[Federal Register Volume 84, Number 99 (Wednesday, May 22, 2019)]
[Notices]
[Pages 23636-23639]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2019-10632]


-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY


Privacy Act of 1974; System of Records

AGENCY: Department of the Treasury.

ACTION: Notice of a Modified System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the requirements of the Privacy Act of 
1974, the Department of the Treasury (``Treasury'' or the 
``Department'') proposes to modify a current Treasury system of records 
titled, ``Treasury .007--Personnel Security System--System of 
Records.'' This system supports the Department in conducting end-to-end 
personnel security, fitness, suitability and credentialing processes. 
This system of records contains records related to employee and 
contractor vetting as well as investigative, administrative, 
adjudicative, and/or determination information for decisions concerning 
whether an individual is suitable or fit for Government employment or 
eligible to access classified national security information. This 
action is necessary to meet the requirements of the Privacy Act to 
publish in the Federal Register notice of the existence and character 
of system of records maintained by the agency (5 U.S.C. 552a(e)(4)).

DATES: Submit comments on or before June 21, 2019. The new routine uses 
will be applicable on June 21, 2019 unless Treasury receives comments 
and determines that changes to the system of records notice are 
necessary.

ADDRESSES: Comments may be submitted to the Federal eRulemaking Portal 
electronically at http://www.regulations.gov. Comments can also be sent 
to the Deputy Assistant Secretary for Privacy, Transparency, and 
Records, Department of the Treasury, 1500 Pennsylvania Avenue NW, 
Washington, DC 20220, Attention: Revisions to Privacy Act Systems of 
Records. All comments received, including attachments and other 
supporting documents, are part of the public record and subject to 
public disclosure. All comments received will be posted without change 
to www.regulations.gov, including any personal information provided. 
You should submit only information that you wish to make publicly 
available.

FOR FURTHER INFORMATION CONTACT: For general questions and for privacy 
issues please contact: Deputy Assistant Secretary for Privacy, 
Transparency, and Records (202-622-5710), Department of the Treasury, 
1500 Pennsylvania Avenue NW, Washington, DC 20220.

SUPPLEMENTARY INFORMATION: In accordance with the Privacy Act of 1974, 
Treasury proposes to modify a current Treasury system of records 
titled, ``Treasury .007--Personnel Security System.''
    The Department of the Treasury is an early adopter of a Department 
of Defense (DoD)-provided electronic adjudicative case management 
shared service through DoD's Defense Information System for Security 
(``DISS'') (system of records notice (SORN): ``DMDC 24 DoD--Defense 
Information System for Security (DISS)''). DISS maintains information 
on security clearance access, personnel security eligibility, 
suitability for Government employment, fitness to perform work for or 
on behalf of the U.S. Government as a contractor, and eligibility for 
logical and physical access to Treasury controlled facilities and 
information systems. It also provides an all-inclusive medium to 
document personnel security adjudicative actions within the subscribing 
agency, allowing users to provide investigation and adjudication 
updates to security managers and other security officials. All users of 
DISS must be appropriately screened, investigated, and granted access 
based on the user's specific functions, security eligibility, and 
access level. Treasury maintenance of its records--currently outlined 
in Treasury .007--within DISS will be used to ensure Treasury is 
upholding the highest standards of integrity,

[[Page 23637]]

loyalty, conduct, and security among its employees and contract 
personnel. It will also help streamline the vetting process by 
utilizing a single system for all phases of vetting operations to 
include adjudication, continuous evaluation/continuous vetting, and 
case management, while maintaining compliance with all applicable 
legal, regulatory and policy authorities.
    To allow Treasury's participation and continued involvement in 
DISS, Treasury is implementing the changes to the SORN listed below:
    (1) To add the following categories of records maintained in the 
system: ``to include names and addresses of neighbors and references,'' 
``to include names of supervisors and colleagues,'' ``publicly 
available social media information,'' ``position sensitivity; status of 
current adjudicative action; status of security clearance eligibility 
and/or access, suitability, fitness, or Homeland Security Presidential 
Directive-12 (HSPD-12) Personal Identity Verification (PIV) 
determinations; and investigative records related to initial vetting, 
reinvestigation, continuous evaluation, and/or continuous vetting.'' To 
update the categories of records to state that ``[t]his system 
maintains information collected as part of the investigative vetting 
process. This information may include the individual's personally 
identifiable information; residential, educational, employment, and 
mental health history; financial details, and criminal and disciplinary 
histories; to include:'';
    (2) To update existing applicable authorities for maintenance of 
the system;
    (3) To clarify the purpose(s) of records stored in the system, by 
modifying the clause ``investigatory information,'' to the following: 
``investigative and related administrative, adjudicative, and other 
information necessary'';
    (4) To add routine uses to share information (a) with other federal 
agencies or federal entities as required by the Office of Management 
and Budget (OMB) Memorandum 17-12, ``Preparing for and Responding to a 
Breach of Personally Identifiable Information,'' dated January 3, 2017, 
to assist Treasury in responding to a suspected or confirmed breach or 
prevent, minimize, or remedy the risk of harm to the requesters, 
Treasury, the Federal Government, or national security, and (b) with 
the Department of Defense, other Federal agency or other appropriate 
entity to authorize Treasury's participation in DISS, which allows 
Treasury to transfer the records covered by Treasury .007 to DISS for 
storage and maintenance only; though records will be maintained in a 
DoD-managed system, only Treasury-affiliated users will have access to 
these records.
    (5) To update the storage of records in the system;
    (6) To add social security number (SSN), date of birth, place of 
birth, Investigative Service Provider's investigation number, DISS 
adjudicative case identification number or some combination thereof as 
sources for retrieval of records;
    (7) To update the agency's safeguards;
    (8) To clarify that records may be sourced not only from the 
individual, but from authorized investigative, employment, and security 
entities as well;
    (9) To update the policies and practices for retention and disposal 
of records; and
    (10) Other changes throughout the document are editorial in nature 
and consist primarily of changes to clarify language and processes.
    This modified system will be included in Treasury's inventory of 
record systems. Below is the description of the Department of the 
Treasury, Treasury .007--Personnel Security System.
    Treasury has provided a report of this system of records to the 
Committee on Oversight and Government Reform of the House of 
Representatives, the Committee on Homeland Security and Governmental 
Affairs of the Senate, and OMB, pursuant to 5 U.S.C. 552a(r) and OMB 
Circular A-108, ``Federal Agency Responsibilities for Review, 
Reporting, and Publication under the Privacy Act,'' dated December 23, 
2016.

Ryan Law,
Deputy Assistant Secretary for Privacy, Transparency, and Records.

SYSTEM NAME AND NUMBER:
    Department of the Treasury, Treasury .007--Personnel Security 
System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Department of the Treasury, 1500 Pennsylvania Avenue NW, Room 3180 
Annex, Washington, DC 20220 in the Office of Security Programs (and 
other office locations identified below) which is responsible for 
making suitability, fitness, security clearance, access, and Homeland 
Security Presidential Directive-12 (HSPD-12) credentialing decisions. 
Other locations at which the system is maintained by Treasury bureaus 
and their associated offices are:
    (1) Departmental Offices (DO):
    a. 1500 Pennsylvania Avenue NW, Room 3180 Annex, Washington, DC 
20220.
    b. Special Inspector General for the Troubled Asset Relief Program 
(SIGTARP): 1801 L Street NW, Washington, DC 20036.
    (2) Office of Inspector General (OIG): 320 Avery Street 
Parkersburg, West Virginia 26101.
    (3) Treasury Inspector General for Tax Administration (TIGTA): 1401 
H Street NW, Suite 469, Washington, DC 20005.
    (4) Alcohol and Tobacco Tax and Trade Bureau (TTB): 1310 G Street 
NW, Washington, DC 20220.
    (5) Office of the Comptroller of the Currency (OCC): 400 7th Street 
SW, Washington, DC 20219.
    (6) Bureau of Engraving and Printing (BEP): 14th & C Streets SW, 
Washington, DC 20228.
    (7) Bureau of the Fiscal Service (BFS): Security Operations 
Division, Personnel Security Branch, 3700 East West Highway, 
Hyattsville, Maryland and BFS at 320 Avery Street, Parkersburg, West 
Virginia 26101.
    (8) United States Mint (MINT): 801 9th Street NW, Washington, DC 
20220.
    (9) Financial Crimes Enforcement Network (FinCEN), Vienna, Virginia 
22183-0039.
    (10) Internal Revenue Service (IRS), 1111 Constitution Avenue NW, 
Washington, DC 20224.

SYSTEM MANAGER(S):
    Department of the Treasury Official prescribing policies and 
practices: Director, Office of Security Programs, 1500 Pennsylvania 
Avenue NW, Room 3180 Annex, Washington, DC 20220.
    The system managers for the Treasury bureau components are:
    (1) Departmental Offices:
    a. Chief, Personnel Security, 1500 Pennsylvania Avenue NW, Room 
3180 Annex, Washington, DC 20220.
    b. SIGTARP: Director, Human Resources, 1801 L Street NW, 
Washington, DC 20036.
    (2) OIG: Personnel Officer, 740 15th Street NW, Suite 510, 
Washington, DC 20220.
    (3) TIGTA: Personnel Security Officer, 1401 H Street NW, Suite 469, 
Washington, DC 20005.
    (4) TTB: Alcohol and Tobacco Tax and Trade Bureau: Director of 
Security and Emergency Preparedness 1310 G Street NW, Washington, DC 
20220.
    (5) BFS: Director, Division of Security and Emergency Preparedness, 
Director, Division of Human Resources Operations Division, Avery Street 
Building, 320 Avery Street, Parkersburg, West Virginia 26101 and 
Director, Administrative Programs Division, 3700

[[Page 23638]]

East West Highway, Hyattsville, Maryland 20782.
    (6) OCC: Director, Administrative Services Division, 400 7th Street 
SW, Washington, DC 20219.
    (7) BEP: Chief, Office of Security, 14th & C Streets NW, 
Washington, DC 20228.
    (8) Mint: Associate Director for Protection, 801 9th Street NW, 8th 
Floor, Washington, DC 20220.
    (9) FinCEN: Director, Vienna, Virginia 22183-0039.
    (10) IRS: Director, Personnel Security, 1111 Constitution Avenue 
NW, Washington, DC 20224.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Executive Order 12968, as amended, Executive Order 13467, Executive 
Order 13488, and Homeland Security Presidential Directive 12 (HSPD-12).

PURPOSE(S) OF THE SYSTEM:
    (1) The records in this system are used to provide investigative 
and related administrative, adjudicative, and other information 
necessary to determine whether an individual is suitable or fit for 
Government employment; eligible for logical and physical access to 
Treasury controlled facilities and information systems; eligible to 
hold sensitive positions (including but not limited to eligibility for 
access to classified information); fit to perform work for or on behalf 
of the U.S. Government as a contractor; qualified to perform contractor 
services for the U.S. Government; or loyal to the United States; and
    (2) while maintaining compliance with applicable legal, regulatory 
and policy authorities.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    (1) Current and former government employees, applicants, 
consultants, experts, contractor personnel occupying sensitive 
positions in the Department; (2) current and former U.S. Executive 
Directors and Alternates employed at International Financial 
Institutions; (3) personnel who are appealing a denial or a revocation 
of a Treasury-issued security clearance; (4) employees and contractor 
personnel who have applied for the HSPD-12 Personal Identity 
Verification (PIV) Card; (5) individuals who are not Treasury 
employees, but who are or were involved in Treasury Department programs 
under a co-operative assignment or under a similar agreement; and (6) 
State, Local, Tribal and Private sector partners identified by Treasury 
sponsors for eligibility to access classified information in support of 
homeland defense initiatives.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Applicable records containing the following information from one or 
more of the categories within background investigations relating to 
personnel investigations conducted by the Office of Personnel 
Management, select Treasury bureaus (IRS, Mint and BEP) and other 
Federal agencies and departments on a pre-placement and post-placement 
basis to make suitability, fitness, and HSPD-12 PIV determinations and 
for granting security clearances. This system maintains information 
collected as part of the investigative vetting process. This 
information may include the individual's personally identifiable 
information; residential, educational, employment, and mental health 
history; financial details, and criminal and disciplinary histories; to 
include:
    (1) An individual's name, former names and aliases; date and place 
of birth; social security number (SSN); height; weight; hair and eye 
color; gender; mother's maiden name; current and former home addresses 
to include names and addresses of neighbors and references, phone 
numbers, and email addresses; employment history to include names of 
supervisors and colleagues; military record information; selective 
service registration record; education and degrees earned; names of 
associates and references with their contact information; citizenship; 
passport information; criminal history; civil court actions; prior 
security clearance and investigative information; mental health 
history; records related to drug and/or alcohol use; financial record 
information; information from the IRS pertaining to income tax returns; 
credit reports; the name, date and place of birth, SSN, and citizenship 
information for spouse or cohabitant; the name and marriage information 
for current and former spouse(s); the citizenship, name, date and place 
of birth, and address for relatives; information on foreign contacts 
and activities; association records; information on loyalty to the 
United States; publicly available social media information; and other 
agency reports furnished to Treasury in connection with the background 
investigation process, and other information developed from the above; 
(2) position sensitivity; status of current adjudicative action; status 
of security clearance eligibility and/or access, suitability, fitness, 
or HSPD-12 PIV determinations; and investigative records related to 
initial vetting, reinvestigation, continuous evaluation, and/or 
continuous vetting; (3) summaries of personal and third party 
interviews conducted during the course of the background investigation; 
(4) previously used card index records comprised of Notice of Personnel 
Security Investigation (OS F 67-32.2); (5) signed Classified 
Information Non-disclosure Agreement (SF 311), and related supplemental 
documents for those persons issued a security clearance; (6) completed 
Security Orientation Acknowledgment (TD F 15-05.01) for persons having 
received initial security training on safeguarding classified 
information; (7) an automated data system reflecting identification 
data on incumbents and former employees, disclosure and authorization 
forms, and record of investigations, level and date of security 
clearance, if any, as well as status of investigations; (8) records 
pertaining to suspensions or an appeal of a denial or a revocation of a 
Treasury-issued security clearance; (9) records pertaining to the 
personal identification verification process mandated by HSPD-12 and 
the issuance, denial or revocation of a PIV card; and (10) records of 
personnel background investigations conducted by other Federal 
agencies.

RECORD SOURCE CATEGORIES:
    Records are obtained from individual employees, applicants, 
detailees, consultants, experts and contractors (including the results 
of in-person interviews) whose files are on record as authorized by 
those concerned; investigative reports from federal investigative 
agencies; criminal or civil investigations; continuous evaluation 
records; police and credit record checks; personnel records; 
educational records and instructors; current and former employers; 
coworkers, neighbors, family members, acquaintances; and authorized 
security representatives.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under the 
Privacy Act of 1974, 5 U.S.C. 552a(b), records and/or information or 
portions thereof maintained as part of this system may be disclosed 
outside Treasury as a routine use pursuant to 5 U.S.C. 552a(b)(3) as 
follows:
    (1) Designated officers and employees of agencies, offices, and 
other establishments in the executive, legislative and judicial 
branches of the Federal government, when such agency, office, or 
establishment conducts an investigation of the individual for purposes 
of granting a security clearance, or for the purpose of making

[[Page 23639]]

a determination of qualifications, suitability, fitness, or issuance of 
an HSPD-12 PIV card for physical and/or logical access to facilities/IT 
systems or restricted areas; to determine access to classified 
information and/or in connection with performance of a service to the 
Federal government under a contract or other agreement;
    (2) Pursuant to the order of a court of competent jurisdiction;
    (3) To the United States Department of Justice (``DOJ''), for the 
purpose of representing or providing legal advice to the Department in 
a proceeding before a court, adjudicative body, or other administrative 
body before which the Department is authorized to appear, when such 
proceeding involves:
    (a) The Department or any component thereof;
    (b) Any employee of the Department in his or her official capacity;
    (c) Any employee of the Department in his or her individual 
capacity where the Department of Justice or the Department has agreed 
to represent the employee; or
    (d) The United States, when the Department determines that 
litigation is likely to affect the Department or any of its components; 
and the use of such records by the DOJ is deemed by the DOJ or the 
Department to be relevant and necessary to the litigation provided that 
the disclosure is compatible with the purpose for which records were 
collected;
    (4) To a Congressional office in response to a written inquiry made 
at the request of the individual to whom the record pertains;
    (5) To another agency or to an instrumentality of any governmental 
jurisdiction within or under the control of the United States for a 
civil or criminal law enforcement activity if the activity is 
authorized by law, and if the head of the agency or instrumentality has 
made a written request to the Treasury component which maintains the 
record specifying the particular portion desired and the law 
enforcement activity for which the record is sought;
    (6) The Office of Personnel Management, Merit Systems Protection 
Board, Equal Employment Opportunity Commission, Federal Labor Relations 
Authority, and the Office of Special Counsel for the purpose of 
properly administering Federal personnel systems or other agencies' 
systems in accordance with applicable laws, Executive Orders, and 
regulations;
    (7) To the Department of Defense or other Federal agency, or other 
appropriate entity, in connection with providing shared services 
approved by the Enterprise Investment Board (EIB) of the Performance 
Accountability Council (PAC), to subscribing agencies for hiring or 
retaining an employee; classifying a position; conducting a security, 
suitability, fitness, or credentialing background investigation 
(including continuous evaluation/continuous vetting); issuing a 
security clearance or sensitive position eligibility; making a 
suitability, fitness, or credentialing decision; recording the results 
of any agency decision with respect to these functions; or in support 
of any of the purposes or functions outlined or otherwise incorporated 
in this system of records;
    (8) To appropriate agencies, entities, and person when (1) the 
Department of the Treasury suspects or has confirmed that there has 
been a breach of the system of records; (2) the Department of the 
Treasury has determined that as a result of the suspected or confirmed 
breach there is a risk of harm to individuals, the Department of the 
Treasury (including its information systems, programs, and operations), 
the Federal Government, or national security; and (3) the disclosure 
made to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the Department of the Treasury's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm; and
    (9) To another Federal agency or Federal entity, when the 
Department of the Treasury determines that information from this system 
of records is reasonably necessary to assist the recipient agency or 
entity in (1) responding to a suspected or confirmed breach or (2) 
preventing, minimizing, or remedying the risk of harm to individuals, 
the recipient agency or entity (including its information systems, 
programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system are stored electronically or on paper in 
secure facilities in a locked drawer behind a locked door.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by name, social security number, date of 
birth, place of birth, Investigative Service Provider's investigation 
number, DISS adjudicative case identification number or some 
combination thereof.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The records on government employees and contractor personnel are 
retained for the duration of their employment at the Treasury 
Department. The records on applicants not selected and separated 
employees are destroyed or sent to the Federal Records Center in 
accordance with General Records Schedule 5.6, item 181. Investigative 
reports are maintained in OPM Central-9 (81 FR 70191). DoD maintains 
post investigative files in DMDC 24 DOD (81 FR 39032).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records in this system are safeguarded in accordance with 
applicable rules and policies, including all applicable Treasury 
automated systems security and access policies. Strict controls have 
been imposed to minimize the risk of compromising the information that 
is being stored. Access to the computer system containing the records 
in this system is limited to those individuals who have a need to know 
the information for the performance of their official duties and who 
have appropriate clearances.

RECORD ACCESS PROCEDURES:
    See ``Notification Procedures'' below.

CONTESTING RECORD PROCEDURES:
    See ``Notification Procedures'' below.

NOTIFICATION PROCEDURES:
    Individuals seeking notification and access to any record contained 
in this system of records, or seeking to contest or amend its content, 
as a part of a Freedom of Information Act (FOIA) request and/or Privacy 
Act request (to include amendment requests, etc.) may inquire in 
writing in accordance with instructions directly to individual Treasury 
components appearing at 31 CFR part 1, subpart C, Appendices A-N for 
Privacy Act and at 31 CFR part 1, subpart A, Appendices A-M for FOIA.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    This system is exempt from 5 U.S.C. 552a(c)(3), (d)(1), (2), (3), 
and (4), (e)(1), (e)(4)(G), (H), and (I), and (f) of the Privacy Act 
pursuant to 5 U.S.C. 552a(k)(5). (See 31 CFR 1.36.)

HISTORY:
    Notice of this system of records was last published in full in the 
Federal Register on November 7, 2016 (81 FR 78266) as the Department of 
the Treasury, Treasury .007--Personnel Security System.

[FR Doc. 2019-10632 Filed 5-21-19; 8:45 am]
 BILLING CODE 4810-25-P