Federal Register, Volume 89 Issue 224 (Wednesday, November 20, 2024)

[Federal Register Volume 89, Number 224 (Wednesday, November 20, 2024)]
[Notices]
[Pages 91887-91889]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-26737]


-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Pipeline and Hazardous Materials Safety Administration

[Docket No. PHMSA-2024-0166]


Pipeline Safety: Random Drug Testing Rate; Multi-Factor 
Authentication; and Operator and Contractor Management Information 
System Reporting

AGENCY: Pipeline and Hazardous Materials Safety Administration (PHMSA), 
Department of Transportation (DOT).

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: PHMSA has determined that the Minimum Annual Percentage Rate 
for Random Drug Testing for covered employees will be 50 percent during 
calendar year (CY) 2025. For CY 2024 reporting, Multi-Factor 
Authentication (MFA) login procedures must be used for submitting drug 
& alcohol (D&A) testing data into the Drug and Alcohol (D&A) Management 
Information System (DAMIS) database. This notice also explains how 
pipeline operators and contractors will obtain MFA login information.

DATES: Applicable January 1, 2025, through December 31, 2025.

FOR FURTHER INFORMATION CONTACT: Wayne Lemoi, Drug & Alcohol Program 
Manager, Office of Pipeline Safety, by phone at 909-937-7232 or by 
email at [email protected].

SUPPLEMENTARY INFORMATION:

Notice of CY 2025 Minimum Annual Percentage Rate for Random Drug 
Testing

    Operators of gas, hazardous liquid, and carbon dioxide pipeline 
facilities; liquefied natural gas (LNG) plants; and underground natural 
gas storage facilities must randomly select and test a percentage of 
all covered employees for prohibited drug use in accordance with 49 
Code of Federal Regulations part 199.
    The Administrator can adjust the minimum random drug testing rate 
based on the reported positive rate of the industry's random drug 
tests, which is obtained from operators' and contractors' annual DAMIS 
reports as required by Sec.  199.119(a). In accordance with Sec.  
199.105(c)(3), if the reported positive drug test rate is below one 
percent for two consecutive CYs, the Administrator may lower the random 
drug testing rate to 25 percent of all covered employees. Conversely, 
paragraph Sec.  199.105(c)(4) requires the Administrator to raise the 
minimum annual random drug testing rate from 25 percent to 50 percent 
of all covered employees when the data obtained from the latest annual 
DAMIS reports required by Sec.  199.119(a) indicate the positive test 
rate is equal to or greater than one percent.
    While the minimum annual random drug testing rate was 25 percent of 
all covered employees during CY 2024, the DAMIS reports submitted for 
CY 2023 D&A testing had a random drug testing positive rate greater 
than one percent. Therefore, the Administrator is increasing the PHMSA 
minimum annual random drug testing rate to 50 percent of all covered 
employees for CY 2025.

Multi-Factor Authentication for DAMIS Reports

    DOT will continue to use Multi-Factor Authentication (MFA) to limit 
and control access to the DOT's DAMIS database. MFA is not unique to 
PHMSA or to DAMIS. It is a Federal Government initiative that was 
implemented to protect the integrity and security of Federal Government 
databases from cybersecurity attacks and other risks.

[[Page 91888]]

MFA login procedures for ``primary pipeline'' operators and contractors 
are explained in the applicable sections below.

Pipeline Operator DAMIS Reporting

    To collect more accurate pipeline industry DOT D&A test data and to 
avoid duplicate reporting of D&A test data, PHMSA limits DAMIS 
reporting to ``primary operators'' and contractors only. The term 
``primary operator'' is not used in the D&A testing regulations in part 
199; however, the term ``primary operator'' as used herein has the same 
meaning as the term ``primary entity'' as used in Sec.  191.22 and 
Sec.  195.64. Moreover, a ``primary operator'' can be a large or small 
operator as explained below.
    Pipeline operators either have a D&A program that includes only one 
pipeline operator (i.e., one OPID) or an ``umbrella'' type shared D&A 
program that includes multiple pipeline operators (i.e., more than one 
OPID). For DAMIS reporting purposes the operator of the single operator 
D&A program is the ``primary pipeline operator.'' For shared D&A 
programs, the ``primary operator'' must be identified to PHMSA through 
Safety Program Relationship (SPR) data before submitting a DAMIS 
report. Operators are reminded to review their D&A program records to 
check the SPR status of their D&A program. If changes are needed to 
properly align the SPR data with the operator's D&A program, the 
operator must make a written notification to PHMSA.
    The PHMSA regulations governing DAMIS reporting (Sec. Sec.  199.119 
and 199.229) are based on whether the primary operator is a large 
operator or a small operator. Pursuant to Sec. Sec.  199.119(a) and 
199.229(a), a large operator is an operator with more than 50 covered 
employees. Large operators are required to submit a DAMIS report each 
CY. Pursuant to Sec. Sec.  199.119(a) and 199.229(a), a small operator 
is an operator with 50 or fewer covered employees. Small operators are 
only required to submit a DAMIS report if the operator receives a 
``written notice'' from PHMSA requesting a report. Each CY, PHMSA 
transmits written notices as messages in the PHMSA Portal in late 
December.
    To calculate the number of D&A covered employees to determine 
whether an operator is a large or small primary operator, include all 
covered employees of the primary operator plus all covered employees of 
any business units included in the DAMIS report under a shared D&A 
program. If your covered employees are in a random drug testing pool 
managed by a consortium, count only your own covered employees. If you 
have any covered employees subject to D&A testing under more than one 
DOT agency, count only those employees who were D&A tested under PHMSA, 
which is the agency selected on the Federal Drug Testing Custody and 
Control Form (CCF) or on the Alcohol Testing Form (ATF). While 
contractor employees are covered employees requiring D&A testing, 
contractor employees are not used to calculate whether a ``primary 
pipeline operator'' is a large or small operator. Therefore, do not 
include contractor employees in the above calculations.
    Pipeline operators are no longer required to ``accept'' contractor 
reports. Instead, an operator will simply list the contractor, and the 
contractor's DAMIS report automatically becomes part of the operator's 
report once the contractor has submitted its report to DAMIS. 
Furthermore, operators are not able to view contractor data reports 
through DAMIS, but can get the report directly from the contractor, if 
they so desire.
    For each contractor listed by a primary operator, DAMIS will show 
if a Login.gov invitation has been generated for the contractor. If no 
Login.gov invitation has been created for the contractor or if the 
Login.gov invitation was created for the wrong email address, the 
primary operator can generate a new Login.gov invitation by entering a 
new email address for the contractor. This email address cannot already 
be in use to access DAMIS for a primary operator or a different 
contractor.
    Primary Operator MFA Login: In September 2023, PHMSA communicated 
by email with primary operators to confirm the email address of the 
person who will submit the primary operator's DAMIS report. These 
confirmed email addresses were loaded into DAMIS at the end of CY 2023. 
In early January 2024, DAMIS generated a one-time/one-use Login.gov 
invitation for the confirmed email addresses. PHMSA also makes 
Login.gov invitations available in the PHMSA Portal.

Contractor DAMIS Reporting

    Because contractors do not have OPIDs, PHMSA uses a Business Tax 
Identification Number (BTIN) to track contractors in the DAMIS 
database.
    A contractor may perform D&A covered functions for one pipeline 
operator or multiple operators. Additionally, a contractor may be 
local, regional, or nationwide, and/or may operate from a single 
location or from multiple locations. Regardless, the clear intent is 
for PHMSA and DOT to collect contractor D&A test data that is complete, 
accurate, and nonrepetitive. Accordingly, each contractor must prepare 
a single, complete, and accurate DAMIS report that includes all its D&A 
covered employees and all their DOT D&A test data. A contractor does 
not prepare or submit a separate and distinct DAMIS report for each 
pipeline operator, or for a contractor's separate offices or locations, 
unless those offices are distinct and separate under their own BTIN. 
Moreover, a contractor must not report the same covered employees and 
the same D&A tests in more than one BTIN. If a contractor has more than 
one BTIN, the contractor must allocate individual employees and their 
D&A tests results among the BTINs for which they actually worked, or 
report all the contractor's employees and test results under one BTIN.
    PHMSA does not need or require a DAMIS report from each BTIN. PHMSA 
requires a valid set of contractor D&A test data that reflects the 
complete and accurate picture of who the contractor D&A tested and what 
the results of those tests were. PHMSA does not want covered employees 
or D&A tests to be reported more than once. If test results can be 
reported under one BTIN, that is acceptable.
    PHMSA also recognizes that some pipeline operators perform D&A 
covered functions for other PHMSA regulated pipeline operators. While 
this may take place under a contract, pipeline operators with an OPID 
must never be listed as a contractor by any other pipeline operator in 
a DAMIS report.
    Contractor MFA Login: MFA allows access for contractors to enter 
their D&A testing data directly into DAMIS. In September 2023, PHMSA 
communicated by email with contractors to confirm the email address of 
the person who will submit the contractor DAMIS report. These confirmed 
email addresses were loaded into DAMIS at the end of CY 2023. In early 
January 2024, DAMIS generated a one-time/one-use Login.gov invitation 
for the confirmed email address. Contractors can also request a new 
Login.gov invitation for a new email address by sending a request to 
[email protected].
    Any primary operator can generate a new Login.gov invitation for a 
contractor by entering an email address that is not already established 
with Login.gov access to DAMIS.


[[Page 91889]]


    Issued in Washington, DC, on November 7, 2024, under authority 
delegated in 49 CFR 1.97.
Alan K. Mayberry,
Associate Administrator for Pipeline Safety.
[FR Doc. 2024-26737 Filed 11-19-24; 8:45 am]
BILLING CODE 4910-60-P