[Federal Register Volume 83, Number 32 (Thursday, February 15, 2018)]
[Notices]
[Pages 6884-6885]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2018-03145]


-----------------------------------------------------------------------

NATIONAL SCIENCE FOUNDATION


Privacy Act of 1974; System of Records

AGENCY: National Science Foundation.

ACTION: Notice of a New System of Records.

-----------------------------------------------------------------------

SUMMARY: The National Science Foundation (NSF) is creating a new system 
of records: NSF-76 Account Registration and Management. This new system 
of records will contain records from a new centralized and streamlined 
account registration process that NSF is transitioning towards to 
provide each user with a single profile and unique identifier to be 
used across NSF systems.

DATES: Persons wishing to comment on the changes set out in this notice 
may do so on or before March 19, 2018.
    Applicable Date: This action will be effective without further 
notice on March 19, 2018 unless modified by subsequent notice to 
incorporate comments received from the public.

ADDRESSES: You may submit comments, identified by [docket number and/or 
RIN number ___], by any of the following methods:
     Federal eRulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Email: The Acting Senior Agency Official for Privacy, 
Dorothy Aronson, at [email protected]. Include [docket number and/or RIN 
number ___] in the subject line of the message.
     Mail: Dorothy Aronson, Acting Senior Agency Official for 
Privacy, Office of Information and Resource Management, National 
Science Foundation, 2415 Eisenhower Ave., Alexandria, VA 22331.
    Instructions: NSF will post all comments on the NSF's website 
(https://www.nsf.gov/policies/privacy_act.jsp). All comments submitted 
in response to this Notice will become a matter of public record. 
Therefore, you should submit only information that you wish to make 
publicly available.

FOR FURTHER INFORMATION CONTACT: If you wish to submit general 
questions about the proposed new system of records NSF-76, please 
contact Dorothy Aronson, Acting Senior Agency Official for Privacy, at 
[email protected].

SUPPLEMENTARY INFORMATION: The new system of records, NSF-76 Account 
Registration and Management, will contain records from a new 
centralized and streamlined account registration process that NSF is 
transitioning towards to provide each user a single profile with a 
unique identifier to be used across NSF systems. The new account 
management functionality allows users to maintain their own account 
profiles, including personal information, and request roles to access 
NSF systems. It will also provide administrators the ability to manage 
roles for their organizations through a dashboard with functions to 
approve, disapprove, and assign roles for their organizations.
SYSTEM NAME AND NUMBER
    Account Registration and Management Records, NSF-76.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    The National Science Foundation, 2415 Eisenhower Ave., Alexandria, 
VA 22314.

SYSTEM MANAGER(S):
    Division Director, Division of Information Systems, 2415 Eisenhower 
Ave., Alexandria, VA 22314. Phone: (703) 292-8150.

[[Page 6885]]

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    42 U.S.C. 1870; 44 U.S.C. 3101.

PURPOSE(S) OF THE SYSTEM:
    (1) To provide a centralized registration system for individuals 
that can be used to register and select role(s) necessary for use of 
NSF systems.
    (2) To provide a dashboard for administrators to easily manage NSF 
system roles for their organizations.
    (3) To provide demographic data that NSF may track over time in 
order to review and evaluate NSF programs.
    (4) To provide data that may be used to pre-populate forms and 
databases for users. This functionality will facilitate proposal 
submission, reviewer activities and other user functions.
    (5) To provide data that may be used for internal NSF compliance 
with applicable laws and policies, and conflict of interest management.
    (6) To provide data that may be used for NSF selection and 
management of reviewers as well as related merit review functions.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who register with NSF and receive an NSF identifier 
(NSF ID) for accessing NSF systems to engage in a range of activities 
with the agency. These activities may include: proposal preparation and 
submission; proposal review activities; organizational account 
management activities; and fellowship and award activities.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Registration information, including: name; email; phone number; 
ORCID digital identifier; and organization affiliation(s).

RECORD SOURCE CATEGORIES:
    Individuals who register with NSF to obtain an NSF identification 
number.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    NSF standard routine uses apply. NSF standard routine uses were 
last published in full in the Federal Register on December 22, 2014. 79 
FR 76398-02, 2014. The NSF standard routine uses can also be found on 
the NSF web page at www.NSF.gov/privacy. In addition to the standard 
routine uses, information may be disclosed to:
    (1) Other federal, state, local government agency, or third parties 
needing information regarding registrations to coordinate programs or 
policy.
    (2) Individual or organizational grant applicants, grantee 
organizations, and collaborators to provide or obtain data as part of 
award administration and to facilitate collaboration between and among 
individuals, organizations and collaborators.
    (3) NSF partners and affiliates to carry out studies for or to 
otherwise assist NSF with program management, evaluation, or reporting.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are stored on electronic digital media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by the registrant's name, email, or NSF 
identifier (NSF ID).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Data collected and maintained pursuant to this System of Records is 
governed by one of the following records retention schedules:

    Grant and Contract Records Schedule N1-307-88-2
    Fellowship Records Schedule NC1-307-82-1
    Declined and Withdrawn Proposal Case Files NSF Records Schedule 
NC1-307-77-1/1

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The National Science Foundation's IT Security and Privacy program 
includes policies, plans, training, and technical safeguards to protect 
sensitive information, which includes personally identifiable 
information (PII). NSF routinely reviews PII in IT systems in addition 
to monitoring the many controls in place to assure that PII is 
appropriately protected. NSF's major applications and general support 
systems are assessed and authorized by NSF's continuous monitoring and 
ongoing authorization program. The authorization process requires a 
thorough security and privacy control review.
    All NSF systems are covered by a system security plan, and major 
applications and general support systems are authorized to operate. 
Applications and devices hosted on the NSF network are subjected to 
extensive vulnerability scanning and compliance checking against 
standard security configurations. Robust virus protection capabilities, 
anti-malware, and network intrusion detection and prevention devices 
provide 24/7 protection against external threats. NSF's strong access 
controls ensure that resources are made available only to authorized 
users, programs, processes or systems by reference to rules of access 
that are defined by attributes and policies.
    NSF uses the capabilities of a Trusted internet Connections (TIC) 
compliant provider for routing agency network traffic and uses the 
federally provided intrusion detection system (IDS), including advanced 
continuous monitoring and risk management analysis. NSF has a well-
established computer security incident response program. NSF's incident 
response procedures include a strong digital forensics capability to 
investigate and review data and identify relevant evidence and 
malicious activity.

RECORD ACCESS PROCEDURES:
    Follow the Requesting Access to Records procedures found at 45 CFR 
part 613.

CONTESTING RECORD PROCEDURES:
    Follow the procedures found at 45 CFR part 613.

NOTIFICATION PROCEDURES:
    Follow the procedures found at 45 CFR part 613.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    This is a new system of records and has not been previously 
published in the Federal Register.

    Dated: February 12, 2018.
Suzanne H. Plimpton,
Reports Clearance Officer, National Science Foundation.
[FR Doc. 2018-03145 Filed 2-14-18; 8:45 am]
BILLING CODE 7555-01-P