[Federal Register Volume 86, Number 8 (Wednesday, January 13, 2021)]
[Notices]
[Pages 2677-2681]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-28887]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES


Privacy Act of 1974; System of Records

AGENCY: National Institutes of Health (NIH), Department of Health and 
Human Services (HHS).

ACTION: Notice of a Modified System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the requirements of the Privacy Act of 
1974, as amended, the Department of Health and Human Services is 
updating and renaming an existing system of records maintained by the 
National Institutes of Health (NIH), 09-25-0165, ``National Institutes 
of Health (NIH) Office of Loan Repayment and Scholarship (OLRS) Record 
System, HHS/NIH/OD'' (to be renamed ``NIH Loan Repayment Records''). In 
a separate Notice of Proposed Rulemaking (NPRM) published elsewhere in 
today's Federal Register, HHS/NIH is proposing to exempt a subset of 
records in the system of records from certain requirements of the 
Privacy Act, based on subsection (k)(5) of the Privacy Act.

DATES: The comment period for this modified System of Records Notice 
(SORN) is co-extensive with the 60-day comment period provided in the 
companion NPRM also published in today's Federal Register. Written 
comments on the SORN should be submitted on or before March 15, 2021. 
The modified SORN will be applicable when the proposed exemptions are 
made effective by publication of a Final Rule, which will not occur 
until after the 60-day comment period ends and any comments received on 
the NPRM (or on this SORN) have been addressed.

ADDRESSES: You may submit comments, identified by the Privacy Act 
System of Records Number (09-25-0165), by any of the following methods: 
Email: [email protected] and include Privacy Act System of Record 
(PA SOR) number (09-25-0165) in the subject line of the message. Phone: 
(301) 402-6201. Fax: (301) 402-0169. Mail or hand-delivery: NIH Privacy 
Act Officer, Office of Management Assessment, National Institutes of 
Health, 6011 Executive Blvd., Suite 601, MSC 7669, Rockville, MD 20852. 
Comments received will be available for public inspection at this same 
address from 9 a.m. to 3 p.m., Monday through Friday, except federal 
holidays. Please call 301-496-4606 for an appointment.

FOR FURTHER INFORMATION CONTACT:  General questions about the proposed 
modified system of records may be submitted to Celeste Dade-Vinson, NIH 
Privacy Act Officer, Office of Management Assessment, Office of the 
Director, National Institutes of Health (NIH), 6011 Executive Blvd., 
Suite 601, MSC 7669, Rockville, MD 20852, or telephone 301 402-6201.

SUPPLEMENTARY INFORMATION: This system of records (hereafter referred 
to as the ``NIH Loan Repayment Records''), covers records maintained in 
a particular NIH information technology (IT) system managed by NIH's 
Division of Loan Repayment (DLR) that are used to manage and evaluate 
the intramural and extramural educational Loan Repayment Programs (LRP) 
at NIH. As of the date of this publication, there are eight such 
programs that provide student loan repayments for qualified individuals 
who agree to conduct biomedical and behavioral research; recipients 
include NIH employee researchers as well as scientists conducting 
research at non-profit organizations outside NIH. Scholarship program 
records at NIH are now covered by the following NIH SORNs, so are 
omitted from modified SORN 09-25-0165:

 09-25-0014--Clinical Research: Student Records, HHS/NIH/OD/
OIR/OE
 09-25-0108--Personnel: Guest Researchers, Special Volunteers, 
and Scientists Emeriti, HHS/NIH/OHRM
 09-25-0140--International Scientific Researchers in Intramural 
Laboratories, ORS/DIRS
 09-25-0158--Administration Records of Applicants and Awardees 
of the Intramural Research Training Awards Program, HHS/NIH/OD/OE

    The System of Records Notice (SORN) for System 09-25-0165 has been 
reformatted in accordance with OMB Circular A-108 and updated with 
these changes:
     System name. The system name has been changed from 
``National Institutes of Health (NIH) Office of Loan Repayment and 
Scholarship Records system, HHS/NIH/OD'' to ``NIH Loan Repayment 
Records.''
     Throughout the SORN. References to scholarship program 
records have been omitted; for example, the abbreviation ``LRSPs'' is 
now ``LRPs.''
     System Location and System Manager. Office names and 
addresses have been updated.
     Authority. This section has been updated to remove all 
authorities

[[Page 2678]]

previously cited, except 42 U.S.C. 288-1 and 288-2, and to cite 31 
U.S.C. 7701 as authorizing collection of applicants' social security 
numbers (SSNs).
     Purposes. The purpose descriptions have been reorganized, 
so that the three purposes in the previously published SORN are now 
within the first purpose description in the modified SORN. The first 
purpose description is now more detailed. Two new purposes have been 
added to indicate that records are used to evaluate the long-term 
impact of the LRP on scientists' research career development and to 
execute LRP ambassador and alumni activities.
     Categories of Individuals. This section now includes more 
categories of individuals. In addition to loan applicants and awardees, 
it now also includes appointees to the LRP ambassador program, alumni 
of the LRP, and NIH staff. A note has been added at the end of this 
section explaining that reviewers who make recommendations to DLR about 
applicants for loan repayment are not included as subject individuals 
because their personal identifiers are not used to retrieve records in 
this system of records.
     Categories of Records. Information compiled in the NIH 
Loan Repayment system remains the same, but the records description in 
the SORN is now separated into two categories of records (award 
information and pre-award information) and arranged to indicate whether 
one or both categories apply to each type of individual. A sentence has 
been added to clarify the scope of the SORN, so that it does not 
duplicate related SORNs.
     Routine Uses.
    [cir] No substantive changes were made to the first three routine 
uses.
    [cir] Routine use 4 (authorizing disclosures to contractors and 
subcontractors) has been revised to include additional recipients--
consultants, volunteers, awardees, and other agencies engaged by HHS--
and to describe more broadly the purposes for which they might be 
engaged by HHS and require access to records in this system of records. 
The previous description was limited to ``collecting, compiling, 
aggregating, analyzing, or refining records in the system.''
    [cir] Routine use 5's language has been updated for clarity, but 
the scope has not been substantively changed.
    [cir] Routine use 6 still authorizes disclosures to the National 
Student Clearinghouse, but no longer covers disclosures to consumer 
reporting agencies for purposes of vetting loan applications, because 
such disclosures are inapplicable to this system of records.
    [cir] Debt collection related routine uses (numbered 7 through 15 
in the previously published SORN) and a separate section titled 
``Disclosure to Consumer Reporting Agencies'' have been deleted because 
they are no longer applicable to this system of records.
    [cir] The routine use that was numbered as 16 in the previously 
published SORN (authorizing disclosures to officials or representatives 
of grantee institutions) is now numbered as 7 in the modified SORN and 
has not been changed.
    [cir] The routine use that was numbered as 17 in the previously 
published SORN (pertaining to the scholarship programs) is no longer 
relevant to this system of records and has been deleted.
    [cir] The routine use that was numbered as 18 in the previously-
published SORN (authorizing disclosures to HHS contractors and 
subcontractors for the purpose of recruiting, screening, and matching 
health professionals for NIH employment in qualified research positions 
under the loan and scholarship programs) is now encompassed within the 
scope of revised routine use 4.
    [cir] Routine uses 8 through 11 are new.
    [cir] The two breach response-related routine uses which were added 
by a partial modification published at 83 FR 6591 (Feb. 14, 2018) are 
now numbered as 12 and 13.
     Storage. This section has been updated to provide examples 
of electronic media currently used for storage such as mobile or 
portable storage devices like laptops, smart phones, and DVDs, and to 
omit microfiche, tape, and discs.
     Retrieval. This section has been updated to include an 
additional personal identifier, NIH Electronic Research Administration 
(eRA) Commons identification number, which can be used to retrieve 
records about individuals registered in Commons (an online interface 
where signing officials, principal investigators, trainees and 
Postdoctoral researchers at institutions/organizations can access and 
share administrative information relating to research grants).
     Retention. This section has been updated to identify 
National Archives and Records Administration (NARA) General Records 
Schedules 1.1.010 and 2.4.090, instead of an NIH records control 
schedule, as the applicable disposition authority. The disposition 
periods and practices remain the same, except that two additional 
retention periods have been added: ``Grantee applicant case files are 
destroyed six years after disapproval or withdrawal of the associated 
application'' and ``NIH is authorized to retain electronic records of 
applicants until the agency's business needs cease, to help facilitate 
follow up assessment regardless of award status.''
     Safeguards. This section has been updated to reflect 
current safeguards.
     Exemptions. This section now reflects that the system of 
records is exempt from the access, amendment, and accounting of 
disclosures requirements of the Privacy Act to the extent that 
compliance with those requirements would reveal the identity of a 
source who furnished information to the Federal Government under an 
express promise that the identity of the source would be held in 
confidence. The exemptions protect reviewers who make recommendations 
to DLR about loan repayment applicants from being subject to threats, 
bribery, intimidation, retaliation, and any other form of improper 
influence that may cause bias during the review and award processes. 
Reviewers include peer reviewers, referees, and other recommenders.
    Because these changes are significant, a report on the modified 
system of records has been sent to the Office of Management and Budget 
(OMB) and Congress in accordance with 5 U.S.C. 552a(r).

    Dated: November 19, 2020.
Alfred Johnson,
Deputy Director for Management, National Institutes of Health.

SYSTEM NAME AND NUMBER:
    NIH Loan Repayment Records, 09-25-0165.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Division of Loan Repayment, Office of Extramural Research, Office 
of the Director (OD), National Institutes of Health (NIH), 6700B 
Rockledge Drive, Suite 2300, Bethesda, MD, 20892.

SYSTEM MANAGER(S):
    Director, Division of Loan Repayment, Office of Extramural 
Research, Office of the Director, National Institutes of Health, 6700B 
Rockledge Drive, Suite 2300, Bethesda, MD, 20892. Telephone number: 
866-849-4047. Email: [email protected].

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The legal authority to maintain these records is 42 U.S.C. 288-1 
and 288-2. Section 7701 of Title 31 U.S.C. authorizes collection of 
Social Security Numbers.

PURPOSE(S) OF THE SYSTEM:
    The records are used by NIH's Division of Loan Repayment for the 
following purposes:

[[Page 2679]]

    (1) To manage intramural and extramural educational Loan Repayment 
Programs (LRPs) at NIH; specifically to:
     Identify and select applicants for the NIH LRPs;
     Verify applicants' information and program eligibility;
     Select LRP awardees and administer their LRP contracts or 
awards, including checking research service verifications (receiving 
institutional certifications that awardees are performing the research 
project/work proposed in their application), continued employment, and 
continued financial and program eligibility; and
     Monitor loan repayment activities, such as payment 
tracking, payment verifications, loan statuses, and loan default.
    (2) To evaluate the LRP programmatic goals and the long-term impact 
of the LRP on scientists' research career development.
    (3) To execute LRP ambassador and alumni activities, the three 
goals of which are to a) advocate to interested parties about the 
benefits of choosing a biomedical research career, b) advise current 
and future potential LRP applicants and policy makers regarding the 
benefits of the LRP, and c) mentor current and future potential LRP 
applicants regarding strategies for applying to the LRP.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The records are about the following categories of individuals 
(these are the only individuals whose personal identifiers are used to 
retrieve records from this system of records):
    1. Applicants for, or awardees of, the NIH Loan Repayment Programs 
(LRPs).
    2. Applicants for, or appointees as, ambassador of the NIH LRP.
    3. Alumni of the NIH LRP.
    Reviewers who provide materials and recommendations to DLR about 
applicants are not included as subject individuals, because records are 
not retrieved by their names or other personal identifiers.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system includes a variety of pre-award and award management 
records that contain information needed to process applications and 
manage loan repayment awards across the award lifecycle. Listed below 
are the categories of individuals mentioned above, matched with the 
records collected about them:
    1. Applicants to the NIH LRP--pre-award information;
    2. Awardees of NIH LRPs--pre-award and post-award information;
    3. LRP applicants and awardees as appointees to the LRP ambassador 
program--pre-award and post-award information;
    4. Appointees to the LRP ambassador program or LRP Ambassadors- 
professional description and contact information;
    5. Alumni of the NIH LRP--pre-award and post-award information.
    Note that NIH may maintain some of the same records in more than 
one IT system and has opted to create a separate SORN for each IT 
system. This SORN covers records in the NIH IT system managed by NIH's 
Division of Loan Repayment.
    Pre-award information includes the (1) LRP application and (2) 
associated forms. It consists of name; address; Social Security 
Numbers; NIH Commons ID Number; non-LRP-program service pay-back 
obligations; employment data; personal, professional, and demographic 
background information; academic and research descriptions and progress 
reports (which can include related data, correspondence, and 
professional performance information such as continuing education, 
performance awards, and adverse or disciplinary actions); financial 
data including account names and financial account numbers, loan 
balances, deferment, forbearance, and payment status information; 
commercial credit reports; recommendation letters; and peer review-
related information such as application scores, reviewer critiques, 
summary statements, and express promises of confidentiality to 
reviewers who render scores or critiques.
    Award management information consists of items such as (1) 
certifications and verifications of continued employment status; (2) 
financial information such as obligated award amounts, awardee 
financial reports, ongoing loan balances, loan repayment tracking and 
verifications, and any financial or credit information that represents 
a change from that reported in the application that occurs during the 
award or contract; (3) quarterly research service certifications; and 
(4) any change in award/contract management or status.

RECORD SOURCE CATEGORIES:
    Information included in this system of records is collected 
directly from the applicants and awardees, and from reviewers, mentors, 
supervisors, institutional business officials, participating lending 
and loan servicing institutions, educational and awardee institutions, 
other federal agencies, consumer reporting agencies, credit bureaus, 
the National Student Clearinghouse, third parties that provide 
references concerning applicants, and commercial residential address 
databases which are used to find or verify current home addresses.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    Records about an individual may be disclosed from this system of 
records to parties outside HHS, without the individual's prior written 
consent, for the following purposes:
    1. To a congressional office from the record of an individual in 
response to an inquiry from the congressional office made at the 
written request of the individual.
    2. To the Department of Justice (DOJ) or to a court or other 
adjudicative body in litigation or other proceedings when:
     HHS or any component thereof or another participating 
agency; or
     any employee of HHS or of another participating agency in 
the employee's official capacity; or
     any employee of HHS in the employee's individual capacity 
where the DOJ, HHS, or participating agency has agreed to represent the 
employee; or
     the United States, if it is a party to or has a direct and 
substantial interest in the proceeding and the disclosure of such 
records is deemed by HHS to be relevant and necessary to the 
proceeding.
    3. When a record on its face, or in conjunction with other records, 
indicates a violation or potential violation of law, whether civil, 
criminal, or regulatory in nature, and whether arising by general 
statute or particular program statute, or by regulation, rule, or order 
issued pursuant thereto, disclosure may be made to the appropriate 
public authority, whether federal, foreign, state, local, tribal, or 
otherwise responsible for enforcing, investigating, or prosecuting the 
violation or charged with enforcing or implementing the statute, rule, 
regulation, or order issued pursuant thereto.
    4. To appropriate federal agencies and HHS contractors, awardees, 
consultants, or volunteers who have been engaged by HHS to assist in 
the accomplishment of an HHS function relating to the purposes of this 
system of records and that need to have access to the records in order 
to assist HHS in performing the activity. Any contractor will be 
required to comply with the Privacy Act of 1974, as amended.
    5. To present and former employers, references listed on 
applications and associated forms, other references, and

[[Page 2680]]

educational institutions to evaluate an individual's professional and 
academic accomplishments, plans, performance, credentials, and 
educational background, and to determine if an applicant is suitable 
for participation in a LRP.
    6. To the National Student Clearinghouse using the Loan Locator 
internet System or similar system to assist in the verification of loan 
data submitted by LRP applicants. Disclosures are limited to the 
applicant's name, address, social security number, and other 
information necessary to identify the applicant; locate all student 
loans; verify payment addresses; identify the funding being sought or 
amount and status of the debt; and identify the program under which the 
applicant or claim is being processed.
    7. To institution officials or representatives that serve in a 
supervisory role to the awardee to support the review of an LRP 
application, or to carry out performance or administration under the 
terms and conditions of the LRP award, or to monitor, manage, and 
resolve problems that might arise in performance or administration of 
the LRP contract.
    8. To the National Archives and Records Administration (NARA) in 
records management inspections conducted under the authority of 44 
U.S.C. 2904 and 2906.
    9. To a federal, state, local or tribal agency in response to its 
request in connection with the hiring or retention of an employee, the 
issuance or retention of a security clearance, the reporting of an 
investigation of an employee, the letting of a contract, or the 
issuance or retention of a license, grant, cooperative agreement, loan 
repayment, or other benefit by the requesting agency, to the extent 
that the record is relevant and necessary to the requesting agency's 
decision in the matter. The other agency or licensing organization may 
then make a request supported by the written consent of the individual 
for further information if it so chooses. HHS will not make an initial 
disclosure unless the information has been determined to be 
sufficiently reliable to support a referral to another office within 
the agency or to another federal agency for criminal, civil, 
administrative, personnel, or regulatory action.
    10. To qualified experts, not within the definition of agency 
employees as prescribed in agency regulations or policies, to obtain 
their opinions on applications for loans or other awards as part of the 
peer review process.
    11. To the Department of the Treasury (Treasury) for purposes of 
verifying payment eligibility affecting loan reimbursement payments, 
including under a computer matching agreement between HHS and Treasury 
for disbursement-related purposes authorized by 31 U.S.C. 3321 note and 
Executive Order 13520, if the matching program requires data from this 
system of records.
    12. To appropriate agencies, entities, and persons when (1) HHS 
suspects or has confirmed that there has been a breach of the system of 
records; (2) HHS has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, HHS (including 
its information systems, programs, and operations), the federal 
government, or national security; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with HHS's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm.
    13. To another federal agency or federal entity, when HHS 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the federal government, or national security, resulting from a 
suspected or confirmed breach.
    NIH may also disclose information about an individual, without the 
individual's prior written consent, from this system of records to 
parties outside HHS for any of the purposes authorized directly in the 
Privacy Act at 5 U.S.C. 552a(b)(2) and (b)(4)-(11).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are stored in various electronic media (secure servers and 
mobile/portable storage devices, such as laptops, tablets, Universal 
Serial Bus (USB) drives, media cards, portable hard drives, smart 
phones, Compact Disc (CD)s and Digital Versatile Disc (DVD)s) and in 
paper form.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by the subject individual's name, social 
security number, loan repayment number, or NIH eRA Commons ID number 
for LRP awardees.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of under the authority of NARA 
General Records Schedules 1.1.010, Financial transactions records 
related to procuring goods and services, paying bills, collecting 
debts, and accounting; and 2.4.090, Incentive package records. 
Participant case files are transferred to a federal records center one 
year after closeout and destroyed five years later. Closeout is the 
process by which it is determined that all applicable administrative 
actions and disbursements of benefits have been completed by the NIH's 
DLR and that all service obligations have been completed by the 
participant. NIH staff case files are destroyed three years after 
disapproval or withdrawal of the application. Applicant case files are 
destroyed six years after disapproval or withdrawal of the application. 
In accordance with both NARA General Records Schedules 1.1.010 and 
2.4.090, NIH may retain certain electronic records about applicants 
indefinitely, until the agency's business needs cease, to help 
facilitate follow up assessment of applicants regardless of their award 
status.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Measures to prevent unauthorized disclosures are implemented as 
appropriate for each location or form of storage and for the types of 
records maintained. Safeguards conform to the HHS Information Security 
and Privacy Program, https://www.hhs.gov/ocio/securityprivacy/index.html. Site(s) implement personnel and procedural safeguards such 
as the following:
    Authorized Users: Access is strictly limited according to the 
principle of least privilege which means giving a user only those 
privileges which are essential to that user's work.
    Administrative Safeguards: Controls to ensure proper protection of 
information and information technology systems include the completion 
of a Security Assessment and Authorization (SA&A), a Privacy Impact 
Assessment (PIA), and completion of annual NIH Information Security and 
Privacy Awareness training. The SA&A consists of a Security 
Categorization, e-Authentication Risk Assessment, System Security Plan, 
evidence of Security Control Testing, Plan of Action and Milestones, 
Contingency Plan, and evidence of Contingency Plan Testing. When the 
design, development, or operation of a system of records about 
individuals is required to accomplish an agency function, DLR includes 
the

[[Page 2681]]

applicable Privacy Act Federal Acquisition Regulation (FAR) clauses in 
the solicitations and contracts.
    Physical Safeguards: Controls to secure the data and protect paper 
and electronic records, buildings, and related infrastructure against 
threats associated with their physical environment include the use of 
the HHS Employee ID or badge number and NIH key cards, security guards, 
cipher locks, biometrics, and closed-circuit TV. Paper records are 
secured in locked file cabinets, offices and facilities. Electronic 
media are kept on secure servers or computer systems.
    Technical Safeguards: Controls executed by the computer system are 
employed to minimize the possibility of unauthorized access, use, or 
dissemination of the data in the system. Examples include user 
identification, password protection, firewalls, virtual private 
network, encryption, intrusion detection system, common access cards, 
smart cards, biometrics and public key infrastructure.

RECORD ACCESS PROCEDURES:
    This system of records is exempt from access under the Privacy Act 
to the extent that providing access to a subject individual would 
reveal the identity of a source who furnished information to the 
Federal Government under an express promise that the identity of the 
source would be held in confidence. However, DLR will consider all 
access requests addressed to the System Manager. To request access to a 
record about you, write to the System Manager at the address identified 
above, and reasonably specify the record contents sought. The request 
should include (a) your full name, (b) your address, (c) the 
approximate date(s) the information was collected, (d) the type(s) of 
information collected, and (e) the office(s) or official(s) responsible 
for the collection of information. You may also request an accounting 
of disclosures, if any, that have been made of any records maintained 
about you.
    You must verify your identity by providing either (a) a 
notarization of your signed request or (b) a written statement 
certifying under penalty of perjury that you are the individual who you 
claim to be, and that you understand that the knowing and willful 
request for a record pertaining to an individual under false pretenses 
is a criminal offense under the Privacy Act, subject to a fine of up to 
five thousand dollars.

CONTESTING RECORD PROCEDURES:
    This system of records is exempt from the amendment provisions of 
the Privacy Act to the extent that responding to an amendment request 
would reveal the identity of a source who furnished information to the 
Federal Government under an express promise that the identity of the 
source would be held in confidence. However, DLR will consider all 
amendment requests addressed to the System Manager. To contest 
information in a record about you, write to the System Manager 
identified above, provide the same information required for an access 
request, and verify your identity in the manner required for an access 
request. Reasonably identify the record and specify the information 
contested, state the corrective action sought and the reason(s) for 
requesting the correction, and include any supporting documentation. 
The right to contest records is limited to information that is 
factually inaccurate, incomplete, irrelevant, or untimely (obsolete).

NOTIFICATION PROCEDURES:
    This system of records is not exempt from the notification 
provisions of the Privacy Act. To request notification of whether this 
system of records contains a record about you, you must make a written 
request to System Manager identified above, provide the same 
information required for an access request, verify your identity in the 
manner required for an access request, and include the name and number 
of this system of records.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    The records in this system of records constitute investigatory 
material compiled solely for the purpose of determining suitability, 
eligibility, or qualifications for federal contracts pursuant to 5 
U.S.C. 552a(k)(5). The system of records is exempt from the access, 
amendment, and accounting of disclosures requirements of the Privacy 
Act, at 5 U.S.C. 552a(c)(3) and (d)(1) through (4), to the extent that 
compliance with those requirements would reveal the identity of a 
source who furnished information to the Federal Government under an 
express promise that the identity of the source would be held in 
confidence.

HISTORY:
    67 FR 6043 (Feb. 8, 2002), 83 FR 6591 (Feb. 14, 2018).

[FR Doc. 2020-28887 Filed 1-12-21; 8:45 am]
BILLING CODE 4140-01-P