[Federal Register Volume 88, Number 136 (Tuesday, July 18, 2023)]
[Notices]
[Pages 45882-45884]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2023-15161]


 ========================================================================
 Notices
                                                 Federal Register
 ________________________________________________________________________
 
 This section of the FEDERAL REGISTER contains documents other than rules 
 or proposed rules that are applicable to the public. Notices of hearings 
 and investigations, committee meetings, agency decisions and rulings, 
 delegations of authority, filing of petitions and applications and agency 
 statements of organization and functions are examples of documents 
 appearing in this section.
 
 ========================================================================
 

  Federal Register / Vol. 88, No. 136 / Tuesday, July 18, 2023 / 
Notices  

[[Page 45882]]



DEPARTMENT OF AGRICULTURE

[Docket Number: USDA-2022-0013]


Privacy Act of 1974; System of Records

AGENCY: Departmental Administration (DA), Office of Customer Experience 
(OCE), Department of Agriculture (USDA).

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, as amended, and 
the Office of Management and Budget and Budget (OMB) Circular No. A-108 
Federal Agency Responsibilities for Review, Reporting, and Publication 
under the Privacy Act, the U.S. Department of Agriculture (USDA) 
proposes a new system of records for the information collected, 
created, and stored in the centralized omni-channel AskUSDA Contact 
Center. The purpose of this system is to provide industry standard 
customer service to respond to inquiries from the general public 
regarding programs and services provided by USDA. The system keeps 
track of the people asking questions for continuity of support and 
maintains a record of their interaction. The system provides multiple 
public channels like phone, email, and live chat. Also, the system 
maintains a common knowledge base across the organization that improves 
response consistency. This system also improves the efficiency of the 
Federal staff providing answers to public inquiry.

DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), this notice is 
effective upon publication, subject to a 30-day notice and comment 
period in which to comment on the routine uses described in the routine 
uses section of this system of records notice. Please submit your 
comments by August 17, 2023.

ADDRESSES: You may submit comments by either of the following methods:
    Federal eRulemaking Portal: This website provides the ability to 
type short comments directly into the comment field on this web page or 
attach a file for lengthier comments. Go to: https://www.regulations.gov. Follow the online instructions at that site for 
submitting comments. Postal Mail/Commercial Delivery: Please send one 
copy of your comments to Docket No. USDA-2022-0013, Customer Contact, 
1400 Independence Ave, SW, Mailstop 3000, Washington, DC 20250 or at 
Simchah Suveyke-Bogin, email: [email protected].
    Instructions: All items submitted by mail or electronic mail must 
include the Agency name and docket number USDA- 2022-0013. Comments 
received in response to this docket will be made available for public 
inspection and posted with change, including any personal information 
to: https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact: 
Simchah Suveyke-Bogin, email: [email protected] or call 
202-913-3020. For Privacy Act questions concerning this system of 
records notice, please contact Michele Washington, USDA, Department 
Administration Information Technology Office, Office of the Chief 
Information Officer, United States Department of Agriculture, 202-577-
8021. For general USDA Privacy Act questions, please contact the USDA 
Chief Privacy Officer, Information Security Center, Office of Chief 
Information Officer, USDA, Jamie L. Whitten Building, 1400 Independence 
Ave. SW, Washington, DC 20250, or email: [email protected].

SUPPLEMENTARY INFORMATION: USDA is proposing to establish a new System 
of Records Notice entitled USDA/OCX, AskUSDA Contact Center. The 
AskUSDA Contact Center serves as the centralized entry point for the 
public to access information and assistance from USDA through an omni-
channel of calls, emails, and chats. The records maintained are the 
inquirer's contact information, public inquiries, case information, 
knowledge articles used, and accompanying notes.

SYSTEM NAME AND NUMBER:
    USDA/OCX, AskUSDA Contact Center

SECURITY CLASSIFICATION:
    Sensitive But Unclassified

SYSTEM LOCATION:
    The USD/OCX is maintained and physically located at USDA/OCIO, 1400 
Independence Ave SW, Washington, DC 20250-3000. Salesforce Government 
Cloud--OCIO FR.

SYSTEM MANAGER(S):
    Chief Customer Experience Officer, Office of Customer Experience 
(OCX), USDA 1400 Independence Ave SW, Washington, DC 20250-3300, (202) 
913-3020. Third-party service provider, Salesforce Government Cloud, 
415 Mission Street, San Francisco, CA 94105.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    This system of records is authorized under OMB Circular A-11, 
Section 280, S.1088, Federal Agency Customer Experience Act of 2017, 
Public Law 115-336, Presidents' Management Agenda (PMA) 2021, and 
Executive Order 1307, Executive Order 14058- Transforming Federal 
Customer Experience and Service Delivery to Rebuild Trust in 
Government.

PURPOSE(S) OF THE SYSTEM:
    The purpose of this system is to provide industry standard customer 
service to respond to inquiries from the general public regarding 
programs and services provided by USDA. The system tracks the 
individual asking questions for continuity of support and maintains a 
record of their interaction. The system provides the general public 
multiple channels like phone, email, and chat. The system also 
maintains a common knowledge base across the organization that improves 
response consistency. This system also improves the efficiency of the 
federal staff providing answers to public inquiry.

CATEGORIES OF INDIVIDUALS CONVERED BY THE SYSTEM:
    The categories of individuals covered by the system include the 
general public and USDA employees. The majority of customers are 
private individuals and businesses from across the nation that are 
looking for information regarding USDA programs and services. The

[[Page 45883]]

programs and services are provided by the different agencies within 
USDA.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Categories of records created in the system are on individual(s) 
who have contacted USDA, to include their first and last names, phone 
numbers, emails, and physical addresses. Knowledge Articles from 
various mission areas explaining USDA programs and other public 
sources, and General Inquiry Case Information (Subject, Description--
Inquiry Details/Case History, Case Number, Contact, Account, Nature of 
Inquiry) are in the system.

RECORD SOURCE CATEGORIES:
    The sources of information in this system are members of the 
public, USDA employees, contractors, USDA applicants, and other 
individuals or entities who contact the USDA Contact Center.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, records maintained in the system may be 
disclosed outside USDA, as follows:
    A. To the U.S. Department of Justice (DOJ) when: (a) USDA or any 
component thereof; or (b) any employee of USDA in his or her official 
capacity, or any employee of the agency in his or her individual 
capacity where the Department of Justice has agreed to represent the 
employee; or (c) the United States Government, is a party to litigation 
or has an interest in such litigation, and USDA determines that the 
records are relevant and necessary to the litigation and the use of 
such records by the Department of Justice is for a purpose that is 
compatible with the purpose for which USDA collected the records;
    B. When a record on its face, or in conjunction with other records, 
indicates a violation or potential violation of law, whether civil, 
criminal, or regulatory in nature, and whether arising by general 
statute or particular program, statute, or by regulation, rule, or 
order issued pursuant thereto, disclosure may be made to the 
appropriate Federal, State, local, foreign, Tribal, or other public 
authority responsible for enforcing, investigating, or prosecuting such 
violation or charged with enforcing or implementing the statute, or 
rule, regulation, or order issued pursuant thereto, if the information 
disclosed is relevant to any enforcement, regulatory, investigative or 
prospective responsibility of the receiving entity;
    C. To Congressional office staff in response to an inquiry made at 
the written request of the individual to whom the record pertains;
    D. To appropriate agencies, entities, and persons when: (a) USDA 
suspects or has confirmed that there has been a breach of the system of 
records; (b) USDA has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, USDA 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (c) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with USDA's efforts to respond to the suspected or 
confirmed compromise and prevent, minimize, or remedy such harm;
    E. To contractors and their agents, grantees, experts, consultants, 
and other performing or working on a contract, service, grant, 
cooperative agreement, or other assignment for the USDA, when necessary 
to accomplish an agency function related to this system of records;
    F. To comply with Federal Funding Accountability and Transparency 
Act (FFATA) and similar statutory requirements for public disclosure in 
situations where records reflect loans, grants, or other payments to 
members of the public;
    G. To the National Archives and Records Administration (NARA) or 
other Federal government agencies pursuant to records management 
inspections being conducted under the authority of 44 U.S.C. 2904 and 
2906;
    H. To a court or adjudicative body in a proceeding when: (a) USDA 
or any component thereof; or (b) any employee of USDA in his or her 
official capacity; or (c) any employee of USDA in his or her individual 
capacity where USDA has agreed to represent the employee; or the United 
States Government is a party to litigation or has an interest in such 
litigation, and USDA determines that the records are both relevant and 
necessary to the litigation and that use of such records is therefore 
deemed by USDA to be for a purpose that is compatible with the purpose 
for which USDA collected the records;
    I. To appropriate agencies, entities, and persons when (1) DA/OCE 
suspects or has confirmed that there has been a breach of the system of 
records,(2) DA/OCE has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DA/OCE 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with DA/OCE's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm; and
    J. To another Federal agency or Federal entity to another Federal 
agency or Federal entity, when DA/OCE determines that information from 
this system of records is reasonably necessary to assist the recipient 
agency or entity in (1) responding to a suspected or confirmed breach 
or (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The NIST 800-53 controls are employed to reduce the risks of 
unauthorized and unintended information transfer. OCX records are 
electronic only records and stored at the FedRamp certified Salesforce 
Cloud.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Contact information are retrieved by a search of the name or phone 
number. A key word search retrieves knowledge articles. Only employees 
with secure and verified access can retrieve Contact Center data 
information. Employees retrieving this data must have secure access to 
Salesforce, must pass a single sign- on verification, and have specific 
permissions granted by a database administrator to retrieve records. 
The employee would access the platform using a personal identity 
verification (PIV) card or enter verifiable credentials, use a 
dashboard or customized report retrieval.

POLICIES AND PRACTICIES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are retained and disposed of in accordance with NARA's 
General Records Schedule 820-1 but may be retained for a longer period 
as required by litigation, investigation, and/or audit. Contact details 
are proposed to maintain for seven years before archived. Personal 
information stored (i.e., name, email, and phone number) are encrypted.

ADMINISTRATIVE, TECHICAL, AND PHYSICAL SAFEGUARDS:
    All electronic records are secured with proper requirements for 
access in place. Access is only granted to

[[Page 45884]]

employees approved and cleared to receive permissions to Salesforce and 
have PIV access and clearance. Users who are contractors are provided 
training during onboarding to use the system and federal employees 
receive updated training for Salesforce and its dashboards periodically 
as needed. Access Control (AC), Identification and Authentication (IA) 
and Systems and Communication Protection (SC) security controls are in 
place to prevent unauthorized access. Individual systems desk 
procedures document the process for establishing, activating, and 
modifying IDs. System Owners define Groups and account types. System 
Point of Contact (POC) assigns group membership and determines need-to-
know validation. The Program Manager verifies user identification. Role 
Based Access Control are also used. All internal USDA access is managed 
through the USDA Enterprise Entitlement Management System for 
requesting internal access.

RECORD ACCESS PROCEDURES:
    Individuals seeking to gain access to a record in this system of 
records should contact the system manager at the address listed above. 
Provide the system manager with the necessary particulars such as full 
name, date of birth, work address, and country of citizenship. 
Requesters must also reasonably specify the record contents sought. The 
request must meet the requirements of the regulations at 34 CFR 5b.5, 
including proof of identity. All requests for access to records must be 
in writing and should be submitted to the system manager at the address 
listed above. A determination on whether a record may be accessed will 
be made when a request is received.

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest or amend information maintained in 
the system should direct their request to the above listed System 
Manager and should include the reason for contesting it and the 
proposed amendment to the information with supporting information to 
show how the record is inaccurate. A request for contesting records 
should contain: Name, address including zip code, name of the system of 
records, year of records in question, and any other pertinent 
information to help identify the data requested.

NOTIFICATION PROCEDURES:
    Individuals may be notified if a record in this system of records 
pertains to them when the individuals request information utilizing the 
same procedures as those identified in the ``RECORD ACCESS PROCEDURES'' 
paragraph, above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None

Simchah SuveykeBogin,
Chief Customer Experience Officer, Office of Customer Experience, 
Departmental Administration, United States Department of Agriculture.
[FR Doc. 2023-15161 Filed 7-17-23; 8:45 am]
BILLING CODE 3411-07-P