[Federal Register Volume 85, Number 244 (Friday, December 18, 2020)]
[Notices]
[Pages 82458-82460]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-27865]


=======================================================================
-----------------------------------------------------------------------

COMMODITY FUTURES TRADING COMMISSION


Privacy Act of 1974; System of Records

AGENCY: Commodity Futures Trading Commission.

ACTION: Notice of a New System of Records.

-----------------------------------------------------------------------

SUMMARY: The Commodity Futures Trading Commission (``CFTC'' or 
``Commission'') is establishing a new system of records, CFTC-55, 
``Dental Benefits Records'' to cover records pertaining to the 
administration of CFTC's dental benefits program. This includes the 
collection and management of records relating to dental procedures 
covered under the program, enrollment and claims forms, and 
communications with CFTC employees regarding their coverage, 
eligibility data, and billing.

DATES: In accordance with 5 U.S.C. 552(e)(4) and (e)(11) this notice 
will go in to effect without further notice on December 18, 2020 unless 
otherwise revised pursuant to comments received. All routine uses will 
go in to effect on January 19, 2021. Comments must be received on or 
before January 19, 2021.

ADDRESSES: You may submit comments identified as pertaining to ``Dental 
Benefits Records'' by any of the following methods:
     CFTC website: https://comments.cftc.gov. Follow the 
instructions for submitting comments through the Comments Online 
process on the website.
     Mail: Christopher Kirkpatrick, Secretary of the 
Commission, Commodity Futures Trading Commission, Three Lafayette 
Centre, 1155 21st Street NW, Washington, DC 20581.
     Hand Delivery/Courier: Same as Mail, above.
     Federal eRulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
    Please submit your comments using only one method.
    All comments must be submitted in English, or if not, accompanied 
by an English translation. Comments will be posted as received to 
https://www.cftc.gov. You should submit only information that you wish 
to make available publicly.
    The Commission reserves the right, but shall have no obligation, to 
review, pre-screen, filter, redact, refuse, or remove any or all of a 
submission from https://www.cftc.gov that it may deem to be 
inappropriate for publication, such as obscene language. All 
submissions that have been redacted or removed that contain comments on 
the merits of the notice will be retained in the comment file and will 
be considered as required under all applicable laws, and may be 
accessible under the FOIA.

FOR FURTHER INFORMATION CONTACT: Charlie Cutshall, Chief Privacy 
Officer, [email protected], 202-418-5833, Office of the Executive 
Director, Commodity Futures Trading Commission, Three

[[Page 82459]]

Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.

SUPPLEMENTARY INFORMATION:

I. Dental Benefits Program

    As part of the Farm Security and Rural Investment Act of 2002 
(FSRIA), CFTC received authority to implement pay and benefit parity 
with other Federal Financial Regulatory Agencies in order to better 
attract and retain employees. Following a study of pay and benefits, 
CFTC implemented a new dental insurance program for employees and their 
dependents effective July 11, 2004.

II. The Privacy Act

    Under the Privacy Act of 1974, 5 U.S.C. 552a, a ``system of 
records'' is defined as any group of records under the control of a 
Federal government agency from which information about individuals is 
retrieved by name or by some identifying number, symbol, or other 
identifying particular assigned to the individual. The Privacy Act 
establishes the means by which government agencies must collect, 
maintain, and use information about an individual in a government 
system of records.
    Each government agency is required to publish a notice in the 
Federal Register in which the agency identifies and describes each 
system of records it maintains, the reasons why the agency uses the 
information therein, the routine uses for which the agency will 
disclose such information outside the agency, and how individuals may 
exercise their rights under the Privacy Act.
    In accordance with 5 U.S.C. 552a(r), CFTC has provided a report of 
this new system of records to the Office of Management and Budget and 
to Congress.

SYSTEM NAME AND NUMBER:
    Dental Benefits Records; CFTC-55.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    This system is located at the Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. 
Records maintained as part of this system of records are also located 
at site of the benefits provider.

SYSTEM MANAGER(S):
    Chief Human Capital Officer, [email protected], Office of the 
Executive Director, Commodity Futures Trading Commission, Three 
Lafayette Centre, 1155 21st Street NW, Washington, DC 20581.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The collection of this information is authorized under 7 U.S.C. 
2(a)(7) and the rules promulgated thereunder.

PURPOSE(S) OF THE SYSTEM:
    These records are collected and maintained to administer the CFTC's 
dental benefits programs for its employees and their enrolled 
dependents, and to assist in personnel management.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    CFTC employees (but not retirees) and their enrolled dependents.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records in the system may contain any or all of the following types 
of information on participating employees and their enrolled 
dependents: First name; last name; Social Security number; date of 
birth; phone number; email address; home address; member ID number; 
enrollee's employing agency; dental care procedure information 
regarding procedures performed on the individual; dental care diagnoses 
and treatments, including any prescribed drugs; and, provider charges, 
including amounts paid by the plan and amounts paid by the enrollee.

RECORD SOURCE CATEGORIES:
    Information is provided by the individual to whom the record 
pertains, the benefit provider, and staff of the Human Resources Branch 
in the Office of the Executive Director.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    These records and information in these records may be disclosed:
    (a) To contractors performing or working on a contract for the 
Federal government when necessary to accomplish an agency function.
    (b) To the appropriate Federal, State, local, territorial, Tribal, 
or foreign law enforcement authority or other appropriate entity 
charged with the responsibility for investigating or prosecuting 
violations or potential violations of law whether criminal, civil, or 
regulatory in nature, or charged with enforcing or implementing such 
law.
    (c) To the Merit Systems Protection Board or the Office of Special 
Counsel for the purpose of litigation, including administrative 
proceedings, appeals, special studies of the civil service and other 
merit systems.
    (d) To a Federal agency in response to its request in connection 
with the hiring or retention of an employee, the issuance of a security 
clearance, the reporting of an investigation of an employee, the 
letting of a contract or the issuance of a license, or a grant or other 
benefit by the requesting agency, to the extent that the information 
may be relevant to the requesting agency's decision on the matter.
    (e) To the Department of Justice or in a proceeding before a court, 
adjudicative body, or other administrative body which the agency is 
authorized to appear, when
    (1) the Commission, or any component thereof;
    (2) any employee of the Commission in his or her official capacity;
    (3) any Commission of the agency in his or her official capacity 
where the Department of Justice or the agency has agreed to represent 
the employee; or
    (4) the United States, when the Commission determines that 
litigation is likely to affect the agency or any of its components;
    Is a party to litigation or has an interest in such litigation, and 
the use of such records by the Department of Justice or the Commission 
is deemed by the agency to be relevant and necessary to the litigation 
provided, however, that in each case it has been determined that the 
disclosure is compatible with the purpose for which the records were 
collected.
    (f) To appropriate agencies, entities, and persons when (1) the 
Commission suspects or has confirmed that there has been a breach of 
the system of records; (2) the Commission has determined that as a 
result of the suspected or confirmed breach there is a risk of harm to 
individuals, the Commission (including its information systems, 
programs, and operations), the Federal Government, or national 
security; and (3) the disclosure made to such agencies, entities, and 
persons is reasonably necessary to assist in connection with the 
Commission's efforts to respond to the suspected or confirmed breach or 
to prevent, minimize, or remedy such harm.
    (g) To another Federal agency or Federal entity, when the 
Commission determines that information from this system of records is 
reasonably necessary to assist the recipient agency or entity in (1) 
responding to a suspected or confirmed breach or (2) preventing, 
minimizing, or remedying the risk of harm to individuals, the recipient 
agency or entity (including its information systems, programs, and 
operations), the Federal Government, or national security, resulting 
from a suspected or confirmed breach.

[[Page 82460]]

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in this system of records are stored electronically or on 
paper in secure facilities. Electronic records are stored on secure 
networks maintained by the Commission and benefits provider, and on 
other electronic media as needed, such as encrypted hard drives and 
back-up media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information covered by this system of records notice may be 
retrieved by a member's ID number or by an individual's name.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The Records maintained by a health care facility or dispensary 
relating to an individual patient's personal medical history, physical 
condition, or any treatment or examination thereof for non-work-related 
purposes which come to be in the CFTC's possession are maintained in 
accordance with GRS 2.7-070, DAA-GRS-2017-0010-0012 and are destroyed 
10 years after the most recent encounter.
    Records of an individual's enrollment in an agency-sponsored dental 
plan are maintained in accordance with GRS 2.2-041, DAA-GRS-2017-0007-
0005. These records are destroyed when superseded or obsolete, or upon 
separation or transfer of employee, whichever is earlier.
    Records associated with the procurement of contracted services of 
an agency-sponsored dental benefit program are coved by GRS 1.1, 010, 
DAA-GRS-2013-0003-0001 and must be maintained for 6 years after final 
payment of the contract or cancellation of the contract then must be 
destroyed. The benefits provider has implemented policies and processes 
to securely destroy records in accordance with the applicable retention 
schedule or upon instruction from the Commission.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Records are protected from unauthorized access and improper use 
through administrative, technical, and physical security measures 
employed by the CFTC and benefits provider. Administrative safeguards 
include maintenance of written policies, standards, and procedures 
reinforced by training and periodic auditing. Technical security 
safeguards include restrictions on computer access to authorized 
individuals who have a legitimate need to know the information; 
required use of strong passwords that are frequently changed; multi-
factor authentication for remote access and access to many network 
components; use of encryption for certain data types and transfers; 
firewalls and intrusion detection applications; and regular review of 
security procedures and best practices to enhance security. Physical 
safeguards include restrictions on building access to authorized 
individuals, use of security guard services, and video surveillance.

 RECORD ACCESS PROCEDURES:
    Individuals seeking to determine whether this system of records 
contains information about themselves or seeking access to records 
about themselves in this system of records should address written 
inquiries to the Office of General Counsel, Commodity Futures Trading 
Commission, Three Lafayette Centre, 1155 21st Street NW, Washington, DC 
20581. See 17 CFR 146.3 for full details on what to include in a 
Privacy Act access request.

CONTESTING RECORD PROCEDURES:
    Individuals contesting the content of records about themselves 
contained in this system of records should address written inquiries to 
the Office of General Counsel, Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See 
17 CFR 146.8 for full details on what to include in a Privacy Act 
amendment request.

NOTIFICATION PROCEDURES:
    Individuals seeking notification of any records about themselves 
contained in this system of records should address written inquiries to 
the Office of General Counsel, Commodity Futures Trading Commission, 
Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581. See 
17 CFR 146.3 for full details on what to include in a Privacy Act 
notification request.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

    Issued in Washington, DC, on December 14, 2020, by the 
Commission.
Robert Sidman,
Deputy Secretary of the Commission.
[FR Doc. 2020-27865 Filed 12-17-20; 8:45 am]
BILLING CODE 6351-01-P