
Notification Procedures. Requesters should also reasonably specify the
record contents being sought. Individuals may also request an
accounting of disclosure of their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager specified above and reasonably identify
the record, specify the information to be contested, the corrective
action sought, and your reasons for requesting the correction, along
with supporting information to show how the record is inaccurate,
incomplete, untimely or irrelevant. The right to contest records is
limited to information which is incomplete, irrelevant, incorrect, or
untimely (obsolete).
RECORD SOURCE CATEGORIES:
Inventors and other collaborating persons, grantees, fellowship
recipients and contractors; other Federal agencies; scientific experts
from non-Government organizations; contract patent counsel and their
employees and foreign contract personnel; United States and foreign
patent offices; prospective licensees; PHS Technology Development
Coordinators, Internet and commercial databases, and third parties whom
PHS contacts to determine individual invention ownership or Government
ownership.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0169
SYSTEM NAME:
Medical Staff-Credentials Files, HHS/NIH/CC.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Credentialing Services Office, Clinical Center (CC), Building 10,
Room 1N204, 10 Center Drive, Bethesda, MD 20892-1192.
Write to the System Manager at the address below for a list of
Contractor locations, including the address of any Federal Records
Center where records from this system may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals who have been approved as members of the medical staff
at the Warren G. Magnuson Clinical Center.
CATEGORIES OF RECORDS IN THE SYSTEM:
Medical staff names, date of birth, home address and telephone
number, office address and telephone number, citizenship, visa
information, appointment date, hospital-wide computer access
privileges, Institute/Center designation, branch/lab, type of medical
staff membership, privilege delineation, professional degree(s)
including school of attendance and graduation dates, foreign medical
examinations, specialty board certifications, licensing information
(including state of licensure and license number), record of
disciplinary actions, documentation of training, and admitting
privileges.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
The authority for collecting the requested information is contained
in section 301 (42 U.S.C. 241) of the Public Health Service Act, as
amended, outlining the authority of the Secretary to, within the Public
Health Service (PHS), promote the coordination of various research and
associated activities, including for purposes of study, admitting and
treating individuals at PHS facilities. Section 402(b) of the Public
Health Service Act (42 U.S.C. 282(b)), as amended, outlining the
authority of the Director of the National Institutes of Health (NIH)
with respect to the admission and treatment of individuals at NIH
facilities for purposes of study.
PURPOSE(S):
These records are used to: (1) Maintain information used in the
credentialing and privileging of active medical staff members at the
Warren G. Magnuson Clinical Center; (2) document patient care
privileges for active members of the medical staff; (3) provide
information about active and non-active members of the medical staff to
authorized individuals; and (4) report to the National Practitioner
Data Bank as required by the provisions of Title IV of Pub. L. 99-660,
as amended.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual.
2. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation, and HHS
determines that the use of such records by the Department of Justice,
court or other tribunal is relevant and necessary to the litigation and
would help in the effective representation of the governmental party,
provided, however, that in each case HHS determines that such
disclosure is compatible with the purpose for which the records were
collected.
3. In the event that a system of records maintained by this agency
to carry out its functions indicates a violation or potential violation
of law, whether civil, criminal, or regulatory in nature, and whether
arising by general statute or particular program statute, or by
regulation, rule or order issued pursuant thereto, the relevant records
in the system of records may be referred to the appropriate agency,
whether Federal, State, or local, charged with enforcing or
implementing the statute or rule, regulation or order issued pursuant
thereto.
4. NIH may disclose records to Department contractors and
subcontractors for the purpose of collecting, compiling, aggregating,
analyzing, or refining records in the system. Contractors maintain, and
are also required to ensure that subcontractors maintain, Privacy Act
safeguards with respect to such records.
5. NIH may disclose information to representatives of the Joint
Commission on Accreditation of Healthcare Organizations for the purpose
of conducting quality assurance reviews and inspections of the Warren
G. Magnuson Clinical Center credentialing policies and procedures.
6. NIH may disclose information from this system of records to
State medical boards for purposes of professional quality assurance
activities.
7. NIH may disclose information from this system of records to
health care facilities for the purpose of verifying that an individual
to whom they intend to grant medical staff or patient care privileges
has or previously held such privileges at the Warren G. Magnuson
Clinical Center.
[[Page 60776]]
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored on paper forms in file folders and in electronic
databases.
RETRIEVABILITY:
Records are retrieved by name, date of birth, type of medical staff
membership, Institute/Center and licensing status.
SAFEGUARDS:
1. Authorized Users: Data on the computer network system is
accessed by a password known only to authorized users who are NIH
employees and contractor staff responsible for implementing the medical
staff credentials data system. Access to information is thus limited to
those with a need to know.
2. Physical Safeguards: Rooms where records are stored are locked
when not in use. During regular business hours rooms are unlocked but
entry is controlled by on-site personnel.
3. Procedural and Technical Safeguards: Access to files is strictly
controlled by the system manager. Names and other identifying
particulars are deleted when data from original records are encoded for
analysis. Data stored in computers is accessed through a network system
by use of a password known only to authorized users. All authorized
users of personal information in connection with the performance of
their jobs (see Authorized Users, above) protect information from
public view and from unauthorized personnel entering an unsupervised
office.
These practices are in compliance with the standards of Chapter 45-
13 of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1B ``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 2300-293-4, ``Medical Staffs' Credential Files,''
which allows inactive records to be transferred to the Federal Records
Center at five year intervals and to be destroyed after thirty years.
Refer to the NIH Manual Chapter for specific disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Chief, Credentialing Services Office, Clinical Center, Building 10,
Room 1N204, 10 Center Drive, Bethesda, MD 20892-1192.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
above address. The requester must provide tangible proof of identity
(e.g., driver's license). If no identification papers are available,
the requester must verify his or her identity by providing either a
notarization of the request or a written certification that the
requester is who he or she claims to be and understands that the
knowing and willful request for acquisition of a record pertaining to
an individual under false pretenses is a criminal offense under the
Act, subject to a five thousand dollar fine.
RECORD ACCESS PROCEDURE:
Write to the System Manager specified above to attain access to
records and provide the same information as that required under the
Notification Procedures. Requesters should also reasonably specify the
record contents being requested. Individuals may also request an
accounting of disclosure of their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager specified above and reasonably identify
the record, specify the information to be contested, the corrective
action sought, and your reasons for requesting the correction, along
with supporting information to show how the record is inaccurate,
incomplete, untimely or irrelevant. The right to contest records is
limited to information which is incomplete, irrelevant, incorrect, or
untimely (obsolete).
RECORD SOURCE CATEGORIES:
Subject individual.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0200
SYSTEM NAME:
Clinical, Basic and Population-based Research Studies of the
National Institutes of Health (NIH), HHS/NIH/OD.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Records are located at NIH and Contractor research facilities which
collect or provide research data for this system. Contractors may
include, but are not limited to: Research centers, clinics, hospitals,
universities, medical schools, research institutions/foundations,
national associations, commercial organizations, collaborating State
and Federal Government agencies, and coordinating centers. A current
list of sites, including the address of any Federal Records Center
where records from this system may be stored, is available by writing
to the appropriate Coordinator listed under Notification Procedure.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Adults and/or children who are the subjects of clinical, basic, or
population-based research studies of the NIH. Individuals with disease.
Individuals who are representative of the general population or of
special groups including, but not limited to: normal controls, normal
volunteers, family members and relatives; providers of services (e.g.,
health care and social work); health care professionals and educators,
and demographic sub-groups as applicable, such as age, sex, ethnicity,
race, occupation, geographic location; and groups exposed to real and/
or hypothesized risks (e.g., exposure to biohazardous microbial
agents).
CATEGORIES OF RECORDS IN THE SYSTEM:
The system contains data about individuals as relevant to a
particular research study. Examples include, but are not limited to:
name, study identification number, address, relevant telephone numbers,
social security number (voluntary), driver's license number, date of
birth, weight, height, sex, race; medical, psychological and dental
information, laboratory and diagnostic testing results; registries;
social, economic and demographic data; health services utilization;
insurance and hospital cost data, employers, conditions of the work
environment, exposure to hazardous substances/compounds; information
pertaining to stored biologic specimens (including blood, urine, tissue
and genetic materials), characteristics and activities of health care
providers and educators and trainers (including curricula vitae); and
associated correspondence.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
``Research and Investigation,'' ``Appointment and Authority of the
Directors of the National Research Institutes,'' ``National Cancer
Institute,'' ``National Eye Institute,'' ``National Heart, Lung and
Blood Institute,'' ``National Institute on Aging,'' ``National
[[Page 60777]]
Institute on Alcohol Abuse and Alcoholism,'' ``National Institute on
Allergy and Infectious Diseases,'' ``National Institute of Arthritis
and Musculoskeletal and Skin Diseases,'' ``National Institute of Child
Health and Human Development,'' ``National Institute on Deafness and
Other Communication Disorders,'' ``National Institute of Dental and
Craniofacial Research,'' ``National Institute of Diabetes, and
Digestive and Kidney Diseases,'' ``National Institute of Drug Abuse,''
``National Institute of Environmental Health Sciences,'' ``National
Institute of Mental Health,'' ``National Institute of Neurological
Disorders and Stroke,'' and the ``National Human Genome Research
Institute'' of the Public Health Service Act. (42 U.S.C. 241, 242, 248,
281, 282, 284, 285a, 285b, 285c, 285d, 285e, 285f, 285g, 285h, 285i,
285j, 285l, 285m, 285n, 285o, 285p, 285q, 287, 287b, 287c, 289a, 289c,
and 44 U.S.C. 3101.)
PURPOSE(S):
To document, track, monitor and evaluate NIH clinical, basic, and
population-based research activities.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. A record may be disclosed for a research purpose, when the
Department: (A) Has determined that the use or disclosure does not
violate legal or policy limitations under which the record was
provided, collected, or obtained; e.g., disclosure of alcohol or drug
abuse patient records will be made only in accordance with the
restrictions of confidentiality statutes and regulations 42 U.S.C. 241,
42 U.S.C. 290dd-2, 42 CFR part 2, and where applicable, no disclosures
will be made inconsistent with an authorization of confidentiality
under 42 U.S.C. 241 and 42 CFR part 2a; (B) has determined that the
research purpose (1) cannot be reasonably accomplished unless the
record is provided in individually identifiable form, and (2) warrants
the risk to the privacy of the individual that additional exposure of
the record might bring; (C) has required the recipient to (1) establish
reasonable administrative, technical, and physical safeguards to
prevent unauthorized use or disclosure of the record, (2) remove or
destroy the information that identifies the individual at the earliest
time at which removal or destruction can be accomplished consistent
with the purpose of the research project, unless the recipient has
presented adequate justification of a research or health nature for
retaining such information, and (3) make no further use or disclosure
of the record except (a) in emergency circumstances affecting the
health or safety of any individual, (b) for use in another research
project, under these same conditions, and with written authorization of
the Department, (c) for disclosure to a properly identified person for
the purpose of an audit related to the research project, if information
that would enable research subjects to be identified is removed or
destroyed at the earliest opportunity consistent with the purpose of
the audit, or (d) when required by law; and (D) has secured a written
statement attesting to the recipient's understanding of, and
willingness to abide by, these provisions.
2. Disclosure may be made to a Member of Congress or to a
Congressional staff member in response to an inquiry of the
Congressional office made at the written request of the constituent
about whom the record is maintained.
3. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice
when: (a) The agency or any component thereof; or (b) any employee of
the agency in his or her official capacity where the Department of
Justice has agreed to represent the employee; or (c) the United States
Government, is a party to litigation or has an interest in such
litigation, and by careful review, the agency determines that the
records are both relevant and necessary to the litigation and the use
of such records by the Department of Justice is, therefore, deemed by
the agency to be for a purpose that is compatible with the purpose for
which the agency collected the records.
4. Disclosure may be made to agency contractors, grantees, experts,
consultants, collaborating researchers, or volunteers who have been
engaged by the agency to assist in the performance of a service related
to this system of records and who need to have access to the records in
order to perform the activity. Recipients shall be required to comply
with the requirements of the Privacy Act of 1974, as amended, pursuant
to 5 U.S.C. 552a(m).
5. Information from this system may be disclosed to Federal
agencies, State agencies (including the Motor Vehicle Administration
and State vital statistics offices, private agencies, and other third
parties (such as current or prior employers, acquaintances, relatives),
when necessary to obtain information on morbidity and mortality
experiences and to locate individuals for follow-up studies. Social
security numbers, date of birth and other identifiers may be disclosed:
(1) To the National Center for Health Statistics to ascertain vital
status through the National Death Index; (2) to the Health Care
Financing Agency to ascertain morbidities; and (3) to the Social
Security Administration to ascertain disabilities and/or location of
participants. Social security numbers may also be given to other
Federal agencies, and State and local agencies when necessary to
locating individuals for participation in follow-up studies.
6. Medical information may be disclosed in identifiable form to
tumor registries for maintenance of health statistics, e.g., for use in
research studies.
7. PHS may inform the sexual and/or needle-sharing partner(s) of a
subject individual who is infected with the human immunodeficiency
virus (HIV) of their exposure to HIV, under the following
circumstances: (1) The information has been obtained in the course of
clinical activities at PHS facilities carried out by PHS personnel or
contractors; (2) The PHS employee or contractor has made reasonable
efforts to counsel and encourage the subject individual to provide the
information to the individual's sexual or needle-sharing partner(s);
(3) The PHS employee or contractor determines that the subject
individual is unlikely to provide the information to the sexual or
needle-sharing partner(s) or that the provision of such information
cannot reasonably be verified; and (4) The notification of the
partner(s) is made, whenever possible, by the subject individual's
physician or by a professional counselor and shall follow standard
counseling practices.
PHS may disclose information to State or local public health
departments, to assist in the notification of the subject individual's
sexual and/or needle-sharing partner(s), or in the verification that
the subject individual has notified such sexual or needle-sharing
partner(s).
8. Certain diseases and conditions, including infectious diseases,
may be reported to appropriate representatives of State or Federal
Government as required by State or Federal law.
9. Disclosure may be made to authorized organizations which provide
health services to subject individuals or provide third-party
reimbursement or fiscal intermediary functions, for the purpose of
planning for or providing such services, billing or collecting third-
party reimbursements.
10. The Secretary may disclose information to organizations deemed
qualified to carry out quality assessment, medical audits or
utilization reviews.
[[Page 60778]]
11. Disclosure may be made for the purpose of reporting child,
elder or spousal abuse or neglect or any other type of abuse or neglect
as required by State or Federal law.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records may be stored on index cards, file folders, computer tapes
and disks (including optical disks), photography media, microfiche,
microfilm, and audio and video tapes. For certain studies, factual data
with study code numbers are stored on computer tape or disk, while the
key to personal identifiers is stored separately, without factual data,
in paper/computer files.
RETRIEVABILITY:
During data collection stages and follow-up, retrieval is by
personal identifier (e.g., name, social security number, medical record
or study identification number, etc.). During the data analysis stage,
data are normally retrieved by the variables of interest (e.g.,
diagnosis, age, occupation).
SAFEGUARDS:
1. Authorized Users: Access to identifiers and to link files is
strictly limited to the authorized personnel whose duties require such
access. Procedures for determining authorized access to identified data
are established as appropriate for each location. Personnel, including
contractor personnel, who may be so authorized include those directly
involved in data collection and in the design of research studies,
e.g., interviewers and interviewer supervisors; project managers; and
statisticians involved in designing sampling plans. Other one-time and
special access by other employees is granted on a need-to-know basis as
specifically authorized by the system manager. Researchers authorized
to conduct research on biologic specimens will typically access the
system through the use of encrypted identifiers sufficient to link
individuals with records in such a manner that does not compromise
confidentiality of the individual.
2. Physical Safeguards: Records are either stored in locked rooms
during off-duty hours, locked file cabinets, and/or secured computer
facilities. For certain studies, personal identifiers and link files
are separated and stored in locked files. Computer data access is
limited through the use of key words known only to authorized
personnel.
3. Procedural Safeguards: Collection and maintenance of data is
consistent with legislation and regulations in the protection of human
subjects, informed consent, confidentiality, and confidentiality
specific to drug and alcohol abuse patients where these apply. When
anonymous data is provided to research scientists for analysis, study
numbers which can be matched to personal identifiers will be
eliminated, scrambled, or replaced by the agency or contractor with
random numbers which cannot be matched. Contractors who maintain
records in this system are instructed to make no further disclosure of
the records. Privacy Act requirements are specifically included in
contracts for survey and research activities related to this system.
The OHS project directors, contract officers, and project officers
oversee compliance with these requirements. Personnel having access are
trained in Privacy Act requirements. Depending upon the sensitivity of
the information in the record, additional safeguard measures may be
employed.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in NIH Manual Chapter 1743, Appendix
1--``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361), item 3000-G-3, which allows records to be kept as long
as they are useful in scientific research. Collaborative Perinatal
Project records are retained in accordance with item 3000-G-4, which
does not allow records to be destroyed. Refer to the NIH Manual Chapter
for specific conditions on disposal or retention instructions.
SYSTEM MANAGER(S) AND ADDRESS:
See Appendix I for a listing of current System Managers. This
system is for use by all NIH Institutes and Centers.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the appropriate IC
Privacy Act Coordinator listed below. In cases where the requester
knows specifically which System Manager to contact, he or she may
contact the System Manager directly (See Appendix I). Notification
requests should include: individual's name; current address; date of
birth; date, place and nature of participation in specific research
study; name of individual or organization administering the research
study (if known); name or description of the research study (if known);
address at the time of participation; and in specific cases, a
notarized statement (some highly sensitive systems require two
witnesses attesting to the individual's identity). A requester must
verify his or her identity by providing either a notarization of the
request or by submitting a written certification that the is who he or
she claims to be and understands that the knowing and willful request
for acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand dollar fine.
Individuals will be granted direct access to their medical records
unless the System Manager determines that such access is likely to have
an adverse effect (i.e., could cause harm) on the individual. In such
cases when the System Manager has determined that the nature of the
record information requires medical interpretation, the subject of the
record shall be requested to designate, in writing, a responsible
representative who will be willing to review the record and inform the
subject individual of its contents at the representative's discretion.
The representative may be a physician, other health professional, or
other responsible individual. In this case, the medical/dental record
will be sent to the designated representative. Individuals will be
informed in writing if the record is sent to the representative. This
same procedure will apply in cases where a parent or guardian requests
notification of, or access to, a child's or incompetent person's
medical record. The parent or guardian must also verify (provide
adequate documentation) their relationship to the child or incompetent
person as well as his or her own identity to prove their relationship.
If the requester does not know which Institute or Center Privacy
Act Coordinator to contact for notification purposes, he or she may
contact directly the NIH Privacy Act Officer at the following address:
NIH Privacy Act Officer, Office of Management Assessment, 6011
Executive Blvd., Room 601L, Rockville, MD 20852.
NIH Privacy Act Coordinators
Associate Director for Disease Prevention, Office of the Director
(OD), Building 1, Room 260, 1 Center Drive, Bethesda, MD 20892.
Privacy Act Coordinator, Clinical Center (CC), Building 10, Room
1N208, 10 Center Drive, Bethesda, MD 20892.
[[Page 60779]]
Privacy Act Coordinator, National Center for Complementary and
Alternative Medicine (NCCAM), Building 31, Room 2B11, 31 Center Drive,
Bethesda, MD 20892-2182.
Privacy Act Coordinator, National Cancer Institute (NCI), Building
31, Room 10A34, 31 Center Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Center on Minority Health and
Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707
Democracy Boulevard, Bethesda, MD 20892-5465.
Privacy Act Coordinator, National Center for Research Resources
(NCRR), Rockledge I, Room 5140, 6705 Rockledge Drive, Bethesda, MD
20892.
Privacy Act Coordinator, National Eye Institute (NEI), Building 31,
Room 6A32, 31 Center Drive, Bethesda, MD 20892-2510.
Privacy Act Coordinator, National Human Genome Research Institute
(NHGRI), Building 10, 3C710, 10 Center Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Heart, Lung, and Blood Institute
(NHLBI), Building 31, Room 5A33, 31 Center Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Institute on Aging (NIA), Gateway
Building 31, Room 2C234, 7201 Wisconsin Avenue, Bethesda, MD 20892.
Privacy Act Coordinator, National Institute on Alcohol Abuse and
Alcoholism (NIAAA), Willco Building, Room 400, 6000 Executive
Boulevard, Bethesda, MD 20892-7003.
Privacy Act Coordinator, National Institute of Allergy and
Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 2143,
Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Arthritis and
Musculoskeletal and Skin Diseases (NIAMS), Natcher Building, Room
5AS49, 45 Center Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Biomedical Imaging
and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive,
Bethesda, MD 20892-2077.
Privacy Act Coordinator, National Institute of Child Health and
Human Development (NICHD), Building 31, Room 2A11, 31 Center Drive,
Bethesda, MD 20892.
Privacy Act Coordinator, Office of Extramural Affairs, National
Institute on Drug Abuse (NIDA), Neuroscience Center, 6001 Executive
Boulevard, Room 3158, Bethesda, MD 20892-9547.
Privacy Act Coordinator, National Institute on Deafness and Other
Communication Disorders (NIDCD), Building 31, Room 3C02, 31 Center
Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Dental and
Craniofacial Research (NIDCR), Natcher Building, Room 4AS25, 45 Center
Drive, Bethesda, MD 20892-6401.
Privacy Act Coordinator, National Institute of Diabetes and
Digestive and Kidney Disease (NIDDK), Building 31, Room 9A47, 31 Center
Drive, Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Environmental Health
Sciences (NIEHS), PO Box 12233, Research Triangle Park, NC 27709.
Privacy Act Coordinator, National Institute of General Medical
Sciences (NIGMS), Natcher Building, Room 2AN32, 45 Center Drive,
Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Mental Health
(NIMH), Neuroscience Center, 6001 Executive Boulevard, Room 8102,
Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Neurological
Disorders and Stroke (NINDS), Building 31, Room 8A33, 31 Center Drive,
Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Nursing Research
(NINR), Rockledge II, Room 710, 6701 Rockledge Drive, Bethesda, MD
20892.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should reasonably
specify the record contents being sought. An individual may also
request an accounting of disclosures of his/her record, if any.
CONTESTING RECORD PROCEDURE:
Contact the appropriate official at the address specified under
Notification Procedure, and reasonably identify the record, specify the
information being contested, and state corrective action sought, with
supporting information to show how the record is inaccurate,
incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
The system contains information obtained directly from the subject
individual by interview (face-to-face or telephone), written
questionnaire, or by other tests, recording devices or observations,
consistent with legislation and regulation regarding informed consent
and protection of human subjects. Information is also obtained from
other sources, including but not limited to: referring medical
physicians, mental health/alcohol/drug abuse or other health care
providers; hospitals; organizations providing biological specimens;
relatives; guardians; schools; and clinical medical research records.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
Appendix I: System Manager(s) and Address(es)
Associate Director for Disease Prevention, Office of the
Director (OD), Building 1, Room 260, 1 Center Drive, Bethesda, MD
20892.
Computer Systems Analyst, Division of Cancer Treatment and
Diagnosis, National Cancer Institute (NCI), Executive Plaza North,
Room 344, 6130 Executive Boulevard, Bethesda, MD 20892.
American Burkitt's Lymphoma Registry, Division of Cancer
Etiology, National Cancer Institute (NCI), Executive Plaza North,
Suite 434, 6130 Executive Boulevard, Bethesda, MD 20892.
Chief, Genetic Epidemiology Branch, Division of Cancer
Epidemiology and Genetics, National Cancer Institute (NCI),
Executive Plaza South, Room 7122, 6120 Executive Boulevard,
Bethesda, MD 20892-7236.
Program Director, Research Resources, Biological Carcinogenesis
Branch, Division of Cancer Etiology, National Cancer Institute
(NCI), Executive Plaza North, Room 540, 6130 Executive Boulevard,
Bethesda, MD 20892.
Chief, Environmental Epidemiology Branch, Division of Cancer
Etiology, National Cancer Institute (NCI), Executive Plaza North,
Room 443, 6130 Executive Boulevard, Bethesda, MD 20892.
Associate Director, Surveillance Program, Division of Cancer
Prevention, National Cancer Institute (NCI), Executive Plaza North,
Room 343K, 6130 Executive Boulevard, Bethesda, MD 20892.
Head, Biostatistics and Data Management Section, Center for
Cancer Research, National Cancer Institute (NCI), Building 6116,
Room 702, 6116 Executive Boulevard, Bethesda, MD 20892.
Chief, Clinical Research Branch, Center for Cancer Research,
Frederick Cancer Research and Development Center, National Cancer
Institute (NCI), 501 W. 7th Street, Room 3, Frederick, MD 21702.
Deputy Branch Chief, Navy Hospital, NCI-Naval Medical Oncology
Branch, Center for Cancer Research, National Cancer Institute (NCI),
Building 8, Room 5101, Bethesda, MD 20814.
Chief, Pharmaceutical Management Branch, Cancer Therapy
Evaluation Program, Division of Cancer Treatment and Diagnosis,
National Cancer Institute (NCI), Executive Plaza North, Room 804,
6130 Executive Boulevard, Bethesda, MD 20892.
Director, Extramural Clinical Studies, Frederick Cancer Research
and Development Center, National Cancer Institute (NCI), Fort
Detrick, Frederick, MD 21702.
Clinical Operations Manager, National Eye Institute (NEI),
Building 10, Room 10S224, 10 Center Drive, Bethesda, MD 20892.
Director, Division of Biometry and Epidemiology, National Eye
Institute (NEI), Building 31, Room 6A52, 31 Center Drive, Bethesda,
MD 20892.
[[Page 60780]]
Associate Director, Office of Clinical Affairs, National Heart,
Lung, and Blood Institute (NHLBI), Building 10, Room 8C104,10 Center
Drive, Bethesda, MD 20892-1754.
Senior Scientific Advisor, Office of the Director, Division of
Epidemiology and Clinical Applications, National Heart, Lung, and
Blood Institute (NHLBI), Federal Building, Room 220, 7550 Wisconsin
Avenue, Bethesda, MD 20892.
Chief Laboratory of Epidemiology, Demography and Biometry,
National Institute on Aging (NIA), Gateway Building, Room 3C309,
7201 Wisconsin Avenue, Bethesda, MD 20892.
Chief, Research Resources Branch, Intramural Research Program,
National Institute on Aging (NIA), 5600 Nathan Shock Drive,
Baltimore, MD 21224.
Clinical Director, National Institute on Aging (NIA), 5600
Nathan Shock Drive, Baltimore, MD 21224.
Deputy Director, Division of Biometry and Epidemiology, National
Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building,
Room 514, 6000 Executive Boulevard, Bethesda, MD 20892-7003.
Deputy Director, Division of Clinical and Prevention Research,
National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco
Building, Room 505, 6000 Executive Boulevard, Bethesda, MD 20892-
7003.
Chief, Respiratory Viruses Section, Laboratory of Infectious
Diseases, National Institute of Allergy and Infectious Diseases
(NIAID), Building 7, Room 106, 7 Memorial Drive, Bethesda, MD 20892.
Chief, Hepatitis Virus Section, Laboratory of Infectious
Diseases, National Institute of Allergy and Infectious Diseases
(NIAID), Building 7, Room 202, 7 Memorial Drive, Bethesda, MD 20892.
Chief, Biometry Branch, Division of Microbiology and Infectious
Diseases, National Institute of Allergy and Infectious Diseases
(NIAID), 6700-B Rockledge Drive, Room 3120, Bethesda, MD 20892.
Clinical Director, National Institute of Arthritis and
Musculoskeletal and Skin Diseases (NIAMS), Building 10, Room 9S205,
10 Center Drive, Bethesda, MD 20892.
Chief, Contracts Management Branch, National Institute of Child
Health and Human Development (NICHD), Executive Plaza North, Room
7A07, 6130 Executive Boulevard, Bethesda, MD 20892.
Director of Intramural Research, National Institute on Deafness
and Other Communication Disorders (NIDCD), Building 31, Room 3C02,
31 Center Drive, Bethesda, MD 20892.
Chief, Scientific Programs Branch, National Institute on
Deafness and Other Communication Disorders (NIDCD), Executive Plaza
South, Room 400C, 6120 Executive Boulevard, Bethesda, MD 20892-7180.
Clinical Director, National Institute of Dental and Craniofacial
Research (NIDCR), Building 10, Room 1N117, 10 Center Drive,
Bethesda, MD 20892-1191.
Chief, Scientific Review Branch, National Institute of Dental
and Craniofacial Research (NIDCR), Building 10, Room 1N117, 10
Center Drive, Bethesda, MD 20892-1191.
Research Psychologist, Gene Therapy and Therapeutics Branch,
National Institute of Dental and Craniofacial Research (NIDCR),
Building 10, Room 1N105, 10 Center Drive, Bethesda, MD 20892-1190.
Chief, Clinical Investigations, National Institute of Diabetes
and Digestive and Kidney Diseases (NIDDK), Building 10, Room 9N222,
10 Center Drive, Bethesda, MD 20892.
Chief, Phoenix Clinical Research Section, National Institute of
Diabetes and Digestive and Kidney Diseases (NIDDK), Phoenix Area
Indian Hospital, Room 541, 4212 North 16th Street, Phoenix, AZ
85016.
Chief, Diabetes Research Section, Division of Diabetes,
Endocrinology, and Metabolic Diseases, National Institute of
Diabetes and Digestive and Kidney Disease (NIDDK), Natcher Building,
Room 5AN18G, 45 Center Drive, Bethesda, MD 20892-6600.
Privacy Act Coordinator, Office of Extramural Affairs, National
Institute on Drug Abuse (NIDA), 6001 Executive Boulevard, Room 3158,
Bethesda, MD 20892-9547.
Chief, Epidemiology Branch, National Institute of Environmental
Health Sciences (NIEHS), PO Box 12233, Research Triangle Park, NC
27709.
Director, Intramural Research Program, National Institute of
Mental Health (NIMH), Building 10, Room 4N224, 10 Center Drive,
Bethesda, MD 20892.
Privacy Act Coordinator, National Institute of Mental Health
(NIMH), Neuroscience Center, Room 8102, 6001 Executive Boulevard,
Bethesda, MD 20982.
Privacy Act Coordinator, National Institute of Neurological
Disorders and Stroke (NINDS), Building 31, Room 8A33, 31 Center
Drive, Bethesda, MD 20892.
Chief, Epilepsy Branch, National Institute of Neurological
Disorders and Stroke (NINDS), Neuroscience Center, 6001 Executive
Boulevard, Suite 2110, Bethesda, MD 20892-9523.
Assistant Director, Clinical Neurosciences Program, Division of
Intramural Research, National Institute of Neurological Disorders
and Stroke (NINDS), Building 10, Room 5N234, 10 Center Drive,
Bethesda, MD 20892.
Acting Chief, Laboratory of Central Nervous Systems Studies,
Intramural Research Program, National Institute of Neurological
Disorders and Stroke (NINDS), Building 36, Room 4A21, 36 Convent
Drive, Bethesda, MD 20892-4123.
Clinical Director, National Human Genome Research Institute
(NHGRI), Building 10, Room 10C101D, 10 Center Drive, Bethesda, MD
20892.
Deputy Director, Division of Extramural Research, National
Institute of Neurological Disorders and Stroke (NINDS), Neuroscience
Center, Room 3307, 6001 Executive Boulevard, Bethesda, MD 20892.
Director, Office of Clinical and Regulatory Affairs, Division of
Extramural Research and Training, Democracy Plaza II, Room 401, 6707
Democracy Boulevard, Bethesda, MD 20892-5475.
Privacy Act Coordinator, National Institute of Biomedical
Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31
Center Drive, Bethesda, MD 20892-2077.
Privacy Act Coordinator, National Center on Minority Health and
Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707
Democracy Boulevard, Bethesda, MD 20892-5465.
09-25-0202
SYSTEM NAME:
Patient Records on PHS Beneficiaries (1935-1974) and Civilly
Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals in Fort
Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Intramural Research Program, National Institute on Drug Abuse
(NIDA), National Institutes of Health, Johns Hopkins Bayview Medical
Center, P.O. Box 5180, Baltimore, Maryland 21224.
Federal Records Center, 1557 St. Joseph Avenue, East Point, GA
30344.
Washington National Records Center, 4205 Suitland Road, Washington,
D.C. 20409.
Iron Mountain, 8200 Preston Court, Suite One, Jessup, MD 20794.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Civilly committed narcotic addicts (1967-1976) and adult PHS
beneficiaries (1935-1974) treated at either the PHS hospital in Fort
Worth, Texas, or Lexington, Kentucky.
CATEGORIES OF RECORDS IN THE SYSTEM:
Administrative records, such as treatment admission and release
dates, name and address, and other demographic data; medical records,
such as, but not limited to, medical history information, drug abuse/
use data as well as treatment information, any laboratory tests, etc.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Narcotic Addict Rehabilitation Act of 1966, and Narcotic Addict
Rehabilitation Amendments of 1971, Titles I and III (42 U.S.C. 3411 et
seq. and 28 U.S.C. 2901 et seq.), and Public Health Service Act,
Sections 321-326, 341(a) and (c) (42 U.S.C. 248-253, 257(a) and (c)).
PURPOSE(S):
The records were collected originally to monitor the individual's
progress while being treated at either of two PHS hospitals and to
ensure continuity of that care. These systems are now inactive. The
records are used to respond to requests from subject individuals (or
his/her designated representative) to (1) establish eligibility for
certain Federal benefits for the
[[Page 60781]]
individual or his/her dependent(s), and (2) provide information to
subsequent health care providers at the request of the individual
regarding medical treatment received to ensure continuity of care.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
None.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records at National Institute on Drug Abuse (NIDA) are on microfilm
and contain only part of the admission and discharge information. The
microfilm is stored in a file cabinet in a locked room. Records sent to
Federal Records Center are stored in GSA-approved storage containers.
RETRIEVABILITY:
The administrative records and microfilm are filed by patient name.
The medical records are filed either by patient name or by patient's
hospital number with a cross-reference list at NIDA matching number to
name.
SAFEGUARDS:
1. Authorized Users: Only the System Manager and designated staff.
2. Physical Safeguards: The microfilm is in a room which has
limited access, or stored at a security coded warehouse. The room is
located in a building with a 24-hour security patrol/television
surveillance system. Sign in and out procedures are used at all times.
The warehouse has security access; records can only be retrieved by the
System Manager or designated staff using a confidential code number.
The warehouse is patrolled on a 24-hour basis with television
surveillance.
3. Procedural Safeguards: Only the System Manager and his/her staff
have access to the microfilm information and have been trained in
accordance with the Privacy Act.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook.
RETENTION AND DISPOSAL:
All administrative and medical records have been retired to a
Federal Records Center. The records collected under the Narcotic Addict
Rehabilitation Act of 1966 will be destroyed when they are 25 years
old, which will be in 2001 because the last patient was released from
treatment in 1976. The PHS beneficiaries' records will be destroyed at
the same time. The records will be shredded in 2003 upon written
request from the system manager.
SYSTEM MANAGER(S) AND ADDRESS:
Medical Records Officer, Intramural Research Program, National
Institute on Drug Abuse (NIDA), Johns Hopkins Bayview Medical Center,
Box 5180, Baltimore, MD 21224.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
address above. An individual may learn if a record exists about himself
or herself upon written request with a notarized signature. The request
should include, if known: Patient hospital record number, full name or
any alias used, patient's address during treatment, birth date, veteran
status (if applicable) and approximate dates in treatment, and social
security number.
An individual who requests notification of a medical record shall,
at the time the request is made, designate in writing a responsible
representative who will be willing to review the record and inform the
individual of its content at the representative's discretion.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. An individual may also
request an accounting of disclosures of his/her record, if any.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above, and reasonably identify the record, specify the
information being contested, and state the corrective action sought,
with supporting information to show how the record is inaccurate,
incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
Patients; patients' drug treatment program counselors; court
records; hospital personnel.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0203
SYSTEM NAME:
National Institute on Drug Abuse, Intramural Research Program,
Federal Prisoner and Non-Prisoner Research Files, HHS/NIH/NIDA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Intramural Research Program, National Institute on Drug Abuse
(NIDA), P.O. Box 5180, Baltimore, MD 21224.
NIDA Warehouse, 5550 Eastern Avenue, Baltimore, MD 21224.
Quest, Pathology Building, 1901 Silver Spring Road, Baltimore, MD
21227.
Federal Records Center, 1557 St. Joseph Avenue, East Point, GA
30344.
Washington National Records Center, 4205 Suitland Road, Washington,
DC 20409.
NOVA, Johns Hopkins Bayview Medical Center, Building C, 5500 Nathan
Shock Drive, Baltimore, MD 21224.
Iron Mountain, 8200 Preston Court, Suite One, Jessup, MD 20794.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Volunteers, adult males (from 1968 to present), adult females
(beginning in l985) and adolescents (ages 13-18, beginning in 1983) and
children (neonate to 12 beginning in 1989). Clinical research projects
conducted at the Addiction Research Center (ARC). This system also
includes records on adult Federal prisoners involved in research
projects at ARC when located at Lexington, Kentucky, from 1968-1976,
and some records from system 09-30-0020 to be used for statistical
research only.
CATEGORIES OF RECORDS IN THE SYSTEM:
The categories of records involved are administrative, medical and
research records.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Public Health Service Act, Section 301(a) (42 U.S.C. 241(a));
Sections 341(a) and 344(d) (42 U.S.C. 257(a) and 260(d)); Sections 503
and 515 (42 U.S.C. 290aa-2 and 290cc). These sections authorize the
conduct of research in all areas of drug abuse.
PURPOSE(S):
1. To collect and maintain a data base for research activities at
NIDA/IRP.
2. To enable Federal drug abuse researchers to evaluate and monitor
the subjects' health during participation in a research project. The
areas of research include, but are not limited to, biomedical,
clinical, behavioral, pharmacological, psychiatric, psycho social,
epidemiological, etiological,
[[Page 60782]]
statistical, treatment and prevention of narcotic addiction and drug
abuse.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. The National Institute on Drug Abuse (NIDA) uses a contractor to
recruit volunteers and to screen these individuals for their
acceptability to participate in specific research projects, and limits
the contractor's access to the records to these procedures. NIDA also
uses a contractor to perform routine medical laboratory tests on blood
and urine samples. These routine tests verify that the subject is in
good health. Both contractors disclose records from this system only to
NIDA and are required to maintain Privacy Act safeguards with respect
to such records.
2. (a) PHS may inform the sexual and/or needle-sharing partner(s)
of a subject individual who is infected with the human immunodeficiency
virus (HIV) of their exposure to HIV, under the following
circumstances: (1) The information has been obtained in the course of
clinical activities at PHS facilities carried out by PHS personnel or
contractors; (2) The PHS employee or contractor has made reasonable
efforts to counsel and encourage the subject individual to provide the
information to the individual's sexual or needle-sharing partner(s);
(3) The PHS employee or contractor determines that the subject
individual is unlikely to provide the information to the sexual or
needle-sharing partner(s) or that the provision of such information
cannot reasonably be verified; and (4) The notification of the
partner(s) is made, whenever possible, by the subject individual's
physician or by a professional counselor and shall follow standard
counseling practices.
(b) PHS may disclose information to State or local public health
departments, to assist in the notification of the subject individual's
sexual and/or needle-sharing partner(s), or in the verification that
the subject individual has, notified such sexual or needle-sharing
partner(s).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Data may be stored in file folders or on an internal EISnet, CDS,
computer disk, magnetic tape, or microfilm.
RETRIEVABILITY:
Administrative and medical records are indexed and retrieved by the
subject's name and identification code number. Research records are
indexed and retrieved by the subject's name and identification code
number.
SAFEGUARDS:
1. Authorized Users: Only authorized NIDA Intramural Research
Program staff are allowed access to these files.
2. Physical Safeguards: Files and file rooms are locked after
business hours. Building has electronic controlled entry at all times
with a 24-hour guard/television surveillance system. The computer
terminals are in a further secured area.
3. Procedural Safeguards: All users of personal information in
connection with the performance of their jobs protect information from
unauthorized personnel. Access codes to the research records are
available only to the Principal Investigator and his/her research team.
Access to the records is strictly limited to those staff members
trained in accordance with the Privacy Act. The contractor staff
members are required to secure the information in accordance with the
Privacy Act. Project Officer and contracting officials will monitor
contractor compliance.
4. Access to the Clinical Data Warehouse (EISnet): The NIDA IRP
computerized medical and research record is strictly limited. All staff
must be authorized to use the system and be granted an access code
(user name and password) by the system sponsor (NIDA, IRP Chief of
Biomedical Informatics). Passwords are required to be changed every six
months. Access is limited by job classification and is on a need to
know basis only. Data entered is time and date stamped by the staff
member's name. Data is not altered once entered. While logged into the
system, the name of the staff member is displayed on the screen. An
activity log of each use is kept. Data is backed up on a daily basis.
5. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook.
In addition, because much of the data collected in these research
projects are sensitive and confidential, special safeguards have been
established. Certificates of confidentiality have been issued under
Protection of Identity--Research Subjects Regulations (42 CFR part 2a)
to those projects initiated since February 1980. This authorization
enables persons engaged in research on mental health, including
research on the use and effect of psychoactive drugs, to protect the
privacy of research subjects by withholding their names or other
identifying characteristics from all persons not connected with the
conduct of the research. Persons so authorized may not be compelled in
any Federal, State, or local civil, criminal, administrative,
legislative, or other proceeding to identify such individuals. In
addition, these records are subject to 42 CFR part 2, the
Confidentiality of Alcohol and Drug Abuse Patient Records Regulations
(42 CFR 2.56), which state: ``Where the content of patient records has
been disclosed pursuant to these regulations for the purpose of
conducting scientific research * * * information contained therein
which would directly or indirectly identify any patient may not be
disclosed by the recipient thereof either voluntarily or in response to
any legal process whether Federal or State.''
RETENTION AND DISPOSAL:
Records will be disposed of in accordance with the NIH Records
Control Schedule, i.e., when the records are ten years old or no longer
required for administrative or research purposes.
SYSTEM MANAGER(S) AND ADDRESS:
Medical Records Officer, Intramural Research Program, National
Institute on Drug Abuse (NIDA), Johns Hopkins Bayview Medical Center,
Building C, P.O. Box 5180, Baltimore, MD 21224.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
address above. Provide a notarized signature as proof of identity. This
can be waived if the request is made through official Federal, state,
or local channels. The request should include the patient's register
number and/or the number of years of incarceration (for prisoner
subjects), full name at time of participation in the research project,
date(s) of research participation, and title of research project or
name of drug being studied. An individual who requests notification of
a medical record shall, at the time the request is made, designate in
writing a responsible representative who will be willing to review the
record and inform the subject individual of its contents at the
representative's discretion. A parent or legal guardian who requests
notification of an adolescent's record shall designate a family
physician or other health professional (other than a family member) of
the Addiction Research Center staff to whom the record, if any, will be
sent. The parent or legal guardian must verify in writing the
relationship to the adolescent as well as his/her own identity.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
[[Page 60783]]
specify the record contents being sought. An individual may also
request an accounting of disclosures that have been made of his/her
records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above and reasonably identify the record, specify the
information being contested, and state the corrective action sought and
reasons for requesting the correction, along with supporting
information to show how the record is inaccurate, incomplete, untimely,
or irrelevant.
RECORD SOURCE CATEGORIES:
The individual; observations and medical recordings (such as blood
pressure, dosage of compound administered, etc.) made by the Principal
investigator and his/her research team; system of records number 09-30-
0020; drug treatment programs; Bureau of Prisons; case workers;
psychiatrists; research laboratories; and pharmacies and hospitals.
Many of these records are confidential and privileged communication is
guaranteed under Section 344(d) of the PHS Act.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0207
SYSTEM NAME:
Subject-Participants in Pharmacokinetic Studies on Drugs of Abuse
and on Treatment Medications, HHS/NIH/NIDA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
University of California, San Francisco, Langley Porter Psychiatric
Institute, San Francisco, CA 94143.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Normal, healthy adults who voluntarily participate in studies on
the pharmacokinetics and pharmacodynamics of psychoactive drugs at
Langley Porter Psychiatric Institute, during the period September 1987
through September 2005.
CATEGORIES OF RECORDS IN THE SYSTEM:
Research records on each subject-participant contain the following
information: name; clinician's records including medical history,
laboratory test results, physical examinations, psychological profile,
and drug use profile; drug study data including records of drugs
administered, exposures to radioactivity, and drug reactions; and date
of study in which the subject participated.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Public Health Service Act, Sections 301(a), 503 and 405 (42 U.S.C.
241 and 284).
PURPOSE(S):
The primary purpose of this system is to support research on the
pharmacokinetics and pharmacodynamics of drugs of abuse as well as
treatment drugs. The term ``pharmacokinetics'' refers to the manner in
which the human body processes a drug. ``Pharmacodynamics'' refers to
the manner in which the drug affects the human body.
The clinical investigator used data of a medical nature that is
contained in the system to make determinations regarding drug dosages
and/or radiochemical exposures appropriate to the individual human
subject-participants, in order to preserve and protect the health of
each. The system also provides baseline data for studying the drug
effects.
The Food and Drug Administration (FDA) also may use the records in
routine inspections FDA conducts in accordance with its
responsibilities to develop standards on the composition, quality,
safety, and efficacy of drugs administered to humans, and to monitor
experimental usage of drugs.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. We may disclose to a congressional office the record of an
individual in response to a verified inquiry from the congressional
office made at the written request of the individual.
2. NIH contractors, use the records in this system to accomplish
the research purpose for which the records are collected. The
contractors are required to maintain Privacy Act safeguards with
respect to such records.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
The contractor maintains the records on paper in file folders.
RETRIEVABILITY:
The contractor indexes and retrieves the records by the subject-
participant's name.
SAFEGUARDS:
1. Authorized Users: Only the contract Project Director and his/her
research team and the Federal Project Officer and his/her support staff
have access to these records.
2. Physical Safeguards: The contractor keeps all records in a
locked metal file cabinet in premises with limited accessibility. Only
the clinical investigator (Project Director) has the key to the locked
files.
3. Procedural Safeguards: Only the contract staff have access to
the files. Persons other than subject participants who request
individually identifiable data from a record, must provide written
consent from the subject participant permitting the requested
disclosure. The only exception would be for disclosure to persons or
organizations permitted by the Privacy Act, Section 3(B) to obtain
personally identifiable data.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook. In addition, the contract staff
complies with contractor's (University of California, San Francisco)
standard procedures for safeguarding data.
RETENTION AND DISPOSAL:
The records will be kept for at least two years after FDA approves
the new drug application for the study medication or the IND is
withdrawn. At that time, the NIDA project officer will authorize in
writing the clinical investigators to destroy the records by shredding
or burning.
SYSTEM MANAGER(S) AND ADDRESS:
Project Officer, Pharmacokinetic Studies on Drugs of Abuse,
Medications Development Division, National Institute on Drug Abuse
(NIDA), Neuroscience Center, Room 4123, 6001 Executive Boulevard,
Bethesda, MD 20892-9551.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager listed
above.
Provide the following information: subject-participant's full name
and a letter of request (or permission, if the requester is not the
subject-participant) with notarized signature of the individual who is
the subject of the record, approximate date(s) of experiment(s) in
which the individual participated, and drug name (if known). In
addition, an individual who requests notification of, or access to, a
medical record shall, at the time the request is made, designate in
writing a responsible
[[Page 60784]]
representative who will be willing to review the record and inform the
subject individual of its content at the representative's discretion.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. An individual may also
request an accounting of disclosures of his/her record, if any.
CONTESTING RECORD PROCEDURE:
Contact the System Manager at the address above and reasonably
identify the record, specify the information to be contested, the
corrective action sought, with supporting information to show how the
record is inaccurate, incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
The subject-participants and the contractor personnel conducting
the research studies.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0208
SYSTEM NAME:
Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Research Triangle Institute, Center for Social Research and Policy
Analysis, Research Triangle Park, NC 27709.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Voluntary adult clients of Federally-funded treatment programs,
including Treatment Alternative Street Crime (TASC) Programs of the
Department of Justice, who requested to be included in TOPS from 1979
through 1986. New data collected from voluntary adults/adolescent
clients of public and private funded-treatment programs beginning in
1991 and will continue through 1997.
CATEGORIES OF RECORDS IN THE SYSTEM:
The categories are: demographic data, treatment outcome data,
treatment process data, client locator information, and personal
identifiers (name and assigned numerical identifier).
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Public Health Service Act, Sections 301 and 405 (42 U.S.C. 241 and
284.)
PURPOSE(S):
The purpose of the system is to compile information on drug abusers
in drug abuse treatment programs in order to derive information on the
treatment environments and abusers' behaviors and characteristics
subsequent to treatment. Researchers and drug abuse service providers
may use the aggregate data to address issues and generate hypotheses to
understand better the interactions among the client and community.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Within the restrictions set forth in HHS regulations concerning
the confidentiality of drug abuse patient records (42 CFR 2.56), we may
disclose a record for a research purpose, when the Department: (a) Has
determined that the use or disclosure does not violate legal or policy
limitations under which the record was provided, collected, or
obtained; (b) has determined that the research purpose (1) cannot be
reasonably accomplished unless the record is provided in individually
identifiable form, and (2) warrants the risk to the privacy of the
individual that additional exposure of the record might bring; (c) has
required the recipient to (1) establish reasonable administrative,
technical, and physical safeguards to prevent unauthorized use or
disclosure of the record, (2) remove or destroy the information that
identifies the individual at the earliest time at which removal or
destruction can be accomplished consistent with the purpose of the
research project, unless the recipient has presented adequate
justification of a research or health nature for retaining such
information, and (3) make no further use or disclosure of the record
except: (A) In emergency circumstances affecting the health or safety
of any individual, (B) for use in another research project, under these
same conditions, and with written authorization of the Department, (C)
for disclosure to a properly identified person for the purpose of an
audit related to the research project, if information that would enable
research subjects to be identified is removed or destroyed at the
earliest opportunity consistent with the purpose of the audit, or (D)
when required by law; (d) has secured a written statement attesting to
the recipient's understanding of, and willingness to, abide by these
provisions.
2. The Research Triangle Institute, an NIH contractor, uses the
records in this system to accomplish the research purpose for which the
records are collected. In the event of followup studies or continuation
studies because the contract has been terminated for convenience by the
Government, we may disclose records in this system to a subsequent NIH
contractor. We would require the new contractor to maintain Privacy Act
safeguards with respect to such records.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Interview forms, magnetic tapes, and disks.
RETRIEVABILITY:
Records are indexed and retrieved by unique alpha numerical
identifier. In order to relate the data collected to specific
individuals, one must use the link file discussed under Safeguards.
SAFEGUARDS:
1. Authorized Users: Contractor personnel, the agency project
officer, and agency employees whose duties require the use of the
information in the system.
2. Physical Safeguards: The data management task leader, the
project leader, or the project director provide technical supervision
of all data collection and processing activities. Individually
identified forms are stored in a secure, vault-like room provided for
this purpose. Authorized personnel have access to the room by one
locked door with controlled entry, i.e., only on the written authority
of the professional staff member in charge. Computerized records are
kept in a vault area with limited accession.
3. Procedural Safeguards: Because some of the data collected in
this study, such as data on drug use, are sensitive and confidential,
special safeguards have been established. A Certificate of
Confidentiality has been issued under 42 CFR part 2a. This
authorization enables persons engaged in research on mental health,
including research on the use and effect of psychoactive drugs, to
protect the privacy of research subjects by withholding the names or
other identifying characteristics from all persons not connected with
the conduct of the research. Persons so authorized may not be compelled
in any Federal, State, or local civil, criminal, administrative,
legislative, or other proceedings to identify such individuals. In
addition, these records are subject to 42 CFR part 2, the
Confidentiality of Alcohol and Drug Abuse Patient Records Regulations
(42 CFR 2.56), which state: ``Where the content of patient records has
been disclosed pursuant to (these regulations) for the purpose of
conducting scientific research * * *. information contained
[[Page 60785]]
therein which would directly or indirectly identify any patient may not
be disclosed by the recipient thereof either voluntarily or in response
to any legal process whether Federal or State.''
Another safeguard is that the forms containing subject
identification information for client followup and data matching
purposes do not include any reference to the purpose of the study.
Identification and location information is kept separate from any
information that would suggest that the respondent has been in a drug
treatment program.
Information on completed forms is entered immediately on the
computer. Completed forms and computerized data are released only to
authorized persons. Only aggregate data are provided and used in the
preparation of necessary and appropriate reports.
A link file system is used. This system has three components: (1)
Personal information, (2) data base information, and (3) the link file,
which contains identifying number pairs which can be used to match data
with individuals. The advantage of this system is that the data base
can be used directly for report generation, etc., without the use of
decrypting subroutines or access to the personal information or
matching link files.
In addition, the computer center being utilized has developed an
extensive security system to protect computer account codes and data.
This system is described in a publication that is available from the
System manager upon request.
We do not anticipate any disclosure of individually identifiable
information to other persons or organizations within the Department of
Health and Human Services. Nor does the contractor provide individually
identification information to the Department of Justice, with which
NIDA has a cooperative agreement for this study.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook. In addition, project staff complies
with the contractor's (Research Triangle Institute) standard procedures
for safeguarding data.
The contractor provides only aggregate information to NIDA.
RETENTION AND DISPOSAL:
The contractor destroys interview forms by shredding or burning
immediately after contractor staff have completed and verified direct
entry on magnetic tape or disk storage. The contractor will destroy
individual identification and location data by shredding or burning,
under the explicit written authorization of the System manager, which
is anticipated to be no longer than five years after the termination of
the study unless the information is needed for research purposes. We
will retain aggregate data tapes for research purposes. These tapes
will not have any individually identifiable information. In accordance
with the NIH Records Control Schedule, these tapes will be retained for
five years after completion of the project (approximately 2002). At
that time, the tapes will be retired to the Federal Records Center and
destroyed when they are ten years old or when they are no longer needed
for research purposes.
SYSTEM MANAGER(S) AND ADDRESS:
Drug Abuse Treatment Outcome Study (DATOS), Project Officer,
Services Research Branch, Division of Epidemiology, Services, and
Prevention Research, National Institute on Drug Abuse (NIDA),
Neuroscience Center, Room 4222, 6001 Executive Boulevard, Bethesda, MD
20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
address above. An individual may learn if a record exists about
himself/herself upon written request, with notarized signature. The
request should include, if known, name of the researcher, location of
the research site, approximate date of data collection, any alias used,
and subject identification number.
An individual who requests notification of a medical record shall,
at the time the request in made, designate in writing a responsible
representative who will be willing to review the record and inform the
subject individual of its contents at the representative's discretion.
A parent or legal guardian who requests notification of an
adolescent's record shall designate a family physician or other health
professional (other than a family member) of the Division of Clinical
Research staff to whom the record, if any, will be sent. The parent or
legal guardian must verify in writing the relationship to the
adolescent as well as his/her own identity.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. An individual may also
request an accounting of disclosures of his/her record, if any.
Persons other than subject individuals, who request individually
identifiable data from a record must provide written consent from the
subject individual permitting the requested disclosure. The only
exception (if not in conflict with confidentiality regulations) would
be for disclosure to persons or organizations permitted by the Privacy
Act, section 3(b), to obtain personally identifiable data.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above and reasonably identify the record, specify the
information being contested, the corrective action sought, with
supporting information to show how the record is inaccurate,
incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
Research subjects, and staff in participating drug abuse treatment
programs, written clinical evaluations, counselors, psychiatrists,
psychotherapists, family members, research assistants, hospitals.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0209
SYSTEM NAME:
Subject-Participants in Drug Abuse Research Studies on Drug
Dependence and in Research Supporting Investigational New Drug and New
Drug Applications, HHS/NIH/NIDA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Veterans Administration Hospital, Cooperative Studies Program,
Department of Veterans Medical Center, Perry Point, MD 21902.
Division of Treatment Research and Development, National Institute
on Drug Abuse (NIDA), Neuroscience Center, Room 4123, 6001 Executive
Boulevard, Bethesda, MD 20892.
Division of Intramural Research Programs, National Institute on
Drug Abuse (NIDA), 4940 Eastern Avenue, Baltimore, MD 21224.
Write to the System Manager at the address below for the address of
any new locations where records from this system may be stored.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Voluntary clients of Federally funded and other drug abuse
treatment
[[Page 60786]]
programs who have requested to receive investigational new or marketed
drugs, such as but not limited to, naltrexone, levo-alpha
acetylmethadol (LAAM), buprenorphine, disulfiram, selegiline,
bupropion, and GBR-12909 as part of their treatment. Data collection
will continue through calendar year 2010.
CATEGORIES OF RECORDS IN THE SYSTEM:
Demographic data, treatment outcome data, treatment process data,
client locator information, and personal identifiers (name and assigned
numerical identifier).
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Public Health Service Act, Sections 301, 464p, and 405 (42 U.S.C.
241, and 284).
PURPOSE(S):
1. To maintain information on the safety and effectiveness of drugs
for treatment of drug dependence with or without abuse potential in
various treatment environments and modalities and changes in the
behavior and characteristics of drug abusers who received these
substances as part of their treatment regimen.
2. To provide data required by the Food and Drug Administration
(FDA) to support research on drug dependence, Investigational New Drug
Applications (INDs) and potential New Drug Applications (NDAs) for
various drugs, and to treat drug dependence with or without abuse
potential. A new drug application is a notice to FDA that a
pharmaceutical company believes they have enough data to demonstrate
the safety and efficacy of a substance to satisfy FDA for marketing the
substance. FDA may also use the records in routine inspections that FDA
conducts in accordance with its responsibilities to develop standards
on the composition, quality, safety and efficacy of drugs administered
to humans, and to monitor experimental usage of drugs.
3. To conduct research on the pharmacology, toxicology, and
behavioral characteristics of drugs of abuse alone or in combination
with proposed treatment drugs.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
NIH contractor(s) and/or interagency collaborators (i.e. Department
of Veteran's Affairs) use the records in the system to accomplish the
research and development purposes for which the records were collected.
In the event of a followup study or continuation study, the responsible
project officer may disclose records in this system to a subsequent NIH
contractor(s). Any new contractor(s) is and would be required to
maintain Privacy Act safeguards with respect to such records and to
comply with the confidentiality restrictions of 42 CFR part 2.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Interview and assessment forms, video tapes, magnetic tapes, disks
and microfiche in boxes in closed cabinets in a locked room with
limited accessibility.
RETRIEVABILITY:
The records are indexed and retrieved by subject-participant's name
code (i.e., initials--not name) and unique numerical identifier. In
order to relate the data collected to specific individuals, however,
one must use the link file discussed under safeguards.
SAFEGUARDS:
1. Authorized Users: For all of the studies, the System Manager or
Federal Project Officer and only authorized contract staff have access
to the records (computerized and hard copy files) in the system. The
contractor provides only aggregate data in reports to NIDA, FDA, or the
public. Only the NIDA personnel mentioned previously and selected
authorized contract staff, have access to the stored records. A
certificate of confidentiality is issued to researchers conducting
these studies under 42 CFR, part 2, Protection of Identity--Research
Subjects. This authorization enables persons engaged in research on
mental health, including research on the use and effect of psychoactive
drugs, to protect the privacy of research subjects by withholding the
names or other identifying characteristics from all persons not
connected with the conduct of the research. Persons so authorized may
not be compelled in any Federal, State or local civil, criminal,
administrative, legislative, or other proceedings to identify such
individuals. These regulations do not prohibit voluntary disclosure by
the researcher. However, the records of these studies also are subject
to 42 CFR part 2, the Confidentiality of Alcohol and Drug Abuse Patient
Records Regulations (42 CFR part 56), which state: Where the content of
patient records has been disclosed. Pursuant to (these regulations) for
the purpose of conducting scientific research * * * information
contained therein which would directly or indirectly identify any
patient may not be disclosed by the recipient thereof either
voluntarily of in response to any legal process whether Federal or
State.'' The contractor's institutional review board reviewed and
approved the safeguards described above in accordance with 45 CFR part
46 on the Protection of Human Subjects.
2. Physical Safeguards: For the study records, the contractor(s)
stored individually identified forms in a locked room with controlled
entry, i.e., only on written authority of the professional staff member
in charge of data handling and processing). The contractor staff enters
the collected information onto computer systems or disks as soon after
contact with the subject-participant as possible, and stores the
computerized records in a secured area with access limited as above.
For the study records, NIDA stores any individually identified
forms in a lockable cabinet in a secure room. Only authorized NIDA
personnel (i.e., select members of the Division of Treatment Research
and Development professional staff and their support staff have access
to the room with controlled entry. The room is in a building which has
a 24-hour guard/television surveillance system and has controlled entry
(picture identification sign in and out procedures) before and after
normal working hours.
Another safeguard for these studies is that the forms containing
subject identification information do not include any reference to the
purpose of the study. The identification information is separate from
any information that would suggest that the respondent is or has been
in a drug abuse treatment program. In addition, the computer centers
being utilized for data analyses have developed an extensive security
system to protect computer account codes and data.
3. Procedural Safeguards: Access to the computerized records of the
studies is protected by a computerized password routine which is
changed
periodically. In addition, the project staff complies with the
contractor's standard procedures for safeguarding data. The link file
system that identifies individuals with personal data has three
components: (1) Identification information, (2) data base information,
and (3) the link file, which contains identifying number pairs which
match data with individuals. The advantage of this system is that one
may use the baseline data directly for report generation, etc., without
using the subroutines or accessing the personal information or link
files.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS
[[Page 60787]]
General Administration Manual, sbull I11``Safeguarding Records
Contained in Systems of Records,'' supplementary Chapter PHS hf: 45-13,
and the HHS Automated Information Systems Security Program Handbook.
RETENTION AND DISPOSAL:
NIDA will destroy identifiable information by shredding or burning
when it is no longer needed for analysis or research purposes; then the
tapes, and/or other electronic media, will be erased. NIDA will destroy
individual identification and match-up information from other studies
by shredding or burning five years after FDA completes the review and
approves the new drug applications or when they are no longer needed
for research purposes.
NIDA will retain the aggregate data tapes, and/or other electronic
media, and/or paper records from studies for research purposes. These
tapes will not have any individually identifiable information. In
accordance with the FDA regulations governing new drug applications,
the aggregate tapes will be retained for at least two years after FDA
approves the new drug applications or the IND is withdrawn. At that
time, the tapes will be retired to the Federal Records Center and
destroyed when they are five years old or when they are no longer
needed for research purposes.
SYSTEM MANAGER(S) AND ADDRESS:
Chief, Regulatory Affairs Branch, Division of Treatment Research
and Development, National Institute on Drug Abuse (NIDA), Neuroscience
Center, Room 4123, 6001 Executive Boulevard, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
An individual may determine if a record exists about himself/
herself upon written request, with notarized signature if request is
made by mail, or with suitable identification if request is made in
person, to the appropriate system manager at the address above. The
following information should be included, if known: subject-
participant's full name and a letter of request with notarized
signature of the subject-participant of the record, any alias used,
subject-participant's identification number, name of the researcher,
name of clinic or research center, name of substance, and approximate
date of study participation.
An individual who requests notification of a medical record must,
at the time the request is made, designate in writing a responsible
representative who will be willing to review the record and inform the
subject individual of its contents at the representative's discretion.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. An individual may also
request an accounting of disclosures of his/her record, if any.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above and reasonably identify the record, specify the
information being contested, the corrective action sought, with
supporting information to show how the record is inaccurate,
incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
Research subject-participants, staff in the participating drug
abuse treatment programs, written clinical evaluations, private
physicians, counselors, psychiatrists, psychotherapists, family
members, research assistants, and hospital records.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0210
SYSTEM NAME:
Shipment Records of Drugs of Abuse to Authorized Researchers, HHS/
NIH/NIDA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Chemistry and Physiological Systems Research Branch (CPSRB),
Division of Neuroscience and Behavioral Research, National Institute on
Drug Abuse (NIDA), Neuroscience Center, Room 4282, 6001 Executive
Boulevard, Bethesda, MD 20892-9555.
Research Triangle Institute, Research Triangle Park, NC 27709.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individual researchers and organizations who are registered with
the Drug Enforcement Administration (DEA), Department of Justice (DOJ),
some since 1966, and who have voluntarily submitted documentation to
the National Institute on Drug Abuse (NIDA) in order to obtain, through
the NIDA Drug Supply Program (DSP), drugs of abuse for use in a
research project.
CATEGORIES OF RECORDS IN THE SYSTEM:
While the records in this system are research project-related, they
support the eligibility of individual researchers to receive drugs of
abuse. Types of information contained in the records are: researcher's
name, curricula vitae, research protocol, DEA and (if applicable)
Nuclear Regulatory Commission registration numbers (when a radio
labeled compound is requested and shipped), business address (location
of research project) and telephone number, summary of research
project(s), requests for substance(s), name and amount of each compound
requested and shipped, dates material is shipped and received, shipment
numbers, and order form numbers.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Public Health Service Act, sections 301, and 405 (42 U.S.C. 241 and
284); Controlled Substances Act of 1970 (21 U.S.C. 801 et seq.); Atomic
Energy Act of 1954, as amended, section 81 (42 U.S.C 2111); and Energy
Reorganization Act of 1974, section 201 (42 U.S.C. 5841).
PURPOSE(S):
To facilitate operation of DSP which is a centralized research
support service through which the United States Government supplies to
the national and international scientific community for research
purposes, most Schedule I and many Schedule II-V controlled and
noncontrolled substances as specified in the Controlled Substances Act
(CSA) of 1970 (21 U.S.C. 801 et seq.). Controlled substances are
chemicals and other substances, and their immediate precursors, that
the Attorney General has determined to have such potential for abuse as
to warrant regulation under the CSA. Some of these substances are radio
labeled materials. Radio labeled materials are substances to which a
small amount of radioactivity is added for use in various studies, such
as drug metabolism and mechanisms of drug actions.
This system of records was established to facilitate DSP by
enabling NIDA:
1. To verify that requests for drugs of abuse, some of which are
radio labeled, are from authorized individuals/organizations for use in
a research project;
2. To verify that the amounts of the materials requested by
researchers for animal, in vivo, and in vitro research are justified
and available;
3. To supply controlled substances in amounts approved by the Food
and Drug Administration (FDA) to researchers conducting research with
human subjects;
4. To ship these materials securely in accordance with CSA and the
Atomic Energy Act; and
[[Page 60788]]
5. To maintain records of these transactions.
FDA also may use the records in routine inspections in accordance
with FDA's responsibilities to develop standards on the composition,
safety, and efficacy of drugs administered to humans, and to monitor
experimental usage of drugs.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. We may disclose the record of an individual to a congressional
office in response to a verified inquiry from the congressional office
made at the written request of the individual.
2. We may disclose information to DEA, DOJ, to enable DEA to carry
out its responsibilities as described in the Controlled Substances Act
of 1970.
3. An NIH contractor routinely uses the records in this system to
ship controlled substances to authorized recipients. Such contractor is
required to maintain Privacy Act safeguards with respect to these
records.
4. An NIH contractor may have access to the records in this system
in the performance of its software modification/correction tasks
specified in its contract. Such contractor is required to maintain
Privacy Act safeguards with respect to these records.
5. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice,
or to a court or other tribunal, when (a) HHS, or any component
thereof; or (b) any HHS employee in his or her official capacity; or
(c) any HHS employee in his or her individual capacity where the
Department of Justice (or HHS, where it is authorized to do so) has
agreed to represent the employee; or (d) the United States or any
agency thereof where HHS determines that the litigation is likely to
affect HHS or any of its components, is a party to litigation or has an
interest in such litigation, and HHS determines that the use of such
records by the Department of Justice, the court or other tribunal is
relevant and necessary to the litigation and would help in the
effective representation of the governmental party, provided, however,
that in each case, HHS determines that such disclosure is compatible
with the purpose for which the records were collected.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
NIDA maintains ``hard copy'' records in file folders and automated
records on computer disk.
RETRIEVABILITY:
Authorized NIDA and contractor personnel index and retrieve the
computerized records by a researcher code number assigned by a computer
program at the time a new record is established. Authorized NIDA
personnel index and retrieve ``hard copy'' records by researcher's
name. NIDA maintains a computerized, alphabetical cross-reference list
that matches names and numbers.
SAFEGUARDS:
1. Authorized Users: The Chief, CPSR Branch and his or her support
staff, program assistant and clerk-typist, and the contracts' project
directors and their support staffs have access to the records.
2. Physical Safeguards: The ``hard copy'' records and main computer
are physically located at the Neuroscience Center, Bethesda, Maryland.
The computerized records are kept in a room with limited admittance.
The room is locked after working hours. The ``hard copy'' records are
stored in locked file cabinets in a room with very limited admittance.
This room is also locked after working hours. The Neuroscience Center
has a 24-hour guard patrol service.
3. Procedural Safeguards: The terminals are housed in a secured
work area with limited admittance. Contract personnel use a password
identification system to obtain access; NIDA changes the passwords
periodically.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook.
RETENTION AND DISPOSAL:
NIDA maintains an individual's record for five years after the
researcher's last request for, or shipment of, a drug of abuse. We
consider the record inactive after that, and erase it from the computer
disk by a delete routine. The delete routine automatically deletes the
computerized cross-reference as well. We destroy the ``hard copy''
record by shredding. The system is checked once a year for inactive
records.
SYSTEM MANAGER(S) AND ADDRESS:
Program Director, Drug Supply Program, Chemistry and Physiological
Systems Research Branch, Division of Neuroscience and Behavioral
Research, National Institute on Drug Abuse (NIDA), Neuroscience Center,
Room 4282, 6001 Executive Boulevard, Bethesda, MD 20892-9555.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
address above. An individual may learn if a record exists about himself
or herself upon written request. The request should include the
researcher's name and business address at the time of last shipment.
The request must be signed in ink by the individual researcher.
Verifiable proof of identity is required.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. An individual may also
request an accounting of disclosures of his/her record, if any.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above and reasonably identify the record, specify the
information being contested, the corrective action sought, with
supporting information to show how the record is inaccurate,
incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
Initial source is the individual researcher. Some of the DEA
registration information provided by a researcher is verified through a
DEA computer check. FDA provides information concerning type and amount
of controlled substance(s) to be shipped to an individual researcher
for research projects involving human subjects.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0211
SYSTEM NAME:
Intramural Research Program Records of In- and Out-Patients with
Various Types of Alcohol Abuse and Dependence, Relatives of Patients
with Alcoholism, and Healthy Volunteers, HHS/NIH/NIAAA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
A list of specific project sites is available from the System
Manager.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
In- and out-patients with alcohol abuse and dependence, alcohol-
induced organic brain syndromes; their relatives; and healthy
volunteers.
[[Page 60789]]
CATEGORIES OF RECORDS IN THE SYSTEM:
Research data of wide variety including biochemical measures,
psychophysiological and psychological tests, questionnaires, clinical
and behavioral observations and interviews, physical examinations, and
correspondence.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Public Health Service Act, as amended, sections 301 (42 U.S.C. 241)
and 510 (42 U.S.C. 290bb). These sections authorize the conduct of
general health research and research into alcoholism and alcohol abuse.
PURPOSE(S):
These records are used for diagnosis and treatment of patients with
alcohol abuse and dependence and related conditions; behavioral
research relating to the causes, diagnoses, and treatment of
addictions; and basic research on behavioral and biological processes.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
Records in this system are covered by section 527 of the Public
Health Service Act (42 U.S.C. 290ee-3) and 42 CFR, chapter I,
subchapter A, part 2, on confidentiality of alcohol and drug abuse
patient records. In accordance with these regulations, the records are
confidential and may only be disclosed with the written consent of the
patient with specific restrictions, and without the patient's consent
in the following instances: (1) To medical personnel to the extent
necessary to meet a bona fide emergency; (2) to qualified personnel for
the purpose of conducting scientific research; or (3) if authorized by
an appropriate order of a court of competent jurisdiction granted after
application showing good cause therefore, after certain considerations,
and with appropriate safeguards. Routine uses of information in this
system are limited to the following:
1. A record may be disclosed for a research purpose, when the
Department: (a) Has determined that the use or disclosure does not
violate legal or policy limitations under which the record was
provided, collected, or obtained; (b) Has determined that the research
purpose: (1) Cannot be reasonably accomplished unless the record is
provided in individually identifiable form, and (2) warrants the risk
to the privacy of the individual that additional exposure of the record
might bring; (c) has required the recipient to--(1) establish
reasonable administrative, technical, and physical safeguards to
prevent unauthorized use or disclosure of the record, and (2) remove or
destroy the information that identifies the individual at the earliest
time at which removal or destruction can be accomplished consistent
with the purpose of the research project, unless the recipient has
presented adequate justification of a research or health nature for
retaining such information, and (3) make no further use or disclosure
of the record except--(A) in emergency circumstances affecting the
health or safety of any individual, (B) for use in another research
project, under these same conditions, and with written authorization of
the Department, (C) for disclosure to a properly identified person for
the purpose of an audit related to the research project, if information
that would enable research subjects to be identified is removed or
destroyed at the earliest opportunity consistent with the purpose of
the audit, or (D) when required by law; (d) has secured a written
statement attesting to the recipient's understanding of, and
willingness to abide by these provisions.
2. Disclosure may be made to a congressional office from the record
of an individual in response to a verified inquiry from the
congressional office at the written request of that individual, in
accordance with 42 CFR, chapter I, subchapter A, part 2. Records may be
disclosed to student volunteers, individuals working under a personal
services contract, and other individuals performing functions for PHS
who do not technically have the status of agency employees, if they
need the records in the performance of their agency functions.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records may be stored in file folders, on index cards, computer
tapes and disks, microfiche, microfilm and audio and video tapes.
Normally the factual data, with study code numbers, are stored on
computer tape or disk, while the key to personal identifiers is stored
separately, without factual data, in paper files.
RETRIEVABILITY:
During data collection stages and followup, retrieval by personal
identifier (e.g., name or medical record number) is necessary. During
the data analysis stage, data are normally retrieved by variables of
interest, e.g., age, diagnosis, etc.
SAFEGUARDS:
Measures to prevent unauthorized disclosures are implemented as
appropriate for the particular records maintained in each project.
Depending on the sensitivity of the project, additional safeguards may
be added.
1. Authorized Users: Only NIAAA medical and research staff have
access to these records, as authorized by the system manager.
2. Physical Safeguards: Records are stored in locked rooms, locked
file cabinets, and/or secured computer facilities. Personal identifiers
and link codes are separated as much as possible and stored in locked
files.
3. Procedural Safeguards: Collection and maintenance of data are
consistent with legislation and regulations for protection of human
subjects, informed consent, confidentiality, and confidentiality
specific to drug and alcohol abuse patients. Computer data access is
limited through the use of key words, a series of account numbers, and
passwords which are changed frequently and known only to authorized
personnel.
4. Implementation Guidelines: These practices are in compliance
with the standards of Chapter 45-13 of the HHS General Administration
Manual, ``Safeguarding Records Contained in Systems of Records,''
supplementary Chapter PHS hf: 45-13, and the HHS Automated Information
Systems Security Program Handbook.
RETENTION AND DISPOSAL:
Records are held for five years after completion of the project,
retired to a Federal Records Center, and subsequently disposed of after
ten years.
SYSTEM MANAGER(S) AND ADDRESS:
Clinical Director, Laboratory of Clinical Studies, Division of
Intramural Clinical and Biological Research, National Institute on Drug
Abuse (NIDA), Building 10, Room 3B-19, 10 Center Drive, Bethesda, MD
20892.
NOTIFICATION PROCEDURE:
To determine if a record exists, write to the System Manager at the
address above. Provide notarized signature as proof of identity. The
request should include as much of the following information as
possible: (a) Full name; (b) nature of illness (if any); (c) title of
study; (d) name of researcher conducting study. An individual who
requests notification of or access to a medical/dental record shall, at
the time the request is made, designate in writing a responsible
representative who will be willing to review the record and inform the
subject individual of its contents at the representative's discretion.
A parent or guardian who requests notification of child's/
incompetent
[[Page 60790]]
person's record shall at the time the request is made designate a
family physician or other health professional (other than a family
member) to whom the record, if any, will be sent. The designee will
receive the record in all cases and upon review will determine whether
the record should be made available to the parent or guardian.
RECORD ACCESS PROCEDURE:
Same as Notification Procedures. Requesters should also reasonably
specify the record contents being sought. Individuals may also request
an accounting of disclosures of their records, if any.
CONTESTING RECORD PROCEDURE:
Contact the official at the address specified under Notification
Procedures above and reasonably identify the record, specify the
information being contested, and state the corrective action sought,
with supporting information to show how the record is inaccurate,
incomplete, untimely, or irrelevant.
RECORD SOURCE CATEGORIES:
Information gathered from individuals under study, either patient
or normal subject, contract surveys, hospital records, medical and
nursing staff notes, and from Privacy Act system of records 09-25-0099,
``Clinical Research: Patient Medical Records, HHS/NIH/CC.''
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
09-25-0213
SYSTEM NAME:
Administration: Employee Conduct Investigative Records, HHS/NIH/OD/
OM/OA/OMA.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Office of Management Assessment, Office of Administration, Office
of Management, Office of the Director (OD), 6011 Executive Boulevard,
Room 601, Bethesda, MD 20892-7669.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals who are alleged or suspected to have violated NIH or
Departmental regulations or Federal statutes and are: personnel
employed by the Federal Government who are under a career, career
conditional, or other type of appointment; personnel working under
Intergovernmental Personnel Act assignments; Guest Researchers;
Volunteers; Individuals on Temporary Appointments (including student
appointments); Fogarty International Center Scholars; Staff Fellows;
Intramural Research Training Award Fellows; IC Fellowship Award
Recipients; Visiting Associates, Scientists, and Fellows; Commissioned
Corps; individuals who receive funding through or have responsibility
for NIH sponsored grants, contracts, or cooperative agreements and
other individuals who transact or seek to transact business with NIH or
HHS or use the facilities of those agencies.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system includes records relating to correspondence concerning
an individual's employment status or conduct while employed by or
working at NIH. Examples of these records include: Correspondence from
employees, members of Congress and members of the public alleging
misconduct by an official of NIH. It also contains reports of
investigations to resolve allegations of misconduct or violations of
statutes, with related exhibits of statements, affidavits or records
obtained during the investigation; reports of action taken by
management; decisions on any misconduct substantiated by the
investigation; and reports of legal action resulting from violations of
statutes referred for prosecution.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301, 302; 42 U.S.C. 203, 282; 44 U.S.C. 3101; E.O. 10450
PURPOSE(S):
To document reviews and investigations undertaken by the Office of
Management Assessment, NIH to provide management or the Office of
Inspector General, Office of the Secretary, HHS with information needed
to take action to resolve complaints of misconduct or alleged
violations of statutes, regulations, policies, or the terms and
conditions of funding.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a Member of Congress or to a
Congressional staff member in response to an inquiry of the
Congressional office made at the written request of the constituent
about whom the record is maintained, if the disclosure does not
compromise the investigative activities of the Office of Management
Assessment.
2. The Department of Health and Human Services (HHS) may disclose
information from this system of records to the Department of Justice
when: (a) The agency or any component thereof; or (b) any employee of
the agency in his or her official capacity where the Department of
Justice has agreed to represent the employee; or (c) the United States
Government, is a party to litigation or has an interest in such
litigation, and by careful review, the agency determines that the
records are both relevant and necessary to the litigation and the use
of such records by the Department of Justice is therefore deemed by the
agency to be for a purpose that is compatible with the purpose for
which the agency collected the records.
3. Disclosure may be made to a court or adjudicative body in a
proceeding when: (a) The agency or any component thereof; or (b) any
employee of the agency in his or her official capacity; or (c) any
employee of the agency in his or her individual capacity where the
agency has agreed to represent the employee; or (d) the United states
Government, is a party to the proceeding or has an interest in such
proceeding, and by careful review, the agency determines that the
records are both relevant and necessary to the proceeding and the use
of such records is therefore deemed by the agency to be for a purpose
that is compatible with the purpose for which the agency collected the
records.
4. When a record on its face, or in conjunction with other records,
indicates a violation or potential violation of law, whether civil,
criminal or regulatory in nature, and whether arising by general
statute or particular program statute, or by regulation, rule, or order
issued pursuant thereto, disclosure may be made to the appropriate
agency, whether Federal, foreign, State, local, or tribal, or other
public authority responsible for enforcing, investigating or
prosecuting such violation or charged with enforcing or implementing
the statute, or rule, regulation, or order issued pursuant thereto, if
the information disclosed is relevant to any enforcement, regulatory,
investigative or prosecutorial responsibility of the receiving entity.
5. Disclosure may be made to a Federal, State, local, foreign, or
tribal or other public authority of any portion of this system of
records that contains information relevant to the retention of an
employee, the retention of a security clearance, the letting of a
contract, or the issuance or retention of a license, grant, or other
benefit. The other agency or licensing organization may then make a
request supported by the written consent of the individual for the
entire record if it so chooses. No disclosure
[[Page 60791]]
will be made unless the information has been determined to be
sufficiently reliable to support a referral to another office within
the agency or to another Federal agency for criminal, civil,
administrative, personnel, or regulatory action.
6. Disclosure may be made to Federal, State, local or foreign
agency maintaining, civil, criminal, or other relevant enforcement
records, or other pertinent records, or to another public authority or
professional organization, if necessary to obtain information relevant
to an investigation concerning the retention of an employee or other
personnel action, the issuance or retention of a security clearance,
the letting of a contract, or the issuance or retention of a grant, or
other benefit.
7. Where Federal agencies having the power to subpoena other
Federal agencies' records, such as the Internal Revenue Service or the
Civil Rights Commission, issue a subpoena to the Department for records
in this system of records, the Department is authorized to make such
records available.
8. Disclosure may be made to agency contractors, experts, or
consultants who have been engaged by the agency to assist in the
performance of a service related to this system of records and who need
to have access to the records in order to perform the activity.
Recipients shall be required to comply with the requirements of the
Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).
9. Disclosure may be made in the course of employee discipline or
competence determination proceedings.
10. Disclosure may be made to representatives of an awardee of an
NIH grant, contract, or cooperative agreement that is the subject of an
investigation by Office of Management Assessment, NIH.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are stored on paper forms in file folders, file cards,
magnetic tapes, magnetic disks, optical disks and/or other types of
data storage devices.
RETRIEVABILITY:
Records are retrieved by a unique classification number; name of
the victim, accused, or complainant, date of birth, social security
number; and by the nature of the incident and/or time of occurrence.
SAFEGUARDS:
1. Authorized Users: Data on computer files is accessed by keyword
known only to authorized users who are Office of Management Assessment
employees or contractor staff who have a need for the data in the
performance of their duties as determined by the system manager.
2. Physical Safeguards: Access to the restricted office area
containing the rooms where records are stored is controlled through the
use of door locks. Only authorized users have the keys to these locks.
During regular business hours, rooms in this restricted area are
unlocked but entry is controlled by on-site personnel. Rooms where
records are stored are locked when not in use. Individually
identifiable records are kept in locked file cabinets or in locked
rooms under the direct control of the system manager or his/her
delegated representatives.
3. Procedural and Technical Safeguards: Computer records are
accessible only through a series of code or keyword commands available
from and under direct control of the system manager or his/her
delegated representatives. These records are secured by a multiple-
level security system which is capable of controlling access to the
individual data field level. Persons having access to the computer
database can be restricted to a confined application which permits only
a narrow ``view'' of the data. All authorized users of personal
information in connection with the performance of their jobs (see
Authorized Users, above) protect information from public view and from
unauthorized personnel entering an unsupervised area/office. These
practices are in compliance with the standards of Chapter 45-13 of the
HHS General Administration Manual, supplementary Chapter PHS hf: 45-13,
the Department's Automated Information Systems Security Program
Handbook, and the National Institute of Standards and Technology
Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub.
31).
RETENTION AND DISPOSAL:
Records are retained and disposed of under the authority of the NIH
Records Control Schedule contained in Manual Chapter 1743, Appendix 1--
``Keeping and Destroying Records'' (HHS Records Management Manual,
Appendix B-361): item 1700-A-4, which allows records to be kept
permanently when involving extensive litigation; five years for minor
infractions or improprieties when final recommendation is that no
action be taken, or 20 years for all other. Refer to the NIH Manual
Chapter for specific retention and disposition instructions.
SYSTEM MANAGER(S) AND ADDRESS:
Director, Office of Management Assessment, Office of
Administration, Office of Management, Office of the Director (OD), 6011
Executive Boulevard, Room 601, MSC 7669, Bethesda, Maryland 20892-7669.
NOTIFICATION PROCEDURE:
This system is exempt from the notification requirements. However,
consideration will be given to requests addressed to the system manager
listed above. The requestor must verify his or her identity by
providing either a notarization of the request or a written
certification that the requestor is who he or she claims to be and
understands that the knowing and willful request for acquisition of a
record pertaining to an individual under false pretenses is a criminal
offense under the Act, subject to a five thousand dollar fine. The
request should include: (a) Full name, (b) address, and, (c) year of
records in question.
RECORD ACCESS PROCEDURE:
This system is exempt from the access requirements. However,
consideration will be given to requests addressed to the System Manager
listed above. The requestor must verify his or her identity by
providing either a notarization of the request or a written
certification that the requestor is who he or she claims to be and
understands that the knowing and willful request for acquisition of a
record pertaining to an individual under false pretenses is a criminal
offense under the Act, subject to a five thousand dollar fine. The
request should include: (a) full name, (b) address, and, (c) year of
records in question. Requesters should also reasonably specify the
record contents being sought. Although the system is exempt,
individuals may, upon request, receive records from this system and an
accounting of disclosure of their records, if the system manager
determines that disclosure would not compromise the investigative
activities of the Office of Management Assessment, NIH.
CONTESTING RECORD PROCEDURE:
Exempt. However, consideration will be given requests addressed to
the System Manager. Requests for corrections should reasonably identify
the record and specify the information being contested, and state the
corrective action sought with supporting information. The right to
contest records is limited to information which is incomplete,
irrelevant, incorrect, or untimely (obsolete).
[[Page 60792]]
RECORD SOURCE CATEGORIES:
Departmental and other Federal, State, and local government
records; subjects of investigations, complaints, witnesses; documents
and other material furnished by non-government sources; and personal
observations by the investigator.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
This system has been exempted pursuant to 5 U.S.C. 552a(k)(2) of
the Privacy Act from the access, notification, correction, and
amendment provisions of the Privacy Act (5 U.S.C. 552a(c)(3), (d)(1)-
(4), (e)(1), (e)(4)(G) and (H) and (f)), because it consists of
investigatory material compiled for law enforcement purposes.
Individual access to these files could impair investigations and alert
subjects of investigations that their activities are being scrutinized,
thereby allowing them time to take measures to prevent detection of
illegal action or to escape prosecution. Disclosure of investigative
techniques/procedures and the existence and identity of confidential
sources of information could jeopardize investigative activities.
However, any individual who has been denied any right, privilege, or
benefit for which he/she would otherwise be entitled or be eligible, as
a result of the maintenance of such material, will be given access to
the material, except to the extent that the disclosure of the material
would reveal the identity of a source who furnished information to the
Government under an express promise that the identity of such source
would be held in confidence. The system is also exempted from (k)(5) of
the Privacy Act in order to allow the agency to exempt from individual
access, investigatory materials compiled for the purpose of determining
suitability, eligibility, or qualification for federal employment or
financial assistance if release of the material would disclose the
identity of a confidential source who furnished information to the
Government under an express promise that the identity of the source
would be held in confidence.
09-25-0216
SYSTEM NAME:
Administration: NIH Electronic Directory, HHS/NIH.
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATION:
Records are maintained in databases located within the NIH computer
facilities and the files of NIH functional offices required to identify
individuals in order to manage the federal resources and authorities
assigned to them. A current list of sites, including the address of any
Federal Records Center where records from this system may be stored, is
available by writing the system manager listed under Notification
Procedure below.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Users of NIH resources and services including but not limited to:
current and past NIH employees, contractors, tenants of NIH facilities,
participants in the NIH visiting programs, registered users of NIH
computer facilities, grantees, reviewers, council members,
collaborators, vendors, and parking permit holders. This system does
not cover patients and visitors to the NIH Clinical Center.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system is a source system that provides identification data to
a variety of directory services at NIH that share comparable
information and assign or relate dedicated federal resources to
individuals. This system provides for a central directory that allows
NIH to manage NIH corporate business processes and electronic commerce.
The types of personal information in this directory are necessary to
ensure the accurate identification of individuals doing business in or
with the National Institutes of Health. The types of personal
information included in this directory are: Name, alias names, date of
birth, place of birth, social security number, gender, home address,
home phone number, home FAX number, personal pager number, personal
mobile phone number, personal email address, emergency contacts,
photograph, digitized written signature, digitized biometrics, and NIH-
assigned unique identifier. Public data refers to non-sensitive
information readily available to the general public (e.g., name,
building, room number, and work phone). Non-public data refers to
sensitive/confidential information or data for which access is limited
to appropriate staff with a valid need-to-know in the performance of
their official job duties, or as outlined in the routine uses for
disclosure (e.g., social security number, gender, home address, date of
birth, place of birth).
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301 and 302, 44 U.S.C. 3101 and 3102, Executive Order
9397.
PURPOSE(S):
The purpose is to establish a consolidated and centrally
coordinated electronic directory to support e-government of
administrative business processes; allow effective controls over the
creation, maintenance and use of records in the conduct of current
business; provide for effective management of costs, operation and
interconnectivity of NIH information systems; provide the required
structure for network security; and provide an accurate source of
directory information at the NIH. Data collected is used to build an
NIH centralized source identification directory and provides for
directory security system authentication and authorization and supports
NIH corporate business processes and electronic commerce. This system
of records enables NIH to reliably identify individuals and those
federal resources assigned to them. A NIH unique identifier (UID) will
be assigned to each individual to permit identification of a single
person with their descriptive information and resources throughout
their career.
This system allows for the creation of accurate records for
individuals in the NIH directory and ensures that duplicate data files
are compared, corrected and combined for accuracy, thus eliminating
redundancy. It is the central point of coordination for other automated
systems that manage or track resources, particularly information
security systems.
INTERNAL USE AND ACCESS TO PERSONAL INFORMATION
Internal use and access to the personal information in this system
will be limited to those with a valid need-to-know in the performance
of their official duties. Typical internal uses of the system,
including categories of users, uses of the data collected and the need
for such use are as follows:
1. Trans-NIH Human Resource Personnel, Administrative Officers, and
administrative technicians, will access all public and non-public
records for employees and/or NIH affiliates within their scope of
responsibility to access/track staffing information such as personal/
work contact information, physical location, and/or any other
information to facilitate current NIH administrative business
processes.
2. Information Resources Management staff and Space and Facility
Management personnel will have access to view public data (building
location and work phone information) to coordinate access for, and the
allocation of, telecommunication resources and building space/access.
3. Supervisors, Administrative Officers and Administrative
[[Page 60793]]
Technicians will have access to emergency contact information to enable
them to contact someone in the event of an emergency.
4. NIH central services staff, NIH police, and NIH management will
access both public and non-public data to coordinate/track employee
data required for other NIH business processes such as card key access,
ID badges, parking permits, library resources, census information
gathered for reporting requirements, employee development, training,
campus security, and other administrative processes.
5. NIH Security Officers, or other incident response personnel will
have access to public/non-public data where NIH deems it necessary for
official investigations or security incidents involving suspected
intrusion, illegal activity, or unauthorized/unethical misuse of the
system of records or data therein.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
1. Disclosure may be made to a congressional office from the
records of an individual in response to an inquiry from the
congressional office made at the request of that individual.
2. Disclosure may be made to representatives of the General
Services Administration or the National Archives and Records
Administration who are conducting records management inspections under
the authority of 44 U.S.C. 2904 and 2906.
3. Disclosure may be made to agency contractors, experts,
consultants, or volunteers who have been engaged by the agency to
assist in the performance of a service related to this system of
records and who need to have access to the records in order to perform
the activity. Recipients are required to maintain Privacy Act
safeguards with respect to these records.
4. Disclosure may be made to respond to a Federal agency's request
made in connection with the hiring or retention of an employee, the
letting of a contract or issuance of a security clearance, grant,
license, or other benefit by the requesting agency, but only to the
extent that the information disclosed is relevant and necessary to the
requesting agency's decision on the matter.
5. Disclosure may be made to the Department of Justice, or to a
court or other adjudicative body, from this system of records when (a)
HHS, or any component thereof; or (b) any HHS officer or employee in
his or her official capacity; or (c) any HHS officer or employee in his
or her individual capacity where the Department of Justice (or HHS,
where it is authorized to do so) has agreed to represent the officer or
employee; or (d) the United States or any agency thereof where HHS
determines that the proceeding is likely to affect HHS or any of its
components, is a party to the proceeding or has any interest in the
proceeding, and HHS determines that the records are relevant and
necessary to the proceeding and would help in the effective
representation of the governmental party.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Records are maintained on electronic media such as computer tape
and disk and/or hard-copy. Automated records are stored in controlled
computer areas. Both manual and computerized records will be maintained
in accordance with the standards of Chapter 45-13 of the HHS General
Administration Manual, ``Safeguarding Records Contained in Systems of
Records'', supplementary Chapter PHS hf: 45-13, and the Department's
Automated Information System Security Program Handbook.
RETRIEVABILITY:
Records are indexed and retrieved by: name, unique identifier,
alias names, and social security number.
SAFEGUARDS:
1. Authorized Users: Non-public data on computer files is accessed
by keyword known only to authorized users who are NIH employees or
contractor staff who have a legitimate operational responsibility to
access the data in the performance of their duties as determined by the
System Manager. Staff are only granted access to those directories or
fields for which they have operational responsibilities. User activity
is recorded. Occurrences of non-routine user or operator activity are
recorded. Public data is controlled by user-defined view via a web-
based look-up table. View of public data is accessible and controlled
via the NIH network.
2. Physical Safeguards: Physical access to the computer systems
where records are stored is controlled through the use of door locks
and alarms.
3. Procedural and Technical Safeguards: Access to the non-public
data will be controlled through: password protection, user
authentication, and system administration procedures for user access.
User name and password authentication procedures are in place to
protect non-public data from public view, and to prevent unauthorized
personnel from accessing data. Logical access controls, based on job
function, are in place to authorize and/or restrict the user activity
and view of the data. Persons having access to data are restricted to a
field-by-field confined user interface that permits a controlled, or
narrow ``view'' of the data. Sensitive data transferred between NIH
source databases is secured through encryption or similar manner.
Digital certificates and automated user audit trail capabilities have
been incorporated to ensure data integrity and to detect evidence of
data tampering.
These practices are in compliance with standards of Chapter 45-13
of the HHS General Administration Manual, ``Safeguarding Records
Contained in Systems of Records'', supplementary Chapter PHS hf: 45-13,
and the Department's Automated Information Systems Security Program
Handbook.
RETENTION AND DISPOSAL:
Records may be retired to a Federal Records Center and subsequently
disposed of in accordance with the NIH Records Control Schedule. The
Records Control Schedule and disposal standard for these records may be
obtained by writing to the System Manager at the address below.
SYSTEM MANAGER(S) AND ADDRESS:
Chiquita Bennett, Clinical Center (CC), Building 10, Room 1C280, 10
Center Drive, Bethesda, MD 20892.
Ann Ellis, Clinical Center (CC), Building 10, Room B1L410B, 10
Center Drive, Bethesda, MD 20892.
Edith Smith, Center for Information Technology (CIT), Fernwood
Building, Room 2NW06F, Bethesda, MD 20892.
Maria Miller, Center for Information Technology (CIT), Fernwood
Building, Room 2NW06E, Bethesda, MD 20892.
Nadel Griffith, Center for Scientific Review (CSR), Democracy Plaza
I, Room 3028, 6701 Rockledge Drive, Bethesda, MD 20892.
Marilyn Cuzzolina, Center for Scientific Review (CSR), Democracy
Plaza I, Room 3028, 6701 Rockledge Drive, Bethesda, MD 20892.
Sharon Nieberding, Office of Administrative Management and
International Services, Fogarty International Center (FIC), Building
31, Room B2C08, 31 Center Drive, Bethesda, MD 20892-2220.
Allison Wise, Office of Administrative Operations, National Center
for Complementary and Alternative Medicine (NCCAM), Building 31, Room
2B11, 31 Center Drive, Bethesda, MD 20892-2182.
[[Page 60794]]
Mike Tucker, National Cancer Institute (NCI), 6116 Executive
Boulevard, Room 609, Bethesda, MD 20892.
Mike Floyd, National Cancer Institute (NCI), 6116 Executive
Boulevard, Room 609, Bethesda, MD 20892.
Dorothy Keys, National Center for Research Resources (NCRR),
Rockledge I, Room 6070, 6705 Rockledge Drive, Bethesda, MD 20892.
Matthew Burr, National Eye Institute (NEI), Building 31, Room 6A19,
31 Center Drive, Bethesda, MD 20892.
Patricia Hylla, National Human Genome Research Institute (NHGRI),
Building 49, Room 3A38, 49 Convent Drive, Bethesda, MD 20892.
Christina Roark, National Heart, Lung, and Blood Institute (NHLBI),
Democracy Plaza I, Room 7021, 6701 Rockledge Drive, Bethesda, MD 20892-
7921.
Agnes Slamen, National Institute on Aging (NIA), Gerontology
Research Center, Johns Hopkins Bayview Campus, 5600 Nathan Shock Drive,
Room 1E14A, Baltimore, MD 21224.
Gwen Proctor, National Institute on Aging (NIA), Gerontology
Research Center, Johns Hopkins Bayview Campus, 5600 Nathan Shock Drive,
Room 1E14A, Baltimore, MD 21224.
Andrea Hobbs, National Institute of (NIAAA), Building 31, Room
1B40, 31 Center Drive, Bethesda, MD 20892.
Lennita Lawson, National Institute of Allergy and Infectious
Disease (NIAID), Building 31, Room 7A19, 31 Center Drive, Bethesda, MD
20892.
Kai Lakeman, National Institute of Allergy and Infectious Disease
(NIAID), Building 31, Room 7A19, 31 Center Drive, Bethesda, MD 20892.
Andrea Ricche, National Institute of Arthritis and Musculoskeletal
and Skin Diseases (NIAMS), Natcher Building, Room 5AS51, 45 Center
Drive, Bethesda, MD 20892.
Ruby Akomeah, National Institute of Biomedical Imaging and
Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive,
Bethesda, MD 20892.
Ivelisse Rodriguez, National Institute of Biomedical Imaging and
Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive,
Bethesda, MD 20892.
Ruth Maraio, National Institute of Child Health and Human
Development (NICHD), Rockledge I, Room 800, 6705 Rockledge Drive,
Bethesda, MD 20892.
Donna Tolson, National Institute of Drug Abuse (NIDA), Neuroscience
Center, Room 512, 6001 Executive Boulevard, Bethesda, MD 20892.
Anne Sumner, National Institute on Deafness and Other Communication
Disorders (NIDCD), Building 31, Room 3C21, 31 Center Drive, Bethesda,
MD 20892.
Kathleen Maguire, National Institute of Dental and Craniofacial
Research (NIDCR), Natcher Building, Room 4AN12, 45 Center Drive,
Bethesda, MD 20892.
Anne Robertson, National Institute of Diabetes and Digestive and
Kidney Diseases (NIDDK), Democracy Plaza II, Room 909, 6707 Democracy
Boulevard, Bethesda, MD 20892.
Linda Mongelli, National Institute of Diabetes and Digestive and
Kidney Diseases (NIDDK), Building 10, Room 9N208, 10 Center Drive,
Bethesda, MD 20892.
Donna Byrd, National Institute of Environmental Health Sciences
(NIEHS), PO Box 12233, Research Triangle Park, NC 27709.
Gail Grosman, National Institute of General Medical Sciences
(NIGMS), Natcher Building, Room 3AN32, 45 Center Drive, Bethesda, MD
20892.
Crystal James, National Institute of General Medical Sciences
(NIGMS), Natcher Building, Room 3AS25A, 45 Center Drive, Bethesda, MD
20892.
Pam Fitzgerald, National Institute of Mental Health (NIMH),
Building 31, Room 2B34, 31 Center Drive, Bethesda, MD 20892.
Vicki Dobbins, National Institute of Medical Health (NIMH),
Building 31, Room 2B34, 31 Center Drive, Bethesda, MD 20892-9657.
Debbie Jarman, Privacy Act Coordinator, National Institute of
Neurological Disorders (NINDS), Building 31, Room 8A33, 31 Center
Drive, Bethesda, MD 20892.
Ana Ferreira, National Institute of Nursing Research (NINR),
Building 31, Room 5B19A, 31 Center Drive, Bethesda, MD 20892.
Patricia Williams, National Library of Medicine (NLM), Building 38,
Room 2W05, 8600 Rockville Pike, Bethesda, MD 20894.
Sandy Freund, Office of the Director (OD), 6011 Executive
Boulevard, Room 325, Bethesda, MD 20892.
Dinah Huffer, Office of Research Services (ORS), Building 31, Room
4B30, 31 Center Drive, Bethesda, MD 20892.
NOTIFICATION PROCEDURE:
Write to the System Manager listed above. The requester must verify
his or her identity by providing either a notarization of the request
or a written certification that the requester is who he or she claims
to be and understands that the knowing and willful request for
acquisition of a record pertaining to an individual under false
pretenses is a criminal offense under the Act, subject to a five
thousand-dollar fine. The request should include: (a) Full name, and
(b) address, and (c) year of records in question.
RECORD ACCESS PROCEDURE:
Write to the System Manager specified above to attain access to
records and provide the same information as is required under the
Notification Procedures. Requester should also reasonably specify the
record content being sought. Individuals may also request an accounting
of disclosure of their records, if any.
CONTESTING RECORD PROCEDURE:
Address a petition for amendment to the System Manager. All
requests must be in writing. The individual must identify himself/
herself, specify the system of records from which the records are
retrieved, the particular records to be corrected or amended, whether
seeking an addition to or a deletion or substitution for the records,
and the reason for requesting correction or amendment of the record.
RECORD SOURCE CATEGORIES:
NIH employees, contractors, and other persons who are using or
performing services on behalf of the NIH, and the NIH human resource
databases (i.e., Human Resource Database (HRDB), Fellowship Payment
System (FPS), J.E. Fogarty Database of Foreign Visiting Scientists
(JEFIC), NIH Telecommunications Database (TELCOM), Parking and
Identification Database (PAID), E-mail Directory and Forwarding Service
(PH directory), and the Integrated Time and Attendance System (ITAS)).
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:
None.
[FR Doc. 02-23965 Filed 9-25-02; 8:45 am]
BILLING CODE 4140-01-P