[Federal Register Volume 71, Number 154 (Thursday, August 10, 2006)]
[Notices]
[Pages 45859-45862]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E6-13009]


=======================================================================
-----------------------------------------------------------------------

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

[Notice (06-050)]


Privacy Act of 1974; Privacy Act System of Records

AGENCY: National Aeronautics And Space Administration (NASA).

ACTION: Notice of proposed revisions to an existing Privacy Act system 
of records.

-----------------------------------------------------------------------

SUMMARY: The National Aeronautics and Space Administration proposes to 
revise an existing system of records titled ''Security Records System'' 
(NASA 10SECR), last published on December 13, 1999, (64 FR 69556).
    This system of records is being revised to describe the additional 
types of information being collected by NASA required by Homeland 
Security Presidential Directive 12 (Policy for a Common Identification 
Standard for Federal Employees and Contractors) and FIPS 201 (Personal 
Identity Verification (PIV) of Federal Employees and Contractors). 
Additionally, this system of records is being revised to reflect that 
NASA now collects and maintains emergency contact information for 
employees and contractors in order for notification of an employee or 
contractor's next-of-kin in the event of a mishap involving the 
individual.
    The purposes of this system of records are to:
    1. Document security violations and supervisory actions taken.
    2. Ensure the safety and security of NASA facilities, systems, or 
information, and Agency occupants and users.
    3. Notify an employee's next-of-kin or contractor in the event of a 
mishap involving the NASA or contractor employee.
    4. Complete the NASA identity proofing and registration process.
    5. Create data records in the Personal Identity Verification (PIV) 
Identity Management System (IDMS).
    6. Issue PIV cards to verify that individuals entering Federal 
facilities, using Federal information resources, or accessing 
classified information are authorized to do so.
    7. Track and control issued PIV cards.

DATES: Submit comments September 11, 2006.

ADDRESSES: Patti F. Stockman, Privacy Act Officer, Office of the Chief 
Information Officer, National Aeronautics and Space Administration 
Headquarters, Washington, DC 20546-0001, (202) 358-4787, [email protected].

FOR FURTHER INFORMATION CONTACT: NASA Privacy Act Officer, Patti F. 
Stockman, (202) 358-4787, [email protected].

SUPPLEMENTARY INFORMATION: This publication is in accordance with the 
Privacy Act requirement that agencies publish their amended systems of 
records in the Federal Register when there is a revision, change, or 
addition. NASA's Office of Security and Program Protection (OSPP) has 
reviewed its systems of records notices and has determined that its 
record system, Security Records System (NASA 10SECR), must be revised 
to incorporate the changes described herein.
NASA 10 SECR

System Name:
    Security Records System.

Security Classification:
    None.

System Location:
    Locations 1 through 9 and Locations 11, 12, and 14 as set forth in 
Appendix A.

Categories of Individuals Covered by the System:
    Civil Servant Employees, applicants, NASA committee members, NASA 
consultants, NASA experts, NASA Resident Research Associates, guest 
workers, contractor employees, detailees, visitors, correspondents 
(written and telephonic), Faculty Fellows, Intergovernmental Personnel 
Mobility Act (IPA) Employees, Grantees, Cooperative Employees, and 
Remote Users of NASA Non-Public Information Technology Resources.

Categories of Records in the System:
    Personnel Security Records, Personal Identity Records, Emergency 
Data Records, Criminal Matters, and Traffic Management. Specific 
records fields include, but are not limited to: Name, former names, 
date of birth, place of birth, social security number, home address, 
phone numbers, citizenship, traffic infraction, security violation, 
security incident, security violation discipline status and action 
taken.

[[Page 45860]]

Authority for Maintenance of the System:
    42 U.S.C. 2451, et seq., the National Aeronautics and Space Act of 
1958, as amended; Espionage and Information Control Statutes, 18 U.S.C. 
793-799; Sabotage Statutes, 18 U.S.C. 2151-2157; Conspiracy Statute, 18 
U.S.C. 371; 18 U.S.C. 202-208, 3056; Internal Security Act of 1950; 
Atomic Energy Act of 1954, as amended; Executive Order 12958, as 
amended, Classified National Security Information; Executive Order 
12968, as amended, Access to Classified Information; Executive Order 
10865, Safeguarding Classified Information Within Industry; Executive 
Order 10450, Security Requirements for Government Employees; Pub. L. 
81-733; Pub. L. 107-347, Federal Information Security Management Act 
2002; 41 CFR Chapter 101; 14 CFR Part 1203; and 44 U.S.C. 3101; 
Homeland Security Presidential Directive (HSPD) 12, Policy for a Common 
Identification Standard for Federal Employees and Contractors, August 
27, 2004.

Routine Uses of Records Maintained in the System, Including Categories 
of Users and the Purposes of Such Uses:
    Any disclosures of information will be compatible with the purpose 
for which the Agency collected the information. The records and 
information in these records may be disclosed to:
    1. To the Department of Justice when: (a) The agency or any 
component thereof; or (b) any employee of the agency in his or her 
official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the Department of Justice has 
agreed to represent the employee; or (d) the United States Government, 
is a party to litigation or has an interest in such litigation, and by 
careful review, the agency determines that the records are both 
relevant and necessary to the litigation and the use of such records by 
DOJ is therefore deemed by the agency to be for a purpose compatible 
with the purpose for which the agency collected the records.
    2. To a court or adjudicative body in a proceeding when: (a) The 
agency or any component thereof; (b) any employee of the agency in his 
or her official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the Department of Justice has 
agreed to represent the employee; or (d) the United States Government, 
is a party to litigation or has an interest in such litigation, and by 
careful review, the agency determines that the records are both 
relevant and necessary to the litigation and the use of such records is 
therefore deemed by the agency to be for a purpose that is compatible 
with the purpose for which the agency collected the records.
    3. To an Agency in order to provide a basis for determining 
preliminary visa eligibility.
    4. To a Member of Congress or to a Congressional staff member in 
response to an inquiry of the Congressional office made at the written 
request of the constituent about whom the record is maintained.
    5. To a staff member of the Executive Office of the President in 
response to an inquiry from the White House.
    6. To the National Archives and Records Administration or to the 
General Services Administration for records management inspections 
conducted under 44 U.S.C. Sec. Sec.  2904 and 2906.
    7. To agency contractors, grantees, or volunteers who have been 
engaged to assist the agency in the performance of a contract service, 
grant, cooperative agreement, or other activity related to this system 
of records and who need to have access to the records in order to 
perform their activity. Recipients shall be required to comply with the 
requirements of the Privacy Act of 1974, as amended, 5 U.S.C. Sec.  
552a.
    8. To other Federal agencies and relevant contractor facilities to 
determine eligibility of individuals to access classified National 
Security information.
    9. To any official investigative or judicial source from which 
information is requested in the course of an investigation, to the 
extent necessary to identify the individual, inform the source of the 
nature and purpose of the investigation, and to identify the type of 
information requested.
    10. To the news media or the general public, factual information 
the disclosure of which would be in the public interest and which would 
not constitute an unwarranted invasion of personal privacy, consistent 
with Freedom of Information Act standards.
    11. To a Federal State, or local agency, or other appropriate 
entities or individuals, or through established liaison channels to 
selected foreign governments, in order to enable an intelligence agency 
to carry out its responsibilities under the National Security Act of 
1947 as amended, the CIA Act of 1949 as amended, Executive Order 12333 
or any successor order, applicable national security directives, or 
classified implementing procedures approved by the Attorney General and 
promulgated pursuant to such statutes, orders or directives.
    12. In order to notify an employee's next-of-kin or contractor in 
the event of a mishap involving that employee or contractor.
    13. To notify another Federal agency when, or verify whether, a PIV 
card is no longer valid.
    14. To provide relevant information to an internal or external 
organization or element thereof conducting audit activities of a NASA 
contractor or subcontractor.
    15. Disclosure to a NASA contractor, subcontractor, grantee, or 
other Government organization information developed in an investigation 
or administrative inquiry concerning a violation of a Federal or state 
statute or regulation on the part of an officer or employee of the 
contractor, subcontractor, grantee, or other Government organization.
    16. Standard routine uses 1 through 4 inclusive as set forth in 
Appendix B.

Policies and Practices for Storing, Retrieving, Accessing, Retaining, 
and Disposing of Records in the System:
Storage:
    Electronic media and hard-copy documents.

Retrievability:
    Records are indexed by individual's name, file number, badge 
number, decal number, payroll number, Agency-specific unique personal 
identification code, and/or Social Security Number.

Safeguards:
    Access to system records is controlled by either Government 
personnel or selected personnel of NASA contractor guard/security force 
and contractor personnel. After presenting proper identification and 
requesting a file or record, a person with an official need to know 
and, if appropriate, a proper clearance may have access to a file or 
records only after it has been retrieved and approved for release by a 
NASA security representative. These records are secured in security 
storage equipment, and/or information technology systems employing 
security countermeasures.

Retention and Disposal:
    The Personnel Security Records are maintained in Agency files and 
destroyed upon notification of the death or within 5 years after 
separation or transfer of employee or within 5 years after contract 
relationship expires, whichever is applicable in accordance with NASA 
Records Retention Schedules, Schedule 1 Item 103.
    The Personal Identity Records are maintained in Agency files and 
destroyed upon notification of the death or within 5 years after 
separation or

[[Page 45861]]

transfer of employee or within 5 years after contract relationship 
expires, whichever is applicable in accordance with NASA Records 
Retention Schedules, Schedule 1 Item 103.
    The Emergency Data Records are maintained in Agency files and 
destroyed when no longer needed in accordance with General Records 
Schedule 18, Item 22a.
    The Criminal Matter Records are maintained in Agency files and 
destroyed when 8 years old in accordance with NASA Records Retention 
Schedules, Schedule 2 Item 4B2.
    The Traffic Management Records are maintained in Agency files and 
destroyed upon transfer or separation of permit holder or when permit 
is superseded or revoked whichever is sooner in accordance with NASA 
Records Retention Schedules, Schedule 6 Item 11B.

System Manager(S) and Address:
    Director, Security Management Division, Location 1.
    Subsystem Managers: Chief, Protective Services Division, Location 
2; Chief, Security Branch, Locations 4 and 5; Security Officer, 
Location 3, 8, and 11; Chief, Protective Services Office, Location 6; 
Head, Office of Security and Public Safety, Location 7; Chief, Security 
Division, Location 9; Chief, Administration Office, Location 12; Safety 
and Security Officer at Location 14. Locations are as set forth in 
Appendix A.

Notification Procedure:
    Information may be obtained from the cognizant system or subsystem 
manager listed above. Requests must contain the following identifying 
data concerning the requestor: First, middle, and last name; date of 
birth; Social Security Number; period and place of employment with 
NASA, if applicable.

Record Access Procedures:
    Personnel Security Records compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, Federal contracts, or access to classified 
information have been exempted by the Administrator under 5 U.S.C. 
552a(k)(5) from the access provisions of the Act.
    Personal Identity Records: Requests from individuals should be 
addressed to the same address as stated in the Notification section 
above.
    Emergency Data Records: Requests from individuals should be 
addressed to the same address as stated in the Notification section 
above.
    Criminal Matter Records compiled for civil or criminal law 
enforcement purposes have been exempted by the Administrator under 5 
U.S.C. 552a(k)(2) from the access provision of the Act.
    Traffic Management Records: Requests from individuals should be 
addressed to the same address as stated in the Notification section 
above.

Contesting Record Procedures:
    For Personnel Security Records and Criminal Matters Records, see 
Record Access Procedures, above. For Personal Identity Records, 
Emergency Data Records, and Traffic Management Records, the NASA rules 
for access to records and for contesting contents and appealing initial 
determinations by the individual concerned appear at 14 CFR part 1212.

Record Source Categories:
    Information is obtained from a variety of sources including the 
employee, contractor, or applicant via use of the Standard Form (SF) 
SF-85, SF-85P, or SF-86 and personal interviews; employers' and former 
employers' records; FBI criminal history records and other databases; 
financial institutions and credit reports; medical records and health 
care providers; educational institutions; interviews of witnesses such 
as neighbors, friends, co-workers, business associates, teachers, 
landlords, or family members; tax records; and other public records. 
Security violation information is obtained from a variety of sources, 
such as guard reports, security inspections, witnesses, supervisor's 
reports, audit reports.
    Exemptions Claimed for the System:
    Personnel Security Records compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for Federal 
civilian employment, Federal contracts, or access to classified 
information, but only to the extent that the disclosure of such 
material would reveal the identity of a confidential source, are exempt 
from the following sections of the Privacy Act of 1974, 5 U.S.C. 
552a(c)(3) relating to access to the disclosure accounting; (d) 
relating to access to the records; (e)(1) relating to the type of 
information maintained in the records; (e)(4)(G), (H) and (I) relating 
to publishing in the annual system notice information as to agency 
procedures for access and correction and information as to the 
categories of sources of records; and (f) relating to developing agency 
rules for gaining access and making corrections. The determination to 
exempt the Personnel Security Records portion of the Security Records 
System has been made by the Administrator of NASA in accordance with 5 
U.S.C. 552a(k)(5) and Subpart 5 of the NASA regulations appearing in 14 
CFR part 1212.
    Criminal Matter Records to the extent they constitute investigatory 
material compiled for law enforcement purposes are exempt from the 
following sections of the Privacy Act of 1974, 5 U.S.C. 552a(c)(3) 
relating to access to the disclosure accounting; (d) relating to access 
to the records; (e)(1) relating to the type of information maintained 
in the records; (e)(4)(G), (H) and (I) relating to publishing in the 
annual system notice information as to agency procedures for access and 
correction and information as to the categories of sources of records; 
and (f) relating to developing agency rules for gaining access and 
making corrections. The determination to exempt the Criminal Matter 
Records portion of the Security Records System has been made by the 
Administrator of NASA in accordance with 5 U.S.C. 552a(k)(2) and 
subpart 5 of the NASA regulations appearing in 14 CFR part 1212.
    Records subject to the provisions of 5 U.S.C. 552(b)(1) required by 
Executive Order to be kept secret in the interest of national defense 
or foreign policy are exempt from the following sections of the Privacy 
Act of 1974, 5 U.S.C. 552a:(c)(3) relating to access to the disclosure 
accounting; (d) relating to the access to the records; (e)(1) relating 
to the type of information maintained in the records; (e)(4)(G), (H) 
and (I) relating to publishing in the annual system notice information 
as to agency procedures for access and correction and information as to 
the categories of sources of records; and (f) relating to developing 
agency rules for gaining access and making corrections.
    The determination to exempt this portion of the Security Records 
System has been made by the Administrator of NASA in accordance with 5 
U.S.C. 552a(k)(1) and subpart 5 of the NASA regulations appearing in 14 
CFR part 1212.

John W. McManus,
Acting Chief Information Officer.

Appendix A--Location Numbers and Mailing Addresses of NASA 
Installations at Which Records Are Located

Location 1

    NASA Headquarters, National Aeronautics and Space 
Administration, Washington, DC 20546-0001.

Location 2

    Ames Research Center, National Aeronautics and Space 
Administration, Moffett Field, CA 94035-1000.

[[Page 45862]]

Location 3

    Dryden Flight Research Center, National Aeronautics and Space 
Administration, PO Box 273, Edwards, CA 93523-0273.

Location 4

    Goddard Space Flight Center, National Aeronautics and Space 
Administration, Greenbelt, MD 20771-0001.

Location 5

    Lyndon B. Johnson Space Center, National Aeronautics and Space 
Administration, Houston, TX 77058-3696.

Location 6

    John F. Kennedy Space Center, National Aeronautics and Space 
Administration, Kennedy Space Center, FL 32899-0001.

Location 7

    Langley Research Center, National Aeronautics and Space 
Administration, Hampton, VA 23681-2199.

Location 8

    John H. Glenn Research Center at Lewis Field, National 
Aeronautics and Space Administration, 21000 Brookpark Road, 
Cleveland, OH 44135-3191.

Location 9

    George C. Marshall Space Flight Center, National Aeronautics and 
Space Administration, Marshall Space Flight Center, AL 35812-0001.

Location 10

    HQ NASA Management Office-JPL, National Aeronautics and Space 
Administration, 4800 Oak Grove Drive, Pasadena, CA 91109-8099.

Location 11

    John C. Stennis Space Center, National Aeronautics and Space 
Administration, Stennis Space Center, MS 39529-6000.

Location 12

    JSC White Sands Test Facility, National Aeronautics and Space 
Administration, PO Drawer MM, Las Cruces, NM 88004-0020.

Location 13

    GRC Plum Brook Station, National Aeronautics and Space 
Administration, Sandusky, OH 44870.

Location 14

    MSFC Michoud Assembly Facility, National Aeronautics and Space 
Administration, PO Box 29300, New Orleans, LA 70189.

Location 15

    NASA Independent Verification and Validation Facility (NASA 
IV&V), 100 University Drive, Fairmont, WV 26554.

Location 16

    Edison Post of Duty, c/o DCIS, PO 1054, Edison, NJ 08818.

Location 17

    Western Field Office, Glenn Anderson Federal Building, 501 West 
Ocean Blvd., Long Beach, CA 90802-4222.

Appendix B--Standard Routine Uses--NASA

    The following routine uses of information contained in SORs, 
subject to the Privacy Act of 1974, are standard for many NASA 
systems. They are cited by reference in the paragraph ``Routine uses 
of records maintained in the system, including categories of users 
and the purpose of such uses'' of the Federal Register Notice on 
those systems to which they apply.
    Standard Routine Use No. 1--Law Enforcement--In the event this 
system of records indicates a violation or potential violation of 
law, whether civil, criminal, or regulatory in nature, and whether 
arising by general statute or particular program statute, or by 
regulation, rule or order issued pursuant thereto, the relevant 
records in the SOR may be referred, as a routine use, to the 
appropriate agency, whether Federal, State, local or foreign, 
charged with the responsibility of investigating or prosecuting such 
violation or charged with enforcing or implementing the statute, or 
rule, regulation or order issued pursuant thereto.
    Standard Routine Use No. 2--Disclosure When Requesting 
Information--A record from this SOR may be disclosed as a ``routine 
use'' to a Federal, State, or local agency maintaining civil, 
criminal, or other relevant enforcement information or other 
pertinent information, such as current licenses, if necessary to 
obtain information relevant to an agency decision concerning the 
hiring or retention of an employee, the issuance of a security 
clearance, the letting of a contract, or the issuance of a license, 
grant, or other benefit.
    Standard Routine Use No. 3--Disclosure of Requested 
Information--A record from this SOR may be disclosed to a Federal 
agency, in response to its request, in connection with the hiring or 
retention of an employee, the issuance of a security clearance, the 
reporting of an investigation of an employee, the letting of a 
contract, or the issuance of a license, grant, or other benefit by 
the requesting agency, to the extent that the information is 
relevant and necessary to the requesting agency's decision on the 
matter.
    Standard Routine Use No. 4--Court or Other Formal Proceedings--
In the event there is a pending court or formal administrative 
proceeding, any records that are relevant to the proceeding may be 
disclosed to the Department of Justice or other agency for purposes 
of representing the Government, or in the course of presenting 
evidence, or they may be produced to parties or counsel involved in 
the proceeding in the course of pretrial discovery.

[FR Doc. E6-13009 Filed 8-9-06; 8:45 am]
BILLING CODE 7510-13-P