81 FR 17463 - Privacy Act of 1974; System of Records Notice
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Office of the Secretary Federal Register Volume 81, Issue 60 (March 29, 2016)
Office of the Secretary
Federal Register Volume 81, Issue 60 (March 29, 2016)
| Page Range | 17463-17467 | |
| FR Document | 2016-07060 |
[Federal Register Volume 81, Number 60 (Tuesday, March 29, 2016)] [Notices] [Pages 17463-17467] From the Federal Register Online [www.thefederalregister.org] [FR Doc No: 2016-07060] ----------------------------------------------------------------------- DEPARTMENT OF HEALTH AND HUMAN SERVICES Office of the Secretary Privacy Act of 1974; System of Records Notice AGENCY: Assistant Secretary for Public Affairs (ASPA), Office of the Secretary (OS), Department of Health and Human Services (HHS). ACTION: Notice of an altered system of records. ----------------------------------------------------------------------- SUMMARY: In accordance with the requirements of the Privacy Act of 1974, as amended (5 U.S.C. 552a), HHS is updating a department-wide system of records, System No. 09-90-0058, currently titled ``Freedom of Information Case Files and Correspondence Control Log, HHS/OS/ASPA/ FOIA.'' This system of records was established prior to 1979 (see 44 FR 58144) and was previously revised in 1989 and 1994 (see 54 FR 41684 and 59 FR 55845). Due to the length of time since the last revision, the updates published in this Notice affect most sections of the System of Records Notice (SORN). The updates include changing the system name to ``Tracking Records and Case Files for FOIA and Privacy Act Requests and Appeals;'' expanding the scope of the system to include tracking records and case files pertaining to not only FOIA and Privacy Act requests processed in agency FOIA offices, but Privacy Act requests and appeals handled by System Managers for Privacy Act systems and related privacy personnel, when those records are retrieved by personal identifier; adding several new routine uses; and clarifying that some of the records in this system of records may be exempt from certain Privacy Act requirements. The updates are more fully explained in the SUPPLEMENTARY INFORMATION section of this Notice. DATES: This Notice is effective on publication, with the exception of the new and revised routine uses. The new and revised routine uses will be effective 30 days after publication of this Notice, unless comments are received that warrant a revision to this Notice. Written comments on the routine uses should be submitted within 30 days. Until the new and revised routine uses are effective, the routine uses previously published for the system will remain in effect. ADDRESSES: You may submit comments to Beth Kramer, HHS Privacy Act Officer, FOIA/PA Division, by email to: [email protected]. FOR FURTHER INFORMATION CONTACT: Beth Kramer, HHS Privacy Act Officer, FOIA/PA Division, Hubert H. Humphrey Building--Suite 729H, 200 Independence Avenue SW., Washington, DC 20201. Ms. Kramer can also be reached by telephone at 202-690-7453. SUPPLEMENTARY INFORMATION: I. Explanation of Revisions to System No. 09-90-0058 The revised System of Records Notice (SORN) published in this Notice for System No. 09-90-0058 includes the following significant changes, in addition to minor wording changes throughout:The system name and scope have been revised to cover not only tracking records and case files used by HHS Freedom of Information Act (FOIA) offices to process FOIA and Privacy Act requests and appeals (which typically involve only ``access'' to agency records), but tracking records and case files used by System Managers of Privacy Act systems and related privacy personnel to process any type of Privacy Act request or appeal (e.g., seeking access, notification, correction and amendment, or an accounting of disclosures), when those tracking records and case files are retrieved by personal identifier. The Categories of Individuals section has been revised to omit organizations (because the Privacy Act applies only to individuals, not entities), but not to add any additional categories of individuals besides individual FOIA and Privacy Act requesters and appellants. The result is that only an individual FOIA or Privacy Act requester or appellant may make a Privacy Act request under this SORN for access to, correction of, notification as to, or an accounting of disclosures with respect to tracking records and/or case files used by HHS to process a FOIA and/or Privacy Act request in which that individual was the requester or appellant. Further, because agency records processed in response to a third-party FOIA request are not about the requester or appellant, a provision has been added to make clear that Privacy Act rights are afforded to an individual requester or appellant only to the extent that the information in the tracking record and case file retrieved by that individual's identifier is, in fact, about that individual requester or appellant. The intent is to include in the Categories of Individuals section only individual requesters and appellants (not, for example, individual representatives who requested records under FOIA on behalf of an entity). [cir] Note: Privacy Act case files and tracking records are about individual requesters and appellants only, because Privacy Act requests can only be made by an individual record subject personally, not by a third party or through a representative (unless the representative is the parent of or court-appointed guardian for a minor or legally- declared incompetent who is the record subject). The agency's position is that FOIA case files and tracking records, likewise, are about requesters and appellants only, not other individuals who may be identified in the agency records sought by FOIA requesters and appellants. This is because HHS' FOIA case files and tracking records are not keyed or indexed to individuals mentioned in records requested under FOIA, but are keyed to requesters and appellants, and because the purpose for which records are processed under FOIA is to release information about the agency (not to release information about individuals mentioned in the records to third party FOIA requesters, except as required to shed light on conduct of the agency). The Categories of Records section has been rewritten, to reflect two distinct categories (tracking records and case files); to describe the contents in more detail; to clarify that any classified records responsive to a FOIA request or appeal are considered part of the case file for that request or appeal, even if the classified records must be maintained in a security office instead of in the FOIA office; and to specifically exclude related categories of records covered by other SORNs, to avoid duplicating other systems of records. The Purposes section has been rewritten to provide a broader description of uses and users of the records within HHS. (The prior description mentioned only ``FOIA correspondence and processing,'' ``Freedom of Information staff,'' and ``appeals officials and members of the Office of General Counsel.'') An existing routine use authorizing disclosures to contractors (routine use 2) has been revised to be more accurate in reflecting the broad purposes for which contractors may be engaged to assist HHS and require access to records in the system. (The former description was limited to ``collating, aggregating, analyzing, or otherwise refining records in this system.'') [[Page 17464]] Four new routine uses have been added (see routine uses 6 through 9). The System Locations and System Manager sections have been updated with current information and expanded to be consistent with the scope of the system. The Policies and Practices section has been revised. Specifically, the Storage and Safeguards descriptions have been revised to reflect that any of the records (not just tracking records) may be maintained electronically, and to include safeguards applicable to classified records. The Retention description has been updated to refer to new General Records Schedule (GRS) 4.2, issued August 2015 (superseding GRS 14). The Exemptions section has been changed from stating ``none'' to including an explanation that certain records in this system may be exempt if they are from other Privacy Act systems that have promulgated exemptions. Because the revised SORN includes significant changes, a report on the altered system has been sent to Congress and OMB in accordance with 5 U.S.C. 552a(r). II. Background on the Privacy Act Requirement To Publish a System of Records Notice The Privacy Act governs the means by which the U.S. Government collects, maintains, and uses information about individuals in a system of records. A ``system of records'' is a group of any records under the control of a federal agency from which records about individuals are retrieved by the individuals' names or other personal identifiers. While FOIA entitles any person to seek access to agency records, an individual has a right of access under the Privacy Act, in addition to FOIA, with respect to agency records about him that are maintained in a Privacy Act system of records. The Privacy Act requires each agency to publish in the Federal Register a system of records notice (SORN) identifying and describing each system of records the agency maintains, including the purposes for which the agency uses information about individuals in the system, the routine uses for which the agency discloses such information to parties outside the agency, and how an individual record subject can exercise his rights under the Privacy Act (e.g., to request notification of whether the system contains records about him, or to request access to or correction or amendment of his records). SYSTEM NUMBER: 09-90-0058 SYSTEM NAME: Tracking Records and Case Files for FOIA and Privacy Act Requests and Appeals. SECURITY CLASSIFICATION: Classified and Unclassified. SYSTEM LOCATIONS: Physical locations for the case files and tracking records covered by this SORN include: The HHS Freedom of Information/Privacy Acts Division within the Office of the Assistant Secretary for Public Affairs (ASPA) in Washington, DC; HHS FOIA Requester Service Centers in Washington, DC; Baltimore, MD; Bethesda, MD; Research Triangle, NC; Rockville, MD; and Atlanta, GA; Any contractor locations that support FOIA and/or Privacy Act request processing (for example, the Centers for Medicare & Medicaid Services (CMS) uses contractors located near its Regional Offices in Boston, MA; New York, NY; Philadelphia, PA; Atlanta, GA; Chicago, IL; Dallas, TX; Kansas City, MO; Denver, CO; San Francisco, CA; and Seattle, WA); Server locations for electronic systems used by HHS FOIA offices, System Managers, and/or related privacy personnel (for example, server locations for agency-developed FOIA systems include Bethesda, MD for the system used by National Institutes of Health; White Oak, MD and Ashburn, VA for the system used by the Food and Drug Administration; and Baltimore, MD for the system used by CMS and PSC; locations for commercial off-the-shelf FOIA systems include Gaithersburg, MD for FOIAXpress and Washington, DC for the Request Management System); Security office locations where classified records responsive to FOIA and Privacy Act requests may be stored, including the Office of Security and Strategic Information (OSSI) in Washington, DC; and System Manager locations identified in each SORN posted at http://www.hhs.gov/foia/privacy/sorns.html, where any tracking records and case files used by System Managers and related privacy personnel to process Privacy Act requests and appeals would be maintained. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: The records in this system of records pertain to individual FOIA and Privacy Act requesters and appellants only. Individual FOIA and Privacy Act requesters and appellants include: Any individual who the agency treated as the requester or appellant for an access request or appeal that was received in or referred to a HHS FOIA office for processing under FOIA (and under the Privacy Act, if applicable), excluding individual representatives who requested records under FOIA on behalf of an entity; and Any individual who made any type of Privacy Act request or appeal that was received by or referred to the System Manager (or related privacy personnel) for the relevant HHS Privacy Act system of records for handling--but only if the System Manager's (or related privacy personnel's) Privacy Act tracking records and case files are retrieved by requester or appellant identifier. For a FOIA request or appeal involving non-Privacy Act records, the individual treated as the requester or appellant may have made the FOIA request or appeal personally, through a representative, or as a representative for another individual. For a Privacy Act request or appeal, the individual requester or appellant may have made the request or appeal personally, or as the parent of or court-appointed guardian for a minor or legally-declared incompetent who is the subject of the records, or with the prior, written consent of the record subject. When any of the aforementioned individual requesters or appellants seeks to exercise Privacy Act rights under this SORN with respect to the tracking record and case file pertaining to his or her FOIA or Privacy Act request or appeal, the information in the tracking record and case file must be about him, as required by 5 U.S.C. 552a(a)(4) (i.e., not merely be retrieved by his identifier), for the individual to be afforded Privacy Act rights with respect to those records. CATEGORIES OF RECORDS IN THE SYSTEM: Records consist of tracking records and case files for FOIA and Privacy Act requests and appeals made by individuals. This system of records excludes tracking records and case files for FOIA requests and appeals made by or on behalf of entities. Tracking records typically include the requester/appellant's name and contact information, case tracking number, date of request or appeal, a brief description of the request or appeal, processing status, and response date or appeal decision date. A tracking record for a FOIA request may include additional information, such as the requester's fee category and whether expedited processing or a fee waiver or reduction was sought and was granted or denied. [[Page 17465]] A case file typically includes a copy of the request and any appeal, which would include the requester/appellant's name; contact information; a description of the records that were the subject of the access, correction, or other request; issues raised on appeal; copies of any documents included with the request or appeal; the case tracking number; the agency's response letter and any appeal decision letter; copies of records responsive to the request; correspondence about the request or appeal with the requester and with other involved parties and agencies; and any fee-related information. A case file also may include identity verification documents and information (such as photocopies of the requester's driver's license, passport, alien or voter registration card, or union card; identifying particulars about the records sought, such as an account number; or a statement certifying that the requester is the individual who he or she claims to be) if the case file pertains to a first-party request; a consent form signed by an individual record subject, authorizing HHS to provide records about that individual to a third party; and photocopies of documents establishing a parent, guardian, or other legal relationship (such as a court order or birth certificate) if the request or appeal was made by a legal representative. Any classified records responsive to a FOIA request or appeal are considered to be part of the FOIA case file, even if maintained in a security office instead of in the FOIA case file. Note that the scope of this system of records excludes the following related records: Litigation files maintained in the HHS Office of General Counsel related to requests covered in this system of records (see instead the SORN for System No. 09-90-0064 ``Litigation Files, Administrative Complaints and Adverse Personnel Actions''); Records pertaining to Privacy Act violation claims (see instead the SORNs for System Nos. 09-90-0062 ``Administrative Claims'' and 09-90-0064 ``Litigation Files, Administrative Complaints and Adverse Personnel Actions''); and Records about agency personnel who process FOIA and Privacy Act requests (see instead SORNs covering personnel records; e.g., 09-90-0018 ``Personnel Records in Operating Offices,'' 09-40-0001 ``Public Health Service (PHS) Commissioned Corps General Personnel Records,'' and OPM/GOVT-2 ``Employee Performance File System Records''). AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 552, 552a; 44 U.S.C. 3301. PURPOSE(S) OF THE SYSTEM: FOIA and Privacy Act tracking records and case files are used on a need-to-know basis within the agency, primarily by FOIA office personnel, FOIA Coordinators and subject matter experts in program offices who locate and provide records responsive to requests, attorneys in the Office of General Counsel, Privacy Officers, and System Managers for Privacy Act systems of records. HHS uses the tracking records and case files to: Track, process, and respond to the requests and any related administrative appeals, litigation, and mediation actions and communicate with the requesters and appellants; locate records responsive to requests and appeals and verify the identity of first-party requesters and appellants; identify related requests and records frequently requested under FOIA and generate publicly-releasable versions of FOIA request logs; provide aggregate and statistical data for reports and facilitate management and oversight reviews of FOIA and Privacy Act operations; and share relevant information with other HHS offices that manage related matters arising from processing FOIA and Privacy Act requests and appeals, such as investigating erroneous release incidents and responding to lawsuits alleging Privacy Act violation claims or other claims. (Records used for such purposes, if retrieved by personal identifier, would be covered under other SORNs.) ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: The Privacy Act allows us to disclose information without an individual's consent to parties outside the agency if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a ``routine use.'' The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. To the extent this system contains Protected Health Information (PHI) as defined by HHS regulation ``Standards for Privacy of Individually Identifiable Health Information'' (45 CFR parts 160 and 164, 65 FR 82462 (December 28, 2000), Subparts A and E), disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the ``Standards for Privacy of Individually Identifiable Health Information.'' This system may make the following routine use disclosures: 1. Records may be disclosed to the Department of Justice (DOJ) for the purpose of obtaining DOJ's advice as to whether or not records are required to be disclosed under FOIA and/or the Privacy Act in response to an access request. 2. Records may be disclosed to federal agencies and Department contractors that have been engaged by HHS to assist in accomplishing an HHS function related to the purposes of the system and that need to have access to the records in order to assist HHS. Any contractor will be required to comply with the requirements of the Privacy Act of 1974 and appropriately safeguard the records. These safeguards are explained in the ``Safeguards'' section. 3. Records may be disclosed to student volunteers and other individuals performing functions for the Department but technically not having the status of agency employees, if they need access to the records in order to perform their assigned agency functions. 4. Records may be disclosed to a Member of Congress or to a congressional staff member in response to a written inquiry of the congressional office made at the written request of the constituent about whom the record is maintained. The Member of Congress does not have any greater authority to obtain records than the individual would have if requesting the records directly. 5. Records may be disclosed to the Department of Justice (DOJ) or to a court or other tribunal when: a. The agency or any component thereof, or b. any employee of the agency in his or her official capacity, or c. any employee of the agency in his or her individual capacity where DOJ has agreed to represent the employee, or d. the United States Government, is a party to litigation or has an interest in such litigation and, by careful review, HHS determines that the records are both relevant and necessary to the litigation and that, therefore, the use of such records by the DOJ, court, or other tribunal is deemed by HHS to be compatible with the purpose for which the agency collected the records. 6. Records may be disclosed to another federal, foreign, state, local, tribal, or other public agency with an interest in or control over information in records responsive to or otherwise related to an access or amendment request, for the following purposes: [[Page 17466]] a. Consulting the other agency for its views about providing access to the information or assistance in verifying the identity of an individual or the accuracy of information sought to be amended or corrected; b. informing the other agency of HHS' response or intended response to the request; or c. referring the request to the most appropriate federal agency for response. 7. The identity of the requester or appellant may be disclosed to a submitter of business records that are sought by that requester or appellant, when obtaining the submitter's views concerning release of the submitter's business information under FOIA. 8. Records may be disclosed to the National Archives and Records Administration, Office of Government Information Services (OGIS), to the extent necessary to fulfill its responsibilities under 5 U.S.C. 552(h) to review administrative agency policies, procedures, and compliance with FOIA, and to facilitate OGIS' offering of mediation services to resolve disputes between persons making FOIA requests and administrative agencies. 9. Records may be disclosed to appropriate federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department's efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, when the information disclosed is relevant and necessary for that assistance. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM-- STORAGE: Electronic records are stored in secure electronic tracking and/or storage applications, and on compact disks, DVDs, and network drives. Hard-copy files are stored at office locations, in file rooms, shelves, safes, cabinets, bookcases or desks. RETRIEVAL: Records are retrieved by personal identifier (i.e., requester or appellant name). SAFEGUARDS: Safeguards conform to the HHS Information Security and Privacy Program, http://www.hhs.gov/ocio/securityprivacy/index.html and HHS Office of Security and Strategic Information (OSSI) policies regarding classified information, and include the following: Administrative Safeguards: Authorized users are limited to HHS employees and officials who are responsible for processing FOIA and Privacy Act requests and appeals, authorized personnel of any contractors or federal agencies assisting HHS with those functions, and any other authorized individuals who work for HHS and assist HHS with those functions but technically do not have the status of agency employees. Only personnel with a ``need to know'' and appropriate security clearances issued by OSSI or the Office of Inspector General (OIG) regarding OIG personnel are allowed to access classified records. Each user's access is limited, based on the user's role, to the records that are essential to the user's duties. Security safeguards are imposed on contractors through inclusion of Privacy Act-required clauses in contracts and through monitoring by contract and project officers. Technical Safeguards: Access to electronic systems and records is controlled and protected by a secure log-in method (using passwords that are unique, complex, and frequently changed), time-out features, NSA and/or NIST-approved encryption methods, firewalls, intrusion detection systems, and cybersecurity monitoring systems. Physical Safeguards: Hard-copy records and records displayed on computer screens are protected from the view of unauthorized individuals while the records are in use by an authorized employee. Hard-copy records and electronic storage media are secured during nonbusiness hours in locked file cabinets, locked desk drawers, locked offices, or locked storage areas. Office buildings are protected by cameras and uniformed guards. When records are photocopied, printed, scanned, or faxed for authorized purposes, care is taken to ensure that no copies are left where they can be read by unauthorized individuals. When eligible for destruction, records are securely disposed of using destruction methods prescribed by NSA and/or NIST SP 800-88. RETENTION AND DISPOSAL: Records are retained and disposed of in accordance with General Records Schedule (GRS) 4.2 ``Information Access and Protection Records'' (superseding GRS 14 ``Information Services Records''), which prescribes retention periods ranging from approximately two years to six years after final agency action or adjudication by a court, date of closure, or last entry. For specific periods, see GRS 4.2 Items 020 access and disclosure request files; 030 general administrative (tracking) records; 050 Privacy Act accounting of disclosure files; and 090 Privacy Act amendment request files. SYSTEM MANAGER(S) AND ADDRESS(ES): HHS Privacy Act Officer, Freedom of Information/Privacy Acts Division, OS/ASPA, Hubert H. Humphrey Building--Suite 729H, 200 Independence Avenue SW., Washington, DC 20201. NOTIFICATION PROCEDURE: An individual who wishes to know if this system contains tracking records and case files for FOIA and Privacy Act requests or appeals in which he was the requester or appellant must submit a written request to the System Manager identified above. The request should include the full name of the individual, information to verify the individual's identity, and the individual's current address. RECORD ACCESS PROCEDURE: An individual requester or appellant may request access to tracking records and case files about his FOIA or Privacy Act request or appeal by making a written request to the System Manager identified above, and by identifying or describing the records sought, providing information to verify his identity, and including his current address. CONTESTING RECORD PROCEDURES: An individual may contest information in tracking records and case files about his FOIA or Privacy Act request or appeal by contacting the System Manager identified above, and by identifying the information contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant. RECORD SOURCE CATEGORIES: Information is obtained from individual requesters and appellants, responsive records, program offices that provide responsive records, and personnel at HHS, other agencies, and outside organizations (e.g., consultants and business submitters) who provide information relevant to processing the requests. EXEMPTIONS CLAIMED FOR THIS SYSTEM: This system of records is not a type of system eligible to promulgate exemptions under subsections (j) and (k) of the Privacy Act (5 U.S.C. 552a(j), (k)); however, any record in this system that is from another Privacy Act system of records that has promulgated exemptions will be exempt from access and other requirements of the Privacy Act if and to the same extent that the [[Page 17467]] record is exempt from such requirements in the source system. Records in this system that are from a system described in 5 U.S.C. 552a(j)(2) may be exempt from the requirements in these subsections of the Privacy Act: (c)(3), (c)(4), (d), (e)(1), (e)(2), (e)(3), (e)(4)G), (e)(4)(H), (e)(4)(I), (e)(5), (e)(8), (e)(12), (f), (g), and (h). Records in this system that are from a system described in 5 U.S.C. 552a(k) may be exempt from the requirements in these subsections of the Privacy Act: (c)(3), (d), (e)(1), (e)(4)G), (e)(4)(H), (e)(4)(I), and (f). Any records compiled in reasonable anticipation of a civil action or proceeding are excluded from the Privacy Act access requirement in all systems of records, as provided in 5 U.S.C. 552a(d)(5). Dated: March 9, 2016. Catherine Teti, Executive Officer, Deputy Agency Chief FOIA Officer, Assistant Secretary for Public Affairs. [FR Doc. 2016-07060 Filed 3-28-16; 8:45 am] BILLING CODE 4150-25-P
![Federal Register / Vol. 81, No. 60 / Tuesday, March 29, 2016 / Notices 17463
Dated: March 23, 2016. uses previously published for the that individual requester or appellant.
Leslie Kux, system will remain in effect. The intent is to include in the
Associate Commissioner for Policy. ADDRESSES: You may submit comments Categories of Individuals section only
[FR Doc. 2016–07012 Filed 3–28–16; 8:45 am] to Beth Kramer, HHS Privacy Act individual requesters and appellants
BILLING CODE 4164–01–P Officer, FOIA/PA Division, by email to: (not, for example, individual
HHS.ACFO@hhs.gov. representatives who requested records
FOR FURTHER INFORMATION CONTACT: Beth under FOIA on behalf of an entity).
DEPARTMENT OF HEALTH AND Kramer, HHS Privacy Act Officer, FOIA/ Æ Note: Privacy Act case files and
HUMAN SERVICES tracking records are about individual
PA Division, Hubert H. Humphrey
requesters and appellants only, because
Building—Suite 729H, 200
Office of the Secretary Independence Avenue SW.,
Privacy Act requests can only be made
by an individual record subject
Privacy Act of 1974; System of Washington, DC 20201. Ms. Kramer can
personally, not by a third party or
Records Notice also be reached by telephone at 202–
through a representative (unless the
690–7453.
representative is the parent of or court-
AGENCY: Assistant Secretary for Public SUPPLEMENTARY INFORMATION: appointed guardian for a minor or
Affairs (ASPA), Office of the Secretary
I. Explanation of Revisions to System legally-declared incompetent who is the
(OS), Department of Health and Human
No. 09–90–0058 record subject). The agency’s position is
Services (HHS).
that FOIA case files and tracking
ACTION: Notice of an altered system of The revised System of Records Notice records, likewise, are about requesters
records. (SORN) published in this Notice for and appellants only, not other
System No. 09–90–0058 includes the individuals who may be identified in
SUMMARY: In accordance with the following significant changes, in
requirements of the Privacy Act of 1974, the agency records sought by FOIA
addition to minor wording changes requesters and appellants. This is
as amended (5 U.S.C. 552a), HHS is throughout: because HHS’ FOIA case files and
updating a department-wide system of • The system name and scope have tracking records are not keyed or
records, System No. 09–90–0058, been revised to cover not only tracking
currently titled ‘‘Freedom of indexed to individuals mentioned in
records and case files used by HHS records requested under FOIA, but are
Information Case Files and Freedom of Information Act (FOIA)
Correspondence Control Log, HHS/OS/ keyed to requesters and appellants, and
offices to process FOIA and Privacy Act because the purpose for which records
ASPA/FOIA.’’ This system of records requests and appeals (which typically
was established prior to 1979 (see 44 FR are processed under FOIA is to release
involve only ‘‘access’’ to agency information about the agency (not to
58144) and was previously revised in records), but tracking records and case release information about individuals
1989 and 1994 (see 54 FR 41684 and 59 files used by System Managers of mentioned in the records to third party
FR 55845). Due to the length of time Privacy Act systems and related privacy FOIA requesters, except as required to
since the last revision, the updates personnel to process any type of Privacy shed light on conduct of the agency).
published in this Notice affect most Act request or appeal (e.g., seeking • The Categories of Records section
sections of the System of Records Notice access, notification, correction and has been rewritten, to reflect two
(SORN). The updates include changing amendment, or an accounting of distinct categories (tracking records and
the system name to ‘‘Tracking Records disclosures), when those tracking case files); to describe the contents in
and Case Files for FOIA and Privacy Act records and case files are retrieved by more detail; to clarify that any classified
Requests and Appeals;’’ expanding the personal identifier. records responsive to a FOIA request or
scope of the system to include tracking • The Categories of Individuals appeal are considered part of the case
records and case files pertaining to not section has been revised to omit file for that request or appeal, even if the
only FOIA and Privacy Act requests organizations (because the Privacy Act classified records must be maintained in
processed in agency FOIA offices, but applies only to individuals, not a security office instead of in the FOIA
Privacy Act requests and appeals entities), but not to add any additional office; and to specifically exclude
handled by System Managers for categories of individuals besides related categories of records covered by
Privacy Act systems and related privacy individual FOIA and Privacy Act other SORNs, to avoid duplicating other
personnel, when those records are requesters and appellants. The result is systems of records.
retrieved by personal identifier; adding that only an individual FOIA or Privacy • The Purposes section has been
several new routine uses; and clarifying Act requester or appellant may make a rewritten to provide a broader
that some of the records in this system Privacy Act request under this SORN for description of uses and users of the
of records may be exempt from certain access to, correction of, notification as records within HHS. (The prior
Privacy Act requirements. The updates to, or an accounting of disclosures with description mentioned only ‘‘FOIA
are more fully explained in the respect to tracking records and/or case correspondence and processing,’’
SUPPLEMENTARY INFORMATION section of files used by HHS to process a FOIA ‘‘Freedom of Information staff,’’ and
this Notice. and/or Privacy Act request in which ‘‘appeals officials and members of the
DATES: This Notice is effective on that individual was the requester or Office of General Counsel.’’)
publication, with the exception of the appellant. Further, because agency • An existing routine use authorizing
new and revised routine uses. The new records processed in response to a third- disclosures to contractors (routine use 2)
mstockstill on DSK4VPTVN1PROD with NOTICES
and revised routine uses will be party FOIA request are not about the has been revised to be more accurate in
effective 30 days after publication of requester or appellant, a provision has reflecting the broad purposes for which
this Notice, unless comments are been added to make clear that Privacy contractors may be engaged to assist
received that warrant a revision to this Act rights are afforded to an individual HHS and require access to records in the
Notice. Written comments on the requester or appellant only to the extent system. (The former description was
routine uses should be submitted within that the information in the tracking limited to ‘‘collating, aggregating,
30 days. Until the new and revised record and case file retrieved by that analyzing, or otherwise refining records
routine uses are effective, the routine individual’s identifier is, in fact, about in this system.’’)
VerDate Sep<11>2014 19:43 Mar 28, 2016 Jkt 238001 PO 00000 Frm 00039 Fmt 4703 Sfmt 4703 E:\FR\FM\29MRN1.SGM 29MRN1](https://thefederalregister.org/doc/81_FR_17523/page/1.svg)
![Federal Register / Vol. 81, No. 60 / Tuesday, March 29, 2016 / Notices 17467
record is exempt from such Boulevard, Bethesda, MD 20892–5452, (301) Contact Person: William J Johnson, Ph.D.,
requirements in the source system. 594–7791, goterrobinsonc@ Scientific Review Officer, Office of Scientific
Records in this system that are from a extra.niddk.nih.gov. Review/DERA National Heart, Lung, and
Name of Committee: National Institute of Blood Institute, 6701 Rockledge Drive, Room
system described in 5 U.S.C. 552a(j)(2) 7178, Bethesda, MD 20892, 301–435–0725,
may be exempt from the requirements in Diabetes and Digestive and Kidney Diseases
Special Emphasis Panel; NIDDK Central johnsonwj@nhlbi.nih.gov.
these subsections of the Privacy Act: Repositories Sample Access (X01)-Diabetes, (Catalogue of Federal Domestic Assistance
(c)(3), (c)(4), (d), (e)(1), (e)(2), (e)(3), obesity and Kidney Diseases-PAR14–301. Program Nos. 93.233, National Center for
(e)(4)G), (e)(4)(H), (e)(4)(I), (e)(5), (e)(8), Date: May 26, 2016. Sleep Disorders Research; 93.837, Heart and
(e)(12), (f), (g), and (h). Records in this Time: 11:00 a.m. to 1:30 p.m. Vascular Diseases Research; 93.838, Lung
system that are from a system described Agenda: To review and evaluate grant Diseases Research; 93.839, Blood Diseases
in 5 U.S.C. 552a(k) may be exempt from applications. and Resources Research, National Institutes
the requirements in these subsections of Place: National Institutes of Health, Two of Health, HHS)
the Privacy Act: (c)(3), (d), (e)(1), Democracy Plaza, 6707 Democracy Dated: March 23, 2016.
Boulevard, Bethesda, MD 20892 (Telephone
(e)(4)G), (e)(4)(H), (e)(4)(I), and (f). Any Conference Call). Anna Snouffer,
records compiled in reasonable Contact Person: Najma Begum, Ph.D., Deputy Director, Office of Federal Advisory
anticipation of a civil action or Scientific Review Officer, Review Branch, Committee Policy.
proceeding are excluded from the DEA, NIDDK, National Institutes of Health, [FR Doc. 2016–06981 Filed 3–28–16; 8:45 am]
Privacy Act access requirement in all Room 7349, 6707 Democracy Boulevard, BILLING CODE 4140–01–P
systems of records, as provided in 5 Bethesda, MD 20892–5452, (301) 594–8894,
U.S.C. 552a(d)(5). begumn@niddk.nih.gov.
Dated: March 9, 2016. (Catalogue of Federal Domestic Assistance DEPARTMENT OF HEALTH AND
Catherine Teti,
Program Nos. 93.847, Diabetes, HUMAN SERVICES
Endocrinology and Metabolic Research;
Executive Officer, Deputy Agency Chief FOIA 93.848, Digestive Diseases and Nutrition National Institutes of Health
Officer, Assistant Secretary for Public Affairs. Research; 93.849, Kidney Diseases, Urology
[FR Doc. 2016–07060 Filed 3–28–16; 8:45 am] and Hematology Research, National Institutes National Institute of Biomedical
BILLING CODE 4150–25–P of Health, HHS) Imaging and Bioengineering; Notice of
Dated: March 23, 2016. Meeting
David Clary,
DEPARTMENT OF HEALTH AND Program Analyst, Office of Federal Advisory
Pursuant to section 10(d) of the
HUMAN SERVICES Committee Policy.
Federal Advisory Committee Act, as
amended (5 U.S.C. App.), notice is
National Institutes of Health [FR Doc. 2016–06983 Filed 3–28–16; 8:45 am] hereby given of a meeting of the
BILLING CODE 4140–01–P National Advisory Council for
National Institute of Diabetes and Biomedical Imaging and Bioengineering.
Digestive and Kidney Diseases; Notice The meeting will be open to the
of Closed Meetings DEPARTMENT OF HEALTH AND public as indicated below, with
HUMAN SERVICES attendance limited to space available.
Pursuant to section 10(d) of the
Individuals who plan to attend and
Federal Advisory Committee Act, as National Institutes of Health
amended (5 U.S.C. App.), notice is need special assistance, such as sign
hereby given of the following meetings. National Heart, Lung, and Blood language interpretation or other
The meetings will be closed to the Institute; Notice of Closed Meeting reasonable accommodations, should
public in accordance with the notify the Contact Person listed below
Pursuant to section 10(d) of the in advance of the meeting.
provisions set forth in sections
Federal Advisory Committee Act, as The meeting will be closed to the
552b(c)(4) and 552b(c)(6), title 5 U.S.C.,
amended (5 U.S.C. App.), notice is public in accordance with the
as amended. The grant applications and
hereby given of the following meeting. provisions set forth in sections
the discussions could disclose The meeting will be closed to the
confidential trade secrets or commercial 552b(c)(4) and 552b(c)(6), Title 5 U.S.C.,
public in accordance with the as amended. The grant applications
property such as patentable material, provisions set forth in sections
and personal information concerning and/or contract proposals and the
552b(c)(4) and 552b(c)(6), title 5 U.S.C., discussions could disclose confidential
individuals associated with the grant as amended. The grant applications and
applications, the disclosure of which trade secrets or commercial property
the discussions could disclose such as patentable material, and
would constitute a clearly unwarranted confidential trade secrets or commercial
invasion of personal privacy. personal information concerning
property such as patentable material, individuals associated with the grant
Name of Committee: National Institute of and personal information concerning applications and/or contract proposals,
Diabetes and Digestive and Kidney Diseases individuals associated with the grant the disclosure of which would
Special Emphasis Panel; Fellowship and applications, the disclosure of which
Career Award Grants. constitute a clearly unwarranted
would constitute a clearly unwarranted invasion of personal privacy.
Date: April 13, 2016.
Time: 4:00 p.m. to 5:00 p.m.
invasion of personal privacy.
Name of Committee: National Advisory
Agenda: To review and evaluate grant Name of Committee: National Heart, Lung, Council for Biomedical Imaging and
applications. and Blood Institute Special Emphasis Panel,
mstockstill on DSK4VPTVN1PROD with NOTICES
Bioengineering.
Place: National Institutes of Health, Two Translational Programs in Lung Diseases. Date: May 19, 2016.
Democracy Plaza, 6707 Democracy Date: April 20–21, 2016. Open: 9:00 a.m. to 12:30 p.m.
Boulevard, Bethesda, MD 20892 (Telephone Time: 1:00 p.m. to 3:00 p.m. Agenda: Report from the Institute Director,
Conference Call). Agenda: To review and evaluate grant other Institute Staff, presentation of Task
Contact Person: Carol J. Goter-Robinson, applications. Force reports, and Scientific Presentation.
Ph.D., Scientific Review Officer, Review Place: Crystal Gateway Marriott, 1700 Place: The William F. Bolger Center,
Branch, DEA, NIDDK, National Institutes of Jefferson Davis Highway Arlington, VA Franklin Building, Classroom 15/16, 9600
Health, Room 7347, 6707 Democracy 22202. Newbridge Drive, Potomac, MD 20854.
VerDate Sep<11>2014 19:43 Mar 28, 2016 Jkt 238001 PO 00000 Frm 00043 Fmt 4703 Sfmt 4703 E:\FR\FM\29MRN1.SGM 29MRN1](https://thefederalregister.org/doc/81_FR_17523/page/5.svg)
Document Created: 2016-03-30 08:29:02
Document Modified: 2016-03-30 08:29:02
| Category | Regulatory Information | |
| Collection | Federal Register | |
| sudoc Class | AE 2.7: GS 4.107: AE 2.106: | |
| Publisher | Office of the Federal Register, National Archives and Records Administration | |
| Section | Notices | |
| Action | Notice of an altered system of records. | |
| Dates | This Notice is effective on publication, with the exception of the new and revised routine uses. The new and revised routine uses will be effective 30 days after publication of this Notice, unless comments are received that warrant a revision to this Notice. Written comments on the routine uses should be submitted within 30 days. Until the new and revised routine uses are effective, the routine uses previously published for the system will remain in effect. | |
| Contact | Beth Kramer, HHS Privacy Act Officer, FOIA/PA Division, Hubert H. Humphrey Building--Suite 729H, 200 Independence Avenue SW., Washington, DC 20201. Ms. Kramer can also be reached by telephone at 202-690-7453. | |
| FR Citation | 81 FR 17463 |
2025 Federal Register | Disclaimer | Privacy Policy
USC | CFR | eCFR