[Federal Register Volume 74, Number 49 (Monday, March 16, 2009)]
[Notices]
[Pages 11185-11186]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-5598]


-----------------------------------------------------------------------

DEPARTMENT OF VETERANS AFFAIRS


Privacy Act of 1974; System of Records

AGENCY: Department of Veterans Affairs (VA).

ACTION: Notice of amendment to systems of records.

-----------------------------------------------------------------------

SUMMARY: As required by the Privacy Act of 1974, 5 U.S.C. 552a(e), 
notice is hereby given that the Department of Veterans Affairs (VA) is 
amending three existing systems of records 93VA131, ``Gulf War 
Registry-VA''; 105VA131, ``Agent Orange Registry-VA''; and 108VA11S, 
``Spinal Cord Dysfunction Registry-VA'' to add a routine use relating 
to releasing information to agencies in the event of fraud or abuse; 
and add a routine use relating to disclosing information when there is 
a risk of embarrassment or harm to the reputations of the record 
subjects.

DATES: Comments on the amendment of this system of records must be 
received no later than April 15, 2009. If no public comment is 
received, the amended system will become effective April 15, 2009.

ADDRESSES: Written comments may be submitted through http://www.Regulation.gov; by mail or hand-delivery to Director, Regulations 
Management (02REG), Department of Veterans Affairs, 810 Vermont Avenue, 
NW., Room 1068, Washington, DC 20420; or by fax to (202) 273-9026. 
Comments received will be available for public inspection in the Office 
of Regulation Policy and Management, Room 1063B, between the hours of 8 
a.m. and 4:30 p.m., Monday through Friday (except holidays). Please 
call (202) 461-4902 (this is not a toll-free number) for an 
appointment. In addition, during the comment period, comments may be 
viewed online through the Federal Docket Management System (FDMS) at 
http://www.Regulations.gov.

FOR FURTHER INFORMATION CONTACT: Veterans Health Administration (VHA) 
Privacy Officer, Department of Veterans Affairs, 810 Vermont Avenue, 
NW., Washington, DC 20420; telephone (704) 245-2492.

SUPPLEMENTARY INFORMATION: VA provides health care services to many of 
America's Veterans through the Veterans Health Administration. During 
the course of providing health care, VHA collects medical and health 
information on Veterans. In order to protect Veteran's medical or 
health information VHA is adding two routine uses to three existing 
systems of records (93VA131, 105VA131, and 108VA11S).

Additional Routine Uses

    The routine use added to 93VA131, 105VA131, and 108VA11S would 
permit VA to make disclosures to other Federal agencies to assist such 
agencies in preventing and detecting possible fraud or abuse by 
individuals in their operations and programs.
    This routine use permits disclosures by the Department to report a 
suspected incident of identity theft and provide information and/or 
documentation related to or in support of the reported incident.
    The second routine use allows VA, on its own initiative, to 
disclose any information or records to appropriate agencies, entities, 
and persons when (1) VA suspects or has confirmed that the integrity or 
confidentiality of information in the system of records has been 
compromised; (2) the Department has determined that as a result of the 
suspected or confirmed compromise, there is a risk of embarrassment or 
harm to the reputations of the record subjects, harm to economic or 
property interests, identity theft or fraud, or harm to the security, 
confidentiality, or integrity of this system or other systems or 
programs (whether maintained by the Department or another agency or 
entity) that rely upon the potentially compromised information; and (3) 
the disclosure is to agencies, entities, or persons whom VA determines 
are reasonably necessary to assist or carry out the Department's 
efforts to respond to the suspected or confirmed compromise and 
prevent, minimize, or

[[Page 11186]]

remedy such harm. This routine use permits disclosures by the 
Department to respond to a suspected or confirmed data breach, 
including the conduct of any risk analysis or provision of credit 
protection services as provided in 38 U.S.C. 5724, as the terms are 
defined in 38 U.S.C. 5727.
    The Report of Intent to Amend a System on Records Notice and an 
advance copy of the system notice have been sent to the appropriate 
Congressional committees and to the Director of the Office of 
Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy 
Act) and guidelines issued by OMB (65 FR 77677), December 12, 2000.

    Approved: February 24, 2009.
John R. Gingrich,
Chief of Staff, Department of Veterans Affairs.

Notice of Amendment of Systems of Records

    1. In the system identified as 93VA131, ``Gulf War Registry-VA'', 
as set forth in the Federal Register, 69 FR 2962 and last amended on 
Jan. 21, 2004. Two new routine uses are added as follows:
93VA131

SYSTEM NAME:
    Gulf War Registry-VA.
* * * * *

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
* * * * *
    11. Disclosure to other Federal agencies may be made to assist such 
agencies in preventing and detecting possible fraud or abuse by 
individuals in their operations and programs.
    12. VA may, on its own initiative, disclose any information or 
records to appropriate agencies, entities, and persons when (1) VA 
suspects or has confirmed that the integrity or confidentiality of 
information in the system of records has been compromised; (2) the 
Department has determined that as a result of the suspected or 
confirmed compromise, there is a risk of embarrassment or harm to the 
reputations of the record subjects, harm to economic or property 
interests, identity theft or fraud, or harm to the security, 
confidentiality, or integrity of this system or other systems or 
programs (whether maintained by the Department or another agency or 
entity) that rely upon the potentially compromised information; and (3) 
the disclosure is to agencies, entities, or persons whom VA determines 
are reasonably necessary to assist or carry out the Department's 
efforts to respond to the suspected or confirmed compromise and 
prevent, minimize, or remedy such harm. This routine use permits 
disclosures by the Department to respond to a suspected or confirmed 
data breach, including the conduct of any risk analysis or provision of 
credit protection services as provided in 38 U.S.C. 5724, as the terms 
are defined in 38 U.S.C. 5727.
    2. In the system identified as 105VA131, ``Agent Orange Registry-
VA'', as set forth in the Federal Register, 68 FR 75025 and last 
amended on Dec. 29, 2003. Two new routine uses are added as follows:
105VA131

SYSTEM NAME:
    Agent Orange Registry-VA.
* * * * *

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
* * * * *
    10. Disclosure to other Federal agencies may be made to assist such 
agencies in preventing and detecting possible fraud or abuse by 
individuals in their operations and programs.
    11. VA may, on its own initiative, disclose any information or 
records to appropriate agencies, entities, and persons when (1) VA 
suspects or has confirmed that the integrity or confidentiality of 
information in the system of records has been compromised; (2) the 
Department has determined that as a result of the suspected or 
confirmed compromise, there is a risk of embarrassment or harm to the 
reputations of the record subjects, harm to economic or property 
interests, identity theft or fraud, or harm to the security, 
confidentiality, or integrity of this system or other systems or 
programs (whether maintained by the Department or another agency or 
entity) that rely upon the potentially compromised information; and (3) 
the disclosure is to agencies, entities, or persons whom VA determines 
are reasonably necessary to assist or carry out the Department's 
efforts to respond to the suspected or confirmed compromise and 
prevent, minimize, or remedy such harm. This routine use permits 
disclosures by the Department to respond to a suspected or confirmed 
data breach, including the conduct of any risk analysis or provision of 
credit protection services as provided in 38 U.S.C. 5724, as the terms 
are defined in 38 U.S.C. 5727.
    3. In the system identified as 108VA11S, ``Spinal Cord Dysfunction-
Registry (SCD-R)-VA'', as set forth in the Federal Register 69 FR 
35139, and last amended on June 23, 2004. Two new routine uses are 
added as follows:
108VA11S

SYSTEM NAME:
    Spinal Cord Dysfunction-Registry (SCD-R)-VA.
* * * * *

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
* * * * *
    12. Disclosure to other Federal agencies may be made to assist such 
agencies in preventing and detecting possible fraud or abuse by 
individuals in their operations and programs.
    13. VA may, on its own initiative, disclose any information or 
records to appropriate agencies, entities, and persons when (1) VA 
suspects or has confirmed that the integrity or confidentiality of 
information in the system of records has been compromised; (2) the 
Department has determined that as a result of the suspected or 
confirmed compromise, there is a risk of embarrassment or harm to the 
reputations of the record subjects, harm to economic or property 
interests, identity theft or fraud, or harm to the security, 
confidentiality, or integrity of this system or other systems or 
programs (whether maintained by the Department or another agency or 
entity) that rely upon the potentially compromised information; and (3) 
the disclosure is to agencies, entities, or persons whom VA determines 
are reasonably necessary to assist or carry out the Department's 
efforts to respond to the suspected or confirmed compromise and 
prevent, minimize, or remedy such harm. This routine use permits 
disclosures by the Department to respond to a suspected or confirmed 
data breach, including the conduct of any risk analysis or provision of 
credit protection services as provided in 38 U.S.C. 5724, as the terms 
are defined in 38 U.S.C. 5727.

[FR Doc. E9-5598 Filed 3-13-09; 8:45 am]
BILLING CODE 8320-01-P