80 FR 57902 - Privacy Act; Computer Matching Agreement

SMALL BUSINESS ADMINISTRATION
DEPARTMENT OF HOMELAND SECURITY
Federal Emergency Management Agency

Federal Register Volume 80, Issue 186 (September 25, 2015)

Page Range		57902-57906
FR Document		2015-24477
Federal Register, Volume 80 Issue 186 (Friday, September 25, 2015)
[Federal Register Volume 80, Number 186 (Friday, September 25, 2015)]
[Notices]
[Pages 57902-57906]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2015-24477]


=======================================================================
-----------------------------------------------------------------------

SMALL BUSINESS ADMINISTRATION

DEPARTMENT OF HOMELAND SECURITY

Federal Emergency Management Agency


Privacy Act; Computer Matching Agreement

I. Introduction

    The Small Business Administration (SBA) and the Department of 
Homeland Security, Federal Emergency Management Agency (DHS/FEMA) have 
entered into this Computer Matching Agreement (Agreement) pursuant to 
section (o) of the Privacy Act of 1974 (5 U.S.C. 552a), as amended by 
the Computer Matching and Privacy Protection Act of 1988 (Pub. L. 100-
503), and as amended by the Computer Matching Privacy Protection Act 
Amendments of 1990 (Pub. L. 101-508, 5 U.S.C. 552a(p) (1990)). For 
purposes of this Agreement, both SBA and DHS/FEMA are the recipient 
agency and the source agency as defined in 5 U.S.C. 552a(a)(9) and 
(11). For this reason, the financial and administrative 
responsibilities will be evenly distributed between SBA and DHS/FEMA 
unless otherwise set forth in this agreement.

II. Purpose and Legal Authority

A. Purpose of the Matching Program

    The purpose of this Agreement is to establish a framework and 
procedures governing the Computer Matching program between SBA and DHS/
FEMA. The Computer Matching program seeks to ensure that applicants for 
SBA Disaster Loans and DHS/FEMA Individuals and Households Program, 
which provides Other Needs Assistance (ONA) and Housing Assistance 
(HA), do not receive a duplication of benefits for the same disaster. 
This will be accomplished by matching specific DHS/FEMA disaster 
applicant data with SBA disaster loan application and decision data for 
a declared disaster, as set forth in this Agreement.

B. Legal Authority

    SBA's legal authority for undertaking its disaster loan program 
without duplicating benefits is contained in section 7(b)(1) of the 
Small Business Act (15 U.S.C. 636 (b)(1). DHS/FEMA's legal authority 
contained at Sec.  312(a) of the Robert T. Stafford Disaster Relief and 
Emergency Assistance Act (42 U.S.C. 5155), mandates DHS/FEMA not to 
duplicate assistance provided by another agency or similar source.
    SBA is allowed to share information with DHS/FEMA pursuant to 
routine uses (f) and (g) of SBA-020 Disaster Loan Case Files system of 
records, 74 FR 14911 (April 1, 2009). DHS/FEMA is allowed to share 
information with SBA pursuant to routine uses H.1. and R. of DHS/FEMA-
008 Disaster Recovery Assistance Files, 78 FR 25282 (April 30, 2013) 
(DHS/FEMA-008 SORN). The Computer Matching and Privacy Protection Act 
of 1988 (Pub. L. 100-503), as amended, (5 U.S.C. 552a(o)-(u)) 
establishes procedural requirements for agencies to follow when 
engaging in computer-matching activities.

III. Justification and Expected Results

A. Justification

    As required by law, SBA and DHS/FEMA will not provide duplicative 
disaster assistance to individuals, and businesses including Private-
Not-for Profits (PNPs) for the same disaster. To accomplish this, SBA 
and DHS/FEMA will participate in a computer-matching program to share 
data and financial/benefits award decisions of individuals, businesses 
and/or other entities to prevent duplicative aid from being provided in 
the same disaster declaration.
    It is also recognized that the programs covered by this Agreement 
are part of a Government-wide initiative, Executive Order 13411--
Improving Assistance for Disaster Victims (August 29, 2006). This order 
mandates DHS/FEMA to identify and prevent duplication of benefits 
received by individuals, businesses, or other entities for the same 
disaster. That initiative and this matching program are consistent with 
Office of Management and Budget (OMB) guidance on interpreting the 
provisions of the Computer Matching and Privacy Protection Act of 1988, 
54 FR 25818 (June 19, 1989); and OMB Circular A-130, Appendix I, 
``Federal Agency Responsibilities for Maintaining Records about 
Individuals.''

B. Expected Results

    The matching program is to ensure that benefits provided to 
disaster survivors by DHS/FEMA and SBA are not duplicated. By way of 
the DHS/FEMA disaster registration identification (ID) number, DHS/FEMA 
and SBA are able to identify the applications received from mutual DHS/
FEMA and SBA disaster survivors. By the nature of the sequence of 
delivery as outlined in FEMA Regulation, 44 CFR 206.191, survivors that 
register with DHS/FEMA for possible grant assistance, and meet SBA's 
minimum income requirements, are automatically referred to SBA for 
possible loan assistance. For example, DHS/FEMA received 548,953 
registrations in response to hurricane Sandy, and referred 241,282 of 
those registrations to SBA. More recently, in FY 2013 and 2014, DHS/
FEMA received 775,089 registrations and referred 337,619 registrations 
to SBA. The computer match will also reveal instances where the same 
disaster survivor has submitted applications to both DHS/FEMA and SBA, 
which could result in a duplication of benefits. Since FY 2010,\1\ the 
use of the CMA has identified 224,878 instances where the same disaster 
survivor submitted applications to both agencies, a yearly average of 
40,157. Over that same period, SBA approved 83,313 loans to homeowners 
and renters, who also received assistance from FEMA. This is a yearly 
average of 14,877 files identified with a potential DOB.
---------------------------------------------------------------------------

    \1\ The SBA data period is from October 1, 2009 through May 11, 
2015.
---------------------------------------------------------------------------

IV. Records Description

A. Systems of Records and Estimated Number of Records Involved

    DHS/FEMA accesses records from its Disaster Recovery Assistance 
Files system of records, as provided by the DHS/FEMA-008 SORN, through 
its National Emergency Management Information System-Individual 
Assistance (NEMIS-IA), and matches them to the records that SBA 
provides from its SBA-020 Disaster Loan Case Files, 74 FR 14911 (April 
1, 2009) system of records. SBA uses its Disaster Credit Management 
System (DCMS) to access records from its Disaster Loan Case Files 
system of records, and match them to the records that DHS/FEMA provides 
from its Disaster Recovery Assistance Files system of records. Under 
this agreement, DHS/FEMA and SBA exchange data to: (1) Check for 
initial registrations, (2) check for the duplication of benefits, and 
(3) update the SBA Loan Status.
    A definitive answer cannot be given as to how many records will be 
matched as it will depend on the number of individuals, businesses or 
other entities that suffer damage from a declared disaster and that 
ultimately apply for Federal disaster aid.

[[Page 57903]]

B. Description of the Match

    The three types of match processes, for initial registration, 
duplication of benefits, and status updates, are described below.
    1. DHS/FEMA-SBA Automated Import/Export Process for Initial 
Registrations.
    a. SBA is the recipient (i.e. matching) agency. SBA will match 
records from its Disaster Loans Case Files system of records, as 
identified in Section II.B, applications and information accessed via 
the DCMS, to the records extracted and provided by DHS/FEMA from its 
DHS/FEMA Disaster Recovery Assistance Files system of records, as 
identified in Section II.B.
    b. DHS/FEMA will provide SBA the data elements identified in the 
current NEMIS-IA Disaster Assistance Improvement Program (DAIP) 
Interface Control Document (ICD) (See Appendix A), which includes but 
is not limited to the following information: Applicant's FEMA 
Registration ID Number; applicant's personally identifiable 
information, which includes name, address, social security number, and 
date of birth; damaged property information; insurance policy data; 
property occupant data; vehicle registration data; and flood zone and 
flood insurance data.
    c. SBA will conduct the match using the FEMA Disaster ID number, 
FEMA Registration ID number, Product (Home/Business) and Registration 
Occupant Social Security number (SSN) to create a New Pre-Application. 
The records SBA receives are of DHS/FEMA applicants who are referred to 
SBA for disaster loan assistance. Controls on the DHS/FEMA export of 
data are in place to ensure that SBA only receives unique and valid 
referral records.
    d. When SBA matches its records to those provided by DHS/FEMA, two 
types of matches are possible: A full match and a partial match. A full 
match exists when an SBA record matches a DHS/FEMA record on each of 
the following data fields: FEMA Disaster ID number, FEMA Registration 
ID number, Product (Home/Business), and Registration Occupant Social 
Security Number (SSN). A partial match exists when an SBA record 
matches a DHS/FEMA record on one or more, but not all of the data 
fields listed above. If an exact (full) match is found among SBA 
records for the current imported record, the current record is 
automatically marked as a duplicate by the system with appropriate 
comments inserted to indicate the corresponding record that matched. If 
a partial match is found during the import process, the record is 
routed for manual examination, investigation, and resolution to 
determine whether it is truly a duplicate record.
    2. DHS/FEMA-SBA Duplication of Benefits Automated Match Process:
    a. Both DHS/FEMA and SBA will act as the recipient (i.e. matching) 
agency. SBA will extract and provide to DHS/FEMA data from its Disaster 
Loans Case Files system of records, as identified in Section II.B., and 
accessed via the DCMS. DHS/FEMA will match the data SBA provides to 
records in its Disaster Recovery Assistance Files system of records, as 
identified in Section II.B., accessed through NEMIS-IA, via the FEMA 
Registration ID number. SBA will issue a data call to DHS/FEMA 
requesting that DHS/FEMA return any records for which NEMIS-IA found a 
match. For each match found, DHS/FEMA sends all of its applicant 
information that it collects during the registration process to SBA so 
that SBA may match these records with its registrant data in the DCMS. 
SBA's DCMS manual process triggers an automated interface to query 
NEMIS-IA, using the FEMA Registration ID number as the unique 
identifier.
    b. DHS/FEMA will return the following fields for the matching DHS/
FEMA record, if any: FEMA Disaster Number; FEMA Registration ID number; 
applicant and if applicable, co-applicant name; damaged dwelling 
address, phone number, SSN, damaged property data, insurance policy 
information, contact address (if different from damaged dwelling 
address), flood zone and flood insurance data, FEMA Housing Assistance 
and Other Needs Assistance data, program, award level, eligibility, 
inspection data, verification of ownership and occupancy, and approval 
or rejection data. DHS/FEMA will return no result when the FEMA 
Registration ID number is not matched.
    c. For each matching record received from DHS/FEMA, SBA determines 
whether DHS/FEMA assistance duplicates SBA loan assistance. If SBA loan 
officers determine that there is a duplication of benefits, the 
duplicated amount is deducted from the eligible SBA loan amount.
    3. DHS/FEMA-SBA Status Update Automated Match Process:
    a. DHS/FEMA will act as the recipient (i.e. matching) agency. DHS/
FEMA will match records from its Disaster Recovery Assistance Files 
system of records, as identified in Section II.B., to the records 
extracted and provided by SBA from its Disaster Loans Case Files system 
of records, as identified in Section II.B. The purpose of this process 
is to update DHS/FEMA applicant information with the status of SBA loan 
determinations. The records provided by SBA will be automatically 
imported into NEMIS-IA to update the status of existing applicant 
records. The records DHS/FEMA receives from SBA are of DHS/FEMA 
applicants who were referred to SBA for disaster loan assistance. 
Controls on the SBA export of data are in place to ensure that DHS/FEMA 
only receives unique and valid referral records.
    b. SBA will provide to DHS/FEMA information and data, including but 
not limited to the following: Personal information about SBA 
applicants, including name, damaged dwelling address, and SSN; 
application data; loss to personal property data; loss mitigation data; 
SBA loan data; and SBA event data. DHS/FEMA will conduct the match 
using FEMA Disaster Number and FEMA Registration ID number.
    c. Loan data for matched records will be recorded and displayed in 
NEMIS-IA. Loan data will also be run through NEMIS-IA business rules; 
potentially duplicative categories of assistance are sent to FEMA's 
Program Review process for manual evaluation of any duplication of 
benefits. If FEMA review staff determines that there is a duplication 
of benefits, the duplicated amount is deducted from the eligible award. 
FEMA applicants receive a letter that indicates the amount of their 
eligible award and their ability to appeal.

C. Projected Starting and Completion Dates

    This Agreement will take effect 40 days from the date copies of 
this signed Agreement are sent to both Houses of Congress or 30 days 
from the date the Computer Matching Notice is published in the Federal 
Register, whichever is later, depending on whether comments are 
received which would result in a contrary determination (Commencement 
Date). SBA is the agency that will:
    1. Transmit this Agreement to Congress.
    2. Notify OMB.
    3. Publish the Computer Matching Notice in the Federal Register.
    4. Address public comments that may result from publication in the 
Federal Register.
    Matches under this program will be conducted for every Presidential 
disaster declaration and will continue for as long as this agreement, 
including any renewals, remains in effect.

V. Notice Procedures

A. DHS/FEMA Recipients

    FEMA Form 009-0-1 ``Application/Registration for Disaster 
Assistance,''

[[Page 57904]]

Form 009-0-3 ``Declaration and Release'' (both part of OMB ICR No. 
1660-0002), and various other forms used for financial assistance 
benefits immediately following a declared disaster, use a Privacy Act 
statement, see 5 U.S.C. 552a(e)(3), to provide notice to applicants 
regarding the use of their information. The Privacy Act statements 
provide notice of computer matching or the sharing of their records 
consistent with this Agreement. The Privacy Act statement is read to 
call center applicants and is displayed and agreed to by Internet 
applicants. Also, FEMA Form 009-0-3 requires the applicant's signature 
in order to receive financial assistance. Additionally, FEMA/DHS gives 
public notice via its Disaster Assistance Improvement Program Privacy 
Impact Assessment and in its system of records notice identified in 
Section II.B.

B. SBA Recipients

    SBA Forms 5 ``Disaster Business Loan Application,'' 5C ``Disaster 
Home Loan Application,'' and the Electronic Loan Application (ELA) 
include a Privacy Act statement that provides notice that SBA may 
disclose personal information under a published ``routine use,'' as 
permitted by law. SBA's published system of records notice, identified 
in Section II. B), provides notice that a computer match may be 
performed to share information with another Federal agency in 
connection with the issuance of a grant, loan or other benefit. In 
addition, the Privacy Act requires that a copy of each CMA entered into 
with a recipient agency shall be available upon request to the public.

VI. Verification Procedure

A. DHS/FEMA-SBA Automated Import/Export Process for Initial 
Registrations

    The matching program for the initial contact information for 
individuals and businesses will be accomplished by mapping applicant 
data for DHS/FEMA NEMIS-IA fields described earlier to the DCMS 
application data fields. During the automated import process, a 
computer match is performed against existing DCMS applications as 
described in Section IV.B.1.
    If the applicant's data does not match an existing pre-application 
or application in the SBA's DCMS, then the applicant's data will be 
inserted into DCMS to create a new pre-Application. An SBA application 
for disaster assistance may be mailed to the registrant.
    If the applicant's data does match an existing pre-application or 
application in SBA's DCMS, it indicates that there may be an existing 
pre-application/application for the applicant in the DCMS. If there is 
an exact match, the system will insert the record within the SBA's DCMS 
but will identify it as a duplicate with appropriate comments inserted 
to indicate the corresponding record that matched. If there is a 
partial match, the system will insert the record within the SBA's DCMS 
but will identify it as a potential duplicate. The record is then 
further reviewed by SBA employees to determine whether the data 
reported by the DHS/FEMA applicant is a duplicate of previously 
submitted registration data. Only one of the applications is kept for 
processing and the other duplicate pre-applications or applications 
will not be processed.

B. DHS/FEMA-SBA Duplication of Benefits Automated Match

    The matching program is to ensure that recipients of SBA disaster 
loans have not received duplicative benefits for the same disaster from 
DHS/FEMA. The matching process begins by matching the DHS/FEMA 
Registration ID number. If the data matches, specific to the 
application or approved loan, SBA will then proceed with its manual 
process to determine whether there is a duplication of benefits. Upon 
determining that there is duplication of benefits, the dollar values 
for the benefits issued by DHS/FEMA may reduce the eligible amount of 
the disaster loan or may cause SBA loan proceeds to be used to repay 
the grant program in the amount of the duplicated assistance.
    DHS/FEMA and SBA are responsible for verifying the submissions of 
data used during each respective benefit process and for resolving any 
discrepancies or inconsistencies on an individual basis.
    At SBA, the matching program for duplication of benefits will be 
executed as part of loan processing and prior to each disbursement of 
an approved SBA disaster loan. Any match indicating that there is a 
possible duplicate benefit will be further reviewed by an SBA employee 
to determine whether the DHS/FEMA grant monies reported by the 
applicant or borrower are correct and matches the data reported by DHS/
FEMA. If there is a duplication of benefits, the amount of the SBA 
disaster loan will be reduced accordingly and the applicant will be 
provided written notice of the changes by processing a loan 
modification to reduce the loan amount or, where appropriate, to repay 
the DHS/FEMA grant program. The notice will provide the applicant with 
an opportunity to apply for reconsideration of the loan modification 
within six months of the date of the notice.

C. DHS/FEMA-SBA Status Update Automated Processes

    For informational purposes, SBA sends DHS/FEMA loan status updates 
as they occur and FEMA updates the loan records in NEMIS-IA based on 
the loan information received.

D. Policies and Procedures Regarding A, B and C Above

    Authorized users of both DCMS and DHS/FEMA NEMIS-IA will not make a 
final decision to reduce or deny benefits of any financial assistance 
to an applicant or take other adverse final action against such 
applicant as the result of information produced by this matching 
program until an employee of the agency taking such action has 
independently verified such information and provided written notice to 
the applicant with a statement of the findings and informing the 
individual of the opportunity to respond or contest, along with the 
expiration of the time to respond or contest.

VII. Retention of Matched Items

    Pursuant to SBA document retention policy, SBA retains applicant 
records in DCMS loan files, including records for matched items. DHS/
FEMA will retain records pursuant to the Retention and Disposal section 
of DHS/FEMA--008 Disaster Recovery Assistance Files, 78 FR 25282 (Apr. 
30, 2013).

VIII. Security Procedures

    SBA and DHS/FEMA agree to the following information security 
procedures:

A. Administrative

    The privacy of the subject individuals will be protected by strict 
adherence to the provisions of the Privacy Act of 1974 (5 U.S.C. 552a). 
SBA and DHS/FEMA agree that data exchange and any records created 
during the course of this matching program will be maintained and 
safeguarded by each agency in such a manner as to restrict access to 
only those individuals, including contractors, who have a legitimate 
need to see them in order to accomplish the matching program's purpose. 
Persons with authorized access to the information will be made aware of 
their responsibilities pursuant to this Agreement.

B. Technical

    DHS/FEMA will transmit the data (specified in this Agreement) to 
SBA via the following process:

[[Page 57905]]

    SBA will pull application data from DHS/FEMA Disaster Assistance 
Center (DAC) via a web services based Simple Object Access Protocol 
(SOAP), Extensible Markup Language (XML)/Hypertext Transfer Protocol 
Secure (HTTPS) request. The data will be used to create applications 
inside the Disaster Credit Management System. For each record, a 
National Information Exchange Model (NIEM)-compliant response will be 
sent back to FEMA DAC indicating success or failure for the transfer of 
data. The SBA/DCMS to DHS/FEMA DAC export of referral data (specified 
in this Agreement) will occur via a web services-based SOAP, XML/HTTPS 
request.
    The DHS/FEMA Duplication of Benefits Interface will be initiated 
from the DCMS to the DHS/FEMA NEMIS-IA through a secured Virtual 
Private Network tunnel, open only to SBA domain Internet Protocol 
addresses. The results of the query are returned to the DCMS in real-
time and populated in the DCMS for delegated SBA staff to use in the 
determination of duplication of benefits.

C. Physical

    SBA and DHS/FEMA agree to maintain all automated matching records 
in a secured computer environment that includes the use of authorized 
access codes (passwords) to restrict access. Those records will be 
maintained under conditions that restrict access to persons who need 
them in connection with official duties related to the matching process 
and grant and loan making processes.

IX. Records Usage, Duplication and Redisclosure Restrictions

    SBA and DHS/FEMA agree to the following restrictions on use, 
duplication, and disclosure of information furnished by the other 
agency.
    A. Records obtained for this matching program or created by the 
match will not be disclosed outside the agency except as may be 
essential to conduct the matching program, or as may be required by 
law. Each agency will obtain the written permission of the other agency 
before making such disclosure. See DHS/FEMA and SBA routine uses 
provided in the systems of records notices identified in Section II.B.
    B. Records obtained for this matching program or created by the 
match will not be disseminated within the agency except on a need-to-
know basis, nor will they be used for any purpose other than that 
expressly described in this Agreement.
    C. Data or information exchanged will not be duplicated unless 
essential to the conduct of the matching program. All stipulations in 
this Agreement will apply to any duplication.
    D. If required to disclose these records to a state or local agency 
or to a government contractor in order to accomplish the matching 
program's purpose, each agency will obtain the written agreement of 
that entity to abide by the terms of this Agreement.
    E. Each agency will keep an accounting of disclosure of an 
individual's record as required by the Privacy Act (5 U.S.C. 552a(c)) 
and will make the accounting available upon request by the individual 
or other agency.

X. Records Accuracy Assessments

    DHS/FEMA and SBA attest that the quality of the specific records to 
be used in this matching program is assessed to be at least 99% 
accurate. The possibility of any erroneous match is extremely small.
    In order to apply for DHS/FEMA assistance online via the DAC 
portal, an applicant's name, address, SSN, and date of birth are sent 
to a commercial database provider to perform identity verification. The 
identity verification ensures that a person exists with the provided 
credentials. In the rare instances where the applicant's identity is 
not verified online or the applicant chooses, the applicants must call 
one of the DHS/FEMA call centers to complete the registrations. The 
identity verification process is performed again.
    In order to apply for SBA's Disaster Loan Assistance online via 
SBA's Electronic Loan Application (ELA) an applicant's name, address, 
SSN, and date of birth and other information is sent to a commercial 
database provider to perform identity verification. The identity 
verification confirms that a person exists with the provided 
credentials. In the rare instances where the online applicant's 
identity cannot be verified electronically or if the applicant chooses, 
the applicant must call SBA's Customer Service Center to complete the 
online application. Once an application (electronic or paper) is 
completed and submitted, the information is transmitted to the DCMS 
system, where it is reviewed and processed by loan officers, who also 
verify each applicant's identity.

XI. Comptroller General Access

    The parties authorize the Comptroller General of the United States, 
upon request, to have access to all SBA and DHS/FEMA records necessary 
to monitor or verify compliance with this matching agreement. This 
matching agreement also authorizes the Comptroller General to inspect 
any records used in the matching process that are covered by this 
matching agreement pursuant to 31 U.S.C. 717 and 5 U.S.C. 552a(b)(10).

XII. Duration of Agreement

    The Agreement may be renewed, terminated or modified as follows:

A. Renewal or Termination

    This Agreement will become effective in accordance with the terms 
set forth in Section IV.C and will remain in effect for 18 months from 
the commencement date. At the end of this period, this Agreement may be 
renewed for a period of up to one additional year if the Data Integrity 
Board of each agency determines within three months before the 
expiration date of this Agreement that the program has been conducted 
in accordance with this Agreement and will continue to be conducted 
without change. Either agency not wishing to renew this Agreement 
should notify the other in writing of its intention not to renew at 
least three months before the expiration date of this Agreement. Either 
agency wishing to terminate this Agreement before its expiration date 
should notify the other in writing of its wish to terminate and the 
desired date of termination.

B. Modification of the Agreement

    This Agreement may be modified at any time in writing if the 
written modification conforms to the requirements of the Privacy Act 
and receives approval by the participant agency Data Integrity Boards.

XIII. Reimbursement of Matching Costs

    SBA and DHS/FEMA will bear their own costs for this program.

XIV. Data Integrity Board Review/Approval

    SBA and DHS/FEMA's Data Integrity Boards will review and approve 
this Agreement prior to the implementation of this matching program. 
Disapproval by either Data Integrity Board may be appealed in 
accordance with the provisions of the Computer Matching and Privacy 
Protection Act of 1988, as amended. Further, the Data Integrity Boards 
will perform an annual review of this matching program. SBA and DHS/
FEMA agree to notify the Chairs of each Data Integrity Board of any 
changes to or termination of this Agreement.

XV. Points of Contacts and Approvals

    For general information, please contact: Eric M. Leckey (202-212-
5100),

[[Page 57906]]

Privacy Officer, Federal Emergency Management Agency, Department of 
Homeland Security; and Jeffrey Jackson (202-205-6595), Chief 
Information Security Officer, Office of the Chief Information Officer, 
Small Business Administration.

XVI. Signatures

    The authorizing officials whose signatures appear below have 
committed their respective agencies to the terms of this Agreement.

Small Business Administration.

    Dated: September 14, 2015.
James Rivera,
Associate Administrator for Disaster Assistance, U.S. Small Business 
Administration.
    Dated: September 9, 2015.
Matthew Varilek,
Chief Operating Officer, Data Integrity Board Chair, U.S. Small 
Business Administration.

U.S. Department of Homeland Security Federal Emergency Management 
Agency.

    Dated: August 4, 2015.
Keith Turi,
Acting Deputy Assistant Administrator, Recovery Directorate, Federal 
Emergency Management Agency, U.S. Department of Homeland Security.
    Dated: August 19, 2015.
Karen L. Neuman,
Chief Privacy Officer Data Integrity Board Chair, U.S. Department of 
Homeland Security.
[FR Doc. 2015-24477 Filed 9-24-15; 8:45 am]
 BILLING CODE P
Federal Register / Vol. 80, No. 186 / Friday, September 25, 2015 / Notices 57905

SBA will pull application data from C. Data or information exchanged will matching agreement. This matching
DHS/FEMA Disaster Assistance Center not be duplicated unless essential to the agreement also authorizes the
(DAC) via a web services based Simple conduct of the matching program. All Comptroller General to inspect any
Object Access Protocol (SOAP), stipulations in this Agreement will records used in the matching process
Extensible Markup Language (XML)/ apply to any duplication. that are covered by this matching
Hypertext Transfer Protocol Secure D. If required to disclose these records agreement pursuant to 31 U.S.C. 717
(HTTPS) request. The data will be used to a state or local agency or to a and 5 U.S.C. 552a(b)(10).
to create applications inside the Disaster government contractor in order to
Credit Management System. For each accomplish the matching program’s XII. Duration of Agreement
record, a National Information Exchange purpose, each agency will obtain the The Agreement may be renewed,
Model (NIEM)-compliant response will written agreement of that entity to abide terminated or modified as follows:
be sent back to FEMA DAC indicating by the terms of this Agreement.
E. Each agency will keep an A. Renewal or Termination
success or failure for the transfer of data.
The SBA/DCMS to DHS/FEMA DAC accounting of disclosure of an This Agreement will become effective
export of referral data (specified in this individual’s record as required by the in accordance with the terms set forth
Agreement) will occur via a web Privacy Act (5 U.S.C. 552a(c)) and will in Section IV.C and will remain in effect
services-based SOAP, XML/HTTPS make the accounting available upon for 18 months from the commencement
request. request by the individual or other date. At the end of this period, this
The DHS/FEMA Duplication of agency. Agreement may be renewed for a period
Benefits Interface will be initiated from of up to one additional year if the Data
X. Records Accuracy Assessments
the DCMS to the DHS/FEMA NEMIS–IA Integrity Board of each agency
through a secured Virtual Private DHS/FEMA and SBA attest that the determines within three months before
Network tunnel, open only to SBA quality of the specific records to be used the expiration date of this Agreement
domain Internet Protocol addresses. The in this matching program is assessed to that the program has been conducted in
results of the query are returned to the be at least 99% accurate. The possibility accordance with this Agreement and
DCMS in real-time and populated in the of any erroneous match is extremely will continue to be conducted without
DCMS for delegated SBA staff to use in small. change. Either agency not wishing to
the determination of duplication of In order to apply for DHS/FEMA renew this Agreement should notify the
benefits. assistance online via the DAC portal, an other in writing of its intention not to
applicant’s name, address, SSN, and renew at least three months before the
C. Physical date of birth are sent to a commercial expiration date of this Agreement.
SBA and DHS/FEMA agree to database provider to perform identity Either agency wishing to terminate this
maintain all automated matching verification. The identity verification Agreement before its expiration date
records in a secured computer ensures that a person exists with the should notify the other in writing of its
environment that includes the use of provided credentials. In the rare wish to terminate and the desired date
authorized access codes (passwords) to instances where the applicant’s identity of termination.
restrict access. Those records will be is not verified online or the applicant
maintained under conditions that chooses, the applicants must call one of B. Modification of the Agreement
restrict access to persons who need the DHS/FEMA call centers to complete This Agreement may be modified at
them in connection with official duties the registrations. The identity any time in writing if the written
related to the matching process and verification process is performed again. modification conforms to the
grant and loan making processes. In order to apply for SBA’s Disaster requirements of the Privacy Act and
Loan Assistance online via SBA’s receives approval by the participant
IX. Records Usage, Duplication and Electronic Loan Application (ELA) an agency Data Integrity Boards.
Redisclosure Restrictions applicant’s name, address, SSN, and
SBA and DHS/FEMA agree to the date of birth and other information is XIII. Reimbursement of Matching Costs
following restrictions on use, sent to a commercial database provider SBA and DHS/FEMA will bear their
duplication, and disclosure of to perform identity verification. The own costs for this program.
information furnished by the other identity verification confirms that a
agency. person exists with the provided XIV. Data Integrity Board Review/
A. Records obtained for this matching credentials. In the rare instances where Approval
program or created by the match will the online applicant’s identity cannot be SBA and DHS/FEMA’s Data Integrity
not be disclosed outside the agency verified electronically or if the applicant Boards will review and approve this
except as may be essential to conduct chooses, the applicant must call SBA’s Agreement prior to the implementation
the matching program, or as may be Customer Service Center to complete of this matching program. Disapproval
required by law. Each agency will the online application. Once an by either Data Integrity Board may be
obtain the written permission of the application (electronic or paper) is appealed in accordance with the
other agency before making such completed and submitted, the provisions of the Computer Matching
disclosure. See DHS/FEMA and SBA information is transmitted to the DCMS and Privacy Protection Act of 1988, as
routine uses provided in the systems of system, where it is reviewed and amended. Further, the Data Integrity
records notices identified in Section processed by loan officers, who also Boards will perform an annual review of
mstockstill on DSK4VPTVN1PROD with NOTICES

II.B. verify each applicant’s identity. this matching program. SBA and DHS/
B. Records obtained for this matching FEMA agree to notify the Chairs of each
program or created by the match will XI. Comptroller General Access Data Integrity Board of any changes to
not be disseminated within the agency The parties authorize the Comptroller or termination of this Agreement.
except on a need-to-know basis, nor will General of the United States, upon
they be used for any purpose other than request, to have access to all SBA and XV. Points of Contacts and Approvals
that expressly described in this DHS/FEMA records necessary to For general information, please
Agreement. monitor or verify compliance with this contact: Eric M. Leckey (202–212–5100),

VerDate Sep<11>2014 19:58 Sep 24, 2015 Jkt 235001 PO 00000 Frm 00123 Fmt 4703 Sfmt 4703 E:\FR\FM\25SEN1.SGM 25SEN1
57906 Federal Register / Vol. 80, No. 186 / Friday, September 25, 2015 / Notices

Privacy Officer, Federal Emergency 409 3rd Street SW., Suite 6050, Investment Company License No. 03/
Management Agency, Department of Washington, DC 20416. 03–0246 issued to BIA Digital Partners
Homeland Security; and Jeffrey Jackson SUPPLEMENTARY INFORMATION: Notice is SBIC II LP, said license is hereby
(202–205–6595), Chief Information hereby given that as a result of the declared null and void.
Security Officer, Office of the Chief Administrator’s disaster declaration, United States Small Business
Information Officer, Small Business applications for disaster loans may be Administration.
Administration. filed at the address listed above or other Dated: September 21, 2015.
XVI. Signatures locally announced locations. Javier E. Saade,
The following areas have been Associate Administrator for Investment and
The authorizing officials whose determined to be adversely affected by
signatures appear below have Innovation.
the disaster: [FR Doc. 2015–24367 Filed 9–24–15; 8:45 am]
committed their respective agencies to
Primary Counties: Perry.
the terms of this Agreement. BILLING CODE P
Contiguous Counties:
Small Business Administration. Kentucky: Breathitt, Clay, Harlan,
Dated: September 14, 2015. Knott, Leslie, Letcher, Owsley. SMALL BUSINESS ADMINISTRATION
James Rivera, The Interest Rates are:
Associate Administrator for Disaster Revocation of License of Small
Assistance, U.S. Small Business Percent Business Investment Company
Administration.
Dated: September 9, 2015. For Physical Damage: Pursuant to the authority granted to
Homeowners With Credit Avail- the United States Small Business
Matthew Varilek,
able Elsewhere ...................... 3.750 Administration by the Windup Order of
Chief Operating Officer, Data Integrity Board Homeowners Without Credit
Chair, U.S. Small Business Administration. the United States District Court for the
Available Elsewhere .............. 1.875
Southern District of Florida, entered
U.S. Department of Homeland Security Businesses With Credit Avail-
Federal Emergency Management Agency. able Elsewhere ...................... 6.000 July 1, 2015, the United States Small
Businesses Without Credit Business Administration hereby revokes
Dated: August 4, 2015.
Available Elsewhere .............. 4.000 the license of Crossbow Venture
Keith Turi, Non-Profit Organizations With Partners, L.P., a Delaware Limited
Acting Deputy Assistant Administrator, Credit Available Elsewhere ... 2.625 Partnership, to function as a small
Recovery Directorate, Federal Emergency Non-Profit Organizations With- business investment company under the
Management Agency, U.S. Department of out Credit Available Else- Small Business Investment Company
Homeland Security. where ..................................... 2.625 License No. 04740281 issued to
Dated: August 19, 2015. For Economic Injury:
Crossbow Venture Partners, L.P., on
Karen L. Neuman, Businesses & Small Agricultural
Cooperatives Without Credit June 29, 2000, and said license is hereby
Chief Privacy Officer Data Integrity Board
Available Elsewhere .............. 4.000 declared null and void as of July 1,
Chair, U.S. Department of Homeland 2015.
Non-Profit Organizations With-
Security.
out Credit Available Else- United States Small Business
[FR Doc. 2015–24477 Filed 9–24–15; 8:45 am] where ..................................... 2.625 Administration.
BILLING CODE P
Dated: September 21, 2015.
The number assigned to this disaster
Javier E. Saade,
for physical damage is 14472 5 and for
SMALL BUSINESS ADMINISTRATION Associate Administrator for Investment.
economic injury is 14473 0.
[FR Doc. 2015–24368 Filed 9–24–15; 8:45 am]
[Disaster Declaration #14472 and #14473] The State which received an EIDL BILLING CODE P
Declaration # is Kentucky.
Kentucky Disaster #KY–00060 (Catalog of Federal Domestic Assistance
AGENCY: U.S. Small Business Numbers 59002 and 59008)
SMALL BUSINESS ADMINISTRATION
Administration. Dated: September 21, 2015.
ACTION: Notice Maria Contreras-Sweet, Reporting and Recordkeeping
Administrator. Requirements Under OMB Review
SUMMARY: This is a notice of an
[FR Doc. 2015–24502 Filed 9–24–15; 8:45 am] AGENCY: Small Business Administration.
Administrative declaration of a disaster
BILLING CODE 8025–01–P
for the Commonwealth of KENTUCKY ACTION: 30-Day notice.
dated 09/21/2015.
Incident: Apartment Complex Fire. SUMMARY: The Small Business
Incident Period: 09/01/2015. SMALL BUSINESS ADMINISTRATION Administration (SBA) is publishing this
Effective Date: 09/21/2015. notice to comply with requirements of
Physical Loan Application Deadline Surrender of License of Small the Paperwork Reduction Act (PRA) (44
Date: 11/20/2015. Business Investment Company U.S.C. Chapter 35), which requires
Economic Injury (EIDL) Loan Pursuant to the authority granted to agencies to submit proposed reporting
Application Deadline Date: 06/21/2016. the United States Small Business and recordkeeping requirements to
ADDRESSES: Submit completed loan OMB for review and approval, and to
mstockstill on DSK4VPTVN1PROD with NOTICES

Administration under the Small
applications to: U.S. Small Business Business Investment Act of 1958, as publish a notice in the Federal Register
Administration, Processing and amended, under Section 309 of the Act notifying the public that the agency has
Disbursement Center, 14925 Kingsport and Section 107.1900 of the Small made such a submission. This notice
Road, Fort Worth, TX 76155. Business Administration Rules and also allows an additional 30 days for
FOR FURTHER INFORMATION CONTACT: A. Regulations (13 CFR 107.1900) to public comments.
Escobar, Office of Disaster Assistance, function as a small business investment DATES: Submit comments on or before
U.S. Small Business Administration, company under the Small Business October 26, 2015.

VerDate Sep<11>2014 20:43 Sep 24, 2015 Jkt 235001 PO 00000 Frm 00124 Fmt 4703 Sfmt 4703 E:\FR\FM\25SEN1.SGM 25SEN1
Document Created: 2018-02-26 10:19:37
Document Modified: 2018-02-26 10:19:37
Category		Regulatory Information
Collection		Federal Register
sudoc Class		AE 2.7: GS 4.107: AE 2.106:
Publisher		Office of the Federal Register, National Archives and Records Administration
Section		Notices
FR Citation		80 FR 57902
80 FR 57902 - Privacy Act; Computer Matching Agreement

SMALL BUSINESS ADMINISTRATIONDEPARTMENT OF HOMELAND SECURITYFederal Emergency Management Agency

Federal Register Volume 80, Issue 186 (September 25, 2015)

SMALL BUSINESS ADMINISTRATION
DEPARTMENT OF HOMELAND SECURITY
Federal Emergency Management Agency
