[Federal Register Volume 73, Number 250 (Tuesday, December 30, 2008)]
[Notices]
[Pages 79853-79855]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E8-30874]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[Docket ID DOD-2008-OS-0165]


Privacy Act of 1974; System of Records

AGENCY: National Security Agency/Central Security Service, DoD.

ACTION: Notice to alter a System of Records.

-----------------------------------------------------------------------

SUMMARY: The National Security Agency/Central Security Service is 
proposing to alter a system of records notice in its existing inventory 
of record systems subject to the Privacy Act of 1974, (5 U.S.C. 552a), 
as amended.

DATES: This proposed action will be effective without further notice on 
January 29, 2009 unless comments are received which result in a 
contrary determination.

ADDRESSES: Send comments to the National Security Agency/Central 
Security Service, Office of Policy, 9800 Savage Road, Suite 6248, Ft. 
George G. Meade, MD 20755-6248.

FOR FURTHER INFORMATION CONTACT: Ms. Anne Hill at (301) 688-6527.

SUPPLEMENTARY INFORMATION: The National Security Agency/Central 
Security Service systems of records notices subject to the Privacy Act 
of 1974, (5 U.S.C. 552a), as amended, have been published in the 
Federal Register and are available from the address above.
    The proposed system report, as required by 5 U.S.C. 552a(r) of the 
Privacy Act of 1974, as amended, was submitted on December 19, 2008, to 
the House Committee on Oversight and Government Reform, the Senate 
Committee on Homeland Security and Governmental Affairs, and the Office 
of Management and Budget (OMB) pursuant to paragraph 4c of Appendix I 
to OMB Circular No. A-130, ``Federal Agency Responsibilities for 
Maintaining Records About Individuals,'' dated February 8, 1996 
(February 20, 1996, 61 FR 6427).

    Dated: December 22, 2008.
Morgan E. Frazier,
Alternate OSD Federal Register Liaison Officer, Department of Defense.
GNSA 17

System name:
    NSA/CSS Employee Assistance Service (EAS) Case Records (February 
22, 1993, 58 FR 10531).

Changes:
* * * * *

Categories of individuals covered in the system:
    Delete entry and replace with ``NSA/CSS civilian employees, 
military assignees, and family members who voluntarily request 
counseling assistance. Non-NSA federal employees and third-party 
employees (foreign nationals) who are detailed to NSA/CSS.''

Categories of records in the system:
    Delete entry and replace with ``Files consist of the individual's 
full name, Social Security Number (SSN), address and case records 
compiled by counselor and patient questionnaires, questionnaires 
completed by private counselors to whom clients are referred, the 
records of medical treatment and services, correspondence with personal 
physicians and other care providers, NSA/CSS Medical Center reports, 
results of psychological assessment testing and interviews, psychiatric 
examination results and related reports.''

Authority for maintenance of the system:
    Delete entry and replace with ``5 U.S.C. Section 301, Departmental 
Regulations; 5 U.S.C. Sections 7301, Presidential Regulations and 7361-
7362, Employee Assistance Program; 5 U.S.C. Sections 7901-7904, 
Services to Employees; 42 U.S.C. Sections 290dd-1--290dd-2, 
Confidentiality of records; 5 CFR Part 792, Federal Employees' Health 
and Counseling Programs; Executive Order 12564, Drug Free Federal 
Workplace; Executive Order 12196, Occupational safety and health 
programs for Federal employees, as amended and E.O. 9397 (SSN).''
* * * * *

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    Delete entry and replace with ``In addition to those disclosures 
generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these 
records or

[[Page 79854]]

information contained therein may specifically be disclosed outside the 
DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    In any legal proceeding, where pertinent, to which DoD is a party 
before a court of administrative body (including, but not limited to 
the Equal Employment Opportunity Commission and Merit Systems 
Protection Board).
    To any entity or individual under contract with NSA/CSS for the 
purpose of providing Employee Assistance Service related services.

    Note: Record of the identity, diagnosis, prognosis, or treatment 
of any client/patient, irrespective of whether or when he ceases to 
be a client/patient, maintained in connection with the performance 
of any alcohol or drug abuse prevention and treatment function 
conducted, regulated, or directly or indirectly assisted by any 
department or agency of the United States, shall, except as provided 
therein, be confidential and be disclosed only for the purposes and 
under the circumstances expressly authorized in 42 U.S.C. 290dd-2. 
This statute takes precedence over the Privacy Act of 1974, in 
regard to accessibility of such records except to the individual to 
whom the record pertains. The Army's `Blanket Routine Uses' do not 
apply to these types records.


    Note: This system of records contains individually identifiable 
health information. The DoD Health Information Privacy Regulation 
(DoD 6025.18-R) issued pursuant to the Health Insurance Portability 
and Accountability Act of 1996, applies to most such health 
information. DoD 6025.18-R may place additional procedural 
requirements on the uses and disclosures of such information beyond 
those found in the Privacy Act of 1974 or mentioned in this system 
of records notice.''

* * * * *

Storage:
    Delete entry and replace with ``Paper in file folders and 
electronic storage media.''

Retrievability:
    Delete entry and replace with ``By individual's name and/or Social 
Security Number (SSN).''

Safeguards:
    Delete entry and replace with ``Buildings are secured by a series 
of guarded pedestrian gates and checkpoints. Access to facilities is 
limited to security-cleared personnel and escorted visitors only. 
Within the facilities themselves, access to paper and computer 
printouts are controlled by limited-access facilities and lockable 
containers. Access to electronic means is limited and controlled by 
computer password protection.''

Retention and disposal:
    Delete entry and replace with ``Records of clients will be retained 
at the Employee Assistance Service facility for three years after case 
closure, retained for five additional years in the Agency storage 
facility, then destroyed by pulping, burning, shredding, erasure or 
destruction of magnetic media.
    Records of clients who retire or separate within three years of 
case closing will be retained at the Employee Assistance Service 
facility for a year after the date of separation or retirement, then 
stored for five years in the Agency storage facility, then destroyed by 
pulping, burning, shredding or erasure or destruction of magnetic 
media.''

System Manager:
    Delete entry and replace with ``Chief, Employee Assistance 
Services, National Security Agency/Central Security Service, Ft. George 
G. Meade, MD 20755-6000.''

Notification Procedure:
    Delete entry and replace with ``Individuals seeking to determine 
whether information about themselves is contained in this system should 
address written inquiries to the National Security Agency/Central 
Security Service, Freedom of Information Act/Privacy Act Office, 9800 
Savage Road, Ft. George G. Meade, MD 20755-6000.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address.''

Record Access Procedures:
    Delete entry and replace with ``Individuals seeking access to 
information about themselves contained in this system should address 
written inquiries to the National Security Agency/Central Security 
Service, Freedom of Information Act/Privacy Act Office, 9800 Savage 
Road, Ft. George G. Meade, MD 20755-6000.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address.''

Contesting Record Procedures:
    Delete entry and replace with ``The NSA/CSS rules for contesting 
contents and appealing initial determinations are published at 32 CFR 
part 322 or may be obtained from the systems manager.''
GNSA 17

System name:
    NSA/CSS Employee Assistance Service Case Records.

System location:
    National Security Agency/Central Security Service, Ft. George G. 
Meade, MD 20755-6000.

Categories of individuals covered by the system:
    NSA/CSS civilian employees, military assignees, and family members 
who voluntarily request counseling assistance. Non-NSA federal 
employees and third-party employees (foreign nationals) who are 
detailed to NSA/CSS.

Categories of records in the system:
    Files consist of the individual's full name, Social Security Number 
(SSN), address and case records compiled by counselor and patient 
questionnaires, questionnaires completed by private counselors to whom 
clients are referred, the records of medical treatment and services, 
correspondence with personal physicians and other care providers, NSA/
CSS Medical Center reports, results of psychological assessment testing 
and interviews, psychiatric examination results and related reports.

Authority for maintenance of the system:
    5 U.S.C. Section 301, Departmental Regulations; 5 U.S.C. Sections 
7301, Presidential Regulations and 7361-7362, Employee Assistance 
Program; 5 U.S.C. Sections 7901-7904, Services to Employees; 42 U.S.C. 
Sections 290dd-1-290dd-2, Confidentiality of records; 5 CFR Part 792, 
Federal Employees' Health and Counseling Programs; E.O. 12564, Drug 
Free Federal Workplace; E.O. 12196, Occupational safety and health 
programs for Federal employees, as amended and E.O. 9397 (SSN).

Purpose(s):
    Used by counselors to facilitate and record treatment, referral and 
follow-up on behalf of employees.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, these records or information contained 
therein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    In any legal proceeding, where pertinent, to which DoD is a party 
before a court of administrative body (including, but not limited to 
the Equal Employment Opportunity Commission and Merit Systems 
Protection Board).
    To any entity or individual under contract with NSA/CSS for the 
purpose of providing Employee Assistance Service related services.


[[Page 79855]]


    Note: Record of the identity, diagnosis, prognosis, or treatment 
of any client/patient, irrespective of whether or when he ceases to 
be a client/patient, maintained in connection with the performance 
of any alcohol or drug abuse prevention and treatment function 
conducted, regulated, or directly or indirectly assisted by any 
department or agency of the United States, shall, except as provided 
therein, be confidential and be disclosed only for the purposes and 
under the circumstances expressly authorized in 42 U.S.C. 290dd-2. 
This statute takes precedence over the Privacy Act of 1974, in 
regard to accessibility of such records except to the individual to 
whom the record pertains. The Army's `Blanket Routine Uses' do not 
apply to these types records.


    Note: This system of records contains individually identifiable 
health information. The DoD Health Information Privacy Regulation 
(DoD 6025.18-R) issued pursuant to the Health Insurance Portability 
and Accountability Act of 1996, applies to most such health 
information. DoD 6025.18-R may place additional procedural 
requirements on the uses and disclosures of such information beyond 
those found in the Privacy Act of 1974 or mentioned in this system 
of records notice.



Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    Paper in file folders and electronic storage media.

Retrievability:
    By the individual's name and/or Social Security Number (SSN).

Safeguards:
    Buildings are secured by a series of guarded pedestrian gates and 
checkpoints. Access to facilities is limited to security-cleared 
personnel and escorted visitors only. Within the facilities themselves, 
access to paper and computer printouts are controlled by limited-access 
facilities and lockable containers. Access to electronic means is 
limited and controlled by computer password protection.

Retention and disposal:
    Records of clients will be retained at the Employee Assistance 
Service facility for three years after case closure, retained for five 
additional years in the Agency storage facility, then destroyed by 
pulping, burning, shredding, erasure or destruction of magnetic media.
    Records of clients who retire or separate within three years of 
case closing will be retained at the Employee Assistance Service 
facility for a year after the date of separation or retirement, then 
stored for five years in the Agency storage facility, then destroyed by 
pulping, burning, shredding, or erasure or destruction of magnetic 
media.

System manager(s) and address:
    Chief, Employee Assistance Services, National Security Agency/
Central Security Service, Ft. George G. Meade, MD 20755-6000.

Notification procedure:
    Individuals seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to the National Security Agency/Central Security Service, Freedom of 
Information Act/Privacy Act Office, 9800 Savage Road, Ft. George G. 
Meade, MD 20755-6000.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address.

Record Access Procedures:
    Individuals seeking access to information about themselves 
contained in this system should address written inquiries to the 
National Security Agency/Central Security Service, Freedom of 
Information Act/Privacy Act Office, 9800 Savage Road, Ft. George G. 
Meade, MD 20755-6000.
    Written inquiries should contain the individual's full name, Social 
Security Number (SSN) and mailing address.

Contesting Record Procedures:
    The NSA/CSS rules for contesting contents and appealing initial 
determinations are published at 32 CFR part 322 or may be obtained from 
the systems manager.

Record source categories:
    Primary sources are Employee Assistance Service counselors, the 
client and the client's family. Other sources include other counselors, 
and other individuals within NSA/CSS.

Exemptions claimed for the system:
    Portions of this system may be exempt under 5 U.S.C. 552a (k)(1), 
(k)(2), (k)(4) and (k)(5), as applicable.
    Information specifically authorized to be classified under E.O. 
12958, as implemented by DoD 5200.1-R, may be exempt pursuant to 5 
U.S.C. 552a(k)(1).
    Investigatory material compiled for law enforcement purposes, other 
than material within the scope of subsection 5 U.S.C. 552a(j)(2), may 
be exempt pursuant to 5 U.S.C. 552a(k)(2). However, if an individual is 
denied any right, privilege, or benefit for which he would otherwise be 
entitled by Federal law or for which he would otherwise be eligible, as 
a result of the maintenance of the information, the individual will be 
provided access to the information exempt to the extent that disclosure 
would reveal the identify of a confidential source. NOTE: When claimed, 
this exemption allows limited protection of investigative reports 
maintained in a system of records used in personnel or administrative 
actions.
    Records maintained solely for statistical research or program 
evaluation purposes and which are not used to make decisions on the 
rights, benefits, or entitlement of an individual except for census 
records which may be disclosed under 13 U.S.C. 8, may be exempt 
pursuant to 5 U.S.C. 552a(k)(4).
    Investigatory material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for federal 
civilian employment, military service, federal contracts, or access to 
classified information may be exempt pursuant to 5 U.S.C. 552a(k)(5), 
but only to the extent that such material would reveal the identity of 
a confidential source.
    An exemption rule for this record system has been promulgated 
according to the requirements of 5 U.S.C. 553(b)(1), (2), and (3), (c) 
and (e) and published in 32 CFR part 322. For additional information 
contact the system manager.

[FR Doc. E8-30874 Filed 12-29-08; 8:45 am]
BILLING CODE 5001-06-P