[Federal Register Volume 86, Number 160 (Monday, August 23, 2021)]
[Notices]
[Pages 47089-47091]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-18025]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Office of the Secretary

[Docket ID DoD-2021-OS-0089]


Privacy Act of 1974; System of Records

AGENCY: Under Secretary of Defense for Personnel and Readiness 
(USD(P&R)), Department of Defense (DoD).

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: The USD(P&R) is establishing a new system of records titled 
``Problematic Sexual Behavior in Children and Youth (PSB-CY) 
Information System,'' DPR 50. This system of records supports operation 
of the PSB-CY Information System, which was created to satisfy a 
congressional mandate that the DoD establish a centralized database of 
information on incidents of problematic sexual behavior in children and 
youth occurring on U.S. military installations. The PSB-CY Information 
System is used to document, coordinate, and manage the continuum of 
care provided to children, youth, and their families in order to 
identity, report, respond, and intervene in incidents of PSB-CY. The 
system will also support the implementation of well-coordinated safety 
planning, support services, and referrals to specialized services when 
appropriate that will meet the complex needs of children, youth, and 
their families involved in incidents of PSB-CY.

DATES: This system of records is effective upon publication; however, 
comments on the Routine Uses will be accepted on or before September 
22, 2021. The Routine Uses are effective at the close of the comment 
period.

ADDRESSES: You may submit comments, identified by docket number and 
title, by any of the following methods:
    * Federal Rulemaking Portal: https://www.regulations.gov. Follow 
the instructions for submitting comments.
    * Mail: DoD cannot receive written comments at this time due to the 
COVID-19 pandemic. Comments should be sent electronically to the docket 
listed above.
    Instructions: All submissions received must include the agency name 
and docket number for this Federal Register document. The general 
policy for comments and other submissions from members of the public is 
to make these submissions available for public viewing on the internet 
at https://www.regulations.gov as they are received without change, 
including any personal identifiers or contact information.

FOR FURTHER INFORMATION CONTACT: Mr. Justin (JK) Kinnaman, 4000 Defense 
Pentagon, 5E604, Washington, DC 20301-4000, [email protected] or (703) 571-0104.

SUPPLEMENTARY INFORMATION:

I. Background

    Section 1089 of Public Law 115-232, ``Policy on Response to 
Juvenile-on-Juvenile Problematic Sexual Behavior Committed on Military 
Installations,'' mandates the establishment of a centralized database 
of information on incidents of problematic sexual behavior in children 
and youth on U.S. military installations. The DoD established the PSB-
CY Information System to satisfy this legal requirement. This notice 
alerts the public to the existence and operation of this new system of 
records pursuant to the Privacy Act.
    The PSB-CY Information System will capture inputs from multiple DoD 
agencies, thereby consolidating and tracking record-level information 
for each incident of PSB-CY that is reported to the Department. 
Tracking in the PSB-CY Information System will span the full life-cycle 
of an incident, consolidating and tracking the case from the time of 
report through the coordinated community response continuum of care to 
resolution and closure. The system will maintain separate records on 
both exhibiting and impacted children related to incidents of 
problematic sexual behavior in children and youth on U.S. Military 
installations. The system will also be used as a management tool for 
statistical analysis, tracking, reporting, evaluating program 
effectiveness and continuous improvement.
    DoD SORNs have been published in the Federal Register and are 
available from the address in FOR FURTHER INFORMATION CONTACT or at the 
Defense Privacy, Civil Liberties, and Transparency Division website at 
https://dpcld.defense.gov.

II. Privacy Act

    Under the Privacy Act, a ``system of records'' is a group of 
records under the control of an agency from which information is 
retrieved by the name of an individual or by some identifying number, 
symbol, or other identifying particular assigned to the individual. In 
the Privacy Act an individual is defined as a U.S. citizen or lawful 
permanent resident.
    In accordance with 5 U.S.C. 552a(r) and Office of Management and 
Budget (OMB) Circular No. A-108, the DoD has provided a report of this 
system of records to the OMB and to Congress.

    Dated: August 18, 2021.
Aaron T. Siegel,
Alternate OSD Federal Register Liaison Officer, Department of Defense.

SYSTEM NAME AND NUMBER:
    Problematic Sexual Behavior in Children and Youth (PSB-CY) 
Information System, DPR 50.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Defense Information Systems Agency (DISA), 6910 Cooper Avenue, Fort 
Meade, MD 20755; and Military Community and Family Policy (MC&FP) IT 
and Cyber Operations, 4800 Mark Center Drive, Alexandria, VA 22350-
2300.

SYSTEM MANAGER(S):
    Director, Office of Military Family Readiness Policy (OMFRP) or the 
Associate Director, Child and Youth Advocacy Program (CYAP), MC&FP, 
4800 Mark Center Drive, Alexandria, VA 22350-2300; phone: (571) 372-
4346, cell: (703) 409-8537.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    10 U.S.C. Section 1781, Office of Military Family Readiness Policy; 
Public Law (Pub. L.) 115-232, section 1089, ``Policy on Response to 
Juvenile-on-Juvenile Problematic Sexual Behavior Committed on Military 
Installations.''

PURPOSE(S) OF THE SYSTEM:
    The PSB-CY Information System is used to:
    A. Document, coordinate, and manage the continuum of care provided 
to children, youth, and their families in order to identify, report, 
respond, and intervene in incidents of PSB-CY occurring on U.S. 
military installations.
    B. Ensure and implement well-coordinated safety planning, 
treatment,

[[Page 47090]]

and support services to address smooth and uninterrupted referrals to 
specialized services in order to create and maintain safety for and 
meet the complex needs of children, youth, and their families involved 
in incidents of PSB-CY.
    C. Support statistical analysis, tracking and reporting to ensure 
continuous process improvement.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    A. Exhibiting child under the age of 18 years at the time of an 
incident of problematic sexual behavior occurring on a military 
installation.
    B. Impacted child(ren) under the age of 18 years at the time of an 
incident of problematic sexual behavior occurring on a military 
installation.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Concerning the child (to include the exhibiting child and impacted 
children): Name; age; date of birth; Social Security Numbers (SSNs); 
emergency contact data; gender/gender identification; medical 
information such as case notes, clinical assessment details, 
description of incident, risk and safety plan, substance use details at 
time of incident, clinical treatment plan. The records will also 
contain information about the parent/legal guardian of the children, 
such as name; date of birth; Department of Defense (DoD) Identification 
Number; rank/grade; marital status; work and home contact information 
(such as phone number and/or cellular phone; mailing and email 
addresses to include official duty address); military records; race/
ethnicity; and education information.

    Note:  Separate electronic records are maintained on the 
exhibiting child and impacted child(ren).

RECORD SOURCE CATEGORIES:
    Child development centers, military treatment facilities, DoD 
schools, and individuals such as parent/legal guardians, and exhibiting 
or impacted children only if their parent/legal guardian give(s) 
consent.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act of 1974, as amended, the records contained 
herein may specifically be disclosed outside the DoD as a routine use 
pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To contractors, grantees, experts, consultants, students, and 
others performing or working on a contract, service, grant, cooperative 
agreement, or other assignment for the federal government when 
necessary to accomplish an agency function related to this system of 
records.
    B. To the appropriate federal, state, local, territorial, tribal, 
or foreign, or international law enforcement authority or other 
appropriate entity where a record, either alone or in conjunction with 
other information, indicates a violation or potential violation of law, 
whether criminal, civil, or regulatory in nature.
    C. To any component of the Department of Justice for the purpose of 
representing the DoD, or its components, officers, employees, or 
members in pending or potential litigation to which the record is 
pertinent.
    D. In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body or official, when the DoD or other 
Agency representing the DoD determines that the records are relevant 
and necessary to the proceeding; or in an appropriate proceeding before 
an administrative or adjudicative body when the adjudicator determines 
the records to be relevant to the proceeding.
    E. To the National Archives and Records Administration for the 
purpose of records management inspections conducted under the authority 
of 44 U.S.C. 2904 and 2906.
    F. To a Member of Congress or staff acting upon the Member's behalf 
when the Member or staff requests the information on behalf of, and at 
the request of, the individual who is the subject of the record.
    G. To appropriate agencies, entities, and persons when (1) the DoD 
suspects of confirms a breach of the system of records; (2) the DoD 
determined as a result of the suspected or confirmed breach there is a 
risk of harm to individuals, the DoD (including its information 
systems, programs, and operations), the Federal Government, or national 
security; and (3) the disclosure made to such agencies, entities, and 
persons is reasonably necessary to assist in connection with the DoD's 
efforts to respond to the suspected or confirmed breach or to prevent, 
minimize, or remedy such harm.
    H. To another Federal agency or Federal entity, when the DoD 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    I. To such recipients and under such circumstances and procedures 
as are mandated by Federal statute or treaty.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in electronic storage media, in accordance 
with the safeguards identified in this SORN. Electronic records may be 
stored in agency-owned cloud environments; or in vendor Cloud Service 
Offerings certified under the Federal Risk and Authorization Management 
Program (FedRAMP).

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Information in this system may be retrieved by the exhibiting or 
impacted child's name and SSN.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Cut off and destroy 5 years after the end of the calendar year the 
case is closed or when a minor child reaches 23 years old.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Administrative: Backups secured off-site; encryption of backups; 
methods to ensure only authorized personnel have access to personally 
identifiable information; periodic security audits; regular monitoring 
of users' security practices. Technical: Biometrics; encryption of data 
at rest; firewall; role-based access controls; Virtual Private Network 
(VPN); Common Access Card (CAC); encryption of data in transit; 
Intrusion Detection System (IDS); DoD public key infrastructure 
certificates; least privilege access. Physical: Cipher locks; 
combination locks; key cards; security guards; Closed Circuit TV 
(CCTV); identification badges; and safes.

RECORD ACCESS PROCEDURES:
    Individuals seeking access to their records should follow the 
procedures in 32 CFR part 310. Parents and guardians of minor children 
must follow the procedures in 32 CFR 310.3(d) to obtain access to 
records of the child. These procedures require the parent or legal 
guardian to establish: (1) The identity of the individual who is the 
subject of the record; (2) the parent/guardian's own identity; (3) that 
the requester is the parent or guardian of that individual, which may 
be proven by providing a copy of the individual's birth certificate 
showing parentage or a court order establishing the guardianship; and 
(4)

[[Page 47091]]

that the parent or guardian is acting on behalf of the individual in 
making the request. Individuals should address written record access 
requests to the Office of the Secretary of Defense/Joint Staff Freedom 
of Information Act Requester Service Center, 1155 Defense Pentagon, 
Washington, DC 20701-1155; Requester Service Center website: https://www.esd.whs.mil/FOID/. Signed, written requests should include the 
individual's full name, telephone number, street address, email 
address, and name and number of this SORN. In addition, the requester 
must provide either a notarized statement or a declaration made in 
accordance with 28 U.S.C. 1746, using the following format:
    If executed outside the United States: ``I declare (or certify, 
verify, or state) under penalty of perjury under the laws of the United 
States of America that the foregoing is true and correct. Executed on 
(date). (Signature).''
    If executed within the United States, its territories, possessions, 
or commonwealths: ``I declare (or certify, verify, or state) under 
penalty of perjury that the foregoing is true and correct. Executed on 
(date). (Signature).''

CONTESTING RECORD PROCEDURES:
    The DoD rules for accessing records, contesting contents, and 
appealing initial agency determinations are contained in 32 CFR part 
310.

NOTIFICATION PROCEDURES:
    Individuals seeking to determine whether information about 
themselves is contained in this system should follow the instructions 
for Record Access Procedures above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    N/A.

[FR Doc. 2021-18025 Filed 8-20-21; 8:45 am]
BILLING CODE 5001-06-P