[Federal Register Volume 90, Number 232 (Friday, December 5, 2025)]
[Notices]
[Pages 56197-56199]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2025-22054]
-----------------------------------------------------------------------
RAILROAD RETIREMENT BOARD
Privacy Act of 1974; System of Records
AGENCY: United States Railroad Retirement Board (RRB).
ACTION: Notice of a Modified System of Records.
-----------------------------------------------------------------------
SUMMARY: RRB-18, Miscellaneous Payments paid/posted to the General
Ledger by the Financial Management Integrated System (FMIS) is used to
process and track non-payroll payments made by RRB--primarily travel
reimbursements and employee expenses.
DATES: This system of records notice (SORN) will become effective upon
its publication, except the routine uses that have been modified as
part of this modification, which will be effective at the end of a
public comment period of 30 days from the date of publication. Please
submit written comments on or before January 5, 2026.
ADDRESSES: Interested parties may comment on this publication by
writing to Ms. Stephanie Hillyard, Secretary to the Board, U.S.
Railroad Retirement Board, 844 North Rush Street, Chicago, Illinois
60611-1275.
FOR FURTHER INFORMATION CONTACT: Mr. Chad Peek, Chief Privacy Officer,
U.S. Railroad Retirement Board, 844 North Rush Street, Chicago,
Illinois 60611-1275, telephone 312-751-3389 or email at
[email protected].
SUPPLEMENTARY INFORMATION: In accordance with the Privacy Act of 1974,
5 U.S.C. 552a, and the Office of Management and Budget (OMB),
[[Page 56198]]
Circular No. A-108, the U.S. Railroad Retirement Board (RRB) has
completed a review of its Privacy Act systems of records and proposes
to modify a current RRB system of records titled RRB-18, Miscellaneous
Payments paid/posted to the General Ledger by the Financial Management
Integrated System (FMIS). The proposed modification to the system of
records pursuant to 5 U.S.C. 552a(b)(3) adds the following categories
of users to its Routine Uses section: Congressional representatives,
contractors working for the federal government, law enforcement, other
federal agencies and entities pertaining to breach notification,
National Archives, and attorney representatives.
Dated: December 3, 2025.
By Authority of the Board.
Stephanie Hillyard,
Secretary to the Board.
SYSTEM NAME AND NUMBER:
RRB-18, Miscellaneous Payments paid/posted to the General Ledger by
the Financial Management Integrated System (FMIS).
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
U.S. Railroad Retirement Board, 844 North Rush Street, Chicago,
Illinois 60611-1275.
SYSTEM MANAGER(S):
Chief Financial Officer, U.S. Railroad Retirement Board, 844 North
Rush Street, Chicago, Illinois 60611-1275.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Section 7(b)(6) of the Railroad Retirement Act of 1974 (45 U.S.C.
231f(b)(6)); sec. 12(l) of the Railroad Unemployment Insurance Act (45
U.S.C. 362(l)).
PURPOSE(S) OF THE SYSTEM:
The system is used to pay the operating expenses of the agency to
vendors for goods and services. Employees are reimbursed for travel
expenses and miscellaneous expenses related to the performance of their
jobs. Payments are made within federal limits and applicable
guidelines.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Vendors who supply goods and services to the U.S. Railroad
Retirement Board and employees of the agency who are reimbursed for
travel and miscellaneous expenses.
CATEGORIES OF RECORDS IN THE SYSTEM:
Vendor invoice payments, travel vouchers, miscellaneous
reimbursement vouchers, and electronic mail address.
RECORD SOURCE CATEGORIES:
Employees travel records, memoranda from bureau directors and
office heads. Form G-409 Request for Reimbursement of Commuting
Expenses and Form G-753 Application for Reimbursement of Medical and/or
Eye Examination Fees. Vendor invoice records.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed to authorized
entities, as is determined to be relevant and necessary, outside RRB as
a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
a. Disclosure may be made to a congressional office from the record
of an individual in response to an inquiry from the congressional
office made at the request of that individual if that individual would
not be denied access to the information.
b. Disclosure may be made to contractors, grantees, experts,
consultants, students, and others performing or working on a contract,
service, grant, cooperative agreement, or other assignment for RRB, to
the extent necessary to accomplish an RRB function related to this
system of records.
c. Disclosure may be made to the appropriate agency, whether
federal, state, local, or foreign, charged with the responsibility of
investigating, enforcing, or prosecuting a violation or potential
violation of law, whether civil, criminal or regulatory in nature, and
whether arising by general statute or particular program statute, or by
regulation, rule or order issued pursuant thereto, or charged with
enforcing or implementing the statute, rule, regulation, or order
issued pursuant thereto, if the disclosure would be to an agency
engaged in functions related to the Railroad Retirement Act or the
Railroad Unemployment Insurance Act, or if disclosure would be clearly
in the furtherance of the interest of the subject individual.
d. To another federal agency or federal entity, when the U.S.
Railroad Retirement Board determines that information from this system
of records is reasonably necessary to assist the recipient agency or
entity in (1) responding to a suspected or confirmed breach or (2)
preventing, minimizing, or remedying the risk of harm to individuals,
the recipient agency or entity (including its information systems,
programs, and operations), the federal government, or national
security, resulting from a suspected or confirmed breach.
e. To appropriate agencies, entities, and persons when (1) the U.S.
Railroad Retirement Board suspects or has confirmed that there has been
a breach of the system of records; (2) the U.S. Railroad Retirement
Board has determined that as a result of the suspected or confirmed
breach there is a risk of harm to individuals, the U.S. Railroad
Retirement Board (including its information systems, programs, and
operations), the federal government, or national security; and (3) the
disclosure made to such agencies, entities, and persons is reasonably
necessary to assist in connection with the U.S. Railroad Retirement
Board's efforts to respond to the suspected or confirmed breach or to
prevent, minimize, or remedy such harm.
f. Disclosure may be made to the National Archives and Records
Administration or other federal government agencies for records
management inspections being conducted under the authority of 44 U.S.C.
2904 and 2906.
g. Disclosure of non-medical information in this system of records
may be made to the attorney representing such individual upon receipt
of a written letter or declaration stating the fact of representation,
if that individual would not be denied access to the information.
Medical information may be released to an attorney when such records
are requested for the purpose of contesting a determination either
administratively or judicially.
h. Identifying information and check amount may be released to the
Treasury Department to issue checks.
i. Identifying information, check number, date and amount may be
released to the U.S. Postal Service for investigation of alleged
forgery or theft of reimbursement checks.
j. To the U.S. Department of the Treasury when disclosure of the
information is relevant to review payment and award eligibility through
the Do Not Pay Working System for the purposes of identifying,
preventing, or recouping improper payments to an applicant for, or
recipient of, Federal funds, including funds disbursed by a state
(meaning a state of the United States, the District of Columbia, a
territory or possession of the United States, or a federally recognized
Indian
[[Page 56199]]
tribe) in a state-administered, federally funded program.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Paper records will be stored in file cabinets or at approved
National Archives and Records Administration records centers.
Electronic records are maintained on computer servers, computer hard
drives, electronic databases, email, and FedRAMP approved cloud
information systems.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Information from the system will be retrievable by name.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Paper: Retain at headquarters for two years then transferred to
National Archives and Records Administration (NARA), Great Lakes
Federal Records Center. The General Services Administration will
destroy the records when authorized by the Government Accountability
Office.
Electronic media: Storage drives and IBM zCloud storage:
Continually updated and permanently retained. When storage drives and
IBM zCloud storage or other electronic media are no longer serviceable,
they are sanitized in accordance with NIST guidelines.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
Paper: Maintained in areas not accessible to the public in locking
filing cabinets. Access is limited to authorized RRB employees. Offices
are locked during non-business hours. The building has 24-hour on-site
security officers, closed circuit television monitoring and intrusion
detection systems.
Electronic media: Computer, computer storage rooms and IBM zCloud
storage are restricted to authorized personnel; on-line query
safeguards include a lock/unlock password system, a terminal oriented
transaction matrix, role-based access controls and audit trail. For
computerized records electronically transmitted between headquarters
and field office locations, system securities are established in
accordance with National Institute of Standards and Technology (NIST)
guidelines, including network monitoring, defenses in-depth, incident
response and forensics. In addition to the on-line query safeguards,
they include encryption of all data transmitted and exclusive use of
leased telephone lines.
RECORD ACCESS PROCEDURES:
Under 5 U.S.C. 552a (Privacy Act of 1974), individuals have the
right to access and contest records maintained about them. To access or
amend your records, submit a written request to the Railroad Retirement
Board (RRB) with:
1. Your identifying information
2. A description of the record you wish to access
The RRB may request proof of identity. To correct a record, specify
the change and provide justification. If denied, you can submit a
statement of disagreement to be included with the record.
CONTESTING RECORD PROCEDURES:
For additional instructions, see the Record Access Procedures and
Notification Procedures sections.
NOTIFICATION PROCEDURES:
Requests for information regarding an individual's record should be
addressed in writing to the System Manager identified above, including
the full name, Social Security number and claim number of the
individual. Before information about any record will be released, the
System Manager may require the individual to provide proof of identity
or require the requester to furnish an authorization from the
individual to permit release of information.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
System of Records Notice revision from previous September 30, 2014
Federal Register notice 79 FR 58885.
[FR Doc. 2025-22054 Filed 12-4-25; 8:45 am]
BILLING CODE 7905-01-P