[Federal Register Volume 82, Number 172 (Thursday, September 7, 2017)]
[Notices]
[Pages 42274-42277]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2017-18904]


=======================================================================
-----------------------------------------------------------------------

AMERICAN BATTLE MONUMENTS COMMISSION


Privacy Act of 1974; System of Records

AGENCY: American Battle Monuments Commission.

ACTION: Notice of a New System of Records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Privacy Act of 1974, as amended, the American 
Battle Monuments Commission establishes a new system of records titled, 
``ABMC-6, Personnel and Payroll System''. This system allows the 
American Battle Monuments Commission to ensure proper payment for 
salary and benefits, and to track time worked, leave, or other absences 
for reporting and compliance purposes. Once this notice and the 
associated routine uses go into effect, the American Battle Monuments 
Commission will rescind two previously published system of records 
notices, ``ABMC-1, Official Personnel Records'', and ``ABMC-2, General 
Financial Records'', as the related records will be maintained under 
this newly established system of records.

DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), this system of 
records notice is effective upon publication, with the exception of the 
routine uses, which will go into effect 30 days after publication of 
this notice, on September 7, 2017, unless comments have been received 
from interested members of the public requiring modification and 
republication of the notice. Please submit any comments by October 10, 
2017.

ADDRESSES: Any person interested in commenting on the establishment of 
this new system of records may do so by: Submitting comments in writing 
to Jamilyn Smyser, Program Management Officer, American Battle 
Monuments Commission, 2300 Clarendon Boulevard, Suite 500, Arlington, 
Virginia 22201; or emailing comments to [email protected].

FOR FURTHER INFORMATION CONTACT: Senior Agency Official for Privacy, 
American Battle Monuments Commission, 2300 Clarendon Boulevard, Suite 
500, Arlington, VA 22201; or by telephone at 703-696-6900.

SUPPLEMENTARY INFORMATION: 

I. Background

    The American Battle Monuments Commission (ABMC) builds and 
maintains suitable memorials commemorating the service of American 
Armed Forces and maintains permanent American military cemeteries in 
foreign countries. ABMC employs U.S. citizens, lawful permanent 
residents, and non-U.S. citizens or nationals from foreign countries. 
ABMC maintains the ABMC-6, Personnel and Payroll System, to manage 
payroll and personnel data for ABMC employees, ensure proper payment of 
salary and benefits to ABMC personnel, and track time worked and leave 
or other absences for reporting and compliance purposes. ABMC is 
publishing this new system of records notice to reflect updates to ABMC 
payroll and personnel data processes and services.
    ABMC has entered into an agreement with the Department of the 
Interior (DOI) Interior Business Center (IBC), a Federal agency shared 
service provider, to provide payroll and personnel processing services 
through DOI's Federal Personnel and Payroll System (FPPS). Although DOI 
will host and process payroll and personnel data on behalf of ABMC, 
ABMC will retain ownership and control over its own data. ABMC has 
included a routine use in this notice to permit sharing of records with 
DOI for hosting and support services. Individuals seeking access to 
their records owned and maintained by ABMC must submit their requests 
to ABMC as outlined in the Record Access Procedures, Contesting Record 
Procedures, and Notification Procedures sections below.

II. Privacy Act

    The Privacy Act of 1974, as amended, embodies fair information 
practice principles in a statutory framework governing the means by 
which Federal agencies collect, maintain, use, and disseminate 
individuals' records. The Privacy Act applies to records about 
individuals that are maintained in a ``system of records.'' A ``system 
of records'' is a group of any records under the control of an agency 
from which information is retrieved by the name of an individual or by 
some identifying number, symbol, or other identifying particular 
assigned to the individual.
    The Privacy Act requires each agency to publish in the Federal 
Register a description denoting the existence and character of each 
system of records that the agency maintains and the routine uses of 
each system. The ABMC-6, Personnel and Payroll System, system of 
records notice is published in its entirety below. In accordance with 5 
U.S.C. 552a(r), ABMC has provided a report of this system of records to 
the Office of Management and Budget and to Congress.

    Dated: August 21, 2017.
Edwin Fountain,
Senior Agency Official for Privacy.
SYSTEM NAME AND NUMBER
    ABMC-6, Personnel and Payroll System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    The ABMC-6, Personnel and Payroll System, system of records is 
centrally managed by the American Battle Monuments Commission, 2300 
Clarendon Boulevard, Suite 500, Arlington, VA 22201-3367. Electronic 
payroll and personnel records processed through the FPPS under a shared 
service agreement with DOI are located at the U.S. Department of the 
Interior, Interior Business Center, Human Resources and Payroll 
Services, 7301 W Mansfield Ave. MS D-2000 Denver, CO 80235.

SYSTEM MANAGER(S):
    Chief Human Resources, American Battle Monuments Commission, 2300 
Clarendon Boulevard, Suite 500, Arlington, VA 22201.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    36 U.S.C. 2102; 5 U.S.C. Chapter 55; 5 CFR part 293; and Executive 
Order 9397 as amended by Executive Order 13478, relating to Federal 
agency use of Social Security numbers.

PURPOSE(S) OF THE SYSTEM:
    The purpose of the system is to allow ABMC to collect and maintain 
records on current and former employees to ensure proper payment for 
salary and benefits, and to track time worked, leave, or other absences 
for reporting and compliance purposes.

[[Page 42275]]

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The system maintains records concerning current and former ABMC 
employees, including volunteers and emergency employees, and limited 
information regarding employee spouses, dependents, emergency contacts, 
or in the case of an estate, a trustee who meets the definition of 
``individual'' as that term is defined in the Privacy Act. The Privacy 
Act defines an individual as a United States citizen or an alien 
lawfully admitted for permanent residence. Although ABMC employs U.S. 
citizens, lawful permanent residents, and nationals from foreign 
countries, the ABMC-6 system of records only maintains records 
concerning ABMC employees who are U.S. citizens and lawful permanent 
residents.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system maintains records including:
     Employee biographical and employment information: Employee 
name, other names used, citizenship, gender, date of birth, group 
affiliation, marital status, Social Security number (SSN), truncated 
SSN, legal status, place of birth, records related to position, 
occupation, duty location, security clearance, financial information, 
medical information, disability information, education information, 
driver's license, race/ethnicity, personal telephone number, personal 
email address, military status/service, mailing/home address, Taxpayer 
Identification Number, bank account information, professional licensing 
and credentials, family relationships, age, involuntary debt 
(garnishments or child support payments), employee common identifier 
(ECI), user identification and any other employment information.
     Third-party information: Spouse information, emergency 
contact, beneficiary information, savings bond co-owner name(s) and 
information, family members and dependents information.
     Salary and benefits information: Salary data, retirement 
data, tax data, deductions, health benefits, deductions, allowances, 
union dues, insurance data, Flexible Spending Account, Thrift Savings 
Plan contributions, pay plan, payroll records, awards, court order 
information, back pay information, debts owed to the government as a 
result of overpayment, refunds owed, or a debt referred for collection 
on a transferred employee or emergency worker.
     Timekeeping information: Time and attendance records, 
leave records, the system may also maintain records including other 
information required to administer payroll, leave, and related 
functions.

RECORD SOURCE CATEGORIES:
    Information is obtained from individuals on whom the records are 
maintained, official personnel records of individuals on whom the 
records are maintained, supervisors, timekeepers, previous employers, 
the Internal Revenue Service and state tax agencies, the Department of 
the Treasury, other Federal agencies, courts, state child support 
agencies, employing agency accounting offices, and third-party benefit 
providers.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information maintained in this system may be disclosed to authorized 
entities outside ABMC for purposes determined to be relevant and 
necessary as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (DOJ), including Offices of the 
U.S. Attorneys, or other Federal agencies conducting litigation or in 
proceedings before any court, adjudicative, or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    (1) ABMC;
    (2) Any employee or former employee of ABMC in his or her official 
capacity;
    (3) Any employee or former employee of ABMC in his or her 
individual capacity when DOJ or ABMC has agreed to represent the 
employee; or
    (4) The U.S. Government or any agency thereof.
    B. To a congressional office in response to a written inquiry that 
an individual covered by the system, or the heir of such individual if 
the covered individual is deceased, has made to the office.
    C. To the Office of Management and Budget (OMB) during the 
coordination and clearance process in connection with legislative 
affairs as mandated by OMB Circular A-19.
    D. To other Federal agencies who provide payroll and personnel 
processing services under a cross-servicing agreement for purposes 
relating to ABMC employee payroll and personnel processing.
    E. To another federal agency as required for payroll purposes, 
including to the Department of the Treasury for preparation of payroll 
and to issue checks and electronic funds transfer.
    F. To the Office of Personnel Management, the Merit System 
Protection Board, Federal Labor Relations Authority, or the Equal 
Employment Opportunity Commission when requested in the performance of 
their authorized duties.
    G. To appropriate Federal and state agencies to provide reports 
including data on unemployment insurance.
    H. To State offices of unemployment compensation to assist in 
processing an individual's unemployment, survivor annuity, or health 
benefit claim, or for records reconciliation purposes.
    I. To Federal Employee's Group Life Insurance or Health Benefits 
carriers in connection with survivor annuity or health benefits claims 
or records reconciliations.
    J. To the Internal Revenue Service and State and local tax 
authorities for which an employee is or was subject to tax regardless 
of whether tax is or was withheld in accordance with Treasury Fiscal 
Requirements, as required.
    K. To the Internal Revenue Service or to another Federal agency or 
its contractor to disclose debtor information solely to aggregate 
information for the Internal Revenue Service to collect debts owed to 
the Federal government through the offset of tax refunds.
    L. To any creditor Federal agency seeking assistance for the 
purpose of that agency implementing administrative or salary offset 
procedures in the collection of unpaid financial obligations owed the 
United States Government from an individual.
    M. To any Federal agency where the individual debtor is employed or 
receiving some form of remuneration for the purpose of enabling that 
agency to collect debts on the employee's behalf by administrative or 
salary offset procedures under the provisions of the Debt Collection 
Act of 1982.
    N. To the Internal Revenue Service, and state and local authorities 
for the purposes of locating a debtor to collect a claim against the 
debtor.
    O. To any source from which additional information is requested by 
ABMC relevant to an ABMC determination concerning an individual's pay, 
leave, or travel expenses, to the extent necessary to identify the 
individual, inform the source of the purpose(s) of the request, and to 
identify the type of information requested.
    P. To the Social Security Administration and the Department of

[[Page 42276]]

the Treasury to disclose pay data on an annual basis.
    Q. To the Social Security Administration to credit the employee or 
emergency worker account for Old-Age, Survivors, and Disability 
Insurance (OASDI) and Medicare deductions.
    R. To the Federal Retirement Thrift Investment Board's record 
keeper, which administers the Thrift Savings Plan, to report 
deductions, contributions, and loan payments.
    S. To a Federal agency or in response to a congressional inquiry 
when additional or statistical information is requested relevant to the 
ABMC Transit Fare Subsidy Program.
    T. To the Department of Health and Human Services for the purpose 
of providing information on new hires and quarterly wages as required 
under the Personal Responsibility and Work Opportunity Reconciliation 
Act of 1996.
    U. To the Office of Child Support Enforcement, Administration for 
Children and Families, Department of Health and Human Services for the 
purposes of locating individuals to establish paternity; establishing 
and modifying orders of child support; identifying sources of income; 
and for other child support enforcement actions as required by the 
Personal Responsibility and Work Opportunity Reconciliation Act 
(Welfare Reform Law, Pub. L. 104-193).
    V. To the Office of Personnel Management or its contractors in 
connection with programs administered by that office, including, but 
not limited to, the Federal Long Term Care Insurance Program, the 
Federal Dental and Vision Insurance Program, the Flexible Spending 
Accounts for Federal Employees Program, and the electronic Human 
Resources Information Program.
    W. To charitable institutions, when an employee designates an 
institution to receive contributions through salary deduction.
    X. To any criminal, civil, or regulatory law enforcement authority 
(whether Federal, state, territorial, local, tribal or foreign) when a 
record, either alone or in conjunction with other information, 
indicates a violation or potential violation of law--criminal, civil, 
or regulatory in nature.
    Y. To the National Archives and Records Administration (NARA) to 
conduct records management inspections under the authority of 44 U.S.C. 
2904 and 2906.
    Z. To an expert, consultant, grantee, or contractor (including 
employees of the contractor) of ABMC that performs services requiring 
access to these records on ABMC's behalf to carry out the purposes of 
the system, including employment verifications, unemployment claims, 
and W-2 services.
    AA. To the Department of Labor for processing claims for employees, 
emergency workers, or volunteers injured on the job or claiming 
occupational illness.
    BB. To appropriate agencies, entities, and persons when:
    (1) ABMC suspects or has confirmed that there has been a breach of 
the system of records,
    (2) ABMC has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, ABMC 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and
    (3) The disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with ABMC's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    CC. To another Federal agency or Federal entity, when ABMC 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in:
    (1) Responding to a suspected or confirmed breach; or
    (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    DD. To another Federal agency to provide information needed in the 
performance of official duties related to reconciling or reconstructing 
data files or to enable that agency to respond to an inquiry by the 
individual to whom the record pertains.
    EE. To Federal, state, territorial, local, tribal, or foreign 
agencies that have requested information relevant or necessary to the 
hiring, firing or retention of an employee or contractor, or to the 
issuance of a security clearance, license, contract, grant or other 
benefit.
    FF. To an agency or organization for the purpose of performing 
audit or oversight operations as authorized by law, but only such 
information as is necessary and relevant to such audit or oversight 
function.
    GG. In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body, when the Department of Justice 
determines that the records are arguably relevant to the proceeding; or 
in an appropriate proceeding before an administrative or adjudicative 
body when the adjudicator determines the records to be relevant to the 
proceeding.
    HH. To the news media and the public, with the approval of the 
Agency Privacy Officer in consultation with counsel, when there exists 
a legitimate public interest in the disclosure of the information or 
when disclosure is necessary to preserve confidence in the integrity of 
ABMC or is necessary to demonstrate the accountability of ABMC's 
officers, employees, or individuals covered by the system, except to 
the extent it is determined that release of the specific information in 
the context of a particular case would constitute an unwarranted 
invasion of personal privacy.

 POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Paper records are maintained in file folders stored within locking 
filing cabinets or locked rooms in secured facilities with controlled 
access. Electronic records are stored in computers, removable drives, 
storage devices, electronic databases, and other electronic media under 
the control of ABMC, and in other Federal agency systems pursuant to 
interagency sharing agreements.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by name, SSN, ECI, birth date, 
organizational code, or other assigned person.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are maintained in accordance with General Records Schedule 
(GRS) 1.0 ``Finance'', and GRS 2.0 ``Human Resources'', which are 
approved by the National Archives and Records Administration. The 
system generally maintains temporary records, and retention periods 
vary based on the type of record under each item and the needs of the 
agency. Paper records are disposed of by shredding or pulping, and 
records maintained on electronic media are degaussed or erased in 
accordance with the applicable records retention schedule and NARA 
guidelines.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The records maintained in this system are safeguarded in accordance 
with ABMC security and privacy rules and policies. During normal hours 
of operations, paper records are maintained in locked files cabinets 
under the control of authorized personnel. Information technology

[[Page 42277]]

systems follow the National Institute of Standards and Technology 
privacy and security standards developed to comply with the Privacy Act 
of 1974 as amended, 5 U.S.C. 552a; the Paperwork Reduction Act of 1995, 
Pub. L. 104-13; the Federal Information Security Modernization Act of 
2014, Pub L. 113-283, as codified at 44 U.S.C. 3551 et seq.; and the 
Federal Information Processing Standard 199, Standards for Security 
Categorization of Federal Information and Information Systems. Computer 
servers on which electronic records are stored are located in secured 
ABMC and DOI facilities with physical, technical and administrative 
levels of security to prevent unauthorized access to the ABMC and DOI 
network and information assets. Security controls include encryption, 
firewalls, audit logs, and network system security monitoring. 
Electronic data is protected through user identification, passwords, 
database permissions and software controls. Access to records in the 
system is limited to authorized personnel who have a need to access the 
records in the performance of their official duties, and each person's 
access is restricted to only the functions and data necessary to 
perform that person's job responsibilities. System administrators and 
authorized users for both ABMC and DOI are trained and required to 
follow established internal security protocols and must complete all 
security, privacy, and records management training, and sign Rules of 
Behavior for each agency.

RECORD ACCESS PROCEDURES:
    An individual may request records on himself or herself by sending 
a signed, written inquiry to American Battle Monuments Commission, 
Office of the General Counsel, 2300 Clarendon Boulevard, Suite 500, 
Arlington VA 22201, or by calling the Office of the General Counsel at 
(703) 696-6902 on business days, between the hours of 9 a.m. and 5 
p.m., to schedule an appointment to make such a request in person. 
Requests for records access must meet the requirements of ABMC Privacy 
Act regulations at 36 CFR part 407.

CONTESTING RECORD PROCEDURES:
    An individual requesting amendment or correction of his or her 
records should send a signed, written request to American Battle 
Monuments Commission, Office of the General Counsel, 2300 Clarendon 
Boulevard, Suite 500, Arlington VA 22201. Requests for amendment or 
correction must meet the requirements of ABMC Privacy Act regulations 
at 36 CFR Sections 407.6 and 407.7.

NOTIFICATION PROCEDURES:
    An individual may inquire whether this system of records maintains 
records about him or her by sending a signed, written inquiry to 
American Battle Monuments Commission, Office of the General Counsel, 
2300 Clarendon Boulevard, Suite 500, Arlington VA 22201, or by calling 
the Office of the General Counsel at (703) 696-6902 on business days, 
between the hours of 9 a.m. and 5 p.m., to schedule an appointment to 
make such a request in person. Requests for notifications must meet the 
requirements of ABMC Privacy Act regulations at 36 CFR part 407.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.
[FR Doc. 2017-18904 Filed 9-6-17; 8:45 am]
 BILLING CODE 6120-01-P