[Federal Register Volume 74, Number 65 (Tuesday, April 7, 2009)]
[Notices]
[Pages 15720-15722]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: E9-7818]
=======================================================================
-----------------------------------------------------------------------
ENVIRONMENTAL PROTECTION AGENCY
[FRL-8789-8; EPA-HQ-OEI-2007-1152]
Amendment to the Toxic Substances Control Act Confidential
Business Information Records Access System, EPA-20
AGENCY: Environmental Protection Agency (EPA).
ACTION: Notice.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the provisions of the Privacy Act of 1974 (5
U.S.C. 552a), the Office of Pollution Prevention and Toxics is giving
notice that it proposes to amend the ``Toxic Substance Control Act
Confidential Business Information Records Access System'' to
``Confidential Business Information Tracking System (CBITS)'' to
correct the official name of the system of record notice (SORN), system
location and system manager.
DATES: Persons wishing to comment on this system of records notice must
do so by May 18, 2009.
ADDRESSES: Submit your comments, identified by Docket ID No. EPA-HQ-
2007-1152, by one of the following methods:
http://www.regulations.gov: Follow the online instructions
for submitting comments.
E-mail: [email protected]
Fax: 202-566-1752.
Mail: OEI Docket, Environmental Protection Agency,
Mailcode: 2822T, 1200 Pennsylvania Ave., NW., Washington, DC 20460.
Hand Delivery: OEI Docket, EPA/DC, EPA West Building, Room
B102, 1301 Constitution Ave., NW., Washington, DC. Such deliveries are
only accepted during the Docket's normal hours of operation and special
arrangements should be made for deliveries of boxed information.
Instructions: Direct your comments to Docket ID No. EPA-HQ-OEI-
2007-1152. EPA's policy is that all comments received will be included
in the public docket without change and may be made available online at
http://www.regulations.gov, including any personal information
provided, unless the comment includes information claimed to be
Confidential Business Information (CBI) or other information for which
disclosure is restricted by statute. Do not submit information that you
consider to be CBI or otherwise protected through http://www.regulations.gov. The http://www.regulations.gov Web site is an
``anonymous access'' system, which means EPA will not know your
identity or contact information unless you provide it in the body of
your comment. If you send an e-mail comment directly to EPA without
going through http://www.regulations.gov your e-mail address will be
automatically captured and included as part of the comment that is
placed in the public docket and made available on the Internet. If you
submit an electronic comment, EPA recommends that you include your name
and other contact information in the body of your comment and with any
disk or CD-ROM you submit. If EPA cannot read your comment due to
technical difficulties and cannot contact you for clarification, EPA
may not be able to consider your comment. Electronic files should avoid
the use of special characters, any form of encryption, and be free of
any defects or viruses. For additional information about EPA's public
docket visit the EPA Docket Center homepage at http://www.epa.gov/epahome/dockets.htm.
Docket: All documents in the docket are listed in the http://www.regulations.gov index. Although listed in the index, some
information is not publicly available, e.g., CBI or other information
for which disclosure is restricted by statute. Certain other material,
such as copyrighted material, will be publicly available only in hard
copy. Publicly available docket materials are available either
[[Page 15721]]
electronically in http://www.regulations.gov or in hard copy at the OEI
Docket, EPA/DC, EPA West Building, Room B102, 1301 Constitution Ave.,
NW., Washington, DC. The Public Reading Room is open from 8:30 a.m. to
4:30 p.m., Monday through Friday excluding legal holidays. The
telephone number for the Public Reading Room is (202) 566-1744, and the
telephone number for the OEI Docket is (202) 566-1752.
FOR FURTHER INFORMATION CONTACT: Tony Cheatham, 202-564-8594.
SUPPLEMENTARY INFORMATION:
I. General Information
The ``Confidential Business Information Tracking System (CBITS)''
tracks documents received by the Environmental Protection Agency (EPA),
Office of Pollution Prevention and Toxics (OPPT) as well as all
information pertaining to the EPA, the contractors, and other
government staff members that request access to Toxic Substances
Control Act (TSCA) Confidential Business Information (CBI). CBITS has a
major security module that tracks information on federal and contractor
personnel, contractors, and other government staff members that have
been granted approval to access TSCA CBI. The security module also
tracks EPA OPPT contracts, contracting companies, and other off-site
classified CBI locations. The system functionality allows an approved
OPPT staff member or CBITS data base administrator (DBA) to create and
modify profiles on federal and contractor personnel and contractor site
information. Access to CBITS is limited to federal and contractor
personnel responsible for the systems operations and management.
In 1986, CBITS was developed to process and track TSCA CBI data and
users approved to access CBI data. The security module was created to
validate the user TSCA CBI security clearance in connection with
reviewing CBI materials. The security module contained vital
information such as name, social security number (SSN), company/
contractor identification, contractor site, and agency information that
was required from the TSCA CBI Access Request, Agreement, and Approval
Form, EPA Form 7740-6 (Rev. 10-03) and TSCA CBI ADP Registration Form,
EPA Form 7740-25 (10-92). The SSN was a required data field in the
system linked to user access of TSCA CBI and user profile reports. In
October 2003, the EPA Form 7740-6 was revised to require the user to
provide a 9 digit number replacing the SSN. Staff records prior to the
revision contain the SSN for active and historical records.
CBITS is maintained in a secured storage facility at EPA
Headquarters by OPPT in Washington, DC where only authorized and TSCA
CBI cleared personnel, EPA staff or contractor's that have rights to
manage the system or have access are allowed. User profiles can only be
accessed by the CBITS DBA and authorized system users that maintain the
security module and personnel data. The process of accessing CBITS
information is compliant with TSCA Security procedures, FISCAM 3.2 and
NIST 800-18. All precautions and guidelines are met so that the
confidentiality of the data is not compromised.
Dated: March 23, 2009.
Linda A. Travers,
Acting Assistant Administrator and Chief Information Officer.
EPA-20
System Name:
Confidential Business Information Tracking System.
System Location:
Office of Pollution Prevention and Toxics, Information Management
Division, Environmental Protection Agency, EPA East Building, 1200
Pennsylvania Avenue NW., Washington, DC 20460.
Categories of Individuals Covered by the System:
EPA and other Federal agency employees and Office of Pollution
Prevention and Toxics contractor employees who are or have ever been
authorized for access to Toxic Substances Control Act Confidential
Business Information (TSCA CBI).
Categories of Records in the System:
The system contains basic identification information such as name,
EPA identification card number, date and place of birth, office of
contractor for which the individual works and telephone number. In
addition, the system contains information pertinent to TSCA CBI access
such as security briefing date, date added to system, date deleted from
system and type of access authorized. The system no longer collects
SSNs but maintains those previously collected.
Authority for Maintenance of the System (includes any revisions or
amendments):
Toxic Substances Control Act, 15 U.S.C. 2601 et seq.
Purpose(s):
To maintain a record of those persons cleared for access to TSCA
CBI and to maintain the security of TSCA CBI.
Routine Uses of Records Maintained in the System, Including Categories
of Users, and the Purposes of Such Uses:
General routine uses A, B, C, D, E, F, G, H, K, and L apply to this
system. Records may also be disclosed:
1. To other Federal agencies when they possess TSCA CBI and need to
verify clearance of EPA.
Policies and Practices For Storing, Retrieving, Accessing, Retaining,
and Disposing of Records in the System:
Storage:
Current records are maintained in a computer database. Some older
records are maintained in hard copy files.
Retrievability:
From the computer database by addressing any type of data contained
in the database, including name. From alphabetized hard copy files by
name.
Safeguards:
Computer records are maintained in a secure, password protected
computer system. Paper records are maintained in safes. All records are
maintained in secure, access-controlled areas or buildings.
Retention and Disposal:
Information in this system is maintained and updated for so long as
individuals identified in the system are authorized for access to TSCA
CBI. EPA Records Schedule 624, Title: Confidential Business Information
Access, NARA Disposal Authority: N1-412-03-20
System Manager(s) and Address:
Director, Information Management Division, Office of Pollution
Prevention and Toxics, Environmental Protection Agency, EPA East
Building, 1200 Pennsylvania Avenue NW., Washington, DC 20460.
Notification Procedures:
Any individual who wants to know whether this system of record
contains a record about him or her, who wants access to his or her
record, or who wants to contest the contents of a record, should make a
written request to the Freedom of Information Office, ATTENTION:
Privacy Act Officer.
Access Procedure:
Requesters will be required to provide adequate identification,
such as a driver's license, employee identification card, or other
identifying document.
[[Page 15722]]
Additional identification procedures may be required in some instances.
Contesting Procedure:
Requests for correction or amendment must identify the record to be
changed and the corrective action sought. Complete EPA Privacy Act
procedures are set out in 40 CFR Part 16.
Record Source Categories:
Record subjects provide identification information. EPA personnel
add information about dates and type of access authorized.
System exempted from certain provisions of the Privacy Act:
None.
[FR Doc. E9-7818 Filed 4-6-09; 8:45 am]
BILLING CODE 6560-50-P