[Federal Register Volume 73, Number 71 (Friday, April 11, 2008)] [Notices] [Pages 19905-19909] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: E8-7727] ----------------------------------------------------------------------- NUCLEAR REGULATORY COMMISSION [Docket No. 72-68; EA-08-069] In the Matter of Exelon Generation Company Byron Generating Station Independent Spent Fuel Installation Order Modifying License (Effective Immediately) AGENCY: U.S. Nuclear Regulatory Commission. ACTION: Issuance of Order for Implementation of Additional Security Measures and Fingerprinting for Unescorted Access to Exelon Generation Company, LLC. ----------------------------------------------------------------------- FOR FURTHER INFORMATION CONTACT: L. Raynard Wharton, Senior Project Manager, Licensing and Inspection Directorate, Division of Spent Fuel Storage and Transportation, Office of Nuclear Material Safety and Safeguards (NMSS), U.S. Nuclear Regulatory Commission (NRC), Rockville, MD 20852. Telephone: (301) 492-3316; fax number: (301) 492-3350; e- mail: [email protected]. SUPPLEMENTARY INFORMATION: I. Introduction Pursuant to 10 CFR 2.106, NRC (or the Commission) is providing notice, in the matter of Byron Generating Station Independent Spent Fuel Storage Installation (ISFSI) Order Modifying License (Effective Immediately). II. Further Information I NRC has issued a general license to Exelon Generating Company, LLC (Exelon), authorizing the operation of an ISFSI, in accordance with the Atomic Energy Act of 1954, as amended, and Title 10 of the Code of Federal Regulations (10 CFR) Part 72. This Order is being issued to Exelon, which has identified near-term plans to store spent fuel in an ISFSI under the general license provisions of 10 CFR Part 72. The Commission(s regulations at 10 CFR 72.212(b)(5) and 10 CFR 73.55(h)(1) require Exelon to maintain safeguards contingency plan procedures to respond to threats of radiological sabotage and to protect the spent fuel against the threat of radiological sabotage, in accordance with 10 CFR Part 73, Appendix C. Specific safeguards requirements are contained in 10 CFR 73.51 or 73.55, as applicable. Inasmuch as an insider has an opportunity equal to, or greater than, any other person, to commit radiological sabotage, the Commission has determined these measures to be prudent. Comparable Orders have been issued to all licensees that currently store spent fuel or have identified near-term plans to store spent fuel in an ISFSI. II On September 11, 2001, terrorists simultaneously attacked targets in New York, NY, and Washington, DC, using large commercial aircraft as weapons. In response to the attacks and intelligence information subsequently obtained, the Commission issued a number of Safeguards and Threat Advisories to its licensees, to strengthen licensees' capabilities and readiness to respond to a potential attack on a nuclear facility. On October 16, 2002, the Commission issued Orders to the licensees of operating ISFSIs, to place the actions taken in response to the Advisories into the established regulatory framework and to implement additional security enhancements that emerged from NRC's ongoing comprehensive review. The Commission has also communicated with other Federal, State, and local government agencies and industry representatives to discuss and evaluate the current threat environment in order to assess the adequacy of security measures at licensed facilities. In addition, the Commission has conducted a comprehensive review of its safeguards and security programs and requirements. As a result of its consideration of current safeguards and security requirements, as well as a review of information provided by the intelligence community, the Commission has determined that certain additional security measures (ASMs) are required to address the current threat environment, in a consistent manner throughout the nuclear ISFSI community. Therefore, the Commission is imposing requirements, as set forth in Attachments 1 and 2 of this Order, on all licensees of these facilities. These requirements, which supplement existing regulatory requirements, will provide the Commission with reasonable assurance that the public health and safety and common defense and security continue to be adequately protected in the current threat environment. These requirements will remain in effect until the Commission determines otherwise. The Commission recognizes that Exelon may have already initiated many of the measures set forth in Attachments 1 and 2 to this Order, in response to previously issued advisories, or on their own. It also recognizes that some measures may not be possible nor necessary at some sites, or may need to [[Page 19906]] be tailored to accommodate the specific circumstances existing at the licensee's facility, to achieve the intended objectives and avoid any unforeseen effect on the safe storage of spent fuel. Although the ASMs implemented by licensees in response to the Safeguards and Threat Advisories have been sufficient to provide reasonable assurance of adequate protection of public health and safety, the Commission concludes that these actions must be supplemented further because the current threat environment continues to persist. Therefore, it is appropriate to require certain ASMs, and these measures must be embodied in an Order, consistent with the established regulatory framework. To provide assurance that licensees are implementing prudent measures to achieve a consistent level of protection to address the current threat environment, Exelon's license issued pursuant to 10 CFR 72.210 shall be modified to include the requirements identified in Attachments 1 and 2 to this Order. In addition, pursuant to 10 CFR 2.202, I find that, in light of the common defense and security circumstances described above, the public health, safety, and interest require that this Order be effective immediately. III Accordingly, pursuant to sections 53, 103, 104, 147, 149, 161b, 161i, 161o, 182, and 186 of the Atomic Energy Act of 1954, as amended, and the Commission's regulations in 10 CFR 2.202 and 10 CFR Parts 50, 72, and 73, IT IS HEREBY ORDERED, EFFECTIVE IMMEDIATELY, THAT YOUR GENERAL LICENSE IS MODIFIED AS FOLLOWS: A. Exelon shall comply with the requirements described in Attachments 1 and 2 to this Order, except to the extent that a more stringent requirement is set forth in Exelon's security plan. Exelon shall immediately start implementation of the requirements in Attachments 1 and 2 to the Order and shall complete implementation no later than 180 days from the date of this Order, with the exception of the ASM B.4 of Attachment 1 [``Additional Security Measures (ASMs) for Physical Protection of Dry Independent Spent Fuel Storage Installations (ISFSIs)''], which shall be implemented no later than 365 days from the date of this Order. In any event, Exelon shall complete implementation of all ASMs before the first day that spent fuel is initially placed in the ISFSI. B. 1. Exelon shall, within twenty (20) days of the date of this Order, notify the Commission: (1) If it is unable to comply with any of the requirements described in Attachments 1 and 2; (2) if compliance with any of the requirements is unnecessary, in its specific circumstances; or (3) if implementation of any of the requirements would cause Exelon to be in violation of the provisions of any Commission regulation or the facility license. The notification shall provide Exelon's justification for seeking relief from, or variation of, any specific requirement. 2. If Exelon considers that implementation of any of the requirements described in Attachments 1 and 2 to this Order would adversely impact the safe storage of spent fuel, Exelon must notify the Commission, within twenty (20) days of this Order, of the adverse safety impact, the basis for its determination that the requirement has an adverse safety impact, and either a proposal for achieving the same objectives specified in Attachments 1 and 2 requirements in question, or a schedule for modifying the facility, to address the adverse safety condition. If neither approach is appropriate, Exelon must supplement its response, to Condition B.1 of this Order, to identify the condition as a requirement with which itcannot comply, with attendant justifications, as required under Condition B.1. C. 1. Exelon shall, within twenty (20) days of this Order, submit to the Commission, a schedule for achieving compliance with each requirement described in Attachments 1 and 2. 2. Exelon shall report to the Commission when it has achieved full compliance with the requirements described in Attachments 1 and 2. D. All measures implemented or actions taken in response to this Order shall be maintained until the Commission determines otherwise. Exelon's response to Conditions B.1, B.2, C.1, and C.2, above, shall be submitted in accordance with 10 CFR 72.4. In addition, submittals that contain Safeguards Information shall be properly marked and handled, in accordance with 10 CFR 73.21. The Director, Office of Nuclear Material Safety and Safeguards, may, in writing, relax or rescind any of the above conditions, for good cause. IV In accordance with 10 CFR 2.202, Exelon must, and any other person adversely affected by this Order may, submit an answer to this Order within 20 days of the date of the Order. In addition, Exelon and any other person adversely affected by this Order, may request a hearing on this Order within 20 days of the date of the Order. Where good cause is shown, consideration will be given to extending the time to answer or request a hearing. A request for extension of time must be made, in writing, to the Director, Office of Nuclear Material Safety and Safeguards, U.S. Nuclear Regulatory Commission, Washington, DC 20555- 0001, and include a statement of good cause for the extension. The answer may consent to this Order. If the answer includes a request for a hearing, it shall, under oath or affirmation, specifically set forth the matters of fact and law on which Exelon relies and the reasons as to why the Order should not have been issued. If a person other than Exelon requests a hearing, that person shall set forth with particularity the manner in which his interest is adversely affected by this Order and shall address the criteria set forth in 10 CFR 2.309(d). A request for a hearing must be filed in accordance with the NRC E- Filing rule, which became effective on October 15, 2007. The NRC E- Filing Final Rule was issued on August 28, 2007 (72 FR 49139), and codified in pertinent part at 10 CFR Part 2, Subpart B. The E-Filing process requires participants to submit and serve documents over the internet or, in some cases, to mail copies on electronic optical storage media. Participants may not submit paper copies of their filings unless they seek waivers in accordance with the procedures described below. To comply with the procedural requirements associated with E- Filing, at least five (5) days prior to the filing deadline the requestor must contact the Office of the Secretary by e-mail at [email protected], or by calling (301) 415-1677, to request: (1) A digital ID certificate, which allows the participant (or its counsel or representative) to digitally sign documents and access the E-Submittal server for any NRC proceeding in which it is participating; and/or (2) creation of an electronic docket for the proceeding [even in instances when the requestor (or its counsel or representative) already holds an NRC-issued digital ID certificate]. Each requestor will need to download the Workplace Forms ViewerTM to access the Electronic Information Exchange (EIE), a component of the E-Filing system. The Workplace Forms ViewerTM is free and is available at http://www.nrc.gov/site-help/e-submittals/install-viewer.html. Information about applying for a digital ID certificate also is available on NRC's public Web site at http://www.nrc.gov/site-help/e-submittals/apply-certificates.html. [[Page 19907]] Once a requestor has obtained a digital ID certificate, had a docket created, and downloaded the EIE viewer, he/she can then submit a request for a hearing through EIE. Submissions should be in Portable Document Format (PDF) in accordance with NRC guidance available on the NRC public Web site at http://www.nrc.gov/site-help/e-submittals.html. A filing is considered complete at the time the filer submits its document through EIE. To be timely, electronic filings must be submitted to the EIE system no later than 11:59 p.m. Eastern Time on the due date. Upon receipt of a transmission, the E-Filing system time- stamps the document and sends the submitter an e-mail notice confirming receipt of the document. The EIE system also distributes an e-mail notice that provides access to the document to the NRC Office of the General Counsel and any others who have advised the Office of the Secretary that they wish to participate in the proceeding, so that the filer need not serve the document on those participants separately. Therefore, any others who wish to participate in the proceeding (or their counsel or representative) must apply for, and receive digital ID certificates before a hearing requests are filed so that they may obtain access to the documents via the E-Filing system. A person filing electronically may seek assistance through the ``Contact-Us'' link located on the NRC Web site at http://www.nrc.gov/site-help/e-submittals.html, or by calling the NRC technical help line, which is available between 8:30 a.m. and 4:15 p.m., Eastern Time, Monday through Friday. The help line number is (800) 397-4209 or, locally (301) 415-4737. Participants who believe that they have good cause for not submitting documents electronically must file motions, in accordance with 10 CFR 2.302(g), with their initial paper filings requesting authorization to continue to submit documents in paper format. Such filings must be submitted by: (1) First-class mail, addressed to the Office of the Secretary of the Commission, U.S. Nuclear Regulatory Commission, Washington, DC 20555-0001, Attention: Rulemaking and Adjudications Staff; or (2) courier, express mail, or expedited delivery service to the Office of the Secretary, Sixteenth Floor, One White Flint North, 11555 Rockville Pike, Rockville, Maryland 20852, Attention: Rulemaking and Adjudications Staff. Participants filing a document in this manner are responsible for serving the document on all other participants. Filing is considered complete, by first-class mail, as of the time of deposit in the mail, or by courier, express mail, or expedited delivery service upon depositing the document with the provider of the service. Documents submitted in adjudicatory proceedings will appear in NRC's electronic hearing docket which is available to the public at http://ehd.nrc.gov/EHD Proceeding/home.asp, unless excluded pursuant to an order of the Commission, an Atomic Safety and Licensing Board, or a Presiding Officer. Participants are requested not to include personal privacy information, such as social security numbers, home addresses, or home phone numbers, in their filings. With respect to copyrighted works, except for limited excerpts that serve the purpose of the adjudicatory filings and would constitute a Fair-Use application, Participants are requested not to include copyrighted materials in their works. If a hearing is requested by Exelon or a person whose interest is adversely affected, the Commission will issue an Order designating the time and place of any hearing. If a hearing is held, the issue to be considered at such hearing shall be whether this Order should be sustained. Pursuant to 10 CFR 2.202(c)(2)(i), Exelon may, in addition to requesting a hearing, at the time the answer is filed or sooner, move the presiding officer to set aside the immediate effectiveness of the Order on the grounds that the Order, including the need for immediate effectiveness, is not based on adequate evidence, but on mere suspicion, unfounded allegations, or error. In the absence of any request for hearing, or written approval of an extension of time in which to request a hearing, the provisions as specified in section III shall be final twenty (20) days from the date of this Order, without further Order or proceedings. If an extension of time for requesting a hearing has been approved, the provisions, as specified in section III, shall be final when the extension expires, if a hearing request has not been received. AN ANSWER OR A REQUEST FOR HEARING SHALL NOT STAY THE IMMEDIATE EFFECTIVENESS OF THIS ORDER. Dated at Rockville, Maryland, this 2nd day of April, 2008. For The Nuclear Regulatory Commission. Eric J. Leeds, Deputy Director, Office of Nuclear Material Safety, and Safeguards. Attachment 1--Additional Measures (ASMs) for Physical Protection of Dry Independent Spent Fuel Storage Installations (ISFSIs) Contains Safeguards Information and Is Not Included in the Federal Register Notice Attachment 2--Additional Security Measures for Access Authorization and Fingerprinting at Independent Spent Fuel Storage Installations A. General Basis Criteria 1. These additional security measures (ASMs) are established to delineate an independent spent fuel storage installation (ISFSI) licensee's responsibility to enhance security measures related to authorization for unescorted access to the protected area of an ISFSI in response to the current threat environment. 2. Licensees whose ISFSI is collocated with a power reactor may choose to comply with the NRC-approved reactor access authorization program for the associated reactor as an alternative means to satisfy the provisions of sections B through G below. Otherwise, licensees shall comply with the access authorization and fingerprinting requirements of section B through G of these ASMs. 3. Licensees shall clearly distinguish in their 20-day response which method they intend to use in order to comply with these ASMs. B. Additional Security Measures for Access Authorization Program 1. The licensee shall develop, implement and maintain a program, or enhance their existing program, designed to ensure that persons granted unescorted access to the protected area of an ISFSI are trustworthy and reliable and do not constitute an unreasonable risk to the public health and safety or the common defense and security, including a potential to commit radiological sabotage. a. To establish trustworthiness and reliability, the licensee shall develop, implement, and maintain procedures for conducting and completing background investigations, prior to granting access. The scope of background investigations must address at least the past 3 years and, as a minimum, must include: i. Fingerprinting and a Federal Bureau of Investigation (FBI) identification and criminal history records check (CHRC). Where an applicant for unescorted access has been previously fingerprinted with a favorably completed CHRC, (such as a CHRC pursuant to compliance with orders for access to safeguards information) the licensee may accept the results of that CHRC, and need not submit another set of fingerprints, provided the CHRC was completed not more [[Page 19908]] than 3 years from the date of the application for unescorted access. ii. Verification of employment with each previous employer for the most recent year from the date of application. iii. Verification of employment with an employer of the longest duration during any calendar month for the remaining next most recent two years. iv. A full credit history review. v. An interview with not less than two character references, developed by the investigator. vi. A review of official identification (e.g., driver's license, passport, government identification, state, province or country of birth issued certificate of birth) to allow comparison of personal information data provided by the applicant. The licensee shall maintain a photocopy of the identifying document(s) on file, in accordance with ``Protection of Information,'' Section G of these ASMs. vii. Licensees shall confirm eligibility for employment through the regulations of the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services (USCIS), and shall verify and ensure to the extent possible, the accuracy of the provided social security number and alien registration number as applicable. b. The procedures developed or enhanced shall include measures for confirming the term, duration, and character of military service, and academic enrollment and attendance in lieu of employment, for the past 3 and 5 years respectively. c. Licensees need not conduct an independent investigation for individuals employed at a facility who possess active ``Q'' or ``L'' clearances or possess another active U.S. Government granted security clearance, i.e., Top Secret, Secret or Confidential. d. A review of the applicant's criminal history, obtained from local criminal justice resources, may be included in addition to the FBI CHRC, and is encouraged if the results of the FBI CHRC, employment check, or credit check disclose derogatory information. The scope of the applicant's local criminal history check shall cover all residences of record for the past 3 years from the date of the application for unescorted access. 2. The licensee shall use any information obtained as part of a CHRC solely for the purpose of determining an individual's suitability for unescorted access to the protected area of an ISFSI. 3. The licensee shall document the basis for its determination for granting or denying access to the protected area of an ISFSI. 4. The licensee shall develop, implement, and maintain procedures for updating background investigations for persons who are applying for reinstatement of unescorted access. Licensees need not conduct an independent reinvestigation for individuals who possess active ``Q'' or ``L'' clearances or possess another active U.S. Government granted security clearance, i.e., Top Secret, Secret or Confidential. 5. The licensee shall develop, implement, and maintain procedures for reinvestigations of persons granted unescorted access, at intervals not to exceed 5 years. Licensees need not conduct an independent reinvestigation for individuals employed at a facility who possess active ``Q'' or ``L'' clearances or possess another active U.S. Government granted security clearance, i.e., Top Secret, Secret or Confidential. 6. The licensee shall develop, implement, and maintain procedures designed to ensure that persons who have been denied unescorted access authorization to the facility are not allowed access to the facility, even under escort. 7. The licensee shall develop, implement, and maintain an audit program for licensee and contractor/vendor access authorization programs that evaluate all program elements and include a person knowledgeable and practiced in access authorization program performance objectives to assist in the overall assessment of the site's program effectiveness. C. Fingerprinting Program Requirements 1. In a letter to the NRC, the licensee must nominate an individual who will review the results of the FBI CHRCs to make trustworthiness and reliability determinations for unescorted access to an ISFSI. This individual, referred to as the ``reviewing official,'' must be someone who requires unescorted access to the ISFSI. The NRC will review the CHRC of any individual nominated to perform the reviewing official function. Based on the results of the CHRC, the NRC staff will determine whether this individual may have access. If the NRC determines that the nominee may not be granted such access, that individual will be prohibited from obtaining access.\1\ Once the NRC approves a reviewing official, the reviewing official is the only individual permitted to make access determinations for other individuals who have been identified by the licensee as having the need for unescorted access to the ISFSI, and have been fingerprinted and have had a CHRC in accordance with these ASMs. The reviewing official can only make access determinations for other individuals, and therefore cannot approve other individuals to act as reviewing officials. Only the NRC can approve a reviewing official. Therefore, if the licensee wishes to have a new or additional reviewing official, the NRC must approve that individual before he or she can act in the capacity of a reviewing official. --------------------------------------------------------------------------- \1\ The NRC's determination of this individual's unescorted access to the ISFSI, in accordance with the process is an administrative determination that is outside the scope of the Order. --------------------------------------------------------------------------- 2. No person may have access to SGI or unescorted access to any facility subject to NRC regulation if the NRC has determined, in accordance with its administrative review process based on fingerprinting and an FBI identification and CHRC, that the person may not have access to SGI or unescorted access to any facility subject to NRC regulation. 3. All fingerprints obtained by the licensee pursuant to this Order must be submitted to the Commission for transmission to the FBI. 4. The licensee shall notify each affected individual that the fingerprints will be used to conduct a review of his/her criminal history record and inform the individual of the procedures for revising the record or including an explanation in the record, as specified in the ``Right to Correct and Complete Information'' in section F of these ASMs. 5. Fingerprints need not be taken if the employed individual (e.g., a licensee employee, contractor, manufacturer, or supplier) is relieved from the fingerprinting requirement by 10 CFR 73.61, has a favorably adjudicated U.S. Government CHRC within the last five (5) years, or has an active federal security clearance. Written confirmation from the Agency/employer who granted the federal security clearance or reviewed the CHRC must be provided to the licensee. The licensee must retain this documentation for a period of three (3) years from the date the individual no longer requires access to the facility. D. Prohibitions 1. A licensee shall not base a final determination to deny an individual unescorted access to the protected area of an ISFSI solely on the basis of information received from the FBI involving: An arrest more than one (1) year old for which there is no information of the disposition of the case, or an arrest that resulted in dismissal of the charge or an acquittal. 2. A licensee shall not use information received from a CHRC obtained pursuant to this Order in a manner that would infringe upon the rights of any individual under the First Amendment to the Constitution of the United States, nor shall the licensee use the information in any way which would discriminate among individuals on the basis of race, religion, national origin, sex, or age. E. Procedures for Processing Fingerprint Checks 1. For the purpose of complying with this Order, licensees shall, using an appropriate method listed in 10 CFR 73.4, submit to the NRC's Division of Facilities and Security, Mail Stop T-6E46, one completed, legible standard fingerprint card (Form FD-258, ORIMDNRCOOOZ) or, where practicable, other fingerprint records for each individual seeking unescorted access to an ISFSI, to the Director of the Division of Facilities and Security, marked for the attention of the Division's Criminal History Check Section. Copies of these forms may be obtained by writing the Office of Information Services, U.S. Nuclear Regulatory Commission, Washington, DC 20555- 0001, by calling (301) 415-5877, or by e-mail to [email protected]. Practicable alternative formats are set forth in 10 CFR 73.4. The licensee shall establish procedures to ensure that the quality of the fingerprints taken results in minimizing the rejection rate of fingerprint cards due to illegible or incomplete cards. 2. The NRC will review submitted fingerprint cards for completeness. Any Form FD-258 fingerprint record containing omissions or evident errors will be returned to the licensee for corrections. The fee for processing fingerprint checks includes one re-submission if the initial submission is returned by the FBI because the fingerprint impressions cannot be classified. The one free resubmission must have the FBI Transaction Control Number reflected on the [[Page 19909]] re-submission. If additional submissions are necessary, they will be treated as initial submittals and will require a second payment of the processing fee. 3. Fees for processing fingerprint checks are due upon application. The licensee shall submit payment of the processing fees electronically. In order to be able to submit secure electronic payments, licensees will need to establish an account with Pay.Gov (https://www.pay.gov). To request an account, the licensee shall send an e-mail to [email protected]. The e-mail must include the licensee's company name, address, point of contact (POC), POC e-mail address, and phone number. The NRC will forward the request to Pay.Gov; who will contact the licensee with a password and user lD. Once licensees have established an account and submitted payment to Pay.Gov, they shall obtain a receipt. The licensee shall submit the receipt from Pay.Gov to the NRC along with fingerprint cards. For additional guidance on making electronic payments, contact the Facilities Security Branch, Division of Facilities and Security, at (301) 415-7739. Combined payment for multiple applications is acceptable. The application fee (currently $36) is the sum of the user fee charged by the FBI for each fingerprint card or other fingerprint record submitted by the NRC on behalf of a licensee, and an NRC processing fee, which covers administrative costs associated with NRC handling of licensee fingerprint submissions. The Commission will directly notify licensees who are subject to this regulation of any fee changes. 4. The Commission will forward to the submitting licensee all data received from the FBI as a result of the licensee's application(s) for criminal history records checks, including the FBI fingerprint record. F. Right To Correct and Complete Information 1. Prior to any final adverse determination, the licensee shall make available to the individual the contents of any criminal history records obtained from the FBI for the purpose of assuring correct and complete information. Written confirmation by the individual of receipt of this notification must be maintained by the licensee for a period of one (1) year from the date of notification. 2. If, after reviewing the record, an individual believes that it is incorrect or incomplete in any respect and wishes to change, correct, or update the alleged deficiency, or to explain any matter in the record, the individual may initiate challenge procedures. These procedures include either direct application by the individual challenging the record to the agency (i.e., law enforcement agency) that contributed the questioned information, or direct challenge as to the accuracy or completeness of any entry on the criminal history record to the Assistant Director, Federal Bureau of Investigation Identification Division, Washington, DC 20537-9700 (as set forth in 28 CFR 16.30 through 16.34). In the latter case, the FBI forwards the challenge to the agency that submitted the data and requests that agency to verify or correct the challenged entry. Upon receipt of an official communication directly from the agency that contributed the original information, the FBI Identification Division makes any changes necessary in accordance with the information supplied by that agency. The licensee must provide at least ten (10) days for an individual to initiate an action challenging the results of a FBI CHRC after the record is made available for his/her review. The licensee may make a final access determination based upon the criminal history record only upon receipt of the FBI's ultimate confirmation or correction of the record. Upon a final adverse determination on access to an ISFSI, the licensee shall provide the individual its documented basis for denial. Access to an ISFSI shall not be granted to an individual during the review process. G. Protection of Information 1. The licensee shall develop, implement, and maintain a system for personnel information management with appropriate procedures for the protection of personal, confidential information. This system shall be designed to prohibit unauthorized access to sensitive information and to prohibit modification of the information without authorization. 2. Each licensee who obtains a criminal history record on an individual pursuant to this Order shall establish and maintain a system of files and procedures, for protecting the record and the personal information from unauthorized disclosure. 3. The licensee may not disclose the record or personal information collected and maintained to persons other than the subject individual, his/her representative, or to those who have a need to access the information in performing assigned duties in the process of determining suitability for unescorted access to the protected area of an ISFSI. No individual authorized to have access to the information may re-disseminate the information to any other individual who does not have the appropriate need-to-know. 4. The personal information obtained on an individual from a criminal history record check may be transferred to another licensee if the gaining licensee receives the individual's written request to re-disseminate the information contained in his/her file, and the gaining licensee verifies information such as the individual's name, date of birth, social security number, sex, and other applicable physical characteristics for identification purposes. 5. The licensee shall make criminal history records, obtained under this section, available for examination by an authorized representative of the NRC to determine compliance with the regulations and laws. [FR Doc. E8-7727 Filed 4-10-08; 8:45 am] BILLING CODE 7590-01-P