Unclassified.

The address of the HHS component responsible for this system of records (i.e., HRSA) is shown in the System Manager(s) section, below.

The System Manager is Executive Officer, Provider Support, HRSA, 5600 Fishers Lane, Rockville, MD, 20857, OPSInformation.hrsa@hrsa.gov.

Authorities include the following appropriations laws. Collection of participating providers’ Taxpayer Identification Numbers is required by 31 U.S.C. 7701(c).

●Uninsured Program: "The Families First Coronavirus Response Act or FFCRA (P.L. 116-127) and the Paycheck Protection Program and Health Care Enhancement Act or PPPHCEA (P.L. 116-139), which each appropriated $1 billion to reimburse providers for conducting COVID-19 testing for uninsured individuals"

●Provider Relief Fund: "The Coronavirus Aid, Relief, and Economic Security (CARES) Act (P.L. 116-136), which provided $100 billion in relief funds, including to hospitals and other health care providers on the front lines of the COVID-19 response; the Paycheck Protection Program and Health Care Enhancement Act or PPPHCEA (P.L. 116-139), which appropriated an additional $75 billion in relief funds; and the Coronavirus Response and Relief Supplemental Appropriations Act (CRRSA) (P.L. 116-260), which appropriated an additional $3 billion (collectively, the Provider Relief Fund).

●Uninsured program, continued: Within the Provider Relief Fund, a portion of the funding supports health care-related expenses attributable to COVID-19 testing for the uninsured and treatment of uninsured individuals with COVID-19. A portion of the funding is also used to reimburse providers for administering Food and Drug Administration (FDA)-authorized or licensed COVID-19 vaccines to uninsured individuals.

●Uninsured program, continued: The American Rescue Plan Act of 2021 (ARPA, P.L. 117-2), which allocated funding to reimburse providers for COVID-19 testing of the uninsured.

●ARPA Rural Payments: The American Rescue Plan Act of 2021 (ARPA, P.L. 117-2). ARPA amends the SSA. The citation to Section 1150C of ARPA can be found at 42 U.S.C. 1320b-26.

●Coverage Assistance Fund: The HRSA COVID-19 CAF is a program established by and administered by HRSA, using funds appropriated by Congress under the PRF.

Relevant agency personnel and contractors use records about individuals from this system of records on a need to know basis to administer the provider support programs, which support the resilience of the healthcare population. Such programs include:

●COVID-19 Claims Reimbursement to Health Care Providers and Facilities for Testing, Treatment and Vaccine Administration for the Uninsured (Uninsured Program).

●COVID-19 CAF Program.

●Provider Relief Fund, including the ARPA Rural payments.

Specific purposes include:

1. To obtain marketing and communication information for providers who submitted applications to make them aware of policy and funding opportunities.

2. To make payments and reimburse claims to eligible healthcare providers under the above-identified programs.

3. To assist the HHS Program Support Center (PSC), the Department of Justice (DOJ), and other government entities in the collection of program debts.

4. To respond to inquiries from providers, their attorneys or other authorized representatives, and Congressional representatives.

5.To compile and generate managerial and statistical reports.

6. To perform program administrative activities, including, but not limited to, payment tracking, monitoring a provider’s compliance with the Terms and Conditions of payment, receipt of provider reports on the use of funds, and other program requirements, and recoupment determinations.

7. To transfer information to the HHS central accounting system(s) covered by system of records 09-90-0024, HHS Financial Management System Records, maintained by the Office of the Assistant Secretary for Financial Resources, for purposes of effecting program payments and preparing and maintaining financial management and accounting documentation related to obligations and disbursements of funds (including providing required notifications to the Department of the Treasury) related to payments to, or on behalf of, healthcare providers. Information transferred to the Office of the Assistant Secretary for Financial Resources for these purposes is limited to the individual's name, address, SSN, and other information necessary for identification and processing of the payment.

The records are about these categories of individuals:

●Sole proprietor providers who submit claims under the programs mentioned above.

●Patients identified in claims and claims-related records submitted to HRSA by entity providers and sole proprietor providers.

●Sole proprietor providers who applied for or who have received payments under the programs mentioned above.

The categories of records are provider claims, claims-related records, payment applications, reports on the use of funds, and other records used by HRSA to process the claims, applications, and payments. Contents include the provider’s name, address(es), telephone number(s), and email address(es); National Provider Identifier; Taxpayer Identification Number (TIN) (which could be a Social Security Number (SSN)); CMS Credentialing Number; tax, audit, and revenue data; banking information; payment data and supporting documentation; repayment/recoupment information; claims forms (including patient-related information, such as principal diagnosis code, admitting diagnosis code, procedure codes, date(s) of service and charges); and each applicable patient’s name, control number, patient identification number; health insurance policy member identification number; gender, date of birth, zip code, state, and county.

The information in the system of records is obtained from payment applications, claims, reports on the use of funds, and other information submitted to HRSA by providers; from other HHS components; from commercial and other payers; and from any relevant federal, state, territorial, local, or tribal agencies. Other agencies and HHS components may provide information to HRSA needed to verify provider eligibility; validate provider-submitted information; determine payment distribution or claims reimbursement amounts; and approve payments and claims.

In addition to other disclosures authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(1) and (2) and (b)(4) through (11), HHS may disclose records about a subject individual (provider or patient) from this system of records to parties outside HHS as described in these routine uses, without the individual’s prior written consent:

1. To any agent or contractor (including another federal agency) engaged by HHS to assist in accomplishment of an HHS function relating to the purposes of this system of records, if the agent or contractor needs to have access to the records in order to provide the assistance. For example, HHS may disclose records consisting of a provider’s or patient’s name, SSN, TIN, mailing address, email address, or telephone number, to Department contractors and subcontractors who assist with the implementation of the above-identified programs, for the purposes of distributing funds; collecting, compiling, aggregating, analyzing, or refining records in the system of records; or improving program operations. Any agent or contractor will be required to comply with the requirements of the Privacy Act, as amended, with respect to the records, and to ensure that any subcontractors also maintain Privacy Act safeguards with respect to the records.

2. To another federal, state, or local agency about a provider who fails to return payments identified for recoupment at the direction of HHS, to ensure that the provider does not receive federal funds for which the provider is ineligible. Disclosure will be limited to the provider’s name, address, SSN, TIN, inclusion on the Do Not Pay List, and any other information necessary to identify them.

3. To another federal, state, local, territorial, or Tribal agency to contribute to the accuracy of HHS’ proper payment of health care providers’ payment requests and claims (such as to determine a provider’s eligibility for a distribution, validate a provider’s tax identification number, or confirm a patient’s uninsured status).

4. To another federal agency or an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state, local, or Tribal governmental agency) that administers, or that has the authority to investigate potential fraud or abuse in, a health care payment program funded in whole or in part by federal funds, when the disclosure is deemed reasonably necessary by HHS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

5. To a congressional office from the record of an individual in response to a written inquiry from the congressional office made at the written request of that individual. If a congressional inquiry on behalf of a patient seeks disclosure of any information about the patient’s provider which is or could be proprietary information of that provider, the congressional request must be accompanied by an authorization form signed by the provider.

6. To DOJ or to a court or other adjudicative body in litigation or other proceedings when HHS or any of its components, or any employee of HHS acting in the employee’s official capacity, or any employee of HHS acting in the employee’s individual capacity where the DOJ or HHS has agreed to represent the employee, or the United States Government, is a party to the proceedings or has an interest in the proceedings and, by careful review, HHS determines that the records are both relevant and necessary to the proceedings.

7. To representatives of the National Archives and Records Administration (NARA) during records management inspections conducted pursuant to 44 U.S.C. 2904 and 2906.

8. To appropriate agencies, entities, and persons when (1) HHS suspects or has confirmed that there has been a breach of the system of records, (2) HHS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HHS (including its information systems, programs, and operations), the federal government, or national security, and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HHS's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

9. To another federal agency or federal entity, when HHS determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the federal government, or national security, resulting from a suspected or confirmed breach.

Records are maintained in electronic database servers and backup servers.

Records are retrieved by a provider’s or patient’s name, TIN, or other identifying number.

The records are not currently scheduled, so are retained indefinitely pending scheduling with the NARA. HRSA anticipates proposing a retention period of at least 6 years to NARA for the records, for consistency with General Records Schedule 1.1, Financial Management and Reporting Records, which provides for such records to be retained for 6 years after final payment or cancellation, or longer if required for business use.

Safeguards conform to the HHS Information Security and Privacy Program, https://www.hhs.gov/ocio/securityprivacy/index.html. HHS safeguards these records in accordance with applicable laws, rules and policies, including the HHS Information Technology Security Program Handbook; the E-Government Act of 2002, which includes the Federal Information Security Management Act of 2002, 44 U.S.C. 3541-3549, as amended by the Federal Information Security Modernization act of 2014, 44 U.S.C. 3551-3558; pertinent National Institutes of Standards and Technology (NIST) publications; and OMB Circular A-130, Managing Information as a Strategic Resource. HHS protects the records from unauthorized access through appropriate administrative, physical, and technical safeguards. These safeguards include protecting the facilities where records are stored or accessed with security guards, badges and cameras; controlling access to physical locations where records are maintained and used by means of combination locks and identification badges issued only to authorized users; limiting access to electronic databases to authorized users based on roles and either two-factor authentication or password protection; using a secured operating system protected by encryption, firewalls, and intrusion detection systems; and training personnel in Privacy Act and information security requirements. After the records have been scheduled with NARA, records that are eligible for destruction will be disposed of in accordance with the applicable schedule, using secure destruction methods prescribed by NIST SP 800-88.

An individual seeking access to records about that individual in this system of records must submit a written access request to the applicable System Manager identified in the "System Manager" section of this System of Records Notice (SORN). The request must contain the requester’s full name, address, and signature. The request should also contain sufficient identifying particulars (such as, the provider’s National Provider Identifier, TIN, or patient medical record number, or the patient’s patient identifier or SSN to enable HHS to locate the requested records. So that HHS may verify the requester’s identity, the requester’s signature must be notarized or the request must include the requester’s written certification that the requester is the individual who the requester claims to be and that the requester understands that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense subject to a fine of up to $5,000.

If an access request by a patient seeks disclosure of any information about the patient’s provider which is or could be proprietary information of that provider, the request must be accompanied by a disclosure authorization form signed by the provider.

An individual seeking to amend a record about that individual in this system of records must submit an amendment request to the applicable System Manager identified in the "System Manager" section of this SORN, containing the same information required for an access request. The request must include verification of the requester’s identity in the same manner required for an access request; must reasonably identify the record and specify the information contested, the corrective action sought, and the reasons for requesting the correction; and should include supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

An individual who wishes to know if this system of records contains records about that individual should submit a notification request to the applicable System Manager identified in in the "System Manager" section of this SORN. The request must contain the same information required for an access request and must include verification of the requester’s identity in the same manner required for an access request.

None.

None.

Unclassified.

The addresses of the agency components responsible for the system of records are found in the Appendix.

The official listed in the Appendix for the Area Office that processed the particular certification application involving the subject individual as an applicant, or with respect to a board member from that Area’s Certification Board, is the relevant System Manager who the subject individual must contact to make a Privacy Act request.

The Indian Health Care Improvement Act, as amended (25 U.S.C. 1601 et seq.), and specifically 25 U.S.C. 1616l.

The records in this system of records will be used to implement the CHAP under 25 U.S.C. 1616l, including for these principal purposes:

Purposes for which records about individual providers will be used:

• To process applications for certification that are submitted by prospective, current, and former CHAP providers seeking initial or renewal Federal certification to provide community health care, behavioral health, oral health services, or other services authorized by the IHS National CHAP Certification Board to be provided in a Federal or Tribal facility operating a CHAP.

• To document the dates and certification status of CHAP providers, including changes/modifications in categories and levels of certification. An example of a category modification would be a Dental Health Aide Therapist adding a level I Behavioral Health Aide certification. An example of a change in level would be a level IV Community Health Aide becoming a Community Health Aide Practitioner.

• To secure reciprocity for CHAP providers across jurisdictions and IHS-defined geographical areas (often referred to as "Areas") by enabling the National Certification Board, in its oversight role, to ensure each Area’s education/training requirements, standards and procedures meet or exceed the National standards.

• To ensure that Federal and Tribal healthcare facilities seeking to hire current, prospective, and former Federally certified CHAP providers have access to the certification status of providers certified under 25 U.S.C. 1616l.

• To ensure that CHAP providers are qualified, competent, and capable of delivering quality healthcare consistent with the National CHAP Program Standards and Policies at large, and that the CHAP providers’ scopes of practice are in line with their competency, their training, and the ability of the facility to provide adequate support, equipment, services, and staff.

• To inform the staff of health care facilities seeking to employee CHAP providers for the purpose of assessing the providers’ professional competence, character, and fitness.

• To inform State health professional boards that have oversight of CHAP providers of information they need to carry out their legally assigned functions.

2. Purposes for which records about CHAP Certification Board members will be used:

• For board staffing and other administrative purposes and to ensure program integrity (i.e., to recruit and select individuals who are qualified to render certification decisions that maintain appropriate CHAP levels of care).

• To document each member’s membership effective dates and separations, qualifications, and decisions related to Area Certification Board recommendations to Area Directors.

IHS may also use the records for secondary purposes, such as program planning and evaluation, individual evaluation, continuous quality improvement, compiling of numbers and types of providers certified each cycle, and other purposes consistent with the authorities in 25 U.S.C. 1616l.

The records will be about these categories of individuals:

• Prospective, current, and former CHAP providers working or seeking to work in Tribal and Federal healthcare facilities and those denied certification, described in more detail as follows:

o Prospective – Those who have sought Federal certification and are awaiting a decision.

o Current – Those who have sought Federal certification and have been recommended and issued Federal certification for any level of provider approved by the National CHAP Certification Board. This includes those who may have advanced, regressed, or changed their provider type category.

o Former – Those who sought Federal certification and were recommended and issued Federal certification for any level of recognized CHAP providers but whose certification is not current.

o Individuals Denied Certification or Certification Revoked – Those who applied for certification but whose application for certification was denied or had certifications revoked.

• Individuals serving as CHAP Certification Board Members who review applications for certification/recertification and requests for decertifications to make recommendations to the respective Area Director.

The categories of records will include:

1. pplication for CHAP certification, which contains:

a. the legal name, other names/alias, and date of birth of the provider/applicant;

b. provider/applicant contact information such as mailing and email addresses, phone number, and communication preferences;

c. the names and dates of training and education programs attended, skills verification with address and contact phone number, including such programs attended as required for renewal or continuation of certification;

d. applicable employment information such as employer, employer address, work phone, work email, fax, and states where services are provided or intend to be provided; and

e. application status (e.g. complete, incomplete, provisional, approved, denied).

Additional records may include:

a. transcripts and training logs from educational/training programs;

b. documentation of previous certifications held, revoked, or denied;

c. information regarding liability insurance coverage;

d. professional performance and achievement records, such as, continuing education certificates, performance awards, adverse or disciplinary actions, and evaluations and approvals completed by employers and supervisors; and employer-validated complaints against providers;

e. records relating to the processing of and decision on applications for Federal certification and recertification or decertification; and for other relevant Federal certification and recertification or decertification actions; and

f. records related to the qualifications of Certification Board Members, including letters of nomination, letters from supervisors indicating support of or opposition to nominations, Curriculum Vitae, professional contact information, and dates of membership.

Information in the records may be provided by these sources:

• subject individual;

• CHAP Certification Boards;

• educational institutions attended;

• continuing education entities;

• internship, preceptorship, and practicum sites;

• human resource departments;

• professional associations;

• State and Tribal licensing boards;

• financial institutions from which these applicants have obtained educational loans;

• HHS contractors/subcontractors;

• PHS Commissioned Personnel Operations Division and U.S. Office of Personnel Operations Division and U.S. Office of Personnel Management personnel records;

• any HHS OPDIV or other Federal agencies maintaining records relevant to the applicant’s qualifications, such as an agency where the individual worked as an employee or contractor, or the Department of the Treasury which maintains records of individuals disqualified to receive Federal payments;

• State or local governments;

• professional boards such as the Federation of State Medical Boards or similar non-government entities; and

• third parties providing reviews concerning the subject individual.

In addition to the disclosures authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(1), (b)(2), and (b)(4) through (b)(11), these routine uses specify circumstances under which the agency may disclose information from this system of records to a non-HHS officer or employee without the consent of the subject individual. IHS will prohibit redisclosures, or may permit only certain redisclosures, as required or authorized by law. Each proposed disclosure permitted directly in the Privacy Act or under these routine uses will also be evaluated to ensure that the disclosure is legally permissible under any other applicable laws.

1. Disclosures for Evaluation of Healthcare Delivery Services. Records about applicants and certified providers may be disclosed to organizations authorized to conduct evaluation studies concerning the delivery of health care services by the IHS and HHS (e.g., Joint Commission on the Accreditation of Healthcare Organizations).

2. Disclosures to CHAP Certification Boards and Contractors to perform duties. Certification records about CHAP providers may be disclosed to CHAP Certification Boards authorized by IHS, consistent with 25 U.S.C 1616l. This includes disclosures to the non-Federal members of a CHAP Certification Board and to employees of a Tribe or Tribal organization who have a need to have access to the information in performance of their duties or activities for such boards and organizations operating under an Indian Self-Determination and Education Assistance Act (ISDEAA) agreement.

3. Disclosures for certification software vendors/contractors. Records may be disclosed to a certification software vendor performing or working on a contract for IHS and who has a need to have access to the information in the performance of its duties or activities for IHS in accordance with law and with the contract.

4. Disclosures for Evaluation or Verification of Application Data. IHS may disclose biographic data and information supplied by an applicant to (a) contacts listed on the applications and associated forms for the purpose of evaluating the applicant’s professional qualifications, personal characteristics, experience, and suitability, (b) a Federal, state, or local government health profession licensing or certification board, or (c) a health care oversight or professional monitoring organization or program (e.g., accreditation surveyors, or the National Practitioner Data Bank) for the purpose of verifying that a clinician’s claimed background and employment data are valid and all claimed credentials are current and in good standing.

5. Disclosures for Reimbursement of Care Purposes. Records about a provider’s certification status may be disclosed to Federal, state, private and third-party payers that need to know the provider’s certification status to issue reimbursements for care rendered by the provider.

6. Disclosures to OPM. Records about providers may be disclosed to the Office of Personnel Management (OPM) if the records are relevant to the individual’s application for or maintenance of Civil Service appointments.

7. Disclosures for human resource matters. Records pertaining to IHS certification decisions may be disclosed to Federal, state, local, or Tribal entities when necessary for them to address human resources matters arising from IHS certification decisions.

8. Disclosures for Compliance Monitoring. Records about a current provider or board member may be disclosed to relevant governmental agencies for the purpose of monitoring the individual’s compliance with applicable laws and standards, on an ongoing basis, to ensure that the individual remains qualified for Federal certification or to serve as a CHAP Certification Board member.

9. Disclosure to Department of Justice or in Proceedings. HHS may disclose information from this system of records to the Department of Justice (DOJ), or to a court or other tribunal, when any of the following is a party to litigation or similar proceedings or has an interest in such proceedings, and HHS determines that the proceedings are likely to affect HHS or any of its components: (a) HHS, or any component thereof; (b) any HHS employee in their official capacity; (c) any HHS employee in their individual capacity where the DOJ (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof. In order to disclose information in these circumstances, HHS must determine that the use of such records by the DOJ, the court or other tribunal is relevant and necessary to the proceedings and would help in the effective representation of the governmental party or interest.

10. Disclosures to Congressional Office. Records may be disclosed to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

11. Reporting Violations or Potential Violations of Law. In the event that a record in this system of records on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, the relevant records in this system of records may be referred to the appropriate agency, whether Federal, state, local, or Tribal, charged with enforcing or implementing the statute or rule, regulation, or order issued pursuant thereto.

12. Disclosure in the Event of a Security Breach Experienced by HHS. Records may be disclosed to appropriate agencies, entities, and persons when: (1) HHS suspects or has confirmed that there has been a breach of the system of records; (2) HHS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HHS (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HHS efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

13. Disclosure to Assist another Agency Experiencing a Security Breach. Records may be disclosed to another Federal agency or Federal entity, when HHS determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in: (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

14. Medical Quality Assurance Disclosures. Records about providers and board members may be disclosed for any purpose authorized by 25 U.S.C. 1675(d) or (e)(2). To the extent the records are protected by 25 U.S.C. 1675, the records may only be disclosed in accordance with the exceptions in 25 U.S.C. 1675(d) and (e)(2).

15. Disclosures of Certification Status. Records about current or former CHAP providers, individuals denied certification, or individuals seeking certification may be disclosed to Federal, state, local and Tribal governmental entities with authority to maintain records concerning the issuance, retention, or revocation of Federal certifications necessary to practice a health professional occupation or specialty.

16. Disclosures to the public. Information about a provider’s certification status may be made public for awareness of which providers are currently in good standing as CHAP providers, or to share how many providers are certified to help determine the need for more providers or training facilities based on clinical need, and would be limited to information that would be required to be disclosed to the public under the Freedom of Information Act.

The records will be stored in file folders and computer-based electronic files on the secure IHS network indexed by name and record number in accordance with current IHS policy.

The records will be retrieved by the subject individual’s name or certification number (for current and former CHAP providers) and any other identifying numbers necessary to ensure that the records retrieved are about the intended individual.

Upon approval of a disposition schedule by the National Archives and Records Administration (NARA), the records will be disposed of when eligible for destruction under the schedule, if the records are no longer needed for administrative, audit, legal, or operational purposes. While the records are unscheduled, they must be retained indefinitely. Note that CHAP is an expansion of the use of CHAP providers throughout the IHS health system, and only the Alaska CHAP maintains historical and archived records.

The records will be protected from unauthorized access by the following safeguards. All safeguards will conform to applicable laws, rules, and policies, including the HHS Information Security and Privacy Program, https://www.hhs.gov/ocio/securityprivacy/, the E-Government Act of 2002, as amended (44 U.S.C. ch. 35), pertinent National Institutes of Standards and Technology (NIST) publications, and OMB Circular A-130, Managing Information as a Strategic Resource.

Authorized Users: Access will be limited to authorized users who (1) have a need for such records in the performance of their official duties and (2) are advised of the confidentiality of the records and the civil and criminal penalties for misuse. Particularly as the IHS transitions to an electronic records system, authorized users may include individuals and entities outside of HHS who are given certain access for purposes of facilitating specific disclosures authorized under the Privacy Act, including the routine uses described above. For example, authorized users may include: National Certification Board members, Area Certification Board members, IHS Area Offices, Office of Clinical and Preventive Services CHAP staff, clinical supervision staff and additional IHS or Tribal staff with oversight responsibilities related to CHAP providers within an Indian Health Program, as defined in 25 U.S.C. 1603(12).

At each location where records in this system will be maintained, a list of users or categories of users having an official need-to-know has been developed and is maintained.

Physical Safeguards: Paper records will be kept in locked metal filing cabinets or in locked desk drawers in secured rooms at all times when not actually in use during working hours and at all times during non-working hours. Record storage areas, including file cabinets and desks, are not left unattended or unlocked during office hours, including lunch hours.

Administrative Safeguards: Only persons who have an official need-to-know will be entrusted with records from this system of records, and they will be instructed to safeguard the confidentiality of the records and to destroy all copies or to return such records when the need to know has ended. Instructions will include the statutory penalties for noncompliance. Proper charge-out procedures will be followed for the removal of records from the area in which they are maintained. Authorized users will receive privacy and security training before record access is granted and annually thereafter. When copying records for authorized purposes, employees are instructed to ensure that any imperfect pages are not left in the reproduction room where they can be read but are destroyed or obliterated. Area Privacy Coordinators have routine access for monitoring compliance with privacy regulations.

Technical Safeguards: Records in the electronic system will be secured by encryption and intrusion detection systems. Access to electronic records will be controlled by user name and password.

To request access to records about you in this system of records, submit a written access request addressed to the relevant System Manager (see the Appendix and the "System Manager(s)" section of this SORN). The request must:

• Reasonably describe the records sought.

• Include (as applicable) the name of the IHS Service Unit relevant to your certification application, or the name of the Area Certification Board on which you served, and pertinent dates.

• Include (for contact purposes and identity verification purposes) your full name, current address, telephone number and/or email address, date and place of birth, signature, evidence of other names used (if seeking records retrieved by a name other than your current name), and, if needed by the agency, sufficient particulars contained in the records (such as, record number or other identifying numbers) to enable the agency to locate the records and distinguish between records on subject individuals with the same name.

In addition, to verify your identity, your signature on the request must be notarized or the request must include, above your signature, your written certification that you are the individual who you claim to be and that you understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense subject to a fine of up to $5,000.

In your written request, you may request that copies of the records be sent to you or include your signed, written consent directing that the records be sent to a third party, or you may request an appointment to review the records in person (including with a person of your choosing, if you provide written authorization for agency personnel to discuss the records in that person’s presence). If you make an appointment to review the records in person, you must bring at least one piece of tangible identification, such as a driver’s license or passport, to the appointment. You may also request an accounting of disclosures that have been made of records about you, if any. Requests by telephone will not be accepted.

To the extent the records are Medical Quality Assurance records protected by 25 U.S.C. 1675, the records may be disclosed only in accordance with the exceptions in 25 U.S.C. 1675(d) and (e)(2), because the Privacy Act right of access provisions are superseded by the confidentiality provisions protecting Medical Quality Assurance Records. Accordingly, Medical Quality Assurance Records will only be released pursuant to the Privacy Act when the Agency has decided to release the records in accordance with 25 U.S.C. 1675(d) or (e)(2).

To request correction of a record about you in this system of records, submit a written request to the relevant System Manager (see the Appendix and the "System Manager(s)" section of this SORN). The request must contain the same information required for an access request and include verification of your identity in the same manner required for an access request. In addition, the request must reasonably identify the record, specify the information contested, and state the corrective action sought and the reasons for requesting the correction. The request should include supporting information to show how the record is factually inaccurate, incomplete, untimely, or irrelevant. The right to contest records is limited to information that is factually inaccurate, incomplete, untimely (obsolete), or irrelevant.

To find out if the system of records contains a record about you, submit a written notification request to the relevant System Manager (see the Appendix and the "System Manager(s)"section of this SORN). The request must identify this system of records, contain the same information required for an access request, and include verification of identity in the same manner required for an access request.

None.

None.

Agency Management Information System/Grants (AMIS/GRANTS and CONTRACTS), HHA/AHRQ/OPART.

The "Agency Management Information System/Grants and Contracts (AMIS/GRANTS and CONTRACTS), HHS/AHRQ/OM" was previously named the "Agency for Healthcare Research and Quality, Grants Information and Tracking System with Contracts Component (GIAnT)]

None.

Agency for Healthcare Research and Quality, Office of Performance, Accountability, Resources and Technology, 540 Gaither Road, Rockville, Maryland 20850

Program Support Center, Office of Management, Division of Acquisition Management, Parklawn Building, Room 5C-10, 5600 Fishers Lane, Rockville, Maryland 20857.

For a list of contractors, please write to the system manager at the address listed below.

Inactive records will be stored at: Washington National Records Center, 4205 Suitland Road, Suitland, Maryland 20746-8001.

This system contains the names of research training and career development grant applicants and principal investigators, research training grant program directors, and research fellowship recipients; peer and other special reviewers; grant and contract project directors and other key personnel.

Research grant, research training grant, research career development, research fellowship, and contract files, including applications, proposals, award notices, and summary comments of peer reviewers.

AHRQ grants and contract administration authorities in Title IX of the Public Health Service (PHS) Act (42 U.S.C. 299-299c -6); Sec. 1142 of the Social Security Act (42 U.S.C. 1320b-12) and Sec. 487 PHS Act (42 U.S.C. 288) (National Research Service Awards).

The information in this system is used to facilitate day-to-day grants and contracts management operations and for purposes of review, analysis, planning and policy formulation by AHRQ staff members and by other components of DHHS which conduct research. AHRQ also may refer these records to the appropriate office in the Department for the purpose of monitoring payback; if necessary, debt collection; and investigation of alleged scientific misconduct.

1. Disclosure may be made to a congressional office from the records of an individual in response to an inquiry from the congressional office made at the request of the individual.

2. The Department may disclose information from this system of records to the Department of Justice, to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, 5 where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal, is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose of which the records were collected.

3. AHRQ may disclose information about an individual grant or contract application or fellowship applicant to credit reporting agencies to obtain a credit report in order to determine his/her credit worthiness.

4. Limited disclosures, pursuant to 5 U.S.C. 552a(b)(12), may be made from this system to "consumer reporting agencies" as defined in the Fair Credit Reporting Act (15 U.S.C. 1681ff.) or the Federal Claims Collection Act of 1966 (31 U.S.C. 3701(a)(3)) after the procedural prerequisites of 31 U.S.C. 3711 have been followed. The purpose of such disclosures is to aid in the collection of outstanding debts owed to the Federal Government, i.e., providing an incentive for delinquent debtors to pay the Government.

5. Disclosure may be made to the National Technical Information Service (NTIS), U.S. Department of Commerce, to contribute to the Smithsonian Science Information Exchange, for dissemination of scientific and fiscal information on funded awards (abstracts and relevant administrative and financial data.)

6. Disclosure may be made to qualified experts, not within the definition of Department employees, for opinions, as a part of the grant application or contract proposal review process.

7. Disclosure may be made to an AHRQ grantee or contractor for the purposes of (a) carrying out research, or (b) providing services relating to grant review, or for carrying out quality assessment, program evaluation, and/or management reviews. They will be required by written agreement to maintain Privacy Act safeguards with respect to such records.

8. Disclosure may be made to a Federal Agency, in response to its request, in connection with the hiring or retention of an employee, the issuance of security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit of the requesting agency, to the extent that the record is relevant and necessary to the requesting agency's decision on the matter.

9. Where Federal agencies having power to subpoena other Federal agencies' records, such as the Internal Revenue Service or the Civil Rights Commission, issue a subpoena to the Department for records in this system of records, the Department will make such records available.

10. Disclosure may be made to the cognizant Audit Agency for auditing.

11. In the event that a system of records maintained by the Department indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by statute or by regulation, rule or order issued pursuant thereto, the relevant records in the system of records may be referred for purposes of litigation, as a routine use, to the appropriate agency, whether Federal (e.g., the Department of Justice), or State (e.g., the State's Attorney General's Office) charged with the responsibility of investigating or processing such violation or charged with enforcing or implementing the statute or rule, regulation or order issued pursuant thereto.

12. Disclosure may be made to the grant/contractor institution in connection with performance or administration under the terms and condition of the award, or in connection with problems that might arise in performance or administration if an award is made on a grant/contract proposal.

Storage:

Records are stored on hard disks with magnetic tape backup as well as in manual files (file folders).

Electronic records are retrievable by key data fields such as investigator name, application, grant or contract number. Paper records are retrievable by name of principal investigator and/or grant/contract number.

1. Authorized users: All AHRQ staff working with grants or contracts have access to the system. Level of access is determined by individual need-to-know and electronic records are controlled by password access. Levels of access will be determined and granted by the System Manager. Only staff members of the Grants Management and Contracts Management have regular access to their Division's paper grant and contract files. Limited access to official grant and contract files is granted to other AHRQ and DHHS staff with need-to-know about AHRQ research projects, only with authorization of the responsible System Manager.

2. Physical safeguards: File servers and database servers are maintained in areas secured by combination lock. Data is backed up from hard drive to magnetic tape daily. Paper records are secured in locked file cabinets. All file cabinets and computer equipment are maintained under general Agency and building security.

3. Procedural safeguards: Access to electronic records by non-AHRQ personnel is through the Systems Manager only. DHHS staff may inspect AHRQ grant and contract records on a need-to-know basis only, with the approval of the responsible System Manager. Visitors are not left unattended in the office containing the files. Grant and contract records are either transmitted in sealed envelopes are hand-carried.

4. Technical safeguards: Initial electronic access is through the AHRQ local area network which is controlled by password. Subsequent levels of security exist for access to the Agency Management Information System/Grants and Contracts (AMIS/GRANTS and CONTRACTS) system itself and, within the system, individual users are granted appropriate levels of access (read only, read/write) depending upon individual need. Levels of access are granted by the System Manager.

The complete paper applications and proposals of unfunded grants and contracts will be retired to the Federal Records Retention Center approximately one year after grant or contract closeout date and subsequently disposed of in accordance with the records retention schedule. Paper records of funded grant applications and contracts and their respective files are retained at AHRQ for one year beyond the termination date of the grant or until after the final report is received, whichever is sooner. They are then retired to the Federal Records Center and disposed of twelve years after final payment in accordance with the National Archives and Records Administration General Records Schedule. The pertinent records retention control schedule may be obtained by writing a System Manager at the following address:

For administrative information: AMIS/GRANTS and CONTRACTS Policy-Coordinating Official/Administrator, 301-427-1439-- (Information Technology Help Desk).

For grants information: Grants Management Officer, 301-427-1447.

For contracts information: Contracts Management Officer, 301-427-1780.

All System Managers are located at the following address: Office of Performance, Accountability, Resources and Technology, 540 Gaither Road, Rockville, Maryland 20850.

To determine if a record exists, write to the System Manager at the above address. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be. The requester should specify name or number of grant/contract. The requester must also sign a statement indicating an understanding that the knowing and willful request for acquisition of information from a protected record pertaining to an individual under false pretenses is a criminal offense under the Act, punishable by a five thousand dollar fine.

Same as notification procedures. Requester should also reasonably specify the record contents being sought. Positive identification of the requester as above is required. Subject individuals may also request an accounting of disclosures that have been made of their record, if any.

Contact the official at the address specified under the System Manager subheading above and reasonably identify the record, specify the information being contested, and state the corrective action sought and reason(s) for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Grant applications, contractor project directors, reports and correspondence from the research community, and statements from grant review committees; consumer reporting agencies; DHHS System of Records 09-25-0036, Extramural Awards: IMPAC (Grant/Contract/Cooperative Agreement Information), HHS/NIH/DRG.

No.

None.

Center for Financing, Access, and Cost Trends, AHRQ, 540 Gaither Road, Rockville, MD 20850.

(1) Individuals and members of households selected by probability sampling techniques to be representative of the civilian non- institutionalized population of the United States; health care providers, staff responding on behalf of health insurers and the employers of members of sampled households; (2) residents and next-of-kin of such residents of nursing and personal care homes, selected by probability sampling techniques to be representative of residents of such homes, and facilities and the staff responding on behalf of such facilities.

Records containing information on: (1) The incidence of illness and accidental injuries, prevalence of diseases and impairments, the extent of disability, the use, expenditures and sources of payment for health care services, and other characteristics of individuals obtained in household interviews (demographic and socioeconomic characteristics such as age, marital status, education, occupation and family income) and the names, telephone numbers and addresses of the responding staffs of health care providers, health insurers, and employers; (2) the utilization of long-term care, nursing home care, care in personal care homes through data on residents (demographic and social characteristics, health status and charges and sources of payment for care); through data facility characteristics (general characteristics, certification, services offered and corresponding expenses), and through data on next-of-kin or representative of residents (demographic and social characteristics, health status, and expenditures for health care of residents); and (3) Medicare claims records of members of sampled households and of sampled residents of nursing and personal care homes.

Section 913 and 306 of the Public Health Service (PHS) Act (42 U.S.C. 299b-2 and 242k(b)). Sections 924(c) and 308(d) of the PHS Act (42 U.S.C. 299c-3(c) and 242m(d)) provide authority for protecting restrictions on identifiable information about individuals.

The data are used in aggregated form for statistical and health services research purposes respecting analysis and evaluation of health care costs, and the accessibility, planning, organization, distribution, technology, utilization quality, and financing of health services and systems.

The Department has contracted with private firms for the purpose of collecting, analyzing, aggregating, or otherwise refining records in this system. Relevant records are collected by and/or disclosed to such contractors. The contractors are required to maintain Privacy Act safeguards with respect to such records.

Storage:

File folders, magnetic tapes, CD ROM and secure network servers.

Information can be retrieved by respondent name and address. However, this information is not stored in routinely used analytic files.

AHRQ and its contractors implement personnel, physical, and procedural safeguards as follows:

1. Authorized Users: Access is limited to persons authorized and needing to use the records, including project directors, contract officers, interviewers, health care researchers and analysts, statisticians, statistical clerks and data entry staff on the staffs of AHRQ and the MEPS contractors.

2. Physical safeguards: The hard-copy records are stored in locked safes, locked files, and locked offices when not in use. Computer terminals used to process identifiable data are located in secured areas and are accessible only to authorized users. Automated back-up files are stored in locked, fire proof safes.

3. Procedural safeguards: All employees of AHRQ and contractor personnel with access to AHRQ records are required, as a condition of employment, to sign an affidavit, acknowledging AHRQ's confidentiality statute and penalty provision and binding themselves to nondisclosure of individually identifiable information. Periodic training sessions are conducted to reinforce the statutorily-based confidentiality restrictions. Actual identifiers are maintained in separate files linked only if there is specific need as authorized by the System Manager. Data stored in computers both at AHRQ and the contractor sites are accessed through the use of passwords/keywords unique to each user and changed at least every 45 days. An automated audit trail will be maintained. Contractors who maintain records in this system are instructed to make no further disclosure of the records other than those requested by AHRQ/CFACT. Privacy Act requirements and the restrictions of 42 U.S.C 242m(d) are specifically included in contracts for survey, research and data processing activities related to this system. The DHHS project directors, contract officers and project officers oversee compliance with these confidentially and security requirements.

4. These safeguards are in accordance with chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary chapter PHS hf. 45-13; Part 6, "ADP Systems Security," of the HHS ADP Systems Manual, and the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31).

Hard-copy records will be burned or shredded following verification that such data were correctly entered into a machine readable format.

Director, Division of Survey Operations, CFACT/AHRQ, 540 Gaither Road, Rockville, MD. 20850

To determine if a record exists, write to the System Manager, giving your full name and address.

The system is exempt from the requirements of the Privacy Act; however, a subject individual may be granted access to his/her records at the System's Manager's discretion. Positive identification is required from anyone seeking such access.

If access has been granted and some information is being contested, contact the System Manager and reasonably identify the record, specify the contested information, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Respondents in the survey samples including: members of households, physicians, hospitals, health insurers, employers, staff of nursing and personal care homes, the next-of-kin of residents of such homes and facilities, and Systems 09-70-0005, Medicare Bill File (Statistics), HHS/HCFA/BDMS.

With respect to this system of records, exemption has been granted from the requirements contained in subsections 552a(c)(3), (d)(1) through (4) and (e)(4)(G) and (H), in accordance with the provisions of subsection 552a(k)(4) of the Privacy Act of 1974. This system has been exempted because it contains only records which are required by statute to be maintained and used solely as statistical records.

None.

Division of Health Studies, Agency for Toxic Substances and Disease Registry (ATSDR), Coordinating Center for Environmental Health and Injury Prevention (CCEHIP), 4770 Buford Highway, Building 106, Atlanta, GA 30341,

Division of Health Assessment and Consultation, ATSDR, CCEHIP, 4770 Buford Highway, Building 106, Atlanta, GA 30341,

Division of Regional Operations, ATSDR, CCEHIP, 4770 Buford Highway, Building 106, Atlanta, GA 30341,

Division of Toxicology and Environmental Medicine, ATSDR, CCEHIP, 4770 Buford Highway, Building 106, Atlanta, GA 30341-3724; and

Federal Records Center, 4712 Southpark Blvd., Ellenwood, GA 30294. Data are also located at contractor sites. A list of contractor sites where individually identified data are currently located is available upon request to the system manager.

Individuals exposed or potentially exposed to toxic or hazardous substances may include the following: (1) Selected persons living or having lived near a hazardous waste site, including facilities owned or operated by the United States; (2) persons exposed or potentially exposed to environmental hazards resulting from exposure to contaminated water, soil, air, or biota; (3) participants in health outcome studies (including exposure studies, symptom and disease prevalence studies, cluster investigations), and epidemiologic studies to determine the public health threat of exposure to hazardous or toxic substances; (4) registry participants with exposures associated with specific chemicals; (5) participants from sites of emergency activities, and other sites that are the subject of a citizen's petition; (6) persons working or having worked in response actions at hazardous waste sites or other occupational settings where exposure to hazardous substances occurred. The first five categories of persons above may include children as well as adults.

Name, address, (including length of time at current address), telephone number, date of birth, Social Security number, sex, current and past occupations, dates, pathways and routes of toxic or hazardous substance exposure or potential exposure, environmental sampling data, smoking history, results of medical and laboratory tests, records on biological specimens (e.g. blood, urine, etc.), and related documents such as questionnaire responses. The specific type of records collected and maintained is determined by the needs of the individual registry or study.

"Comprehensive Environmental Response, Compensation, and Liability Act of 1980" as amended by "Superfund Amendments and Reauthorization Act of 1986" (42 U.S.C. 9601, 9604); and the "Resource Conservation and Recovery Act of 1976" as amended in 1984 (42 U.S.C. 6901).

Records in this system are used to carry out the legislated environmental public health mandates of the Agency for Toxic Substances and Disease Registry (ATSDR). Specifically this information is used to: (1) Identify the public health threat caused by exposure to toxic and hazardous substances utilizing health outcome studies, epidemiologic studies, exposure investigations, and other health effects studies; and (2) establish and maintain national registries of persons exposed to toxic substances and persons with serious diseases and illnesses associated or potentially associated with exposure to toxic substances. Registries will have the additional purposes of tracking exposed individuals, keeping them informed of health effects of exposure, preventive measures and possible breakthroughs in treatment, along with serving as a centralized location for research data on these exposed individuals.

Records may be disclosed to the National Center for Environmental Health, CCEHIP, and Centers for Disease Control and Prevention (CDC), for laboratory analysis of samples and for collaborative efforts (i.e., providing staff, performing statistical analysis, etc.) in coordinating investigations.

Records (i.e., name, Social Security number, date of birth) may be disclosed to the National Center for Health Statistics, CDC to obtain a determination of vital status. Death certificates with the cause of death will then be obtained from Federal, State, or local agencies to enable ATSDR to: (1) Determine whether excess mortality is occurring among individuals exposed to toxic or hazardous substances; and (2) notify similarly exposed persons.

Records may be disclosed to Department of Health and Human Services contractors to locate individuals exposed or potentially exposed to toxic or hazardous substances (e.g., in the establishment of the National Exposure Registry), conduct interviews, perform medical examinations, collect and analyze biological specimens, evaluate and interpret data, and perform follow up health investigations so that the research purposes for which the records are collected may be accomplished. The contractor must comply with the requirements of the Privacy Act with respect to such records.

Records may be disclosed to Federal agencies such as the Environmental Protection Agency (EPA), State and local health departments, and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with exposures to hazardous or toxic substances, and to satisfy mandatory reporting requirements when applicable.

Records (i.e., name, Social Security number) may be disclosed to other Federal agencies and to missing person location agencies to obtain information to aid in locating individuals involved in these studies.

Records may be disclosed for a research purpose, when the Department:

(A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identified form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; and (D) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

Disclosures may be made to a congressional office from the records of an individual, in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation initiated by EPA in collaboration with ATSDR, ATSDR may disclose such records as it deems desirable or necessary to the Department of Justice to enable the Department to effectively represent ATSDR. The types of litigative proceedings that ATSDR may request include the recovery of expenses incurred in cleanup operations at Superfund or Resource Conservation and Recovery Act sites, including program and staff costs.

In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claims, if successful, are likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be provided to the Social Security Administration by ATSDR, for the purpose of locating or tracking individuals, to accomplish the research or program purpose for which the records were collected.

Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders, computer tapes and disks (hard and floppy), CD-ROMs.

By name or Social Security number.

The following special safeguards are provided to protect the records from inadvertent disclosure:

Authorized Users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access to records is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of ATSDR or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected. A list of authorized users will be maintained by the system manager.

Physical Safeguards: Questionnaires, log books, and other source data are maintained in locked cabinets in locked rooms, and security guard service in buildings provide personnel screening of visitors. Access to the CDC Clifton Road facility where the mainframe computer is located (ATSDR utilizes the CDC mainframe computer) is controlled by a cardkey system. Access to the computer room is controlled by a cardkey and security code (numeric keypad) system. The local fire department is located directly next door to the Clifton Road facility. The computer room is protected by an automatic sprinkler system, numerous automatic sensors (e.g., water, heat, smoke, etc.) are installed, and a proper mix of portable fire extinguishers is located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fireproof safe. Computer workstations, lockable personal computers, and automated records are located in secured areas.

Procedural Safeguards: Protection for computerized records both on the mainframe and the ATSDR Local Area Network (LAN) includes programmed verification of valid user identification code and password prior to logging on to the system, mandatory password changes, limited log-ins, virus protection, and user rights/file attribute restrictions. Password protection imposes user name and password log-in requirements to prevent unauthorized access. Each user name is assigned limited access rights to files and directories at varying levels to control file sharing. There are routine daily backup procedures and secure off-site storage is available for backup files.

Knowledge of individual tape passwords is required to access tapes, and access to systems is limited to users obtaining prior supervisory approval. When Privacy Act tapes are scratched, a special "an additional procedure" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. When possible, a backup copy of data is stored at an offsite location and a log kept of all changes to each file and all persons reviewing the file. Selected safeguards will be applicable to specific elements of the system, as appropriate. Additional safeguards may also be built into the program by the system analyst as warranted by the sensitivity of the specific data set.

ATSDR and contractor employees who maintain records are instructed in specific procedures to protect the security of records, and are to check with the system manager prior to making disclosure of data. When individually identified data are being used in a room, admittance at either ATSDR or contractor sites is restricted to specifically authorized personnel.

Appropriate Privacy Act provisions are included in contracts, and the ATSDR Project Director, contract officers, and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to ATSDR or destroyed, as specified by the contract.

Implementation Guidelines: The safeguards outlined above are in accordance with the HHS Information Security Program Policy and FIPS Pub 200, "Minimum Security Requirements for Federal Information and Information Systems." Data maintained on CDC's Mainframe and the ATSDR LAN are in compliance with OMB Circular A-130, Appendix III. Security is provided for information collection, processing, transmission, storage, and dissemination in general support systems and major applications.

Records are retained and disposed of in accordance with the ATSDR Comprehensive Records Control Schedule (B-371). Current procedures allow the system manager to keep the records for 20 years unless needed for further study. Registry records will be actively maintained as long as funding is provided for by legislation. Retention periods vary depending on the type of record. Source documents for computer tapes or disks are disposed of when no longer needed in the study as determined by the system manager, and as provided in the signed consent form, as appropriate.

Records may be transferred to a Federal Records Center for storage when no longer needed for evaluation or analysis. Disposal methods include the paper recycling process, burning or shredding hard copy records, and erasing computer tapes and disks.

Director, Division of Health Studies, Chamblee Bldg 106, Rm 3007, MS F57, ATSDR, CCEHIP, 4770 Buford Highway, Atlanta, GA 30341.

Director, Division of Health Assessment and Consultation, Chamblee Bldg 106, Rm 5007, MS F59, ATSDR, CCEHIP, 4770 Buford Highway, Atlanta, GA 30341.

Director, Division of Regional Operations, Chamblee Bldg 106, Rm 4112, MS F58, ATSDR, CCEHIP, 4770 Buford Highway, Atlanta, GA 30341.

Director, Division of Toxicology and Environmental Medicine, Chamblee Bldg. 101, Rm. 3118, MS F29, ATSDR, CCEHIP, 4770 Buford Highway, Atlanta, GA 30341-3724.

An individual may learn if a record exists about himself or herself by contacting the appropriate system manager at the above address. Persons who knowingly and willfully request or acquire a record pertaining to an individual under false pretenses are subject to criminal prosecution. Requesters in person must provide photo identification (such as driver's license) or other positive identification that would authenticate the identity of the individual making the request. Individuals who do not appear in person must submit a request which has been notarized to verify their identity. A parent or guardian who requests notification of, or access to, a minor's medical record must provide a birth certificate (or notarized copy), court order, or other competent evidence of guardianship. An individual who requests notification of or access to, a medical record shall at the time the request is made, designate in writing a responsible representative (who may be a physician, other health professional, or other responsible individual) who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

In addition, the following information should be provided when requesting notification: (1) Full name and Social Security number; and (2) nature of the study, or probable exposure or disease subregistry which might include the requester.

Same as the notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the system manager at the address specified above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Subject individuals, families of deceased individuals, concerned citizens associated with a particular site, State and local health departments, physicians' records, hospital records, Social Security Administration, Environmental Protection Agency and other agencies responsible for environmental public health.

None.

None.

Division of Respiratory Disease Studie , National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, MS 217, Morgantown, WV 26505-2845.

Data are also located at contractor sites as studies are developed, data collected, and reports written. A list of contractor sites where individually identified data are currently located is available upon request to the system manager.

Physicians who have been taken the test to be certified to interpret X-rays under the Federal Mine Health and Safety Act of 1977. Records are also maintained on physicians who have attempted to obtain certification, but did not qualify.

Certification qualifications of physicians.

Federal Mine Health and Safety Act of 1977, Section 501, "Research" (30 U.S.C. 951).

The main purpose is to certify physicians as qualify to interpret X-rays using the ILO system of classification for pneumoconiosis.

1. Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice or to a court or other tribunal, when: (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

3. Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

4. In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigative proceedings that NIOSH is authorized to request are: (1) Enforcement of a subpoena issued to an employer to provide relevant information; or (2) contempt citation against an employer for failure to comply with a warrant obtained by the Institute.

5. Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders, microcomputer files, Computer tapes/disks and printouts, microfilm.

Name and/or social security number, supplied on a voluntary basis are the indices used to retrieve records.

1. Authorized Users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC) or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, 24-hour guard service in buildings, personnel screening and escorting of visitors, a limited access, secured computer room with fire extinguishers and overhead sprinkler system, computer terminals and automated records located in secured areas.

3. Procedural safeguards: Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, and frequently changed passwords. Knowledge of individual tape passwords is required to access tapes, and access to systems is limited to users obtaining prior supervisory approval. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31).

Records are retained indefinitely. Disposal methods include erasing computer tapes, burning or shredding printouts or transferring records to the Federal Records Center.

Administrative Officer, Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, MS 217, Morgantown, WV 26505-2845.

Chief, Examinations Processing Branch, DRDS, NIOSH, Receiving Center, Post Office Box 4258, MS 122, Morgantown, WV 26504-4258.

Policy coordination is provided by: Director, Division of Respiratory Disease Studies, National Institute for Occupational Safety and Health, 1095, Willowdale Road, MS 220, Morgantown, WV 26505-2845,

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained directly from the individual or his/her designee.

None.

51 FR 42449, 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 67080 12/28/94; 76 FR 4435 1/25/11

None.

Division of Research Grants, National Institutes of Health, Westbard Bldg., Westbard Avenue, Bethesda, MD 20014.

Grants Management Office, Procurement and Grants Office, Rm. 300, Buckhead Bldg., Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Office of Extramural Coordination and Special Projects, National Institute for Occupational Safety and Health (NIOSH), Bldg. 1, Rm. 3053, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Division of Training and Manpower Development, Division of Biomedical and Behavioral Science, Division of Physical Sciences and Engineering, and Division of Surveillance, Hazard Evaluations, and Field Studies, NIOSH, 4676 Columbia Parkway, Cincinnati, OH 45226.

Division of Respiratory Disease Studies and Division of Safety Research, NIOSH, 1095 Willowdale Road, Morgantown, WV 26505-2845.

Federal Records Center, 4205 Suitland Road, Suitland, MD 20409, and 1557 St. Joseph Avenue, East Point, GA 30344.

A list of contractor sites where individually identified data are currently located is available upon request to the system manager.

Data are also occasionally located at grantee sites as studies are developed, data collected, and reports written. A list of grantee sites where individually identified data are currently located is available upon request to the system manager.

Applicants for occupational safety and health research and demonstration grants, and training grants.

Draft and final grant application and review history, awards, financial records and progress reports and related correspondence.

Occupational Safety and Health Act, Section 20, "Research and Related Activities" and Section 21, `Training and Employee Education" (29 U.S.C. 669, 670).

The purpose of this system is to review grant applications for research and training and to administer funded grants. This information is provided to the National Institutes of Health and to components of the Centers for Disease Control (CDC) including NIOSH for review.

1. Referrals may be made of assignments of research investigators and project monitors on specific research projects to the National Technical Information Service (NTIS), Depart of Commerce, to contribute to the Smithsonian Science Information Exchange.

2. To the cognizant audit agency for auditing.

3. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice or to a court or other tribunal, when: (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

4. Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

5. To qualified experts not within the definition of Department employees as prescribed in Department regulations for opinions as a part of the application review process.

6. To a Federal agency, in response to its request, in connection with the letting of a contract, or the issuance of a license, grant, cooperative agreement, or other benefit by the requesting agency, to the extent that the record is relevant and necessary to the requesting agency's decision on the matter.

7. To individuals and organizations deemed qualified by PHS to carry out specific research related to the review and award processes of PHS.

8. To the grantee institution relative to performance or administration under the terms and conditions of the award.

9. Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

10. To appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

5x8 cards, computer tapes/discs and printouts, notebooks, and file folders.

Name is the index used to retrieve information.

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Records are kept in locked cabinets in locked rooms. Guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with system manager prior to making disclosures of data.

4. Implementation guidelines: HHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Mangement Regulations, subchapter B--Archives and Records.

Approved and funded applications are kept for one year beyond closeout, and then sent to the Federal Records Center (FRC) for 10 years, after which time they are destroyed. Unsuccessful applications are retained for up to 2 years at the agency, and then sent to the FRC for 10 years. Draft applications are kept for one year or until an official application is received (at which time the draft is destroyed). Disposal methods include the paper recycling process, burning or shredding paper materials, and erasing computer tapes.

Grants Management Officer, Procurement and Grants Office, Buckhead Bldg., Rm. 300, MS E09, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Associate Director for Extramural Programs, NIOSH, Bldg. 1, Rm. 3053, MS D30, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Policy coordination is provided by: Associate Director for Management and Operations, Bldg. 1, Rm. 2011, MS D15, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the appropriate system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identify or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained directly from the individual.

None.

51 FR 42449 11/24/86; 53 FR 47345 11/22/88; 54 FR 47904 11/17/89; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 67080 12/28/94; 76 FR 4436 1/25/11

None.

Division of Tuberculosis Elimination, National Center for Prevention Services, Corporate Square, Bldg. 10, Room 2208, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333 and Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

A list of contractor sites where individually identified data are currently located is available upon request to the system manager.

Adults and children with tuberculosis or other mycobacterial diseases having been or currently being treated or observed by a limited number of participating local or county health departments, clinics, and hospitals (from 1959 until the present time), including those individuals in selected areas receiving isoniazid therapy or BCG vaccinations, and patients for whom routine tuberculosis treatment is ineffective. Also included are contacts to tuberculosis patients, adults with inactive tuberculosis, and controls.

Abstracts of medical data pertaining to clinical trials, including medical history, skin tests, physical examinations, laboratory test results, X-ray results, medications prescribed, smoking habits, etc.

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

To determine the effectiveness and safety of a variety of treatments and preventive measures for tuberculosis and other mycobacterial diseases, to determine the best measures against drug resistant tuberculosis, and to monitor incidence of complications among individuals who have received preventive therapy, including isoniazid.

Records may be disclosed to health departments and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with diseases and conditions of public health significance.

Records may be disclosed to health departments and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with diseases and conditions of public health significance.

A record may be disclosed for a research purpose, when the Department:

(A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained;

(B) Has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring;

(C) Has required the recipient to: (1) Establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law;

(D) Has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

The Department is under contract with private firms for the purpose of collating, analyzing, aggregating or otherwise refining records in this system. Relevant records are maintained by the contractors. The contractors are required to maintain Privacy Act safeguards with respect to such records. Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Cards, file folders, computer tapes/disks and printouts.

Records are retrieved by the participant's name and/or study I.D. number.

1. Authorized users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a card key system. Access to the computer room is controlled by a card key and security code (numeric keypad) system. Access to the data entry area is also controlled by a card key system. The hard copy records are kept in locked cabinets in locked rooms. The local fire department is located directly across the street from the Clifton Road buildings. The computer room is protected by an automatic sprinkler system, automatic sensors (e.g., water, heat, smoke, etc.) are installed, and portable fire extinguishers are located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fire proof safe. The 24-hour guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in effect at the Federal Records Center.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. When Privacy Act tapes are erased, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for five years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, Division of Tuberculosis Elimination, National Center for Prevention Services, Corporate Square, Bldg. 10, Rm. 10, MS E10, Centers for Disease Control and Prevention, l600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals, state and local health departments, hospitals, laboratories, clinics, and family members of study participants.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4438 1/25/11;

None.

Division of Tuberculosis Elimination, National Center for Prevention Services, Corporate Square, ldg. 10, Rm. 2208, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333 and

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Study participants include patients, clientele, and employees of local and county health departments, hospitals, and other institutions currently observing and/or treating cases of tuberculosis and other mycobacterial diseases. Participants include adults and children.

Medical records.

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

To study the diagnostic value of tests used to identify persons infected with M. tuberculosis or sensitized by other mycobacteria. These records may also be used by the Food and Drug Administration in conducting research related to Investigational New Drugs (IND).

Test results will be returned to the collaborating physician or responsible hospital official.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Cards, file folders, computer tapes/disks and printouts.

Records are retrieved by name and I.D. number.

1. Authorized users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a card key system. Access to the computer room is controlled by a card key and security code (numeric keypad) system. Access to the data entry area is also controlled by a card key system. The hard copy records are kept in locked cabinets in locked rooms. The local fire department is located directly across the street from the Clifton Road buildings. The computer room is protected by an automatic sprinkler system, automatic sensors (e.g., water, heat, smoke, etc.) are installed, and portable fire extinguishers are located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fire proof safe. The 24-hour guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in effect at the Federal Records Center.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. When Privacy Act tapes are erased, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for five years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, Division of Tuberculosis Elimination, National Center for Prevention Services, Corporate Square, Bldg. 10, Rm. 2208, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333 and Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals and hospitals.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4440 1/25/11.

None.

National Center for Prevention Services, Corporate Square, Bldg. 11, Rms. 2117, 2118, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333 and Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Adult participants in the study, their spouses, and their direct offspring.

Records relating to medical treatment of Tuskegee Study Health Benefit Program beneficiaries.

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

To determine eligibility and provide medical benefits for participants and qualified family members.

A record may be disclosed for a research purpose, when the Department:

(A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained;

(B) Has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring;

(C) Has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the records, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law;

(D) Has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

Records may be disclosed to health departments and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with diseases and conditions of public health significance.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders.

Records are retrieved alphabetically by name.

l. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, electronic anti-intrusion devices in operation at the Federal Records Center, 24- hour guard service in buildings, personnel screening of visitors.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with the system manager prior to making disclosures of data.

4. Implementation guidelines: DHHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for five years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records are to be maintained permanently.

Director, National Center for Prevention Services, Corporate Square, Bldg. 11, Rm. 2106, MS E07, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Participants and family members of participants entitled to medical care; Social Security Administration for Medicare information; and State welfare departments for information on Medicaid.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 1324 1/11/91; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4443 1/25/11.

None.

Medical Screening Section, Division of Quarantine, National Center for Prevention Services, Corporate Square, Bldg. 10, Rm. 1105, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333 andFederal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Immigrant aliens with waivers of excludability who have or have had a physical or mental disorder with associated behavior that may pose, or has posed, a threat to the property, safety, or welfare of the alien or others.

Medical history files.

Public Health Service Act, Section 325, "Examination of Aliens" (42 U.S.C. 252); Immigration and Nationality Act, Section 212(g), "Application for Waiver of Grounds of Excludability" (8 U.S.C. ll82(g)).

To comply with the requirements of section 212(g) of the Immigration and Nationality Act, the Centers for Disease Control (CDC) must receive and maintain medical records on aliens who apply for waivers of excludability due to a physical or mental disorder with associated harmful behavior. CDC is furnished with a copy of the alien's medical examination report and psychiatric/psychological evaluation and uses the information to process the initial applications for such waivers and for periodic medical surveillance and evaluation of individual cases.

Department of State (DOS) or Immigration and Naturalization Service (INS) obtains initial medical examinations and submits to the Division of Quarantine, CDC. Final diagnosis returned to submitter. Alien or sponsor furnishes copy of medical file to local health care facility in the United States.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed for a research purpose, when CDC is authorized to share information on aliens with the Social Security Administration to determine eligibility for benefits, pursuant to Section 1631(e) of the Social Security Act as amended by Public Law 103 -296, or as otherwise provided for in the Social Security Act.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Individual file folders.

Records are retrieved by name.

1. Authorized users: Access is granted to only a limited number of personnel, i.e., program manager and immediate staff members, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, 24-hour guard service in buildings, personnel screening of visitors, electronic anti-intrusion devices in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with the system manager prior to making disclosures of data.

4. Implementation guidelines: DHHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for five years. Disposal methods include burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 10 years old, unless needed for further study.

Director, Division of Quarantine, National Center for Prevention Services, Corporate Square, Bldg. 10, Room 1207, MS E03, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's or mentally incompetent person's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child or mentally incompetent person by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Prior to alien's arrival in the U.S., medical information supporting the diagnosis of a physical or mental mental disorder with associated harmful behavior is submitted by Department of State and/or Justice Department (INS); after arrival, mental status evaluations submitted by medical specialists, schools, or institutions.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4445 1/25/11.

None.

Office of the Director, Division of Quarantine, Center for Prevention Services, 1644 Freeway Office Park, Room 1327, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

Immigrant aliens with tuberculosis.

Medical history.

Public Health Service Act, Section 325, "Examination of Aliens" (42 U.S.C 252); Immigration and Nationality Act, Section 212(g), "Application for Waiver of Grounds of Excludability" (8 U.S.C. 1182(g)).

To provide a record system for the surveillance and periodic medical evaluation of immigrant aliens with tuberculosis.

Disclosure may be made to State health departments; city health departments or the courts, private physicians or other health care facilities that will provide medical care for the immigrant alien.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

CDC is authorized to share information on aliens with the Social Security Administration to determine eligibility for benefits, pursuant to Section 1631 (e) of the Social Security Act as amended by Public Law 103-296, or as otherwise provided for in the Social Security Act.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Card files, computer tapes/disks and printouts.

Records are retrieved by name, Alien Registration Number, and by year of birth.

1. Authorized users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a card key system. Access to the computer room is controlled by a card key and security code (numeric keypad) system. Access to the data entry area is also controlled by a card key system. The hard copy records are kept in locked cabinets in locked rooms. The local fire department is located directly across the street from the Clifton Road buildings. The computer room is protected by an automatic sprinkler system, automatic sensors (e.g., water, heat, smoke, etc.) are installed, and portable fire extinguishers are located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fire proof safe. The 24-hour guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in effect at the Federal Records Center.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. When Privacy Act tapes are erased, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Card files are maintained in agency for two years. Destroyed by paper recycling process after 2 years. Computer file maintained 4 years at CDC. Records destroyed by erasing tape after 4 years.

Director, Division of Quarantine, National Center for Prevention Services, 1644 Freeway Office Park, Rm.1328, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information obtained from alien's visa medical documents at port of entry by Quarantine Inspectors.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 1324 1/11/91; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4446 1/25/11.

None.

Material, Data and Specimen Handling Section, Scientific Resources Program, National Center for Infectious Diseases, Bldg. 4, Rm. B35, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

San Juan Laboratories, Center for Infectious Diseases, Centers for Disease Control, San Juan, Puerto Rico 00936.

Division of Vector-Borne Infectious Diseases, National Center for Infectious Diseases, Centers for Disease Control and Prevention, Foot Hills Campus, Fort Collins, CO 80522 and Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

A list of contractor sites where individually identifiable data are currently located is available upon request to the appropriate system manager.

Adults and children whose specimens have been submitted to the Centers for Disease Control (CDC) for testing.

Results of diagnostic tests involving microbiology, clinical chemistry, hematology, immunology, genetics and pathology.

Public Health Service Act, section 301, "Research and Investigation," (42 U.S.C. 241); sections 304, 306 and 308(d) which discuss authority to grant assurances of confidentiality for health research and related activities (42 U.S.C. 242 b, k, and m(d)).

For documentation of test results which are returned to submitter. Used between specialty units for research purposes; and for epidemiological investigations, for epidemic causes, prevention, family groupings of diseases, and geographical location of specific diseases; also, used by epidemiologists and researchers in determining drug resistance of specific organisms.

The following routine uses apply to all records in this system except those maintained under an assurance of confidentiality provided by Section 308(d) of the Public Health Service Act (unless expressly authorized in the consent form or stipulated in the Assurance Statement):

CDC is under contract with private firms for the purposes of collating, analyzing, aggregating, or otherwise refining records in this system. Relevant records are disclosed to such contractors. The contractors are required to maintain Privacy Act safeguards with respect to such records.

A record may be disclosed for a research purpose, when the Department: (A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; (D) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

To individuals and organizations deemed qualified by the Secretary to carry out quality assessment, medical audits, or utilization review.

Records may be disclosed to health departments and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with diseases and conditions of public health significance.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Original Form - file folders; microfilm copies, computer tapes/disks and printouts.

Retrieved by name or designated number furnished by the submitter, CDC identifying number, and/or microfilm number.

1. Authorized users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a card key system. Access to the computer room is controlled by a card key and security code (numeric keypad) system. Access to the data entry area is also controlled by a card key system. The hard copy records are kept in locked cabinets in locked rooms. The local fire department is located directly across the street from the Clifton Road buildings. The computer room is protected by an automatic sprinkler system, automatic sensors (e.g., water, heat, smoke, etc.) are installed, and portable fire extinguishers are located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fire proof safe. The 24-hour guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in effect at the Federal Records Center.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. When Privacy Act tapes are erased, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for five years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 10 years old, unless needed for further study.

Director, National Center for Infectious Diseases, Bldg. 1, Rm. 6013, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, Epidemiology Program Office, Bldg. 1, Rm. 5009, MS C08, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, National Center for Prevention Services, Corporate Square, Bldg. 11, Rm. 2106, MS E07, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333-3724.

Director, National Center for Environmental Health, Chamblee Bldg. 101, Rm. 3116, MS F29, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Director, National Center for Injury Prevention and Control, Koger Davidson Bldg., Rm. 1078, MS F36, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Director, National Immunization Program, Corporate Square, bldg. 12, Rm. 5113, MS E05, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Policy coordination is provided by: Associate Director for Management and Operations, Bldg. 1, Rm. 2011, MS D15, Centers for Disease Control and Prevention, 1600 Clifton Road NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the appropriate system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Approved public health laboratories, Federal medical facilities, private physicians.

None.

51 FR 42449 11/24/86; 53 FR 47345 11/22/88; 54 FR 47904 11/17/89; 56 FR 1324 1/11/91; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4449 1/25/11.

None.

National Center for Infectious Diseases, Bldg. 1, Rm. 6013, Centers for Disease Control, l600 Clifton Road, Atlanta, GA 30333.

Epidemiology Program Office, Bldg. 1, Rm. 5009, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

National Center for Prevention Services, 1600 Freeway Park, Rm. 313, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

National Center for Environmental Health, Chamblee Bldg. 101, Centers for Disease Control, 4770 Buford Highway NE, Atlanta, GA 30341-3724.

National Center for Injury Prevention and Control, Koger Davidson Building, Rm. 2037, Centers for Disease Control, 4770 Buford Highway NE, Atlanta, GA 30341-3724.

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Adults and children with disease and other health conditions of public health significance, their contacts, others with possible exposure and appropriate controls.

Medical histories, case reports.

Public Health Service Act, Section 301, "Research and Investigation," (42 U.S.C. 241); sections 304, 306, and 308(d), which discuss authority to grant assurances of confidentiality for health research and related activities (42 U.S.C. 242 b, k, and m(d)); and section 361, "Quarantine and Inspection, Control of Communicable Diseases,` (42 U.S.C. 264).

The record system is used by professional staff at the Centers for Disease Control (CDC) for more complete knowledge of the disease/condition in the following ways: (1) An examination of existing files enables investigators to determine areas that have been adequately investigated and to specify those that might be pursued; or (2) Records may later be examined in the light of future discoveries and proven associations so that relevant data collected at the time of the outbreak may be analyzed and reassessed. CDC may or may not request duplicate copies of these State and/or local health department records for further analysis following completion of the field investigation.

The following routine uses apply to all records in this system except those maintained under an assurance of confidentiality provided by Section 308(d) of the Public Health Service Act (unless expressly authorized in the consent form or stipulated in the Assurance Statement):

These records may be disclosed, i.e., returned to the State and/or local health departments in order for them to take measures to control, prevent, or treat disease and to conduct follow-up activities with patients and others contacted during the investigations. Private physicians may also be supplied pertinent medical information on their patients from these records.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders, cards, computer tapes/disks and printouts.

Retrieved alphabetically by name.

1. Authorized users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a card key system. Access to the computer room is controlled by a card key and security code (numeric keypad) system. Access to the data entry area is also controlled by a card key system. The hard copy records are kept in locked cabinets in locked rooms. The local fire department is located directly across the street from the Clifton Road buildings. The computer room is protected by an automatic sprinkler system, automatic sensors (e.g., water, heat, smoke, etc.) are installed, and portable fire extinguishers are located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fire proof safe. The 24-hour guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in effect at the Federal Records Center.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. When Privacy Act tapes are erased, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for four years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, National Center for Infectious Diseases, Bldg. 1, Rm. 6013, MS C12, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333

Director, Epidemiology Program Office, Bldg. 1, Rm. 5009, MS C08, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333

Director, National Center for Environmental Health, Chamblee Bldg. 101, Rm. 2115, MS F29, Centers for Disease Control, 4770 Buford Highway NE, Atlanta, GA 30341-3724.

Director, National Center for Injury Prevention and Control, Koger Davidson Bldg., Rm. 2037, MS F36, Centers for Disease Control, 4770 Buford Highway NE, Atlanta, GA 30341-3724.

Policy coordination is provided by: Director, Office of Program Support, Bldg. 1, Rm. 2011, MS D15, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the appropriate system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals, State and local health departments, and private physicians.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4452 1/25/11.

None.

Division of Biomedical and Behavioral Science (DBBS), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226

Division of Standards Development and Technology Transfer (DSDTT), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226 and

Federal Records Center, 3150 Bertwynn Drive, Dayton, Ohio 45439.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager.

Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

Volunteer subjects from the general population.

Occupational history, medical history, results of medical tests including biopsy specimens, demographic data, results of psychological and psychometric tests, and data necessary to interpret the medical results.

Occupational Safety and Health Act, Section 20, "Research and Related Activities" (29 U.S.C. 669).

This system is to develop composite data summaries to support the development of criteria for occupational safety and health standards, and to provide other recommendations for improving worker safety and health.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigative proceedings that NIOSH is authorized to request are: (1) enforcement of a subpoena issued to an employer to provide relevant information; or (2) contempt citation against an employer for failure to comply with a warrant obtained by the Institute.

Disclosure may be made to NIOSH collaborating researchers (NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Manual files, computer cards, computer tapes/disks, computer listings, microfilm.

Name and case number are the indexes used to retrieve records from this system.

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Records are kept in locked cabinets in locked rooms. Guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with system manager prior to making disclosures of data.

4. Implementation guidelines: HHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Mangement Regulations, subchapter B--Archives and Records.

Records are maintained in agency for three years. Personal identifiers are destroyed as soon as they are no longer necessary for the protection of the individuals involved. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, Division of Biomedical and Behavioral Science (DBBS), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226 and

Medical Officer, Division of Standards Development and Technology Transfer (DSDTT), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226.

Policy coordination is provided by: Director, Office of Program Support, Bldg. 1, Rm. 2011, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the appropriate system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained directly from the individual.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 58 FR 69048 12/29/93; 76 FR 4454 1/25/11.

None.

Division of Biomedical and Behavioral Science, (DBBS), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226 and

Federal Records Center, 3150 Bertwynn Drive, Dayton, Ohio 45439.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager. Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

Subjects employed at specific sites under study.

Occupational history, medical history, results of medical tests including results of hearing tests, demographic data, employee records, psychological and psychometric tests, and data necessary to interpret the medical results.

Occupational Safety and Health Act, Section 20, "Research and Related Activities" (29 U.S.C. 669).

This system is to determine the relationship between worker exposure to hazardous agents or stressors and occupational disease. This information is used to recommend procedures to reduce the incidence of occupational disease.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigative proceedings that NIOSH is authorized to request are: (1) Enforcement of a subpoena issued to an employer to provide relevant information; or (2) contempt citation against an employer for failure to comply with a warrant obtained by the Institute.

Disclosure may be made to NIOSH collaborating researchers (NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Manual files, computer cards, computer tapes/disks, computer listings, microfilm.

Name and case number are the indexes used to retrieve records from this system.

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Records are kept in locked cabinets in locked rooms. Guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with system manager prior to making disclosures of data.

4. Implementation guidelines: HHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Mangement Regulations, subchapter B--Archives and Records.

Records are maintained in agency for three years. Personal identifiers are destroyed as soon as the system has stabilized, and statistical summaries can be run. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, Division of Biomedical and Behavioral Science (DBBS), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained directly from the individual and from employee records.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 58 FR 69048 12/29/93; 76 FR 4456 1/25/11.

None.

National Center for Infectious Diseases, Bldg. 1, Rm. 6013, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

National Center for Prevention Services, Corporate Square, Bldg. 11, Rm. 2106, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

National Center for Environmental Health, Chamblee Bldg. 101, Rm. 3116, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

National Center for Injury Prevention and Control, Koger Davidson Bldg., Rm. 1078, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Epidemiology Program Office, Bldg. 1, Rm. 5009, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Public Health Practice Program Office, Executive Park, Bldg. 24, Rm. 110, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

National Center for Chronic Disease Prevention and Health Promotion, Rhodes Bldg., Rm. 4000, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

National Immunization Program, Corporate Square, Bldg. 12, Rm. 5113, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

A list of contractor sites where individually identifiable data are currently located is available upon request to the appropriate system manager.

Adults and children with diseases and other preventable conditions of public health significance; also included are control group participants. Workers employed by the Department of Energy and its predecessor agencies and their contractors are also included.

Case reports, medical records, questionnaires, and related documents.

Public Health Service Act, section 301, "Research and Investigation," (42 U.S.C. 241); sections 304, 306 and 308(d) which discuss authority to grant assurances of confidentiality for health research and related activities (42 U.S.C. 242 b, k, and m(d)).

This record system enables Centers for Disease Control (CDC) officials to better understand disease patterns in the United States, develop programs for prevention and control of health problems, and communicate new knowledge to the health community.

CDC is under contract with private firms for the purpose of collating, analyzing, aggregating or otherwise refining records in this system. Relevant records are maintained by such contractors. Contractors are required to maintain Privacy Act safeguards with respect to such records.

The following routine uses apply to all records in this system except those maintained under an assurance of confidentiality provided by section 308(d) of the Public Health Service Act (unless expressly authorized in the consent form or stipulated in the Assurance Statement):

A record may be disclosed for a research purpose, when the Department:

(A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained;

(B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring;

(C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law;

(D) Has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

Disclosure may be made to organizations deemed qualified by the Secretary to carry out quality assessment, medical audits or utilization review.

Records may be disclosed to health departments and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with diseases and conditions of public health significance.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Storage:

Computer tapes/disks and printouts and file folders.

By name of individual and by identification number.

1.Authorized users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a card key system, with access to the computer room controlled by a card key and security code (numeric keypad) system. Access to the data entry area is also controlled by a card key system and the hard copy records are kept in locked cabinets in locked rooms. The local fire department is located directly across the street from the Clifton Road facility. The computer room is protected by a dry pipe fire protection system, numerous automatic sensors (e.g., water, heat, smoke, etc.) are installed, and a proper mix of portable fire extinguishers are located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure fire proof safe. Guard service in buildings provides personal screening of visitors. Electronic anti-intrusion devices are in effect at the Federal Records Center.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. When Privacy Act tapes are scratched, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Record copy of study reports maintained in agency from two to three years in accordance with retention schedules. Source documents for computer disposed of when no longer needed by program officials. Personal identifiers may be deleted from records when no longer needed in the study as determined by the system manager, and as provided in the signed consent form, as appropriate. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records are destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, National Center for Infectious Diseases, Bldg. 1, Rm. 6013, MS C12, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, National Center for Prevention Services, Corporate Square, Bldg. 11, Rm. 2106, MS E07, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, National Center for Environmental Health, Chamblee Bldg. 101, Rm. 3116, MS F29, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Director, National Center for Injury Prevention and Control, Koger Davidson Bldg., Rm. 1078, MS F36, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Director, Epidemiology Program Office, Bldg. 1, Rm. 5009, MS C08, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, Public Health Practice Program Office, Executive Park, Bldg. 24, Rm. 110, MS E20, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, National Center for Chronic Disease Prevention and Health Promotion, Rhodes Bldg., Rm. 4000, MS K40, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Director, National Immunization Program, Corporate Square, Bldg. 12, Rm. 5113, MS E05, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Policy coordination is provided by: Associate Director for Management and Operations, Bldg. 1, Rm. 2011, MS D15, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself or may obtain information concerning participation in epidemiological studies or surveillance activities by contacting the appropriate system manager at the address listed above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion. A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the first official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals, private physicians, State and local health departments, and other health care providers.

None.

57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94; 59 FR 67080 12/28/94; 76 FR 4458 1/25/11.

None.

International Health Program Office, Bldg. 11 South, Centers for Disease Control, l600 Clifton Road, Atlanta, GA 30333.

The Centers for Disease Control (CDC) employees.

Passport status records.

Title 5, Government Organization and Employees (5 U.S.C. 301).

To show status of passports of CDC employees who travel to foreign countries on official business.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when: (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders.

Retrieved by name.

1. Authorized users: Access is granted to only a limited number of International Health Program Office personnel and designated support staff of CDC, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, 24-hour guard service in buildings, personnel screening of visitors.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with the system manager prior to making disclosures of data.

4. Implementation guidelines: DHHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual.

Records are maintained in agency for five years. When passports expire or when they are cancelled, they are returned to the subject individual. If the individual does not wish to receive the cancelled or expired passport, the document is destroyed by shredding.

Director, International Health Program Office, Bldg. 11South, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

CDC employees.

None.

51 FR 42449 11/24/86 54; FR 47904 11/17/89; 56 FR 1324 1/11/91; 58 FR 69048 12/29/93; 76 FR 4460 1/25/11.

None.

Epidemiology Program Office, Bldg. 1, Rm. 5127, Centers for Disease Control, l600 Clifton Road, Atlanta, GA 30333

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

EIS Officers - Current, alumni and applicants.

Applications, interview materials, letters of recommendations, call-to-duty papers.

Public Health Service Act, Section 203, "Commissioned Corps" and Section 207, "Appointment of Personnel` (42 U.S.C. 204, 209).

The system is designed to process individual applications for the Epidemic Intelligence Service Officer program, and to assess a candidate's suitability for a position in the program.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when: (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders.

Retrieved by name.

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, 24-hour guard service in buildings, personnel screening of visitors, electronic anti-intrusion devices in operation at the Federal Records Center (FRC).

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with the system manager prior to making disclosures of data.

4. Implementation guidelines: DHHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for eight years. Disposal methods include burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation. Destroyed by paper recycling process after 16 years unless needed for further analysis.

Director, Epidemiology Program Office, Bldg. 1, Rm. 5009, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Educational institutions, previous employers and subject individuals.

None.

51 FR 42449 11/24/86; 53 FR 47345 11/22/88; 54 FR 47904 11/17/89; 56 FR 1324 1/11/91; 58 FR 69048 12/29/93; 76 FR 4462 1/25/11.

None.

WTC Health Program, NIOSH, Century Center Boulevard, Building 2400, Mail Stop E-74, Atlanta, GA 30329.

Division of Surveillance, Hazard Evaluation, and Field Studies (DSHEFS), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, OH 45226.

Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, Morgantown, WV 20505-2888.

Pittsburgh Research Laboratory, NIOSH, 626 Cochrans Mill Road, Pittsburgh, PA 15156.

Spokane Research Laboratory, NIOSH, 315 E. Montgomery Avenue, Spokane, WA 99207.

Office of Compensation Analysis and Support (OCAS), NIOSH, Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, Ohio 45226, and Federal Records Center, 3150 Bertwynn Drive, Dayton, OH 45439.

Data are also occasionally located at contractor sites as studies are developed, data collected, and reports written. A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager. Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

That segment of the population exposed to physical and/or chemical agents or other workplace hazards that may damage the human body in any way. Some examples are: (1) Organic carcinogens; (2) inorganic carcinogens; (3) mucosal or dermal irritants; (4) fibrogenic materials; (5) acute toxic agents including sensitizing agents; (6) neurotoxic agents; (7) mutagenic (male and female) and teratogenic agents; (8) bio- accumulating non-carcinogen agents; (9) chronic vascular disease-causing agents; and (10) ionizing radiation. Also included are those individuals in the general population who have been selected as control groups. Workers employed by the Department of Energy and its predecessor agencies and their contractors are also included, as are cancer-related claimants under the Energy Employees Occupational Illness Compensation Program Act of 2000 (EEOICPA). Individuals enrolled in or otherwise claiming eligibility and qualification for enrollment in the WTC Health Program created under Title XXXIII of the Public Health Service Act.

Physical exams, sputum cytology results, questionnaires, urine test records, X-rays, medical history, pulmonary function test records, medical disability forms, blood test records, hearing test results, smoking history, occupational histories, previous and current employment records, union membership records, driver's license data, demographic information, exposure history information and test results are examples of the records in this system. The specific types of records collected and maintained are determined by the needs of the individual study. Also included are records of cancer-related claimants under EEOICPA." Also included are applications for enrollment in the World Trade Center (WTC) Health Program and information on individuals enrolled in or otherwise claiming eligibility and qualification for enrollment; once enrolled, information on these individuals may include screening and medical records, and financial records related to payment and reimbursements for care under the WTC program. Information that is provided to HHS that is from a system of records under the control of the Terrorist Screening Center (TSC), Federal Bureau of Investigation, Department of Justice remains law enforcement information and retains the exemptions listed in Justice/FBI-019, 72 FR 47,073 (Aug. 22, 2007) and promulgated under 28 CFR 16.96 (r).

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241); Occupational Safety and Health Act, Section 20, "Research and Related Activities" (29 U.S.C. 669); the Federal Mine Safety and Health Act of 1977, Section 501, "Research" (30 U.S.C. 951) and the Energy Employees Occupational Illness Compensation Program Act of 2000 (EEOICPA) (42 U.S.C.S 7384, et seq.); and the Public Health Service Act, Title XXXIII, "World Trade Center Health Program" (42 U.S.C. 300mm -300mm-61).

Studies carried out under this system are to evaluate mortality and morbidity of occupationally related diseases and injuries, to determine their causes, and to lead toward prevention of occupationally related diseases and injuries in the future. EEOICPA records are maintained to enable NIOSH to fulfill its dose reconstruction responsibilities under the Act. WTC Health Program records in this system are maintained and used to enable NIOSH to fulfill WTC Program Administrator responsibilities make determinations about eligibility and qualification, provide for medical care, pay for that care, and coordinate with other health benefit programs under Title XXXIII of the Public Health Service Act, 42 U.S.C. 300mm-300mm-61.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to the Department of Justice when (1) HHS, or any component thereof; or (2) any employee of HHS in his or her official capacity; or (3) any employee of HHS in his or her individual capacity where the Department of Justice or HHS has agreed to represent the employee; or (4) the United States, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice is deemed by HHS to be relevant and necessary to the litigation; provided, however, that in each case it has been determined that the disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to a contractor performing or working on a contract for HHS and who has a need to have access to the information in the performance of its duties or activities for the HHS in accordance with law and with the contract. The contractor is required to comply with the applicable provisions of the Privacy Act.

Records subject to the Privacy Act are disclosed to private firms for data entry, scientific support services, nosology coding, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

Certain diseases or exposures may be reported to State and/or local health departments where the State has a legally constituted reporting program for communicable diseases and which provides for the confidentiality of the information.

Disclosure of records or portions of records may be made to a Member of Congress or a Congressional staff member submitting a verified request involving an individual who is entitled to the information and has requested assistance from the Member or staff member. The Member of Congress or Congressional staff member must provide a copy of the individual's written request for assistance.

Disclosure may be made to NIOSH collaborating researchers (e.g., NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality

THE FOLLOWING ROUTINE USES APPLY ONLY TO EPIDEMIOLOGICAL STUDIES:

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigation proceedings that NIOSH is authorized to request are: (1) Enforcement of a subpoena issued to an employer to provide relevant information; and (2) administrative search warrants to obtain access to places of employment and relevant information therein and related contempt citations against an employer for failure to comply with a warrant obtained by the Institute; and (3) injunctive relief against employers or mine operators to obtain access to relevant information.

Portions of records (name, Social Security number if known, date of birth, and last known address) may be disclosed to one or more of the sources selected from those listed in Appendix I, as applicable. This may be done for obtaining a determination regarding an individual's health status and last known address. If the sources determine that the individual is dead, NIOSH may obtain death certificates, which state the cause of death, from the appropriate Federal, State or local agency. If the individual is alive, NIOSH may obtain information on health status from disease registries or on last known address in order to contact the individual for a health study or to inform him or her of health findings. This information on health status enables NIOSH to evaluate whether excess occupationally related mortality or morbidity is occurring.

Disclosure of epidemiologic study records pertaining to uranium workers may be made to the Department of Justice to be used in determining eligibility for compensation payments to the uranium workers or their survivors.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

THE FOLLOWING ROUTINE USES APPLY ONLY TO EEOICPA PROGRAM RECORDS:

Disclosure of dose reconstructions, epidemiologic study records and employment and medical information pertaining to Department of Energy employees and other cancer-related claimants covered under the Energy Employees Occupational Illness Compensation Program Act may be made to the Department of Labor to be used in determining eligibility for compensation payments to such claimants and in defending its determinations under the Act.

Disclosure of personal identifying information associated with cancer-related claims under the Energy Employees Occupational Illness Compensation Program Act may be made to the Department of Energy, other Federal agencies, other government or private entities and to private- sector employers to permit these entities to retrieve records required to reconstruct radiation doses and to enable NIOSH to evaluate petitions for inclusion in the Special Exposure Cohort.

Completed dose reconstruction reports for cancer-related claims under the Energy Employees Occupational Illness Compensation Program Act may be released to the Department of Energy and the Department of Labor to permit these entities to fulfill EEOICPA and HHS dose reconstruction regulation requirements to notify claimants of their dose reconstruction results.

Disclosure of personal identifying information associated with cancer-related claims under the Energy Employees Occupational Illness Compensation Program Act may be made to identified witnesses as designated by the Office of Compensation Analysis and Support to assist NIOSH in obtaining information required to complete the dose reconstruction process and to enable NIOSH to evaluate petitions for inclusion in the Special Exposure Cohort.

Records may also be disclosed when deemed desirable or necessary, to the Department of Justice, and/or the Department of Labor, to enable those Departments to effectively represent the Department of Health and Human Services and/or the Department of Labor in litigation involving the Energy Employees Occupational Illness Compensation Program Act of 2000 (EEOICPA).

THE FOLLOWING ROUTINE USES APPLY ONLY TO WTC HEALTH PROGRAM RECORDS:

Disclosure to the Department of Justice and its contractors to provide terrorist screening support in accordance with NIOSH's statutory obligation to determine whether an individual is on the "terrorist watch list" as specified in Section 3311 and Section 3321 of the Zadroga Act and is eligible and qualified to be enrolled or certified in the WTC Health Program as specified by statute. Disclosure by NIOSH, under this routine use, will be limited to only the information that is necessary to determine eligibility and qualification under the statute. The Department of Justice will only retain information provided by HHS that relates to (1) Individuals known or suspected to be or have been engaged in conduct constituting, in preparation for, in aid of, or related to terrorism ("known or suspected terrorists"); (2) individuals identified during the terrorism screening process as a possible identity match to a known or suspected terrorist; (3) individuals who are misidentified as a possible identity match to a known or suspected terrorist in order to expedite future screening of those individuals and to support the appeals process; and/or (4) individuals about whom a terrorist watchlist-related appeal inquiry has been made. Information that does not fall into one of the above listed categories will not be retained by the Department of Justice. Disclosure of personally identifying information to applicable entities for the purpose of reducing or recouping WTC Health Program payments made to individuals under a workers' compensation law or plan of the United States, a State, or locality, or other work-related injury or illness benefit plan of the employer of such worker or public or private health plan as required under Title XXXIII of the Public Health Service Act. NIOSH will maintain, use, and disclose the information in the System of Records in accordance with applicable Federal law.

Storage:

Manager files, card files, electronic computer tapes, disks, files and printouts, microfilm, microfiche, and other files as appropriate.

Name, assigned identification number, or social security number.

1. Authorized Users: A database software security package is utilized to control unauthorized access to the system. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff or contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical Safeguards: Hard copy records are kept in locked cabinets in locked rooms. Guard service in buildings provides screening of visitors. The limited access, secured computer room contains fire extinguishers and an overhead sprinkler system. Computer workstations and automated records are located in secured areas. Electronic anti-intrusion devices are in operation at the Federal Records Center.

3. Procedural Safeguards: Data sets are password protected and/or encrypted. Protection for computerized records both on the mainframe and the NIOSH Local Area Network (LAN) includes programmed verification of valid user identification code and password prior to logging on to the system, mandatory password changes, limited log-ins, virus protection, and user rights/file attribute restrictions. Password protection imposes user name and password log-in requirements to prevent unauthorized access. Each user name is assigned limited access rights to files and directories at varying levels to control file sharing. There are routine daily backup procedures and secure off-site storage is available for backup tapes. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

Employees and contractor staff who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either government or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation Guidelines: The safeguards outlined above are in accordance with the HHS Information Security Program Policy and FIPS Pub 200, "Minimum Security Requirements for Federal Information and Information Systems." Data maintained on CDC's Mainframe and the NIOSH LAN are in compliance with OMB Circular A-130, Appendix III. Security is provided for information collection, processing, transmission, storage, and dissemination in general support systems and major applications. The CDC LAN currently operates under a Microsoft Windows Server and is in compliance with applicable security standards.

Records are retained and disposed of according to the provisions of the CDC Electronic Records Control Schedule for NIOSH records. Research records are maintained in the agency for three years after the close of the study. Records transferred to the Federal Records Center when no longer needed for evaluation and analysis are destroyed after 75 years for epidemiologic studies, unless needed for further study. Records from health hazard evaluations will be retained at least 20 years. EEOICPA program records are transferred to the Federal Records Center 15 years after the case file becomes inactive and are destroyed after 75 years. WTC Health Program records are transferred to the Federal Records Center 15 years after the case file becomes inactive and are destroyed after 75 years.

Paper files that have been scanned to create electronic copies are disposed of after the copies are verified. Disposal methods include erasing computer tapes and burning or shredding paper materials.

Director, WTC Health Program, NIOSH, Century Center Boulevard, Building 2400, Mail Stop E-74, Atlanta, GA 30329.

Program Management Officer, Division of Surveillance, Hazard valuations, and Field Studies (DSHEFS), National Institute for Occupational Safety and Health (NIOSH), Robert A. Taft Laboratories, Rm. 40A, 4676 Columbia Parkway, Cincinnati, OH 45226.

Director, Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), Bldg. ALOSH, Rm. H2920, 1095 Willowdale Road, Morgantown, WV 26505-2888.

Director, Pittsburgh Research Laboratory, NIOSH, 626 Cochrans Mill Road, Pittsburgh, PA 15156..

Director, Spokane Research Laboratory, NIOSH, 315 E. Montgomery Avenue, Spokane, WA 99207.

Director, Office of Compensation and Support (OCAS), NIOSH, Robert A. Taft Laboratories, 4676 Columbia Parkway, Cincinnati, OH 45226

Policy coordination is provided by: Director, National Institute for Occupational Safety and Health (NIOSH), Bldg. HHH, Rm. 715H, 200 Independence Avenue, SW., Washington, DC 20201.

An individual may learn if a record exists about himself or herself by contacting the system manager at the above address. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either: (1) Submit a notarized request to verify their identity; or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a $5,000 fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion. A subject individual will be granted direct access to a medical record if the system manager determines direct access is not likely to have adverse effect on the subject individual.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

For research studies, vital status information is obtained from Federal, State and local governments and other available sources selected from those listed in Appendix I, but information is obtained directly from the individual and employer records, whenever possible. EEOICPA records are obtained from the individual subject and the employer's records. WTC Health Program Records are obtained from individual applicants and enrollees, from medical providers who have treated eligible individuals, and from data centers that are repositories of demographic and clinical information about WTC responders and survivors.

None.

76 FR 34706 6/14/11.

None.

Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, Morgantown, WV 26505-2845.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager. Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

Persons working, or having worked at coal mining operations, mining operations other than coal and at workplaces not identified as surface mining or below ground mining operations and exposed or potentially exposed to substances which are known or suspected respiratory irritants or carcinogens. Also included are those individuals in the general population who have been selected as a control group.

Previous and current employment records, medical and occupational histories, demographic data, X-rays, smoking histories, results of medical tests such as pulmonary function data and spirometry test results, permission forms, industrial environmental data, and questionnaires. The specific types of records collected and maintained are determined by the research needs of the specific study.

Occupational Safety and Health Act, Section 20, "Research and Related Activities" (29 U.S.C. 669); Federal Mine Safety and Health Act of l977, Sections 203, "Medical Examinations" and 50l, "Research" (30 U.S.C. 843, 95l); Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

The purpose of this system is to investigate occupationally related diseases at workplaces identified as general industry, surface mining, or below ground mining operations and to determine the cause and prevention of such diseases.

Data may be sent to State Vital Statistics Divisions to obtain death certificates and to missing person location agencies to find those individuals who cannot otherwise be located.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

Data on the incidence of pneumoconiosis may be sent to the Mining Safety and Health Administration, Department of Labor.

Test data which indicate the existence of cancer may be provided to the State Cancer Registry where the State has a legally constituted cancer registry program which provides for the confidentiality of information.

Certain communicable diseases may be reported to State and/or local health departments where the State has a legally constituted reporting program for communicable diseases and which provides for the confidentiality of the information.

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigative proceedings that NIOSH is authorized to request are: (1) Enforcement of a subpoena issued to an employer to provide relevant information; or (2) contempt citation against an employer for failure to comply with a warrant obtained by the Institute; and (3) injunctive relief against employers or mine operators to obtain access to relevant information.

Disclosure may be made to NIOSH collaborating researchers (NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Storage:

Computer tapes/disks and printouts, CD ROM; microfiche, and manual files.

Name and/or assigned numerical identifier, plant name and study name are some of the indices used to retrieve records from this system. Social security numbers, supplied on a voluntary basis may occasionally be used for data retrieval.

1. Authorized users: The NIOSH mainframe computer, located within the Morgantown facility, uses a security package to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a daily basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the facility is monitored, and controlled after hours, by a 24-hour guard service. Hard copy records are kept in locked cabinets in locked rooms. Access to the computer room is controlled by a punch lock system. System print-outs are made available to the requester through the use of "pigeon-hole" mailboxes which are individually secured by (combination) locking doors. The local fire department is one mile from the facility, which is of structural steel and cement block construction, with pre-cast cement panels on the envelope. No combustible materials are used in the building construction, including all interior walls. The computer room is protected by a Halon gas, built-in extinguisher system. Heat sensors are installed, and portable fire extinguishers are located throughout the computer room. The active system files are backed up on a weekly basis. The entire system is backed up, with copies of the files stored in a secure, fireproof safe in a separate location within the facility.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or a job submission. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31).

Master records for completed studies are maintained in agency until transferred to the National Archives, which will occur within five years of completion. Source documents for computer data are disposed of when no longer needed in the study, as determined by the system manager, and as provided in the signed consent form, as appropriate. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Electronic records are maintained according to the provisions of the Records Control Schedule for NIOSH Electronic Records, which is consistent with the records maintenance requirements for other forms of records. Copies of notifications to workers/private physicians of needed medical attention and/or medical treatment are destroyed when no longer needed for administrative purposes, but may be retained for as long as seventy years. Paper records are destroyed by paper recycling process when 20 years old, unless needed for further study.

Administrative Officer, Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, MS 217, Morgantown, WV 26505-2845.

Epidemiologist, Epidemiological Investigations Branch, DRDS, NIOSH, 1095 Willowdale Road, MS 234, Morgantown, WV 26505-2845.

Policy coordination is provided by: Director, Division of Respiratory Disease Studies, National Institute for Occupational Safety and Health, 1095 Willowdale Road, MS 220, Morgantown, WV 26505-2845.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained from the individual and from employer industry records. Vital status information is obtained from Federal, State and local governments and other available sources.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 67080 12/28/94; 76 FR 4466 1/25/11.

None.

Division of Respiratory Disease Studies, National Institute for Occupational Safety and Health, 1095 Willowdale Road, Morgantown, WV 26505-2845.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager. Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

Persons working, or having worked at coal mining operations, mining operations other than coal and at workplaces not identified as surface mining or below ground mining operations and exposed or potentially exposed to substances which are known or suspected respiratory irritants or carcinogens. Also included are those individuals in the general population who have been selected as a control group.

Previous and current employment records, medical and occupational histories, demographic data, X-rays, smoking histories, results of medical tests such as pulmonary function data and spirometry test results, permission forms, industrial environmental data, and questionnaires. The specific types of records collected and maintained are determined by the research needs of the specific study.

Occupational Safety and Health Act, Section 20, "Research and Related Activities" (29 U.S.C. 669); Federal Mine Safety and Health Act of 1977, Section 4, "Mandatory Safety and Health Standards" and Section 501, "Research" (30 U.S.C. 811, 951); Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

The purpose of this system is to investigate occupationally related diseases at workplaces identified as general industry, surface mining or below ground mining operations, to determine the cause and prevention of such diseases, and to evaluate whether excess occupationally related mortality is occurring.

Data may be sent to State Vital Statistics Divisions to obtain death certificates and to missing person location agencies to find those individuals who cannot otherwise be located.

Portions of records (name, Social Security number if known, date of birth, and last known address) may be disclosed to one or more other sources selected from those listed in Appendix I, as applicable. This may be done for obtaining a determination as to whether or not an individual has died and, if alive, last known address. The purpose of determining death is so that NIOSH may obtain death certificates, which state the cause of death, from the appropriate Federal, State, or local agency. Cause of death enables NIOSH to evaluate whether excess occupationally related mortality is occurring.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigative proceedings that NIOSH is authorized to request are: (1) Enforcement of a subpoena issued to an employer to provide relevant information; or (2) contempt citation against an employer for failure to comply with a warrant obtained by the Institute; and (3) injunctive relief against employers or mine operators to obtain access to relevant information.

Disclosure may be made to NIOSH collaborating researchers (NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality.

The records in this System are stored in computer cards, tapes/disks and printouts, microfiche, and manual files. The records in this System are retrieved by Name and/or assigned numerical identifier, plant name and study are some of the indices used to retrieve records from this system. Social Security numbers, supplied on a voluntary basis may occasionally be used for data retrieval.

Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Computer tapes/disks and printouts, CD ROM; microfiche, and manual files.

Name and/or assigned numerical identifier, plant name, and study name are some of the indices used to retrieve records from this system. Social security numbers, supplied on a voluntary basis may occasionally be used for data retrieval.

1. Authorized users: The NIOSH mainframe computer, located within the Morgantown facility, uses a security package to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a daily basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Access to the facility is monitored, and controlled after hours, by a 24-hour guard service. Hard copy records are kept in locked cabinets in locked rooms. Access to the computer room is controlled by a punch lock system. System print-outs are made available to the requester through the use of "pigeon-hole" mailboxes which are individually secured by (combination) locking doors. The local fire department is one mile from the facility, which is of structural steel and cement block construction, with pre-cast cement panels on the envelope. No combustible materials are used in the building construction, including all interior walls. The computer room is protected by a Halon gas, built-in extinguisher system. Heat sensors are installed, and portable fire extinguishers are located throughout the computer room. The active system files are backed up on a weekly basis. The entire system is backed up, with copies of the files stored in a secure, fireproof safe in a separate location within the facility.

3. Procedural safeguards: System security includes automatic suspension of accounts, forced password changes, and control of systems and data set access. Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or a job submission. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31).

Master records for completed studies are maintained in agency until transferred to the National Archives, which will occur within five years of completion. Source documents for computer data are disposed of when no longer needed in the study, as determined by the system manager, and as provided in the signed consent form, as appropriate. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Electronic records are maintained according to the provisions of the Records Control Schedule for NIOSH Electronic Records, which is consistent with the records maintenance requirements for other forms of records. Copies of notifications to workers/private physicians of needed medical attention and/or medical treatment are destroyed when no longer needed for administrative purposes, but may be retained for as long as seventy years. Paper records are destroyed by paper recycling process when 20 years old, unless needed for further study.

Administrative Officer, Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, MS 217, Morgantown, WV 26505-2845.

Epidemiologist, Epidemiological Investigations Branch, DRDS, NIOSH, 1095 Willowdale Road, MS 234, Morgantown, WV 26505-2845.

Policy coordination is provided by: Director, Division of Respiratory Disease Studies, National Institute for Occupational Safety and Health, 1095 Willowdale Road, MS 220, Morgantown, WV 26505-2845.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study or treatment, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained from the individual, company personnel records, death certificates, and from industry and trade union records. Vital status information is obtained from Federal, State and local governments and other available sources.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 67080 12/28/94; 76 FR 4469 1/25/11.

Appendix I - Potential Sources for Determination of Vital Status

Military Records Appropriate State Motor Vehicle Registration Departments Appropriate State Drivers License Departments Appropriate State Government Divisions of: Assistance Payments (Welfare), Social Services, Medical Services, Food Stamp Program, Child Support, Board of Corrections, Aging; Indian Affairs, Workman's Compensation, Disability Insurance Veterans Administration Files Appropriate Employee Union or Association Records Appropriate Company Pension or Employment Records Company Group Insurance Records Appropriate State Vital Statistics Offices Life Insurance Companies Railroad Retirement Board Area Nursing Homes Area Indian Trading Posts Mailing List Correction Cards (U.S. Postal Service) Letters and Telephone Conversations with Relatives Letters and Telephone Conversations with Former Employees of the Same Establishment as Cohort Member Appropriate Local Newspaper (Obituaries) Social Security Administration Internal Revenue Service.

None.

Division of Respiratory Disease Studies, National Institute for Occupational Safety and Health, 1095 Willowdale Road, Morgantown, WV 26505-2845.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager. Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

Individuals who have had examinations at Division of Respiratory Disease Studies (DRDS) staff or submitted medical information in cooperation with a DRDS study.

Analyses of biochemical data, occupational and medical histories, and results of medical tests. The specific types of records collected and maintained are determined by the needs of the individual study.

Federal Mine Safety and Health Act of 1977, Section 501, "Research" (30 U.S.C. 95l); Occupational Safety and Health Act, Section 20, "Research and Related Activities" and Section 22(d), "Authority of Director, National Institute for Occupational Safety and Health" (29 U.S.C 669, 671(d)).

The purpose of this system is to perform medical and epidemiological research, statistical analysis, and to identify early indicators of occupationally related diseases (biochemical indices); data is given to other NIOSH units for biochemical and epidemiological studies.

Data may be sent to State Vital Statistics Divisions to obtain death certificates and to missing person location agencies to find those individuals who cannot otherwise be located.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

Certain communicable diseases may be reported to State and/or local health departments where the State has a legally constituted reporting program for communicable diseases and which provides for the confidentiality of the information.

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigative proceedings that NIOSH is authorized to request are: (1) enforcement of a subpoena issued to an employer to provide relevant information; or (2) contempt citation against an employer for failure to comply with a warrant obtained by the Institute.

Disclosure may be made to NIOSH collaborating researchers (NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality.

Records may be disclosed by CDC in connection with public health activities to the Social Security Administration for sources of locating information to accomplish the research or program purposes for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Computer tapes/disks and printouts, CD ROM; microfiche, and manual files.

Name and case number are the indices used to retrieve records from this system.

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Records are kept in locked cabinets in locked rooms. Guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with system manager prior to making disclosures of data.

4. Implementation guidelines: HHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Management Regulations, subchapter B--Archives and Records.

Master records for completed studies are maintained in agency until transferred to the National Archives, which will occur within five years of completion. Source documents for computer data are disposed of when no longer needed in the study, as determined by the system manager, and as provided in the signed consent form, as appropriate. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Electronic records are maintained according to the provisions of the Records Control Schedule for NIOSH Electronic Records, which is consistent with the records maintenance requirements for other forms of records. Copies of notifications to workers/private physicians of needed medical attention and/or medical treatment are destroyed when no longer needed for administrative purposes, but may be retained for as long as seventy years. Paper records are destroyed by paper recycling process when 20 years old, unless needed for further study.

Administrative Officer, Division of Respiratory Disease Studies (DRDS), National Institute for Occupational Safety and Health (NIOSH), 1095 Willowdale Road, MS 217, Morgantown, WV 26505-2845.

Health Science Administrator, Clinical Investigations Branch, DRDS, NIOSH, 1095 Willowdale Road, MS 245, Morgantown, WV 26505-2845.

Policy coordination is provided by: Director, Division of Respiratory Disease Studies, National Institute for Occupational Safety and Health, 1095 Willowdale Road, MS 220, Morgantown, WV 26505-2845.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known; and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained directly from the individual.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 67080 12/28/94; 76 FR 4471 1/25/11.

None.

Public Health Practice Program Office, Chamblee Bldg. 102, Rm. 2401, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Clinical laboratory technicians and technologists, cytotechnologists, independent laboratory directors.

Answer sheets, examination scores.

Social Security Act, Section 1123 "Qualifications for Health Care Personnel" (42 U.S.C. 1320a-2).

To maintain a record of examination scores. When applicable, answer sheets are used to revalidate results.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

The Centers for Disease Control is under contract with private firms for the purpose of collating, analyzing, or otherwise refining records in this system. Relevant records are maintained by the contractors. The contractors are required to maintain Privacy Act safeguards with respect to such records.

The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Storage:

Computer-generated listings filed by discipline, and by State, in file folders. Computer tapes filed at the Federal Records Center.

Listings and answer sheets are retrieved by examination discipline, State, examinee's name and address, and examination number.

1. Authorized users: Access is granted to only a limited number of Laboratory Program Office personnel and designated support staff of the Centers for Disease Control (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, 24-hour guard service in buildings, personnel screening of visitors, electronic anti-intrusion devices in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with the system manager prior to making disclosures of data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: DHHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are retained in agency for three years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process after 15 years, unless needed for further study.

Director, Public Health Practice Program Office, Executive Park, Bldg. 24, Rm. 110, MS E20, Centers for Disease Control, l600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

The following information should be provided when requesting notification: (1) Full name; (2) approximate date(s) of the examination(s); (3) name of the examination and location at which examination was administered.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Scored examinations.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 58 FR 69048 12/29/93.

None.

Division of Safety Research (DSR), National Institute for Occupational Safety and Health (NIOSH), 944 Chestnut Ridge Road, Morgantown, WV 26505-2888.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Also, occasionally data may be located at the facilities of collaborating researchers where analyses are performed, data collected and reports written. A list of these facilities is available upon request to the system manager. Data may be located only at those facilities that have an adequate data security program and the collaborating researcher must return the data to NIOSH or destroy individual identifiers at the conclusion of the project.

Individuals exposed to hazardous work environments and individuals selected as control groups are covered by this system. Additionally, the system pertains to individuals selected to test the interaction between people, personal protection or safety equipment, users of such equipment, and a hazardous environment. Some examples include individuals involved in investigated accidents and persons selected to perform respirator facepiece fit tests, perform lifting and manual materials handling studies, perform work tests while wearing protective equipment, perform strength test studies, and perform hand speed tests.

The system contains such records as physical examinations, questionnaires, results of laboratory tests (physiological measures and performance tests), workplace performance records, occupational histories, medical histories, demographic data, and related medical information. The specific types of records collected and maintained are determined by the needs of the individual study.

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241); Occupational Safety and Health Act, Section 20, "Research and Related Activities" (29 U.S.C. 669); and Federal Mine Safety and Health Act of l977, Section 50l, "Research" (30 U.S.C. 95l).

The purpose of this system is to permit acquisition of information related to certification and performance of personal protective equipment, and safety research studies.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Portions of records (name, Social Security number if known, date of birth, and last known address) may be disclosed to one or more sources selected from those listed in Appendix 1. This may be done to determine if the individual has died so that a death certificate can be obtained. Knowing the cause of death enables NIOSH to evaluate whether excess occupationally-related mortality is occurring.

In the event of litigation initiated at the request of NIOSH, the Institute may disclose such records as it deems desirable or necessary to the Department of Justice and to the Department of Labor, Office of the Solicitor, where appropriate, to enable the Departments to effectively represent the Institute, provided such disclosure is compatible with the purpose for which the records were collected. The only types of litigation proceedings that NIOSH is authorized to request are: (1) Enforcement of a subpoena issued to an employer to provide relevant information; and (2) administrative search warrants to obtain access to places of employment and relevant information therein and related contempt citations against an employer for failure to comply with a warrant obtained by the Institute.

Records subject to the Privacy Act are disclosed to private firms for data entry, computer systems analysis and computer programming services. The contractors promptly return data entry records after the contracted work is completed. The contractors are required to maintain Privacy Act safeguards.

Disclosure may be made to NIOSH collaborating researchers (e.g., NIOSH contractors, grantees, cooperative agreement holders, or other Federal or State scientists) in order to accomplish the research purpose for which the records are collected. The collaborating researchers must agree in writing to comply with the confidentiality provisions of the Privacy Act and NIOSH must have determined that the researchers' data security procedures will protect confidentiality.

Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Manual files, computer cards, tapes/disks and printouts, microfilm, index audiogram files, audiograms, questionnaire forms.

Name, assigned number, plant name, and year tested are some of the indices used to retrieve records from these systems. Other retrieval methods are utilized as individual research dictates.

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control (CDC), as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Records are kept in locked cabinets in locked rooms. Guard service in buildings provides screening of visitors. Electronic anti-intrusion devices are in operation at the Federal Records Center.

3. Procedural safeguards: Users of individually identified data protect information from public scrutiny, and only specifically authorized personnel may be admitted to the record storage area. CDC employees who maintain records are instructed to check with system manager prior to making disclosures of data.

4. Implementation guidelines: HHS Chapter 45-13 and supplementary Chapter PHS.hf: 45-13 of the General Administration Manual. FRC safeguards are in compliance with GSA Federal Property Mangement Regulations, subchapter B--Archives and Records.

Records are maintained in agency for three years. Personal identifiers are stripped from records when no longer needed. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Deputy Director, Division of Safety Research (DRS), National Institute for Occupational Safety and Health (NIOSH), 944 Chestnut Ridge Road, Morgantown, WV 26505-2888.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) must certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known, and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Information is obtained from the individual and from employer records.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4474 1/25/11.

None.

National Center for Chronic Disease Prevention and Health Promotion, Koger/Rhodes Bldg., Rm. 4004, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

A list of contractor sites where individually identifiable data are currently located is available upon request to the system manager.

Adults and children, including health and education agency administrators, school health personnel, teachers, parents, and students who participate in studies and surveys designed to obtain data on their knowledge, attitudes, and reported behavior related to a variety of health problems and/or other potential preventable conditions of public health significance; also included are control group participants.

Responses to questionnaires by adults and children, including health and education agency administrators, school health personnel, teachers, parents, and students, pertaining to health knowledge, attitudes and behavior, site visit data, organizational data regarding health education in school curriculum, course content, medical histories, demographic data of the survey population as well as identification data for follow-up purposes.

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

This record system enables the Centers for Disease Control (CDC) officials to develop and evaluate existing health promotion programs for disease prevention and control, and to communicate new knowledge to the health community for the implementation of such programs.

Disclosure may be made to CDC contractors in the conduct of research studies covered by this system notice and in the preparation of scientific reports, in order to accomplish the stated purpose of the system. The recipients will be required to maintain Privacy Act safeguards with respect to such records.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Department of Justice has agreed to represent such employee, for example, in defending a claim against the Public Health Service based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, disclosure may be made to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Computer tapes/disks and printouts, file folders.

Name of individual, identification number, school name and year tested are some of the indices used to retrieve records from this system.

1. Authorized users: Access is granted to only a limited number of researchers and designated support staff of CDC or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, guard service in buildings, personnel screening of visitors, fire extinguishers, overhead sprinkler system and card-access control equipment in the computer room, computer terminals and automated records located in secured areas.

3. Procedural safeguards: Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. Knowledge of individual tape passwords is required to access tapes, and access to systems is limited to users obtaining prior supervisory approval. When Privacy Act tapes are scratched, a special `certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation Guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31).

Records are maintained in agency for two years. Source documents for computer disposed of when no longer needed by program officials. Personal identifiers may be deleted from records when no longer needed in the study as determined by the system manager, and as provided in the signed consent form, as appropriate. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process when 20 years old, unless needed for further study.

Director, National Center for Chronic Disease Prevention and Health Promotion, Koger/Rhodes Bldg., Rm. 4004, Centers for Disease Control, 1600 Clifton Road, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) must certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

The following information must be provided when requesting notification: (1) Full name; (2) the approximate date and place of the study, if known, and (3) nature of the questionnaire or study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals, and participating public and private schools which maintain records on enrolled students.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4476 1/25/11

None.

National Center for Prevention Services, Corporate Square, Bldg. 12, Rm. 3308, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Public Health Practice Program Office, Bldg. 2, Rm. B50, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

National Center for Injury Prevention and Control, Koger Davidson Bldg., Rm. 1078, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Division of Health Education, Executive Park, Bldg. 4, Agency for Toxic Substances and Disease Registry, 1600 Clifton Road, NE, Atlanta, GA 30333.

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

A list of contractor sites where individually identifiable data are currently located is available upon request to the appropriate system manager.

Physicians, nurses, physician assistants, clinician trainees, and other health personnel who have participated in training activities, surveys, and studies developed by the Centers for Disease Control (CDC), and control group health professionals who have not participated in training activities.

Responses to questionnaires by physicians, nurses, physician assistants, clinician trainees, and related health personnel, pertaining to knowledge, attitude and practices relating to health problems, diseases and/or other potential preventable conditions of public health significance; health care and related training data; and demographic data of the survey population as well as identification data for followup purposes.

Public Health Service Act, Section 301, "Research and Investigation" (42 U.S.C. 241).

This record system enables CDC officials to maintain training records and assess the impact of the agency's training programs on the knowledge, attitudes and practices of clinicians and other health care personnel, in order to develop improved training curricula and programs for disease prevention and control for such health care personnel.

Disclosure may be made to CDC contractors in the conduct of training surveys and studies covered by this system notice and in the preparation of scientific reports, in order to accomplish the stated purposes of the system. The recipients will be required to maintain Privacy Act safeguards with respect to such records.

CDC is under contract with private firms for the purpose of collating, analyzing, aggregating or otherwise refining records in this system. Relevant records are disclosed to such contractors. The contractors are required to maintain Privacy Act safeguards with respect to such records.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when: (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Computer tapes/disks and printouts, file folders.

Name of individual respondent, identification number, and type of training received are some of the indices used to retrieve records from this system.

1. Authorized users: Access is granted to only a limited number of personnel, i.e., CDC Project Officer, interviewers and designated support staff of CDC or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical safeguards: Locked cabinets in locked rooms, 24-hour guard service in buildings, personnel screening of visitors, electronic anti-intrusion devices in operation at the Federal Records Center, fire extinguishers, overhead sprinkler system and card-access control equipment in the computer room, computer terminals and automated records located in secured areas.

3. Procedural safeguards: Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission, frequently changed passwords, and Vault Management System. Knowledge of individual tape passwords is required to access tapes, and access to systems is limited to users obtaining prior supervisory approval. When Privacy Act tapes are scratched, a special "certified" process is performed in which tapes are completely written over to avoid inadvertent data disclosure. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

Records are maintained in agency for two years. Disposal methods include erasing computer tapes, burning or shredding paper materials or transferring records to the Federal Records Center when no longer needed for evaluation and analysis. Records destroyed by paper recycling process after 12 years, unless needed for further study.

Director, National Center for Prevention Services, Corporate Square, Bldg. 11, Rm. 2106, MS E07, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, Public Health Practice Program Office, Executive Park, Bldg. 24, Rm. 110, MS E20, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

Director, National Center for Injury Prevention and Control, Koger Davidson Bldg., Rm. 1078, MS F36, Centers for Disease Control and Prevention, 4770 Buford Highway, NE, Atlanta, GA 30341-3724.

Director, Division of Health Education, Executive Park, Bldg. 4, Rm. 2220D, MS E33, Agency for Toxic Substances and Disease Registry, 1600 Clifton Road, NE, Atlanta, GA 30333.

Policy coordination is provided by: Associate Director for Management and Operations, Bldg. 1, Rm. 2011, MS D15, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the appropriate system manager at the address above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either (1) submit a notarized request to verify their identity or (2) must certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a 5,000 dollars fine.

The following information must be provided when requesting notification: (1) Full name; (2) name of the clinic/organization in which requester was employed at time of training or survey participation, and (3) nature of the training or survey questionnaire in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals in the system and selected clinics which employ individuals who are in the system.

None.

51 FR 42449 11/24/86; 54 FR 47904 11/17/89; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 67080 12/28/94; 76 FR 4478 1/25/11

None.

National Center for Environmental Health, Chamblee Bldg. 101, Rm. G336, Centers for Disease Control and Prevention, 4770 Buford Highway NE, Atlanta, GA 30341-3724 and Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Data are located at contractor sites as data are collected. A list of contractor sites where individually identified data are currently located is available upon request to the system manager.

Selected male U.S. Army veterans at grade E-5 or below who enlisted or were drafted for one tour of duty in Vietnam or other countries during 1966 - 1972; males with birthdates 1929-1953 who have cases of selected cancers (specifically, lymphomas, soft tissue sarcomas, nasal and nasopharyngeal, and primary liver) diagnosed between December 1, 1984 to November 30, 1988; also included are control group participants.

Information identifying the participants (such as name, address, social security number, military service number, telephone number, date of birth), interview questionnaire responses, medical, laboratory, and psychological test result data, and records on biological specimens (e.g. blood, tumor, urine, etc.).

Pub. L. 96-151, "Veterans Health Programs Extension and Improvement Act of 1979" (38 U.S.C. 219 note); Pub. L. 97-72, "Veterans' Health Care, Training, and Small Business Loan Act of 1981" (38 U.S.C. 219 note); Public Health Service Act, sections 304, 306, and 308(d), which discuss authority to grant assurances of confidentiality for health research and related activities (42 U.S.C. 242 b, k, and m(d)).

Records in this system are used to support studies to assess the health of Vietnam veterans relative to the health of other men of similar age. Specifically this information should enable the Centers for Disease Control (CDC) to:

1. Evaluate the relationship of documented exposure to herbicides used in Vietnam (primarily Agent Orange) to possible adverse health consequences. Such possible effects to be evaluated include dermatologic, neurological, psychological, immunological, carcinogenic, reproductive, gastrointestinal, and others.

2. Assess the health effects of service in Vietnam (including factors other than herbicide exposure) as opposed to the experiences of veterans who served in other countries.

3. Evaluate the risk of selected cancers among Vietnam veterans in contrast to men of similar age who did not serve in Vietnam.

Portions of records (i.e., name, social security number or military service number, date of birth) may be disclosed to the National Center for Health Statistics for obtaining a determination of vital status. Death certificates stating the cause of death will then be obtained from the appropriate Federal, State, or local agency to enable CDC to evaluate whether excess mortality is occurring among Vietnam veterans. Portions may also be disclosed to the Social Security Administration who will provide additional sources of information for locating veterans involved in the study.

Records have been disclosed to Department of Health and Human Services contractors to locate veterans, cancer cases and controls, conduct interviews, perform medical examinations, analyze pathology specimens, and similar medical services, so that the research purposes for which the records were collected could be accomplished. The contractor was required to comply with the Privacy Act and to follow Section 308(d) of the Public Health Service Act with respect to such records.

Portions of records (i.e., name, Social Security number or military service number) have been disclosed to other Federal agencies such as the Veterans Administration, Internal Revenue Service, and Social Security Administration only to obtain information to aid in locating veterans involved in the study. These disclosures would have been made to update locating information provided by the Army and Joint Services Environmental Support Group.

Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

File folders, microfilm, computer cards, tapes/disks and printouts.

By name, social security number or military service number (when supplied voluntarily or contained in existing records used in studies under this system), or other identifying number.

Records in this system are collected under an Assurance of Confidentiality authorized by section 308(d) of the Public Health Service Act. To comply with this Assurance, the following special safeguards are necessary:

1. Authorized users: Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of CDC or its contractors, as authorized by the Project Director to accomplish the stated purposes for which the data in this system has been collected.

2. Physical safeguards: Questionnaires and other source data are maintained in locked fire-resistant cabinets in locked rooms. When entered into the computer, individually identified information is kept separate from data used for analysis. Tape data are stored in fire-resistant safes. There is 24-hour guard service in buildings, personnel screening of visitors, fire extinguishers, overhead sprinkler system and card- access control equipment in the computer room, and computer terminals and automated records are located in secured areas. Electronic anti- intrusion devices are in operation at the Federal Records Center.

3. Procedural safeguards: Protection for computerized records includes programmed verification of valid user identification code, account code and password prior to acceptance of a terminal session or job submission and frequently changed passwords. Knowledge of individual tape passwords is required to access tapes, and access to systems is limited to users obtaining prior supervisory approval. Names and other details necessary to identify individuals are not included in data files used for analysis. These files are indexed by code numbers which are linked with complete identifiers only if there is a specific need such as data verification or followup interviews. Keys which link identification numbers to names are stored separately with access limited to CDC project officers and authorized staff.

CDC and contractor employees who maintain records are instructed in specific rules of conduct to protect the security and confidentiality of records in accordance with section 308(d) of the Public Health Service Act. When individually identified records are being used in a room at a contractor site, admittance to the room is restricted to employees pledged to confidentiality under this statute. All data will be either returned to CDC or destroyed, as specified by the contract.

Appropriate Privacy Act provisions and confidentiality provisions under section 308(d) of the Public Health Service Act are included in contracts. The CDC Project Director, contract officers, and project officers oversee compliance with these requirements.

4. Implementation guidelines: The safeguards outlined above are developed in accordance with Chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary Chapter PHS.hf: 45-13; Part 6, "Automated Information System Security," of the HHS Information Resources Management Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC safeguards are in compliance with GSA Federal Property Management Regulations, Subchapter B--Archives and Records.

CDC retains research records in accordance with the CDC Records Control Schedule Item 37, which allows the system manager to maintain the records for 20 years unless needed for future reference. Because five-year mortality updates are planned until the study population expires, and health information from the questionnaire will be correlated with the mortality data, the computerized records to which questionnaire data will be converted may be kept as long as research needs dictate. Contractors will retain the records only as long as necessary to complete data collection and verify CDC's receipt of the data in usable form.

Records may be transferred to a Federal Records Center for storage when no longer needed for evaluation or analysis and will be retained there subject to statutory confidentiality requirements. Disposal methods include the paper recycling process, shredding hardcopy records, and erasing computer tapes and disks.

Director, National Center for Environmental Health, Chamblee Bldg. 101, Rm. 3116, Centers for Disease Control, 4770 Buford Highway NE, Atlanta, GA 30341-3724.

An individual may learn if a record exists about himself by contacting the system manager at the address above. Persons who knowingly and willfully request or acquire a record pertaining to an individual under false pretenses are subject to a 5,000 dollars fine for this criminal offense. Requesters in person must provide photo identification (such as driver's license) or other positive identification (i.e., place of birth, etc.) that would authenticate the identity of the individual making the request. Individuals who do not appear in person must submit a notarized request to verify their identity. A guardian who requests notification of, or access to, a mentally incompetent or severely physically impaired person's record must provide a birth certificate (or notarized copy), court order, or other competent evidence of guardianship. An individual who requests notification of, or access to, a medical record shall at the time the request is made, designate in writing a responsible representative (who may be a physician, other health professional, or other responsible individual) who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

In addition, the following information must be provided when requesting notification: (1) Full name and social security or military service number; (2) nature of the study in which the requester participated.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Subject individuals, Department of Defense (Army and Joint Services Environmental Support Group), Surveillance, Epidemiology, and End Results Centers (cancer registries). Records are derived from U.S. Army system of records: AO708.02ADAPC, "Official Military Personnel File.`

None.

51 FR 42449 11/24/86; 56 FR 66733 12/24/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 76 FR 4480 1/25/11

None.

National Center for Health Statistics, Presidential Building, rm. 1140, Centers for Disease Control, 6525 Belcrest Road, Hyattsville, Maryland 20782.

Applicants for and students of concentrated, intensive short-term courses related to health statistics. They are employees of Federal, State, and local governments and other persons in health-related fields engaged in collecting and analyzing vital and health statistics.

Applicant form which contains brief education information, current employment, and courses in which applicant is interested.

Public Health Service Act, section 304(b)(1) (42 U.S.C. 242b), authorizing the Secretary to use resources to provide technical assistance.

To set up courses, notify applicants of acceptance or non-acceptance, and acceptance for a future course if necessary. Used exclusively within the National Center for Health Statistics (NCHS).

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when

(a) HHS, or any component thereof; or

(b) Any HHS employee in his or her official capacity; or

(c) Any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or

(d) The United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components,

is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Storage:

Alphabetically filed in file cabinet.

Retrievable by name.

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained. NCHS implements personnel, physical, and procedural safeguards as follows:

(1) Authorized Users: Records are used only by staff administering the technical assistance programs.

(2) Physical Safeguards: Routine building security.

(3) Procedural Safeguards: Persons other than staff authorized to work with the records are not allowed access to them.

These safeguards are established in accordance with guidelines in DHHS Chapter 45-13 of the General Administration Manual, in supplementary Chapter PHS.hf:45-13, and in the NCHS Staff Manual on Confidentiality.

File destroyed six months after each course is completed.

Director, National Center for Health Statistics, Presidential Building, Rm. 1140, Centers for Disease Control, 6525 Belcrest Road, Hyattsville, Maryland 20782.

To determine if a record exists, write to the System Manager.

Same as notification procedures. Positive identification is required from anyone seeking access. Requestors should also reasonably specify the record contents being sought. Individuals may also request an accounting of disclosures that have been made of their records, if any.

Contact the official at the address specified under System Manager above, reasonably identify the record, specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Voluntary submission of Application Form by person wishing to take the courses.

None.

51 FR 42368 11/24/86; 52 FR 45023 11/24/87; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94

None.

National Center for Health Statistics, Presidential Building, rm. 1140, Centers for Disease Control, 6525 Belcrest Road, Hyattsville, Maryland 20782.

Individuals and members of households selected by probability sampling techniques to be representative of the civilian population of the United States.

Records containing information on: (1) The incidence of illness and accidental injuries, prevalence of diseases and impairments, the extent of disability, the utilization and cost of health care services, and other health characteristics of individuals obtained in household interviews and from their named health care providers and insurers; or (2) the nutritional status, prevalence levels of specially defined chronic diseases, growth and development patterns and distributions of various health related measurements and related data obtained in a survey involving health examinations, tests, and other measurement procedures; or (3) marital and child bearing history and intended future births, the use of prenatal care, and the family planning practices of individual women obtained by interview. Demographic and socioeconomic characteristics such as age, marital status, education, occupation, and family income are also obtained.

Public Health Service Act, Section 306(b) (42 U.S.C. 242k).

The data are used for statistical purposes only. Uses within the Department include the preparation of aggregated data in the form of statistical tables for publication, analysis, and interpretation, to meet the legislative mandates of 42 U.S.C. 242k, i.e., to determine levels of illness and disability and their effects on the population, the use of health care facilities, trends in family formation and dissolution, and the like.

The data are disseminated for purposes of statistical research and analysis outside DHHS in forms which do not permit the identification of individuals, such as publications of statistical tables, specially requested tabulations and public use computer tapes. These are communicated to interested persons outside DHHS, such as members of Congress and their staffs, other executive branch agencies, universities, States, cities, private foundations, etc. The findings are used by demographers, sociologist, health statisticians, epidemiologists, other scholars and concerned citizens, to evaluate health matters, make determinations on needs for legislation, appropriations, new service programs, and the like.

The Department occasionally contracts with a private firm for the purpose of collecting analyzing, aggregating, or otherwise refining records in this system. Relevant records are disclosed to such a contractor. The contractor is required to maintain Privacy Act safeguards with respect to such records.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Storage:

Paper files and magnetic tapes.

A serial number tied to the selection process of successively smaller geographic areas is assigned to each record on magnetic tape. This serial number is cross-indexed to the original, individually identifiable record.

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained. NCHS and its contractors implement personnel, physical, and procedural safeguards as follows:

1. Authorized users: Persons authorized and needing to use the records, including project directors, contract officers, interviewers, analysts, statisticians, statistical clerks, and data entry personnel on the staffs of the Center and the contractors.

2. Physical safeguards: The manual portions of the records are stored in locked files or offices when not in use. (The automated portions of the records do not contain individually identifiable data. Because they are not subject to the Privacy Act, descriptions of the computer safeguards used are not included in this notice.) Access to the buildings in which the manual records are stored is controlled by special entry devices and 24-hour security guards.

3. Procedural safeguards: All employees of NCHS and contractor personnel with access to NCHS records are required, as a condition of employment, to sign an affidavit binding them to nondisclosure of individually identifiable information; periodic training sessions are conducted to reinforce the confidentiality restrictions.

Contractors who maintain records in the system are instructed to make no further disclosure of the records. Privacy Act requirements are specifically included in contracts for survey and research activities related to this system. The HHS project directors, contract officers, and project officers oversee compliance with these requirements.

These safeguards are in accordance with chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual; supplementary chapter PHS.hf: 45-13; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 312); and the NCHS Staff Manual on Confidentiality.

Original survey records are reviewed for accuracy, edited, and data (without personal identifiers such as name or Social Security Number) are transferred to magnetic tape. The original records are retained in office files of NCHS until the process of conversion to magnetic tape and verification of information is completed. This process is completed within approximately nine months. The original records are then sent to the Federal Records Center where they are stored for 5 years for interview survey records and 10 years for examination records. Microfilm copies of examination records are retained at the Federal Records Center for 40 years.

Director, National Center for Health Statistics, Presidential Building, rm 1140, Centers for Disease Control, 6525 Belcrest Road, Hyattsville, Maryland 20782.

To determine if a record exists, write to the System Manager.

Access to record systems which have been granted an exemption from the Privacy Act access requirement may be made at the discretion of the System Manager. Positive identification is required from anyone seeking access. Appeal of access refusal may be made to the Director, Office of Management, Public Health Service. An individual may also request an accounting of disclosures of his/her record, if any.

If access has been granted, contact the System Manager and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Respondents included in the survey samples.

With respect to this system of records, exemption has been granted from the requirements contained in subsections 552a(c)(3), (d) (1) through (4), and (e)(4) (G) and (H) in accordance with the provisions of subsection 552a(k)(4) of the Privacy Act of 1974. The reason this system has been exempted is that this system contains only records required by statute to be maintained and used solely as statistical records. The exemption was published in the Federal Register, October 8, 1975, page 47413.

49 FR 37693 9/25/84; 52 FR 45023 11/24/87; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94

None.

National Center for Health Statistics, Presidential Building, rm. 1140, Centers for Disease Control, 6525 Belcrest Road, Hyattsville, Maryland 20782.

Individuals trained in specific health occupations, such as dentists, nurses, pharmacists, optometrists, dental hygienists, and other providers of health care services.

Records containing information on educational attainment, place of education, activity status, place and setting of employment or practice, place of residence, date of birth, sex, and marital status.

Public Health Service Act, section 306(b) (42 U.S.C. 242k).

The data are used for statistical purposes only. Uses within the Department include the preparation of aggregated data in the form of statistical tables for publication, analysis, and interpretation to meet legislative mandates of the Public Health Service Act, section 306 (42 U.S.C. 242k), such as an annual report on health resources, including a description and analysis of the statistics included under section 306(b)(1)(G). In addition, probability samples of individuals are selected by NCHS for statistical research purposes. Tables, magnetic tapes, and statistical samples of individuals are provided for statistical purposes only to the Bureau of Health Professions, Health Resources and Services Administration, for its use in determining health manpower scarcity areas, for loan forgiveness, and developing and evaluating educational and training programs for health manpower.

The data are made available to Health Systems Agencies and the State Agency designated under the Public Health Service Act (42 U.S.C 300 l and m) for statistical purposes only for developing and evaluating health plans.

The data are also disseminated for the purpose of statistical research and analysis outside DHHS in forms which do not permit the identification of individuals, such as publication of statistical tables, specially requested tables, and public use magnetic tapes. These are communicated to interested persons outside DHHS, such as Members of Congress, other executive branch agencies, professional associations, universities, State, cities, private foundations, etc. The statistical summaries are used by health manpower researchers, legislators statisticians and concerned citizens to evaluate the Nation's health manpower resources, make determinations on needs for legislation, new health manpower training programs, and the like.

The Department occasionally contracts with a private firm for the purpose of collecting, analyzing, aggregating or otherwise refining records in the system. Relevant records are disclosed to such a contractor. The contractor is required to maintain Privacy Act safeguards with respect to such records.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Storage:

Paper files and magnetic tape.

Name and address, date of the inventory or survey, and other identifiers permit the retrieval of a computer record of the individual's information contained on magnetic tape. Original records of information are reviewed by the contractor and/or National Center for Health Statistics (NCHS) staff for accuracy and edited, and data with personal identifier (such as name and address) are transferred to magnetic tape. The records are then matched by personal identifiers to produce an unduplicated file of individuals in a health occupation.

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained. NCHS and its contractors implement personnel, physical, and procedural safeguards as follows:

1. Authorized users: Persons authorized and needing to use the records, including project directors, contract officers, interviewers, analysts, statisticians, statistical clerks, and data entry personnel on the staffs of the Center and the contractors.

2. Physical safeguards: The manual portions of the records are stored in locked files or offices when not in use. The automated records and the computer equipment are in secured areas with fire extinguishers and sprinkler system. Access to the buildings in which the manual and the automated records are stored is controlled by special entry devices and 24-hour security guards.

3. Procedural safeguards: All employees of NCHS and contractor personnel with access to NCHS records are required, as a condition of employment, to sign an affidavit binding them to nondisclosure of individually identifiable information; periodic training sessions are conducted to reinforce the confidentiality restrictions. Data stored in computers are accessed through the use of passwords/keywords known only to the principal investigators and authorized personnel. These passwords/keywords are changed frequently.

Contractors who maintain records in the system are instructed to make no further disclosure of the records. Privacy Act requirements are specifically included in contracts for survey and research activities related to this system. The HHS project directors, contract officers, and project officers oversee compliance with these requirements.

These safeguards are in accordance with chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual; supplementary chapter PHS.hf: 45-13; Part 6, "ADP Systems Security," of the HHS ADP Systems Manual; the National Bureau of Standards of Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 312); and the NCHS Staff Manual on Confidentiality.

The original records are retained in the offices of national professional associations and/or State boards of licensure, or the NCHS data processing facility until the process of conversion to magnetic tape and verification of information is completed and a subsequent inventory or survey is initiated. For these reasons the records may be retained for a period of up to five years before disposal.

Director, National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, Maryland 20782.

To determine if a record exists, write to the System Manager at the above address.

Access to record systems which have been granted an exemption from the Privacy Act access requirement may be made at the discretion of the System Manager. Positive identification is required from anyone seeking access. Appeal of access refusal may be made to the Director, Office of Management, Public Health Service. An individual may also request an accounting of disclosure of his/her record, if any.

If access has been granted, contact the System Manager and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Health practitioners, state licensing agencies, or professional associations.

With respect to this system of records, exemption has been granted from the requirements contained in subsections 552a(c)(3), (d)(1) through (4), and (e)(4)(G) and (H) in accordance with the provisions of subsection 552a(k)(4) of the Privacy Act of 1974. The reasons that the system has been exempted is that this system contains only records required by statute to be maintained and used solely as statistical records. The exemption was published in the Federal Register, October 8, 1975, page 47413.

Survey 49 FR 37694 9/25/84; 52 FR 45023 11/24/87; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94

None.

National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, Maryland 20782.

Individuals who are born and their parents; individuals who die; individuals who are married or divorced; and parents experiencing fetal deaths.

The records include microfilm images of State records or machine-readable data prepared by the State from records collected under the laws of each State for births, deaths, fetal deaths, marriages and divorces. The records contain the demographic characteristics of individuals associated with each event. In addition, the birth records include information on the characteristics of each live birth, the health status of the infant, and socioeconomic characteristics of the parents. The death records contain medical information relating to cause of death and to socioeconomic characteristics of the deceased; the fetal death record contains medical information relating to cause of death and socioeconomic characteristics of the parents. Marriages and divorces include demographic and socioeconomic characteristics of both parties to the event and legal information regarding the event.

Periodically the National Center for Health Statistics (NCHS) conducts followback surveys, collecting information on random samples of births and deaths through mail questionnaires. The content of questionnaires for the followback surveys varies. Past surveys have collected information on such topics as hospital utilization in the last year of life, smoking habits of the deceased, health status of infants, and pregnancy and employment histories of mothers.

Lists of names and other identifying information in the system are provided to NCHS by individuals and organizations who for health research purposes seek to have them matched against files of decedents in order to identify State death records.

Public Health Service Act, section 306(h) (42 U.S.C. 242k.)

The data are used for statistical purposes only. Uses within the Department include the preparation of aggregated data in the form of statistical tables for publication, analysis, and interpretation, to meet the legislative mandates of 42 U.S.C 242k, i.e., to determine the extent and nature of illness and disability of the population of the U.S., including life expectancy and levels of infant and maternal mortality, environmental and other health hazards, trends in family formation, growth, and dissolution, and other related matters. The followback surveys are designed primarily to expand the scope of data that NCHS can collect from the national registration system, to make the registration system more responsive to changing needs for data, and to evaluate the quality of data collected on the birth and death records.

The processed data are disseminated for public use in forms that do not permit identification of individuals, such as published statistical tables, special unpublished tabulations, and public use computer tapes, which carry no individual identifiers. They are used by members of Congress and their staffs, other executive branch agencies, state and city governments, public and private research institutions, life insurance companies, faculty and students of universities, physicians, workers in health information, newspaper reporters and feature writers, etc. The findings are used to make determinations on needs for legislation, appropriations, and programs in the health field; to pinpoint health problems, measure progress of national health programs, and make population estimates; for epidemiological studies, marketing research, sociological studies, and studies of the family; and for other research directed at understanding our society.

Storage:

Paper files and magnetic tapes.

Some States submit microfilm copies of certificates of birth, death, fetal death, marriage, and divorce, and statistics are extracted from them. These microfilms contain individual identifiers; they are the only individually identified records in the system. Other States submit vital statistics data on magnetic tape, showing only a State file number for each case but no personal identifiers.

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained. NCHS and its contractors implement personnel, physical, and procedural safeguards as follows:

1. Authorized users: Persons authorized and needing to use the records, including project directors, contract officers, interviewers, analysts, statisticians, statistical clerks, and data entry personnel on the staffs of the Center and the contractors.

2. Physical safeguards: The manual portions of the records are stored in locked files or offices when not in use. (The automated portions of the records do not contain individually identifiable data. Because they are not subject to the Privacy Act, descriptions of the computer safeguards used are not included in this notice.) Access to the buildings in which the manual records are stored is controlled by special entry devices and 24-hour security guards.

3. Procedural safeguards: All employees of NCHS and contractor personnel with access to NCHS records are required, as a condition of employment, to sign an affidavit binding them to nondisclosure of individually identifiable information; periodic training sessions are conducted to reinforce the confidentiality restrictions.

Contractors who maintain records in the system are instructed to make no further disclosure of the records. Privacy Act requirements are specifically included in contracts for survey and research activities related to this system. The HHS project directors, contract officers, and project officers oversee compliance with these requirements.

These safeguards are in accordance with chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual; supplementary chapter PHS.hf: 45-13; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 312); and the NCHS Staff Manual on Confidentiality.

The microfilm copies of the individually identifiable records are retained in office files of NCHS until the process of conversion to magnetic tape and verification of information is completed. The death records are sent to the Federal Records Center ten years after tabulation for deaths occurring during the three year period surrounding census years and one year after tabulation for other years. They are held until disposed of, 15 years after tabulation for deaths of the censal years, and five years after tabulation for other years. Records of births, fetal deaths, marriages, and divorces are disposed of two years after tabulation. The questionnaires for the followback surveys are destroyed after conversion to magnetic tape, tabulation, and analyses have been completed.

Director, National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, Maryland 20782.

To determine if a record exists, write to the System Manager at the above address.

Access to record systems which have been granted an exemption from the Privacy Act access requirement may be made at the discretion of the System Manager. Positive identification is required from anyone seeking access. Appeal of access refusal may be made to the Director, Office of Management, Public Health Service. An individual may also request an accounting of disclosures of his/her record, if any.

If access has been granted, contact the System Manager and reasonably identify the record, specify the information being contested, and state the corrective action sought with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Vital statistics records are obtained from State vital statistics offices, or, in rare instances, from other State or county repositories of marriage or divorce data. Information in followback surveys is obtained from hospitals, physicians, or relatives of the infants or the deceased.

With respect to this system of records, exemption has been granted from the requirements contained in subsections 552a(c)(3), (d)(1) through (4), and (e)(4)(G) and (H), in accordance with the provision of subsection 552a(k)(4) of the Privacy Act of 1974. The reason that the system has been exempted is that this system contains only records required by statute to be maintained and used solely as statistical records. The exemption was published in the Federal Register, October 8, 1975, page 47413.

49 FR 37695 9/25/84; 52 FR 45023 11/24/87 ; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94

None.

National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, Maryland 20782.

Recipients of medical care included in statistical surveys and reports of the National Center for Health Statistics (NCHS), including but not limited to: (1) Staff and residents of nursing homes selected by random sampling techniques to be representative of nursing homes in the U.S.; (2) physicians providing medical care and patients visiting such physicians; (3) patient medical records from selected short-stay hospitals.

Records containing information on: (1) The utilization of long-term care and nursing home care through data on clients and residents (demographic and social characteristics, health status and charges paid for care) and the facility (general characteristics, certification, services offered and expense); (2) the demographic characteristics, medical and other problems of persons visiting physicians, and the physicians' diagnosis, treatment, and disposition decisions made during such visits as obtained from physicians during randomly assigned one- week survey periods; (3) the demographic characteristics administrative information (admission and discharge dates, discharge status, and medical record number), and medical information (diagnosis and surgical procedures) abstracted from the face sheet of short-stay hospital medical records.

In many cases, these records do not contain individual identifiers when they come under control of the National Center for Health Statistics; they carry only sequence numbers, which only the originating agency would be able to translate into a personal identifier-- and even then, not in all cases. Names of residents and staff of nursing homes and patients of physicians are listed on separated forms for sampling purposes only and are not included in the final statistical records.

Public Health Service Act, Section 306(b) (42 U.S.C. 242k).

The data are used for statistical purposes only, as specified by statute, section 308(d) of 42 U.S.C. 242m. Uses within the Department include the preparation of aggregated data in the form of statistical tables for publication, analysis and interpretation to meet the legislative mandates of 42 U.S.C. 242k, i.e., collection of statistics on the utilization of health services, including the utilization of: (1) Long-term care services and nursing home facilities to determine levels of illness and disability, effects on the serviced population, and the costs of care; (2) ambulatory health services by specialties and types of practice of the health professionals providing such services; and (3) short-stay hospitals to determine characteristics of patients, length of stay, diagnosis and surgical operations, and utilization patterns of care in hospitals of different size and ownership.

The data are disseminated in forms which do not permit the identification of individuals, such as publications of statistical tables, special requested tabulations, and public use computer tapes. These are communicated to interested persons outside DHHS, such as members of Congress and their staffs, other executive branch agencies, universities and medical schools, state and local health planning agencies, private foundations, etc. The findings are used by demographers, sociologists, health statisticians, epidemiologists, medical educators, health planners, other scholars, and concerned citizens, to evaluate health matters, make determinations on needs for legislation, appropriations, new service programs, and the like.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Storage:

Paper files and magnetic tapes.

Data are retrieved by individual identifier only in the editing stage of data processing and only for the purpose of correcting errors in the recording of information. Original survey records are reviewed for accuracy and edited, then data (without personal identifiers such as name or Social Security Number) are transferred to magnetic tape.

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained. NCHS and its contractors implement personnel, physical, and procedural safeguards as follows:

1. Authorized users: Persons authorized and needing to use the records, including project directors, contract officers, interviewers, analysts, statisticians, statistical clerks, and data entry personnel on the staffs of the Center and the contractors.

2. Physical safeguards: The manual portions of the records are stored in locked files or offices when not in use. (The automated portions of the records do not contain individually identifiable data. Because they are not subject to the Privacy Act, descriptions of the computer safeguards used are not included in this notice.) Access to the buildings in which the manual records are stored is controlled by special entry devices and 24-hour security guards.

3. Procedural safeguards: All employees of NCHS and contractor personnel with access to NCHS records are required, as a condition of employment, to sign an affidavit binding them to nondisclosure of individually identifiable information; periodic training sessions are conducted to reinforce the confidentiality restrictions.

Contractors who maintain records in the system are instructed to make no further disclosure of the records. Privacy Act requirements are specifically included in contracts for survey and research activities related to this system. The HHS project directors, contract officers, and project officers oversee compliance with these requirements.

These safeguards are in accordance with chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual; supplementary chapter PHS.hf: 45-13; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 312); and the NCHS Staff Manual on Confidentiality.

The original records are retained in office files of NCHS or NCHS contractors for two years. The procedure for family planning records differs in that the original documents are retained in office files for only two months. In all instances, the original records are then sent to the Federal Records Center where they are stored for five years.

Director, National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, Maryland 20782.

To determine if a record exists, write to the System Manager at the above address.

Access to record systems which have been granted an exemption from the Privacy Act access requirement may be made at the discretion of the System Manager. Positive identification is required from anyone seeking access. Appeal of access refusal may be made to the Director, Office of Management, Public Health Service. An individual may also request an accounting of disclosures of his/her record, if any.

If access has been granted, contact the System Manager and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Hospitals, physicians, clinics, nursing homes, and other providers of health care.

With respect to this system of records, exemption has been granted from the requirements contained in subsections 552(a)(3), (d)(1) through (4), and (e)(4)(G) and (H), in accordance with provisions of subsections 552a (k)(4) of the Privacy Act of 1974. The reason for this exemption is that this system contains only records required by statute to be maintained and used solely as statistical records. The exemption was published in the Federal Register, September 11, 1978, page 40229.

49 FR 37697 9/25/84; 52 FR 45023 11/24/87; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94.

None.

National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, Maryland 20782.

Persons who are past, present, or potential users of health statistics and would therefore have special interests in the programs conducted by NCHS, such as (1) persons who subscribe to NCHS publication series, (2) persons who purchase NCHS public use data tapes or publications, (3) persons who contact NCHS to request data or information on health statistics, (4) persons who attend health statistics conferences, and (5) persons known from their publications or otherwise to have a research, legislative, policy, or adminstrative interest in data produced by NCHS.

This system consists of information relating to the professional health statistical interests of health statistics users, such as their: Name, address, position, organization, education, memberships in professional organizations, special committee and task force assignments, offices held in organizations, publications, health statistics meetings attended, uses made of health statistics, health statistics projects, purchases of NCHS tapes or publications, and expressions of interests and concerns about health statistics.

Public Health Service Act, section 308(g)(2) (42 U.S.C. 242m(g)(2), which authorizes the Secretary to take necessary action to assure that appropriate, high quality data are disseminated on as wide a basis as is practicable.

NCHS uses the data in detemining how improvements can be made in (1) the content and methodology of its data programs, (2) its data publications, (3) dissemination of health statistics, and (4) meetings or other means for soliciting users' concerns and knowledge sharing.

1. The Department occasionally contracts with a private firm for the purpose of conducting surveys or collecting, analyzing, aggregating, otherwise refining, or evaluating data in this system. Relevant records are disclosed to such a contractor. The contractor is required to maintain Privacy Act safeguards with respect to such records.

2. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

3. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when

(a) HHS, or any component thereof; or

(b) Any HHS employee in his or her official capacity; or

(c) Any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or

(d) The United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components,

is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

Storage:

The information is contained on paper records and/or computer-readable tape.

Information is retrieved by name, and may also be retrievable by unique identifying number, address, specialty, or other identifying characteristics.

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained in each project.

NCHS and its contractors implement personnel, physical, and procedural safeguards such as the following:

(1) Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to authorized contractor personnel, the NCHS project officer, and NCHS employees whose duties require the use of such information. One-time and special access to the data is controlled by the System Manager, the NCHS Project Officer, and the Contract and/or Project Director. Furthermore, all employees of NCHS and contractor personnel with access to NCHS records are required, as a condition of employment, to sign an affidavit binding them to nondisclosure of identifiable individuals' information.

(2) Physical Safeguards: Records are stored in locked files or secured areas. Computer terminals are in secured areas. Computerized files are further protected by the Resources Access Control Facility ("RACF").

(3) Procedural Safeguards: Data stored in computers are accessed through the use of passwords/keywords known only to the principal investigators or authorized personnel. These passwords/keywords are changed frequently.

Contractors who maintain records in this system are instructed to make no further disclosure of the records except as authorized by the system manager and permitted by the Privacy Act. Privacy Act requirements are specifically included in contracts for research activities related to this system. The HHS project directors, contract officers, and project officers oversee compliance with these requirements.

The particular safeguards implemented in each project are developed in accordance with chapter 45-13, "Safeguarding Records Contained in Systems of Records," of the HHS General Administration Manual, supplementary chapter PHS hf. 45-13; Part 6, "ADP Systems Security," of the HHS Information Resources Manual; the National Bureau of Standards Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub 31).

Records are retained for various periods of time depending upon how useful they are considered to be, in accordance with NCHS policy. Some records of users may be maintained indefinitely. Disposal methods include burning or shredding hard copy and erasing computer tapes and disks.

Director, National Center for Health Statistics, Centers for Disease Control, Presidential Building, Rm. 1140, 6525 Belcrest Road, Hyattsville, MD 20782.

To determine if a record exists, write to the System Manager. Information needed consists of name and address of individual.

Same as notification procedures. Requestors should also reasonably specify the record contents being sought. Positive indentification is required from anyone seeking access. You may also request an accounting of disclosures that have been made of your record, if any.

Write to the official at the address specified under notification procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Records may be obtained from (1) order forms for publications or public use data tapes, (2) mailing lists, (3) registration forms of meeting (4) author information in books and journals, (5) reference citations, and (6) reports of colleagues.

None.

51 FR 42371 11/24/86; 52 FR 45023 11/24/87; 56 FR 1324 1/11/91; 57 FR 62811 12/31/92; 58 FR 69048 12/29/93; 59 FR 48331 9/7/94.

Unclassified.

The address of the HHS component responsible for this system of records is: Division of Select Agents and Toxins (DSAT), Center for Preparedness and Response, Centers for Disease Control and Prevention (CDC), 1600 Clifton Rd. NE, Atlanta, GA 30329.

The System Manager is: Director, Division of Select Agents and Toxins (DSAT), Center for Preparedness and Response, CDC, 1600 Clifton Rd. NE, Atlanta, GA 30329, (404) 718-2000, lrsat@cdc.gov.

Subtitle A, Title II, Public Health Security and Bioterrorism Preparedness and Response Act of 2002, Pub. L. 107-188 (42 U.S.C. 262a).

The purpose of this system of records is to cover records about individuals, retrieved by personal identifier, that HHS/CDC uses in managing the Federal Select Agent Program (FSAP) to track the possession, use, and transfer of biological select agents and toxins (BSAT), in order to ensure that BSAT are managed appropriately to prevent potential threats to public health.

The records are about these categories of individuals:

Individuals who in an individual (i.e., sole proprietorship) capacity have applied for or received a certificate of registration from FSAP.

Individuals designated as an entity applicant’s Responsible Official and Alternate Responsible Official.

Other individuals identified in an application as requesting or needing access to BSAT under 42 CFR part 73, otherwise known as the HHS select agent regulations. The FSAP approves, or disapproves, these individuals to possess, use, and transfer BSAT based on the security risk assessments performed by the Department of Justice (DOJ), Federal Bureau of Investigation (FBI), Criminal Justice Information Services Division (CJIS), Bioterrorism Risk Assessment Group (BRAG).

The system of records includes these categories of records, some of which are forms approved by the Office of Management and Budget (OMB):

Request for Exclusion: This type of request is submitted to the FSAP by an individual or entity applicant or registrant to seek a determination by the HHS Secretary that an attenuated strain or modified toxin does not pose a severe threat to public health and safety (see 42 CFR 73.3(e) and 73.4(e)).

Report of Identification of Select Agent or Toxin (APHIS/CDC Form 4). This form is used by a clinical or diagnostic laboratory to notify the FSAP that BSAT has been identified as the result of diagnosis, verification, or proficiency testing or has been disposed of or transferred in accordance with regulatory requirements (see 42 CFR 5(a)-(b) and 6(a)-(b)).

Request for Exemption (APHIS/CDC Form 5). This form is used by an individual or entity registrant or applicant seeking an exemption on the basis that it is using an investigational product that is, bears, or contains BSAT (see 42 CFR 5(d) and 6(d)).

Application for Registration (APHIS/CDC Form 1). This form is used by an individual or entity to apply for a certificate of registration from the FSAP. The applicant completes the form by providing location or facility information; a list of BSAT in use, possession, or for transfer by the applicant; characterization of each BSAT the applicant will possess; the name, date of birth, and job title of each individual who needs access to BSAT; and laboratory information such as biosafety level, building and room location (see 42 CFR 7(d)). FSAP assigns a DOJ identification number for each individual associated with application so that individuals can submit information to BRAG for security risk assessment. This form is also used by an applicant or registrant to amend the registration if any changes occur in the information submitted (see 42 CFR 7(h)(1)).

Security Risk Assessment. BRAG uses the information the applicant provides in the Application for Registration about each individual needing access to BSAT to perform a security risk assessment of each individual and provides the assessments to the FSAP. FSAP uses the information to approve individuals to access BSAT following a security risk assessment (see 42 CFR 10(a)).

Documentation of Inspection: Prior to issuance of a certificate of registration, the FSAP will inspect the applicant’s locations or facilities to ensure compliance with the select agent regulations and will document the inspection, including the applicant’s responses to any written requests from the FSAP (see 42 CFR 18).

Request for Expedited Review: An individual or entity applicant or registrant may apply to the HHS Secretary or APHIS Administrator for an expedited review (i.e., an expedited security risk assessment) by the Attorney General of an individual identified as needing access to BSAT. The request is made by submitting a request in writing to the HHS Secretary establishing the need for such action (see 42 CFR 10(e)).

Security Plan: An individual or entity required to register with the FSAP must develop and implement a written security plan, which must be sufficient to safeguard BSAT against unauthorized access, theft, loss, or release (see 42 CFR 11(a)). As a condition of registration, an individual or entity is required to provide a copy of the plan to the FSAP.

Biosafety Plan: An individual or entity required to register with the FSAP must develop and implement a written biosafety plan that is commensurate with the risk of BSAT, given its intended use. The biosafety plan must contain sufficient information and documentation to describe the biosafety and containment procedures for each BSAT the individual or entity will possess, including any animals (including arthropods) or plants intentionally or accidentally exposed to or infected with a select agent (see 42 CFR 12(a)). As a condition of registration, an individual or entity is required to provide a copy of the plan to the FSAP.

Request Regarding a Restricted Experiment: An individual or entity may not conduct, or possess products resulting from certain experiments unless approved by and conducted in accordance with the conditions prescribed by the HHS Secretary; these requests to seek such approval to conduct restricted experiments are maintained by FSAP(see 42 CFR 13(a)).

Incident Response Plan: An individual or entity required to register under this part must develop and implement a written incident response plan based upon a site-specific risk assessment. The incident response plan must be coordinated with any entity-wide plans, be kept in the workplace, and be available to employees for review (see 42 CFR 14(a)). As a condition of registration, an individual or entity is required to provide a copy of the plan to the FSAP.

Training Record: A registered individual, or a registered entity’s Responsible Official, must ensure training is provided to each individual with access to BSAT and each escorted individual (e.g., laboratory workers, visitors, etc.) and that a record of the training is maintained. The record must include the name of each such individual, the date of the training, a description of the training provided, and the means used to verify that the individual understood the training (see 42 CFR 15(d)), and a copy of the training record may be requested by FSAP.

Request to Transfer Select Agent or Toxin (APHIS/CDC Form 2). This form is used by a registered individual or entity to request pre-authorization from FSAP to receive or send a specific BSAT (see 42 CFR 16).

Other Records: An individual or entity required to register with the FSAP must maintain complete records relating to the activities covered by the select agent regulations, any of which may be requested by FSAP (see 42 CFR 17(a)).

Report of Potential Theft, Loss, or Release of Select Agent or Toxin form (APHIS/CDC Form 3). This form is completed by a registered individual or entity to report any theft, loss, or release of BSAT to FSAP (see 42 CFR 19(a)-(b)).

The records in the system of records are obtained from the individuals and entities applying for or receiving a certificate of registration from FSAP to possess, use, and transfer BSAT or permit individuals to access BSAT; or from FSAP, or from BRAG.

In addition to other disclosures authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(1) and (2) and (b)(4) through (11), HHS may disclose records about a subject individual from this system of records to parties outside HHS as described in these routine uses, without the individual’s prior written consent.

Records may be disclosed to USDA to provide comprehensive and effective oversight of BSAT, compliance with select agent regulations, and administration of FSAP.

Records may be disclosed to contractors engaged to assist FSAP with performing the functions listed in the Purpose section above. Contractors are required to maintain Privacy Act safeguards with respect to such records.

Records may be disclosed to state health departments and other public health, cooperating medical or federal law enforcement authorities to deal more effectively with emergency events involving BSAT that may impact public health and safety.

Records may be disclosed to state agriculture departments and other agriculture cooperating authorities to deal more effectively with outbreaks of animal and plant diseases or other conditions of agriculture significance.

Personal information from this system of records may be disclosed as a routine use, to assist in making a determination concerning an individual's trustworthiness to access BSAT, to any federal or state agency where the purpose in making the disclosure is to prevent access to BSAT for use in domestic or international terrorism or for any criminal purpose; or to any federal or state agency to protect the public, animal, and plant health and public safety with regard to the possession, use, or transfer of BSAT.

Information may be disclosed to the Department of Justice (DOJ) or to a court or other adjudicative body in litigation or other proceedings when:

HHS or any of its components thereof, or

any employee of HHS acting in the employee’s official capacity, or

any employee of HHS acting in the employee’s individual capacity where the DOJ or HHS has agreed to represent the employee, or

the United States Government,

is a party to the proceeding or has an interest in such proceeding and, by careful review, HHS determines that the records are both relevant and necessary to the proceeding.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

Where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or by regulation, rule, or order issued pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the agency concerned, whether federal, state, Tribal, local, territorial, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, rule, regulation, or order issued pursuant thereto.

For the purpose of combatting fraud, waste, and abuse, records may be disclosed to a relevant federal agency or instrumentality of any governmental jurisdiction within or under the control of the United States for the purpose of investigating potential fraud, waste, or abuse.

Records may be disclosed to representatives of the National Archives and Records Administration (NARA) in records management inspections conducted pursuant to 44 U.S.C. 2904 and 2906.

Records may be disclosed to appropriate agencies, entities, and persons when (1) HHS suspects or has confirmed that there has been a breach of the system of records, (2) HHS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HHS (including its information systems, programs, and operations), the federal government, or national security, and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HHS's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

Records may be disclosed to another federal agency or federal entity, when HHS determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the federal government, or national security, resulting from a suspected or confirmed breach.

The oldest inactive records are in paper form; all other records are stored electronically.

The records are retrieved by the subject individual’s name or DOJ identification number.

Records are retained for 10 years, or until such time as the records are no longer needed for litigation or other records purposes and are then disposed of in accordance with FSAP disposition schedule DAA-0442-2019-0001. Records are transferred to a federal records center for storage when no longer in active use. Final disposition of records stored offsite at the federal records center is accomplished by a controlled process requesting final disposition approval from the HHS record owner prior to any destruction to ensure the records are not needed for litigation or other records purposes.

Safeguards conform to the HHS Information Security and Privacy Program, http://www.hhs.gov/ocio/securityprivacy/index.html, the HHS Information Security and Privacy Policy (IS2P), and applicable federal laws, rules and policies, including: the E-Government Act of 2002, which includes the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. 3541-3549, as amended by the Federal Information Security Modernization Act of 2014, 44 U.S.C. 3551-3558; all pertinent National Institutes of Standards and Technology (NIST) publications; and OMB Circular A-130, Managing Information as a Strategic Resource.

ADMINISTRATIVE AND TECHNICAL SAFEGUARDS:

Security measures are implemented on government computers to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed by FSAP on a regular basis. Individuals who have routine access to these records are limited to staff (FTEs and contractors having security clearances at T3 (Non-Critical Sensitive positions requiring Secret clearance) or T4 (Non-Sensitive High Risk (Public Trust)) levels) who have responsibility for conducting regulatory oversight.

Protection for computerized records includes programmed verification of valid user identification code and password prior to logging on to the system; mandatory password changes, limited number of log-in attempts, virus protection, encryption, firewalls, and intrusion detection systems, and user rights/file attribute restrictions. Password protection imposes username and password log-in requirements to prevent unauthorized access. Each username is assigned limited access rights to files and directories at varying levels to control file sharing. There are routine daily backup procedures, and backup files are securely stored off-site. Security controls are reviewed on an ongoing basis.

Knowledge of individual tape passwords is required to access backups, and access to the system is limited to users obtaining prior supervisory approval. To avoid inadvertent data disclosure, a special additional procedure is performed to ensure that all Privacy Act data are removed from computer hard drives. Additional safeguards may also be built into the program by the system analyst as warranted by the sensitivity of the data set.

FTEs and contractor employees who maintain records are instructed in specific procedures to protect the security of records and are to check with the system manager prior to making disclosure of data. When individually identifiable data are used in a room, admittance at either federal or contractor sites is restricted to specifically authorized personnel.

Appropriate Privacy Act provisions and breach notification provisions are included in applicable contracts, and the CDC Project Director, contract officers, and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to federal government or destroyed, as specified by the contract that includes breach notifications.

Records that are eligible for destruction are disposed of using destruction methods prescribed by NIST SP 800-88. Hard copy records are placed in a locked container or designated secure storage area while awaiting destruction. Records are destroyed in a manner that precludes its reconstruction, such as secured cross shredding. Utilizing the HHS Security Rule Guidance Material found at https://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html, electronic information will be deleted or overwritten using Department of Defense National Institute of Standards and Technology/ General Services Administration (NIST/GSA) approved overwriting software that wipes the entire physical disk and not just the virtual disk. In addition, the physical destruction is obtained by using a National Security Agency/Central Security Service (NSA/CSS) approved degaussing device.

PHYSICAL SAFEGUARDS:

Paper records are maintained in locked cabinets in restricted areas to which access is controlled by an electronic cardkey system and is limited to staff who have responsibility for conducting regulatory oversight.

Electronic data files are stored in a restricted access location. The computer room is protected by an automatic sprinkler system and numerous automatic sensors (e.g., water, heat, smoke, etc.) which are monitored, and a proper mix of portable fire extinguishers is located throughout the computer room. Computer workstations, lockable personal computers, and automated records are located in secured areas.

An individual seeking access to records about that individual in this system of records must submit a written access request to the System Manager, identified in the "System Manager" section of this SORN. The request must contain the requester’s full name, address, and signature, and DOJ identification number if known. To verify the requester’s identity, the signature must be notarized or the request must include the requester’s written certification that the requester is the individual who the requester claims to be and that the requester understands that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense subject to a fine of up to $5,000. An accounting of disclosures that have been made of the records, if any, may also be requested.

An individual seeking to amend a record about that individual in this system of records must submit an amendment request to the System Manager identified in the "System Manager" section of this SORN, containing the same information required for an access request. The request must include verification of the requester’s identity in the same manner required for an access request; must reasonably identify the record and specify the information contested, the corrective action sought, and the reasons for requesting the correction; and should include supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

An individual who wishes to know if this system of records contains records about that individual should submit a notification request to the System Manager identified in the "System Manager" section of this SORN. The request must contain the same information required for an access request and must include verification of the requester’s identity in the same manner required for an access request.

None.

72 FR 35993 (July 2, 2007); 76 FR 4483 (Jan. 25, 2011), 83 FR 6591 (Feb. 14, 2018).

None.

Division of Global Migration and Quarantine, National Center for the Preparedness, Detection, and Control of Infectious Disease (NCPDCID), Coordinating Center for Infectious Diseases (CCID), Centers for Disease Control and Prevention, 1600 Clifton Road, NE., Building 16; MS E03, Atlanta, GA 30333.

Records may occasionally be stored at Quarantine Stations located at key ports of entry and at contractor sites.

Individuals subject to quarantine or isolation orders, ill travelers (i.e., passengers and crew), contacts of ill travelers, and/or individuals exposed or suspected of being exposed to serious communicable diseases.

Passenger and crew manifests from conveyances carrying individuals subject to 42 CFR parts 70 and 71, case reports, illness response forms, medical assessments, medical records (including but not limited to clinical, hospital and laboratory data and data from other relevant tests), name, address, date of birth, and related information and documents collected for the purpose of carrying out agency responsibilities under sections 311 and 361-368 of the Public Health Services Act.

Sections 311, 361-368 of the Public Health Service Act.

This system maintains records on the conduct of activities (e.g., quarantine, isolation) that fulfill HHS's and CDC's statutory authority under sections 311, 361-368 of the Public Health Service Act to prevent the introduction, transmission and spread of communicable diseases.

Records are collected when individual known or suspected to have been exposed to serious communicable diseases arrives into the United States from foreign countries or is engaged in interstate or international movement These records are used to (1) document reports of illness that may pose a public health risk occurring while on board airplanes, maritime vessels, and at land-border crossings of persons arriving from foreign countries or traveling between states; (2) perform contact tracing investigations and notifications of passengers and crew when known or suspected exposures to serious communicable diseases occur on board a conveyance arriving in the United States from a foreign country or traveling from one state or possession to another; (3) inform international, federal, state or local public health authorities so that these authorities may act to protect public health or safety; and (4) take such actions (e.g., quarantine or isolation) as necessary to prevent the introduction, transmission, and spread of serious communicable diseases from persons arriving into the United States from foreign countries or persons engaged in interstate or international movement.

(1) Records may be disclosed to contractors to handle program work duties, performing many of the same functions as FTEs within DGMQ in situations where additional staff is required. Contractors are required to maintain Privacy Act safeguards with respect to such records.

(2) Records may be disclosed to state and local health departments and other cooperating medical and public health authorities and their counsel to more effectively deal with outbreaks and other significant public health conditions.

(3) Personal information from this system may be disclosed as a routine use to appropriate conveyance personnel, Federal agencies, state and local health departments, Department of State and embassy personnel (U.S. and foreign), and health authorities in foreign countries for contact tracing investigations and notifications of possible exposures to serious communicable diseases in connection with travel.

(4) Records may be disclosed to the Department of Homeland Security to restrict travel of persons who pose a public health risk and in the instance of suspected domestic or international terrorism.

(5) Disclosure may be made to medical personnel providing evaluation and care for ill or exposed persons, including travelers.

(6) Records may be disclosed to the World Health Organization in accordance with U.S. responsibilities as a signatory to the International Health Regulations or other international agreements.

(7) Personal information may be disclosed to federal, state, and local authorities for taking necessary actions to place someone under quarantine or isolation, for enforcement of other quarantine regulations, or to protect the public's health and safety.

(8) Records may be disclosed to cooperating state and local legal departments enforcing concurrent legal authority related to quarantine or isolation activities.

(9) In the event that a system of records maintained by this agency to carry out its functions indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule or order issued pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the appropriate agency, whether federal, foreign, state or local, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation or order issued pursuant thereto.

(10) Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual

(11) In the event of litigation where the defendant is: (a) The Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, disclosure may be made to the Department of Justice to enable that Department to present an effective defense.

(12) Records may be disclosed to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information disclosed is relevant and necessary for that assistance.

Storage:

Electronic media and file folders for hard-copy records.

By name of individual or other identifying particulars.

1. Authorized Users: A database security package is implemented on CDC's computer systems to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control and Prevention (CDC), or its contractors, as authorized by the system manager to accomplish the stated purposes for which the data in this system have been collected.

2. Physical Safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a cardkey system. Access to the computer room is controlled by a cardkey and security code (numeric keypad) system. Access to the data entry area is also controlled by a cardkey system. Guard service in buildings provides personnel screening of visitors. The local fire department is located directly next door to the Clifton Road facility. The computer room is protected by an automatic sprinkler system, numerous automatic sensors (e.g., water, heat, smoke, etc.) are installed, and a proper mix of portable fire extinguishers is located throughout the computer room. Computer files are backed up on a routine basis. Hard-copy records are stored in locked cabinets at CDC headquarters and CDC Quarantine stations which are located in a secure area of the airport.

3. Procedural Safeguards: Protection for computerized records, both on the mainframe and the National Center Local Area Network (LAN), includes programmed verification of valid user identification code and password prior to logging on to the system, mandatory password changes, limited log-ins, virus protection, and user rights/file attribute restrictions. Password protection imposes user name and password log-in requirements to prevent unauthorized access. Each user name is assigned limited access rights to files and directories at varying levels to control file sharing. There are routine daily back-up procedures, and secure off-site storage is available. To avoid inadvertent data disclosure, measures are taken to ensure that all data are removed from electronic media containing Privacy Act information. Additional safeguards may be built into the program by the system analyst, as warranted by the sensitivity of the data.

CDC and contractor employees who maintain records are instructed to check with the system manager prior to making disclosures of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel. Privacy Act provisions are included in contracts, and the CDC Project Director, contract officers and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC or destroyed, as specified by the contract.

Implementation Guidelines: The safeguards outlined above are in accordance with the HHS Information Security Program Policy and FIPS Pub 200, "Minimum Security Requirements for Federal Information and Information Systems." Data maintained on CDC's Mainframe and the National Centers' LANs are in compliance with OMB Circular A-130, Appendix III. Security is provided for information collection, processing, transmission, storage, and dissemination in general support systems and major applications.

Contact tracing records will be maintained in the agency until the contact investigation is complete or no longer than twelve months, in accordance with proposed retention schedules; remaining quarantine records would be maintained 10 or 20 years, based on the applicable CDC records control schedule. Disposal methods include wiping electronic media and macerating paper materials.

Director, NCPDCID, Coordinating Center for Infectious Diseases, Bldg. 1, Rm. 6013, MS C12, Centers for Disease Control and Prevention, 1600 Clifton Road, NE., Atlanta, GA 30333.

An individual may learn if a record exists about himself or herself by contacting the system manager at the address listed above. Requesters in person must provide driver's license or other positive identification. Individuals who do not appear in person must either: (1) Submit a notarized request to verify their identity; or (2) certify that they are the individuals they claim to be and that they understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act subject to a $5,000 fine.

An individual who requests notification of or access to medical records shall, at the time the request is made, designate in writing a responsible representative who is willing to review the record and inform the subject individual of its contents at the representative's discretion. A parent or guardian who requests notification of, or access to, a child's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child by means of a birth certificate or court order, as well as verify that he or she is who he or she claims to be.

Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.

Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals, private physicians, state and local health departments, other health-care providers, conveyance personnel, cooperating public health agencies, foreign governments including ministries of health, and other federal agencies.

None

72 FR 70867 12/13/0; 76 FR 4485 1/25/11.

Unclassified.

The address of the HHS component responsible for this system of records is: Division of Select Agents and Toxins (DSAT), Center for Preparedness and Response, Centers for Disease Control and Prevention (CDC), 1600 Clifton Rd. NE, Atlanta, GA 30329.

The System Manager is: Director, Division of Select Agents and Toxins (DSAT), Center for Preparedness and Response, MS A-46, CDC, 1600 Clifton Rd. NE, Atlanta, GA 30329, (404) 718-2000, lrsat@cdc.gov.

Public Health Service Act, Section 361, "Regulations to Control Communicable Diseases" (42 U.S.C. 264).

The purpose of this system of records is to support CDC/IPP’s oversight of, and permitting process for, the importation and any subsequent distribution of infectious biological agents, infectious substances, and vectors of human disease into the United States, the purpose of which is to prevent the introduction, transmission, or spread of communicable diseases from foreign countries into the states or possessions.

The records in the system will cover those individuals who apply for an import permit from CDC/IPP under 42 CFR 71.54.

The system of records will include the following categories of records. The three applications are forms approved by the Office of Management and Budget (OMB).

Application for Permit to Import Biological Agents and Vectors of Human Disease into the United States. An applicant submits this application to CDC/IPP to request a permit for the importation, and any subsequent distribution after importation, of infectious biological agents, infectious substances, or vectors of human disease.

Application for Permit to Import or Transfer Live Bats. An applicant submits this application to CDC/IPP to request a permit for the importation, and any subsequent distribution after importation, of live bats.

Application for Permit to Import Infectious Human Remains into the United States. An applicant submits this application to CDC/IPP to request a permit for the importation of human remains or body parts that contain biological agents, infectious substances, or vectors of human disease.

Import Permit. CDC/IPP issues a permit on an approved application, allowing the applicant to import biological agents and vectors of human disease human remains or body parts that contain biological agents, infectious substances, or vectors of human disease or live bats.

Documentation of Inspection. CDC/IPP may inspect an applicant’s or importer’s premises to ensure compliance with the import permit regulations. As part of the inspection process, the applicant may need to respond to written requests from DSAT. DSAT has not developed standardized forms for this documentation.

The applicant will be the source of most information in the records. CDC/IPP will be the source of certain information in the permits, tracking records, and inspection records.

In addition to other disclosures authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(1) and (2) and (4) through (11), HHS may disclose records about a subject individual from this system of records to parties outside HHS as described in these routine uses, without the individual’s prior written consent.

Records may be disclosed to contractors engaged to assist CDC/IPP with performing the functions listed in the Purpose section above. Contractors are required to maintain Privacy Act safeguards with respect to such records.

Records may be disclosed to state health departments, other public health agencies, cooperating medical authorities, or federal law enforcement agencies to effectively manage outbreaks and conditions of public health significance.

Information may be disclosed to the Department of Justice (DOJ) or to a court or other adjudicative body in litigation or other proceedings when:

HHS or any of its component thereof, or

any employee of HHS acting in the employee’s official capacity, or

any employee of HHS acting in the employee’s individual capacity where the DOJ or HHS has agreed to represent the employee, or

the United States Government,

is a party to the proceeding or has an interest in such proceeding and, by careful review, HHS determines that the records are both relevant and necessary to the proceeding.

Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the written request of that individual.

Where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or by regulation, rule, or order issued pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to agency concerned, whether federal, state, Tribal, local, territorial, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, rule, regulation, or order issued pursuant thereto.

For the purpose of combatting fraud, waste, and abuse, records may be disclosed to a relevant federal agency or instrumentality of any governmental jurisdiction within or under the control of the United States for the purpose of investigating potential fraud, waste, or abuse.

Records may be disclosed to representatives of the National Archives and Records Administration (NARA) in records management inspections conducted pursuant to 44 U.S.C. 2904 and 2906.

Records may be disclosed to appropriate agencies, entities, and persons when (1) HHS suspects or has confirmed that there has been a breach of the system of records, (2) HHS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HHS (including its information systems, programs, and operations), the federal government, or national security, and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HHS's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

Records may be disclosed to another federal agency or federal entity, when HHS determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the federal government, or national security, resulting from a suspected or confirmed breach.

The records will be maintained electronically, but paper printouts may be generated.

The records will be retrieved by the applicant’s name or assigned permit number.

The records will be retained for 10 years in compliance with the records retention schedule requirements, or until such time as the records are no longer needed for litigation or other records purposes, in accordance with CDC/IPP disposition schedule DAA-0441-2019-0001. Records will be transferred to a Federal Records Center for storage when no longer in active use. Final disposition of records stored offsite at the Federal Records Center will be accomplished by a controlled process requesting final disposition approval from the HHS record owner prior to any destruction to ensure the records are not needed for litigation or other records purposes.

Safeguards will conform to the HHS Information Security and Privacy Program, https://www.hhs.gov/ocio/securityprivacy/index.html, the HHS Information Security and Privacy Policy (IS2P), and applicable federal laws, rules and policies, including: the E-Government Act of 2002, which includes the Federal Information Security Management Act of 2002 (FISMA), 44 U.S.C. 3541-3549, as amended by the Federal Information Security Modernization Act of 2014, 44 U.S.C. 3551-3558; all pertinent National Institutes of Standards and Technology (NIST) publications; and OMB Circular A-130, Managing Information as a Strategic Resource.

Administrative and Technical Safeguards:

Security measures will be implemented on government computers to control unauthorized access to the system. Attempts to gain access by unauthorized individuals will be automatically recorded and reviewed by IPP on a regular basis. The individuals permitted to access these records will be limited to staff (FTEs and contractors having security clearances at T3 (Non-Critical Sensitive positions requiring Secret clearance) or T4 (Non-Sensitive High Risk (Public Trust)) levels) who have responsibility for conducting regulatory oversight.

Protection for computerized records will include programmed verification of valid user identification code and password prior to logging on to the system; mandatory password changes, limited log-ins, virus protection, encryption, firewalls, and intrusion detection systems, and user rights/file attribute restrictions. The password protection will impose username and password log-in requirements to prevent unauthorized access. Each user name will be assigned limited access rights to files and directories at varying levels to control file sharing. There will be routine daily backup procedures, and backup files will be securely stored off-site. Security controls will be reviewed on an ongoing basis.

Knowledge of individual tape passwords will be required to access backups, and access to the system will be limited to users obtaining prior supervisory approval. To avoid inadvertent data disclosure, a special additional procedure will be performed to ensure that all Privacy Act data are removed from computer hard drives. Additional safeguards may also be built into the program by the system analyst as warranted by the sensitivity of the data set.

FTEs and contractor employees who maintain records will be instructed in specific procedures to protect the security of records, and will be required to check with the system manager prior to making disclosure of data. When individually identifiable data are being used in a room, admittance at either federal or contractor sites will be restricted to specifically authorized personnel.

Appropriate Privacy Act provisions and breach notification provisions will be included in applicable contracts, and the CDC Project Director, contract officers, and project officers will oversee compliance with these requirements. Upon completion of a contract, all data will be either returned to federal government or destroyed, as specified by the contract.

Records that are eligible for destruction will be disposed of using destruction methods prescribed by NIST SP 800-88. Hard copy records will be placed in a locked container or designated secure storage area while awaiting destruction. Records will be destroyed in a manner that precludes its reconstruction, such as secured cross shredding. Utilizing the HHS Security Rule Guidance Material found at https://www.hhs.gov/hipaa/for-professionals/security/guidance/index.html, electronic information will be deleted or overwritten using Department of Defense National Institute of Standards and Technology/ General Services Administration (NIST/GSA) approved overwriting software that wipes the entire physical disk and not just the virtual disk. In addition, the physical destruction will be obtained by using a National Security Agency/Central Security Service (NSA/CSS) approved degaussing device.

Physical Safeguards:

Paper records (i.e., hard copy printouts) will be maintained in locked cabinets in secured rooms through electronic access in a restricted access location that is controlled by an electronic cardkey system that is limited to staff who have responsibility for conducting regulatory oversight. Electronic data files will be encrypted using Federal Information Processing Standards Publication (FIPS) 140-2, and will be stored in a restricted access location. The computer room will be protected by an automatic sprinkler system and numerous automatic sensors (e.g., water, heat, smoke, etc.) which will be monitored, and a proper mix of portable fire extinguishers will be located throughout the computer room. Computer workstations, lockable personal computers, and automated records will be located in secured areas.

An individual seeking access to records about that individual in this system of records must submit a written access request to the System Manager, identified in the "System Manager" section of this SORN. The request must contain the requester’s full name, address, and signature, and permit number if known. To verify the requester’s identity, the signature must be notarized or the request must include the requester’s written certification that the requester is the individual who the requester claims to be and that the requester understands that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense subject to a fine of up to $5,000. An accounting of disclosures that have been made of the record, if any, may also be requested.

An individual seeking to amend a record about that individual in this system of records must submit an amendment request to the System Manager identified in the "System Manager" section of this SORN, containing the same information required for an access request. The request must include verification of the requester’s identity in the same manner required for an access request; must reasonably identify the record and specify the information contested, the corrective action sought, and the reasons for requesting the correction; and should include supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

An individual who wishes to know if this system of records contains records about that individual should submit a notification request to the System Manager identified in the "System Manager" section of this SORN. The request must contain the same information required for an access request, and must include verification of the requester’s identity in the same manner required for an access request.

None.

None.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various co-locations of CMS agents.

Information is collected and maintained on recipients of Medicare Part A (Hospital Insurance) and Part B (supplementary medical insurance) services who are enrolled in Medicare health plans and prescription drug plans. Identifiable information will also be collected on individuals who are, but not limited to, complainants, including beneficiaries, relatives and caregivers, Congresspersons and their staff, State Health Insurance Program representatives, and providers of service and their staff.

The system contains demographic and identifying data, as well as survey and deficiency data. Identifying data includes, but is not limited to: name, title, address, city, state, ZIP code, e-mail address, telephone numbers, fax number, licensure number, SSN, Federal tax identification number, alias names, date of birth, gender, date admitted and/or date discharged. In addition, the CTM stores complaint data, including, but not limited to, the following: date complaint received; date of incident; issue level; complainant and/or beneficiary information; complaint summary; complaint category; complaint resolution summary; and plan resolution summary.

Authority for maintenance of the system is given under section 1875 of the Social Security Act (the Act) (42 U.S.C. 1395ll), entitled Studies and Recommendations; section 1121 of the Act (42 U.S.C. 1121), entitled Uniform Reporting System for Health Services Facilities and Organizations; and § 1876 of the Act (42 U.S.C. 1395mm), entitled Payments to Health Maintenance Organizations and Competitive Medical Plans. Authority for maintenance and dissemination of Health Plan information is also given under the Balanced Budget Act of 1997 (Pub. L. 105-33).

The primary purpose of this modified system is to collect and maintain information on Medicare beneficiaries enrolled in Medicare Health Plans in order to develop and disseminate information required by the Balanced Budget Act of 1997 that will inform beneficiaries and the public of indicators of health plan performance to help beneficiaries choose among health plans, support quality improvement activities within the plans, monitor and evaluate quality improvement activities within the plans, monitor and evaluate care provided by health plans; provide guidance to program management and policies, and provide a research data base for CMS and other researchers. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor or consultant; (2) assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent, for evaluating and monitoring the quality of home health care and contribute to the accuracy of health insurance operations; (3) support research, evaluation, or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects; (4) support the functions of Quality Improvement Organizations (QIO); (5) support litigation involving the Agency; (6) combat fraud and abuse in certain health care programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, or consultants, or to a grantee of a CMS-administered grant program who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To assist an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects.

4. To Quality Improvement Organizations (QIO) in order to assist the QIO to perform Title XI and Title XVIII functions relating to assessing and improving quality of care.

5. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To assist a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

7. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, 65 Fed. Reg. 82462 (12-28-00), Subparts A and E. Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on the magnetic disk sub-system of the Sun Solaris 10 Server. Furthermore, these records are saved to magnetic tape backup on a nightly basis.

The records are retrieved by health insurance claims number or other individually identifying numbers.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable HPMS data for at least 10 years or as long as needed for program research.

Director, Division of Plan Data, Plan Oversight and Accountability Group, Center for Beneficiary Choices, Center for Medicare & Medicaid Services, 7500 Security Boulevard, C4-14-21, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

The identifying information contained in these records is obtained from the health plan and Part D organizations (which obtained the data from the individual concerned) or the individuals themselves. Also, these data will be linked with CMS administrative data, such as claims and enrollment.

None.

73 FR 2257 1/14/08; 74 FR 30606 6/26/09; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850. See Appendix A for various remote sites where this system is also maintained.

The system contains information on Medicare beneficiaries who have submitted claims for Supplemental Medical Insurance (SMI) benefit (Medicare Part B), or individuals whose enrollment in an employer group health benefits plan covers the beneficiary.

Information contained in this system consist of request(s) for payment, provider billing for patient services, prepayment plan for group Medicare practice dealing through a carrier, health insurance claim form, request(s) for medical payment, explanation of benefits, request for claim number verification, payment record transmittal, statement of person regarding Medicare payment for medical services furnished deceased patient, report of prior period of entitlement, itemized bills and other similar documents required to support payments to beneficiaries and to physicians and other suppliers of Part B services, and Medicare secondary payer records containing other party liability insurance information necessary for appropriate Medicare claims payment.

Authority for the collection and maintenance of this system is given under the provisions of sections 1842, 1862 (b) and 1874 of Title XVIII of the Social Security Act (The Act) (42 United States Code (U.S.C.) 1395u, 1395y (b), and 1395kk).

The primary purpose of the SOR is to

(1)properly pay medical insurance benefits to or on behalf of entitled beneficiaries. Information in this system will also be released to: (1) support regulatory and policy functions performed within the Agency or by a contractor, consultant, or grantee;

(2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent;

(3) assist third party contacts;

(4) support providers and suppliers of services dealing through fiscal intermediaries or carriers;

(5) support Quality Improvement Organizations (QIO);

(6) assist insurance companies and other groups providing protection for their enrollees, insurers and other groups providing protection against medical expenses who are primary payers to Medicare in accordance with 42 U.S.C 1395y(b)

(7) support an individual or organization for a research, evaluation, or epidemiological project;

(8) support litigation involving the Agency related to this SOR; and

(9) combat fraud, waste, and abuse in certain Federally-funded health care programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractor, consultant or grantee who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To assist third party contacts (without the consent of the individuals to whom the information pertains) in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility under the Medicare program and,

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: the individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exists, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program; and the amount of reimbursement; any case in which the evidence is being reviewed as a result of suspected fraud, waste, and abuse, program integrity, quality appraisal, or evaluation and measurement of program activities.

4. To assist providers and suppliers of services dealing through fiscal intermediaries or carriers for the administration of Title XVIII of the Act.

5. To Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities, conducted pursuant to Part B of Title XI of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

6. To assist insurance companies, third party administrators (TPA), employers, self-insurers, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, group health plans (i.e., health maintenance organizations (HMO) or a competitive medical plan (CMP) with a Medicare contract, or a Medicare-approved health care prepayment plan (HCPP)), directly or through a contractor, and other groups providing protection for their enrollees. Information to be disclosed shall be limited to Medicare entitlement data. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom the serve as a TPA;

b. Utilize the information solely for the purpose of processing the identified individual's insurance claims; and

c. Safeguard the confidentiality of the data a prevent unauthorized access.

7. To support an individual or organization for a research, evaluation, or epidemiological project related to the prevention of disease or disability, the restoration or maintenance of health, or payment-related projects.

8. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

9. To support a CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of the CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

10. To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

Records are maintained on paper, computer diskette and on magnetic storage media.

Information can be retrieved by the beneficiary's name, HIC, and assigned unique physician identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers. Records are closed at the end of the fiscal year, in which paid, and destroyed after 6 years and 3 months. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Systems Operations, Business Applications Management Group, Office of Information Services, CMS, 7500 Security Boulevard, Room N2-07-27, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HIC, address, date of birth, and sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources of information contained in this records system is obtained from third party agencies, Social Security Administration's Master Beneficiary Record, and CMS's Enrollment Database.

None.

55 FR 37549 9/12/90; 55 FR 47394 11/13/90; 59 FR 37243 7/21/94; 62 FR 6648 2/21/96; 63 FR 38414 7/16/98; 65 FR 50552 8/18/00; 67 FR 54428 8/22/02; 71 FR 64968 11/6/06; 74 FR 30606 6/26/09; 78 FR 32257 5/29/13.

Appendix A.--Health Insurance Claims

Medicare records are maintained at the CMS Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the CMS Regional Office (see section 2 below for addresses). Medicare claims records are also maintained by private insurance organizations that share in administering provisions of the health insurance programs. These private insurance organizations, referred to as carriers and intermediaries, are under contract to the Centers for Medicare & Medicaid Services and the Social Security Administration to perform specific task in the Medicare program (see section three below for addresses for intermediaries, section four addresses the carriers, and section five addresses the Payment Safeguard Contractors.

I. Central Office Address

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

II. CMS Regional Offices

Boston Region--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

New York Region--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007, Office Hours: 8:30 a.m.-5 p.m.

Philadelphia Region--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours: 8:30 a.m.-5 p.m.

Atlanta Region--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223, Office Hours: 8:30 a.m.-4:30 p.m.

Chicago Region--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A-824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

Dallas Region--Arkansas, Louisiana, New Mexico, Oklahoma, Texas, 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m.- 4:30 p.m.

Kansas City Region--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street-Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

Denver Region--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout St-Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

San Francisco Region--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

Seattle Region--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours 8 a.m.-4:30 p.m.

III. Intermediary Addresses (Hospital Insurance)

Medicare Coordinator, Assoc. Hospital Serv. Maine (ME BC), 2 Gannett Drive, South Portland, ME 04106-6911.

Medicare Coordinator, Anthem New Hampshire, 300 Goffs Falls Road, Manchester, NH 03111-0001.

Medicare Coordinator, BC/BS Rhode Island (RI BC), 444 Westminster Street, Providence, RI 02903-3279.

Medicare Coordinator, Empire Medicare Services, 400 S. Salina Street, Syracuse, NY 13202.

Medicare Coordinator, Cooperativa, P.O. Box 363428, San Juan, PR 00936-3428.

Medicare Coordinator, Maryland B/C, P.O. Box 4368, 1946 Greenspring Ave., Timonium, MD 21093.

Medicare Coordinator, Highmark, P5103, 120 Fifth Avenue Place, Pittsburgh, PA 15222-3099.

Medicare Coordinator, United Government Services, 1515 N. Rivercenter Dr., Milwaukee, WI 53212.

Medicare Coordinator, Alabama B/C, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Florida B/C, 532 Riverside Ave., Jacksonville, FL 32202-4918.

Medicare Coordinator, Georgia B/C, P.O. Box 9048, 2357 Warm Springs Road, Columbus, GA 31908.

Medicare Coordinator, Mississippi B/C B MS, P.O. Box 23035, 3545 Lakeland Drive, Jackson, MI 39225-3035.

Medicare Coordinator, North Carolina B/C, P.O. Box 2291, Durham, NC 27702-2291.

Medicare Coordinator, Palmetto GBA A/RHHI, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Tennessee B/C, 801 Pine Street, Chattanooga, TN 37402-2555.

Medicare Coordinator, Anthem Insurance Co. (Anthem In), P.O. Box 50451, 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Arkansas B/C, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Group Health Of Oklahoma, 1215 South Boulder, Tulsa, OK 74119-2827.

Medicare Coordinator, TrailBlazer, P.O. Box 660156, Dallas, TX 75266-0156.

Medicare Coordinator, Cahaba GBA, Station 7, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/C, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Nebraska B/C, P.O. Box 3248, Main Po Station, Omaha, NE 68180-0001.

Medicare Coordinator, Mutual Of Omaha, P.O. Box 1602, Omaha, NE 68101.

Medicare Coordinator, Montana B/C, P.O. Box 5017, Great Falls Div., Great Falls, MT 59403-5017.

Medicare Coordinator, Noridian, 4510 13th Avenue S.W., Fargo, ND 58121-0001.

Medicare Coordinator, Utah B/C, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Wyoming B/C, 4000 House Avenue, Cheyenne, WY 82003.

Medicare Coordinator, Arizona B/C, P.O. Box 37700, Phoenix, AZ 85069.

Medicare Coordinator, UGS, P.O. Box 70000, Van Nuys, CA 91470-0000.

Medicare Coordinator, Regents BC, P.O. Box 8110 M/S D-4A, Portland, OR 97207-8110.

Medicare Coordinator, Premera BC, P.O. Box 2847, Seattle, WA 98111-2847.

IV. Medicare Carriers

Medicare Coordinator, NHIC, 75 Sargent William Terry Drive, Hingham, MA 02044.

Medicare Coordinator, B/S Rhode Island (RI BS), 444 Westminster Street, Providence, RI 02903-2790.

Medicare Coordinator, Trailblazer Health Enterprises, Meriden Park, 538 Preston Ave., Meriden, CT 06450.

Medicare Coordinator, Upstate Medicare Division, 11 Lewis Road, Binghamton, NY 13902.

Medicare Coordinator, Empire Medicare Services, 2651 Strang Blvd., Yorktown Heights, NY 10598.

Medicare Coordinator, Empire Medicare Services, NJ, 300 East Park Drive, Harrisburg, PA 17106.

Medicare Coordinator, Triple S, #1441 F.D., Roosvelt Ave., Guaynabo, PR 00968.

Medicare Coordinator, Group Health Inc., 4th Floor, 88 West End Avenue, New York, NY 10023.

Medicare Coordinator, Highmark, P.O. Box 89065, 1800 Center Street, Camp Hill, PA 17089-9065.

Medicare Coordinator, Trailblazers Part B, 11150 McCormick Drive, Executive Plaza 3 Suite 200, Hunt Valley, MD 21031.

Medicare Coordinator, Trailblazer Health Enterprises, Virginia, P.O. Box 26463, Richmond, VA 23261-6463. United Medicare Coordinator, Tricenturion, 1 Tower Square, Hartford, CT 06183.

Medicare Coordinator, Alabama B/S, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Cahaba GBA, 12052 Middleground Road, Suite A, Savannah, GA 31419.

Medicare Coordinator, Florida B/S, 532 Riverside Ave, Jacksonville, FL 32202-4918.

Medicare Coordinator, Administar Federal, 9901 Linnstation Road, Louisville, KY 40223.

Medicare Coordinator, Palmetto GBA, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, CIGNA, 2 Vantage Way, Nashville, TN 37228.

Medicare Coordinator, Railroad Retirement Board, 2743 Perimeter Parkway, Building 250, Augusta, GA 30999.

Medicare Coordinator, Cahaba GBA, Jackson Miss, P.O. Box 22545, Jackson, MI 39225-2545.

Medicare Coordinator, Adminastar Federal (IN), 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Wisconsin Physicians Service, P.O. Box 8190, Madison, WI 53708-8190.

Medicare Coordinator, Nationwide Mutual Insurance Co., P.O. Box 16788, 1 Nationwide Plaza, Columbus, OH 43216-6788.

Medicare Coordinator, Arkansas B/S, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Arkansas-New Mexico, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Palmetto GBA-DMERC, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Trailblazer Health Enterprises, 901 South Central Expressway, Richardson, TX 75080.

Medicare Coordinator, Nordian, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/S, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Kansas B/S-NE, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0239.

Medicare Coordinator, Montana B/S, P.O. Box 4309, Helena, MT 59601.

Medicare Coordinator, Nordian, 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Noridian Backbend (C0), 730 N. Simms #100, Golden, CO 80401-4730.

Medicare Coordinator, Noridian BCBSND (WY), 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Utah B/S, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Transamerica Occidental, P.O. Box 54905, Los Angeles, CA 90054-4905.

Medicare Coordinator, NHIC-California, 450 W. East Avenue, Chico, CA 95926.

Medicare Coordinator, Cigna, Suite 254, 3150 Lake Harbor, Boise, ID 83703.

Medicare Coordinator, Cigna, Suite 506, 2 Vantage Way, Nashville, TN 37228.

V. Payment Safeguard Contractors

Medicare Coordinator, Aspen Systems Corporation, 2277 Research Blvd., Rockville, MD 20850.

Medicare Coordinator, DynCorp Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Reston, VA 20190-6017.

Medicare Coordinator, Lifecare Management Partners Mutual of Omaha Insurance Co., 6601 Little River Turnpike, Suite 300, Mutual of Omaha Plaza, Omaha, NE 68175.

Medicare Coordinator, Reliance Safeguard Solutions, Inc., P.O. Box 30207, 400 South Salina Street, 2890 East Cottonwood Pkwy., Syracuse, NY 13202.

Medicare Coordinator, Science Applications International, Inc., 6565 Arlington Blvd. P.O. Box 100282, Falls Church, VA.

Medicare Coordinator, California Medical Review, Inc., Integriguard Division Federal Sector Civil Group, One Sansome Street, San Francisco, CA 94104-4448.

Medicare Coordinator, Computer Sciences Corporation, Suite 600, 3120 Timanus Lane, Baltimore, MD 21244.

Medicare Coordinator, Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Plano, TX 75204.

Medicare Coordinator, TriCenturion, L.L.C., P.O. Box 100282, Columbia, SC 29202.

Level Three Privacy Act Sensitive Data.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850, and at various other remote locations.

Information is collected on individuals age 65 or over who have been, or currently are, entitled to health insurance (Medicare) benefits under Title XVIII of the Act or under provisions of the Railroad Retirement Act, individuals under age 65 who have been, or currently are, entitled to such benefits on the basis of having been entitled for not less than 24 months to disability benefits under Title II of the Act or under the Railroad Retirement Act, individuals who have been, or currently are, entitled to such benefits because they have ESRD, individuals age 64 and 8 months or over who are likely to become entitled to health insurance (Medicare) benefits upon attaining age 65, and individuals under age 65 who have at least 21 months of disability benefits who are likely to become entitled to Medicare upon the 25th month of their being disabled.

The system contains information related to Medicare enrollment and entitlement and Medicare Secondary Payer (MSP) data containing other party liability insurance information necessary for appropriate Medicare claim payment. It contains hospice election, Direct billing and Third Party Premium collection information, and group health plan enrollment data. The system also contains the individual's health insurance numbers, name, geographic location, race/ethnicity, sex, and date of birth.

Authority for maintenance of the system is given under sections 226, 226A, 1811, 1818, 1818A, 1831, 1836, 1837, 1838, 1843, 1876, and 1881 of the Social Security Act (the Act) and Title 42 Code of Federal Regulations (CFR), parts 406, 407, 408, 411 and 424. Authority for maintenance of the system section 1862 of the Act was a published authority in the published SOR. We included section 1862 in the modified SOR since we do maintain a limited number of data elements in the EDB pertaining to MSP. Authority for maintenance of the system section 1870 of the Act was included in the modified system since the EDB does maintain data regarding direct billing for Medicare premiums. Section 1870 (g) describes refunding these premiums.

The primary purpose of the SOR is to maintain information on Medicare enrollment for the administration of the Medicare program, including the following functions: ensuring proper Medicare enrollment, claims payment, Direct billing and Third Party premium collection information, coordination of benefits by validating and verifying the enrollment status of beneficiaries, and validating and studying the characteristics of persons enrolled in the Medicare program including their requirements for information. Information retrieved from this SOR will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by agency contractors, consultants, or to a grantee of a CMS-administered grant; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) assist third parties where the contact is expected to have information relating to the individual's capacity to manage his or her own affairs; (4) assist providers and suppliers of services for administration of Title XVIII of the Act; (5) support Quality Improvement Organizations (QIO); (6) assist other insurers for processing individual insurance claims; (7) facilitate research on the quality and effectiveness of care provided, as well as payment-related and epidemiological projects; (8) support litigation involving the Agency; and (9) combat fraud and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, or consultants, or to a grantee of a CMS-administered grant program who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. contribute to the accuracy of CMS's proper payment of Medicare benefits;

b. enable such agency to administer a Federal health benefits program, or, as necessary, to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

c. assist Federal/state Medicaid programs within the state.

3. To assist third party contacts (without the consent of the individuals to whom the information pertains) in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and,

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: the individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exist, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: the individual's entitlement to benefits under the Medicare program; and the amount of reimbursement; any case in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of program activities.

4. To assist providers and suppliers of services dealing through fiscal intermediaries or carriers for the administration of Title XVIII of the Social Security Act.

5. To support Quality Improvement Organizations (QIO) in order to assist the QIO to perform Title XI and Title XVIII functions relating to assessing and improving HHA quality of care.

6. To assist insurance companies, third party administrators (TPA), employers, self-insurers, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, group health plans (i.e., health maintenance organizations (HMOs) or a competitive medical plan (CMP) with a Medicare contract, or a Medicare-approved health care prepayment plan (HCPP)), directly or through a contractor, and other groups providing protection for their enrollees. Information to be disclosed shall be limited to Medicare entitlement data. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. utilize the information solely for the purpose of processing the identified individual's insurance claims; and

c. safeguard the confidentiality of the data and prevent unauthorized access.

7. To support an individual or organization for a research, evaluation, or epidemiological project related to the prevention of disease or disability, the restoration or maintenance of health, or payment-related projects.

8. To assist the Department of Justice (DOJ), court or adjudicatory body when:

a. the Agency or any component thereof, or

b. any employee of the Agency in his or her official capacity, or

c. any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

9. To assist a CMS contractor (including, but not limited to FIs and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

10. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

11. To the IRS for the purposes of reporting Medicare Part A enrollment information and to provide statements to the individual enrollees with respect to whom information is reported to the IRS.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 Fed. Reg. 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the " Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

All Medicare records are accessible by HIC number or alpha (name) search. This system supports both on-line and batch access.

CMS has safeguards for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and systems security requirements. Employees who maintain records in the system are instructed not to release any data until the intended recipient agrees to implement appropriate administrative, technical, procedural, and physical safeguards sufficient to protect the confidentiality of the data and to prevent unauthorized access to the data.

In addition, CMS has physical safeguards in place to reduce the exposure of computer equipment and thus achieve an optimum level of protection and security for the EDB system. For computerized records, safeguards have been established in accordance with the Department of Health and Human Services (HHS) standards and National Institute of Standards and Technology guidelines, e.g., security codes will be used, limiting access to authorized personnel. System securities are established in accordance with HHS, Information Resource Management (IRM) Circular #10, Automated Information Systems Security Program; CMS Automated Information Systems (AIS) Guide, Systems Securities Policies, and OMB Circular No. A-130 (revised), Appendix III.

Records are maintained for a period of 15 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Enrollment & Eligibility Policy, Medicare Enrollment and Appeals Group, Centers for Beneficiary Choices, Mail Stop C2-09-17, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, MD 21244-1849.

For purpose of access, the subject individual should write to the system manager who will require the system name, health insurance claim number, address, date of birth, and sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the systems manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with department regulation 45 CFR 5b.7).

The data contained in these records are furnished by the individual, or in the case of some MSP situations, through third party contacts. There are cases, however, in which the identifying information is provided to the physician by the individual; the physician then adds the medical information and submits the bill to the carrier for payment. Updating information is also obtained from the Railroad Retirement Board, and the Master Beneficiary Record maintained by the SSA.

None.

73 FR 10249 2/26/08; 74 FR 30606 6/26/09; 78 FR 23938 4/23/13; 81 FR 8204 2/18/16.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites, CMS Regional Offices, CMS Intermediaries, and at Social Security Field Offices.

The system contains information on Medicare beneficiaries, on whose behalf providers have submitted claims for reimbursement on a reasonable cost basis under Medicare Part A and B, or are eligible, and/or individuals whose enrollment in an employer group health benefits plan covers the beneficiary.

Information contained in this system consist of billing for medical and other health care services, uniform bill for provider services or equivalent data in electronic format, and Medicare secondary payer records containing other third party liability insurance information necessary for appropriate Medicare claims payment and other documents used to support payments to beneficiaries and providers of services. These forms contain the beneficiary's name, gender, health insurance claim number (HICN), address, date of birth, medical record number, prior stay information, provider name and address, physician's name, and/or identification number, warranty information when pacemakers are implanted or explanted, date of admission or discharge, other health insurance, diagnosis, surgical procedures, and a statement of services rendered for related charges and other data needed to substantiate claims.

Authority for maintenance of the system is given under §§ 1816, 1862 (b) and 1874 of Title XVIII of the Social Security Act (the Act) (42 U.S.C. §§ 1395(h), 1395y (b), and 1395kk).

The primary purpose of the SOR is to properly pay medical insurance benefits to or on behalf of entitled beneficiaries. Information in this system will also be released to: (1) Support regulatory and policy functions performed within the Agency or by a contractor, consultant, or grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) assist third party contacts; (4) support providers and suppliers of services dealing through fiscal intermediaries or carriers; (5) support Quality Improvement Organizations (QIO); (6) assist insurance companies and other groups providing protection for their enrollees, insurers and other groups providing protection against medical expenses who are primary payers to Medicare in accordance with 42 U.S.C. 1395y (b); (7) support an individual or organization for a research, evaluation, or epidemiological project; (8) support litigation involving the Agency related to this SOR; and (9) combat fraud, waste, and abuse in certain Federally-funded health care programs.

A. Entities Who May Receive Disclosures Under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the FISS without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We are proposing to establish or modify the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent pursuant to agreements with CMS to:

a. contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To assist third party contacts (without the consent of the individuals to whom the information pertains) in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and,

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: the individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exist, or the custodian of the information will not, as a matter of policy, prsovide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: the individual's entitlement to benefits under the Medicare program; and the amount of reimbursement; any case in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of program activities.

4. To assist providers and suppliers of services dealing through fiscal intermediaries or carriers for the administration of Title XVIII of the Social Security Act.

5. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities, conducted pursuant to Part A of Title XI of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

6. To assist insurance companies, third party administrators (TPA), employers, self-insurers, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, group health plans (i.e., health maintenance organizations (HMOs) or a competitive medical plan (CMP) with a Medicare contract, or a Medicare-approved health care prepayment plan (HCPP)), directly or through a contractor, and other groups providing protection for their enrollees. Information to be disclosed shall be limited to Medicare entitlement data. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. Utilize the information solely for the purpose of processing the identified individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

7. To support an individual or organization for a research, evaluation, or epidemiological project related to the prevention of disease or disability, the restoration or maintenance of health, or payment-related projects.

8. To assist the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. Any employee of the Agency in his or her official capacity, or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

9. To assist a CMS contractor (including, but not limited to FIs and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

10. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Circumstances Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are maintained on paper, computer diskette, and on magnetic storage media.

Information can be retrieved by the beneficiary's name, HICN, and assigned unique physician identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers. Records are closed at the end of the fiscal year, in which paid, and destroyed after 6 years and 3 months. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of System Operations, Business Applications Management Group, Office of Information Services, CMS, Room N2-07 -27, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These Procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources on information contained in this records system is obtained by the provider from the individual or, in the case of some Medicare secondary payer situations, through third party contacts. The medical information is provided by the providers of medical services.

None.

71 FR 64961 11/6/06; 74 FR 30606 6/26/09; 78 FR 32257 5/29/13.

Appendix A.--Health Insurance Claims

Medicare records are maintained at the CMS Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the CMS Regional Office (see section 2 below for addresses). Medicare claims records are also maintained by private insurance organizations that share in administering provisions of the health insurance programs. These private insurance organizations, referred to as carriers and intermediaries, are under contract to the Centers for Medicare & Medicaid Services and the Social Security Administration to perform specific tasks in the Medicare program (see section three below for addresses for intermediaries, section four for addresses for the carriers, and section five for addresses for the Payment Safeguard Contractors).

I. Central Office Address

• CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

II. CMS Regional Offices

• Boston Region--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

• New York Region--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007, Office Hours: 8:30 a.m.-5 p.m.

• Philadelphia Region--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours: 8:30 a.m.-5 p.m.

• Atlanta Region--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223, Office Hours: 8:30 a.m.-4:30 p.m.

• Chicago Region--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A-824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

• Dallas Region--Arkansas, Louisiana, New Mexico, Oklahoma, Texas, 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m.-4:30 p.m.

• Kansas City Region--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street--Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

• Denver Region--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout St-- Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

• San Francisco Region--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

• Seattle Region--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours: 8 a.m.-4:30 p.m.

III. Intermediary Addresses (Hospital Insurance)

• Medicare Coordinator, Assoc. Hospital Serv. Maine (Me Bc), 2 Gannett Drive, South Portland, ME 04106-6911.

• Medicare Coordinator, Anthem New Hampshire, 300 Goffs Falls Road, Manchester, NH 03111-0001.

• Medicare Coordinator, BC/BS Rhode Island (RI BC), 444 Westminster Street, Providence, RI 02903-3279.

• Medicare Coordinator, Empire Medicare Services, 400 S. Salina Street, Syracuse, NY 13202.

• Medicare Coordinator, Cooperativa, P.O. Box 363428, San Juan, PR 00936-3428.

• Medicare Coordinator, Maryland B/C, P.O. Box 4368, 1946 Greenspring Ave., Timonium, MD 21093.

• Medicare Coordinator, Highmark, P5103, 120 Fifth Avenue Place, Pittsburgh, PA 15222-3099.

• Medicare Coordinator, United Government Services, 1515 N. Rivercenter Dr., Milwaukee, WI 53212.

• Medicare Coordinator, Alabama B/C, 450 Riverchase Parkway East, Birmingham, AL 35298.

• Medicare Coordinator, Florida B/C, 532 Riverside Ave., Jacksonville, FL 32202-4918.

• Medicare Coordinator, Georgia B/C, P.O. Box 9048, 2357 Warm Springs Road, Columbus, GA 31908.

• Medicare Coordinator, Mississippi B/C B MS, P.O. Box 23035, 3545 Lakeland Drive, Jackson, MI 39225-3035.

• Medicare Coordinator, North Carolina B/C, P.O. Box 2291, Durham, NC 27702-2291.

• Medicare Coordinator, Palmetto GBA A/RHHI, 17 Technology Circle, Columbia, SC 29203-0001.

• Medicare Coordinator, Tennessee B/C, 801 Pine Street, Chattanooga, TN 37402-2555.

• Medicare Coordinator, Anthem Insurance Co. (Anthem In), P.O. Box 50451, 8115 Knue Road, Indianapolis, IN 46250-1936.

• Medicare Coordinator, Arkansas B/C, 601 Gaines Street, Little Rock, AR 72203.

• Medicare Coordinator, Group Health of Oklahoma, 1215 South Boulder, Tulsa, OK 74119-2827.

• Medicare Coordinator, TrailBlazer, P.O. Box 660156, Dallas, TX 75266-0156.

• Medicare Coordinator, Cahaba GBA, STATION 7, 636 Grand Avenue, Des Moines, IA 50309-2551.

• Medicare Coordinator, Kansas B/C, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

• Medicare Coordinator, Nebraska B/C, P.O. Box 3248, Main Po Station, Omaha, NE 68180-0001.

• Medicare Coordinator, Mutual of Omaha, P.O. Box 1602, Omaha, NE 68101.

• Medicare Coordinator, Montana B/C, P.O. Box 5017, Great Falls Div., Great Falls, MT 59403-5017.

• Medicare Coordinator, Noridian, 4510 13th Avenue SW., Fargo, ND 58121-0001.

• Medicare Coordinator, Utah B/C, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

• Medicare Coordinator, Wyoming B/C, 4000 House Avenue, Cheyenne, WY 82003.

• Medicare Coordinator, Arizona B/C, P.O. Box 37700, Phoenix, AZ 85069.

• Medicare Coordinator, UGS, P.O. Box 70000, Van Nuys, CA 91470-0000.

• Medicare Coordinator, Regents BC, P.O. Box 8110 M/S D-4A, Portland, OR 97207-8110.

• Medicare Coordinator, Premera BC, P.O. Box 2847, Seattle, WA 98111-2847.

IV. Medicare Carriers

• Medicare Coordinator, NHIC, 75 Sargent William Terry Drive, Hingham, MA 02044.

• Medicare Coordinator, B/S Rhode Island (RI BS), 444 Westminster Street, Providence, RI 02903-2790.

• Medicare Coordinator, Trailblazer Health Enterprises, Meriden Park, 538 Preston Ave., Meriden, CT 06450.

• Medicare Coordinator, Upstate Medicare Division, 11 Lewis Road, Binghamton, NY 13902.

• Medicare Coordinator, Empire Medicare Services, 2651 Strang Blvd., Yorktown Heights, NY 10598.

• Medicare Coordinator, Empire Medicare Services, NJ, 300 East Park Drive, Harrisburg, PA 17106.

• Medicare Coordinator, Triple S, #1441 F.D., Roosvelt Ave., Guaynabo, PR 00968.

• Medicare Coordinator, Group Health Inc., 4th Floor, 88 West End Avenue, New York, NY 10023.

• Medicare Coordinator, Highmark, P.O. Box 89065, 1800 Center Street, Camp Hill, PA 17089-9065.

• Medicare Coordinator, Trailblazers Part B, 11150 McCormick Drive, Executive Plaza 3 Suite 200, Hunt Valley, MD 21031.

• Medicare Coordinator, Trailblazer Health Enterprises, Virginia, P.O. Box 26463, Richmond, VA 23261-6463. United Medicare Coordinator, Tricenturion, 1 Tower Square, Hartford, CT 06183.

• Medicare Coordinator, Alabama B/S, 450 Riverchase Parkway East, Birmingham, AL 35298.

• Medicare Coordinator, Cahaba GBA, 12052 Middleground Road, Suite A, Savannah, GA 31419.

• Medicare Coordinator, Florida B/S, 532 Riverside Ave, Jacksonville, FL 32202-4918.

• Medicare Coordinator, Administar Federal, 9901 Linnstation Road, Louisville, KY 40223.

• Medicare Coordinator, Palmetto GBA, 17 Technology Circle, Columbia, SC 29203-0001.

• Medicare Coordinator, CIGNA, 2 Vantage Way, Nashville, TN 37228.

• Medicare Coordinator, Railroad Retirement Board, 2743 Perimeter Parkway, Building 250, Augusta, GA 30999.

• Medicare Coordinator, Cahaba GBA, Jackson Miss, P.O. Box 22545, Jackson, MI 39225-2545.

• Medicare Coordinator, Adminastar Federal (IN), 8115 Knue Road, Indianapolis, IN 46250-1936.

• Medicare Coordinator, Wisconsin Physicians Service, P.O. Box 8190, Madison, WI 53708-8190.

• Medicare Coordinator, Nationwide Mutual Insurance Co., P.O. Box 16788, 1 Nationwide Plaza, Columbus, OH 43216-6788.

• Medicare Coordinator, Arkansas B/S, 601 Gaines Street, Little Rock, AR 72203.

• Medicare Coordinator, Arkansas-New Mexico, 601 Gaines Street, Little Rock, AR 72203.

• Medicare Coordinator, Palmetto GBA-DMERC, 17 Technology Circle, Columbia, SC 29203-0001.

• Medicare Coordinator, Trailblazer Health Enterprises, 901 South Central Expressway, Richardson, TX 75080.

• Medicare Coordinator, Noridian, 636 Grand Avenue, Des Moines, IA 50309-2551.

• Medicare Coordinator, Kansas B/S, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

• Medicare Coordinator, Kansas B/S-NE, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0239.

• Medicare Coordinator, Montana B/S, P.O. Box 4309, Helena, MT 59601.

• Medicare Coordinator, Noridian, 4305 13th Avenue South, Fargo, ND 58103-3373.

• Medicare Coordinator, Noridian Backbend (CO), 730 N. Simms #100, Golden, CO 80401-4730.

• Medicare Coordinator, Noridian BCBSND (WY), 4305 13th Avenue South, Fargo, ND 58103-3373.

• Medicare Coordinator, Utah B/S, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

• Medicare Coordinator, Transamerica Occidental, P.O. Box 54905, Los Angeles, CA 90054-4905.

• Medicare Coordinator, NHIC-California, 450 W. East Avenue, Chico, CA 95926.

• Medicare Coordinator, Cigna, Suite 254, 3150 Lake Harbor, Boise, ID 83703.

• Medicare Coordinator, Cigna, Suite 506, 2 Vantage Way, Nashville, TN 37228.

V. Payment Safeguard Contractors

• Medicare Coordinator, Aspen Systems Corporation, 2277 Research Blvd., Rockville, MD 20850.

• Medicare Coordinator, DynCorp Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Reston, VA 20190 -6017.

• Medicare Coordinator, Lifecare Management Partners, Mutual of Omaha Insurance Co., 6601 Little River Turnpike, Suite 300, Mutual of Omaha Plaza, Omaha, NE 68175.

• Medicare Coordinator, Reliance Safeguard Solutions, Inc., P.O. Box 30207, 400 South Salina Street, 2890 East Cottonwood Pkwy., Syracuse, NY 13202.

• Medicare Coordinator, Science Applications International, Inc., 6565 Arlington Blvd., P.O. Box 100282, Falls Church, VA.

• Medicare Coordinator, California Medical Review, Inc., Integriguard Division Federal Sector Civil Group, One Sansome Street, San Francisco, CA 94104-4448.

• Medicare Coordinator, Computer Sciences Corporation, Suite 600, 3120 Timanus Lane, Baltimore, MD 21244.

• Medicare Coordinator, Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Plano, TX 75204.

• Medicare Coordinator, TriCenturion, L.L.C., P.O. Box 100282, Columbia, SC 29202.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

The system contains information on Medicare beneficiaries whose Part A benefit and/or Part B Medicare premiums are paid by a state Medicaid agency, OPM, a formal third party group, or a surcharge only group payer.

Information collected includes, but is not limited to, name, social security number, health insurance claims number, date of birth, gender, amount of premium liability, date agency first became liable for Part A or Part B premiums or Part B surcharges, last month of agency premium liability, agency identification number, and an OPM annuity number.

Authority for maintenance of the system is given under §§ 1818, 1818A, (42 United States Code (U.S.C.) 1395i-2 and 2a), 1818(e) and (g) (42 U.S.C. 1395i-2(e) and (g)), 1839(e) (42 U.S.C. 1395r), 1840 (d) and (e) (42 U.S.C. 1395s (d) and (e)), and 1843 (42 U.S.C. 1395v) of Title XVIII of the Social Security Act (the Act).

The primary purpose of this modified system is to process beneficiary premium billing accretions and deletions to third party premium payer accounts (state Medicaid agencies, Office of Personnel Management (OPM), and formal third party groups and surcharge only group payers (latter as defined in 42 Code of Federal Regulations (CFR) 408.80 through 408.92 and 408.200 through 408.210)) for the payment of Part B (SMI) and/or Part A (HI) premiums on behalf of Medicare beneficiaries, the payment of the surcharge portion of the Part B premium on behalf of Medicare beneficiaries by a State or local government entity, and for enrolling individuals for Part A or Part B coverage under state buy-in agreements. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant, or a CMS grantee; (2) assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent; (3) support formal third party groups and surcharge only group payers pursuant to an agreement with CMS; (4) assist an individual or research organization to support research, evaluation of epidemiological projects; (5) support litigation involving the agency; and (6) combat fraud, waste, and abuse in certain Federally-funded health care programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal and/or State agency, agency of a State government, an agency established by State law, or its fiscal agent:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the State.

3. To support formal third party groups and surcharge only group payers pursuant to agreements with CMS to pay the Medicare premiums or surcharge only portion of the Part B premium on behalf of their members and who need to have access to the records in order to perform the activity.

4. To assist an individual or organization for research, evaluation, or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

5. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To assist a CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such program.

7. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, and abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on direct access storage devices and other electronically retrievable media.

Information can be retrieved by name, HICN, and assigned agency identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers for 6 years 3 months after final action of the case is completed. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Premium Billing and Collections, Accounting Management Group, Office of Financial Management, CMS, Mail Stop N3 -21-06, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Information contained in this system is obtained from third party agencies, Social Security Administration's Master Beneficiary Record, and CMS' Enrollment Database.

None.

72 FR 36000 7/2/07.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

PMDS contains information on persons enrolled in the Medicaid program under either Federal or State provisions, as well as health care providers.

Information collected includes but is not limited to data from 5 State Medicaid agencies (California, Georgia, Michigan, New York, and Tennessee) showing claims submitted for covered medical services, provider characteristics, name, address, phone number, date of birth, social security number (SSN), health insurance claim number (HICN), unique provider identification number, gender and ethnicity.

Authority for maintenance of the system is given under section 1902(a)(6) of the Social Security Act (42 United States Code 1396(a) (6)).

The primary purpose of this modified system is to collect and maintain individually-identifiable data to study Medicaid use and expenditures in order to increase CMS' understanding of the Medicaid and Medicare programs and to improve CMS' ability to conduct program evaluation, strengthen program management, evaluate policy alternatives, conduct and evaluate demonstration projects, and advise States in the area of Medicaid financing. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant, or grantee; (2) assist another Federal and/or State agency; (3) support an individual or organization for research, evaluation or epidemiological projects; and (4) support litigation involving the agency.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

5. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

6. To assist another Federal or State agency:

a. To contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. To enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds.

7. To assist an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects.

8. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

B. Additional Provisions Affecting Routine Use Disclosures.

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic tape and computer disk.

Enrollment records are retrieved by Medicaid and Medicare identification numbers. Provider records are retrieved by Medicaid and Medicare provider identification numbers. Claims records contain both enrollee and provider identification numbers.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period of 6 years and 3 months. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Deputy Director, Office of Research, Development and Information, CMS, Mail Stop C3-20-11, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Medicaid and Medicare enrollment, claims, and provider records.

None.

79 FR 32547 6/5/14.

Unclassified

RASS (RAS/RAPS) Location:

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

Information collected and maintained in this system pertains to: (1) Medicare beneficiaries enrolled in a Part C MA plan, MA-PD plan, PDP or PACE organization ("enrollees") and (2) the health care provider(s), supplier(s), physician(s), or other practitioner(s) ("Providers") who provide health care items and services to these enrollees.

The MA plans, MA-PDs, PDPs and PACE organizations ("MA organizations and other entities") receive the data from the providers which is then submitted to RAPS via FERAS. The data received from the MA organizations and other entities are primarily diagnosis data extracted from claims information. Additional FFS and utilization data regarding those submissions are received from the CME and NCH data systems to complete the enrollee data requirements.

Records will consist of the risk score for each enrollee and the data used to calculate the score, contained in Risk Adjustment Factor (RAF) files created in CMS’ Risk Adjustment System (RAS), using data extracted from three other CMS IT systems:

RAPS data: diagnosis data files containing abbreviated current diagnosis data submitted by payee entities to CMS’s Risk Adjustment Processing System (RAPS):

Health Insurance Claim Number (HICN)

Provider Type

Service From Date

Service Through Date

Plan Number (MAO contract number)

Diagnosis Code

Diagnosis Delete Date

RAS Diagnosis Indicator

NCH Category Equitable BIC

Accrete Data

Delete Plan Number

Submitter ID

Daily File Code, and

Delete File Code

CME data: current demographic and enrollment data from CMS’s Common Medicare Environment (CME):

Beneficiary Link Key Partition number

Beneficiary Link Identifier

Health Insurance Claim Number (HICN)

Beneficiary Social Security Number

Beneficiary Birth Date

Beneficiary Death Date

Beneficiary Sex Code

Beneficiary Race Code

Beneficiary First Name

Beneficiary Middle Name

Beneficiary Last Name

NCH data: current diagnosis data [and past medical history data] from National Claims History Files in CMS’s National Medicare Utilization Database (NMUD):

Health Insurance Claim Number (HICN)

NCH Category Equitable BIC

Diagnosis code

Service Through Date

Service From Date

Beneficiary Link Identifier

Provider Number

This system was established pursuant to sections 1853(a), 1860D-15(c), and 1894(d)(2)of the Social Security Act (42 U.S.C. 1395w-23, 1395w-115, 1395eee).

Records will be used within the agency to develop risk adjustment models and to calculate the risk score for each Medicare beneficiary enrolled in the Medicare health plan. The risk score will be reported to the system that CMS uses to process payments, and ultimately will be used to adjust payments to MA organizations, Part D sponsors, and PACE organizations, based on beneficiary health status. (Note that payment records are not covered under this system of records.)

Information retrieved from this SOR will be used for the following purposes:

to determine the risk adjustment factors used to adjust payments to MA organizations and other entities, as required under 42 CFR 422.304(a) and (c), 423.329 and 460.180.

to update risk adjustment models

to calculate Medicare Disproportionate Share Hospital (DSH) percentages

to conduct quality review and improvement activities for Medicare coverage purposes

to conduct evaluations and other analysis to support the Medicare program (including demonstrations)

to support public health initiatives and other health care related research

for activities to support the administration of the Medicare program

for activities conducted to support program integrity

for purposes authorized by applicable law

Records may be disclosed to parties outside HHS, without the individual record subject’s prior, written consent, for the following purposes:

1. To determine the risk adjustment factors used to adjust payments, as required under §§ 422.304(a) and (c), 423.329, and 460.180, to update risk adjustment models, to calculate Medicare DSH percentages, to conduct quality review and improvement activities, for Medicare coverage purposes, to conduct evaluations and other analysis to support the Medicare program (including demonstrations) and to support public health initiatives, for activities conducted to support program integrity, and for purposes authorized by applicable law.

2. To support CMS contractors, consultants, or grantees that have been contracted by the Agency when necessary to assist in accomplishment of a CMS function relating to the purposes for this system or a purpose listed in paragraph 1.

3. To support an individual or organization for research to support the Medicare program and public health initiatives, and otherwise related to health care, such as evaluation or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or for understanding and improving payment projects.

4. To provide information to the U.S. Department of Justice (DOJ), a court, or an adjudicatory body when (a) the Agency or any component thereof, or (b) any employee of the Agency in his or her official capacity, or (c) any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or (d) the United State Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court, or adjudicatory body is compatible with the purpose for which the agency collected the records.

5. To assist a CMS contractor (including, but not limited to Medicare Administrative Contractors, fiscal intermediaries, and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such program.

6. To assist another Federal agency or an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers or that has the authority to investigate potential fraud, waste or abuse in a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

7. To assist Medicare Advantage organizations, Part D Sponsors and PACE organizations with improving the quality of required risk adjustment data obtained from the provider that furnished the item or service. CMS will be analyzing the data received and advising MA organizations, Part D Sponsors and PACE organizations of trends and data analysis results to help improve the accuracy and completeness of data received from the provider.

8. To assist appropriate Federal agencies and CMS contractors and consultants that have a need to know the information for the purpose of assisting CMS’ efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, provided that the information disclosed is relevant and necessary for that assistance.

Note: CMS may disclose information from this system of records, without the individual record subject’s consent, for any of the following purposes referenced directly in the Privacy Act: 5 U.S.C. 552a(b)(1), (3) - (8), and (12). CMS must also disclose information from this system of records, without the individual record subject’s consent, for any of the following purposes referenced directly in the Privacy Act: 5 U.S.C. 552a(b)(2), and (b)(9) - (11).

Additional Provisions Affecting Routine Use Disclosures:

This system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, 65 FR 82462 (12-28-00), subparts A and E). Disclosures of PHI authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of data that is not directly identifiable, except if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Note: Information collected or obtained under § 1860D-15 (i.e., risk adjustment data used to pay Part D plan sponsors) will be used and disclosed only in accordance with the statutory limitations under § 1860D-15(f)(2).

Storage:

Archived records will be stored on magnetic tapes. Data that is currently in use is stored in the RAPS database.

Records will be retrieved by National Provider Identifier (NPI), beneficiary provider name, or beneficiary Health Insurance Claim Number.

Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational, and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems; and to prevent unauthorized access.

Access to records in the RASS will be limited to CMS personnel and contractors through password security, encryption, firewalls, and secured operating system(s).

Records (i.e., enrollee diagnosis data files created in RAPS, and Risk Adjustment Factor (RAF) files created in RAS) will be maintained for a period of up to 10 years after date of creation. Any such records that are needed longer, such as to resolve claims and audit exceptions or to prosecute fraud, will be retained until such matters are resolved. Enrollee claims records are currently subject to a document preservation order and will be preserved indefinitely pending further notice from the U.S. Department of Justice (DOJ).

Director, Division of Encounter Data and Risk Adjustment Operations, Medicare Plan Payment Group, Center for Medicare, CMS, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

Individuals (i.e., the beneficiary or provider) wishing to know if this system contains records about them should write to the system manager and include pertinent personally identifiable information (encrypted and properly transmitted) to be used for retrieval of their records (i.e., NPI or Health Insurance Claim Number).

Individuals seeking access to records about them in this system should follow the same instructions indicated under "Notification Procedure" and reasonably specify the record content being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a)(2)).

Individuals seeking to contest the content of information about them in this system should follow the same instructions indicated under "Notification Procedure." The request should: reasonably identify the record and specify the information being contested; state the corrective action sought; and provide the reasons for the correction, with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

RASS processes data extracted from RAPS and RAS IT systems to calculate the risk scores used to adjust payments to Medicare Advantage organizations, Part D plan sponsors and PACE plans. RAS receives the most current data for each Medicare Part C and Part D beneficiary from the following sources: RAPS, Common Medicare Environment (CME) also known as Medicare Beneficiary Database (MBD/CME), and National Medicare Utilization Database (NMUD). RAPS receives risk adjustment data from MA organizations and other entities defined above.

None.

80 FR 49237 8/17/15.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various co-locations of CMS agents.

The system will collect and maintain individually identifiable information on Medicare and Medicaid beneficiaries who have contacted SHIP representatives, as well as the SHIP counselors.

Information collected includes, but is not limited to: Name, counseling zip code, beneficiary zip code, telephone number, data of birth, gender, race/ethnicity and date of contact.

The statutory authority for maintenance of this system is given under § 4360 of Omnibus Budget Reconciliation Act of 1990 (Pub. L. 101-508), the outreach and education requirements of the Balanced Budget Act of 1997, and the Medicare Prescription Drug, Improvement, and Modernization Act of 2003.

The purpose of this system is to collect and maintain information on how beneficiaries use SHIP services, which includes individually identifiable information on Medicare and Medicaid beneficiaries who have contacted SHIP representatives. Information retrieved from this system may be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or CMS grantee; (2) assist another Federal or state agency with information to contribute to the accuracy of CMS's payment of Medicare benefits, enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (3) support litigation involving the agency; and (4) combat fraud, waste and abuse in certain Federally-funded health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits;

b. Enable such agency to administer a Federal health benefits program, or, as necessary, to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

c. Assist Federal/state Medicaid programs within the state.

3. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and, by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

4. To a CMS contractor (including, but not necessarily limited to, fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such program.

5. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures.

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 Fed. Reg. 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512(a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that an individual could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on electronic media.

The collected data are retrieved by the name or other identifying information of the participating provider or beneficiary, and may also be retrieved by a distinct identifier such as the Health Insurance Claim Number (HICN), at the individual beneficiary level.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records will be retained for a period of 6 years and 3 months. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Division of State Health Insurance Program Relations, Strategic Research & Campaign Management Group, Office of External Affairs, Mail Stop S1-13-05, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, MD 21244-1849.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or Social Security Number (SSN) (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

Data will be collected from Medicare and SHIP administrative records.

None.

72 FR 36005 7/2/07.

Unclassified

The RAD-V will be physically located at the CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, MD 21244-1850, and at various contractor sites.

The system will contain information about individuals currently or previously enrolled in a risk adjustment covered plan as defined at 45 CFR § 153.20, and individual providers of medical or health care services.

CMS will collect demographic, geographic, medical and/or health care information, date of birth, gender, dates of service about individuals that are currently and previously enrolled in risk adjustment covered plans. In addition, CMS will collect identifiable information about individual health care providers, including but not limited to name, ITIN or EIN, and NPI numbers.

Authority for the maintenance of the RAD-V is given under the provisions of §§ 1321 and 1343 of the Patient Protection and Affordable Care Act (Pub. L. 111-148) as amended by the Health Care and Education Reconciliation Act of 2010 (Pub. L. 111-152), and the Regulations at 45 CFR §§ 153.350, 153.620, 153.630.

The primary purpose of this system is to collect and maintain necessary to support the audit functions of the risk adjustment programs, including validation activities under the risk adjustment data validation system (RAD-V).

A. Entities Who May Receive Disclosures under Routine Uses

Records about an individual may be disclosed from this system of records to the following parties outside the agency, without the individual’s consent, for these purposes:

1. To CMS contractors who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To a health insurance issuer participating in the risk adjustment data validation program or any agent, contractor, sub-contractor or entity of that health insurance issuer that has entered into an agreement or contract with the issuer to assist in compliance with the risk adjustment data validation program.

3. The Department of Justice (DOJ), a court or an adjudicatory body when: a. The agency or any component thereof, or b. Any employee of the agency in his/her official capacity, or c. Any employee of the agency in his/her individual capacity where the DOJ has agreed to represent the employee, or d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, a court or an adjudicatory body is compatible for the purpose for which the agency collected the records.

4. To a CMS contractor that assists in the administration of a CMS administered health benefits program, when disclosure is deemed reasonably necessary by CMS, to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

5. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate, potential fraud in the health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

6. To appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department’s efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, if the information disclosed is relevant to and necessary for that assistance; and information from this system may become available to U.S. Department of Homeland Security (DHS) cyber security personnel if captured in an intrusion detection system used by HHS and DHS pursuant to a DHS cyber security program that monitors internet traffic to and from federal government computer networks to prevent a variety of types of cybersecurity incidents.

Records may also be disclosed to parties outside the agency, without the individual’s consent, for any of the purposes authorized directly in the Privacy Act at 5 U.S.C § 552(a)(b)(1), (2) and (b)(4) - (b)(12).

Storage:

Archived records for the risk adjustment data validation program will be stored in electronic form in the HHS-RADV Audit Tool maintained in the Acumen Web Portal.

The data collected is retrieved by the name of an individual, or by some other identifying number, symbol, or other identifying particular assigned to an individual.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the RAD-V have been trained in the Privacy Act information privacy and security requirements. Employees who maintain records in this system are instructed not to release data unless the intended recipient agrees to implement appropriate physical, technical, and administrative safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems, and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulation and Federal, HHS and CMS policies and standards as they relate to information security and data privacy. These laws and regulation mat apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the e-Government Act of 2002; the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and their corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III Security of Federal Automated Information Resources also applies, as well as Federal, HHS, and CMS information system security and privacy policies.

Records will be maintained until they become inactive, at which time they will be retired or destroyed in accordance with published records schedules of CMS, as approved by the National Archives and Records Administration, and following the guidelines in National Institutes of Science and Technology (NIST) Special Publication 800-88, Guidelines for Media Sanitation. Enrollee claims records subject to a document preservation order will be preserved consistent with the terms of the court’s order.

Director, Division of Risk Adjustment Operations, Payment Policy & Financial Management Group, CCIIO, CMS, 7500 Security Boulevard, Baltimore, MD 21244.

Individuals wishing to know if this system contains records about them should write to the System Manager and include pertinent personally identifiable information (which CMS recommends be encrypted and properly transmitted) to be used for retrieval of their records.

Individuals seeking access to records about them in this system should follow the same instructions indicated under "Notification Procedure" and reasonably specify the record content being sought. (These procedures are in accordance with HHS regulations at 45 CFR § 5b.5(a)(2).)

Individuals seeking to contest the content of information about them in this system should follow the same instructions indicated under "Notification Procedure." The request should: reasonably identify the record and specify the information being contested; state the corrective action sought; and provide the reasons for the correction, with supporting justification. (These procedures are in accordance with HHS regulations at 45 CFR § 5b.7.)

The RAD-V will contain individually identifiable enrollment and demographic information, claims and encounter information and enrollees’ medical records provided by issuers of risk adjustment covered plans. The issuers will provide the information as requested by CMS or a contractor on CMS’ behalf.

None.

81 FR 26566 5/3/16.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various other locations.

The system includes samples of the United States population served by Social Security Administration (SSA) and CMS programs.

The collected information will include, but is not limited to name, social security number (SSN), Medicaid identification number, health insurance claim number (HICN), eligibility for SSA and CMS programs, and benefit record information.

Authority for maintenance of this system is given under Section 1875(a) [42 U.S.C. 1395II(a)] and 1110 of the Social Security Act [42 U.S.C. 1310].

The primary purpose of the LOD is to collect and maintain information that will be used to conduct research, perform policy analysis, and improve program management for populations served by both SSA and CMS. Information maintained in this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant or grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) facilitate research on the quality and effectiveness of care provided, as well as epidemiological projects; and (4) support litigation involving the Agency.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Allow such agency to comply with Title XI, Part C of the Act,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Support data exchanges between the cooperating agencies.

3. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease, disability, or quality care projects, the restoration or maintenance of health, and payment related projects.

4. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and, by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the " Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1).)

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., beneficiary name, health insurance claim number, State assigned personal identifier, or social security number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002; the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003; and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 25 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Information and Methods Group, Office of Research, Development & Information, Mail Stop C3-16-07, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, MD 21244-1849.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Sources of information contained in this records system include data collected from SSA systems of records, e.g., Supplemental Security Record (09-60-0103), Master Beneficiary Record (09-60-0090), Disability Determination Files (09-60 -0044), and Social Security Account Number Identification File (09-60-0058) and LOD systems of records, e.g., Medicaid Statistical Information System (09-70-0541), Current Beneficiary Survey (09-70-0519), Common Working Files (09- 70-0526), National Claims History Files (09-70-0558) and Enrollment Data Base (09-70-0502).

None.

73 FR 11643 3/4/08.

Level Three Privacy Act Sensitive Data.

HCFA Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850, and Medicare intermediaries and carriers and agents at various locations.

All recipients of Medicare Part A and Part B services and supplies.

The system includes the following information for each beneficiary: Name; address; health insurance claims number (HIC); dates of service; and the contractor assigned claim control number.

Sections 205, 226, 1811, and 1832 of Title XVIII of the Social Security Act (42 USC 405, 426, 1395c, and 1395k).

The primary purpose of the system of records is to provide an explanation of Medicare claims processed and to advise beneficiaries of supplemental insurance, deductible status, appeals information and general Medicare information. Information retrieved from this system of records will be used to support regulatory and policy functions performed within the agency or by a contractor or consultant, support constituent requests made to a congressional representative, and to support litigation involving the agency related to this system of records.

The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine use in this system meets the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information that will be maintained in the system:

1. To agency contractors, or consultants who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity.

2. To a Member of Congress or to a congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

3. To the Department of Justice (DOJ), court or adjudicatory body when:

(a) The agency or any component thereof, or

(b) Any employee of the agency in his or her official capacity, or

(c) Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

(d) The United States Government is a party to litigation or has an interest in such litigation, and by careful review, HCFA determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

Storage:

Computer diskette and on magnetic storage media.

Information can be retrieved by the beneficiary's health insurance claims number or a contractor assigned claim control number.

HCFA has safeguards for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and systems security requirements. Employees who maintain records in the system are instructed not to release any data until the intended recipient agrees to implement appropriate administrative, technical, procedural, and physical safeguards sufficient to protect the confidentiality of the data and to prevent unauthorized access to the data.

In addition, HCFA has physical safeguards in place to reduce the exposure of computer equipment and thus achieve an optimum level of protection and security for the MBN system. For computerized records, safeguards have been established in accordance with HHS standards and National Institute of Standards and Technology guidelines, e.g., security codes will be used, limiting access to authorized personnel. System securities are established in accordance with HHS, Information Resource Management (IRM) Circular 1B10, Automated Information Systems Security Program; HCFA Automated Information Systems (AIS) Guide, Systems Securities Policies, and OMB Circular No. A-130 (revised), Appendix III.

Records are maintained in a secure storage area with identifiers. Records are placed in an inactive status at the close of the calendar year in which the benefit was paid, held two more years, transferred to a federal records center and destroyed after another six years.

Director, Division of Contractor Customer Service Operations, Center for Beneficiary Services, HCFA, C2-26-21, 7500 Security Boulevard, Baltimore, Maryland, 21244-1850. The telephone number is 410-786-2133.

For purpose of access, the subject individual should write to the system manager who will require the system name, health insurance claim number, address, date of birth and sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable) and social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources of information contained in this records system are provided by the beneficiary when applying for benefits or requesting payment, the physician or provider of services when requesting payment, and computations for amounts of payments and remaining benefits provided by the carriers and intermediaries.

None.

65 FR 48000 8/4/00.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

The MEDPAR contains a summary of all services rendered to a Medicare beneficiary, from the time of admission through discharge, for a stay in an inpatient hospital and/or Skilled Nursing Facilities (SNF), Supplemental Security Income (SSI) entitlement information that CMS receives from the Social Security Administration on Medicare beneficiaries who have had stays at inpatient hospitals and SNF, and enrollment data on Medicare beneficiaries.

The MEDPAR contains information necessary for appropriate Medicare claim processing. It also contains, but is not limited to, the Medicare health insurance claim number (HICN), gender, race, age (no date of birth), zip code, state and county for Medicare beneficiaries who have received inpatient hospital and SNF services.

Authority for maintenance of this system is given under sections 1102(a), 1871, and 1886(d)(5)(F) of the Social Security Act, (Title 42 United States Code (U.S.C.) §§ 1302(a), 1395hh, and 1395ww(d)(5)(F)). Authority is also given under section 951 of the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (Pub. L. 108-173).

The primary purpose of the system is to collect and maintain information for all services rendered during Medicare beneficiary stays in an inpatient hospital and/or Skilled Nursing Facilities, so as to enable CMS and its contractors to facilitate research on the quality and effectiveness of care provided, update annual hospital Inpatient Prospective Payment System (IPPS) rates, and to calculate Supplemental Security Income ratios for hospitals that are paid under the hospital IPPS and serve a disproportionate share of low-income patients, (hospitals that serve a disproportionate share of low-income patients are entitled to increased reimbursement under the IPPS). Information retrieved from this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor or consultant; (2) provide system data to a hospital that has an appeal properly pending before the Provider Reimbursement Review Board (PRRB) or before an intermediary; (3) provide system data when all requirements have been met to a hospital that may be entitled to disproportioned share hospital payments and makes a requests in accordance with section 951 of the MMA; (4) assist another Federal or state agency with information to enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (5) support constituent requests made to a Congressional representative; (6) support litigation involving the agency; (7) facilitate research on the quality and effectiveness of care provided; and, (8) combat fraud and abuse in certain Federally-funded health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, or consultants who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity.

2. To a hospital that has an appeal properly pending before the Provider Reimbursement Review Board, or before an intermediary, on the issue of whether it is entitled to disproportionate share hospital payments, or the amount of such payments. As a condition of disclosure under this routine use, CMS will require the recipient of the information to:

a. Establish reasonable administrative, technical, and physical safeguards to prevent unauthorized access, use, or disclosure of the record or any part thereof;

b. Remove or destroy the information that allows the subject individual(s) to be identified at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the request;

c. Refrain from using or disclosing the information for any purpose other than the stated purpose under which the information was disclosed; and

d. Attest in writing that it understands the foregoing provisions, and is willing to abide by the foregoing provisions and any additional provisions that CMS deems appropriate in the particular circumstances.

3. To a hospital that may be entitled to disproportionate share hospital payments, or the amount of such payments, for cost reporting periods that span December 8, 2004, and beyond. As a condition of disclosure under this routine use, CMS will require the recipient of the information to:

a. Establish reasonable administrative, technical, and physical safeguards to prevent unauthorized access, use or disclosure of the record or any part thereof;

b. Remove or destroy the information that allows the subject individual(s) to be identified at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the request;

c. Refrain from using or disclosing the information for any purpose other than the stated purpose under which the information was disclosed; and

d. Attest in writing that it understands the foregoing provisions, and is willing to abide by the foregoing provisions and any additional provisions that CMS deems appropriate in the particular circumstances.

4. To another Federal or state agency to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits, and/or

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds.

5. To an individual or organization for research, evaluation, or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects.

6. To a member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained.

7. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

8. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

9. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

The Medicare records are retrieved by HICN of the beneficiary.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable MEDPAR data for a total period not to exceed 25 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Acute Care, Hospital and Ambulatory Provider Group, Center for Medicare Management, CMS, Room C4-08- 06, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, age, gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable) and social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

CMS's National Claims History system of records, enrollment data on Medicare beneficiaries, and SSI eligibility information from the Social Security Administration.

None.

71 FR 17470 4/6/06; 74 FR 30606 6/26/09.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and the Office of Operations Management, South Building, Lower Level, Baltimore, Maryland 21244-1850.

The collected information on all CMS employees and non-CMS employees, contractors, employees of another Federal agency, visitors, and others who require parking privileges at the CMS buildings.

This system contains the collected information on all Federal employees at CMS buildings, i.e., will contain name, social security number, parking permit number, telephone number, work location, position, title and grade, supervisor's name and telephone number and background information relating to medical or specific parking needs.

Authority for maintenance of this system is given under Title 5 United States Code § 301.

The primary purpose of the system of records is to collect and maintain information on all CMS employees, non-CMS employees, contractors, employees of other Federal agencies, visitors, and others who require parking privileges at the CMS complex at Baltimore, Maryland. Information retrieved from this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or grantee; and (2) support litigation involving the agency.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants or grantees who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity.

2. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

Storage:

Information is maintained on paper, computer diskette and on magnetic storage media.

Name and parking permit identification number are used to retrieve the records.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent NIST publications; the HHS Automated Information Systems Security Handbook and the CMS Information Security Handbook.

All records are destroyed one year after parking privileges are terminated.

Director, Emergency Resources Management and Response Group, Office of Operations Management, CMS, Room SLL-11-08, CMS, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purposes of access, the subject individual should write to the system manager who will require the system name, parking permit number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable) and Social Security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purposes of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources of information contained in this system are received from the individual requesting parking privileges on CMS Form 182.

None.

71 FR 60533 10/13/06.

Level Three Privacy Act Sensitive Data.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various other contractor locations.

This system will collect and maintain individually identifiable and other data collected on individuals/consumers who make complaints/inquiries to CMS that their health insurance issuers and/or non-Federal governmental health plans are in violation of the PHS ACT.

The system contains information such as consumer's name, address, phone number, the name and address of their health plan or health insurance issuer, their plan ID number or social security number, the nature of their complaint/inquiry against their health plan or issuer, and any medical and other additional information that is necessary for CAHII to help resolve the consumer's complaint.

Authority for maintenance of this system is given under §§ 2722 and 2761 of the Public Health Service (PHS) Act; the Mental Health Parity Act of 1996 (MHPA); the Newborns' and Mothers' Health Protection Act of 1996 (NMHPA); and the Women's Health and Cancer Rights Act of 1998 (WHCRA) with respect to non-Federal governmental plans.

The primary purpose of this system is to collect and maintain information initiated by consumers complaints/reports to CMS that their health insurance issuers and/or non-Federal governmental health plans are in violation of one or more of the following statutes: §§ 2722 and 2761 of the Public Health Service (PHS) Act; the Mental Health Parity Act of 1996 (MHPA); the Newborns' and Mothers' Health Protection Act of 1996 (NMHPA); and , the Women's Health and Cancer Rights Act of 1998 (WHCRA). Information maintained in this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant or grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) assist third party contacts in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to benefits under the Medicare program; (4) inform a health insurance issuer and/or health plan who has been named in a complaint/inquiry and is believed to be potentially in violation of relevant portions of the PHS ACT; (5) support litigation involving the Agency; and (6) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or grantees that have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need access to the records in order to assist CMS.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS's payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Refer a complaint or with respect to Title I of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Mental Health Parity Act of 1996 (MHPA), the Newborns' and Mothers' Health Protection Act of 1996 (NMHPA), and the Women's Health and Cancer Rights Act of 1998 (WHCRA).

3. To assist third party contacts in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and,

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: The individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exists, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program, the amount of reimbursement, and in cases in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of activities.

4. To inform a health insurance issuer and/or health plan, who has been named in a complaint and is believed to be potentially in violation of relevant portions of the PHS Act.

5. To assist the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. any employee of the Agency in his or her official capacity, or

c. any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To support a CMS contractor that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS- administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

7. To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in a program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512 (a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., consumer's name or health insurance claims number, if, applicable.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 6 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Policy, Employer Policy and Operations Group, Center for Beneficiary Choices, CMS, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a) (2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

The data collected and maintained in this system are retrieved from individuals/consumers who file complaints/reports to CMS that their health insurance issuers and/or non-Federal governmental health plans are in violation of the PHS ACT.

None.

72 FR 26121 5/8/07.

Level Three Privacy Act Sensitive

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

The system contains information on total Medicare payments that have been made to physicians and suppliers by Medicare carriers and intermediaries.

The system contains the name, address, assigned provider number, employer identification number (EIN), and social security number (SSN) of the physicians and suppliers.

Authority for the maintenance of this SOR is given under the Internal Revenue Code, Title 26 United States Code (USC) sec. 6041.

The primary purpose of the SOR is to provide periodic reporting to the Internal Revenue Service (IRS). Information in this system will also be disclosed to: the IRS, support regulatory and policy functions performed within the agency or by a contractor or consultant, support constituent requests made to a congressional representative, support litigation involving the agency related to this system of records, and combat fraud and abuse in certain federally funded health care programs.

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the EDB without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. In addition, our policy will be to prohibit release even of non-identifiable data, except pursuant to one of the routine uses, if there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

This SOR contains Protected Health Information as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, 65 Federal Register (FR) 82462 (12-28-00), as amended by 66 FR 12434 (2-26-01)). Disclosures of Protected Health Information authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." We are proposing to establish or modify the following routine use disclosures of information maintained in the system:

1. To the Internal Revenue Service in connection with the determination of the individual's self-employment income.

2. To agency contractors, or consultants who have been engaged by the agency to assist in accomplishment of a CMS function relating to the purposes for this SOR and who need to have access to the records in order to assist CMS.

3. To a Member of Congress or to a congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

4. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation

5. To a CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS- administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

6. To another federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

Storage:

Computer diskette and on magnetic storage media.

Information maintained in this system can be retrieved by the name, SSN, EIN, and an assigned physician/supplier identification number.

CMS has safeguards for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and systems security requirements. Employees who maintain records in the system are instructed not to release any data until the intended recipient agrees to implement appropriate administrative, technical, procedural, and physical safeguards sufficient to protect the confidentiality of the data and to prevent unauthorized access to the data.

In addition, CMS has physical safeguards in place to reduce the exposure of computer equipment and thus achieve an optimum level of protection and security for the 1099 system. For computerized records, safeguards have been established in accordance with the Department of Health and Human Services (HHS) standards and National Institute of Standards and Technology guidelines, e.g., security codes will be used, limiting access to authorized personnel. System securities are established in accordance with HHS, Information Resource Management (IRM) Circular #10, Automated Information Systems Security Program; CMS Automated Information Systems (AIS) Guide, Systems Securities Policies, and OMB Circular No. A-130 (revised), Appendix III.

Records are maintained in a secure storage area with identifiers for 5 years.

Director, Division of Accounting, Accounting and Risk Management Group, Office of Financial Management, CMS, Room N3-11-17, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, address, date of birth, and sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

The record of the total annual payments made to each physician or supplier is derived from the individual Medicare bill payments.

None.

67 FR 40941 6/14/02.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and South Building, Baltimore, Maryland 21244-1850.

The system collects and maintains information on Federal employees, contractors and consultants, Government Services Administration (GSA) employees, and contract guards working in the central office complex in Baltimore.

The information maintained contains the individual's name, assigned card key number, demographic and geographic information, and the building/secure area location. The system also contains the date and time of actual or attempted entry to secured areas.

The authority for this system is given under the provisions of 5 United States Code (U.S.C.) 301, 40 U.S.C. 121, 41 Code of Federal Regulations (CFR) Part 102-74, Subpart C (Conduct on Federal Property), 5 U.S.C. 552a(e)(10), and Office of Management and Budget Circular A-123, "Internal Control Systems."

The primary purpose of the system of records is to issue and control United States Government card keys to all CMS employees and other authorized individuals who require access into certain designated or secured areas. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or grantee; (2) assist another Federal agency to conduct activities related to this system; and (3) support litigation involving the agency.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use."

The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal agency to conduct activities related to this system of records and who need to have access to the records in order to perform the activity.

3. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

Storage:

All records are stored on paper and magnetic disk.

Magnetic media records are retrieved by the name of the employees or other authorized individual and/or card key number. Paper records are retrieved alphabetically by name.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are retained for up to 3 years following expiration of an individual's authority to enter secured areas. When an individual is no longer authorized, information is deleted from magnetic media immediately.

Director, Emergency Management and Response Group, Office of Operations Management, CMS, Room SLL-11-28, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, assigned card key number, and building/secure area, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7.)

The data contained in this system of records are obtained from the individuals who submit a request for access to a secure building or area.

None.

71 FR 67130 11/20/06.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

Records in this system will be maintained on a random sample of persons enrolled for hospital insurance and/or supplemental medical benefits under the Medicare program.

Records in this system will include, but are not limited to, name, social security number (SSN), health insurance claim number (HICN), age, gender, ethnicity, education, military service history, income data, marital status, medical utilization and cost data, prescription drug usage and cost data, health and functional status, health insurance coverage, medical condition status, household composition data, and medical provider names.

Authority for maintenance of the system is given under section 1875 of the Social Security Act (42 United States Code 1395ll).

The primary purpose of this modified system is to collect and maintain a research database for CMS and other researchers that is capable of producing data sets suitable for both longitudinal and cross-sectional analysis to be used to: (1) Produce projections for current programs and proposed program changes, (2) produce national level estimates of health care expenditures by the aged and disabled, and (3) provide a research database that can be used to provide guidance to program management and policies. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant, or a CMS grantee; (2) assist another Federal or State agency with information to contribute to the accuracy of CMS's proper payment of Medicare benefits, enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (3) assist an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects; and (4) support litigation involving the agency.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or State agency to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits;

b. Enable such agency to administer a Federal health benefits program, or, as necessary, to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

c. Assist Federal/State Medicaid programs within the State.

3. To assist an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

4. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

B. Additional Provisions Affecting Routine Use Disclosures.

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on computer diskette and magnetic storage media.

Information can be retrieved by the name and HICN of the beneficiary.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications, the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records will be maintained for 10 years after the final action of the research project is complete. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Deputy Director, Office of Research, Development and Information, CMS, Mail Stop C3-20-01, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Information contained in these records will be obtained from the Medicare enrollment records, Medicare bill records, Medicare provider records, Medicare beneficiaries and/or their representatives, and Medicare carriers and intermediaries.

None.

71 FR 60722 10/16/06; 74 FR 30606 6/26/09.

Level Three Privacy Act Sensitive Data.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various other contractor locations.

This system will collect and maintain individually identifiable and other data collected on individuals with ESRD who receive Medicare benefits or who are treated by DVA health care facilities. The system contains information on both the beneficiary and the provider of services.

The collected information will include, but is not limited to beneficiary/patient medical records, claims data, and payment data collected from several non-reimbursement data collection instruments and Medicare bills. The provider of services' name, address, Medicare identification number, types of services provided, certification and or termination date, and ESRD network number.

The statutory authority for this system is given under the provisions of Sections 226A, 1875, and 1881 of the Social Security Act (the Act) (Title 42 United States Code (U.S.C.), sections 426-1, 1395ll, and 1395rr).

The primary purpose of the system of records is to maintain information on Medicare ESRD beneficiaries, non-Medicare ESRD patients; Medicare approved ESRD hospitals and dialysis facilities, and Department of Veterans Affairs (DVA) patients. The ESRD/PMMIS is used by CMS and the renal community to perform their duties and responsibilities in monitoring the Medicare status, transplant activities, dialysis activities, and Medicare utilization (inpatient and physician/supplier bills) of ESRD patients and their Medicare providers, as well as in calculating the Medicare covered periods of ESRD. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant or grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) support an ESRD Network Organizations; (4) assist Quality Improvement Organizations (QIO) to implement quality improvement programs; (5) facilitate research on the quality and effectiveness of care provided and payment related projects; (6) permit the release of priority personal information to complete a transfer out event and/or a transfer-in event; (7) support litigation involving the agency; and, (8) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Determine compliance with the Federal conditions that an ESRD facility must meet in order to participate in Medicare.

3. To ESRD Network Organizations in connection with review of claims, or in connection with studies or quality improvements projects or other review activities, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

4. To Quality Improvement Organizations in connection with review of claims, or in connection with studies or quality improvements projects or other review activities, conducted pursuant to Part B of Title XI of the Social Security Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

5. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

6. To assist with a transfer out event from a losing ESRD facility and/or a transfer-in event to a gaining ESRD facility to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits; and

b. Enable such facilities to ensure the proper transfer of health records, and/or as necessary to enable such a facility to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and

c. Assist ESRD programs which may require PMMIS information for purposes related to this system.

Information will be released to these facilities upon specific request, and only for those facilities if they meet the following requirements:

d. Provide an attestation or other qualifying information that they are providing assistance to qualified ESRD beneficiaries/patients;

e. Submit a report of the transfer-in or transfer-out event with the following required priority information: Name, address, HICN or SSN, date of birth;

f. Safeguard the confidentiality of the data and prevent unauthorized access; and

g. Complete a written statement attesting to the information recipient's understanding of and willingness to abide by these provisions.

7. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and, by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

8. To a CMS contractor (including, but not necessarily limited to, fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

9. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures: To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., beneficiary name or HICN, and unique provider identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records will be retained until an approved disposition authority is obtained from the National Archives and Records Administration. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Information Support Group, Office of Clinical Standards and Quality, CMS, Room S3-02-01, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a) (2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

The data contained in these records are obtained from Medicare ESRD medical evidence reports, kidney transplant reports, ESRD beneficiary reimbursement method selection forms, ESRD death notification forms, Medicare bills, CMS Medicare Master files, ESRD facility surveys, ESRD facility certification notices, and the Medicare/Medicaid Automated Certification System (MMACS).

None.

72 FR 26126 5/8/07; 74 FR 30606 6/26/09.

Appendix A

1. ESRD Network of New England, Incorporated, Post Office Box 9484, New Haven, Connecticut 06534.

2. ESRD Network of New York, Incorporated, 1249 Fifth Avenue, A-419, New York, New York 10029.

3. Trans-Atlantic Renal Council, Cranbury Plaza, 2525 Route 130--Building C, Cranbury, New Jersey 08512-9595.

4. ESRD Network Organization Number 4, 200 Lothrop Street, Pittsburgh, Pennsylvania 15213-2582.

5. Mid-Atlantic Renal Coalition, 1527 Huguenot Road, Midlothian, Virginia 23113.

6. Southeastern Kidney Council, Incorporated, 1000 Saint Albans Drive, Suite 270, Raleigh, North Carolina 27609.

7. ESRD Network of Florida, Incorporated, One Davis Boulevard, Suite 304, Tampa, Florida 33606.

8. Network 8, Incorporated, Post Office Box 55868, Jackson, Mississippi 39296-5868.

9 & 10. The Renal Network, Incorporated, 911 East 86th Street, Suite 202, Indianapolis, Indiana 46240.

11. Renal Network of the Upper Midwest, 970 Raymond Avenue #205, Saint Paul, Minnesota 55114.

12. ESRD Network Number 12, 7509 NW T Tiffany Spring Parkway, Suite 105, Kansas City, Missouri 64153.

13. ESRD Network Organization Number 13, 6600 North Meridan Avenue, Suite 155, Oklahoma City, Oklahoma 73116-1411.

14. ESRD Network of Texas, Incorporated, 14114 Dallas Parkway, Suite 660, Dallas, Texas 75240-4349.

15. Intermountain ESRD Network, Incorporated, 1301 Pennsylvania Street, Suite 220, Denver, Colorado 80203-5012.

16. Northwest Renal Network, 4702 42nd Avenue, Seattle, Washington 98116.

17. TransPacific Renal Network, 25 Mitchell Boulevard, Suite 7, San Rafael, California 94903.

18. Southern California Renal Disease Council, 6255 Sunset Boulevard, Suite 2211, Los Angeles, California 90082.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

The IRF-PAI will be completed on all Medicare Part A fee-for-service patients who receive services under Part A from an IRF, it may also be completed on Medicare Advantage enrollees.

Records in this system will include, but are not limited to, name, address, date of birth, gender, ethnicity, social security number (SSN), health insurance claim number (HICN), Medicaid number, patient identification number, patient history, diagnosis, and functional prognosis.

Authority for maintenance of the system is given under section 1886(j)(2)(D) of the Social Security Act authorizing the secretary to collect the data necessary to establish and administer the payment system.

The primary purpose of this modified system is to support the IRF prospective payment system (PPS) for payment of the IRF Medicare Part A fee-for-services furnished by the IRF to Medicare beneficiaries. Information maintained in this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant, or a CMS grantee; (2) assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent, for evaluating and monitoring the quality of IRF health care and contribute to the accuracy of health insurance operations; (3) support research, evaluation, or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects; (4) support the functions of Quality Improvement Organizations (QIO); (5) assist other insurers; (6) support the functions of national accrediting organizations; (7) support litigation involving the Agency; (8) combat fraud, waste, and abuse in certain health care programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Improve the state survey process for investigation of complaints related to health and safety or quality of care and to implement a more outcome oriented survey and certification program.

3. To an individual or organization for research on the utilization of inpatient rehabilitation services as well as evaluation or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or for understanding and improving payment projects.

4. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

5. To assist insurance companies, third party administrators (TPA), employers, self-insurers, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, group health plans (i.e., health maintenance organization (HMO) or a competitive medical plan (CMP)) with a Medicare contract, or a Medicare-approved health care payment plan (HCPP), directly or through a contractor, and other groups providing protection for their enrollees. Information to be disclosed shall be limited to Medicare entitlement data. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a third party administrator;

b. Utilize the information solely for the purpose of processing the individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

6. To assist national accrediting organization(s) whose accredited facilities are presumed to meet certain Medicare requirements for inpatient hospital rehabilitation services (e.g., the Joint Commission for the Accreditation of Healthcare Organizations, the American Osteopathic Association, or the Commission on Accreditation of Rehabilitation Facilities). Information will be released to these organizations for only those facilities that they accredit and that participate in the Medicare program and if they meet the following requirements:

a. Provide identifying information for IRFs that have an accreditation status with the requesting deemed organization;

b. Submission of a finder file identifying beneficiaries/patients receiving IRF services;

c. Safeguard the confidentiality of the data and prevent unauthorized access; and

d. Upon completion of a signed data exchange agreement or a CMS data use agreement.

7. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

8. To assist a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

9. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures. To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00), disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

The Medicare records are retrieved by the HICN and SSN.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the DHHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable IRF-PAI data for a total period of 15 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Survey and Certification Group, Center for Medicaid and State Operations, CMS, Mail Stop C3-20-01, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN.

Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.70.

Information for this system is collected from the Inpatient Rehabilitation Facilities--Patient Assessment Instrument.

None.

71 FR 67143 11/20/06; 74 FR 30606 6/26/09; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and South Building, Baltimore, Maryland 21244-1850.

The system of records (SOR) will contain clinical assessment information (OASIS) for all patients receiving the services of a Medicare and/or Medicaid approved HHA, except pre-partum and post-partum patients, patients under 18 years of age, and patients receiving other than personal care or health care services; i.e., housekeeping services and chore services. Identifiable information will be maintained in the SOR only for those individuals whose payments come from Medicare or Medicaid.

This SOR will contain individual-level demographic and identifying data, as well as clinical status data for patients with the payment sources of Medicare traditional fee for service, Medicaid traditional fee for service, Medicare HMO/managed care or Medicaid HMO/managed care.

Authority for maintenance of this system is given under Sections 1102(a), 1154, 1861(m), 1861(o), 1861(z), 1863, 1864, 1865, 1866, 1871, 1891, and 1902 of the Social Security Act. These provisions of the Act authorize the Administrator of CMS to require HHAs participating in the Medicare and Medicaid programs to complete a standard, valid, patient assessment data set; i.e., the OASIS, as part of their comprehensive assessments and updates when evaluating adult, non-maternity patients as required by section 484.55 of the Conditions of Participation. Authority is also given under section 951 of the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (Pub. L. 108-173).

The primary purposes of the SOR are to collect and maintain information to: (1) Study and help ensure the quality of care provided by home health agencies (HHA); (2) aid in administration of the survey and certification of Medicare/Medicaid HHAs; (3) enable regulators to provide HHAs with data for their internal quality improvement activities; (4) support agencies of the state government to determine, evaluate and assess overall effectiveness and quality of HHA services provided in the state; (5) provide for the validation, and refinements of the Medicare Prospective Payment System; (6) aid in the administration of Federal and state HHA programs within the state; and (7) monitor the continuity of care for patients who reside temporarily outside of the state. Information maintained in this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant, or grantee; (2) assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent, for evaluating and monitoring the quality of home health care and contribute to the accuracy of health insurance operations; (3) support research, evaluation, or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects; (4) support the functions of Quality Improvement Organizations (QIO); (5) support the functions of national accrediting organizations; (6) support litigation involving the Agency; (7) combat fraud, waste, and abuse in certain health care programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with federal funds, and/or

c. evaluate and monitor the quality of home health care and contribute to the accuracy of health insurance operations.

3. To assist an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects.

4. To support Quality Improvement Organizations (QIO) in order to assist the QIO to perform Title XI and Title XVIII functions relating to assessing and improving HHA quality of care.

5. To support national accrediting organizations with approval for deeming authority for Medicare requirements for home health services (i.e., the Joint Commission on Accreditation of Healthcare Organizations, Accreditation Commission for Health Care, Inc., and the Community Health Accreditation Program). Information will be released to these organizations upon specific request, and only for those facilities that they accredit and that participate in the Medicare program and if they meet the following requirements:

a. Provide identifying information for HHAs that have an accreditation status with the requesting deemed organization,

b. Submit a finder file identifying beneficiaries/patients receiving HHA services,

c. Complete a signed data exchange agreement or a CMS data use agreement, and

d. Safeguard the confidentiality of the data and prevent unauthorized access.

6. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. any employee of the agency in his or her official capacity, or

c. any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

7. To assist a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

8. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures. To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 Fed. Reg. 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on paper and magnetic disk.

The Medicare and Medicaid records are retrieved by health insurance claim number, Social Security number (SSN) or by state assigned Medicaid number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable OASIS assessment data for a total period not to exceed fifteen (15) years.

Director, Division of Continuing Care Providers, Survey and Certification Group, Center for Medicaid and State Operations, CMS, 7500 Security Boulevard, S2-12-25, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, health insurance claim number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay), address, date of birth, and sex.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

The data contained in this system of records are obtained from The Outcome and Assessment Information Set.

None.

72 FR 63906 11/13/07; 74 FR 30606 6/26/09; 78 FR 23938 4/23/13; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and South Building, Baltimore, Maryland 21244-1850.

Interns and residents (IR) in medical residency programs approved under 42 CFR § 413.75, working in all areas of the hospital complex, or other freestanding providers, as well as non-hospital or non-provider settings on or after July 1, 1985.

The system includes the following information for each IR: name, social security number; name of medical, osteopathic, dental, or podiatric school graduated from and date of graduation, type of residency program for the medical specialty, number of years completed in all types of residency programs, foreign medical school graduation date and certification date, name of employer (e.g., hospital, university, corporation) paying the salary, the percentage of time spent working in either the inpatient areas of the hospital subject to the Prospective Payment System or in the outpatient areas of the hospital or in a non-hospital setting under agreement with the hospital for indirect medical education (IME), the percentage of time spent working in any area of the hospital complex or in a non-provider setting under agreement with the hospital for graduate medical education (GME), the start and end dates assigned to the hospital and any hospital-based providers (assignment periods) during the hospital's cost reporting period, the start and end dates assigned to any non-hospital or non-provider setting in connection with approved residency programs (assignment periods) during the hospital's cost reporting period, and the full-time or part- time percentage during each assignment period.

Authority for maintenance of the system is given under the provisions of §§ 1886(d)(5)(B) and 1886(h) of the Social Security Act (Title 42 United States Code (U.S.C.) §§ 1395ww(d)(5)(B) and 1395ww (h)).

The primary purpose of the SOR is to ensure that no interns and residents (IRs) are counted by the Medicare program as more than one full-time equivalent (FTE) employee in the calculation of payments for the costs of direct graduate medical education (GME) and indirect medical education (IME). Information retrieved from this SOR will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor or consultant, (2) assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent, (3) support providers and suppliers of services, (4) assist third-party contacts where necessary to establish or verify information, (5) support litigation involving the Agency, and (6) combat fraud, waste, and abuse in certain health benefits programs.

A. Entities Who May Receive Disclosures Under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the IRIS without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We are proposing to establish or modify the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent:

a. To contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. To enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with federal funds.

3. To providers and suppliers of services (and their authorized billing agents) directly or dealing through fiscal intermediaries or carriers, for administration of provisions of Title XVIII of the Social Security Act.

4. To third-party contacts where necessary to establish or verify information provided on or by IR.

5. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government

Is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To a CMS contractor (including, but not limited to FIs and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

7. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

Storage:

All records are stored on paper and magnetic disk.

Magnetic media records are retrieved by the name of the employees or other authorized individual and/or card key number. Paper records are retrieved alphabetically by name.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers. Disposal occurs three years from the last action on the hospital's cost report, and should be coordinated with disposal of the reports.

Director, Division of Provider Audit Operations, Financial Services Group, Office of Financial Management, CMS, 7500 Security Boulevard, C3-14-00, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the systems manager who will require the system name, SSN, address, date of birth, sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Data for this system is collected from IRIS diskettes/CDs as transmitted by the hospitals.

None.

72 FR 69691 12/10/07.

Level Three Privacy Act Sensitive.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850. The system is also located at CMS contractors and agents at various locations (see Appendix A).

All physicians, non-practitioners and medical groups practices, defined by §§ 1124(A), 1861(r), 1842(b)(I)(ii)(iii)(iv) (v)(r), and 1877(h)(4) of the Social Security Act who request or receive Medicare reimbursement for medical services.

The system contains an UPIN, tax identification, and social security number (SSN) for each physician, non-physician practitioner and medical group. Also, the system contains information concerning a provider's birth, residence, medical education, and eligibility information for Medicare reimbursement.

Authority for the collection and maintenance of this system is given under the provisions of §§ 1842(r)-(42 U.S.C. 1395u) of Pub. L. 101-508; 1861(s)(1)-(42 U.S.C. 1395x); §§ 1833(q)(1)-(42 U.S.C. 1395l); 1842(b)(18) -(42 U.S.C. 1395u); § 1842(h)(4) & (5)-(42 U.S.C. 1395u); and 4164 of Omnibus Budget Reconciliation Act of 1990 (OBRA).

The primary purpose of the SOR is to: (1) Collect and maintain an unique identification of each physician, non-physician practitioner, or medical group practice requesting or receiving Medicare payment, and (2) provide beneficiaries and other interested entities with the identification of each physician or non-physician practitioner assigned an UPIN and who are participating in the Medicare program. Information retrieved from this SOR will be used to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor or consultant, or CMS grantee; (2) assist another Federal and/or State agency, agency of a State government, an agency established by State law, or its fiscal agent; (3) facilitate research on the quality and effectiveness of care provided, as well as payment related projects; (4) assist Quality Improvement Organizations; (5) provide the American Medical Association with information needed for them to assist us in identifying physicians; (6) support litigation involving the Agency; and (7) combat fraud, waste, and abuse in certain health benefits programs.

A. Entities Who May Receive Disclosures Under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the UPIN without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We propose to establish or modify the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or grantees who have been engaged by the Agency to assist in accomplishment of a CMS function relating to the purposes for this SOR and who need to have access to the records in order to assist CMS.

2. To assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent pursuant to agreements with CMS to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/State Medicaid programs within may require UPIN information for purposes related to this system.

3. To assist an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects.

4. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities, conducted pursuant to Part B of Title XI of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

5. To support the American Medical Association (AMA), for the purpose of assisting CMS to identify medical doctors when CMS is unable to establish an identity, provided the AMA agrees to:

a. Use the information provided by CMS solely to identify a medical doctor;

b. Make no copies of the information it receives from the CMS, except for one back-up copy;

c. Return such information to CMS upon completion of its matching operation, and erase the back-up copy;

d. Establish appropriate administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the records; and,

e. Sign a written statement attesting to its understanding of, and willingness to abide by these provisions.

6. To assist the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. Any employee of the Agency in his or her official capacity, or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government,

Is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

7. To assist a CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such program.

8. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste or abuse in a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

B. Additional Circumstances Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

The records are retrieved alphabetically by the provider name, social security number or by their assigned UPIN.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS and the repository of the National Archive and Records Administration will retain identifiable UPIN assessment data for a total period not to exceed fifteen (15) years.

Director, Program Integrity Group, Office of Financial Management, CMS, 7500 Security Boulevard, Baltimore, Maryland, 21244- 1850.

For purpose of access, the subject individual should write to the system manager, who will require the system name, health insurance claim number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), social security number (SSN) (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay), address, date of birth, and sex.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

CMS obtains the identifying information in this system from carriers. Information in these records concerning the eligibility of physicians, practitioners, and medical groups for Medicare reimbursement is obtained either directly from such entities through Medicare Regional Offices, contractors, PRO, Department of Justice, State or local judicial systems, medical licensing and certification agencies or organizations, medical societies and medical associations.

None.

79 FR 64802 10/31/14.

Appendix A. Health Insurance Claims

Medicare records are maintained at the CMS Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the CMS Regional Office (see section 2 below for addresses). Medicare claims records are also maintained by private insurance organizations that share in administering provisions of the health insurance programs. These private insurance organizations, referred to as carriers and intermediaries, are under contract to the Centers for Medicare & Medicaid Services and the Social Security Administration to perform specific tasks in the Medicare program (see section three below for addresses for intermediaries, section four addresses the carriers, and section five addresses the Payment Safeguard Contractors.

1. Central Office Address

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

2. CMS Regional Offices

Boston Region--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

New York Region--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007, Office Hours: 8:30 a.m.-5 p.m.

Philadelphia Region--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours: 8:30 a.m.-5 p.m.

Atlanta Region--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223, Office Hours: 8:30 a.m.-4:30 p.m.

Chicago Region--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A--824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

Dallas Region--Arkansas, Louisiana, New Mexico, Oklahoma, Texas, 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m-4:30 p.m.

Kansas City Region--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street--Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

Denver Region--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout St.--Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

San Francisco Region--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

Seattle Region--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours 8 a.m.-4:30 p.m

3. Intermediary Addresses (Hospital Insurance)

Medicare Coordinator, Assoc. Hospital Serv. Maine (ME BC), 2 Gannett Drive South, Portland, ME 04106-6911.

Medicare Coordinator, Anthem New Hampshire, 300 Goffs Falls Road, Manchester, NH 03111-0001.

Medicare Coordinator, BC/BS Rhode Island (RI BC), 444 Westminster Street, Providence, RI 02903-3279.

Medicare Coordinator, Empire Medicare Services, 400 S. Salina Street, Syracuse, NY 13202.

Medicare Coordinator, Cooperativa, P.O. Box 363428, San Juan, PR 00936-3428.

Medicare Coordinator, Maryland B/C, P.O. Box 4368, 1946 Greenspring Ave., Timonium, MD 21093.

Medicare Coordinator, Highmark, P5103, 120 Fifth Avenue Place, Pittsburgh, PA 15222-3099.

Medicare Coordinator, United Government Services, 1515 N. Rivercenter Dr., Milwaukee, WI 53212.

Medicare Coordinator, Alabama B/C, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Florida B/C, 532 Riverside Ave., Jacksonville, FL 32202-4918.

Medicare Coordinator, Georgia B/C, P.O. Box 9048, 2357 Warm Springs Road, Columbus, GA 31908.

Medicare Coordinator, Mississippi B/C MS, P.O. Box 23035, 3545 Lakeland Drive, Jackson, MS 39225-3035.

Medicare Coordinator, North Carolina B/C, P.O. Box 2291, Durham, NC 27702-2291.

Medicare Coordinator, Palmetto GBA, A/RHHI, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Tennessee B/C, 801 Pine Street, Chattanooga, TN 37402-2555.

Medicare Coordinator, Anthem Insurance Co. (ANTHM IN), P.O. Box 50451, 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Arkansas B/C, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Group Health of Oklahoma, 1215 South Boulder, Tulsa, OK 74119-2827.

Medicare Coordinator, Trailblazer, P.O. Box 660156, Dallas, TX 75266-0156.

Medicare Coordinator, Cahaba GBA, Station 7, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/C, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Nebraska B/C, P.O. Box 3248, Main PO Station, Omaha, NE 68180-0001.

Medicare Coordinator, Mutual of Omaha, P.O. Box 1602, Omaha, NE 68101.

Medicare Coordinator, Montana B/C, P.O. Box 5017, Great Falls Div., Great Falls, MT 59403-5017.

Medicare Coordinator, Noridian, 4510 13th Avenue SW., Fargo, ND 58121-0001.

Medicare Coordinator, Utah B/C, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Wyoming B/C, 4000 House Avenue, Cheyenne, WY 82003.

Medicare Coordinator, Arizona B/C, P.O. Box 37700, Phoenix, AZ 85069.

Medicare Coordinator, UGS, P.O. Box 70000, Van Nuys, CA 91470-0000.

Medicare Coordinator, Regents BC, P.O. Box 8110 M/S D-4A, Portland, OR 97207-8110.

Medicare Coordinator, Premera BC, P.O. Box 2847, Seattle, WA 98111-2847.

4. Medicare Carriers

Medicare Coordinator, NHIC, 75 Sargent William Terry Drive, Hingham, MA 02044.

Medicare Coordinator, B/S Rhode Island (RI BS), 444 Westminster Street, Providence, RI 02903-2790.

Medicare Coordinator, Trailblazer Health Enterprises, Meriden Park, 538 Preston Ave., Meriden, CT 06450.

Medicare Coordinator, Upstate Medicare Division, 11 Lewis Road, Binghamton, NY 13902.

Medicare Coordinator, Empire Medicare Services, 2651 Strang Blvd., Yorktown Heights, NY, 10598.

Medicare Coordinator, Empire Medicare Services, NJ, 300 East Park Drive, Harrisburg, PA 17106.

Medicare Coordinator, Triple S, #1441 F.D., Roosevelt Ave., Guaynabo, PR 00968.

Medicare Coordinator, Group Health Inc., 4th Floor, 88 West End Avenue, New York, NY 10023.

Medicare Coordinator, Highmark, P.O. Box 89065, 1800 Center Street, Camp Hill, PA 17089-9065.

Medicare Coordinator, Trailblazers Part B, 11150 McCormick Drive, Executive Plaza 3 Suite 200, Hunt Valley, MD 21031.

Medicare Coordinator, Trailblazer Health Enterprises, Virginia, P.O. Box 26463, Richmond, VA 23261-6463.

United Medicare Coordinator, Tricenturion, 1 Tower Square, Hartford, CT 06183.

Medicare Coordinator, Alabama B/S, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Cahaba GBA, 12052 Middleground Road, Suite A, Savannah, GA 31419.

Medicare Coordinator, Florida B/S, 532 Riverside Ave, Jacksonville, FL 32202-4918.

Medicare Coordinator, Administar Federal, 9901 Linnstation Road, Louisville, KY 40223.

Medicare Coordinator, Palmetto GBA, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, CIGNA, 2 Vantage Way, Nashville, TN 37228.

Medicare Coordinator, Railroad Retirement Board, 2743 Perimeter Parkway, Building 250, Augusta, GA 30999.

Medicare Coordinator, Cahaba GBA, Jackson, Miss, P.O. Box 22545, Jackson, MS 39225-2545.

Medicare Coordinator, Adminastar Federal (IN), 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Wisconsin Physicians Service, P.O. Box 8190, Madison, WI 53708-8190.

Medicare Coordinator, Nationwide Mutual Insurance Co., P.O. Box 16788, 1 Nationwide Plaza, Columbus, OH 43216-6788.

Medicare Coordinator, Arkansas B/S, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Arkansas--New Mexico, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Palmetto GBA--DMERC, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Trailblazer Health Enterprises, 901 South Central Expressway, Richardson, TX 75080.

Medicare Coordinator, Nordian, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/S, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Kansas B/S--NE, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0239.

Medicare Coordinator, Montana B/S, P.O. Box 4309, Helena, MT 59601.

Medicare Coordinator, Nordian, 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Noridian Bcbsnd (C0), 730 N. Simms #100, Golden, CO 80401-4730.

Medicare Coordinator, Noridian Bcbsnd (WY), 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Utah B/S, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Transamerica Occidental, P.O. Box 54905, Los Angeles, CA 90054-4905.

Medicare Coordinator, NHIC--California, 450 W. East Avenue, Chico, CA 95926.

Medicare Coordinator, Cigna, Suite 254, 3150 Lakeharbor, Boise, ID 83703.

Medicare Coordinator, Cigna, Suite 506, 2 Vantage Way, Nashville, TN 37228.

Payment Safeguard Contractors

Medicare Coordinator, Aspen Systems Corporation, 2277 Research Blvd., Rockville, MD 20850.

Medicare Coordinator, DynCorp Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Reston, VA 20190-6017.

Medicare Coordinator, Lifecare Management Partners Mutual of Omaha Insurance Co., 6601 Little River Turnpike, Suite 300, Mutual of Omaha Plaza, Omaha, NE 68175.

Medicare Coordinator, Reliance Safeguard Solutions, Inc., P.O. Box 30207, 400 South Salina Street, 2890 East Cottonwood Pkwy., Syracuse, NY 13202.

Medicare Coordinator, Science Applications International, Inc., 6565 Arlington Blvd. P.O. Box 100282, Falls Church, VA.

Medicare Coordinator, California Medical Review, Inc., Integriguard Division Federal Sector Civil Group One, Sansome Street, San Francisco, CA 94104-4448.

Medicare Coordinator, Computer Sciences Corporation, Suite 600, 3120 Timanus Lane, Baltimore, MD 21244.

Medicare Coordinator, Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Plano, TX 75204.

Medicare Coordinator, TriCenturion, L.L.C., P.O. Box 100282, Columbia, SC 29202.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at CMS Host Sites located in Birmingham, Alabama, and Dallas, Texas.

The system contains information on Medicare beneficiaries, on whose behalf providers have submitted claims for reimbursement on a reasonable cost basis under Medicare Part A and B, or are eligible, and/or individuals whose enrollment in an employer group health benefits plan covers the beneficiary.

Information contained in this system consist of billing for medical and other health care services, uniform bill for provider services or equivalent data in an electronic format, and Medicare Secondary Payer (MSP) records containing other third party liability insurance information necessary for appropriate Medicare claims payment and other documents used to support payments to beneficiaries and providers of services. These forms contain the beneficiary's name, sex, health insurance claim number (HIC), address, date of birth, medical record number, prior stay information, provider name and address, physician's name, and/or identification number, warranty information when pacemakers are implanted or explanted, date of admission or discharge, other health insurance, diagnosis, surgical procedures, and a statement of services rendered for related charges and other data needed to substantiate claims.

Authority for the maintenance of this system of records is given under the authority of sections 1816, and 1874 of Title XVIII of the Social Security Act (42 United States Code (U.S.C.) 1395h, and 1395kk).

The primary purpose of the system of records is to properly pay medical insurance benefits to or on behalf of entitled beneficiaries. Information in this system will also be released to: (1) Support regulatory and policy functions performed within the Agency or by a contractor, consultant, or grantee; (2) assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent; (3) assist third party contacts; (4) assist providers and suppliers of services directly or through fiscal intermediaries or carriers; (5) support Quality Improvement Organizations (QIO) or Quality Review Organizations; (6) assist insurance companies and other groups providing protection for their enrollees, or who are primary payers to Medicare in accordance with 42 U.S.C. 1395y (b); (7) support an individual or organization for research, evaluation, or epidemiological projects; (8) support litigation involving the Agency related to this system of records; and (9) combat fraud, waste, and abuse in certain Federally-funded health care programs.

A. Entities Who May Receive Disclosures Under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the CWF without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We propose to establish or modify the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent pursuant to agreements with CMS to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. assist Federal/State Medicaid programs within the State.

3. To third party contacts (without the consent of the individuals to whom the information pertains) in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and,

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: The individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exist, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. the data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program; and the amount of reimbursement; any case in which the evidence is being reviewed as a result of suspected fraud, waste, and abuse, program integrity, quality appraisal, or evaluation and measurement of program activities.

4. To providers and suppliers of services dealing through fiscal intermediaries or carriers for the administration of Title XVIII of the Act.

5. To Quality Improvement Organizations ( QIO) in connection with review of claims, or in connection with studies or other review activities, conducted pursuant to Part A and Part B of Title XI of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

6. To insurance companies, underwriters, third party administrators (TPA), employers, self-insurers, group health plans, health maintenance organizations (HMO), health and welfare benefit funds, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, liability insurers, no-fault medical automobile insurers, workers' compensation carriers or plans, other groups providing protection against medical expenses without the beneficiary's authorization, and any entity having knowledge of the occurrence of any event affecting (a) An individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the MSP provision at 42 U.S.C. 1395y (b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. utilize the information solely for the purpose of processing the individual's insurance claims; and

c. safeguard the confidentiality of the data and prevent unauthorized access.

7. To an individual or organization for research, evaluation, or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

8. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. any employee of the Agency in his or her official capacity, or

c. any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records is deemed by the Agency to be for a purpose that is compatible with the purposes for which the Agency collected the records.

9. To a CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS- administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

10. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Circumstances Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 Federal Register 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

Records are maintained on paper, computer diskette and on magnetic storage media.

Information can be retrieved by the beneficiary's name, HIC, and assigned unique physician identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers. Records are closed at the end of the calendar year in which paid, then destroyed 6 years and 3 months after final payment/action. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Systems Operations, Business Applications Management Group, Office of Information Services, CMS, Room N2- 08-18, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, assigned card key number, and building/secure area, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources of information contained in this records system is furnished by the individual. In most cases, the identifying information is provided to the physician by the individual. Information is obtained from other CMS systems of records and data systems: Health Insurance Master Record, Intermediary Medicare Claims Records, Carrier Medicare Claims Records, MSP Record, Third Party Liability Record, Medicare Entitlement Record, Health Maintenance Organization Record, Hospice Record, and in the case of some MSP situations, through third party contacts. The medical information is provided by the providers of medical services.

None.

71 FR 64955 11/6/06; 74 FR 30606 6/26/09; 78 FR 23938 4/23/13; 78 FR 32257 5/29/13.

Appendix A. Health Insurance Claims

Medicare records are maintained at the HCFA Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the HCFA Regional Office (see section 2 below for addresses). Medicare claims records are also maintained by private insurance organizations who share in administering provisions of the health insurance programs. These private insurance organizations, referred to as carriers and intermediaries, are under contract to the Health Care Financing Administration and the Social Security Administration to perform specific task in the Medicare program (see section three below for addresses for intermediaries, section four addresses the carriers, and section five addresses the Payment Safeguard Contractors.

1. Central Office Address .

HCFA Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

2. HCFA Regional Offices .

Boston Region--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

New York Region--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007, Office Hours: 8:30 a.m.-5 p.m.

Philadelphia Region--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours:8:30 a.m.-5 p.m.

Atlanta Region--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223, Office Hours: 8:30 a.m.-4:30 p.m.

Chicago Region--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A-824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

Dallas Region--Arkansas, Louisiana, New Mexico, Oklahoma, Texas, 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m-4:30 p.m.

Kansas City Region--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street--Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

Denver Region--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout St--Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

San Francisco Region--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

Seattle Region--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours 8 a.m.-4:30 p.m.

3. Intermediary Addresses (Hospital Insurance) .

Medicare Coordinator, Assoc. Hospital Serv. Maine (ME BC), 2 Gannett Drive South, Portland, ME 04106-6911.

Medicare Coordinator, Anthem New Hampshire, 300 Goffs Falls Road, Manchester, NH 03111-0001.

Medicare Coordinator, BC/BS Rhode Island (RI BC), 444 Westminster Street, Providence, RI 02903-3279.

Medicare Coordinator, Empire Medicare Services, 400 S. Salina Street, Syracuse, NY 13202.

Medicare Coordinator, Cooperativa, P.O. Box 363428, San Juan, PR 00936-3428.

Medicare Coordinator, Maryland B/C, P.O. Box 4368, 1946 Greenspring Ave., Timonium, MD 21093.

Medicare Coordinator, Highmark, P5103, 120 Fifth Avenue Place, Pittsburgh, PA 15222-3099.

Medicare Coordinator, United Government Services, 1515 N. Rivercenter Dr., Milwaukee, WI 53212.

Medicare Coordinator, Alabama B/C, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Florida B/C, 532 Riverside Ave., Jacksonville, FL 32202-4918.

Medicare Coordinator, Georgia B/C, P.O. Box 9048, 2357 Warm Springs Road, Columbus, GA 31908.

Medicare Coordinator, Mississippi B/C } MS, P.O. Box 23035, 3545 Lakeland Drive, Jackson, MI 39225-3035.

Medicare Coordinator, North Carolina B/C, P.O. Box 2291, Durham, NC 27702-2291.

Medicare Coordinator, Palmetto GBA A/RHHI, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Tennessee B/C, 801 Pine Street, Chattanooga, TN 37402-2555.

Medicare Coordinator, Anthem Insurance Co. (Anthm In), P.O. Box 50451, 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Arkansas B/C, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Group Health of Oklahoma, 1215 South Boulder, Tulsa, OK 74119-2827.

Medicare Coordinator, TrailBlazer, P.O. Box 660156, Dallas, TX 75266-0156.

Medicare Coordinator, Cahaba GBA, Station 7, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/C, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Nebraska B/C, P.O. BOX 3248, Main PO Station, Omaha, NE 68180-0001.

Medicare Coordinator, Mutual of Omaha, P.O. Box 1602, Omaha, NE 68101.

Medicare Coordinator, Montana B/C, P.O. Box 5017, Great Falls Div., Great Falls, MT 59403-5017.

Medicare Coordinator, Noridian, 4510 13th Avenue S.W., Fargo, ND 58121-0001.

Medicare Coordinator, Utah B/C, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Wyoming B/C, 4000 House Avenue, Cheyenne, WY 82003.

Medicare Coordinator, Arizona B/C, P.O. Box 37700, Phoenix, AZ 85069.

Medicare Coordinator, UGS, P.O. Box 70000, Van Nuys, CA 91470-0000.

Medicare Coordinator, Regents BC, P.O. Box 8110 M/S D-4A, Portland, OR 97207-8110.

Medicare Coordinator, Premera BC, P.O. Box 2847, Seattle, WA 98111-2847.

4. Medicare Carriers .

Medicare Coordinator, NHIC, 75 Sargent William Terry Drive, Hingham, MA 02044.

Medicare Coordinator, B/S Rhode Island (RI BS), 444 Westminster Street, Providence, RI 02903-2790.

Medicare Coordinator, Trailblazer Health Enterprises, Meriden Park, 538 Preston Ave., Meriden, CT 06450.

Medicare Coordinator, Upstate Medicare Division, 11 Lewis Road, Binghamton, NY 13902.

Medicare Coordinator, Empire Medicare Services, 2651 Strang Blvd., Yorktown Heights, NY, 10598.

Medicare Coordinator, Empire Medicare Services, NJ, 300 East Park Drive, Harrisburg, PA 17106.

Medicare Coordinator, Triple S, 1B1441 F.D., Roosvelt Ave., Guaynabo, PR 00968.

Medicare Coordinator, Group Health Inc., 4th Floor, 88 West End Avenue, New York, NY 10023.

Medicare Coordinator, Highmark, P.O. Box 89065, 1800 Center Street, Camp Hill, PA 17089-9065.

Medicare Coordinator, Trailblazers Part B, 11150 McCormick Drive, Executive Plaza 3 Suite 200, Hunt Valley, MD 21031.

Medicare Coordinator, Trailblazer Health Enterprises, Virginia, P.O. Box 26463, Richmond, VA 23261-6463. United Medicare Coordinator, Tricenturion, 1 Tower Square, Hartford, CT 06183.

Medicare Coordinator, Alabama B/S, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Cahaba GBA, 12052 Middleground Road, Suite A, Savannah, GA 31419.

Medicare Coordinator, Florida B/S, 532 Riverside Ave, Jacksonville, FL 32202-4918.

Medicare Coordinator, Administar Federal, 9901 Linnstation Road, Louisville, KY 40223.

Medicare Coordinator, Palmetto GBA, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, CIGNA, 2 Vantage Way, Nashville, TN 37228.

Medicare Coordinator, Railroad Retirement Board, 2743 Perimeter Parkway, Building 250, Augusta, GA 30999.

Medicare Coordinator, Cahaba GBA, Jackson Miss, P.O. Box 22545, Jackson, MS 39225-2545.

Medicare Coordinator, Adminastar Federal (IN), 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Wisconsin Physicians Service, P.O. Box 8190, Madison, WI 53708-8190.

Medicare Coordinator, Nationwide Mutual Insurance Co., P.O. Box 16788, 1 Nationwide Plaza, Columbus, OH 43216-6788.

Medicare Coordinator, Arkansas B/S, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Arkansas-New Mexico, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Palmetto GBA--DMERC, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Trailblazer Health Enterprises, 901 South Central Expressway, Richardson, TX 75080.

Medicare Coordinator, Nordian, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/S, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Kansas B/S--NE, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0239.

Medicare Coordinator, Montana B/S, P.O. Box 4309, Helena, MT 59601.

Medicare Coordinator, Nordian, 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Noridian Bcbsnd (CO), 730 N. Simms 1B100, Golden, CO 80401-4730.

Medicare Coordinator, Noridian Bcbsnd (WY), 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Utah B/S, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Transamerica Occidental, P.O. Box 54905, Los Angeles, CA 90054-4905.

Medicare Coordinator, NHIC--California, 450 W. East Avenue, Chico, CA 95926.

Medicare Coordinator, Cigna, Suite 254, 3150 Lakeharbor, Boise, ID 83703.

Medicare Coordinator, Cigna, Suite 506, 2 Vantage Way, Nashville, TN 37228.

Payment Safeguard Contractors .

Medicare Coordinator, Aspen Systems Corporation, 2277 Research Blvd., Rockville, MD 20850.

Medicare Coordinator, DynCorp Electronic Data Systems (EDS), 11710 Plaza America Drive 5400 Legacy Drive, Reston, VA 20190- 6017.

Medicare Coordinator, Lifecare Management Partners Mutual of Omaha Insurance Co., 6601 Little River Turnpike, Suite 300, Mutual of Omaha Plaza, Omaha, NE 68175.

Medicare Coordinator, Reliance Safeguard Solutions, Inc., P.O. Box 30207, 400 South Salina Street, 2890 East Cottonwood Pkwy., Syracuse, NY 13202.

Medicare Coordinator, Science Applications International, Inc., 6565 Arlington Blvd. P.O. Box 100282, Falls Church, VA.

Medicare Coordinator, California Medical Review, Inc., Integriguard Division Federal Sector Civil Group, One Sansome Street, San Francisco, CA 94104-4448.

Medicare Coordinator, Computer Sciences Corporation, Suite 600, 3120 Timanus Lane, Baltimore, MD 21244.

Medicare Coordinator, Electronic Data Systems (EDS), 11710 Plaza America Drive, 5400 Legacy Drive, Plano, TX 75204.

Medicare Coordinator, TriCenturion, L.L.C., P.O. Box 10028.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850, and at various other remote locations.

Individuals alleged to have violated provision of the Act related to Medicare (Title XVIII), Medicaid (Title XIX), HMO/Managed Care (Title XX), and Children's Health Insurance Program (Title XXI) or other criminal/civil statutes as they pertain to the Act programs where substantial basis for criminal/civil prosecution exist, defendants in criminal prosecution cases, or persons alleged to have abused the programs.

The system contains the name, work address, work phone number, social security number, Unique Provider Identification Number (UPIN), and other identifying demographics of individuals alleged to have violated provision of the Act or persons alleged to have abused Medicare and/or Medicaid programs.

This system was established under the authority of sections 205, 1106, 1107, 1815, 1816, 1833, 1842, 1872, 1874, 1876, 1877, and 1902 of the Act (Title 42 United States Code (U.S.C.) sections 405, 1306, 1307, 1395g, 1395h, 1395l, 1395u, 1395ii, 1395kk, 1395mm, 1395nn, and 1396a).

The primary purpose of the system of records is to collect and maintain information to: (1) Identify if a violation(s) of a provision of the Social Security Act (the Act) or a related penal or civil provision of the U.S.C. related to Medicare (Title XVIII), Medicaid (Title XIX), HMO/Managed Care (Title XX), and Children's Health Insurance Program (Title XXI) have been committed; (2) determine if HHS has made a proper payment as prescribed under applicable sections of the Act; (3) determine whether these programs have been abused; and (4) coordinate investigations related to Medicare, Medicaid, HMO/Managed Care, and Children's Health Insurance Program; (5) prevent duplications investigatory efforts; and (5) provide case file material to the HHS Office of the Inspector General when a case is referred for fraud investigation. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant, or a CMS grantee; (2) assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) support litigation involving the Agency related to this system of records; and (4) combat fraud, waste, and abuse in certain health care programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or grantees that have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need access to the records in order to assist CMS.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. assist Federal/state Medicaid programs within the state.

3. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. the Agency or any component thereof, or

b. any employee of the Agency in his or her official capacity, or

c. any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

4. To support a CMS contractor that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS- administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such programs.

5. To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, and abuse in a program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

All records are accessible by UPIN/NPI or alpha (name) search. This system supports both on-line and batch access.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained for a period of 15 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Program Integrity Group, Office of Financial Management, CMS, Mail Stop C3-02- 16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, social security number (SSN) or UPIN, address, date of birth, and sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources of information contained in this records system include data collected from FID computer files as transmitted by the contractor sites.

HHS claims exemption of certain records (case files on active fraud investigations) in the system from notification and access procedures under 5 U.S.C. 522a (k) (2) inasmuch as these records are investigatory materials compiled for program (law) enforcement in anticipation of a criminal or administrative proceedings. (See Department Regulation (45 CFR 5b.11))

71 FR 77759 12/27/06; 78 FR 32257 5/29/13.

Appendix A. Health Insurance Claims

Medicare records are maintained at the CMS Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the CMS Regional Office (see section 2 below for addresses). Medicare claims records are also maintained by private insurance organizations that share in administering provisions of the health insurance programs. These private insurance organizations, referred to as carriers and intermediaries, are under contract to the Centers for Medicare & Medicaid Services and the Social Security Administration to perform specific task in the Medicare program (see section three below for addresses for intermediaries, section four addresses the carriers, and section five addresses the Payment Safeguard Contractors.

I. Central Office Address

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

II. CMS Regional Offices

Boston Region--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

New York Region--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007, Office Hours: 8:30 a.m.-5 p.m.

Philadelphia Region--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours: 8:30 a.m.-5 p.m.

Atlanta Region--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223, Office Hours: 8:30 a.m.-4:30 p.m.

Chicago Region--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A-824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

Dallas Region--Arkansas, Louisiana, New Mexico, Oklahoma, Texas, 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m-4:30 p.m.

Kansas City Region--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

Denver Region--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout St Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

San Francisco Region--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

Seattle Region--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours 8 a.m.-4:30 p.m

III. Intermediary Addresses (Hospital Insurance)

Medicare Coordinator, Assoc. Hospital Serv. Maine (ME BC), 2 Gannett Drive South, Portland, ME 04106-6911.

Medicare Coordinator, Anthem New Hampshire, 300 Goffs Falls Road, Manchester, NH 03111-0001.

Medicare Coordinator, BC/BS Rhode Island (RI BC), 444 Westminster Street, Providence, RI 02903-3279.

Medicare Coordinator, Empire Medicare Services, 400 S. Salina Street, Syracuse, NY 13202.

Medicare Coordinator, Cooperativa, PO Box 363428, San Juan, PR 00936-3428.

Medicare Coordinator, Maryland B/C, PO Box 4368, 1946 Greenspring Ave., Timonium, MD 21093.

Medicare Coordinator, Highmark, P5103, 120 Fifth Avenue Place, Pittsburgh, PA 15222-3099.

Medicare Coordinator, United Government Services, 1515 N. Rivercenter Dr., Milwaukee, WI 53212.

Medicare Coordinator, Alabama B/C, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Florida B/C, 532 Riverside Ave., Jacksonville, FL 32202-4918.

Medicare Coordinator, Georgia B/C, PO Box 9048, 2357 Warm Springs Road, Columbus, GA 31908.

Medicare Coordinator, Mississippi B/C B MS, PO Box 23035, 3545 Lakeland Drive, Jackson, MI 39225-3035.

Medicare Coordinator, North Carolina B/C, PO Box 2291, Durham, NC 27702-2291.

Medicare Coordinator, Palmetto GBA A/RHHI, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Tennessee B/C, 801 Pine Street, Chattanooga, TN 37402-2555.

Medicare Coordinator, Anthem Insurance Co. (Anthm IN), PO Box 50451, 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Arkansas B/C, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Group Health of Oklahoma, 1215 South Boulder, Tulsa, OK 74119-2827.

Medicare Coordinator, Trailblazer, PO Box 660156, Dallas, TX 75266-0156.

Medicare Coordinator, Cahaba GBA, Station 7, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/C, PO Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Nebraska B/C, PO Box 3248, Main PO Station, Omaha, NE 68180-0001.

Medicare Coordinator, Mutual of Omaha, PO Box 1602, Omaha, NE 68101.

Medicare Coordinator, Montana B/C, PO Box 5017, Great Falls Div., Great Falls, MT 59403-5017.

Medicare Coordinator, Noridian, 4510 13th Avenue SW., Fargo, ND 58121-0001.

Medicare Coordinator, Utah B/C, PO Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Wyoming B/C, 4000 House Avenue, Cheyenne, WY 82003.

Medicare Coordinator, Arizona B/C, PO Box 37700, Phoenix, AZ 85069.

Medicare Coordinator, UGS, PO Box 70000, Van Nuys, CA 91470-0000.

Medicare Coordinator, Regents BC, PO Box 8110 M/S D-4A, Portland, OR 97207-8110.

Medicare Coordinator, Premera BC, PO Box 2847, Seattle, WA 98111-2847.

IV. Medicare Carriers

Medicare Coordinator, NHIC, 75 Sargent William Terry Drive, Hingham, MA 02044.

Medicare Coordinator, B/S Rhode Island (RI BS), 444 Westminster Street, Providence, RI 02903-2790.

Medicare Coordinator, Trailblazer Health Enterprises, Meriden Park, 538 Preston Ave., Meriden, CT 06450.

Medicare Coordinator, Upstate Medicare Division, 11 Lewis Road, Binghamton, NY 13902.

Medicare Coordinator, Empire Medicare Services, 2651 Strang Blvd., Yorktown Heights, NY, 10598.

Medicare Coordinator, Empire Medicare Services, NJ, 300 East Park Drive, Harrisburg, PA 17106.

Medicare Coordinator, Triple S, #1441 F.D., Roosvelt Ave., Guaynabo, PR 00968.

Medicare Coordinator, Group Health Inc., 4th Floor, 88 West End Avenue, New York, NY 10023.

Medicare Coordinator, Highmark, PO Box 89065, 1800 Center Street, Camp Hill, PA 17089-9065.

Medicare Coordinator, Trailblazers Part B, 11150 McCormick Drive, Executive Plaza 3 Suite 200, Hunt Valley, MD 21031.

Medicare Coordinator, Trailblazer Health Enterprises, Virginia, PO Box 26463, Richmond, VA 23261-6463. United Medicare Coordinator, Tricenturion, 1 Tower Square, Hartford, CT 06183.

Medicare Coordinator, Alabama B/S, 450 Riverchase Parkway East, Birmingham, AL 35298.

Medicare Coordinator, Cahaba GBA, 12052 Middleground Road, Suite A, Savannah, GA 31419.

Medicare Coordinator, Florida B/S, 532 Riverside Ave, Jacksonville, FL 32202-4918.

Medicare Coordinator, Administar Federal, 9901 Linnstation Road, Louisville, KY 40223.

Medicare Coordinator, Palmetto GBA, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, CIGNA, 2 Vantage Way, Nashville, TN 37228.

Medicare Coordinator, Railroad Retirement Board, 2743 Perimeter Parkway, Building 250, Augusta, GA 30999.

Medicare Coordinator, Cahaba GBA, Jackson Miss, PO Box 22545, Jackson, MI 39225-2545.

Medicare Coordinator, Administar Federal (IN), 8115 Knue Road, Indianapolis, IN 46250-1936.

Medicare Coordinator, Wisconsin Physicians Service, PO Box 8190, Madison, WI 53708-8190.

Medicare Coordinator, Nationwide Mutual Insurance Co., PO Box 16788, 1 Nationwide Plaza, Columbus, OH 43216-6788.

Medicare Coordinator, Arkansas B/S, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Arkansas-New Mexico, 601 Gaines Street, Little Rock, AR 72203.

Medicare Coordinator, Palmetto GBA-DMERC, 17 Technology Circle, Columbia, SC 29203-0001.

Medicare Coordinator, Trailblazer Health Enterprises, 901 South Central Expressway, Richardson, TX 75080.

Medicare Coordinator, Nordian, 636 Grand Avenue, Des Moines, IA 50309-2551.

Medicare Coordinator, Kansas B/S, PO Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

Medicare Coordinator, Kansas B/S-NE, PO Box 239, 1133 Topeka Ave., Topeka, KS 66629-0239.

Medicare Coordinator, Montana B/S, PO Box 4309, Helena, MT 59601.

Medicare Coordinator, Nordian, 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Noridian BCBSND (C0), 730 N. Simms #100, Golden, CO 80401-4730.

Medicare Coordinator, Noridian BCBSND (WY), 4305 13th Avenue South, Fargo, ND 58103-3373.

Medicare Coordinator, Utah B/S, PO Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

Medicare Coordinator, Transamerica Occidental, PO Box 54905, Los Angeles, CA 90054-4905.

Medicare Coordinator, NHIC-California, 450 W. East Avenue, Chico, CA 95926.

Medicare Coordinator, Cigna, Suite 254, 3150 Lakeharbor, Boise, ID 83703.

Medicare Coordinator, Cigna, Suite 506, 2 Vantage Way, Nashville, TN 37228.

V. Payment Safeguard Contractors

Medicare Coordinator, Aspen Systems Corporation, 2277 Research Blvd., Rockville, MD 20850.

Medicare Coordinator, DynCorp Electronic Data Systems (EDS, 11710 Plaza America Drive 5400 Legacy Drive, Reston, VA 20190-6017.

Medicare Coordinator, Lifecare Management Partners Mutual of Omaha Insurance Co. 6601 Little River Turnpike, Suite 300 Mutual of Omaha Plaza, Omaha, NE 68175.

Medicare Coordinator, Reliance Safeguard Solutions, Inc., PO Box 30207 400 South Salina Street, 2890 East Cottonwood Pkwy. Syracuse, NY 13202.

Medicare Coordinator, Science Applications International, Inc., 6565 Arlington Blvd., PO Box 100282, Falls Church, VA.

Medicare Coordinator, California Medical Review, Inc., Integriguard Division Federal Sector Civil Group, One Sansome Street, San Francisco, CA 94104-4448.

Medicare Coordinator, Computer Sciences Corporation, Suite 600 3120 Timanus Lane, Baltimore, MD 21244.

Medicare Coordinator, Electronic Data Systems (EDS), 11710 Plaza America Drive 5400 Legacy Drive, Plano, TX 75204.

Medicare Coordinator, TriCenturion, L.L.C., PO Box 100282, Columbia, SC 29202.

Level Three Privacy Act Sensitive.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850, and at various other remote locations.

The system contains information on residents in all long-term care facilities that are Medicare and/or Medicaid certified, including private pay individuals including but not limited to Medicare enrollment and entitlement, and Medicare Secondary Payer (MSP) data containing other party liability insurance information necessary for appropriate Medicare claim payment.

The system also contains the individual's health insurance numbers, name, geographic location, race/ethnicity, sex, and date of birth, hospice election, premium billing and collection, direct billing information, and group health plan enrollment data.

Authority for maintenance of the system is given under of §§ 1102(a), 1819(b)(3)(A), 1819(f), 919(b)(3)(A), 1919(f), and 1864 of the Social Security Act.

The primary purpose of the system is to aid in the administration of the survey and certification, and payment of Medicare Long Term Care services, which include skilled nursing facilities (SNFs), nursing facilities (NFs) SNFs/NFs, and hospital swing beds, and to study the effectiveness and quality of care given in those facilities. Information in this system will also be used to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor or consultant; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) support Quality Improvement Organizations (QIO); (4) assist other insurers for processing individual insurance claims; (5) facilitate research on the quality and effectiveness of care provided, as well as payment related projects; (6) support litigation involving the Agency; (7) assist national accrediting organizations; and (8) combat fraud, waste, and abuse in certain health benefits programs.

A. Entities Who May Receive Disclosures under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the MDS without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We have provided a brief explanation of the routine uses we are proposing to establish or modify for disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or grantees who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits.

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities, conducted pursuant to Part B of Title XI of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

4. To assist insurance companies, underwriters, third party administrators (TPA), employers, self-insurers, group health plans, health maintenance organizations (HMO), health and welfare benefit funds, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, liability insurers, no-fault medical automobile insurers, workers compensation carriers or plans, other groups providing protection against medical expenses without the beneficiary's authorization, and any entity having knowledge of the occurrence of any event affecting (a) an individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the MSP provision at 42 U.S.C. 1395y (b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. Utilize the information solely for the purpose of processing the individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

5. To support an individual or organization for research, evaluation, or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

6. To assist the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. Any employee of the Agency in his or her official capacity, or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

7. To support a national accrediting organization whose accredited facilities are presumed to meet certain Medicare requirements for inpatient hospital (including swing beds) services; e.g., the Joint Commission for the Accrediting of Healthcare Organizations (JCAHO). Information will be released to accrediting organizations only for those facilities that they accredit and that participate in the Medicare program.

8. To assist CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS- administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

9. To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Circumstances Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

All Medicare records are accessible by HIC number or alpha (name) search. This system supports both online and batch access.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent NIST publications; the HHS Automated Information Systems Security Handbook and the CMS Information Security Handbook.

• "Records will be retained until an approved disposition authority is obtained from the National Archives and Records Administration."

Director, Survey and Certification Group, Center for Medicaid and State Operations, CMS, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, health insurance claim number, address, date of birth, and sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5 (a) (2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with department regulation 45 CFR 5b.7).

The data contained in these records are furnished by the individual, or in the case of some MSP situations, through third party contacts. There are cases, however, in which the identifying information is provided to the physician by the individual; the physician then adds the medical information and submits the bill to the carrier for payment. Updating information is also obtained from the Railroad Retirement Board, and the Master Beneficiary Record maintained by the Social Security Administration.

None.

72 FR 12801 3/19/07; 74 FR 30606 6/26/09; 78 FR 23938 4/23/13; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various other contractor locations.

The system contains information on Federal employees, contractors, consultants or grantees, Government Services Administration employees, and contract guards working in CMS's central office complex in Baltimore, Maryland, and other CMS and HHS Federal buildings.

The system contains the name of the employee or other authorized individuals, social security number (SSN), identification card number, building/work location, phone number, position, title, grade, supervisor's name and telephone number.

Authority for maintenance of this system of records is given under Section 5 United States Code (U.S.C.) 301, 40 USCA 121(c)(2), and 41 Code of Federal Register (CFR) 102-74.375.

The primary purpose of the SOR is to issue and control United States Government building passes issued to all CMS employees and non- CMS employees who require continuous access to CMS buildings in Baltimore and other CMS and HHS facilities. Information retrieved from this SOR will be used to: (1) Support regulatory and policy functions performed within the Agency or by a contractor, consultant, or grantee; (2) assist other Federal agencies with activities related to this system; and (3) support litigation involving the Agency.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To Agency contractors, consultants, or grantees who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist other Federal agencies with activities related to this system and who need to have access to the records in order to perform the activity.

3. To the Department of Justice (DOJ), court or adjudicatory body when

a. the Agency or any component thereof; or

b. any employee of the Agency in his or her official capacity; or

c. any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee; or

d. the United States Government;

is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., name or SSN.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources, also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 25 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

CMS obtains information in this system from the individuals who are covered by this system.

None.

72 FR 65741 11/23/07.

Level Three Privacy Act Sensitive Data.

National Supplier Clearing House, Palmetto Government Benefits Administrators, Interstate 20 at Alpine Road, Columbia, South Carolina 29219.

MSIF contains information on owners and managing employees of suppliers of Durable Medicare Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS), which provide service or supplies to Medicare beneficiaries.

The system contains, but is not limited to: business names and addresses, owner's name, owner's social security number (SSN), Unique Physician/Practitioner Identification Number (UPIN), managing employee's name, employer identification number or other tax reporting number, and the carrier assigned billing numbers.

Authority for maintenance of the system is given under sections 1124, 1124A, 1126, and 1833(e) of the Social Security Act (Title 42, United States Code (U.S.C.) §§ 1320a-3, 1320a-3a, 1320a-5, and 13951(e)).

The primary purpose of this modified system is to identify supplier businesses that are eligible to receive Medicare payments for items and services furnished to Medicare beneficiaries as well as owners, managing employees, and subcontractors in those suppliers. The information retrieved from this system of records will also be disclosed to: (1) support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant, or grantee; (2) support litigation involving the agency; and (3) combat fraud, waste, and abuse in Federally-funded health benefits programs.

B. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, or consultants, or to a grantee of a CMS-administered grant program who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

3. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

4. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

C. Additional Provisions Affecting Routine Use Disclosures:

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that an individual could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on computer diskette and magnetic storage media.

Information can be retrieved by the business names and addresses, owner's name, owner's SSN, UPIN, managing employee's name, employer identification number or other tax reporting number, and the Medicare contractor assigned billing numbers.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained by CMS for a period not to exceed 15 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Provider/Supplier Enrollment, Program Integrity Group, Office of Financial Management, CMS, Mail Stop C3- 02-16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7.)

Sources of information contained in this records system include data collected from the application which the supplier completes to obtain Medicare billing numbers. (CMS Form 192--prior to August 1996, CMS Form 888--April 1996 through May 1997, and CMS Form 855S --after May 1997).

None.

71 FR 70404 12/4/06; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various other contractor locations.

This system will collect and maintain individually identifiable and other data collected on Medicare beneficiaries and providers participating in the study.

Data will be collected from Medicare administrative and claims records, patient medical charts, physician records, and via survey instruments administered to beneficiaries and providers. The collected information will include, but is not limited to Medicare claims and eligibility data, name, address, telephone number, health insurance claims number, race/ethnicity, gender, date of birth, provider name, unique provider identification number, medical record number, as well as clinical, demographic, health/well-being, family and/or caregiver contact information, and background information relating to Medicare issues.

The statutory authority for this system is given under the provisions of Section 1862(a)(1)(A) of the Social Security Act, and 42 U.S.C. 1395, which states that Medicare must provide coverage for items and services that are "reasonable and necessary for the diagnosis or treatment of illness or injury or to improve the functioning of a malformed body member."

The primary purpose of the system of records is to collect and maintain data that will allow CMS to provide secure data on participants in the randomized phase of the study, pay claims, and to monitor and evaluate the clinical trial. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement and policy functions performed within the agency or by a contractor, consultant, or CMS grantee; (2) assist another Federal or state agency to enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (3) support research, evaluation, or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects; (4) support litigation involving the agency; and (5) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants or CMS grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency to:

a. contribute to the accuracy of CMS's proper payment of Medicare benefits;

b. enable such agency to administer a Federal health benefits program, or, as necessary, to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

c. assist Federal/state Medicaid programs within the state.

3. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

4. To the Department of Justice (DOJ), court or adjudicatory body when:

a. the agency or any component thereof, or

b. any employee of the agency in his or her official capacity, or

c. any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government, is a party to litigation or has an interest in such litigation, and, by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

5. To a CMS contractor (including, but not necessarily limited to, fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such program.

6. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a) (1).)

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., beneficiary name or HICN, and unique provider identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 25 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Medical and Surgical Services, Coverage and Analysis Group, Office of Clinical Standards and Quality, CMS, Room C4-10-10, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a) (2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

The data collected and maintained in this system are retrieved from Medicare enrollment records, Medicare beneficiaries or proxies, and medical providers (such as physicians, medical facilities, home health care providers) for a sample of enrollees.

None.

72 FR 47045 8/22/07.

Level Three Privacy Act Sensitive Data .

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and South Building, Baltimore, Maryland 21244-1850.

PECOS will collect information provided by an applicant related to identity, qualifications, practice locations, ownership, billing agency information, reassignment of benefits, electronic funds transfer, the national provider identifier (NPI) and related organizations. PECOS will also maintain information on business owners, chain home offices and provider/chain associations, managing/directing employees, partners, authorized and delegated officials, supervising physicians of the supplier, staffing companies, ambulance vehicle information, and/or interpreting physicians and related technicians.

This system of records will contain the names, social security numbers (SSN), date of birth (DOB), and employer identification numbers (EIN) and NPI's for each disclosing entity, owners, as well as managing/directing employees, with 5 percent or more ownership or control interest. Managing/directing employees include general manager, business managers, administrators, directors, and other individuals who exercise operational or managerial control over the provider/supplier. The system will also contain Medicare identification numbers (i.e., UPIN, OSCAR, PIN and the NPI), demographic data, professional data, past and present business history as well as information regarding any adverse actions such as exclusions, sanctions, and felonious behavior.

The Authority for maintenance of the system is given under provisions of sections 1102(a) (Title 42 U.S.C. 1302(a)), 1128 (42 U.S.C 1320a-7), 1814(a)) (42 U.S.C. 1395f(a)(1), 1815(a) (42 U.S.C. 1395g(a)), 1833(e) (42 U.S.C. 1395I(3)), 1871 (42 U.S.C. 1395hh), and 1886(d)(5)(F), (42 U.S.C. 1395ww(d)(5)(F) of the Social Security Act; 1842(r) (42 U.S.C. 1395u(r)); section 1124(a)(1) (42 U.S.C. 1320a- 3(a)(1), and 1124A (42 U.S.C. 1320a-3a), section 4313, as amended, of the BBA of 1997; and section 31001(i) (31 U.S.C. 7701) of the DCIA (Pub. L. 104-134), as amended.

The primary purpose of the SOR is to: (1) Collect information for an applying provider/supplier and record the associations between the applicant and those who have an ownership or control interest in the entity; (2) permit informed enrollment decisions to be made based on past and present business history, any reported exclusions, sanctions and felonious behavior at their location or in multiple contractor jurisdictions; and, (3) ensure that correct payments are made under the Medicare program. Information retrieved from this SOR will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant, or CMS grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) assist an individual or organization for research, evaluation, or epidemiological projects; (5) support litigation involving the Agency; and (5) combat fraud, waste, and abuse in certain health benefits programs.

The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with federal funds, and/or

c. Evaluate and monitor the quality of home health care and contribute to the accuracy of health insurance operations.

3. To assist an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, or the restoration or maintenance of health, and for payment related projects.

4. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

5. To assist a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

6. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

Storage:

All records are stored on paper and magnetic disk.

Magnetic media records are retrieved by the name of the employees or other authorized individual and/or card key number. Paper records are retrieved alphabetically by name.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable data for a total period of 15 years from the date the information was collected.

Director, Division of Provider/Supplier Enrollment, Office of Financial Management, CMS, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, SSN, EIN, and for verification purposes, the subject individual's name (woman's maiden name, if applicable).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Information contained in this system is received from the Form(s) CMS 855A, "Medicare Enrollment Application for Institutional Providers," CMS 855B, "Medicare Enrollment Application for Clinic/Group Practices and Certain Other Providers," CMS 855I, "Medicare Enrollment Application for Physician and Non-Physician Practitioners," CMS 855R, "Medicare Enrollment Application for Reassignment of Medicare Benefits," and CMS 855S, "Medicare Enrollment Application for Durable Medial Equipment, Prosthetics, Orthotics, and Supplies (DMEPOS)."

None.

71 FR 60536 10/13/06; 74 FR 30606 6/26/09; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

RECON contains information concerning Medicare beneficiaries who have been enrolled in a managed care program and who have requested an appeal by CMS, or any person who acts on behalf of these beneficiaries.

Information in this system includes, but is not limited to, name, address, social security number (SSN), health insurance claim number (HICN), health insurance plan name and address, health insurance plan number, medical records and statement of fact, service request/claims data, date of service request/claim received by the health plan, dates of service, beneficiary enrollment form and disenrollment form, verification of enrollment status, date reconsideration request submitted to CMS, and dates of determination by plan and CMS.

Authority for maintenance of the system is given under §§ 1852, and 1876 of the Social Security Act (Title 42 U.S.C 1395w-22, and 1395mm).

The primary purpose of this modified system is to collect and maintain information necessary to process requests for reconsideration of service requests or claims by or on behalf of Medicare managed care enrollees, promote the effectiveness and integrity of the Medicare managed care program, and reply to future correspondence related to the case. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor or consultant; (2) assist another Federal or state agency; (3) assist third party contacts; (4) assist Quality Improvement Organizations; (5) support litigation involving the agency; and (6) combat fraud, waste, and abuse in Federally-funded health benefit programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants, or a grantee of a CMS-administered grant program, who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist another Federal and/or state agency to:

a. contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. assist Federal/state Medicaid programs within the state.

3. To assist a third party contact in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program.

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exist: the individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exists, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program, the amount of reimbursement, or any case in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of activities.

4. To assist Quality Improvement Organizations (QIO) in order to assist the QIO to perform Title XI and Title XVIII functions relating to assessing and improving quality of care.

5. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. the agency or any component thereof, or

b. any employee of the agency in his or her official capacity, or

c. any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To assist a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

7. To assist another Federal agency or an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures.

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that an individual could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on computer diskette and magnetic media.

Information can be retrieved by the name, SSN, and/or HICN of claimant.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will transfer to and maintain in an archival file for a total period not to exceed 7 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Appeals Policy, Medicare Enrollment & Appeals Group, Center for Beneficiary Choices, CMS, Mail Stop C2 -12-16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources on information contained in this records system is obtained from the reconsideration requests made by or on behalf of Medicare beneficiaries and from inquiries from congressional offices, health plans, providers, state insurance commissioners, state regulators, disenrollment surveys, Medicare carriers or intermediaries, and QIO records.

None.

71 FR 60153 10/12/06.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850, and at various other remote locations.

For purposes of this SOR, the system contains information related to individual health care providers who have been excluded from participation in Medicare and other Federal and State health care programs.

The system contains information such as other provider identifiers used by those individuals, names, demographic information, including, but not limited to gender and date of birth, provider taxonomy information, address data, contact information, and taxpayers identifying number.

Authority for maintenance of this system is given under §§ 1128 A and B, and 1156 of the Social Security Act.

The primary purpose of this system of records is to collect and maintain information on individuals that have been excluded from receiving Medicare payments for any item or service furnished during the period when excluded from participation in the Medicare program. Information maintained in this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by a contractor, consultant or CMS grantee; (2) assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent; (3) facilitate research on the quality and effectiveness of care provided, as well as epidemiological projects; (4) support litigation involving the Agency; and (5) combat fraud, waste and abuse in certain health benefits programs.

The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

To support Agency contractors, consultants, or CMS grantees that have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need access to the records in order to assist CMS.

To assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent to: Contribute to the accuracy of CMS's proper payment of Medicare benefits, enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or assist Federal/State Medicaid programs within the State.

To support an individual or organization for a research, evaluation, or epidemiological project related to the prevention of disease or disability or the restoration or maintenance of health.

To assist the Department of Justice (DOJ), court or adjudicatory body when:

The Agency or any component thereof, or any employee of the Agency in his or her official capacity, or any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

To support a CMS contractor that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS- administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in a program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

Storage:

All records are stored on magnetic media.

All records are accessible by UPIN/NPI or alpha (name) search. This system supports both on-line and batch access.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained for a period of 15 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Program Integrity Group, Office of Financial Management, CMS, Mail Stop C3-02-16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual health care provider should write to the system manager who will require the system name, National Provider Identifier, address, date of birth, and gender, and for verification purposes, the subject individual health care provider's name (woman's maiden name, if applicable), and social security number (SSN). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual health care provider should contact the systems manager named above, reasonably identify the record and specify the information to be contested, state the corrective action sought, and the reasons for the correction with supporting justification. (These procedures are in accordance with department regulation 45 CFR 5b.7).

The Office of the Inspector General Exclusion file, Online Survey Certification and Reporting System file, National Supplier Clearing House file, Unique Physician Identification Number Registry, Medicare Contractor Provider Files, and Social Security Administration records to assist in a determination of the excluded individual's employers.

None.

71 FR 70967 12/7/06; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various other contractor locations.

Information is collected on individuals age 65 or over who have been, or currently are, entitled to health insurance (Medicare) benefits under Title XVIII of the Act or under provisions of the Railroad Retirement Act, individuals under age 65 who have been, or currently are, entitled to such benefits on the basis of having been entitled for not less than 24 months to disability benefits under Title II of the Act or under the Railroad Retirement Act, individuals who have been, or currently are, entitled to such benefits because they have ESRD, individuals age 64 and 8 months or over who are likely to become entitled to health insurance (Medicare) benefits upon attaining age 65, and individuals under age 65 who have at least 21 months of disability benefits who are likely to become entitled to Medicare upon the 25th month of their being disabled.

The collected information will contain name, address, telephone number, health insurance claim (HIC) number, geographic location, race/ethnicity, sex, date of birth, as well as, background information relating to Medicare or Medicaid issues. The HELPLINE will also maintain a caller history for purposes of re-contacts by customer service representatives or CMS, contain information related to Medicare enrollment and entitlement, group health plan enrollment data, as well as, background information relating to Medicare or Medicaid issues.

Authority for maintenance of the system is given under sections 1102, 1804(b), and 1851(d) of the Social Security Act (42 United States Code (U.S.C.) 1302, 1395b-2(b), and 1395w-21(d)), and OMB Circular A-123, Internal Control Systems, and Title 42 U.S.C. section 1395w-21(d) (Pub. L. 105-3, the Balanced Budget Act of 1997).

The primary purpose of the SOR is to provide general information to beneficiaries and future beneficiaries so that they can make informed Medicare decisions, maintain information on Medicare enrollment for the administration of the Medicare program, including the following functions: Ensuring proper Medicare enrollment, claims payment, Medicare premium billing and collection, coordination of benefits by validating and verifying the enrollment status of beneficiaries, and validating and studying the characteristics of persons enrolled in the Medicare program including their requirements for information. Information retrieved from this SOR will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the Agency or by contractors, consultants, or CMS grantees; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) assist providers and suppliers of services for administration of Title XVIII of the Act; (4) assist third parties where the contact is expected to have information relating to the individual's capacity to manage his or her own affairs; (5) assist other insurers for processing individual insurance claims; (6) support litigation involving the Agency; and (7) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the HELPLINE without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We are proposing to establish or modify the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or CMS grantees who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this SOR and who need to have access to the records in order to assist CMS.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To assist providers and suppliers of services directly or through fiscal intermediaries or carriers for the administration of Title XVIII of the Social Security Act.

4. To assist third party contacts in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and,

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: The individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exists or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program, the amount of reimbursement, and in cases in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of activities.

5. To assist insurance companies, third party administrators (TPA), employers, self-insurers, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, group health plans (i.e., health maintenance organizations (HMOs) or a competitive medical plan (CMP) with a Medicare contract, or a Medicare-approved health care prepayment plan (HCPP)), directly or through a contractor, and other groups providing protection for their enrollees. Information to be disclosed shall be limited to Medicare entitlement data. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. Utilize the information solely for the purpose of processing the identified individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

6. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. Any employee of the Agency in his or her official capacity, or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

7. To support a CMS contractor (including, but not limited to FIs and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

8. To assist another Federal agency or an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency) that administers, or that has the authority to investigate potential fraud, waste, and abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such programs.

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., beneficiary name or HICN, and unique provider identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 6 years and 3 months. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Call Center Operations, Customer Teleservice Operations Group, Office of Beneficiary Information Services, CMS, 7500 Security Boulevard, C2-26-20, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

The data contained in these records are furnished by the individual, or in the case of some situations, through third party contacts that make calls to 1-800 Medicare Helpline. Updating information is also obtained from the following CMS systems of records: Enrollment Data Base (09-70-0502), Common Working File (09-70-0525), and the Master Beneficiary Record maintained by the Social Security Administration (SSA System of Records SSA/ORSIS 60-0090).

None.

73 FR 10255 2/26/08.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

Individuals age 65 or over who have been, or currently are, entitled to health insurance (Medicare) benefits under Title XVIII of the Social Security Act (the Act) or under provisions of the Railroad Retirement Act; individuals under age 65 who have been, or currently are, entitled to such benefits on the basis of having been entitled for not less that 24 months to disability benefits under Title II of the Act or under the Railroad Retirement Act; individuals who have been, or currently are, entitled to such benefits because they have End-Stage Renal Disease (ESRD); individuals age 64 and 8 months or over who are likely to become entitled to health insurance (Medicare) benefits upon attaining age 65, and individuals under age 65 who have at least 21 months of disability benefits who are likely to become entitled to Medicare upon the 25th month or entitlement to such benefits and those populations that are dually eligible for both Medicare and Medicaid (Title XIX of the Act).

Information maintained in the system include, but are not limited to: Standard data for identification such as health insurance claim number, social security number, gender, race/ethnicity, date of birth, geographic location, Medicare enrollment and entitlement information, MSP data necessary for appropriate Medicare claim payment, hospice election, MA plan elections and enrollment, End Stage Renal Disease (ESRD) entitlement, historic and current listing of residences, and Medicare eligibility and Managed Care institutional status.

The primary purpose of this modified system is to provide CMS with a singular, authoritative, database of comprehensive enrollment data on individuals in the Medicare program to support ongoing and expanded program administration, service delivery modalities, and payment coverage options. This collection will contain a complete "beneficiary insurance profile" that reflects the individual's Medicare health insurance coverage and Medicare health plan and demonstration enrollment. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or a CMS grantee; (2) assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent; (3) support providers and suppliers of services for administration of Title XVIII; (4) assist third parties where the contact is expected to have information relating to the individual's capacity to manage his or her own affairs; (5) support Quality Improvement Organizations (QIO); (6) assist other insurers for processing individual insurance claims; (7) facilitate research on the quality and effectiveness of care provided, as well as payment related projects; (8) support Patient Assistance Programs and other groups providing pharmaceutical assistance or services to Medicare beneficiaries; (9) support litigation involving the agency; and (10) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are modifying/altering the routine use disclosures of information maintained in the system so that the routine uses include the following:

1. To support agency contractors, consultants or grantees who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity.

2. To assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/State Medicaid programs within the State.

3. To assist providers and suppliers of services directly or through fiscal intermediaries or carriers for the administration of Title XVIII of the Act.

4. To assist third party contact in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and;

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: The individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exists, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program, the amount of reimbursement, and in cases in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of activities.

5. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans. As established by the Part D Program, QIOs will conduct reviews of prescription drug events data, or in connection with studies or other review activities conducted pursuant to Part D of Title XVIII of the Act.

6. To other insurers, underwriters, third party administrators (TPAs), self-insurers, group health plans, employers, health maintenance organizations, health and welfare benefit funds, Federal agencies, a State or local government or political subdivision of either (when the organization has assumed the role of an insurer, underwriter, or third party administrator, or in the case of a State that assumes the liabilities of an insolvent insurers pool or fund), multiple-employers trusts, no-fault medical, automobile insurers, workers' compensation carriers plans, liability insurers, and other groups providing protection against medical expenses who are primary payers to Medicare in accordance with 42 U.S.C. 1395y(b), or any entity having knowledge of the occurrence of any event affecting;

a. An individual's right to any such benefit or payment, or

b. The initial or continued right to any such benefit or payment (for example, a State Medicaid Agency, State Workers' Compensation Board, or Department of Motor Vehicles) for the purpose of coordination of benefits with the Medicare program and implementation of the MSP provisions at 42 U.S.C. 1395 y(b). The information CMS may disclose will be:

• Beneficiary Name

• Beneficiary Address

• Beneficiary Health Insurance Claim Number

• Beneficiary Social Security Number

• Beneficiary Gender

• Beneficiary Date of Birth

• Amount of Medicare Conditional Payment

• Provider Name and Number

• Physician Name and Number

• Supplier Name and Number

• Dates of Service

• Nature of Service

• Diagnosis

To administer the MSP provision at 42 U.S.C. 1395 y(b)(2), (3), and (4) more effectively, CMS would receive (to the extent that it is available) and may disclose the following types of information from insurers, underwriters, third party administrator, self-insurers, etc.:

• Subscriber Name and Address

• Subscriber Date of Birth

• Subscriber Social Security number

• Dependent Name

• Dependent Date of Birth

• Dependent Social Security Number

• Dependent Relationship to Subscriber

• Insurer/Underwriter/TPA Name and Address

• Insurer/Underwriter/TPA Group Number

• Insurer/Underwriter/Group Name

• Prescription Drug Coverage

• Policy Number

• Effective Date of Coverage

• Employer Name, Employer Identification Number (EIN) and Address

• Employment Status

• Amounts of Payment

To administer the MSP provision at 42 U.S.C. 1395y(b)(1) more effectively for entities such as Workers' Compensation carriers or boards, liability insurers, no-fault and automobile medical policies or plans, CMS would receive (to the extent that it is available) and may disclose the following information:

• Beneficiary's Name and Address

• Beneficiary's Date of Birth

• Beneficiary's Social Security number

• Name of Insured

• Insurer Name and Address

• Type of coverage; automobile medical, no-fault, liability payment, or workers' compensation settlement

• Insured's Policy Number

• Effective Date of Coverage

• Date of accident, injury or illness

• Amount of payment under liability, no-fault, or automobile medical policies, plans, and workers' compensation settlements

• Employer Name and Address (Workers' Compensation Only)

• Name of insured could be the driver of the car, a business, the beneficiary (i.e., the name of the individual or entity which carries the insurance policy or plan)

In order to receive this information the entity must agree to the following conditions;

c. To utilize the information solely for the purpose of coordination of benefits with the Medicare program and other third party payer in accordance with Title 42 U.S.C. 1395y(b);

d. To safeguard the confidentiality of the data and to prevent unauthorized access to it; and

e. To prohibit the use of beneficiary-specific data for the purposes other than for the coordination of benefits among third party payers and the Medicare program. This agreement would allow the entities to use the information to determine cases where they or other third party payers have primary responsibility for payment. Examples of prohibited uses would include but are not limited to; creation of a mailing list, sale or transfer of data.

To administer the MSP provisions more effectively, CMS may receive or disclose the following types of information from or to entities including insurers, underwriters, TPAs, and self-insured plans, concerning potentially affected individuals:

• Subscriber HICN

• Dependent Name

• Funding arrangements of employer group health plans, for example, contributory or non-contributory plan, self-insured, re- insured, HMO, TPA insurance

• Claims payment information, for example, the amount paid, the date of payment, the name of the insurers or payer

• Dates of employment including termination date, if appropriate

• Number of full and/or part-time employees in the current and preceding calendar years

• Employment status of subscriber, for example, full or part time or self-employed

7. To assist an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

8. To support Patient Assistance Programs and other groups providing pharmaceutical assistance to a Medicare beneficiary. Medicare Part D enrollment information may be released to these organizations upon specific request, and then only if they meet the following requirements, they must:

a. Provide an attestation or other qualifying information that they are providing pharmaceutical assistance to Medicare beneficiaries;

b. Submit a finder file to CMS to identify Medicare beneficiaries receiving pharmaceutical assistance and/or services consisting of the following data elements:

(1) First initial of the first name,

(2) First 6 letters of the last name,

(3) Social security number or health insurance claims number,

(4) Date of birth,

(5) Sex;

c. Safeguard the confidentiality of any data received and prevent unauthorized access to the data; and

d. Complete a written statement attesting to the information recipient's understanding of and willingness to abide by CMS provisions regarding Privacy protections and information security. Recipients of CMS data must complete the PAP Data Sharing Agreement prior to the release of CMS data.

9. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

10. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such program.

11. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512 (a)(1).)

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored electronically.

All Medicare records are accessible by HICN, and SSN search. This system supports both on-line and batch access.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in the active files for a period of 15 years. The records are then retired to archival files maintained at the Health Care Data Center. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Enrollment and Eligibility Policy, Medicare Enrollment and Appeals Group, Center for Beneficiary Choices, CMS, Mail Stop S1-05-06, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7.)

The data contained in this system of records are extracted from other CMS systems of records: Enrollment Database, Medicare Advantage Prescription Drug System, and the Medicaid Statistical Information System. Information will also be provided from the application submitted by the individual through State Medicaid agencies, the Social Security Administration and through other entities assisting beneficiaries.

None.

71 FR 70396 12/4/06; 74 FR 30606 6/26/09; 78 FR 23938 4/23/13; 78 FR 32257 5/29/13.

Appendix A. Health Insurance Records

Medicare records are maintained at the CMS Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the CMS Regional Office (see section 2 below for addresses). Medicare records are also maintained by private insurance organizations that share in administering provisions of the health insurance programs. These private insurance organizations, referred to as Managed Care Organizations, are under contract to the Centers for Medicare & Medicaid Services and the Social Security Administration to perform specific task in the Medicare program (see section three below for information on MCOs).

1. Central Office Address: CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

2. CMS Regional Offices: BOSTON REGION--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

NEW YORK REGION--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007, Office Hours: 8:30 a.m.-5 p.m.

PHILADELPHIA REGION--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours: 8:30 a.m.-5 p.m.

ATLANTA REGION--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223, Office Hours: 8:30 a.m.-4:30 p.m.

CHICAGO REGION--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A--824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

DALLAS REGION--Arkansas, Louisiana, New Mexico, Oklahoma, Texas, 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m.- 4:30 p.m.

KANSAS CITY REGION--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street, Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

DENVER REGION--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout Street, Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

SAN FRANCISCO REGION--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

SEATTLE REGION--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours 8 a.m.-4:30 p.m.

3. Managed Care Organizations: Monthly report of Managed Care Organizations is available at www.cms.gov.

Level 3 Privacy Act Sensitive.

Group Health Incorporated, 25 Broadway, New York, New York 10004.

The system of records will contain data on non-Medicare beneficiaries that receive an approval or a denial by the Centers for Medicare & Medicaid Services (CMS) of the adequacy of a WC Medicare Set-aside Arrangement, as part of a WC settlement that is intended to pay for future medical expenses in place of future Medicare benefits.

This system of records will contain the individual-level identifying data including, but not limited to, name, address, date of birth, social security number (SSN), date of the WC injury/incident, injury diagnosis code(s), effective date and amount of the WC Medicare Set-aside Arrangement. In addition, data will be included to enable CMS to manage the WC Medicare Set-aside Arrangement information when it becomes part of a beneficiary's record on the Common Working File. These data include the WC carrier, the administrator of the WC Medicare Set-aside Arrangement, and the attorney that prepared the arrangement.

Section 1862(b)(2) of the Social Security Act (the Act) requires that Medicare payment may not be made for any item or service to the extent that payment has been made under a WC law or plan. This section of the Act and Title 42 Code of Federal Regulation (CFR) 411.46 require CMS to exclude payments once the injured individual becomes a Medicare beneficiary when payment should be made from WC funds that are always primary to Medicare payment.

The primary purpose of the non-Medicare beneficiary WCSAF is to maintain a file of individuals who were injured while employed; are not currently Medicare beneficiaries; whose WC Settlement included a WC Medicare Set-aside Arrangement that is intended to pay for future medical expenses in place of future Medicare benefits; and was approved or not approved (denied) by CMS as submitted. The information retrieved from this system will be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor or consultant; (2) another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent to contribute to the accuracy of CMS' proper payment of Medicare benefits, enable such agency to administer a Federal health benefits program, or enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (3) an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or for understanding and improving payment projects; (4) support constituent requests made to a Congressional representative; (5) support litigation involving the agency; and (6) combat fraud and abuse in health benefits programs funded in whole or in part by Federal funds.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, or consultants that have been contracted by the agency to assist in the performance of a service related to this system and that need to have access to the records in order to perform the activity.

2. To another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds.

3. To an individual or organization for research, evaluation or epidemiological projects related to the prevention of disease or disability, the restoration or maintenance of health, or for understanding and improving payment projects.

4. To a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional Office made at the written request of the constituent about whom the record is maintained.

5. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity; or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government; is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation.

6. To a CMS contractor (including, but not necessarily limited to intermediaries and carriers) that assists in the administration of a CMS- administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

7. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures:

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, 65 FR 82462 (12-28-00)), Subparts A and E. Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

The records are retrieved alphabetically by the name and/or SSN of the subject of the records.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable WCSAF data for a period of 6 years and 3 months unless the injured individual becomes a Medicare beneficiary prior to that period of time. When either of these criteria is met, the information stored on the injured individual will be deleted from the WCSAF. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Medicare Secondary Payer Policy Operations, Financial Services Group, Office of Financial Management, CMS, Mail Stop C3-14-16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), address, date of birth, date of WC injury/incident, diagnosis, effective date and amount of the WC Medicare Set-aside Arrangement. (Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b 5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

The Electronic Correspondence Referral System, Workers Comp Case Control System, Medicare contractors and the Coordination of Benefit Contractor, Common Working File, CMS Regional Offices, an agency of a State government, Medicare beneficiaries and non-Medicare beneficiaries that have an approved or denied WC Medicare Set-aside arrangement to cover future medical costs resulting from an injury incurred while employed and the Social Security Administration.

None.

70 FR 75175 12/19/05.

Level 3 Privacy Act Sensitive.

Centers for Medicare & Medicaid Services Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

Information for this system is collected and maintained on individuals who voluntarily apply for access to the Web-based Application Systems and individuals with an approved need for access to the computer resources and information maintained by CMS.

Information collected for this system will include, but is not limited to, name, social security number (SSN), date of birth, current Resource Access Control Facility Identification (RACF ID), e-mail address, telephone number, company name, and geographic location.

Authority for maintenance of the system is given under Executive Order 9397, the Debt Collection Improvement Act, 31 United States Code (U.S.C.) § 7701(c)(1), and 5 U.S.C. 552a(b)(1).

The primary purpose of the system has been to collect and maintain individually identifiable information to assign, control, track, and report authorized access to and use of CMS's computerized information and resources, for those individuals who apply for and are granted access across multiple CMS systems and business contexts. Information in this system will also be used to: (1) Support regulatory and policy functions performed within the Agency or by a contractor, consultant, or CMS grantee; and (2) support litigation involving the Agency related to this system.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or CMS grantee who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist the Department of Justice (DOJ), court or adjudicatory body when

a. The Agency or any component thereof; or

b. Any employee of the Agency in his or her official capacity; or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee; or

d. The United States Government;

is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation.

Storage:

All records are stored on magnetic media.

Information can be retrieved by assigned User ID, user name, and user e-mail address.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for the duration the user needs access to CMS' computer systems or until no longer needed for administrative, legal, audit or other operations services, whichever is longer. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Development & Engineering, Information Services Design & Development Group, Office of Information Services, CMS, Mail Stop N2-15-18, 7500 Security Boulevard, Baltimore, Maryland, 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Sources of information contained in this records system include data collected from applications submitted by the individuals requiring access to computer services.

None.

72 FR 63902 11/13/07; 74 FR 30606 6/26/09.

Unclassified.

The address of the agency component responsible for the system of records is: CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244- 1850.

The agency official who is responsible for the system of records is: Director, Quality Measurement and Value-based Incentives Group, CCSQ, CMS, Room Cl- 23- 14, 7500 Security Boulevard, Baltimore, Maryland 21244-1870.

Provisions of the Social Security Act codified at 42 U.S.C. §§1320c- 3, 13951 , 1395w-4, 1395w-21, and 1395y.

The purposes for which HHS/CMS will use the records are:

• To be utilized for program management and administration purposes;

• To determine payment adjustments for health care services provided by clinicians to Medicare beneficiaries;

• To provide expert feedback to clinicians and third party data submitters, in order to help clinicians provide high-value, patient-centered care to Medicare beneficiaries;

• To make clinician-level performance measure results available to Medicare patients and caregivers through Physician Compare, as defined via regulation, either on public profile pages or via the Downloadable Database housed on data.medicare.gov for the purpose of promoting more informed health care choices for people with Medicare; and

• To provide relevant records to other Federal and state agencies which administer federally-funded health benefit programs; Quality Improvement Networks that review claims and conduct outreach and reviews; and individuals and organizations that assist consumers, to use for program administrative purposes and in health, disease, and payment-related research, evaluation, outreach, and transparency projects.

The records will be about these categories of individuals involved in the Quality Payment Program:

• Eligible clinicians (such as, physicians, physician assistants, nurse practitioners) who submit quality and performance data to CMS under the Program;

• Any third party data submitters of the types described in 42 CFR § 414.1400 who are individuals (e.g., sole proprietor health IT or survey vendors) and submit data to the Program;

• Individuals who submit data for clinicians and third party data submitters (i.e., as their representatives or contact persons); and

• Medicare beneficiaries (and any non-Medicare beneficiaries) receiving the health care services referenced in the data submitted to CMS under the Program.

The system will include these categories of records:

• Records about clinicians. These will include identifying information and contact information (such as the clinician's name, address, phone number, e-mail address, date of birth, business address, tax identification number (TIN/EIN), national provider identifier (NPI), Social Security number (SSN), prescriber identification number, and other assigned clinician numbers) and information about health care services the clinician provided to Medicare beneficiaries (and any non-Medicare beneficiaries) and the measures and activities the clinician used in providing the services.

• Records about any third party data submitters who are individuals (for example, sole proprietor health IT or survey vendors). These records will include the third party's name, e-mail address, business address, and TIN/EIN.

• Records about individuals who submit data for clinicians and third party data submitters.

These will include the representative's name and contact information such as address, TIN/EIN, e-mail address, and business address.

• Records about Medicare beneficiaries (and any non-Medicare beneficiaries). These will include the beneficiary's identifying and health information, i.e. name, address, date of birth, gender, ethnicity, health care utilization and claims data, health insurance claim number (HICN), Medicare beneficiary identifier (MBI), and SSN.

• Records about other payer payment arrangements. These will include other payer payment arrangement information submitted by non-Medicare payers to determine whether a payment arrangement meets the Other Payer Advanced Alternative Payment Model (APM) criteria. These records will include payer identifying information, payment arrangement information, supporting documentation, and a certification statement.

The sources of the records covered by this system of records are (1) clinicians, (2) third party data submitters, and (3) individuals who submit data for clinicians or third party data submitters.

A. These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may disclose records from the Quality Payment Program to a party outside HHS without the prior, written consent of the individual to whom such information pertains.

1. Records may be disclosed to agency contractors (including, but not limited to, Medicare Administrative Contractors (MACs), fiscal intermediaries, and carriers) that assist in the health operations of a CMS-administered health benefits program, to CMS consultants, or to a grantee of a CMS-administered grant program, who have been engaged by the agency to assist in accomplishment of a CMS function relating to the purposes for this system of records and who need to have access to the records in order to assist CMS. Such disclosures include (but are not limited to) disclosures deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

2. Records may be disclosed to another Federal or state agency to the extent deemed necessary to: (a) contribute to the accuracy of CMS' proper payment of Medicare benefits; (b) enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements health benefit programs funded in whole or in part with Federal funds; and/or (c) assist state Medicaid programs which may require Quality Payment Program information.

3. Clinician-level performance measurement results may be made available to the public, through Physician Compare, as defined via regulation, either on public profile pages or via the Downloadable Database housed on data.medicare.gov for the purpose of promoting more informed health care choices for people with Medicare.

4. Records may be disclosed to MIPS-eligible clinicians and eligible entities in order to provide them with expert feedback, and records may be disclosed to CMS authorized entities participating in health care transparency projects.

5. Records may be disclosed to organizations that assist consumers in comparing the quality and price of health care services, and/or that use such information for purposes related to prevention of disease or disability, or restoration or maintenance of health.

6. Records may be disclosed to organizations for research, evaluation, and projects involving payment issues.

7. Records may be disclosed to Beneficiary and Family Centered Care (BFCC)-QIOs, Quality Innovation Network-QIOs (QIN-QIOs), the Small, Underserved, and Rural Support (SURS) technical assistance contractors, and the Practice Transformation Networks (PTNs) under the Transforming Clinical Practice Initiative (TCPI) for purposes of: a) identifying clinicians who are included in the Quality Payment Program, specifically the MIPS track, based on the low-volume threshold; b) determining the appropriate form of Technical Assistance based on practice size and clinician need; c) providing eligibility information to clinicians interested in forming a virtual group; d) transitioning clinician referrals from the Quality Payment Program Service Center to the appropriate Technical Assistance channel; e) performing proactive outreach and engagement activities for the purpose of helping MIPS eligible clinicians participate in the program; f) developing educational tools and resources; g) monitoring annual MIPS eligible clinician performance; h) assessing future need based on a MIPS eligible clinician's Final Score; i) tracking non-MIPS eligible clinicians who voluntarily report measures and activities to MIPS; and j) assisting MIPS eligible clinicians transition into an Advanced APM.

8. Records may be disclosed to the Department of Justice (DOJ), a court, or an adjudicatory body when: (a) the Agency or any component thereof, (b) any employee of the Agency in his or her official capacity, (c) any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation.

9. Records may be disclosed to another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

10. Records may be disclosed to appropriate agencies, entities, and persons when (a) HHS suspects or has confirmed that there has been a breach of the system of records; (b) HHS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HHS (including its information systems, programs, and operations), the Federal government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HHS' efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

11. Records may be disclosed to another Federal agency or Federal entity, when HHS determines that information from this system of records is reasonably necessary to as.sist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal government, or national security, resulting from a suspected or confirmed breach.

12. Records may be disclosed to the U.S. Department of Homeland Security (OHS) if captured in an intrusion detection system used by HHS and OHS pursuant to a OHS cybersecurity program that monitors Internet traffic to and from Federal government computer networks to prevent a variety of types of cybersecurity incidents.

B. Additional Circumstances Affecting Routine Use Disclosures: To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy oflndividually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E), disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information" (see 45 CFR 164.512(a)(l)).

The records will be stored electronically or on magnetic media or paper.

The data collected

on clinicians will be retrieved by the clinician's name, address, NPI, TIN/EIN and other identifying provider numbers. Information about third party data submitters who are individuals will be retrieved by name, address, and TIN/EIN. Records about contact persons will be retrieved by name, e-mail address and business address. The data collected on Medicare beneficiaries (and any non-Medicare beneficiaries) will be retrieved by the beneficiary's name, Medicare beneficiary identifier (MBI), health insurance claim number (HICN), SSN, address, and date of birth.

A records disposition schedule for the Quality Payment Program is pending submission to and approval by the National Archives and Records Administration (NARA); until NARA approval is obtained, CMS will retain the records indefinitely. CMS is proposing a retention period of approximately 10 years for these records under the NARA CMS Records Schedule: DAA-0440- 2015-0009-0003. Any claims-related records that become encompassed by a document preservation order may be retained longer (i.e., until notification is received from the Department of Justice).

Safeguards will

conform to the HHS Information Security and Privacy Program, http://www.hhs.gov/ocio/securityprivacy/index.html. Information will be safeguarded in accordance with applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards, including, all pertinent National Institutes of Standards and Technology (NIST) publications, and 0MB Circular A-130. Records will be protected from unauthorized access through appropriate administrative, physical, and technical safeguards. These safeguards include protecting the facilities where records are stored or accessed with security guards, badges, and cameras; securing hard-copy records in locked file cabinets, file rooms, or offices during off-duty hours; controlling access to physical locations where records are maintained and used by means of combination locks and identification badges issued only to authorized users; limiting access to electronic databases to authorized users based on roles and two-factor authentication (user ID and password); using a secured operating system protected by encryption, firewalls, and intrusion detection systems; requiring encryption for records stored on removable media; and training personnel in Privacy Act and information security requirements. Records that are eligible for destruction will be disposed of using secure destruction methods prescribed by NIST SP 800-88.

An individual seeking access to a record about him or her in this system should write to tbe System Manager indicated above, who will require the individual's name and particulars necessary to distinguish between records on subject individuals with the same name, such as NPI or TIN. The requestor should also reasonably specify the record(s) to which access is sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2)).

Any subject individual may request that his record be corrected or amended if he believes that the record is not accurate, timely, complete, or relevant or necessary to accomplish a Department function. A subject individual making a request to amend or correct his record shall address his request to the responsible System Manager as stated above, in writing. The subject individual shall specify in each request: (I) The system of records from which the record is retrieved; (2) The particular record which he is seeking to correct or amend; (3) Whether he is seeking an addition to or a deletion or substitution of the record; and, (4) His reasons for requesting correction or amendment of the record. (These procedures are in accordance with Department regulation 45 CFR Sb.7).

Individuals wishing to know if this system contains records about them should write to the System Manager indicated above and follow the same instructions under Record Access Procedures.

None.

None.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor locations.

This system will collect and maintain individually identifiable information and other data collected on health care providers, and other individuals ordering provider educational materials who voluntarily register for computer/Web-based training courses, satellite broadcasts and train-the-trainer sessions.

Information collected will include, but is not limited to, the health care provider's first and last name, mailing address, provider type, facility type, telephone number, fax number and e-mail address. If CMS becomes an accredited provider of continuing education credits, this system may also contain social security number, provider identification number (UPIN/NPI), or tax identification number.

Authority for this collection is given under the provisions of Title IV of the Benefits Improvement Protection Act of 2000 (Public Law (Pub. L.) 106-554, Appendix F), Title IV of the Balanced Budget Act of 1997 (Pub. L. 105-33), and §§ 1816(a) and 1842(a)(3) of the Social Security Act.

The primary purpose of the system of records is to collect and maintain information on health care providers, and other individuals ordering provider educational materials who voluntarily register for computer/web-based training courses, satellite broadcasts and train-the- trainer sessions. Information in this system will also be used to: (1) support regulatory and policy functions performed within the Agency or by a contractor, consultant, or grantee; and (2) to support litigation involving the Agency related to this system.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To Agency contractors, or consultants, or grantees who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To the Department of Justice (DOJ), court or adjudicatory body when

a. The Agency or any component thereof; or

b. Any employee of the Agency in his or her official capacity; or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee; or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

Storage:

All records are stored on electronic media.

The collected data are retrieved by an individual identifier; e.g., provider name or unique provider identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 8 years.

Director, Division of Provider Information Planning and Development, Providers Communications Group, Center for Medicare Management, CMS, Mail Stop C4-10-07, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

The data collected and maintained in this is voluntary submitted and/or is self reported by the health care provider.

None.

72 FR 10537 3/8/07.

Level 3, Privacy Act Sensitive.

HCFA Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850. CMS contractors and agents at various locations.

Individual cytotechnologists and physicians participating in CMS approved gynecologic cytology proficiency testing programs.

This system will contain each individual's name, Proficiency Testing Registration Number (a unique identifier), Medical Licensure Number, if employed at more than one laboratory: the names, location, and CLIA number of each laboratory; test scores, and in which testing event the individual has participated. CYPERS will also be able to produce user-defined reports on request by Central Office staff only.

Section 353(f)(4)(A) of the Public Health Service Act (42 U.S.C 263a), Section 353(f)(4)(B)(iv), 42 CFR 493.801, 493.803, 493.807, 493.855, 42 CFR 493.901, 493.903, 493.905, and 493.945.

The primary purpose of CYPERS is to assure CMS of the accuracy and reliability of gynecologic cytology testing by compliance with the CLIA statutory requirements. This will be accomplished by tracking and monitoring the enrollment, participation, and performance of individual cytotechnologists and physicians participating in CMS approved gynecologic cytology proficiency testing programs.

Information retrieved from this system of records will be used to support regulatory, reimbursement, and policy functions performed within the agency or by a contractor or consultant; support constituent requests made to a Congressional representative; and support litigation involving the agency.

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the CYPERS Registration and Product Ordering System without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. In addition, CMS policy will be to prohibit release even of non-identifiable data, except pursuant to one of the routine uses, if there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary). Be advised, this System of Records contains Protected Health Information as defined by the Department of Health and Human Services' (HHS) regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, 65 FR 8462 as amended by 66 FR 12434). Disclosures of Protected Health Information authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

1. To agency contractors, or consultants that have been contracted by the agency to assist in the performance of a service related to this system of records and that need to have access to the records in order to perform the activity.

2. To a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional Office made at the written request of the constituent about whom the record is maintained.

3. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity; or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government; is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation.

Storage:

All records are stored on the magnetic disk sub-system of the Windows 2000 server.

The CYPERS records are retrieved by individual's name, Proficiency Testing Registration Number unique identifier, Medical Licensure Number, test scores, or which testing event the individual has participated. CYPERS will also be able to produce user-defined reports on request by Central Office staff only.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use.

Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, DHHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger- Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management Of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies.

Federal, DHHS, and CMS policies and standards include but are not limited to: all pertinent NIST publications; the DHHS Automated Information Systems Security Handbook and the CMS Information Security Handbook.

CMS will retain identifiable CYPERS data for a total period of 10 years.

Director, Finance, Systems and Budget Group, Center for Medicaid and State Operations, Centers for Medicare and Medicaid Services, 7500 Security Boulevard, Room S3-18-11, Baltimore, Maryland 21244-1850, Telephone Number: (410) 786-5401.

Director, Survey and Certification Group, Center for Medicaid and State Operations, Centers for Medicare and Medicaid Services, 7500 Security Boulevard, Room S2-12-25, Baltimore, Maryland 21244-1850, Telephone Number: (410) 786-9493.

For purpose of access, the subject individual should write to the system manager, who will require the system name, the subject individual's name (woman's maiden name, if applicable), address, date of correspondence and control number.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a) (2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

CMS will receive CYPERS data periodically from CMS-approved cytology proficiency testing programs only. This System of Records protects the data transmitted by CMS-approved cytology proficiency testing programs at all stages of collection, manipulation, transmissions, storage, and maintenance, at the PT program and at CMS.

None.

70 FR 2637 1/14/05.

Level Three Privacy Act Sensitive Data.

Atlantic Telephone & Telegraph Company, Ashburn, Virginia facility under the control of the Center for Medicare & Medicaid Services.

Individuals who have filed complaints alleging violations of the Transactions and Code Sets, Security, and Unique Identifier provisions under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, 68 FR 60694 (October 23, 2003). These regulations are codified at 45 CFR, parts 160, 162 and 164.

HITS will maintain a file of complaint allegations, information gathered during the complaint investigation, findings, and results of the investigation, and correspondence relating to the investigation. The collected information will contain name, address, telephone number, health insurance claim (HIC) number, geographic location, as well as, background information relating to Medicare or Medicaid issues.

Authority for maintenance of this system is given under provisions of the Health Insurance Portability and Accountability Act of 1996, (Pub. L. 104-191), published at 68 FR 60694 (October 23, 2003). These regulations are codified at 45 Code of Federal Regulation, parts 160, 162, and 164.

The purpose of this system is to store the results of all OESS regional investigations, to determine if there were violations as charged in the original complaint, to investigate complaints that appear to be in violation of the Transactions and Code Sets, Security, and Unique Identifier provisions of HIPAA, to refer violations to law enforcement activities as necessary, and to maintain and retrieve records of the results of the complaint investigations. Information retrieved from this SOR will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency, HIPAA entities, or by a contractor or consultant; (2) assist another Federal or state agency in the enforcement of HIPAA regulations where sharing the information is necessary to complete the processing of a complaint, contribute to the accuracy of CMS's proper payment of Medicare benefits, and/or enable such agency to administer a Federal health benefits program; (3) support constituent requests made to a congressional representative; (4) support litigation involving the agency; and (5) combat fraud and abuse in certain health benefits programs.

The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." We are proposing to establish the following routine use disclosures of information maintained in the system. Information will be disclosed:

1. To agency contractors or consultants who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency to:

a. Assist in the enforcement of HIPAA regulations for violations of Transactions and Code Sets, Security, and Unique Identifiers where sharing the information is necessary to complete the processing of a complaint,

b. Contribute to the accuracy of CMS's proper payment of Medicare benefits, and/or

c. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds.

3. To a member of congress or to a congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

4. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b.Any employee of the agency in hisor h4r official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

5. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

6. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures This system contains Protected Health Information as defines by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, 65 FR 82462 (12-28-00), Subparts A and E). Disclosures of Protected Health Information authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of not directly identifiable information, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the complaint population is so small that individuals who are familiar with the complainants could, because of the small size, use this information to deduce the identity of the complainant).

Storage:

All records are stored electronically.

The complaint data are retrieved by an individual identifier i.e., name of complainant.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implements appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002; the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent NIST publications; the DHHS Information Security Program Handbook and the CMS Information Security Handbook.

CMS will retain complaint information for a total period not to exceed 25 years.

Director, Office of E-Health Standards and Services, CMS, Room S2-26-17, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

Exempt. However, portions of this system notice are non-exempt and consideration will be given to requests addressed to the system manager for those portions. For general inquiries, it would be helpful if the request included the system name, address, age, sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable) and complaint tracking ID number.

Same as notification procedures. Requestors should also specify the record contents being sought.

The subject individual should contact the system manager named above and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

OESS investigative files maintained in HITS are either received as electronic documents or paper records that are compiled for law enforcement purposes. In the course of investigations, OESS often has a need to obtain confidential information involving individuals other than the complainant.

HHS claims exemption of certain records (case files on active fraud investigations) in the system from notification and access procedures under 5 U.S.C. 552a(k)(2) inasmuch as these records are investigatory materials compiled for program (law) enforcement in anticipation of a criminal or administrative proceedings. (See Department Regulation (45 CFR 5b.11))

70 FR 38944 7/6/05.

Level 3, Privacy Act Sensitive.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and CMS contractors and agents at various locations.

The Section 1011 program will include information on individuals who have elected to participate in the Section 1011 program, claims information related to Section 1011 payment requests, and information needed to pay claims and administer the Section 1011 program.

The Section 1011 program includes the provider name and identification number, provider address, provider employer identification number, provider banking information, provider Federal tax identification number, patient's control number, medical record number, date of service, patient's gender, zip code, state and county, the principle diagnosis code, admitting diagnosis code, and total charges. It also includes claims information related to Section 1011 payment requests, and other research information needed to pay claims and administer the Section 1011 program.

The authority to conduct the program is given under the provisions of Section 1011 of the Medicare Prescription Drug, Improvement and Modernization Act of 2003 (Pub. L. 108-173).

The primary purpose of the system is to maintain information collected on individuals who submit an enrollment application and make payment requests associated with Section 1011 of the MMA, and other information designed to support the enrollment, claims payment, and research reporting functions of the Section 1011 program. Information retrieved from this system will also be disclosed to: (1) Support regulatory, payment activities, and policy functions performed within the agency or by a designated contractor or consultant; (2) combat fraud and abuse in certain health benefits programs; (3) assist another Federal or state agency with information to enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal; (4) funds support constituent requests made to a Congressional representative; and, (5) support litigation involving the agency.

A. Entities Who May Receive Disclosures Under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the Section 1011 program without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors or consultants who have been contracted by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity.

2. To a CMS contractor that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS- administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

3. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

4. To another Federal or State agency to:

a. Contribute to the accuracy of CMS' proper payment of a health benefit, or

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds.

5. To a Member of Congress or to a congressional staff member in response to an inquiry of the Congressional Office made at the written request of the constituent about whom the record is maintained.

6. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity; or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government;

Is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation.

B. Additional Provisions Affecting Routine Use Disclosures

This system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, 65 FR 82462 (12-28-00), Subparts A and E. Disclosures of PHI authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All claim records are stored on magnetic media. Patient eligibility information may be maintained electronically or in paper format.

Providers will retrieve medical records by the patient control number. Provider IDs and patient control numbers are used to facilitate inquiries into specific claims as needed.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent NIST publications; the HHS Automated Information Systems Security Handbook and the CMS Information Security Handbook.

CMS will retain identifiable Section 1011 data for an indefinite period. Data residing with the designated claims payment contractor shall be returned to CMS at the end of the fifth program year, with all data then being the responsibility of CMS for adequate storage and security.

Section 1011 Project Officer, Center for Medicare Management, CMS, 7500 Security Boulevard, Mail Stop C4-10-07, Baltimore, Maryland, 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, and for verification purposes, the subject individual's name and provider identification number and the patient's medical record number.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Information maintained in this system will be collected from individuals volunteering to participate in Section 1011 program through the enrollment application and claims data requesting payment for services.

None.

70 FR 45397 8/5/05.

Level Three Privacy Act Sensitive Data.

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various co-locations of CMS contractors.

Individuals where CMS has determined that the evidence is adequate to conclude that certain identified diagnoses are reasonable and necessary in several patient groups where certain criteria for these patients have been met and the criteria are consistent with the trials reviewed.

The data collection should include baseline patient characteristics. The collected information will contain, but is not limited to, name, address, telephone number, health insurance claim (HIC) number, geographic location, race/ethnicity, gender, and date of birth, as well as, background information relating to Medicare or Medicaid issues.

The statutory authority for linking coverage decisions to the collection of additional data is derived from Sec. 1862(a)(1)(A) of the Social Security Act (the Act), which states that Medicare may not provide payment for items and services unless they are "reasonable and necessary" for the treatment of illness or injury. In some cases, CMS will determine that an item or service is only reasonable and necessary when specific data collections accompany the provision of the service. In these cases, the collection of data is required to ensure that the care provided to individual patients will improve health outcomes.

The purpose of this system is to collect and maintain data on patients to review determinations of "reasonable and necessary" with respect to whether or not a particular item or service is covered nationally under title XVIII of the Act Section 1869(f)(1)(B). Information retrieved from this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor or consultant; (2) assist another Federal or state agency with information to enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (3) to an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects; (4) support constituent requests made to a congressional representative; (5) support litigation involving the agency; and (6) combat fraud and abuse in certain health benefits programs.

The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." We are proposing to establish the following routine use disclosures of information maintained in the system. Information will be disclosed:

1. To agency contractors or consultants who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency to:

a. Assist in the review determinations of "reasonable and necessary" with re spect to whether or not a particular item or service is covered nationally under title XVIII of the Act Section 1869(f)(1)(B).

b. Contribute to the accuracy of CMS's proper payment of Medicare benefits, and/or

c. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds.

3. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

4. To a member of Congress or to a congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

5. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

7. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

Additional Provisions Affecting Routine Use Disclosures:

This system contains Protected Health Information (PHI) as defined by Department of Health and Human Services (HHS) regulation "Standards for Privacy of Individually Identifiable Health Information" (45 Code of Federal Regulations (CFR) parts 160 and 164, 65 FR 82462 (12-28-00), subparts A and E). Disclosures of PHI authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of not directly identifiable information, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the complaint population is so small that individuals who are familiar with the complainants could, because of the small size, use this information to deduce the identity of the complainant).

Storage:

All records are stored electronically.

The data is retrieved by an individual identifier i.e., name of beneficiary.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implements appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS; and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002; the Clinger-Cohen Act of 1996; the Medicare Prescription Drug Improvement, Modernization Act (MMA) of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period of 10 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from the Department of Justice.

Director, Office of Clinical Standards and Quality, CMS, Room S2-26-17, 7500 Security Boulevard, Baltimore, Maryland 21244 -1850.

For the purpose of access, the subject individual should write to the system manager who will require the system name, address, age, gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable).

For the purpose of access, use the same procedures outlines in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5).

The subject individual should contact the system manager named above and reasonable identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Records maintained in this system are derived from Carrier and Fiscal Intermediary Systems of Records, Common Working File System of Records, clinics, institutions, hospitals and group practices performing the procedures, and outside registries and professional interest groups.

None.

70 FR 53667 9/9/05.

This system of records does not include classified information.

The address of the agency component responsible for the system of records is: Medicare Plan Payment Group, Center for Medicare, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, Maryland 21244–1850.

The System Manager for the system of records is: Director, Medicare Plan Payment Group, Center for Medicare, Centers for Medicare & Medicaid Services, 7500 Security Blvd., Baltimore, MD 21244, (410) 786-7407.

Authority for maintenance of this system is given under section 1860D–22 of the Social Security Act (Title 42 United States Code (U.S.C.) sections 1302, 1395w–101 through 1395w–152, and 1395hh), as amended by section 101 of the Medicare Modernization Act (MMA). The collection of Social Security Numbers is authorized by 31 U.S.C. 7701(c).

The purpose of this system is to collect and maintain information about individuals who are qualifying covered retirees so that accurate and timely subsidy payments may be made to plan sponsors who continue to offer actuarially equivalent prescription drug coverage to the retirees.

Information in this system is maintained on qualifying covered retirees who are Medicare Part D eligible individuals covered under a qualified retiree prescription drug plan.

The records are enrollment, beneficiary, and financial or payment related records used to support and calculate the amount of subsidy payments to plan sponsors. They contain information such as the following about each retiree: standard data for identification such as Plan Sponsor Identification Number, Application Identification Number, Benefit Option Identifier, Coverage Effective Date, Coverage Termination Date, Health Insurance Claim Number (HICN) or Medicare Beneficiary Identifier (MBI), Social Security Number (SSN), gender, first name, last name, middle initial, date of birth, relationship to member, and Medicare eligibility and enrollment status.

Records maintained in this system are derived from the Medicare Beneficiary Database (MBD) system of records, system No. 09-70-0536, and from plan sponsors.

Records about an individual retiree may be disclosed from this system of records to parties outside the Department of Health and Human Services (HHS), without the individual’s prior written consent, for the purposes indicated in these routine uses:

1. To agency contractors or consultants who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity.

2. To a member of Congress or to a congressional staff member in response to a written inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

3. To the Department of Justice (DOJ), court, or adjudicatory body when:

a. the agency or any component thereof, or

b. any employee of the agency in his or her official capacity, or

c. any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government,

is a party to litigation or has an interest in such litigation and, by careful review, CMS determines that the records are both relevant and necessary to the litigation.

4. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

5. To another federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

6. To disclose to health plans, which are defined for this purpose as plans or programs that provide health benefits, whether directly, through insurance, or otherwise, and include—(1) a policy of health insurance; (2) a contract of a service benefit organization; and (3) a membership agreement with a health maintenance organization or other prepaid health plan when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

7. To appropriate agencies, entities, and persons when (1) HHS suspects or has confirmed that there has been a breach of the system of records; (2) HHS has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HHS (including its information systems, programs, and operations), the federal government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HHS’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

8. To another federal agency or federal entity, when HHS determines that information from this system of record is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the federal government, or national security, resulting from a suspected or confirmed breach.

9. To the U.S. Department of Homeland Security (DHS) if captured in an intrusion detection system used by HHS and DHS pursuant to a DHS cybersecurity program that monitors Internet traffic to and from federal government computer networks to prevent a variety of types of cybersecurity incidents.

The disclosures authorized by publication of the above routine uses pursuant to 5 U.S.C. 552a(b)(3) are in addition to other disclosures authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(2) and (b)(4)-(11).

This system contains protected health information as defined by Department of Health and Human Services (HHS) regulation ‘‘Standards for Privacy of Individually Identifiable Health Information’’ (45 Code of Federal Regulations (CFR) Parts 160 and 164, 65 Federal Register (FR) 82462 (12–28–00), Subparts A and E). Disclosures of Protected Health Information authorized by these routine uses may only be made if, and as, permitted or required by the ‘‘Standards for Privacy of Individually Identifiable Health Information.’’

The records are stored in hard-copy files and/or electronic media.

Information is retrieved by the retiree’s Health Insurance Claim Number (HICN), Medicare Beneficiary Identifier (MBI), or Social Security Number.

The records are retained and disposed of in accordance with the following disposition schedules, which were approved by the National Archives and Records Administration (NARA) :

•Financial or payment related records are governed by DAA-0440-2015-0004-0001 (Bucket 3). The records retention schedule states: Destroy no sooner than 7 year(s) after cutoff but longer retention is authorized.

•Enrollment Records are governed by DAA-0440-2015-0006 (Bucket 4). The records retention schedule states: Destroy no sooner than 7 year(s) after cutoff but longer retention is authorized.

•Beneficiary Records are governed by DAA-0440-2015-0007-0001 (Bucket 5). The records retention schedule states: Cutoff at the end of the calendar year. Destroy no sooner than 10 year(s) after cutoff but longer retention is authorized.

Safeguards conform to the CMS Information Security and Privacy Program, https://www.cms.gov/Research-Statistics-Data-and-Systems/CMS-Information-Technology/InformationSecurity/index.html. Information is safeguarded in accordance with applicable laws, rules and policies, including the HHS Information Technology Security Program Handbook; all pertinent National Institutes of Standards and Technology (NIST) publications, and OMB Circular A-130, Managing Information as a Strategic Resource. Records are protected from unauthorized access through appropriate administrative, physical, and technical safeguards. These safeguards include protecting the facilities where records are stored or accessed with security guards, badges and cameras, securing hard-copy records in locked file cabinets, file rooms or offices during off-duty hours, limiting access to electronic databases to authorized users based on roles and two-factor authentication (user ID and password), using a secured operating system protected by encryption, firewalls, and intrusion detection systems, requiring encryption for records stored on removable media, and training personnel in Privacy Act and information security requirements. Records that are eligible for destruction are disposed of using secure destruction methods prescribed by NIST SP 800-88.

An individual seeking access to a record about him/her in this system of records must submit a written request to the System Manager indicated above. The request must contain the individual’s name and particulars necessary to distinguish between records on subject individuals with the same name, such as HICN, MBI or SSN, and should also reasonably specify the record(s) to which access is sought. To verify the requester’s identity, the signature must be notarized or the request must include the requester’s written certification that he/she is the person he/she claims to be and that he/she understands that the knowing and willful request for or acquisition of records pertaining to an individual from an agency under false pretenses is a criminal offense subject to a $5,000 fine.

Any subject individual may request that his/her record be corrected or amended if he/she believes that the record is not accurate, timely, complete, or relevant or necessary to accomplish a Department function. A subject individual making a request to amend or correct his record shall address his request to the System Manager indicated, in writing, and must verify his/her identity in the same manner required for an access request. The subject individual shall specify in each request: (1) The system of records from which the record is retrieved; (2) The particular record and specific portion which he/she is seeking to correct or amend; (3) The corrective action sought (e.g., whether he/she is seeking an addition to or a deletion or substitution of the record); and, (4) His/her reasons for requesting correction or amendment of the record. The request should include any supporting documentation to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Individuals wishing to know if this system contains records about them should write to the System Manager indicated above and follow the same instructions under Record Access Procedures.

None.

70 FR 41035 (July 15, 2005), 78 FR 32257 (May 29, 2013), 83 FR 6591 (Feb. 14, 2018).

Level Three Privacy Act Sensitive.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

The system will include information on recipients of Medicare hospital insurance (Part A) and Medicare medical insurance (Part B) and recipients of the Prescription Drug Benefits Program (Part D) enrolled in the Medicare Advantage (MA) Program.

The system will also include information about a beneficiary's entitlement to Medicare benefits and enrollment in Medicare Programs, prescription drug coverage and supplementary medical claims information. The system will contain identifying information such as beneficiary name, health insurance claim number, social security number, and other demographic information.

Authority for maintenance of the system is given under section 101 of the MMA (Pub. L. 108-173) amended the Title XVIII of the Social Security Act. Authority for maintenance of the system is also given under the provisions of sections 1833(a) (1) (A), 1860, 1866, and 1876 of Title XVIII of the Act (42 CFR parts 417 and 422).

The primary purpose of the SOR is to process a monthly premium withhold file from SSA and RRB, capture expected premium withholding amounts from MARx and compare them to actual withholding amounts, produce a reconciliation of the reported withholding amounts with amounts transferred via Governmental Payment and Collection (IPAC) files from SSA and RRB, and generate plan payment requests to APPS. Information in this system will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed by a contractor or consultant contracted by the Agency; (2) support Medicare Prescription Drug Plans (PDP) and Medicare Advantage Prescription Drug Plans (MAPD) directly or through a CMS contractor for the administration of Title XVIII of the Act; (3) support another Federal or State agency, agency of a state government, an agency established by state law, or its fiscal agent; (4) support constituent requests made to a congressional representative; (5) support litigation involving the Agency, and (6) combat fraud and abuse in certain health benefits programs.

Computer diskette and on magnetic storage media.

Records are maintained with identifiers for all transactions after they are entered into the system for a period of 6 years and 3 months. Records are housed in both active and archival files. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from the Department of Justice.

Director, Division of Medicare Advantage Appeals and Payment Systems, Information Services Modernization Group, Office of Information Services, CMS, Room N3-16-24, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the systems manager who will require the system name, SSN, address, date of birth, sex, and for verification purposes, the subject individual's name (woman's maiden name, if applicable). Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a) (2)).

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

Data for this system is collected from the Medicare Advantage Prescription Drug System (MARx) system, the Medicare Beneficiary Database (MBD), as well as two external providers of monthly retirement annuities, SSA, and RRB, with potentially OPM as the third external partner in a future release of the PWS.

None.

70 FR 69766 11/17/05.

Level Three Privacy Act Sensitive.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites.

This system collects and maintains individually identifiable information on all people with Medicare who have enrolled into a Medicare Part D plan and individually identifiable data on prescribing health care professional, referring/servicing physician, and providers.

The data includes, but is not limited to, summary prescription drug claim data and individually identifiable beneficiary information such as: Beneficiary name, address, city, state, ZIP code, card holder identification number, date of service, gender, demographic, other identifying data, and optionally, the patient's date of birth. Identifying information of prescribing health care professional and providers of services and referring/servicing physician include provider/physician name, title, address, city, state, ZIP code, e-mail address, telephone numbers, fax number, state licensure number, Social Security Numbers, Federal tax identification numbers, prescriber identification number, assigned provider number (facility, referring/servicing physician), Drug Enforcement Agency (DEA) assigned identification number, and numerous other data elements related to the processing of the prescription drug claim.

This system is mandated under provisions of the Medicare Prescription Drug, Improvement, and Modernization Act, amending the Social Security Act by adding Part D under Title XVIII (§§ 1860D-15(c)(1)(C) and (d)(2)), as described in Title 42, Code of Federal Regulations (CFR) 423.301 et seq. as well as1860D-12(b)(3)(D) and 1106 of the Act, as described in 42 CFR 423.505(b)(8), (f), (l), and (m).

The primary purpose of this system is to collect, maintain, and process information on all Medicare covered, and as many non-covered drug events as possible, for people with Medicare who have enrolled into a Medicare Part D plan. The system will help CMS determine appropriate payment of covered drugs. It will also provide for processing, storing, and maintaining drug transaction data in a large-scale database, while putting data into data marts to support payment analysis. CMS would allow the expanded release of information in this system to: (1) Support regulatory, analysis, oversight, reimbursement, operational and policy functions performed within the agency or by a contractor, consultant, or a CMS grantee; (2) help another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) assist Medicare Part D sponsors; (4) support an individual or organization with projects that provide transparency in health care on a broad-scale enabling consumers to compare the quality and price of health care services or for a research, evaluation, or epidemiological or other project related to protecting the public's health, the prevention of disease or disability, the restoration or maintenance of health, or for payment related purposes; (5) assist Quality Improvement Organizations; (6) support lawsuits involving the agency; and (7) combat fraud, waste, and abuse in certain Federally funded health benefits programs.

A. Entities Who May Receive Disclosures Under Routine Use:

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may use and disclose information from the DDPS without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We propose to establish or modify the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or CMS grantees who have been engaged by the Agency to assist in accomplishment of a CMS function relating to the purposes for this SOR and who need to have access to the records in order to assist CMS.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent pursuant to agreements with CMS to:

a. Contribute to the accuracy of CMS's payment of Medicare benefits;

b. Administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

c. Access data required for Federal/state Medicaid programs.

3. To support Part D Prescription Drug sponsors, pharmacy benefit managers, claims processors, and other Prescription Drug Event submitters, in protecting their own members (and former members for the periods enrolled in a given plan) against medical expenses of their enrollees without the beneficiary's authorization, and having knowledge of the occurrence of any event affecting (a) an individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer provision at 42 U.S.C. 1395y(b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a Third Party Administrator;

b. Utilize the information solely for the purpose of processing the individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

4. To assist an individual or organization with research, an evaluation, or an epidemiological or other project related to protecting the public's health, the prevention of disease or disability, restoration or maintenance of health, or for payment related purposes. This includes projects that provide transparency in health care on a broad-scale enabling consumers to compare the quality and price of health care services. CMS must:

a. Determine if the use or disclosure of data violate legal limitations under which the record was provided, collected, or obtained;

b. Determine that the purpose for the use or disclosure of information:

(1) Cannot be reasonably accomplished unless the record is provided in individually identifiable form;

(2) Is of sufficient importance to warrant the effect or risk on the privacy of the individual; and

(3) Meets the objectives of the project;

c. Requires the recipient of the information to:

(1) Establish reasonable administrative, technical, and physical protections to prevent unauthorized use or disclosure of information;

(2) Remove or destroy the information that allows the individual to be identified at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the project, unless the recipient presents an adequate justification for retaining such information; and

(3) No longer use or disclose information except:

(a) In emergency circumstances affecting the health or safety of any individual;

(b) For use in another research project, under these same conditions and with written CMS approval;

(c) For an audit related to the research;

(d) For disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit; or

(e) When required by Federal law.

d. Get signed, written statements from the entity receiving the information that they understand and will follow all provisions in this notice.

e. Complete and submit a Data Use Agreement (CMS Form 0235) in accordance with current CMS policies.

5. To support Quality Improvement Organization (QIO) with claims review process or with studies or other review activities performed in accordance with Part B of Title XI of the Social Security Act. QIOs can also use the data for outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

6. To assist the Department of Justice (DOJ), court, or adjudicatory body when there is a lawsuit in which the Agency, any employee of the Agency in his or her official capacity or individuals capacity (if the DOJ agrees to represent the employee), or the United States Government is a part of CMS' policies or operations could be affected by the outcome. The information must be both relevant and necessary to the lawsuit, and the use of records is for a purpose that is compatible with the purpose for which CMS collected records.

7. To support a CMS contractor that assists in the administration of a CMS health benefits program, or a grantee of a CMS-administered grant program, if the information is necessary, in any capacity, to combat fraud, waste, or abuse in such program. CMS will only provide this information if CMS can enter into a contract or grant for this purpose.

8. To support another Federal agency or any United States government jurisdiction (including any state, or local governmental agency), if the information is necessary, in any capacity to combat fraud, waste or abuse in a health benefits program funded in whole or in part by Federal funds.

B. Additional Circumstances Affecting Routine Use Disclosures:

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00) release of information that are otherwise allowed by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512 (a)(1).)

In addition, CMS will not give out information that is not directly identifiable if there is a possibility that a person with Medicare could be identified because the sample is small enough to identify participants. CMS would make exceptions if the information is needed for one of the routine uses or if it's required by law.

9. To assist a public or private entity that is qualified (as determined by the Secretary of the Department of Health and Human Services (the Secretary)) to use Medicare claims data to evaluate the performance of providers of services and suppliers on measures of quality, efficiency, effectiveness, and resource use; and who agrees to meet the requirements regarding the transparency of their methods and their use and protection of Medicare data as the Secretary may specify, if CMS:

a. Determines that the use or disclosure does not violate legal limitations under which the record was provided, collected, or obtained; and

b. Secures a written statement attesting to the information recipient's understanding of and willingness to abide by these provisions. Every Qualified Entity receiving data must have an agreement with CMS in the form of an Information Exchange Agreement or contract with all security and privacy requirements included. A Data Use Agreement (DUA) (CMS Form 0235) must be completed by the person receiving CMS data in accordance with current CMS policies.

This routine use fulfills the requirement in section 1174(e) of the Social Security Act (42 U.S.C. 1395kk (e)) to make standardized extracts of claims data under Medicare Parts A, B, and D available to a Qualified Entity (QE), recognized by the Secretary to make evaluations of provider/supplier performance in accordance with that section, and that agrees to meet specific requirements regarding the transparency of their methods and their use and protection of Medicare data. The IDR, National Claims History (NCH), CCDR, and Part D data will provide QEs, a broader, longitudinal, national perspective of the performance of Medicare providers/suppliers for use in authorized QE projects that could ultimately improve the care provided to Medicare beneficiaries and the policy that governs the care.

Storage:

Records are stored on both tape cartridges (magnetic storage media) and in a DB2 relational database management environment (DASD data storage media).

Information is most frequently retrieved by HICN, provider number (facility, physician, IDs), service dates, and beneficiary state code.

CMS has protections in place for authorized users to make sure they are properly using the data and there is no unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system cannot use or disclose data until the recipient agrees to implement appropriate management, operational and technical safeguards that will protect the confidentiality, integrity, and availability of the information and information systems.

This system would follow all applicable Federal laws and regulations, and Federal, HHS, and CMS security and data privacy policies and standards. These laws and regulations include but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002 (when applicable); the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E- Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to all pertinent National Institute of Standards and Technology publications, the HHS Information Systems Program Handbook, and the CMS Information Security Handbook.

Records are maintained with identifiers for all transactions after they are entered into the system for a period of 20 years. Records are housed in both active and archival files. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from the Department of Justice.

Director, Centers for Beneficiary Choices, CMS, Mail stop C5-19-07, 7500 Security Boulevard, Baltimore, Maryland 21244 -1850.

For purpose of notification, the subject individual should write to the system manager who will require the system name, and the retrieval selection criteria (e.g., HICN, facility/pharmacy number, service dates, etc.).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Summary prescription drug claim information contained in this system is obtained from the Part D Sponsor daily and monthly drug event transaction reports, Medicare Beneficiary Database (09-70-0530), and other payer information to be provided by the TROOP Facilitator.

None.

73 FR 30943 5/29/08; 74 FR 30606 6/26/09; 76 FR 65196 10/20/11; 78 FR 23938 4/23/13; 78 FR 32257 5/29/13.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

For purposes of this SOR, the system contains information related to health care providers who are individuals who have applied for and have been assigned a NPI. The definition of a health care provider is limited to those entities that furnish or bill and are paid for, health care services in the normal course of business. The statutory definition of a health care provider is found at 45 CFR 160.103.

The system contains name(s), demographic information, (gender, date of birth), provider taxonomy information, address data, contact information, practice location information, and certain optional information such as social security numbers and provider identifiers assigned to these health care providers by health plans.

Authority for maintenance of this system is given under §§ 1173 and 1175 of the Act; as amended by Public Law 104 -191, authorize the assignment of a unique identifier to all health care providers and the maintenance of a data base on containing the information they furnished in their application for an NPI.

The purpose of the NPPES is to collect and maintain, on behalf of the Secretary, information needed to uniquely identify an individual physician or non-physician practitioner, assign a National Provider Identifier (NPI) to that physician or non-physician practitioner, and maintain and update the information in that health care provider's record in NPPES. Information maintained in this system will also be disclosed to: (1) Support the NPI Enumerator and other agency contractors who need NPPES data to perform their contractual requirements; (2) to assist Federal and State agencies to identify health care providers for debt collection under Federal statutes; (3) to assist the Department of Justice in litigation; (4) to support CMS contractors in combating fraud, waste, and abuse in CMS-administered health benefits programs; (5) to support other Federal agencies or States in combating fraud, waste, and abuse in federally-funded programs; and (6) to assist Federal agencies in responding to security breaches of information contained in NPPES.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support Agency contractors (such as the NPI Enumerator contractor), consultants, or grantees that have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need access to the records in order to assist CMS.

2. To assist another Federal or State agency, agency of a State government, agency established by State law, or its fiscal agent to identify health care providers for debt collection under the provisions of the Debt Collection Information Act of 1996 and the Balanced Budget Act of 1997.

3. To assist the Department of Justice (DOJ), court or adjudicatory body when:

a. The Agency or any component thereof, or

b. Any employee of the Agency in his or her official capacity, or

c. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

4. To support a CMS contractor that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS- administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

5. To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in a program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

6. To assist appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, and the information disclosed is relevant and unnecessary for the assistance.

Storage:

All records are stored on paper and magnetic disk.

Magnetic media records are retrieved by the name of the health care provider or the NPI. Paper records are retrieved alphabetically by name of health care provider or the NPI.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements to maintain the confidentiality of protected information.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain identifiable data indefinitely in accordance with 69 FR 3434.

Director, Division of Provider/Supplier Enrollment, Office of Financial Management, CMS, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access by a subject individual, the subject individual may access to view or update his or her own record in NPPES by using his or her NPPES User ID and password or the subject individual should write to the system manager who will require the system name, the subject individual's SSN, and, for verification purposes, the subject individual's name (woman's maiden name, if applicable). NPPES data that are publicly available may be found in the NPI Registry at https://nppes.cms.gov/NPPES/NPIRegistryHome.do and in the downloadable monthly NPPES File at http://nppesdata.cms.gov/CMS_NPI_files.html.

For purpose of access, the same procedures outlined in Notification Procedures above are applicable to subject individuals. Other requestors must write to the system manager and specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Information contained in this system is received from the Form(s) CMS-10114, "National Provider Identifier Application/Update Form."

None.

75 FR 30411 6/1/10; 78 FR 32257 5/29/13.

Level Three Privacy Act Sensitive Data.

CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various co- locations of CMS contractors.

This system will maintain individually identifiable information on individuals and entities that make payments on covered drugs under the Medicare Part D Program.

The collected information will contain name, address, telephone number, health insurance claim number (HICN), gender type, and date of birth.

The statutory authority for this system is given under Part D of Title XVIII of the Social Security Act, as amended by the Medicare Prescription Drug, Improvement, and Modernization Act of 2003.

The purpose of this system is to collect and maintain a master file to establish a "TrOOP" facilitation process, maintain information on individuals and entities that make payments on covered drugs under the Medicare Part D Program, and coordinate TrOOP relevant data from State Pharmaceutical Programs (SPAPs) and other health insurers. Information retrieved from this system may be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, grantee, consultant or other legal agent; (2) support Medicare Prescription Drug Plans (PDP) and Medicare Advantage Prescription Drug Plans (MAPD) directly or through a CMS contractor for the administration of Title XVIII of the Act; (3) assist another Federal or state agency with information to enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (4) assist Quality Improvement Organization (QIO) in connection with review of claims; (5) assist insurance companies and other groups providing protection against medical expenses of their enrollees; (6) assist an individual or organization engaged in the performance activities of the demonstration or in a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects; (7) support constituent requests made to a congressional representative; (8) support litigation involving the agency; and (9) combat fraud and abuse in certain health benefits programs.

C. Entities Who May Receive Disclosures Under Routine Use

These routine uses specify circumstances, in addition to those provided by statute in the Privacy Act of 1974, under which CMS may release information from the TrOOP facilitator without the consent of the individual to whom such information pertains. Each proposed disclosure of information under these routine uses will be evaluated to ensure that the disclosure is legally permissible, including but not limited to ensuring that the purpose of the disclosure is compatible with the purpose for which the information was collected. We propose to establish or modify the following routine use disclosures of information maintained in the system:

To Agency contractors or consultants who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this SOR and who need to have access to the records in order to assist CMS.

1. To Medicare Prescription Drug Plans (PDP) and Medicare Advantage Prescription Drug Plans (MAPD) directly or through the Enterprise Business Services, a CMS intermediary for the administration of Title XVIII of the Act.

2. To another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent pursuant to agreements with CMS to:

d. Contribute to the accuracy of CMS's proper payment of Medicare benefits;

e. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

f. Assist Federal/state Medicaid programs within the state.

3. To Quality Improvement Organization (QIO) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part D of Title XVIII of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare Prescription Drug Program benefits or other drug plan benefits.

4. To insurance companies, underwriters, third party administrators (TPA), employers, self-insurers, group health plans, health maintenance organizations (HMO), health and welfare benefit funds, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, other groups providing protection against medical expenses of their enrollees without the beneficiary's authorization, and any entity having knowledge of the occurrence of any event affecting: (a) An individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer (MSP) provision at 42 U.S.C. 1395y (b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

b. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

c. Utilize the information solely for the purpose of processing the individual's insurance claims; and

d. Safeguard the confidentiality of the data and prevent unauthorized access.

5. To an individual or organization for research, evaluation, or epidemiological projects related to the prevention of disease or disability, and the restoration or maintenance of health, or payment related projects.

6. To a Member of Congress or congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

7. To the Department of Justice (DOJ), court, or adjudicatory body when:

d. The Agency or any component thereof, or

e. Any employee of the Agency in his or her official capacity, or

f. Any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

g. The United States Government, is a party to litigation or has an interest in such litigation, and, by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

8. To a CMS contractor (including, but not limited to fiscal intermediaries and carriers) that assists in the administration of a CMS- administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

9. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any state or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

D. Additional Circumstances Affecting Routine Use Disclosures

This system contains Protected Health Information as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E, 65 FR 82462 (12-28-00). Disclosures of Protected Health Information authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored electronically. Some input may be generated in hardcopy, such as eligibility, enrollment, or other health insurance information before transcription to electronic media.

The collected data are retrieved by an individual identifier; e.g., beneficiary name or HIC number.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

CMS will retain information for a total period not to exceed 25 years. Data residing with the TrOOP facilitation contractor site agent shall be returned to CMS at the end of the contract period, with all data then being the responsibility of CMS for adequate storage and security.

Henry Chao, Manager, Immediate Office of the Director, Office of Information Services, CMS, Room N3-19-23, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For the purpose of access, the subject individual should write to the system manager who will require the system name, address, age, gender type, and, for verification purposes, the subject individual's name (woman's maiden name, if applicable).

For the purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR, parts 160, 162, and 164.)

The subject individual should contact the system manager named above and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7).

None.

70 FR 69569 11/16/05.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, MD 21244-1850 and at various contractor sites and at CMS Regional Offices.

NCH contains billing and utilization information on Medicare beneficiaries enrolled in hospital insurance (Part A) or medical insurance (Part B) of the Medicare program.

Information maintained in this system includes, but is not limited to Medicare billing and utilization data, name, health insurance claim number, ethnicity, gender, date of birth, state and county code, zip code, as well as the basis for the beneficiary's Medicare entitlement. The system also contains provider characteristics, assigned provider number (facility, referring/servicing physician), admission date, service dates, diagnosis and procedural codes, total charges, Medicare payment amount, and beneficiary's liability.

Authority for maintenance of the system is given under §§ 1874(a) and 1875 of the Social Security Act (the Act) and Title 42 United States Code (U.S.C.) section 1395kk(a) and 1395ll.

The primary purpose of this modified system is to collect and maintain billing and utilization data on Medicare beneficiaries enrolled in hospital insurance (Part A) or medical insurance (Part B) of the Medicare program for statistical and research purposes related to evaluating and studying the operation and effectiveness of the Medicare program. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant, or grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) support providers and suppliers of services for administration of Title XVIII; (4) assist third parties where the contact is expected to have information relating to the individual's capacity to manage his or her own affairs; (5) assist QIOs; (6) process individual insurance claims by other insurers; (7) facilitate research on the quality and effectiveness of care provided, as well as payment-related projects; (8) support litigation involving the agency; and (9) combat fraud, waste, and abuse in federally-funded health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support Agency contractors, consultants, or grantees who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist another Federal and/or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To support providers and suppliers of services directly or through fiscal intermediaries or carriers for the administration of Title XVIII of the Act.

4. To assist third party contact in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program and;

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: the individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exist, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: The individual's entitlement to benefits under the Medicare program, the amount of reimbursement, and in cases in which the evidence is being reviewed as a result of suspected fraud and abuse, program integrity, quality appraisal, or evaluation and measurement of activities.

5. To support Quality Improvement Organizations (QIO) in order to assist the QIO to perform Title XI and Title XVIII functions relating to assessing and improving quality of care.

6. To facilitate insurance companies, underwriters, third party administrators (TPA), employers, self-insurers, group health plans, health maintenance organizations (HMO), health and welfare benefit funds, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, other groups providing protection against medical expenses of their enrollees without the beneficiary's authorization, and any entity having knowledge of the occurrence of any event affecting: (a) An individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer (MSP) provision at 42 U.S.C. 1395y (b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. Utilize the information solely for the purpose of processing the individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

7. To assist an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

8. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

9. To assist a CMS contractor (including, but not necessarily limited to, fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

10. To assist another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures. To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

11. To assist a public or private entity that is qualified (as determined by the Secretary of the Department of Health and Human Services (the Secretary)) to use Medicare claims data to evaluate the performance of providers of services and suppliers on measures of quality, efficiency, effectiveness, and resource use; and who agrees to meet the requirements regarding the transparency of their methods and their use and protection of Medicare data as the Secretary may specify, if CMS:

a. Determines that the use or disclosure does not violate legal limitations under which the record was provided, collected, or obtained; and

b. Secures a written statement attesting to the information recipient's understanding of and willingness to abide by these provisions. Every Qualified Entity receiving data must have an agreement with CMS in the form of an Information Exchange Agreement or contract with all security and privacy requirements included. A Data Use Agreement (DUA) (CMS Form 0235) must be completed by the person receiving CMS data in accordance with current CMS policies.

This routine use fulfills the requirement in section 1174(e) of the Social Security Act (42 U.S.C. 1395kk (e)) to make standardized extracts of claims data under Medicare Parts A, B, and D available to a Qualified Entity (QE), recognized by the Secretary to make evaluations of provider/supplier performance in accordance with that section, and that agrees to meet specific requirements regarding the transparency of their methods and their use and protection of Medicare data. The IDR, National Claims History (NCH), CCDR, and Part D data will provide QEs, a broader, longitudinal, national perspective of the performance of Medicare providers/suppliers for use in authorized QE projects that could ultimately improve the care provided to Medicare beneficiaries and the policy that governs the care.

Storage:

All records are stored on both magnetic storage media and in a DB2 relational database management environment (DASD data storage media).

Information in this system is retrieved by HICN, provider number (facility, physician, supplier Ids), service dates, type of bill, Medicare status code, diagnosis, procedural codes, and beneficiary state code.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records will be retained and disposed of in accordance with the National Archives and Records Administration guidelines. Records are housed in both active and archival files. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Integrated Data Program Management, Enterprise Databases Group, Office of Information Services, CMS, Mail Stop N2-17-07, 7500 Security Boulevard, Baltimore, MD 21244-1850.

For purpose of notification, the subject individual should write to the system manager who will require the system name, and the retrieval selection criteria (e.g., HIC, facility ID, physician/supplier number, service dates, type of bill, etc.).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5(a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Fee-for-Service (FFS) billing and utilization information contained in this records system is obtained from the Common Working File.

None.

71 FR 67137 11/20/06; 74 FR 30606 6/26/09; 76 FR 65196 10/20/11; 78 FR 23938 4/23/13; 78 FR 32257 5/29/13.

Level 3 Privacy Act Sensitive

Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850, and at various contractor locations.

Information collected for this system will include but is not limited to, individuals who voluntarily access and who successfully validate information required by the Web-based Application Systems maintained by CMS.

Information collected for this system will include, but is not limited to, last name, gender, Health Insurance Claim Number (HICN), telephone number, geographic location, type of enrollment (Medicare Part A or Part B), and effective date of enrollment in Part A and Part B.

Authority for this system is given under the provisions of Section 101 of the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA) (Public Law 108-173). This new prescription drug benefit program was enacted into law on December 8, 2003, amended Title XVIII of the Social Security Act (the Act), and codified at Title 42 Code of Federal Regulations (CFR) parts 403, 411, 417 and 423 by establishing a new Medicare "Part D" Prescription Drug Benefit program. Part D of Title XVIII of the Act, as amended by the MMA, and its implementing regulations at 42 CFR Parts 403, 411, 417 and 423.

The primary purpose of this system is to provide a Web accessible inquiry system that will provide a mechanism to support an individual beneficiary's efforts in performing drug benefit eligibility queries and to enroll them into selected plans. Information in this system will also be used to: (1) Support regulatory and policy functions performed within the Agency or by a contractor or consultant; (2) assist PDPs and MAPDs directly or through the Enterprise Business Services; (3) support constituent requests made to a Congressional representative; and (4) support litigation involving the Agency related to this system.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To Agency contractors, or consultants who have been contracted by the Agency to assist in accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To Medicare Prescription Drug Plans (PDP) and Medicare Advantage Prescription Drug Plans (MAPD) directly or through the Enterprise Business Services, a CMS intermediary for the administration of Title XVIII of the Act.

3. To a Member of Congress or to a congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

4. To the Department of Justice (DOJ), court or adjudicatory body when

a. The Agency or any component thereof; or

b. any employee of the Agency in his or her official capacity; or

c. any employee of the Agency in his or her individual capacity where the DOJ has agreed to represent the employee; or

d. The United States Government;

Is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation.

B. Additional Provisions Affecting Routine Use Disclosures. This system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E , 65 Fed. Reg. 82462 (12-28-00)). Disclosures of PHI authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information."

In addition, our policy will be to prohibit release even of not directly identifiable information, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

Computer diskette and on magnetic storage media.

Information can be retrieved by the individual identifiable information of the beneficiary.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations include but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger- Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers. Disposal occurs 6 years and 3 months from the time the individual accesses the MPDPF.

Director, Beneficiary Information Services Group, Center for Beneficiary Choices, CMS, Mail Stop S1-01-26, 7500 Security Boulevard, Baltimore, Maryland, 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, and for verification purposes, the subject individual's name (woman's maiden name, if applicable).

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5 (a)(2).)

The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7.)

Sources of information contained in this records system include data collected from the initial voluntary inquiry made by or on behalf of the individual and validated through the Medicare Beneficiary Database.

None.

70 FR 67709 11/8/05.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

ACTS contains information related to allegations of complaints and incidents filed against Medicare/Medicaid-certified providers and suppliers and CLIA-certified laboratories. ACTS contains identifiable information on individuals who are complainants, residents/patients/clients, contacts/witnesses, alleged perpetrators, survey team members, laboratory directors and laboratory owners, including the investigation of complaints and entity-reported incidents.

The system contains demographic and identifying data, as well as survey and deficiency data. Identifying data includes, but is not limited to: name, title, address, city, state, ZIP code, e-mail address, telephone numbers, fax number, licensure number, social security number, Federal tax identification number, alias names, date of birth, gender, date admitted and/or date discharged.

Authority for maintenance of the system is given under §§ 1819, 1864, 1865, 1867, 1891, 1902(a)(9)(A), 1902(a)(33)(B), and 1919 of the Social Security Act, section 353 of the Public Health Service Act (42 United States Code 263a) and 42 Code of Federal Regulations (CFR) Subchapter G.

The primary purpose of this modified system is to track and process complaints and incidents reported against Medicare and/or Medicaid certified providers and suppliers, and CLIA-certified laboratories, these include: skilled nursing facilities, nursing facilities, hospitals, home health agencies, end-stage renal disease facilities, hospices, rural health clinics, comprehensive outpatient rehabilitation facilities, outpatient physical therapy services, community mental health centers, ambulatory surgical centers, suppliers of portable X-ray services, and intermediate care facilities for persons with mental retardation. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or grantee; (2) assist another Federal or state agency, an agency established by state law, or its fiscal agent; (3) assist Quality Improvement Organizations; (4) support constituent requests made to a Congressional representative; (5) support litigation involving the agency; (6) assist a national accreditation organization that has been granted deeming authority by CMS; (7) assist a state-mandated Protection and Advocacy System that provides legal representation and other advocacy services to beneficiaries; and (8) combat fraud and abuse in certain Federally-funded health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants, or to a grantee who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To another Federal and/or state agency, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. assist Federal/state Medicaid programs within the state.

3. To Quality Improvement Organizations (QIO) in order to assist the QIO to perform Title XI and Title XVIII functions relating to assessing and improving quality of care.

4. To a member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained.

5. To the Department of Justice (DOJ), court or adjudicatory body when:

a. the agency or any component thereof, or

b. any employee of the agency in his or her official capacity, or

c. any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

6. To a national accreditation organization that has been granted deeming authority or certified by the Secretary for the purpose of improving the quality of care provided through the provision of health care accreditation and related services that support performance improvement and monitors the quality of deemed providers/suppliers through the investigation of complaints. CMS will provide facility information to approved accreditation organizations on their accredited entities that are deemed for participation in the Medicare program.

7. To a state-designated Protection and Advocacy System that provides legal representation and other advocacy services for the purposes of monitoring, investigating and attempting to remedy adverse conditions, and for responding to allegations of abuse, neglect and violations of the rights of persons with disabilities.

8. To a CMS contractor (including, but not necessarily limited to Medicare administrative contractors, fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such program.

9. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures: To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals who are familiar with the enrollees could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on the magnetic disk sub-system of the Windows 2000 server. Furthermore, these records are saved to magnetic tape backup on a nightly basis.

The Medicare, Medicaid, and CLIA records are retrieved by name of provider/supplier, Medicare provider number, ACTS Intake ID, state assigned Medicaid number, or other CMS assigned numbers, complainant's name, resident/patient/client's name, contact/witness name, alleged perpetrator's name, survey team member's name, surveyor identification number, laboratory director's name, laboratory owner's name or Federal tax identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002; the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003; and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook; and the CMS Information Security Handbook.

CMS will retain identifiable ACTS data for a total period not to exceed 15 years. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of National Systems, Finance, Systems and Budget Group, Center for Medicaid and State Operations, CMS, Mail Stop S3 -13-15, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, provider/supplier's name, date the complaint/incident occurred, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

The following forms and the ACTS software are used to collect ACTS data: Medicare/Medicaid/CLIA Complaint Form (CMS-562); Statement of Deficiencies and Plan of Correction (CMS-2567); Post-Certification Revisit Report (CMS-2567B); Survey Team Composition and Workload Report (CMS-670); Request for Validation of Accreditation Survey for Hospital (CMS-2802); Request for Validation of Accreditation Survey for Laboratory (CMS-2802A); Request for Validation of Accreditation Survey for Hospice (CMS- 2802B); Request for Validation of Accreditation Survey for Home Health Agency (CMS-2802C); and Request for Validation of Accreditation Survey for Ambulatory Surgical Center (CMS-2802D). Request for Survey of 489.20 and 489.24 Essentials of Provider Agreements: Responsibilities of Medicare Participating Hospitals in Emergency Cases (CMS-1541A) and CMS-116-CLIA Laboratory Application.

HHS claims exemption of certain records in the system from notification and access procedures under 5 U.S.C. 522a(k)(2) inasmuch as these records are investigatory materials compiled for program (law) enforcement in anticipation of criminal or administrative proceedings (See Department Regulation (45 CFR 5b.11)).

71 FR 29643 5/23/06.

Appendix A Location of State Servers

North Dakota Department of Health Resources, 600 East Boulevard Avenue, Suite 206, Bismarck, ND 58505.

Department of Health, Facility Licensing and Certification Bureau, 2040 South Pacheco, Colgate Building 2nd Floor, Santa Fe, NM 87505.

Utah Department of Health, M/M Program Certification, 288 North, 1460 West, Salt Lake City, UT 84114-2905.

Department of Public Health and Human Services, Senior and Long Term Care Division, 111 Sanders Avenue, Suite 210, PO Box 4210, Helena, MT 59601.

Division of Medicaid, Bureau of Facility Standards, Myers & Stauffer, 8555 West Hackamore Dr., Suite 100, Boise, ID 83709-1665.

Rhode Island Department of Health, Three Capitol Hill, Cannon Building, Room 306, Providence, RI 02908-5097.

State of Connecticut, Department of Public Health, 410 Capitol Avenue MS#13DPR, PO Box 340308, Hartford, CT 06134-0308.

Minnesota Department of Health, F&PC Division, 85 East 7th Place-Suite 300, PO Box 64900, St. Paul, MN 55101.

Bureau of Quality Assurance, Department of Health and Family Services, 1 West Wilson Street, Suite 150, P.O. Box 7850, Madison, WI 53701-0309.

Louisiana Department of Health and Hospitals, Health Standards Section, 500 Laurel Street, Suite 100, Baton Rouge, LA 70801.

Texas Department of Human Services (TDHS), 701 West 51st Street, P.O. Box 149030, MC W-519, Austin, TX 78751.

Alabama Department of Public Health, Division of Health Care Facilities, 201 Monroe Street, Suite 840, PO Box 303017, Montgomery, AL 36104-3017.

Division of Emergency Medical Services, 570 East Woodrow Wilson Blvd., Third Floor A-300, Jackson, MS 39215.

State of New Jersey, Department of Health and Senior Services Long Term Care. Systems Development and Quality, 120 S Stockton Street, lower level, Trenton, NJ 08625.

Office of Health Facilities Licensing and Certification, LTC Residents Protection, Three Mill Road, Suite 308, Wilmington, DE 19806.

Colorado Department of Public Health and Environment, Health Facilities Division, HFD-a2, 4300 Cherry Creek Drive, South, Second Floor, Denver, CO 80246-1530.

Office of Health Quality, 2020 Carey Avenue, First Bank Building, 8th Floor, Cheyenne, WY 82002.

Department of Health & Human Services Division of Facility Services Licensure and Certification Section, 805 Briggs Drive, Raleigh, NC 27603.

SCDHEC, Division of Certification, 1777 Saint Julian Place, Suite 302, Columbia, SC 29204.

Seniors and People with Disabilities, 875 Union St.--4th Fl., Salem, OR 97310.

AASA--Division of Residential Services, 0B2 1115 North Washington, Olympia, WA 98503.

Myers and Stauffer, 6380 Flank Drive, Suite 100, Harrisburg, PA 17112.

DHHR, Management Information Services, 350 Capital Street, Room 206, Third Floor Computer Room, Charleston, WV 25301-3178.

Office of Regulatory Services, Georgia Department of Human Resources, 2 Peachtree Street North West, Suite 24, Atlanta, GA 30303-3167.

Management Information Systems, Agency for Health Care Administration, 2727 Mahan Dr, Fort Knox, Bldg 3, Room 100, MS9a, Tallahassee, FL 32308-5403.

Illinois Department of Public Aid, Division of Medical Programs, 201 South Grand Avenue, East, Prescott Bloom Bldg. 2nd floor, Springfield, IL 62763.

Indiana State Department of Health, 2 North Meridian Street, Indianapolis, IN 46204.

Cabinet for Health Services Office of Inspector General, 275 East Main Street 5E-A, Frankfurt, KY 40621.

Tennessee Department of Health, Division of Health Care Facilities, 426 5th Avenue, North, Cordell Hull Building, 1st Floor, Nashville, TN 37247-0508.

Massachusetts Department of Public Health, Division of Health Care Quality, 10 West Street, 5th floor, Boston, MA 02111.

Division of Licensing and Protection, 103 South Main Street, Ladd Hall room 898, Waterbury, VT 05671.

Missouri Department of Social Services, Division of Aging, 615 Howerton Court, Jefferson City, MO 65109.

Department of Human Services DMS/OLTC/ Reimbursement Unit, 700 Main, 4th Floor, PO Box 8059--Slot 407, Little Rock, AR 72203-8059.

Oklahoma State Department of Health, SHS, 1000 North East 10th Street, Oklahoma City, OK 73117-1299.

Myers & Stauffer Consulting Services, 4123 Southwest Gage Center Drive, Suite 200, Topeka, KS 66604.

Bureau of Licensure and Certification, 1550 East College Parkway, Suite 158, Carson City, NV 89706.

Arizona Department of Health Services, 1647 East Morten Ave., Suite 200, Phoenix, AZ 85020.

Virginia Department of Health, 1500 East Main Street, Room 211, Main Street Station, Richmond, VA 23219.

Department of Consumer and Regulatory Affairs, Service Facility Regulation Administration, 825 N Capitol Street NE., 2nd Floor LRA--Room 221, Washington, DC 20002.

Michigan Department of Community Health, 300 East Michigan, Chandler River Plaza Building, Lansing, MI 48933.

Ohio Department of Health, 246 N. High St., 3rd Floor, Columbus, OH 43215.

Dept of Human Services, 442 Civic Center Drive, Augusta, ME 04330.

Department of Health and Human Services, Office of Program Support, Office of Information Systems, 129 Pleasant Street, Brown Bldg., Concord, NH 03301-3857.

Office of Health Care Assurance, 601 Kamokila, RM 395, Kapolei, HI 96707.

South Dakota Department of Social Services, Office of Adult Services and Aging, 700 Governors Drive, Pierre, SD 57501.

California Department of Health Services, Licensing and Certification, 630 Bercut Dr. Suite B, Sacramento, CA 95814.

State of Maryland, Department of Health Care Quality, 55 Wade Avenue, Spring Grove Center, Bland Bryant Bldg., Fourth Floor, Catonsville, MD 21228.

Department of Health and Human Services, Medicaid Division, PO Box 95026--301 Centennial Mall, South, 5th Floor, Lincoln, NE 68509.

DHHS Div of Med. Assistance Heath Facilities Licensing and Certification, 4730 Business Park Boulevard, Suite 18, Anchorage, AK 99503.

NYS Dept. of Health, Empire State Plaza, Concourse Room 148, Albany, NY 12237.

Virgin Islands, IFMC, 6000 Westown Parkway, West Des Moines, IA 50266.

Puerto Rico Department of Health, Assistant Secretariat for the Regulation and Accreditation of Health Facilities, Former Ruez Soler Hospital Road #2, Bayamon, PR 00959.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850. This system is also located in locations listed in Appendix A.

MAS contains information concerning Medicare beneficiaries, physicians, providers, practitioners, suppliers and other persons involved in furnishing items and services to health insurance beneficiaries.

Information on beneficiaries includes, but is not limited to: Name, address, social security number (SSN), health insurance claim number (HICN), medical services, equipment and supplies for which Medicare reimbursement is requested, and materials used to determine the amount of benefits allowable under Medicare. Information on appellants, physicians, and other persons includes, but is not limited to: name, work address, work phone number, and assigned provider identification number, specialty, medical services for which Medicare reimbursement is requested, and materials used to determine amounts of benefits allowable under Medicare.

Authority for maintenance of the system is given under § 205 of Title II, §§ 1155 and 1156 of Title XI, §§ 1812, 1814, 1816, 1842, 1869, and 1872 of Title XVIII of the Social Security Act (the Act), as amended (42 United States Code (U.S.C.) sections 405, 1320c-4, 1320c-5, 1395d, 1395f, 1395h, 1395u, 1395ff, and 1395ii). Additional authority for this system is given under the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (Public Law (Pub. L.) 108-173).

The primary purpose of this modified system is to collect and maintain information necessary to: (1) Process level two and level three appeal requests made by an appellant or appealing party; (2) track appeal data, including: status, type, history, timeliness, and decisions; and (3) respond to future correspondence related to the case. The information retrieved from this system of records will also be disclosed to: (1) Support regulatory and policy functions performed within the agency or by a contractor, consultant, or grantee; (2) another Federal agency; (3) assist Quality Improvement Organizations; (4) support litigation involving the agency; and (5) combat fraud, waste, and abuse.

A. The Privacy Act Allows Us To Disclose Information Without an Individual's Consent if the Information Is To Be Used for a Purpose That Is Compatible With the Purpose(s) for Which the Information Was Collected.

Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractor, consultant, or grantee who have been engaged by the agency to assist in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to assist CMS.

2. To assist another Federal agency in the accomplishment of a CMS function relating to the purposes for this system and who need to have access to the records in order to support CMS.

3. To assist Quality Improvement Organizations (QIO) in connection with the review of claims, or in connection with studies or other review activities, conducted pursuant to Part B of Title XI of the Act and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

4. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

5. To a CMS contractor (including, but not necessarily limited to, fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

6. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures.

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that an individual could, because of the small size of the information provided, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on computer diskette and magnetic storage media.

Information can be retrieved by the name, SSN, HICN, and assigned provider number.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: all pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records are maintained in a secure storage area with identifiers. Disposal occurs ten years after the final determination of the case is completed. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of Appeals Operations, Medicare Enrollment and Appeals Group, Center for Beneficiary Choices, CMS, Mail Stop S1 -05-06, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. In addition the individual should state the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Sources on information contained in this records system include data collected from the individual on the completed form requesting a Medicare hearing or appeal. In addition, information contained in this system may be obtained from Medicare carriers or intermediaries and Quality Improvement Organizations' records.

None.

71 FR 54489 9/15/06.

Appendix A. Health Insurance Claims Medicare records are maintained at the CMS Central Office (see section 1 below for the address). Health Insurance Records of the Medicare program can also be accessed through a representative of the CMS Regional Office (see section 2 below for addresses). Medicare claims records are also maintained by private insurance organizations that share in administering provisions of the health insurance programs. These private insurance organizations, referred to as carriers and intermediaries, are under contract to the Centers for Medicare & Medicaid Services to perform specific task in the Medicare program (see section 3 below for addresses for intermediaries, section 4 for addresses for carriers, and section 5 for addresses for the Payment Safeguard Contractors).

1. Central Office Address CMS Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

2. CMS Regional Offices • Boston Region--Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont. John F. Kennedy Federal Building, Room 1211, Boston, Massachusetts 02203. Office Hours: 8:30 a.m.-5 p.m.

• New York Region--New Jersey, New York, Puerto Rico, Virgin Islands. 26 Federal Plaza, Room 715, New York, New York 10007. Office Hours: 8:30 a.m.-5 p.m.

• Philadelphia Region--Delaware, District of Columbia, Maryland, Pennsylvania, Virginia, West Virginia. Post Office Box 8460, Philadelphia, Pennsylvania 19101. Office Hours: 8: 30 a.m.-5 p.m.

• Atlanta Region--Alabama, North Carolina, South Carolina, Florida, Georgia, Kentucky, Mississippi, Tennessee. 101 Marietta Street, Suite 702, Atlanta, Georgia 30223. Office Hours: 8:30 a.m.-4:30 p.m.

• Chicago Region--Illinois, Indiana, Michigan, Minnesota, Ohio, Wisconsin. Suite A--824, Chicago, Illinois 60604. Office Hours: 8 a.m.-4:45 p.m.

• Dallas Region--Arkansas, Louisiana, New Mexico, Oklahoma, Texas. 1200 Main Tower Building, Dallas, Texas. Office Hours: 8 a.m.-4:30 p.m.

• Kansas Region--Iowa, Kansas, Missouri, Nebraska. New Federal Office Building, 601 East 12th Street--Room 436, Kansas City, Missouri 64106. Office Hours: 8 a.m.-4:45 p.m.

• Denver Region--Colorado, Montana, North Dakota, South Dakota, Utah, Wyoming. Federal Office Building, 1961 Stout St-- Room 1185, Denver, Colorado 80294. Office Hours: 8 a.m.-4:30 p.m.

• San Francisco Region--American Samoa, Arizona, California, Guam, Hawaii, Nevada. Federal Office Building, 10 Van Ness Avenue, 20th Floor, San Francisco, California 94102. Office Hours: 8 a.m.-4:30 p.m.

• Seattle Region--Alaska, Idaho, Oregon, Washington. 1321 Second Avenue, Room 615, Mail Stop 211, Seattle, Washington 98101. Office Hours: 8 a.m.-4:30 p.m.

3. Intermediary Addresses (Hospital Insurance) • Medicare Coordinator, Assoc. Hospital Serv. Main (ME BC), 2 Gannett Drive, South Portland, ME 04106-6911.

• Medicare Coordinator, Anthem New Hampshire, 300 Goffs Falls Road, Manchester, NH 03111-0001.

• Medicare Coordinator, BC/BS Rhode Island (RI BC), 444 Westminster Street, Providence, RI 02903-3279.

• Medicare Coordinator, Empire Medicare Services, 400 S. Salina Street, Syracuse, NY 13202.

• Medicare Coordinator, Cooperativa, P.O. Box 363428, San Juan, PR 00936-3428.

• Medicare Coordinator, Maryland B/C, P.O. Box 4368, 1946 Greenspring Ave., Timonium, MD 21093.

• Medicare Coordinator, Highmark, P5103, 120 Fifth Avenue Place, Pittsburgh, PA 15222-3099.

• Medicare Coordinator, United Government Services, 1515 N. Rivercenter Dr., Milwaukee, WI 53212.

• Medicare Coordinator, Alabama B/C, 450 Riverchase Parkway East, Birmingham, AL 35298.

• Medicare Coordinator, Florida B/C, 532 Riverside Ave., Jacksonville, FL 32202-4918.

• Medicare Coordinator, Georgia B/C, P.O. Box 9048, 2357 Warm Springs Road, Columbus, GA 31908.

• Medicare Coordinator, Mississippi B/C B MS, P.O. Box 23035, 3545 Lakeland Drive, Jackson, MI 9225-3035.

• Medicare Coordinator, North Carolina B/C, P.O. Box 2291, Durham, NC 27702-2291.

• Medicare Coordinator, Palmetto GBA A/RHHI, 17 Technology Circle, Columbia, SC 29203-0001.

• Medicare Coordinator, Tennessee B/C, 801 Pine Street, Chattanooga, TN 37402-2555.

• Medicare Coordinator, Anthem Insurance Co. (Anthem IN), P.O. Box 50451, 8115 Knue Road, Indianapolis, IN 46250-1936.

• Medicare Coordinator, Arkansas B/C, 601 Gaines Street, Little Rock, AR 72203.

• Medicare Coordinator, Group Health of Oklahoma, 1215 South Boulder, Tulsa, OK 74119-2827.

• Medicare Coordinator, Trailblazer, P.O. Box 660156, Dallas, TX 75266-0156.

• Medicare Coordinator, Cahaba GBA, Station 7, 636 Grand Avenue, Des Moines, IA 50309-2551.

• Medicare Coordinator, Kansas B/C, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629-0001.

• Medicare Coordinator, Nebraska B/C, P.O. Box 3248, Main PO Station, Omaha, NE 68180-0001.

• Medicare Coordinator, Mutual of Omaha, P.O. Box 1602, Omaha, NE 68101.

• Medicare Coordinator, Montana B/C, P.O. Box 5017, Great Falls Div., Great Falls, MT 59403-5017.

• Medicare Coordinator, Noridian, 4510 13th Avenue S.W., Fargo, ND 58121-0001.

• Medicare Coordinator, Utah B/C, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

• Medicare Coordinator, Wyoming B/C, 4000 House Avenue, Cheyenne, WY 82003.

• Medicare Coordinator, Arizona B/C, P.O. Box 37700, Phoenix, AZ 85069.

• Medicare Coordinator, UGS, P.O. Box 70000, Van Nuys, CA 91470-0000.

• Medicare Coordinator, Regents BC, P.O. Box 8110 M/S D-4A, Portland, OR 97207-8110.

• Medicare Coordinator, Premera BC, P.O. Box 2847, Seattle, WA 98111-2847.

4. Medicare Carriers • Medicare Coordinator, NHIC, 75 Sargent William Terry Drive, Hingham, MA 02044.

• Medicare Coordinator, B/S Rhode Island (RI BS), 444 Westminster Street, Providence, RI 02903-2790.

• Medicare Coordinator, Trailblazer Health Enterprises, Meriden Park, 538 Preston Ave., Meriden, CT 06450.

• Medicare Coordinator, Upstate Medicare Division, 11 Lewis Road, Binghamton, NY 13902.

• Medicare Coordinator, Empire Medicare Services, 2651 Strang Blvd., Yorktown Heights, NY 10598.

• Medicare Coordinator, Empire Medicare Services, NJ, 300 East Park Drive, Harrisburg, PA 17106.

• Medicare Coordinator, Triple S, #1441 F.D., Roosevelt Ave., Guaynabo, PR 00968.

• Medicare Coordinator, Group Health Inc., 4th Floor, 88 west End Avenue, New York, NY 10023.

• Medicare Coordinator, Highmark, P.O. Box 89065, 1800 Center Street, Camp Hill, PA 17089-9065.

• Medicare Coordinator, Trailblazers Part B, 11150 McCormick Drive, Executive Plaza 3 Suite 200, Hunt Valley, MD 21031.

• Medicare Coordinator, Trailblazer Health Enterprises, Virginia, P.O. Box 26463, Richmond, VA 23261-6463. United Medicare Coordinator, Tricenturion, 1 Tower Square, Hartford, CT 06183.

• Medicare Coordinator, Alabama B/S, 450 Riverchase Parkway East, Birmingham, AL 35298.

• Medicare Coordinator, Cahaba GBA, 12052 Middleground Road, Suite A, Savannah, GA 31419.

• Medicare Coordinator, Florida B/S, 532 Riverside Ave., Jacksonville, FL 32202-4918.

• Medicare Coordinator, Administar Federal, 9901 Linnstation Road, Louisville, KY 40223.

• Medicare Coordinator, Palmetto GBA, 17 Technology Circle, Columbia, SC 29203-0001.

• Medicare Coordinator, CIGNA, 2 Vantage Way, Nashville, TN 37228.

• Medicare Coordinator, Railroad Retirement Board, 2743 Perimeter Parkway, Building 250, Augusta, GA 30999.

• Medicare Coordinator, Cahaba GBA, Jackson Miss., P.O. Box 22545, Jackson, MI 39225-2545.

• Medicare Coordinator, Administar Federal (IN), 8115 Knue Road, Indianapolis, IN 46250-1936.

• Medicare Coordinator, Wisconsin Physicians Service, P.O. Box 8190, Madison, WI 53708-8190.

• Medicare Coordinator, Nationwide Mutual Insurance Co., P.O. Box 16788, 1 Nationwise Plaza, Columbus, OH 3216-6788.

• Medicare Coordinator, Arkansas B/S, 601 Gaines Street, Little Rock, AR 72203.

• Medicare Coordinator, Arkansas-New Mexico, 601 Gaines Street, Little Rock, AR 72203.

• Medicare Coordinator, Palmetto GBA--DMERC, 17 Technology Circle, Columbia SC 29203-0001.

• Medicare Coordinator, Trailblazer Health Enterprises, 901 South Central Expressway, Richardson, TX 75080.

• Medicare Coordinator, Nordian, 636 Grand Avenue, Des Moines, IA 50309-2551.

• Medicare Coordinator, Kansas B/S, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629.

• Medicare Coordinator, Kansas B/S--NE, P.O. Box 239, 1133 Topeka Ave., Topeka, KS 66629.

• Medicare Coordinator, Montana B/S, P.O. Box 4309, Helena, MT 59601.

• Medicare Coordinator, Nordian, 4305 13th Avenue South, Fargo, ND 58103-3373.

• Medicare Coordinator, Noridian BCBSND (CO), 730 N. Simms #100, Golden, CO 80401-4730.

• Medicare Coordinator, Noridian BCBSND (WY), 4305 13th Avenue South, Fargo, ND 58103-3373.

• Medicare Coordinator, Utah B/S, P.O. Box 30270, 2455 Parleys Way, Salt Lake City, UT 84130-0270.

• Medicare Coordinator, Transamerica Occidental, P.O. Box 54905, Los Angeles, CA 90054-4905.

• Medicare Coordinator, NHIC--California, 450 W. East Avenue, Chico, CO 95926.

• Medicare Coordinator, Cigna, Suite 254, 3150 Lakeharbor, Boise, ID 83703.

• Medicare Coordinator, Cigna, Suite 506, 2 Vantage Way, Nashville, TN 37228.

5. Payment Safeguard Contractors • Medicare Coordinator, Aspen Systems Corporation, 2277 Research Blvd., Rockville, MD 20850.

• Medicare Coordinator, DynCorp Electronic Data Systems (EDS), 11710 Plaza America Drive 5400 Legacy Drive, Reston, VA 20190 -6017.

• Medicare Coordinator, Lifecare management Partners Mutual of Omaha Insurance Co., 6601 Little Rive Turnpike, Suite 300 Mutual of Omaha Plaza, Omaha, NE 68175.

• Medicare Coordinator, Reliance Safeguard Solutions, Inc., P.O. Box 30207 400 South Salina Street, 2890 East Cottonwood Parkway, Syracuse, NY 13202.

• Medicare Coordinator, Science Applications International Inc., 6565 Arlington Blvd. P.O. Box 100282, Falls Church, VA.

• Medicare Coordinator, California Medical Review, Inc., Integriguard Division Federal Sector Civil Group One Sansome Street, San Francisco, CA 94104-4448.

• Medicare Coordinator, Computer Sciences Corporation Suite 600 3120 Timanus Lane, Baltimore, MD 21244.

• Medicare Coordinator, Electronic Data System (EDS), 11710 Plaza American Drive, 5400 Legacy Drive, Plano, TX 75204.

• Medicare Coordinator, TriCenturion, L.L.C., P.O. Box 100282, Columbia, SC 29202.

6. Qualified Independent Contractors

• Medicare Contractor, Maximus Federal Services, Inc., 1040 First Avenue, Suite 400, King of Prussia, PA 19406.

• Medicare Contractor, Maximus Federal Services, Inc., 50 Square Drive, Victor, NY 19406.

• Medicare Contractor, Q₂ Administrators, 17 Technology Circle, Columbia, SC 29203. Medicare Contractor, Q

₂Administrators, 5150 East Dublin-Granville Road, Suite 200, Westerville, OH 43081. Medicare Contractor, First Coast Service Options, 532 Riverside Avenue, Jacksonville, FL 32202.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

This system will maintain information on Medicare beneficiaries Parts A, B, C, and D and physicians, providers, employer plans, Medicaid recipients and Medicare secondary payers.

Information maintained in the system include, but are not limited to: Standard data for identification such as health insurance claim number, social security number, gender, race/ethnicity, date of birth, geographic location, Medicare enrollment, entitlement, and utilization information, Medicaid enrollment, entitlement, and utilization information, MSP data necessary for appropriate Medicare claim payment, hospice election, MA plan elections and enrollment, End Stage Renal Disease (ESRD) entitlement, historic and current listing of residences, and Medicare eligibility and Managed Care institutional status.

Authority for maintenance of this system is given under section 1893 of the Social Security Act.

The primary purpose of this system is to establish an enterprise resource that will provide a single source of information for all CMS fraud and abuse activities. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or grantee; (2) assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent; (3) support Quality Improvement Organizations (QIO); (4) assist other insurers for processing individual insurance claims; (5) facilitate research on the quality and effectiveness of care provided, as well as payment related projects; (6) support litigation involving the agency; and (7) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants or grantees who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity.

2. To another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare and Medicaid benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/State Medicaid programs within the State.

3. To Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

4. To insurance companies, underwriters, third party administrators (TPA), employers, self-insurers, group health plans, health maintenance organizations (HMO), health and welfare benefit funds, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, other groups providing protection against medical expenses of their enrollees without the beneficiary's authorization, and any entity having knowledge of the occurrence of any event affecting: (a) An individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer (MSP) provision at 42 U.S.C. 1395y (b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA;

b. Utilize the information solely for the purpose of processing the individual's insurance claims; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

5. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

6. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

7. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

8. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164-512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored electronically.

All records are accessible by HICN, SSN, and unique provider identification number.

CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records will be retained until an approved disposition authority is obtained from the National Archives and Records Administration. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Division of MMA Integrity, Program Integrity Group, Office of Financial Management, CMS, Mailstop: C3-02-16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

The data contained in this system of records are extracted from other CMS systems of records: Medicare Drug Data Processing System; Medicare Beneficiary Database; Medicare Advantage Prescription Drug System; State Medicaid Records; Medicaid Statistical Information System; Retiree Drug Subsidy Program; Common Working File; National Claims History; Enrollment Database; Carrier Medicare Claims Record; Intermediary Medicare Claims Record; Unique Physician/Provider Identification Number; Provider Enrollment Chain & Ownership System (PECOS); and Medicare Supplier Identification File. Information will also be provided from the participating state Medicaid agencies.

None.

71 FR 64530 11/2/06; 74 FR 30606 6/26/09.

Level Three Privacy Act Sensitive Data.

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various contractor sites and at CMS Regional Offices.

This system will collect and maintain individually identifiable and other data collected on Medicare and potentially, Medicaid beneficiaries who require treatment in a designated acute care or post-acute care provider. We will also collect certain identifying information on Medicare providers who provide services to such beneficiaries.

The collected information will include, but is not limited to: Medicare claims and eligibility data, name, health insurance claims number (HICN), social security number (SSN) (the submission of a beneficiary's SSN is optional), race/ethnicity, gender, date of birth, provider name, unique CMS Certification Number (CCN), medical record number, as well as clinical, demographic, medication, procedure, treatment information, health/well-being, and background information relating to Medicare issues. Data will be collected from Medicare administrative and claims records, PAC-CARE site administrative data systems, patient medical charts, physician records, and via information submitted by beneficiaries and providers.

The statutory authority for this system is given under Sections 5008 of the Deficit Reduction Act of 2005.

The primary purpose of this proposed system is to collect and maintain, and release when appropriate, demographic, health records, and health resource use related data on the target population of Medicare and potentially, Medicaid beneficiaries who require treatment by a designated acute care or post-acute care provider. We will also collect certain identifying information on Medicare providers who provide services to such beneficiaries. Information retrieved from this system may be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, grantee, consultant or other legal agent; (2) assist another Federal or state agency with information to contribute to the accuracy of CMS's proper payment of Medicare benefits, enable such agency to administer a Federal health benefits program, or to enable such agency to fulfill a requirement of Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; (3) support an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects; (4) support the functions of Quality Improvement Organizations; (5) support the functions of national accreditation organizations; (6) permit the release of personal health information to complete a transfer-out (discharge) event and/or a transfer-in (admission) event; (7) support litigation involving the agency; and (8) combat fraud, waste, and abuse in certain Federally-funded health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To agency contractors, consultants or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity.

2. To another Federal or state agency to:

a. Contribute to the accuracy of CMS's proper payment of Medicare benefits;

b. Enable such agency to administer a Federal health benefits program, or, as necessary, to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds; and/or

c. Assist Federal/state Medicaid programs within the state.

3. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

4. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans.

5. To assist national accreditation organization(s) whose accredited facilities are deemed to meet certain Medicare conditions of participation for inpatient hospital rehabilitation services (e.g., the Joint Commission and the American Osteopathic Association) with their survey process, information will be released by CMS for only those providers that they deem and that participate in the Medicare program and if they meet the following requirements:

a. Provide identifying information for post acute care facilities that have deemed status with the requesting accreditation organization;

b. Submission of a finder file identifying beneficiaries/patients receiving post acute care services;

c. Safeguard the confidentiality of the data and prevent unauthorized access; and

d. Upon completion of a signed data exchange agreement or a CMS data use agreement.

6. To assist with a transfer-out event from a discharging acute or post-acute care provider and/or a transfer-in event to an admitting acute or post-acute care provider to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits; and

b. Enable such providers to ensure the proper transfer of health records, and/or as necessary to enable such a provider to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal fund.

Individuals from the admitting providers will only be granted access to personal health information, if they have the approved, authenticated, role-based authority, and the defined need for access to that information. Individuals will only be granted access to information if they meet the following requirements:

a. Provide an attestation or other qualifying information that they are providing assistance to a qualified acute or post-acute care beneficiary receiving care/services through their provider site;

b. Have physically admitted the beneficiary to their care site, and are initiating an assessment of the beneficiary, and can validate the beneficiary's name, HICN (or payer number or SSN), date of birth, and gender;

c. Safeguard the confidentiality of the data and prevent unauthorized access; and

d. Accept a written, on-line statement attesting to the information recipient's understanding of and willingness to abide by these provisions.

7. To the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government is a party to litigation or has an interest in such litigation, and, by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

8. To a CMS contractor (including, but not necessarily limited to, Medicare Administrative Contractors (MAC), fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, and abuse in such program.

9. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures.

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary).

Storage:

All records are stored on magnetic media.

The Medicare records are retrieved by the HICN and SSN.

CMS has safeguards in place for authorized users and monitors such users to ensure against unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access.

This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002; the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the DHHS Information Systems Program Handbook and the CMS Information Security Handbook.

Records will be retained until an approved disposition authority is obtained from the National Archives and Records Administration. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ.

Director, Research and Evaluation Group, Office of Research Development & Information, Mail Stop C3-19-26, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, MD 21244-1849.

For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay.

For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)).

The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7).

Data will be collected from Medicare administrative and claims records (Outcome and Assessment Information Set, Inpatient Rehabilitation Facilities Patient Assessment Instrument, Long Term Care Minimum Data Set), post-acute care site administrative data systems, patient medical charts, physician records, and via information submitted by beneficiaries and providers.

None.

72 FR 55225 9/28/07; 74 FR 30606 6/26/09.

Level Three Privacy Act Sensitive Data

The Centers for Medicare & Medicaid Services (CMS) Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850.

This system maintains information on individuals age 65 or over who have been, or currently are, entitled to health insurance (Medicare) benefits under Title XVIII of the Social Security Act (the Act) or under provisions of the Railroad Retirement Act; individuals under age 65 who have been, or currently are, entitled to such benefits on the basis of having been entitled for not less than 24 months to disability benefits under Title II of the Act or under the Railroad Retirement Act; individuals who have been, or currently are, entitled to such benefits because they have End-Stage Renal Disease (ESRD); individuals age 64 and 8 months or over who are likely to become entitled to health insurance (Medicare) benefits upon attaining age 65, and individuals under age 65 who have at least 21 months of disability benefits who are likely to become entitled to Medicare upon the 25th month or entitlement to such benefits and those populations that are dually eligible for both Medicare and Medicaid (Title XIX of the Act). Additionally, this system will maintain information on Medicare beneficiaries Parts A, B, C, and D and physicians, providers, employer plans, Medicaid recipients and Medicare secondary payers.

Information maintained in the system include, but are not limited to: standard data for identification such as health insurance claim number, social security number, gender, race/ethnicity, date of birth, geographic location, Medicare enrollment and entitlement information, MSP data necessary for appropriate Medicare claim payment, hospice election, MA plan elections and enrollment, End Stage Renal Disease (ESRD) entitlement, historic and current listing of residences, and Medicare eligibility and Managed Care institutional status. Additionally, this system will maintain identifying information on physicians, providers, employer plans, Medicaid recipients and Medicare secondary payers.

Authority for the collection of data maintained in this system is given under §§ 226, 226A, 1811, 1818, 1818A, 1831, 1833(a)(1)(A), 1836, 1837, 1838, 1843, 1866, 1874a, 1875, 1876, 1881, and 1902(a)(6) of the Social Security Act (the Act). The following are the corresponding sections from Title 42 of the United States Code (U.S.C.): 426, 426-1, 1395c, 1395i-2, 1395i-2a, 1395j, 1395l(a)(1)(A), 1395o, 1395p, 1395q, 1395v, 1395cc, 1395kk-l, 1395ll, 1395mm, 1395rr, 1396a(a)(6), and § 101 of the Medicare Prescription Drug, Improvement, and Modernization Act of 2003 (MMA) (Pub. L. 108-173), which established the Medicare Part D program.

The primary purpose of this system is to establish an enterprise resource that will provide one integrated view of all CMS data to administer the Medicare and Medicaid programs. Information retrieved from this system of records will also be disclosed to: (1) Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or CMS grantee; (2) assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent; (3) support providers and suppliers of services for administration of Title XVIII; (4) assist third parties where the contact is expected to have information relating to the individual's capacity to manage his or her own affairs; (5) assist Medicare Advantage Plans and Part D Prescription Drug Plans; (6) support Quality Improvement Organizations (QIO); (7) assist other insurers for processing individual insurance claims; (8) facilitate research on the quality and effectiveness of care provided, as well as payment related projects; (9) support litigation involving the agency; and (10) combat fraud, waste, and abuse in certain health benefits programs.

A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a "routine use." The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system:

1. To support agency contractors, consultants or grantees who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity.

2. To assist another Federal or state agency, agency of a state government, an agency established by state law, or its fiscal agent to:

a. Contribute to the accuracy of CMS' proper payment of Medicare benefits,

b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or

c. Assist Federal/state Medicaid programs within the state.

3. To support providers and suppliers of services directly or through fiscal intermediaries or carriers for the administration of Title XVIII of the Act.

4. To assist third party contact in situations where the party to be contacted has, or is expected to have information relating to the individual's capacity to manage his or her affairs or to his or her eligibility for, or an entitlement to, benefits under the Medicare program; and

a. The individual is unable to provide the information being sought (an individual is considered to be unable to provide certain types of information when any of the following conditions exists: The individual is confined to a mental institution, a court of competent jurisdiction has appointed a guardian to manage the affairs of that individual, a court of competent jurisdiction has declared the individual to be mentally incompetent, or the individual's attending physician has certified that the individual is not sufficiently mentally competent to manage his or her own affairs or to provide the information being sought, the individual cannot read or write, cannot afford the cost of obtaining the information, a language barrier exists, or the custodian of the information will not, as a matter of policy, provide it to the individual), or

b. The data are needed to establish the validity of evidence or to verify the accuracy of information presented by the individual, and it concerns one or more of the following: the individual's entitlement to benefits under the Medicare program, the amount of reimbursement, and in cases in which the evidence is being reviewed as a result of suspected fraud, waste, and abuse, program integrity, quality appraisal, or evaluation and measurement of activities.

5. To assist Medicare Advantage Plans, Part D Prescription Drug Plans and their Prescription Drug Event submitters, providing protection against medical expenses of their enrollees without the beneficiary's authorization, and having knowledge of the occurrence of any event affecting (a) an individual's right to any such benefit or payment, or (b) the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer provision at 42 U.S.C. 1395y(b).

Information to be disclosed shall be limited to Medicare entitlement, enrollment and utilization data necessary to perform that specific function. In order to receive the information, they must agree to:

a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a Third Party Administrator;

b. Utilize the information solely for the purpose of processing the individual's enrollment or insurance claim; and

c. Safeguard the confidentiality of the data and prevent unauthorized access.

6. To support Quality Improvement Organizations (QIO) in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans. As established by the Part D Program, QIOs will conduct reviews of prescription drug events data, or in connection with studies or other review activities conducted pursuant to Part D of Title XVIII of the Act.

7. To assist other insurers, underwriters, third party administrators (TPAs), self-insurers, group health plans, employers, health maintenance organizations, health and welfare benefit funds, Federal agencies, a state or local government or political subdivision of either (when the organization has assumed the role of an insurer, underwriter, or third party administrator, or in the case of a state that assumes the liabilities of an insolvent insurers pool or fund), multiple-employers trusts, no-fault medical, automobile insurers, workers' compensation carriers plans, liability insurers, and other groups providing protection against medical expenses who are primary payers to Medicare in accordance with 42 U.S.C. 1395y(b), or any entity having knowledge of the occurrence of any event affecting;

a. An individual's right to any such benefit or payment, or

b. The initial or continued right to any such benefit or payment (for example, a State Medicaid Agency, State Workers' Compensation Board, or Department of Motor Vehicles) for the purpose of coordination of benefits with the Medicare program and implementation of the MSP provisions at 42 U.S.C. 1395y(b). The information CMS may disclose will be:

• Beneficiary Name

• Beneficiary Address

• Beneficiary Health Insurance Claim Number

• Beneficiary Social Security Number

• Beneficiary Gender

• Beneficiary Date of Birth

• Amount of Medicare Conditional Payment

• Provider Name and Number

• Physician Name and Number

• Supplier Name and Number

• Dates of Service

• Nature of Service

• Diagnosis

To administer the MSP provision at 42 U.S.C. 1395y(b)(2), (3), and (4) more effectively, CMS would receive (to the extent that it is available) and may disclose the following types of information from insurers, underwriters, third party administrator, self-insurers, etc.:

• Subscriber Name and Address

• Subscriber Date of Birth

• Subscriber Social Security number

• Dependent Name

• Dependent Date of Birth

• Dependent Social Security Number

• Dependent Relationship to Subscriber

• Insurer/Underwriter/TPA Name and Address

• Insurer/Underwriter/TPA Group Number

• Insurer/Underwriter/Group Name

• Prescription Drug Coverage

• Policy Number

• Effective Date of Coverage

• Employer Name, Employer Identification Number (EIN) and Address

• Employment Status

• Amounts of Payment

To administer the MSP provision at 42 U.S.C. 1395y(b)(1) more effectively for entities such as Workers' Compensation carriers or boards, liability insurers, no-fault and automobile medical policies or plans, CMS would receive (to the extent that it is available) and may disclose the following information:

• Beneficiary's Name and Address

• Beneficiary's Date of Birth

• Beneficiary's Social Security number

• Name of Insured

• Insurer Name and Address

• Type of coverage; automobile medical, no-fault, liability payment, or workers' compensation settlement

• Insured's Policy Number

• Effective Date of Coverage

• Date of accident, injury or illness

• Amount of payment under liability, no-fault, or automobile medical policies, plans, and workers' compensation settlements

• Employer Name and Address (Workers' Compensation Only)

• Name of insured could be the driver of the car, a business, the beneficiary (i.e., the name of the individual or entity which carries the insurance policy or plan).

In order to receive this information the entity must agree to the following conditions;

a. To utilize the information solely for the purpose of coordination of benefits with the Medicare program and other third party payer in accordance with Title 42 U.S.C. 1395y(b);

b. To safeguard the confidentiality of the data and to prevent unauthorized access to it; and,

c. To prohibit the use of beneficiary-specific data for the purposes other than for the coordination of benefits among third party payers and the Medicare program. This agreement would allow the entities to use the information to determine cases where they or other third party payers have primary responsibility for payment. Examples of prohibited uses would include but are not limited to; creation of a mailing list, sale or transfer of data.

To administer the MSP provisions more effectively, CMS may receive or disclose the following types of information from or to entities including insurers, underwriters, TPAs, and self-insured plans, concerning potentially affected individuals:

• Subscriber HICN

• Dependent Name

• Funding arrangements of employer group health plans, for example, contributory or non-contributory plan, self-insured, re- insured, HMO, TPA insurance.

• Claims payment information, for example, the amount paid, the date of payment, the name of the insurers or payer

• Dates of employment including termination date, if appropriate

• Number of full and/or part-time employees in the current and preceding calendar years

• Employment status of subscriber, for example, full or part time or self-employed

8. To assist an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects.

9. To support the Department of Justice (DOJ), court or adjudicatory body when:

a. The agency or any component thereof, or

b. Any employee of the agency in his or her official capacity, or

c. Any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or

d. The United States Government, is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records.

10. To support a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program.

11. To support another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs.

B. Additional Provisions Affecting Routine Use Disclosures

To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation "Standards for Privacy of Individually Identifiable Health Information" (45 CFR Parts 160 and 164, Subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the "Standards for Privacy of Individually Identifiable Health Information." (See 45 CFR 164.512(a)(1)).

In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that, because of the small size, use this information to deduce the identity of the beneficiary).

12. To assist a public or private entity that is qualified (as determined by the Secretary of the Department of Health and Human Services (the Secretary)) to use Medicare claims data to evaluate the performance of providers of services and suppliers on measures of quality, efficiency, effectiveness, and resource use; and who agrees to meet the requirements regarding the transparency of their methods and their use and protection of Medicare data as the Secretary may specify, if CMS:

a. Determines that the use or disclosure does not violate legal limitations under which the record was provided, collected, or obtained; and