[Federal Register Volume 73, Number 81 (Friday, April 25, 2008)]
[Notices]
[Pages 22415-22417]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-8935]


-----------------------------------------------------------------------

GENERAL SERVICES ADMINISTRATION


Privacy Act of 1974; Notice of Updated Systems of Records

AGENCY: General Services Administration.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: GSA reviewed its Privacy Act systems to ensure that they are 
relevant, necessary, accurate, up-to-date, covered by the appropriate 
legal or regulatory authority, and in response to OMB M-07-16. This 
notice is a compilation of updated Privacy Act system of record 
notices.

DATES: Effective May 27, 2008.

FOR FURTHER INFORMATION CONTACT: Call or e-mail the GSA Privacy Act 
Officer: telephone 202-208-1317; e-mail [email protected].

ADDRESSES: GSA Privacy Act Officer (CIB), General Services 
Administration, 1800 F Street, NW., Washington, DC 20405.

SUPPLEMENTARY INFORMATION: GSA undertook and completed an agency-wide 
review of its Privacy Act systems of records. As a result of the review 
GSA is publishing updated Privacy Act systems of records notices. 
Rather than make numerous piecemeal revisions, GSA is republishing 
updated notices for one of its systems. Nothing in the revised system 
notices indicates a change in authorities or practices regarding the 
collection and maintenance of information. Nor do the changes impact 
individuals' rights to access or amend their records in the systems of 
records. The updated system notices also include the new requirement 
from OMB Memorandum M-07-16 regarding a new routine use that allows 
agencies to disclose information in connection with a response and 
remedial efforts in the event of a data breach.

    Dated: April 16, 2008.
Cheryl M. Paige,
Director, Office of Information Management.
GSA/HRO-37

SYSTEM NAME:
    Personnel Security files.

SECURITY CLASSIFICATION:
    Some records in the system are classified under Executive Order 
12958 as amended.

SYSTEM LOCATION:
    Personnel security files are maintained with other appropriate 
records in the Personnel Security Requirements Division (CPR), GSA 
Building, 1800 F Street NW., Washington, DC 20405.

SYSTEM LOCATION:
    Employees, applicants for employment, former employees of GSA and 
of commissions, committees, small agencies serviced by GSA, 
contractors, students, interns, volunteers, individuals authorized to 
perform or use services provided in GSA facilities (e.g. Credit Union 
or Fitness Center) and individuals formerly in any of these positions 
that require regular, ongoing access to federal facilities, information 
technology systems or information classified in the interest of 
national security. Included are historical researchers, experts or 
consultants, and employees of contractors performing services for GSA.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Personnel security files contain information such as name, former 
names, date and place of birth, home address, phone numbers, height, 
weight, hair color, eye color, sex, passport information, military 
information, civil court information, employment history, residential 
history, Social Security Number, occupation, experience, and 
investigative material, education and degrees earned, names of 
associates and references and their contact information, citizenship, 
names of relatives, citizenship of relatives, names of relatives who 
work for the federal government, criminal history, mental health 
history, drug use, financial information, fingerprints, summary report 
of investigation, results of suitability decisions, level of security 
clearance, date of issuance of security clearance, requests for 
appeals, witness statements, investigator's notes, tax return 
information, credit reports, security violations, circumstances of 
violation, and agency action taken.

[[Page 22416]]

    Forms: SF-85, SF-85P, SF-86, SF-87, GSA Form 3665, OF306, FD258, 
GSA Form 1380, GSA Form 3648.

AUTHORITY FOR MAINTAINING THE SYSTEM:
    Depending upon the type of investigation, GSA is authorized to ask 
for this information under Executive Orders 10450 as amended, 10865 as 
amended, 12968 as amended, and 12958 as amended; sections 3301 and 9101 
of title 5, U.S. Code; sections 2165 and 2201 of title 42, U.S. Code; 
parts 5, 731, 732, and 736 of title 5, Code of Federal Regulations; and 
Homeland Security Presidential Directive 12.

PURPOSE:
    To assemble in one system information pertaining to issuing 
security clearances and public trust certifications, suitability 
decisions, fitness for service of applicants for federal employment and 
contract positions, and administrative actions. Information security 
files also are used for recommending administrative action against 
employees found to be violating GSA classified national security 
information regulations.

ROUTINE USES OF RECORDS IN THE SYSTEM, INCLUDING THE TYPES OF USERS AND 
THE PURPOSES OF SUCH USES:
    a. In any legal proceeding, where pertinent, to which GSA is a 
party before a court or administrative body.
    b. To the Department of Justice when: (a) The agency or any 
component thereof; or (b) any employee of the agency in his or her 
official capacity; (c) any employee of the agency in his or her 
individual capacity where agency or the Department of Justice has 
agreed to represent the employee; or (d) the United States Government, 
is a party to litigation or has an interest in such litigation, and by 
careful review, the agency determines that the records are both 
relevant and necessary to the litigation and the use of such records by 
DOJ is therefore deemed by the agency to be for a purpose compatible 
with the purpose for which the agency collected the records.
    c. To authorized officials engaged in investigating or settling a 
grievance, complaint, or appeal filed by an individual who is the 
subject of the record.
    d. Except as noted on Forms SF-85, 85-P, and 86, when a record on 
its face, or in conjunction with other records, indicates a violation 
or potential violation of law, whether civil, criminal, or regulatory 
in nature, and whether arising by general statute or particular program 
statute, or by regulation, rule, or order issued pursuant thereto, 
disclosure may be made to the appropriate public authority, whether 
Federal, foreign, State, local or tribal, or otherwise, responsible for 
enforcing, investigating or prosecuting such violation or charged with 
enforcing or implementing the statute, or rule, regulation, or order 
issued pursuant thereto, if the information disclosed is relevant to 
any enforcement, regulatory, investigative or prosecutorial 
responsibility of the receiving entity.
    e. To a Federal agency in connection with the hiring or retention 
of an employee; the issuance of a security clearance; the reporting of 
an investigation; the letting of a contract; or the issuance of a 
grant, license, or other benefit to the extent that the information is 
relevant and necessary to a decision.
    f. To agency contractors or volunteers who have been engaged to 
assist the agency in the performance of a contract service, cooperative 
agreement, or other activity related to this system of records and who 
need to have access to the records in order to perform their activity. 
Recipients shall be required to comply with the requirements of the 
Privacy Act of 1974, as amended, 5 U.S.C. 552a.
    g. To the Office of Personnel Management (OPM), the Office of 
Management and Budget (OMB), or the Government Accountability Office 
(GAO) when the information is required for program evaluation purposes.
    h. To a Member of Congress or staff on behalf of and at the request 
of the individual who is the subject of the record.
    i. To an expert, consultant, or contractor of GSA in the 
performance of a Federal duty to which the information is relevant.
    j. To the National Archives and Records Administration (NARA) for 
records management purposes.
    k. To a federal, state, or local agency, or other appropriate 
entities or individuals, or through established liaison channels to 
selected foreign governments, in order to enable an intelligence agency 
to carry out its responsibilities under the National Security Act of 
1947 as amended, the CIA Act of 1949 as amended, Executive Order 12333 
or any successor order, applicable national security directives, or 
classified implementing procedures approved by the Attorney General and 
promulgated pursuant to such statutes, orders, or directives.
    l. To the Office of Management and Budget when necessary to the 
review of private relief legislation pursuant to OMB Circular No. A-19.
    m. To appropriate agencies, entities, and persons when (1) the 
Agency suspects or has confirmed that the security or confidentiality 
of information in the system of records has been compromised; (2) the 
Agency has determined that as a result of the suspected or confirmed 
compromise there is a risk of harm to economic or property interests, 
identity theft or fraud, or harm to the security or integrity of this 
system or other systems or programs (whether maintained by GSA or 
another agency or entity) that rely upon the compromised information; 
and (3) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with GSA's efforts to 
respond to the suspected or confirmed compromise and prevent, minimize, 
or remedy such harm.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, 
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Records are maintained on paper and electronically in secure 
locations. Records are maintained in the system of records 
Comprehensive Human Resources Integrated System (GSA/PPFM-8) in the 
personnel security module and associated equipment.

RETRIEVABILITY:
    Records are retrieved by name and Social Security Number.

SAFEGUARDS:
    Personnel security file records are stored in a secured office in 
cabinets with access limited to authorized employees. A password system 
protects access to computer records. Access to the records is limited 
to those employees who have a need for them in the performance of their 
official duties.

RETENTION AND DISPOSAL:
    These records are retained and disposed of in accordance with 
General Records Schedule 18, item 22, approved by the National Archives 
and Records Administration (NARA). Records are destroyed by burning, 
pulping, or shredding, as scheduled in the HB GSA Records Maintenance 
and Disposition System (OAD P 1820.2A).

SYSTEM MANAGER AND ADDRESS:
    Director, Personnel Security Requirements Division (CPR), 1800 F 
Street, NW., Washington, DC 20405.

NOTIFICATION PROCEDURES:
    Inquiries by individuals as to whether the system contains a record 
pertaining to themselves should be addressed to the system manager.

[[Page 22417]]

RECORD ACCESS PROCEDURES:
    Requests from individuals for access to records should be addressed 
to the system manager and should include full name (maiden name where 
appropriate), address, and date and place of birth. General inquiries 
may be made by telephone.

PROCEDURES FOR CONTESTING RECORDS:
    GSA rules for accessing records, contesting their content, and 
appealing initial decisions appear in 41 CFR part 105-64.

RECORD SOURCES:
    Individuals, employees, informants, law enforcement agencies, 
courts, other Government agencies, employees' references, co-workers, 
neighbors, rental/lease, educational institutions, and intelligence 
sources. Security violation information is obtained from a variety of 
sources, such as security guard's reports, security inspections, 
witnesses, supervisor's reports, and audit reports.

FILES EXEMPTED FROM PARTS OF THE ACT:
    Under 5 U.S.C. 552a(k)(5), the personnel security case files in the 
system of records are exempt from subsections (c)(3); (d); (e)(1); 
(e)(4)(G), (H), and (I); and (f) of the act. Information will be 
withheld to the extent it identifies witnesses promised confidentiality 
as a condition of providing information during the course of the 
background investigation.

 [FR Doc. E8-8935 Filed 4-24-08; 8:45 am]
BILLING CODE 6820-34-P