[Federal Register Volume 85, Number 18 (Tuesday, January 28, 2020)]
[Notices]
[Pages 4949-4952]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-01431]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[Docket ID: DoD-2020-OS-0014]


Privacy Act of 1974; System of Records

AGENCY: Office of the Secretary, Department of Defense (DoD).

ACTION: Notice of a modified System of Records.

-----------------------------------------------------------------------

SUMMARY: The Office of the Secretary of Defense (OSD) is modifying an 
existing System of Records, Defense Civilian Personnel Data System 
(DCPDS), DPR 34 DoD, by changing the system name and number to the 
Defense Civilian Human Resource Management System (DCHRMS), DHRA 23 
DoD. The DCHRMS serves as the Department's enterprise civilian human 
resources (HR) automated system and supports one-third of the Federal 
work force. The Defense Civilian Personnel Advisory Service will manage 
the development, deployment, and administration of the DCHRMS 
operation. DCHRMS' operational activities will include the processing 
of all personnel transactions, position management, providing workforce 
analysis and reporting for the DoD and external government agencies, 
support for health insurance programs, managing benefits, performance 
management and reporting certification and training. DCHRMS will 
support the entire civilian HR life cycle, with transactions and 
information reflecting acquiring, assigning, training and development, 
sustaining and managing HR compensation, managing organizations, 
supporting benefits management, and separation or termination of 
civilian personnel.

DATES: This System of Records modification is effective upon 
publication; however, comments on the Routine Uses will be accepted on 
or before February 27, 2020. The Routine

[[Page 4950]]

Uses are effective at the close of the comment period.

ADDRESSES: You may submit comments, identified by docket number and 
title, by any of the following methods:
    * Federal Rulemaking Portal: https://www.regulations.gov.
    Follow the instructions for submitting comments.
    * Mail: Department of Defense, Office of the Chief Management 
Officer, Directorate for Oversight and Compliance, 4800 Mark Center 
Drive, Mailbox #24, Suite 08D09, Alexandria, VA 22350-1700.
    Instructions: All submissions received must include the agency name 
and docket number for this Federal Register document. The general 
policy for comments and other submissions from members of the public is 
to make these submissions available for public viewing on the internet 
at https://www.regulations.gov as they are received without change, 
including any personal identifiers or contact information.

FOR FURTHER INFORMATION CONTACT: Ms. Luz D. Ortiz, Chief, Records, 
Privacy and Declassification Division (RPDD), 1155 Defense Pentagon, 
Washington, DC 20311-1155, or by phone at (571) 372-0478.

SUPPLEMENTARY INFORMATION: The OSD is modifying this System of Records 
by changing the following sections: System name and number, system 
location, system manager(s), authority for maintenance of the system, 
purpose(s) of the system, categories of records in the system, 
administrative, technical, and physical safeguards, records source 
categories, routine uses, and notification procedures.
    DCPDS is migrating to new software, a service/cloud based human 
capital management system, which will be referred to as DCHRMS. The 
DCHRMS implementation supports the 2018 President's Management Agenda 
Key Driver of Transformation to ``Build and maintain more modern, 
secure, and resilient information technology to enhance mission 
delivery and productivity'' while potentially reducing costs by 
minimizing variations from standard processes and design, increasing 
efficiencies, and enhancing customer satisfaction. The DCHRMS system 
will streamline and standardize personnel processes, such as hiring, 
reducing time, effort, and costs for the Department and users. The 
Software as a Service Cloud implementation will also provide more 
security as a single record source by eliminating duplicate record 
storage. Building a more modern, secure, and resilient system will 
enhance productivity and customer satisfaction. This includes an 
employee self-service system providing a single, comprehensive 
transactional record for civilian employees, resulting in more 
efficient and streamlined HR processes.
    The OSD notices for Systems of Records subject to the Privacy Act 
of 1974, as amended, have been published in the Federal Register and 
are available from the address in FOR FURTHER INFORMATION CONTACT or at 
the Defense Privacy, Civil Liberties, and Transparency Division website 
at https://dpcld.defense.gov.
    The proposed systems reports, as required by the Privacy Act of 
1974, as amended, were submitted on November 22, 2019, to the House 
Committee on Oversight and Reform, the Senate Committee on Homeland 
Security and Governmental Affairs, and the Office of Management and 
Budget (OMB) pursuant to Section 6 to OMB Circular No. A-108, ``Federal 
Agency Responsibilities for Review, Reporting, and Publication under 
the Privacy Act,'' revised December 23, 2016 (December 23, 2016, 81 FR 
94424).

    Dated: January 23, 2020.
Aaron T. Siegel,
Alternate OSD Federal Register Liaison Officer, Department of Defense.

SYSTEM NAME AND NUMBER:
    Defense Civilian Human Resource Management System (DCHRMS), DHRA 23 
DoD.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Equinix Data Center, 1945 Lunt Avenue, Elk Grove Village, IL 60007; 
Secondary address: QTS Data Center, 44874 Moran Road, Sterling, VA 
20166.

SYSTEM MANAGER(S):
    Director, Enterprise Solutions and Integration Defense Civilian 
Personnel Advisory Service, 4800 Mark Center Drive, Suite 06E22, 
Arlington, VA 22350-6000, Email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. Chapter 11, Office of Personnel Management; 5 U.S.C. 
Chapter 13, Special Authority; 5 U.S.C. Chapter 29, Commissions, Oaths, 
Records, and Reports; 5 U.S.C. Chapter 31, Authority for Employment; 5 
U.S.C. Chapter 33, Examination, Selection, and Placement; 5 U.S.C. 
Chapter 41, Training; 5 U.S.C. Chapter 43, Performance Appraisal; 5 
U.S.C. Chapter 51, Classification; 5 U.S.C. Chapter 53, Pay Rates and 
Systems; 5 U.S.C. Chapter 55, Pay Administration; 5 U.S.C. Chapter 61, 
Hours of Work; 5 U.S.C. Chapter 63, Leave; 5 U.S.C. Chapter 72, 
Antidiscrimination; Right to Petition Congress; 5 U.S.C. 7201, 
Antidiscrimination Policy; minority recruitment program; 5 U.S.C. 
Chapter 75, Adverse Actions; 5 U.S.C. Chapter 83, Retirement; 5 U.S.C. 
Chapter 84, Federal Employees' Retirement System, Antidiscrimination 
Policy; minority recruitment program; 10 U.S.C. 136, Under Secretary of 
Defense for Personnel and Readiness; E.O. 9830, Amending the Civil 
Service Rules and Providing for Federal Personnel Administration, as 
amended; 29 CFR part 1614.601, EEO Group Statistics; and E.O. 9397 
(SSN), as amended.

PURPOSE(S) OF THE SYSTEM:
    Data within DCHRMS is used to maintain a System of Records 
providing human resource information and system support for the DoD 
civilian workforce worldwide that manages the HR processing and 
reporting, including position, compensation and benefits, and 
performance management, as well as create efficiencies in Human Capital 
Management. Data within the Corporate Management Information System 
data warehouse is also used for analysis in order to meet Congressional 
and Federal reporting requirements.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Civilian employees and job applicants selected for civilian 
appropriated/non-appropriated fund (NAF), local nationals, and National 
Guard civilian technician positions in the DoD.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Personal information including name, date of birth, place of birth, 
citizenship, gender, marital status, DoD identification number (DoD 
ID), Social Security Number (SSN), employee number, emergency contact 
information (contact person's name, home phone, work phone, cell phone, 
email address), employee work email address, employee phone numbers to 
include home, work, pager, fax and mobile; security clearance 
information; ethnicity and race; disability code; and foreign language 
capability. Position authorization and control information; position 
data and performance elements; personnel data and projected suspense 
information for personnel actions; pay, benefits, and entitlements 
data. Historical information on employees, including job experience, 
education, training, and training transaction data; performance plans, 
interim appraisals, final appraisals,

[[Page 4951]]

closeouts and ratings; professional accounting or other certifications 
or licenses; awards information and merit promotion information; 
separation and retirement data; civilian deployment information, and 
adverse and disciplinary action data. In addition, the Corporate 
Management Information System data (which is comprised of each employee 
current and historical record, to include all person, assignment, 
position, and personnel actions/updates) will be maintained and 
refreshed for agencies' historical and congressional reporting 
purposes.

RECORD SOURCE CATEGORIES:
    Resumes, applicant record, Standard Form (SF) 181, Ethnicity and 
Race Identification, SF 256, ``Self-Identification of Disability,'' SF 
144, ``Statement of Prior Federal Service''; OF 306, ``Declaration for 
Federal Employment''; DD 214, ``Certificate of Release or Discharge 
from Active Duty''; SF 813, ``Verification of a Military Retiree's 
Service In Non Wartime Campaigns or Expeditions''; SF 15, ``Application 
for 10-Point Veteran Preference''; SF 52, ``Request for Personnel 
Action''; SF 50, ``Notification of Personnel Action''; SF 61, 
``Appointment Affidavit''; DD X739, ``Civilian Employee's Military 
Reserve, Guard, or Retiree Data''; DD 2888, ``DoD Critical Acquisition 
Position Service Agreement''; DD 2889, ``DoD Critical Acquisition 
Position Service Agreement Key Leadership Position (KLP)''; DD 2365, 
``DoD Expeditionary Civilian Agreement: Emergency-Essential Positions 
and Non-Combat Essential Positions''; DD 3031, ``Department of Defense 
Senior Executive Service Probation Period''; SF 2809, ``Employees' 
Health Benefits Election''; SF 2817, ``Federal Employees' Retirement 
System Election''; SF 75, ``Request for Preliminary Employment Data''; 
employee or supervisor generated training requests; human resources 
generated records; employee generated data recorded as self-certified; 
and other employee or supervisor generated records. Data is also 
received from various interfaces with systems including, the Joint 
Personnel Adjudication System; Fourth Estate Manpower Tracking System; 
Defense Civilian Payroll System; the Air Force Manpower Programming and 
Execution System; NAF Payroll; Thrift Savings Plan hardship; 
Interactive Voice Recognition System; USA Staffing; and employee 
completed training data provided by respective Component agencies.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act of 1974, as amended, these records contained 
herein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    a. To the Equal Employment Opportunity Commission for the purpose 
of providing Equal Employment Opportunity group statistics in 
accordance with 29 CFR part 1614.601, EEO Group Statistics.
    b. To the Office of Personnel Management (OPM) for the purpose of 
addressing civilian pay and leave, benefits, retirement deduction, and 
any other information necessary for the OPM to carry out its legally 
authorized government-wide personnel management functions and studies.
    c. To educational institutions and commercial training providers 
for the purpose of selecting and registering applicants approved by a 
DoD component to attend a specified program, and, when applicable, to 
provide for payment.
    d. To contractors responsible for performing or working on 
contracts for the DoD when necessary to accomplish an agency function 
related to this System of Records. Individuals provided information 
under this routine use are subject to the same Privacy Act requirements 
and limitations on disclosure that apply to DoD officers and employees.
    e. To the appropriate Federal, State, local, territorial, tribal, 
foreign, or international law enforcement authority or other 
appropriate entity where a record, either alone or in conjunction with 
other information, indicates a violation or potential violation of law, 
whether criminal, civil, or regulatory in nature.
    f. To any component of the Department of Justice, for the purpose 
of representing the DoD, or its components, officers, employees, or 
members in pending or potential litigation to which the record is 
pertinent.
    g. In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body or official, when the DoD or other 
Agency representing the DoD determines that the records are relevant 
and necessary to the proceeding; or in an appropriate proceeding before 
an administrative or adjudicative body when the adjudicator determines 
the records to be relevant to the proceeding.
    h. To the National Archives and Records Administration for the 
purpose of records management inspections conducted under the authority 
of 44 U.S.C. 2904 and 2906.
    i. To a Member of Congress or staff acting upon the Member's behalf 
when the Member or staff requests the information on behalf of, and at 
the request of, the individual who is the subject of the record.
    j. To appropriate agencies, entities, and persons when (1) the DoD 
suspects or has confirmed that there has been a breach of the System of 
Records; (2) the DoD has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the DoD 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the DoD's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    k. To another Federal agency or Federal entity, when the DoD 
determines that information from this System of Records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic storage media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by name, DoD ID, or SSN.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    DCHRMS records are retained for 25 years after an individual 
separates from the government and then the records are purged; 
Corporate Management Information System records are cutoff and 
destroyed when no longer needed for business use.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records are accessed and or maintained in areas accessible only to 
authorized personnel who are properly screened, cleared, and trained. 
Common Access Cards (CACs) are employed to ensure access is limited to 
authorized

[[Page 4952]]

personnel only. Role based access is used to ensure HR Personnel and 
system administrators have access to only the records they are entitled 
to see. Employees are able to access and view only their records and 
update certain personal information to them via two-factor 
authentication or CAC. Additional technical controls include encryption 
of data at rest and in transit, firewall, virtual private network, 
intrusion detection system, DoD Public Key Infrastructure Certificates, 
and least privilege access. Security systems and or security guards 
protect buildings where records are accessed or maintained. Additional 
physical access controls include, biometric access systems, multiple 
layers of locked access control doors and mantraps, closed-circuit 
television, and physical intrusion alarms.

RECORD ACCESS PROCEDURES:
    Individuals seeking access to records about themselves contained in 
this system should address written inquiries to the Office of the 
Secretary of Defense/Joint Staff, Freedom of Information Act Requester 
Service Center, Office of Freedom of Information, 1155 Defense 
Pentagon, Washington, DC 20301-1155. Signed written requests should 
contain name and number of this System of Records Notice along with the 
individuals' full name, date of birth, SSN, and or DoD ID, and dates of 
employment (or approximate), and last employing agency. In addition, 
the requester must provide either a notarized statement or an unsworn 
declaration made in accordance with 28 U.S.C. 1746, in the following 
format:
    If executed outside the United States: ``I declare (or certify, 
verify, or state) under penalty of perjury under the laws of the United 
States of America that the foregoing is true and correct. Executed on 
(date). (Signature).''
    If executed within the United States, its territories, possessions, 
or commonwealths: ``I declare (or certify, verify, or state) under 
penalty of perjury that the foregoing is true and correct. Executed on 
(date). (Signature).''

CONTESTING RECORD PROCEDURES:
    The DoD rules for accessing records, for contesting contents, and 
for appealing initial agency determinations are contained in 32 CFR 
part 310, or may be obtained from the system manager.

NOTIFICATION PROCEDURES:
    Individuals seeking to determine whether information about 
themselves is contained in this system should address written inquiries 
to the Defense Civilian Personnel Advisory Service, 4800 Mark Center 
Drive, Suite 06E22, Arlington, VA 22350-6000. Signed written requests 
should contain individual's full name, date of birth, SSN, and or DoD 
ID, last employing agency, and dates of employment (or approximate). In 
addition, the requester must provide either a notarized statement or an 
unsworn declaration made in accordance with 28 U.S.C. 1746, in the 
following format:
    If executed outside the United States: ``I declare (or certify, 
verify, or state) under penalty of perjury under the laws of the United 
States of America that the foregoing is true and correct. Executed on 
(date). (Signature).''
    If executed within the United States, its territories, possessions, 
or commonwealths: ``I declare (or certify, verify, or state) under 
penalty of perjury that the foregoing is true and correct. Executed on 
(date). (Signature).''

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    November 15, 2010, 75 FR 69642.

[FR Doc. 2020-01431 Filed 1-27-20; 8:45 am]
 BILLING CODE 5001-06-P