[Federal Register Volume 90, Number 146 (Friday, August 1, 2025)]
[Notices]
[Pages 36176-36178]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2025-14575]
-----------------------------------------------------------------------
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT
[Docket No. FR-7104-N-08]
Privacy Act of 1974; System of Records
AGENCY: Office of the Chief Financial Officer, HUD.
ACTION: Notice of a Modified System of Records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as
amended, the Department of the Housing and Urban Development (HUD),
Office of the Chief Financial Officer (OCFO) Accounting Operations
Center, is modifying a system of records titled, ``Financial Data
Mart.'' Financial Data Mart (FDM) is a warehouse of data extracted from
various HUD systems and is supported by several query tools for
improved financial and program data reporting. FDM facilitates viewing,
understanding and reporting of financial data. FDM is the primary
reporting tool used to generate internal ad-hoc reports, scheduled
event-driven reports, and queries. This system of records is being
revised to make clarifying changes within: System Name and number,
System Manager, Purpose of the System, Categories of Individuals
Covered by the System, Categories of Records in the System, Records
Source Categories, Routine Uses Maintained in the System, Retrieval of
Records, Retention and Disposal of Records and Administrative,
Technical and Physical Safeguards, Record Access Procedures, Contesting
Record Procedures, and Notification Procedures. The SORN modifications
are outlined in the SORN SUPPLEMENTARY INFORMATION section.
DATES: Comments will be accepted on or before September 2, 2025. This
proposed action will be effective on the date following the end of the
comment period unless comments are received which result in a contrary
determination.
ADDRESSES: You may submit comments, identified by the docket number or
by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov. Follow the
instructions provided on that site to submit comments electronically.
Fax: 202-619-8365.
Email: [email protected].
Mail: Attention: Privacy Office; Shalanda Capehart, Acting Chief
Privacy Officer; The Office of Executive Secretariat; 451 7th Street
SW, Room 10139; Washington, DC 20410-0001.
Instructions: All submissions received must include the agency name
and docket number for this rulemaking. All comments received will be
posted without change to http://www.regulations.gov, including any
personal information provided.
Docket: For access to the docket to read background documents or
comments received go to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: Shalanda Capehart, Acting Chief
Privacy Officer, 451 7th Street SW, Room 10139, Washington, DC 20410-
0001; telephone (202) 402-5085 (this is not a toll-free number). HUD
welcomes and is prepared to receive calls from individuals who are deaf
or hard of hearing, as well as individuals with speech or communication
disabilities. To learn more about how to make an accessible telephone
call, please visit https://www.fcc.gov/consumers/guides/telecommunications-relay-service-trs.
SUPPLEMENTARY INFORMATION: HUD amends the system of records notice
(SORN) for the Financial Data Mart
[[Page 36177]]
(FDM) to include substantive changes reflecting the modified items
listed below:
System Name and Number: Updated to reflect the correct
system number.
System Manager: Updated to reflect personnel changes.
Purpose of the System: Updated for greater clarity and
conciseness.
Categories of Individuals: Updated to include additional
categories.
Categories of Records: Updated to include additional
categories.
Record Source Categories: Updated to include Loan
Accounting System (LAS) and GSA's System for Award Management (SAM).
Routine Use of Records Maintained: Updated to include
NARA's requirement for FOIA requests.
Retrieval of Records: Updated to include email address in
the list.
Retention and Disposal of Records: Updated to align with
NARA's requirements.
Administrative, Technical, and Physical Safeguards:
Updated to remove information unrelated to FDM.
Record Access Procedures, Contesting Record Procedures,
and Notification Procedures sections: Updated to reflect current
guidance.
SYSTEM NAME AND NUMBER:
Financial Data Mart (FDM), HUD/CFO-04.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
HUD Headquarters, 451 7th Street SW, Washington, DC 20410-1000 and
National Center for Critical Information Processing and Storage
(NCCIPS), Stennis Space Center, MS 39529-6000. The backup data center
is at Mid-Atlantic Data Center in Clarksville, VA 23927-3201.
SYSTEM MANAGER(S):
Kate Darling, Assistant Chief Financial Officer for Systems, Office
of the Chief Financial Officer, Department of Housing and Urban
Development, 451 7th Street SW, Room 3100, Washington, DC 20410-0001;
telephone (202) 402-3912.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
31 U.S.C. 3511; The Chief Financial Officers Act of 1990 (31 U.S.C.
901, et seq.); Executive Order 9397, as amended by Executive Order
13478; Housing and Community Development Act of 1987, 42 U.S.C. 3543.
PURPOSE(S) OF THE SYSTEM:
Financial Data Mart (FDM) is a centralized repository of data
extracted from a variety of HUD's financial systems, supported by query
tools to enhance financial and program data reporting. FDM is designed
to facilitate viewing, understanding, and reporting of financial data.
FDM serves as the primary tool for generating internal ad-hoc reports,
scheduled event-driven reports, and queries.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
General public, Federal Employees, Contractors, Third-Party
vendors, and recipients of grants, subsidies, or loans.
CATEGORIES OF RECORDS IN THE SYSTEM:
Names, Social Security Numbers (SSNs), Taxpayer-IDs (which may
include SSNs for sole-proprietors), Home/business addresses, Financial
Information (e.g., bank account number, bank routing numbers), Email
addresses, salaries, and User IDs.
RECORD SOURCE CATEGORIES:
FDM receives records from other HUD information systems such as HUD
Central Accounting and Program Systems (HUDCAPS), Loan Accounting
System (LAS), Line of Credit Control System (LOCCS), HUD Integrated
Human Resources and Training System (HIHRTS), Geocoding Service Center
(GSC), Office 365 Multi-Tenant Software, and non-Personally
Identifiable Information (non-PII) from Integrated Real Estate
Management System (IREMS). FDM receives records from external sources,
such as the General Services Administration, System for Award
Management (SAM) and the Department of Treasury, Administrative
Resource Center (ARC)'s Oracle Federal Financials.
ROUTINE USES MAINTINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND
PURPOSEs OF SUCH USES:
(A) To a congressional office from the record of an individual, in
response to an inquiry from the congressional office made at the
request of that individual.
(B) To appropriate agencies, entities, and persons when: (I) HUD
suspects or has confirmed that there has been a breach of the system of
records; (II) HUD has determined that as a result of the suspected or
confirmed breach there is a risk of harm to individuals, HUD (including
its information systems, programs, and operations), the Federal
Government, or national security; and (III) The disclosure made to such
agencies, entities, and persons is reasonably necessary to assist in
connection with HUD's efforts to respond to the suspected or confirmed
breach or to prevent, minimize, or remedy such harm.
(C) To another Federal agency or Federal entity, when HUD
determines that information from this system of records is reasonably
necessary to assist the recipient agency or entity in (I) responding to
a suspected or confirmed breach or (II) preventing, minimizing, or
remedying the risk of harm to individuals, the recipient agency or
entity (including its information systems, programs and operations),
the Federal Government, or national security, resulting from a
suspected or confirmed breach.
(D) To a court, magistrate, administrative tribunal, or arbitrator
in the course of presenting evidence, including disclosures to opposing
counsel or witnesses in the course of civil discovery, litigation,
mediation, or settlement negotiations; or in connection with criminal
law proceedings; when HUD determines that use of such records is
relevant and necessary to the litigation and when any of the following
is a party to the litigation or have an interest in such litigation:
(1) HUD, or any component thereof; or (2) any HUD employee in his or
her official capacity; or (3) any HUD employee in his or her individual
capacity where HUD has agreed to represent the employee; or (4) the
United States, or any agency thereof, where HUD determines that
litigation is likely to affect HUD or any of its components.
(E) To any component of the Department of Justice or other Federal
agency conducting litigation or in proceedings before any court,
adjudicative, or administrative body, when HUD determines that the use
of such records is relevant and necessary to the litigation and when
any of the following is a party to the litigation or have an interest
in such litigation: (1) HUD, or any component thereof; or (2) any HUD
employee in his or her official capacity; or (3) any HUD employee in
his or her individual capacity where the Department of Justice or
agency conducting the litigation has agreed to represent the employee;
or (4) the United States, or any agency thereof, where HUD determines
that litigation is likely to affect HUD or any of its components.
(F) To appropriate Federal, State, local, tribal, or other
governmental agencies or multilateral governmental organizations
responsible for investigating or prosecuting the violations of, or for
enforcing or implementing, a statute, rule, regulation, order, or
license, where HUD determines that the information would assist in the
enforcement of civil or criminal laws when such records, either
[[Page 36178]]
alone or in conjunction with other information, indicate a violation or
potential violation of law.
(G) To Federal agencies, non-Federal entities, their employees, and
agents (including contractors, their agents or employees; employees or
contractors of the agents or designated agents); or contractors, their
employees or agents with whom HUD has a contract, service agreement,
grant, cooperative agreement, or computer matching agreement for the
purpose of: (I) Detection, prevention, and recovery of improper
payments; (II) detection and prevention of fraud, waste, and abuse in
major Federal programs administered by a Federal agency or non-Federal
entity; (III) for the purpose of establishing or verifying the
eligibility of, or continuing compliance with statutory and regulatory
requirements by, applicants for, recipients or beneficiaries of,
participants in, or providers of services with respect to, cash or in-
kind assistance or payments under Federal benefits programs or
recouping payments or delinquent debts under such Federal benefits
programs; (IV) detection of fraud, waste, and abuse by individuals in
their operations and programs. Records under this routine use may be
disclosed only to the extent that the information shared is necessary
and relevant to verify pre-award and prepayment requirements prior to
the release of Federal funds or to prevent and recover improper
payments for services rendered under programs of HUD or of those
Federal agencies and non-Federal entities to which HUD provides
information under this routine use.
(H) To contractors, grantees, experts, consultants and their
agents, or others performing or working under a contract, service,
grant, cooperative agreement, or other agreement with HUD, when
necessary to accomplish an agency function related to a system of
records. Disclosure requirements are limited to only those data
elements considered relevant to accomplishing an agency function.
(I) To the National Archives and Records Administration, Office of
Government Information Services (OGIS), to the extent necessary to
fulfill its responsibilities in 5 U.S.C. 552(h), to review
administrative agency policies, procedures and compliance with the
Freedom of Information Act (FOIA), and to facilitate OGIS' offering of
mediation services to resolve disputes between persons making FOIA
requests and administrative agencies.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic only.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Name, Social Security Number, Taxpayer ID, Email address, and User-
ID.
POLICIES AND PRACTICIES FOR RETENTION AND DISPOSAL OF RECORDS:
Temporary. Destroy 6 years after final payment or cancellation, but
longer retention is authorized if required for business use.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
All HUD employees have undergone background investigations. HUD
buildings are guarded and monitored by security personnel, cameras, ID
checks, and other physical security measures. Access is restricted to
authorized personnel or contractors whose responsibilities require
access. System users must take the mandatory security awareness
training annually as mandated by the Federal Information Security
Management Act (FISMA). Users must also sign a Rules of Behavior form
certifying that they agree to comply with the requirements before they
are granted access to the system. FDM resides in the HUD Office of
Chief Information Officer (OCIO) Local Area Network (LAN). The HUD OCIO
Infrastructure and Operations Office (IOO) secures the Data Centers
where the LAN resides. FDM sends and receives data through HUD SFTP
(Security File Transfer Protocol), which encrypts the data in the
database. All users authenticate to the HUD LAN with PIV cards before
they can access FDM. OCFO limits access to records that contain PII
data on a need-to-know basis, user recertification is performed, audit
logs are reviewed, security assessments are performed, and background
checks are performed prior to granting access to privileged roles. Not
all employees and contractors have access to the vendor table that
includes the PII. Supervisors determine and authorize FDM access for
their employees, and OCFO checks their suitability. The majority of FDM
users are read-only and cannot enter data into FDM. A system user
recertification is conducted to ensure each FDM user requires access to
the system.
RECORD ACCESS PROCEDURES:
Individuals requesting records of themselves should address written
inquiries to the Department of Housing Urban and Development 451 7th
Street SW, Washington, DC 20410-0001. For verification, individuals
should provide their full name, current address, and telephone number.
In addition, the requester must provide either a notarized statement or
an unsworn declaration made under 24 CFR 16.4.
CONTESTING RECORD PROCEDURES:
The HUD rule for contesting the content of any record pertaining to
the individual by the individual concerned is published in 24 CFR 16.8
or may be obtained from the system manager.
NOTIFICATION PROCEDURES:
Individuals requesting notification of records of themselves should
address written inquiries to the Department of Housing Urban
Development, 451 7th street SW, Washington, DC 20410-0001. For
verification purposes, individuals should provide their full name,
office or organization where assigned, if applicable, and current
address and telephone number. In addition, the requester must provide
either a notarized statement or an unsworn declaration made under 24
CFR 16.4.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
Docket No. FR-7062-N-12, 87 FR 50640, August 17, 2022.
Shalanda Capehart,
Acting Chief Privacy Officer, Office of Administration.
[FR Doc. 2025-14575 Filed 7-31-25; 8:45 am]
BILLING CODE 4210-67-P