[Federal Register Volume 88, Number 67 (Friday, April 7, 2023)]
[Notices]
[Pages 20848-20850]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-07395]
�========================================================================
�Notices
� Federal Register
�________________________________________________________________________
�
�This section of the FEDERAL REGISTER contains documents other than rules
�or proposed rules that are applicable to the public. Notices of hearings
�and investigations, committee meetings, agency decisions and rulings,
�delegations of authority, filing of petitions and applications and agency
�statements of organization and functions are examples of documents
�appearing in this section.
�
�========================================================================
�
��Federal Register / Vol. 88 , No. 67 / Friday, April 7, 2023 /
Notices��
[[Page 20848]]
AGENCY FOR INTERNATIONAL DEVELOPMENT
Privacy Act of 1974; System of Records
AGENCY: Agency for International for Development (USAID).
ACTION: Notice of Modified Privacy Act System of Records.
-----------------------------------------------------------------------
SUMMARY: The United States Agency for International Development
proposes to modify various sections of the existing System of Records
Notice titled USAID-28, USAID Personnel Locator System consistent with
the requirements detailed in OMB Circular A-108: Federal Agency
Responsibilities for Review, Reporting and Publication Under the
Privacy Act. USAID is providing notice of its intent to change the name
of the system to USAID-28, Emergency Notification System, and to update
various sections of the existing System of Records Notice in accordance
with OMB guidance. The system will collect Personally Identifiable
Information (PII) necessary to provide rapid communications regarding
emergencies and urgent situations, such as office dismissal, and
closure situations that impact access to USAID facilities. USAID is
issuing this Notice to clarify the purpose for which the information is
collected, update the authorities, and to expand upon the routine uses
for the information maintained in this system. All other changes to the
Notice are administrative in nature.
DATES: Submit comments on or before 15 May 2023. This modified system
of records will be effective 15 May 2023 upon publication. The Routine
Uses are effective at the close of the comment period.
ADDRESSES: You may submit comments:
Electronic
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions on the website for submitting comments.
Email: [email protected].
Paper
Fax: 202-916-4946.
Mail: Chief Privacy Officer, United States Agency for
International Development, 1300 Pennsylvania Avenue NW, Washington, DC
20523.
FOR FURTHER INFORMATION CONTACT: Ms. Celida A. Malone, USAID Privacy
Program at United States Agency for International Development, Bureau
for Management, Office of the Chief Information Officer, Information
Assurance Division: ATTN: USAID Privacy Program, 1300 Pennsylvania
Avenue NW, Washington, DC 20523, or by phone number at 202-916-4605.
SUPPLEMENTARY INFORMATION: USAID is modifying the SORN to change the
name from USAID-28--Personnel Locator System to USAID-28: Emergency
Notification System (ENS) and update elements of the SORN contents to
increase transparency into the Agency's enhanced capacity to transform
and modernize the rapid delivery of emergency communications. The
Categories of Records in the System was significantly modified to
reduce the amount of Personally Identifiable Information (PII) that is
collected. This information is used to enable the system owner to
target emergency notifications to employees, contractors and others who
may be affected by emergency situations at or near an USAID facility.
Dated: May 25, 2022.
Mark Joseph Johnson.
Chief Privacy Officer, United States Agency for International
Development.
SYSTEM NAME AND NUMBER:
USAID-28: Emergency Notification System (ENS).
SECURITY CLASSIFICATION:
Sensitive But Unclassified.
SYSTEM LOCATION:
Records are maintained at the United States Agency for
International Development, Bureau for Management, Office of Management
Services, Headquarters Management Division, 1300 Pennsylvania Ave. NW,
Washington, DC 20523. The cloud-based servers are managed at data
operations centers located in Santa Clara, CA and Ashburn, VA.
SYSTEM MANAGER:
Continuity Program Manager, United States Agency for International
Development, Bureau for Management, Office of Management Services,
Headquarters Management Division, 1300 Pennsylvania Avenue NW,
Washington, DC 20523. Email: [email protected].
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Homeland Security Act of 2002, Public Law 107-296, Sec. 501-521,
National Continuity Policy Implementation Plan, Federal Continuity
Directive, Federal Executive Branch National Continuity Program and
Requirements, National Security Presidential Directive-51/Homeland
Security Presidential Directive-20; and 5 U.S.C. 301.
PURPOSE OF THE SYSTEM:
The purpose of the Emergency Notification System (ENS) is to
maintain current, up-to-date emergency contact information for USAID
employees and contractors. Using multiple communication pathways, such
as email, text-to-voice phone calls, short message service (SMS) text
messages, computer desktop pop-up messages and/or public social media
postings, ENS provides high-speed message delivery to all workforce
members in response to threat alerts issued by the Department of
Homeland Security, USAID's Critical Coordination Unit and Facilities
Management staff, and local emergency officials regarding weather-
related emergencies, or other urgent situations that may disrupt the
operations and accessibility of a USAID facility/worksite. It also
enables USAID, emergency responders, and others to account for
workforce members during an emergency.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by this system include, but are not limited to:
current and former USAID employees; personal services contractors;
institutional support contractors; consultants; detailees; fellows;
interns; and volunteers.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records maintained in this system contain contact information
necessary to ensure the timely emergency notification to USAID
workforce
[[Page 20849]]
members. The types of personal information include
Employee Contact Information includes: Name; home phone
number; personal cell phone number; personal email address; official or
work phone number; official or work email address; assigned office;
work location; emergency contact name; emergency contact phone number;
and emergency contact alternate number.
RECORD SOURCE CATEGORIES:
The information maintained in this system is obtained from
employees, contractors, consultants, detailees, fellows, interns, and
volunteers who voluntarily register for ENS alerts. In addition,
information is obtained from the Personal Identity Verification (PIV)
Card Management System, USAID Human Capital and Talent Management
(HCTM) Operational Databases, as well as organizations that employ/
sponsor contractors, interns, fellows, and volunteers.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed as a routine use
as follows:
(1) To Federal, state, tribal, local, international, or foreign
governmental agencies or executive offices, relief agencies, and non-
governmental organizations, when disclosure is appropriate for
performance of the official duties required in response to all-hazards
and declared emergencies, including technical, manmade, or natural
disasters.
(2) To current and former Federal employees and contractors when
the records are relevant and necessary to carry out emergency response
activities.
(3) To designated or identified emergency contacts of USAID
workforce members, including current and former employees and
contractors, when disclosure is necessary to protect public and
personal health and safety during an emergency.
(4) To Federal, state, local, foreign, tribal, or self-regulatory
agencies or organizations responsible for investigating, prosecuting,
enforcing, implementing, issuing, or carrying out a statute, rule,
regulation, order, or policy whenever the information is relevant and
necessary to respond to a potential violation of civil or criminal law,
regulation, order, or policy.
(5) To another Federal agency, to a court, magistrate, or other
administrative tribunal in the course of an administrative or judicial
proceeding, including disclosures to opposing counsel or witnesses
(including expert witnesses) in the course of discovery or other pre-
hearing exchanges of information, litigation, or settlement
negotiations, where relevant or potentially relevant to a proceeding,
or in connection with criminal law proceedings, subject to USAID's
determination that the disclosure of the records is a use of the
information that is compatible with the purpose for which the records
were collected.
(6) To any component of the Department of Justice, or in a
proceeding before a court, adjudicative body, or other administrative
body before which the Agency is authorized to appear, when: (a) the
Agency or any component thereof; or (b) any employee of the Agency in
her or his official capacity; or (c) any employee of the Agency in his
or her individual capacity where the Department of Justice or the
Agency has agreed to represent the employee; or (d) the United States,
when the Agency determines that litigation is likely to affect the
Agency or any of its components, is a party to litigation or has an
interest in such litigation, and the use of such records by the
Department of Justice or the Agency is deemed by the Agency to be
relevant and necessary to the litigation provided, however, that in
each case it has been determined that the disclosure is compatible with
the purpose for which the records were collected.
(7) To the Department of Justice for the purpose of obtaining legal
counsel, including whether the records or information in this system of
records should be disclosed outside USAID.
(8) To a Federal government agency or department that assists USAID
for the purpose of vetting, and for the purposes of ensuring accuracy
of existing records and updating government records when a match
between an applicant and another database is identified.
(9) To disclose information to contractors (personal service
contractors or institutional support contractors) in furtherance of the
contractor's work performance on behalf of the Federal government under
a contract, including contracts that support the vetting program.
(10) To the National Archives and Records Administration for the
purposes of records management inspections conducted under the
authority of 44 U.S.C. 2904 and 2906 and in its role as Archivist.
(11) To the Office of Management and Budget in connection with
review of private relief legislation, as set forth in OMB Circular No.
A-19, at any stage of the legislative coordination and clearance
process as set forth in that Circular.
(12) To appropriate agencies, entities, and persons when: (a) USAID
suspects or has confirmed that there has been a breach of the system of
records; (b) USAID has determined that, as a result of the suspected or
confirmed breach, there is a risk of harm to individuals, USAID
(including its information systems, programs, and operations), the
Federal Government, or national security; and (c) the disclosure made
to such agencies, entities, and persons is reasonably necessary to
assist in connection with USAID's efforts to respond to the suspected
or confirmed breach or to prevent, minimize, or remedy such harm.
(13) To another Federal agency or Federal entity when USAID
determines information from this system of records is reasonably
necessary to assist the recipient agency or entity in: (a) responding
to a suspected or confirmed breach; or (b) preventing, minimizing, or
remedying the risk of harm to individuals, the recipient agency or
entity (including its information systems, programs, and operations),
the Federal Government, or national security, resulting from a
suspected or confirmed breach.
(14) To Congressional offices in response to an inquiry from that
office made at the request of the individual to whom the record
pertains.
(15) To the Office of the President in response to an inquiry from
that Office made on behalf of, and at the request of, the subject of
the record or third party acting on the subject's behalf.
(16) To disclose information to officials of labor organizations
when relevant and necessary to fulfill their duties of exclusive
representation concerning personnel policies, practices, and matters
affecting working conditions.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic records in this system are maintained in user-
authenticated, password-protected systems. All records are accessed
only by authorized personnel who have a need to access the records in
the performance of their official duties.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
USAID records are retrievable by name, location, or any other
identifier listed in the Categories of Records cited above.
[[Page 20850]]
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
The records are maintained in accordance with the National Archives
and Records Administration (NARA), General Records Schedule No-1-Item
18(a). Records are reviewed and updated annually. The records relating
to a former employee may be retained for a period of three years after
separation or transfer, if required to meet the business needs of the
Agency.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
USAID safeguards records in this system according to applicable
rules and policies, including all applicable USAID Automated Directive
System operational policies. USAID has implemented controls to minimize
the risk of compromising the information that is being stored. Access
to the records in this system is limited to those individuals who have
a need to know the information for performance of their official duties
and who have appropriate clearances and permissions. USAID ensures the
practices stated in the Emergency Notification System (ENS) Privacy
Impact Assessment are followed by leveraging standard operating
procedures (SOP), training, policies, rules of behavior, and auditing
and accountability.
RECORD ACCESS PROCEDURES:
Under the Privacy Act, individuals may request access to records
about themselves. These individuals must be limited to citizens of the
United States or aliens lawfully admitted for permanent residence. If a
Federal Department or Agency or a person who is not the individual who
is the subject of the records, requests access to records about an
individual, the written consent of the individual who is the subject of
the records is required.
Individuals seeking access to information about themselves
contained in this system of records should address inquiries to the
Bureau for Management, Office of Management Services, Information and
Records Division (M/MS/IRD), USAID Annex--Room 2.4.0C, 1300
Pennsylvania Avenue NW, Washington, DC 20523. The requester may
complete and sign a USAID Form 507-1, Certification of Identity Form or
submit signed, written requests that should include the individual's
full name, current address and telephone number, and this System of
Records Notice number. In addition, the requester must provide either a
notarized statement or an unsworn declaration made in accordance with
28 U.S.C. 1746, in the following format:
If executed outside the United States: ``I declare (or certify,
verify, or state) under penalty of perjury under the laws of the United
States of America that the foregoing is true and correct. Executed on
(date). (Signature).''
If executed within the United States, its territories, possessions,
or commonwealths: ``I declare (or certify, verify, or state) under
penalty of perjury that the foregoing is true and correct. Executed on
(date). (Signature).''
CONTESTING RECORD PROCEDURES:
The USAID rules for accessing records, contesting contents, and
appealing initial Agency determinations are contained in 22 CFR 212 or
may be obtained from the program manager or system owner.
NOTIFICATION PROCEDURES:
Individuals seeking to determine if information about themselves is
contained in this system of records should address inquiries to the
Bureau for Management, Office of Management Services, Information and
Records Division (M/MS/IRD), USAID Annex--Room 2.4.0C, 1300
Pennsylvania Avenue NW, Washington, DC 20523. Individuals may complete
and sign a USAID Form 507-1, Certification of Identity Form, or submit
signed, written requests that should include the individual's full
name, current address, and telephone number. In addition, the requester
must provide either a notarized statement or an unsworn declaration
made in accordance with 28 U.S.C. 1746, in the following format:
If executed outside the United States: ``I declare (or certify,
verify, or state) under penalty of perjury under the laws of the United
States of America that the foregoing is true and correct. Executed on
(date). (Signature).''
If executed within the United States, its territories, possessions,
or commonwealths: ``I declare (or certify, verify, or state) under
penalty of perjury that the foregoing is true and correct. Executed on
(date). (Signature).''
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
77 FR 64095, October 18, 2012.
Celida Ann Malone,
Government Privacy Task Lead.
[FR Doc. 2023-07395 Filed 4-6-23; 8:45 am]
BILLING CODE 6116-01-P