[Federal Register Volume 73, Number 42 (Monday, March 3, 2008)]
[Notices]
[Pages 11400-11402]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-4048]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Department of the Air Force

[USAF-2008-0004]


Privacy Act of 1974; System of Records

AGENCY: Department of the Air Force.

ACTION: Notice To Add a System of Records.

-----------------------------------------------------------------------

SUMMARY: The Department of the Air Force is proposing to add a system 
of records to its inventory of record systems subject to the Privacy 
Act of 1974 (5 U.S.C. 552a), as amended.

DATES: The changes will be effective on April 2, 2008 unless comments 
are received that would result in a contrary determination.

ADDRESSES: Send comments to the Air Force Privacy Act Officer, Office 
of Warfighting Integration and Chief Information Officer, SAF/XCISI, 
1800 Air Force Pentagon, Suite 220, Washington, DC 20330-1800.

FOR FURTHER INFORMATION CONTACT: Ms. Novell Hill at (703) 696-6518.

SUPPLEMENTARY INFORMATION: The Department of the Air Force notices for 
systems of records subject to the Privacy Act of 1974 (5 U.S.C. 552a), 
as amended, have been published in the Federal Register and are 
available from the address above.
    The proposed systems reports, as required by 5 U.S.C. 552a(r) of 
the Privacy Act of 1974, as amended, were submitted on February 11, 
2008, to the House Committee on Government Oversight and Reform, the 
Senate Committee on Homeland Security and Governmental Affairs, and the 
Office of Management and Budget (OMB) pursuant to paragraph 4c of 
Appendix I to OMB Circular No. A-130, ``Federal Agency Responsibilities 
for Maintaining Records About Individuals,'' dated February 8, 1996 
(February 20, 1996, 61 FR 6427).


[[Page 11401]]


    Dated: February 26, 2008.
L.M. Bynum,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
F033 USSC A

SYSTEM NAME:
    Information Technology and Control Records.

SYSTEM LOCATION:
    Headquarters United States Strategic Command (USSTRATCOM), Command 
Information Assurance (IA) Branch (J672), 901 SAC Boulevard, Offutt Air 
Force Base, NE 68113-6600.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Military, civilian employees, contractor personnel, and individuals 
(to include foreign nationals) requiring access to Department of 
Defense information and information systems.

CATEGORIES OF RECORDS IN THE SYSTEM:
    System contains documents relating to requests for, and grants 
access to Department of Defense information and information systems, 
authorizes individuals to perform duties as a privileged user and/or 
Information Assurance manager, and/or authorizes individuals to bring 
Portable Electronic Devices (PEDs) into the Command. Records may 
contain the individual's name; partial Social Security Number (last 
four-digits); electronic mail address; work telephone numbers; office 
symbol; contractor/employee status; computer logon address, user 
identification codes; types of access/permissions required; 
verification of need-to-know; dates of mandatory information assurance 
awareness training; types of duties performed; commercial 
certifications held; and/or security clearance data.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 301, Departmental Regulations; 5 U.S.C. 302, Delegation of 
Authority; 10 U.S.C. 133, Under Secretary of Defense for Acquisition 
and Technology; 10 U.S.C. 2224, Defense Information Assurance Program; 
18 U.S.C. 1029 and 1030, Fraud and Related Activity in Connection with 
Access Devices and Computers; 44 U.S.C. 3536, National Security 
Systems; E.O. 10450 Security Requirements for Government Employees, as 
amended; Department of Department Instruction (DODI)8500.2, Information 
Assurance (IA) Implementation, 6 February 2003; Chairman Joint Chiefs 
of Staff Manual (CJCSM) 6510.01, Defense-In-Depth: Information 
Assurance (IA) And Computer Network Defense (CND), 25 March 03; 
Department of Defense Directive (DODD) 8570.1, Information Assurance 
Training, Certification, and Workforce Management, 15 August 2004; and 
E.O. 9397 (SSN).

PURPOSE(S):
    To control and track access to Department of Defense-controlled 
information and information systems and/or to authorize use of Portable 
Electronic Devices (PEDs) within the Command. Records may also be used 
by law enforcement officials to identify the occurrence of and assist 
in the prevention of computer misuse and/or crime. Statistical data, 
with all personal identifiers removed, may be used by management for 
system efficiency, workload calculations, or reporting purposes.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES 
OF USERS AND THE PURPOSE OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records, or information contained 
herein, may be specifically disclosed outside the Department of Defense 
as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    The Department of Defense `Blanket Routine Uses' published at the 
beginning of the Air Force's compilation of systems of records notices 
apply to this system.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Paper records in file folders and electronic storage media.

RETRIEVABILITY:
    Individual's name, Social Security Number (SSN), assigned user 
identification (I.D.) code, and/or system identification designator.

SAFEGUARDS:
    The Command Information Assurance Manager, Headquarters United 
States Strategic Command (USSTRATCOM/J672), has full access to the 
information system file. Records are stored and kept in an area cleared 
for open storage of classified material. Paper records (completed 
forms) are kept in file cabinets located in a secure area and building 
under armed guard control and patrols 24-hours per day. Electronic 
records are stored on computer systems employing software programs and 
a Computer Network Defense Service Provider that monitor network 
traffic to identify unauthorized attempts to upload or change 
information. Access to computer systems is password and/or Public Key 
Infrastructure controlled. The building is under armed guard control, 
video camera monitoring, and patrols 24-hours per day.

RETENTION AND DISPOSAL:
    Records are retained as long as the individual has access to 
USSTRATCOM information systems, and/or no longer needed for 
administrative, legal, audit, or other operational purposes. Records 
relating to contractor access are destroyed 3 years after contract 
completion or deletion. Paper records are disposed of using a 
Government-approved shredder; computer records are sanitized in 
accordance with Department of Defense remanence security policies.

SYSTEM MANAGER AND ADDRESS:
    Chief, Information Assurance Branch, Headquarters United States 
Strategic Command (USSTRATCOM/J672), 901 SAC Blvd, Offutt AFB NE 68113-
6600.

NOTIFICATION PROCEDURE:
    Individuals seeking access to information about themselves 
contained in this system should address written inquiries to Chief, 
Information Assurance Branch, USSTRATCOM/J672, 901 SAC Blvd, Offutt AFB 
NE 68113-6600.
    Inquiries should contain the individual's full name, mailing 
address, and bear the signature of the requester.
    Individuals may visit the Information Assurance Branch (USSTRATCOM/
J672), 901 SAC Blvd, Offutt AFB NE 68113-6600, to view their record(s). 
The system manager will assist these individuals.

RECORD ACCESS PROCEDURES:
    An individual seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to Chief, Information Assurance Branch, USSTRATCOM/J672, 901 SAC Blvd, 
Offutt AFB NE 68113-6600.
    Inquiries should contain the individual's full name, mailing 
address, and bear the signature of the requester.
    Individuals may visit the Information Assurance Branch (USSTRATCOM/
J672), 901 SAC Blvd, Offutt AFB NE 68113-6600, to view their record(s). 
The system manager will assist these individuals.

CONTESTING RECORDS PROCEDURES:
    The Air Force rules for accessing records, and for contesting 
contents and appealing initial agency determinations are published in 
Air Force Instruction 33-332, Privacy Act Program; 32 CFR

[[Page 11402]]

Part 806b; or may be obtained from the system manager.

RECORD SOURCE CATEGORIES:
    Contents of the records are obtained from the individual about whom 
the record pertains, from supervisors of personnel, the individual's 
Information Assurance Officer or Manager, and/or security manager.

EXEMPTIONS CLAIMED FOR THE SYSTEM:
    Information specifically authorized to be classified under E.O. 
12958, as implemented by DoD 5200.1-R, may be exempt pursuant to 5 
U.S.C. 552a(k)(1).
    Investigatory material compiled for law enforcement purposes may be 
exempt pursuant to 5 U.S.C. 552a(k)(2). However, if an individual is 
denied any right, privilege, or benefit for which he would otherwise be 
entitled by Federal law or for which he would otherwise be eligible, as 
a result of the maintenance of such information, the individual will be 
provided access to such information except to the extent that 
disclosure would reveal the identity of a confidential source.
    An exemption rule for this system has been promulgated in 
accordance with requirements of 5 U.S.C. 553(b)(1), (2), and (3), (c) 
and (e) and published in 32 CFR part 701, subpart G. For additional 
information contact the system manager.

[FR Doc. E8-4048 Filed 2-29-08; 8:45 am]
BILLING CODE 5001-06-P