[Federal Register Volume 85, Number 175 (Wednesday, September 9, 2020)]
[Notices]
[Pages 55698-55700]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-19821]


-----------------------------------------------------------------------

NATIONAL CAPITAL PLANNING COMMISSION


Privacy Act of 1974: System of Records

AGENCY: National Capital Planning Commission.

ACTION: Notice of a New System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the National 
Capital Planning Commission (NCPC or Commission) is providing notice of 
a new system of records (System of Records or Systems) titled, NCPC-5, 
General Information Technology Records System. This system consists of 
information collected in order to provide authorized individuals with 
access to NCPC information technology

[[Page 55699]]

resources. Upon adoption the new System of Records will be titled NCPC-
5, General Information Technology Records System.

DATES: This document will become effective October 9, 2020. If no 
comments are received, the proposed System of Records will become 
effective on the stated date. If comments are received, they will be 
considered, and if adopted, the document will be republished in revised 
form.

ADDRESSES: You may submit written comments on this proposed System of 
Records Notice (Notice) by either of the methods listed below.
    1. U.S. mail, courier, or hand delivery to Anne Schuyler, General 
Counsel/Privacy Act Officer/National Capital Planning Commission, 401 
9th Street NW, Suite 500, Washington, DC 20004.
    2. Electronically to [email protected].

FOR FURTHER INFORMATION CONTACT: Anne R. Schuyler, General Counsel/
Privacy Act Officer at 202-642-0591 or [email protected].

SUPPLEMENTARY INFORMATION: The routine uses of the System of Records 
provide authorized individuals access to NCPC IT resources, and to 
allow NCPC to track use of NCPC IT resources. Upon adoption, the System 
of Records will be titled NCPC- 5, General Information Technology 
Records System.
    The Privacy Act embodies fair information principles in a statutory 
framework governing the means by which the United States Government 
collects, maintains, uses, and disseminates individuals' records. The 
Privacy Act applies to information that is maintained in what is known 
as a System of Records. A System of Records is defined by the Privacy 
Act as a group of any records under the control of an agency from which 
information is retrieved by the name of the individual or by some 
identifying number, symbol, or other identifying particular assigned to 
the individual. In the Privacy Act, an individual is defined to 
encompass United States citizens and legal permanent residents. As a 
matter of policy, NCPC extends administrative Privacy Act protection to 
all individuals for Systems of Records that contain information on U.S. 
citizens, lawful permanent residents, and visitors. Individuals may 
access their own records contained in a System of Records in the 
possession or under the control of NCPC in the manner described by 
NCPC's Privacy Act Regulations found at 1 CFR part 603.
    The Privacy Act requires each agency to publish in the Federal 
Register a description of the type and character of each System of 
Records that the agency maintains and the routine uses for the records 
contained in each system. This requirement renders agency recordkeeping 
practices transparent, notifies individuals of how and why their 
respective records are used, and assists individuals in locating 
records about themselves that are maintained by the agency. This notice 
complies with the requirements of the Privacy Act regarding Systems of 
Records and sets forth below the requisite information concerning 
NCPC's General Information Technology System of Records.
    In accordance with guidance provided by the Office of Management 
and Budget (OMB), NCPC provided a report of this new Systems of Records 
to OMB, to the House Committee on Oversight and Government Reform, and 
the Senate Committee on Governmental Affairs.

SYSTEM NAME AND NUMBER:
    NCPC-5, General Information Technology Records System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    The records containing general information technology information 
are located at NCPC, 401 9th Street NW, Suite 500 North, Washington, DC 
20004.

SYSTEM MANAGERS:
    For records indicated in the System Location above, information 
about the system manager can be obtained from NCPC's Director, Office 
of Administration, (202) 482-7200.

AUTHORITY FOR THE SYSTEM:
    44 U.S.C. Chapter 3101.

PURPOSE OF THE SYSTEM:
    The purpose of the system is to provide authorized individuals 
access to NCPC information technology resources and information 
systems.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Categories of individuals covered by this system include all 
current and former NCPC employees, contractors, and interns assigned 
government-owned assets (e.g., laptop computers, communication 
equipment, and other assets).

CATEGORIES OF RECORDS IN THE SYSTEM:
    Categories of records maintained in this system include: 
Individual's name; Email address; Division; Office location; Office 
telephone number; Records on access to NCPC information systems 
including user ID and passwords; Logs of activity of NCPC IT resources; 
IP address of access; Logs of internet activity; and Email addresses of 
senders and recipients.

RECORD SOURCE CATEGORIES:
    Records are generated from account request forms submitted by 
Division Directors on behalf of new employees, contractors, and 
interns. Records are also discovered automatically using IT asset 
management tools and audit log and monitoring tools.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USE:
    NCPC uses records in this system to assign unique electronic user 
accounts for employees, contractors, and interns to access NCPC 
information systems. The records are also used to track and monitor 
user activity and use of NCPC IT resources.
    See, Appendix I for other ways the Privacy Act permits NCPC to 
disclose system records outside the agency.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    NCPC stores records electronically in its computer system or on 
paper in secure facilities such as a locked office or file cabinet. The 
records may be stored on magnetic disc, tape, digital media, and paper.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by an individual's name; general contact 
information, such as email addresses; office number; office division; 
unique user ID; or IP address.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained until an individual separates from the agency; 
or as otherwise prescribed under record schedules and procedures issued 
or approved by the National Archives and Records Administration (NARA).

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Access to records is restricted to NCPC IT administrators whose 
responsibilities include logical access and maintenance of the NCPC 
network and IT resources. Paper records are maintained in locked 
offices or file cabinets. Access to electronic records is controlled by 
use of a personal identity verification (PIV) ID card to the NCPC 
network and a ``user ID'' and password combination to the account 
management application.
    NCPC's offices are located in a public building guarded and 
monitored by security personnel, cameras, ID check, and other physical 
security measures.

[[Page 55700]]

NCPC's office suite is accessed by means of an electronic key card 
system (employees) and clearance by an office receptionist (visitors). 
Visitors must sign-in, wear an identification badge, and be escorted by 
NCPC personnel during their visit to other than public portions of the 
office (public portions include the Commission chambers and adjacent 
meeting room). NCPC's suite entrances are also monitored by electronic 
surveillance.
    Records processed, stored or transmitted and used by contractors 
are protected by controls implemented by the vendor pursuant to terms 
incorporated into its contract with NCPC.

RECORD ACCESS PROCEDURES:
    Individuals seeking access to a record pertaining to them in the 
System of Records described herein shall follow the procedures in set 
forth in NCPC's Privacy Act Regulations contained in 1 CFR part 603. 
The request should be directed to: NCPC Privacy Act Officer, National 
Capital Planning Commission, 401 9th Street NW, Suite 500, Washington, 
DC 20004.

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest the content of a record contained in 
the System of Records described in this Notice shall follow the 
procedures set forth in Record Access Procedures above.

NOTIFICATION PROCEDURES:
    Individuals seeking to determine if the System of Records described 
in this Notice contains a record pertaining to him/her shall follow the 
procedures set forth in Record Access Procedures above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

    Dated: September 2, 2020.
Anne R. Schuyler,
General Counsel.
[FR Doc. 2020-19821 Filed 9-8-20; 8:45 am]
BILLING CODE 7502-02-P