81 FR 88690 - Privacy Act of 1974; Notice To Establish an Exempt System of Records

DEPARTMENT OF HEALTH AND HUMAN SERVICES
National Institutes of Health

Federal Register Volume 81, Issue 236 (December 8, 2016)

Page Range		88690-88694
FR Document		2016-29059

In accordance with the requirements of the Privacy Act of 1974, as amended, the National Institutes of Health (NIH) proposes to establish a new system of records, to be numbered and titled: SORN 09- 25-0225 ``NIH Electronic Research Administration (eRA) Records, HHS/ NIH/OD/OER,'' which will be related to, but separate from, the system of records covered in SORN 09-25-0036 ``NIH Extramural Awards and Chartered Advisory Committee (IMPAC II), Contract Information (DCIS), and Cooperative Agreement Information, HHS/NIH.'' The new system of records will cover records used by NIH throughout the research and development award lifecycle, from application to scientific peer review, post-award monitoring, and close-out. Elsewhere in today's Federal Register, NIH has published a Notice of Proposed Rulemaking (NPRM) proposing to exempt confidential source- identifying material in the new system of records (i.e., material that would inappropriately reveal the identities of referees who provide letters of recommendation and peer reviewers who provide written evaluative input and recommendations to NIH about particular funding applications under an express promise by the government that their identities in association with the written work products they authored and provided to the government will be kept confidential) from certain requirements of the Privacy Act, specifically, from the provisions pertaining to providing an accounting of disclosures, access and amendment and notification. The exemptions and the promises of confidentiality are necessary to protect the integrity of NIH extramural peer review and award processes and ensure that NIH efforts to obtain accurate and objective assessments and evaluations of funding applications from referees and peer reviewers is not hindered. The exemptions will become effective when NIH publishes a Final Rule, which will not occur until the 60-day comment period provided in the NPRM has expired and any comments received on the NPRM (or on this System of Records Notice) have been addressed.

Federal Register, Volume 81 Issue 236 (Thursday, December 8, 2016)

[Federal Register Volume 81, Number 236 (Thursday, December 8, 2016)]
[Notices]
[Pages 88690-88694]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2016-29059]


-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

National Institutes of Health


Privacy Act of 1974; Notice To Establish an Exempt System of 
Records

AGENCY:  National Institutes of Health (NIH), Department of Health and 
Human Services (HHS).

ACTION:  Notice to establish an exempt system of records.

-----------------------------------------------------------------------

SUMMARY:  In accordance with the requirements of the Privacy Act of 
1974, as amended, the National Institutes of Health (NIH) proposes to 
establish a new system of records, to be numbered and titled: SORN 09-
25-0225 ``NIH Electronic Research Administration (eRA) Records, HHS/
NIH/OD/OER,'' which will be related to, but separate from, the system 
of records covered in SORN 09-25-0036 ``NIH Extramural Awards and 
Chartered Advisory Committee (IMPAC II), Contract Information (DCIS), 
and Cooperative Agreement Information, HHS/NIH.'' The new system of 
records will cover records used by NIH throughout the research and 
development award lifecycle, from application to scientific peer 
review, post-award monitoring, and close-out.
    Elsewhere in today's Federal Register, NIH has published a Notice 
of Proposed Rulemaking (NPRM) proposing to exempt confidential source-
identifying material in the new system of records (i.e., material that 
would inappropriately reveal the identities of referees who provide 
letters of recommendation and peer reviewers who provide written 
evaluative input and recommendations to NIH about particular funding 
applications under an express promise by the government that their 
identities in association with the written work products they authored 
and provided to the government will be kept confidential) from certain 
requirements of the Privacy Act, specifically, from the provisions 
pertaining to providing an accounting of disclosures, access and 
amendment and notification. The exemptions and the promises of 
confidentiality are necessary to protect the integrity of NIH 
extramural peer review and award processes and ensure that NIH efforts 
to obtain accurate and objective assessments and evaluations of funding 
applications from referees and peer reviewers is not hindered. The 
exemptions will become effective when NIH publishes a Final Rule, which 
will not occur until the 60-day comment period provided in the NPRM has 
expired and any comments received on the NPRM (or on this System of 
Records Notice) have been addressed.

DATES:  The comment period for this System of Records Notice (SORN) is 
co-extensive with the 60-day comment period provided in the NPRM; i.e., 
written comments on the SORN should be submitted within 60 days from 
today's publication date. The new system, including the routine uses 
and the exemptions, will become effective when NIH publishes a Final 
Rule, which will not occur until the 60-day comment period provided in 
the NPRM has expired and any comments received on the NPRM (or on this 
SORN) have been addressed.

ADDRESSES:  You may submit comments, identified by the Privacy Act 
System of Records Number (09-25-0225), by any of the following methods: 
Email: privacy@mail.nih.gov and include PA SOR number (09-25-0225) in 
the subject line of the message. Phone: (301) 402-6201. Fax: (301) 402-
0169. Mail or hand-delivery: NIH Privacy Act Officer, Office of 
Management Assessment, National Institutes of Health, 6011 Executive 
Boulevard, Suite 601, MSC 7669, Rockville, Maryland 20852. Comments 
received will be available for public inspection at this same address 
from 9:00 a.m. to 3:00 p.m., Monday through Friday, except Federal 
holidays. Please call 301-496-4606 for an appointment.

FOR FURTHER INFORMATION CONTACT:  NIH Privacy Act Officer, Office of 
Management Assessment (OMA), Office of the Director (OD), National 
Institutes of Health (NIH), 6011 Executive Boulevard, Suite 601, MSC 
7669, Rockville, Maryland 20852, or telephone (301) 402-6201.

SUPPLEMENTARY INFORMATION: 

I. Background on the NIH Electronic Research Administration (eRA) 
Records System

    The new system of records established in this Notice, ``NIH 
Electronic Research Administration (eRA) Records, HHS/NIH/OD/OER'' 
(hereinafter referred to as the ``NIH eRA Records'' system), will cover 
records used throughout the research and development award lifecycle, 
including pre-award stages of application submission, scientific peer 
review, award processing, post-award monitoring, and close-out. Many of 
the records in the system will contain information about more than one 
individual or type of individual (e.g., applicants, awardees, faculty 
members of applicant and awardee entities, application reviewers). By 
design, any of the records can be (and in practice will be) retrieved 
using the name or other personal identifier of any of the individuals 
whose information is contained in the records, to the extent required 
to help ensure that award proceedings are carried out by the NIH in 
accordance with all applicable federal statutes and regulations.
    The eRA information technology (IT) system associated with this 
system of records is an HHS-designated Center of Excellence, and is 
used as a grants management line of business system by other federal 
agencies to manage their award records. Records pertaining to awards of 
other agencies in the eRA IT system are not covered under SORN 09-25-
0225, but would be covered under SORN(s) those agencies publish, if 
their records require a SORN.

II. The Privacy Act

    The Privacy Act governs the collection, maintenance, use, and

[[Page 88691]]

dissemination of certain information about individuals by agencies of 
the Federal Government.
    A System of Records (SOR) is a group of any records under the 
control of a Federal agency from which information about an individual 
is retrieved by the individual's name or other personal identifier. The 
Privacy Act requires each agency to publish in the Federal Register 
notice of the existence and character of each SOR that the agency 
maintains. The System of Records Notice (SORN) identifies or describes 
the laws authorizing the system to be maintained; the types and sources 
of records in the system; the categories of individuals to whom the 
records pertain; the purposes for which the records are used within the 
agency; the routine uses for which a record maybe disclosed to parties 
outside the agency without the individual's prior, written consent; 
agency policies and procedures for safeguarding, storing, retrieving, 
accessing, retaining, and disposing of the records; the procedures for 
an individual to follow to make notification, access, and amendment 
requests to the System Manager; and whether the SOR is exempt from 
certain Privacy Act requirements.

    Dated: September 29, 2016.
 Alfred C. Johnson,
Acting Deputy Director for Management, NIH.
System Number: 09-25-0225

SYSTEM NAME:
    Electronic Research Administration (eRA) Records, HHS/NIH/OD/OER.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Records will be located at:
     The Office of Extramural Research (OER), Office of the 
Director (OD), National Institutes of Health (NIH), Building 1, Room 
144, 1 Center Drive, Bethesda, MD 20892; and
     any Federal Records Center where records from this system 
of records are archived and stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The records contained within this system will pertain to the 
following categories of individuals:
    1. Applicants for or Awardees of biomedical and behavioral research 
and development, training, career development, or loan repayment grant 
awards; cooperative agreement awards; and research and development 
contract awards;
    2. Individuals who are named in applications, or awards; or 
individuals named on NIH intramural projects; e.g., program directors, 
key personnel, trainees, collaborators, consultants;
    3. Peer Reviewers who review and provide evaluative input to the 
government about particular applications, in records such as reviewer 
critiques, preliminary or final individual overall impact/priority 
scores, and/or assignment of peer reviewers to an application;
    4. Referees who, in association with a particular trainee 
application, supply a reference or letter of recommendation for an 
applicant;
    5. Individual awardees and sub-awardees who are required to report 
inventions, patents, and utilization of subject invention(s) associated 
with NIH awards; and
    6. Academic medical faculty, medical students and resident 
physicians (e.g., faculty of Association of American Medical Colleges 
of member institutions).

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system will include a variety of pre-award and award 
management records that contain information needed to process 
applications and manage grant awards across the award lifecycle. Listed 
below are the categories of individuals mentioned above, matched with 
pre-award and award management records collected about them.
    1. Applicants for or Awardees of awards--pre-award and award 
management (awardees) information;
    2. Individuals named in applications, or awards--pre-award and 
award management (awardees) information;
    3. Referees--pre-award information;
    4. Peer Reviewers--pre-award information;
    5. Individuals required to report inventions, etc.--award 
management information; and,
    6. Academic medical faculty, medical students and resident 
physicians--award management information.
    Pre-award information includes the (1) application and related 
materials, and (2) documents related to the composition and function of 
chartered advisory committees (i.e., rosters). A record may consist of 
name, institution address, professional degree, demographic 
information, education and employment records and identifiers used by 
eRA Commons (i.e., user name and an IMPAC II system-assigned, unique 
personal identification number).
    Award management information consists of materials submitted in 
support of an award such as (1) recommendation letters; (2) peer review 
related information such as application scores, reviewer critiques, 
summary statements and express promises of confidentiality of any 
information concerning applications, scores, or critiques; (3) 
financial information such as obligated award amounts and awardee 
financial reports; (4) financial conflict of interest records; (5) 
inventions, utilization data, patent applications, and patents; (6) 
publications or other scholarly products reported as associated with 
awards; (7) reports related to management of awards; and (8) records 
and reports related to data querying, reporting, tracking, compliance, 
evaluation, audit, and communications activities. For the academic 
medical faculty category, records are used to support special studies, 
including research and policy evaluations and to complete biomedical 
workforce statistical reports and include (1) faculty name, (2) 
employing institution and institutional address; (3) degree and year 
obtained; (4) demographic information; (5) field of study; (6) 
appointment information; and (7) employment history. For the purpose of 
peer review, the eRA system contains limited information on loan 
repayment applications (which are managed through a different System of 
Records, NIH SORN 09-25-0165, Division of Loan Repayment Records) and 
research and development contract award information for purposes of 
complying with statutory requirements related to research and 
development awards at NIH such as reporting on the inclusion of 
minorities, women, and children in clinical research; obtaining 
approval for foreign grant components from the Department of State; and 
to satisfy research conditions, and disease categorization reporting 
requirements.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    The legal authority to operate and maintain this Privacy Act 
records system is 42 U.S.C. 217a, 241, 242, 248, 281, 282, 284, 284a, 
285, 285b, 285c, 285d, 285e, 285f, 285g, 285h, 285i, 285j, 285k, 285l, 
285m, 285n, 285o, 285p, 285q, 285r, 285s, 285t, 286, 287, 287b, 287c-
21, 287d, 288, 35 U.S.C. 200-212, 48 CFR Subpart 15.3 and 37 CFR 401.1-
16.

PURPOSE:
    Records about individuals will be used within the agency for these 
purposes:
    1. To support NIH award programs and related processes, including 
(1) application preparation, receipt, referral, and assignment; (2) 
initial peer and council reviews; (3) award processing, funding, 
monitoring, and close-out; and (4) data querying,

[[Page 88692]]

reporting, tracking, compliance, evaluation, audit, and communications.
    2. To track individual trainees who receive support from NIH 
through grants such as fellowship or career awards or who are supported 
through institutional training grant awards. Included are individuals 
in training for research and development supported in an investigator's 
laboratory which has an NIH-funded award (e.g., R01); these trainees 
are defined as ``closely associated trainees''.
    3. To communicate matters related to agency award programs with (1) 
applicant organizations, including associated systems or system 
providers; (2) applicant persons such as the authorized institutional 
representatives, principal investigator(s), trainees, or foreign 
collaborators; (3) peer reviewers; or (4) other entities such as 
Congress; federal departments or agencies, non-federal agencies or 
entities, or the general public.
    4. To monitor the operation of review and award processes to detect 
and deal appropriately with any instances of real or apparent 
inequities.
    5. To provide mandated and other requested reports to Congress and 
in compliance with statutory, regulatory, and policy requirements.
    6. To maintain communication with former fellows and trainees who 
have incurred a payback obligation through the National Research 
Service Award Program and other federal research training programs.
    7. To maintain official administrative files of agency-funded 
research programs.
    8. To manage research portfolios.
    9. To document inventions, patents, and utilization data and 
protect the government's right to patents made with NIH support.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    Records about an individual may be disclosed from this system of 
records to the following parties outside HHS, without the individual's 
prior written consent, for the following purposes:
    1. To a congressional office from the record of an individual in 
response to a written inquiry from the congressional office made at the 
written request of the individual.
    2. To the Department of Justice (DOJ) or to a court or other 
adjudicative body when:
     HHS or any component thereof or participating agencies; or
     any employee of HHS or participating agencies in the 
employee's official capacity; or
     any employee of HHS agencies in the employee's individual 
capacity where the DOJ, HHS, or the participating agency has agreed to 
represent the employee; or
     the United States,
    is a party to litigation or has a direct and substantial interest 
in the proceeding and the disclosure of such records is deemed by the 
agency to be relevant and necessary to the proceeding; provided, 
however, that in each case, it has been determined that the disclosure 
is compatible with the purpose for which the records were collected.
    3. When a record on its face, or in combination with other records, 
indicates a violation or potential violation of law, whether civil, 
criminal or regulatory in nature, and whether arising by general 
statute or particular program statute, or by regulation, rule, or order 
issued pursuant thereto, disclosure may be made to the appropriate 
public authority, whether federal, foreign, state, local, tribal, or 
otherwise responsible for enforcing, investigating, or prosecuting the 
violation or charged with enforcing or implementing the statute, rule, 
regulation, or order issued pursuant thereto, if the information 
disclosed is relevant to the enforcement, regulatory, investigative, or 
prosecutorial responsibility of the receiving entity.
    4. To appropriate federal agencies and HHS contractors, grantees, 
consultants, or volunteers who have been engaged by HHS to assist in 
the accomplishment of an HHS function relating to the purposes of this 
system of records and that need to have access to the records in order 
to assist HHS in performing the activity. Any contractor will be 
required to comply with the Privacy Act of 1974, as amended.
    5. To appropriate federal agencies and HHS contractors with a need 
to know the information for the purpose of assisting agency efforts to 
respond to a suspected or confirmed breach of the security or 
confidentiality of information maintained in this system of records, if 
the information disclosed is relevant and necessary for that 
assistance.
    6. To a party for a research purpose when NIH: (A) Has determined 
that the use or disclosure does not violate legal or policy limitations 
under which the record was provided, collected, or obtained; (B) has 
determined that the research purpose (1) cannot be reasonably 
accomplished unless the record is provided in individually identifiable 
form, and (2) warrants the risk to the privacy of the individual; (C) 
has required the recipient to (1) establish reasonable administrative, 
technical, and physical safeguards to prevent unauthorized use or 
disclosure of the record, (2) remove or destroy the information that 
identifies the individual at the earliest time at which removal or 
destruction can be accomplished consistent with the purpose of the 
research project, unless the recipient has presented adequate 
justification of the research, and (3) makes no further use or 
disclosure of the record except when required by law, and reports 
results of the research in de-identified or aggregate form; and (D) has 
secured a written statement attesting to the recipient's understanding 
of and willingness to abide by these provisions (i.e., signed data 
access agreement for system data) in which the data may relate to 
reports of the composition of biomedical and/or research and 
development workforce; authors of publications attributable to 
federally-funded awards; information made available through third-party 
systems as permitted by applicants or awardees for agency awards; 
information related to agency research integrity investigations; or 
award payment information reported to federal databases.
    7. A record from this system may be disclosed to a federal, 
foreign, state, local, tribal or other public authority of the fact 
that this system of records contains information relevant to the hiring 
or retention of an employee, the issuance or retention of a security 
clearance, the letting of a contract, or the issuance or retention of a 
license, grant or other benefit. The other agency or licensing 
organization may then make a request supported by the written consent 
of the individual for further information if it so chooses. HHS will 
not make an initial disclosure unless the information has been 
determined to be sufficiently reliable to support a referral to another 
office within the agency or to another federal agency for criminal, 
civil, administrative, personnel, or regulatory action.
    8. To qualified experts not within the definition of agency 
employees as prescribed in agency regulations or policies to obtain 
their opinions on applications for grants, CRADAs, inventions, or other 
awards as a part of the peer review process.
    9. To the National Archives and Records Administration (NARA), 
General Services Administration (GSA), or other federal government 
agencies pursuant to records management inspections conducted under the 
authority of 44 U.S.C. 2904 and 2906.
    NIH may also disclose information about an individual, without the 
individual's prior written consent, from

[[Page 88693]]

this system of records to parties outside HHS for any of the purposes 
authorized directly in the Privacy Act at 5 U.S.C. 552a(b)(2) and 
(b)(4)-(11).

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, 
SAFEGUARDING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
    Records are stored in various electronic media and paper form, and 
maintained under secure conditions in areas with limited and/or 
controlled access. Only authorized users whose official duties require 
the use of this information will have regular access to the records in 
this system. In accordance with established NIH, HHS and other federal 
security requirements, policies, and controls, records may also be 
located, maintained and accessed from secure servers wherever feasible 
or located on approved portable/mobile devices designed to hold any 
kind of digital data including, but not limited to laptops, tablets, 
PDAs, USB drives, media cards, portable hard drives, smartphones, 
optical storage (CDs and DVDs), and/or other mobile storage devices. 
Records are stored on portable/mobile storage devices only for valid 
business purposes and with prior approval.

RETRIEVABILITY:
    Records are retrieved by the name or other personal identifier 
(e.g., Commons user ID) of a subject individual.

ACCESSIBILITY:
    Authorized Users:
    Access is strictly limited according to the principle of least 
privilege which means giving a user only those privileges which are 
essential to that user's work.

SAFEGUARDS:
    Measures to prevent unauthorized disclosures are implemented as 
appropriate for each location or form of storage and for the types of 
records maintained. Safeguards conform to the HHS Information Security 
and Privacy Program, http://www.hhs.gov/ocio/securityprivacy/index.html. Site(s) implement personnel and procedural safeguards such 
as the following:
    Administrative Safeguards:
    Controls to ensure proper protection of information and information 
technology systems include, but are not limited to, the completion of a 
Security Assessment and Authorization (SA&A) package and a Privacy 
Impact Assessment (PIA) and mandatory completion of annual NIH 
Information Security and Privacy Awareness training or comparable 
specific in-kind training offered by participating agencies that has 
been reviewed and accepted by the NIH eRA Information Systems Security 
Officer (ISSO). The SA&A package consists of a Security Categorization, 
e-Authentication Risk Assessment, System Security Plan, evidence of 
Security Control Testing, Plan of Action and Milestones, Contingency 
Plan, and evidence of Contingency Plan Testing. When the design, 
development, or operation of a system of records on individuals is 
required to accomplish an agency function, the applicable Privacy Act 
Federal Acquisition Regulation (FAR) clauses are inserted in 
solicitations and contracts.
    Physical Safeguards:
    Controls to secure the data and protect paper and electronic 
records, buildings, and related infrastructure against threats 
associated with their physical environment include, but are not limited 
to, the use of the HHS Employee ID and/or badge number and NIH key 
cards, security guards, cipher locks, biometrics, and closed-circuit 
TV. Paper records are secured under conditions that require at least 
two locks to access, such as in locked file cabinets that are contained 
in locked offices or facilities. Electronic media are kept on secure 
servers or computer systems.
    Technical Safeguards:
    Controls executed by the computer system are employed to minimize 
the possibility of unauthorized access, use, or dissemination of the 
data in the system. They include, but are not limited to user 
identification, password protection, firewalls, virtual private 
network, encryption, intrusion detection system, common access cards, 
smart cards, biometrics and public key infrastructure.
    Alleged or Confirmed Security Incidents:
    The NIH will report and take action to remediate security incidents 
involving the unauthorized access or disclosure of personally 
identifiable and sensitive information according to applicable law, 
regulations, OMB guidance, HHS and NIH policies.

RETENTION AND DISPOSAL:
    Records are retained and disposed of in accordance with the NIH 
Records Control Schedule contained in NIH Manual Chapter 1743, 
``Keeping and Destroying Records,'' which provides these disposition 
periods:
     Item E-0001 (DAA-0443-2013-0004-0001)--Official case files 
of construction, renovation, endowment and similar grants.
    Disposition: Temporary. Cut off annually following completion of 
final grant-related activity that represents closing of the case file 
(e.g., project period ended). Destroy 20 years after cut-off;
     Item E-0002 (DAA-0443-2013-0004-0002)--Official case files 
of funded grants, unfunded grants, and award applications, appeals and 
litigation records.
    Disposition: Temporary. Cut off annually following completion of 
final grant-related activity that represents closing of the case file 
(e.g., end of project period, completed final peer review, litigation 
or appeal proceeding concluded). Destroy 10 years after cut-off;
     Item E-0003 (DAA-0443-2013-0004-0003)--Animal welfare 
assurance files.
    Disposition: Temporary. Cut off annually following closing of the 
case file. Destroy 4 years after cut-off; and,
     Item E-0004 (DAA-0443-2013-0004-0004)--Extramural program 
and grants management oversight records.
    Disposition: Temporary. Cut off annually. Destroy 3 years after 
cut-off.
    Refer to the NIH Manual Chapter for specific retention and 
disposition instructions: http://www1.od.nih.gov/oma/manualchapters/management/1743.

SYSTEM MANAGER AND ADDRESS:
    OER Privacy Coordinator, Office of Extramural Research (OER), 
Office of the Director (OD), National Institutes of Health (NIH), 1 
Center Drive, Room 144, Bethesda, MD 20814.

NOTIFICATION PROCEDURE:
    Certain material will be exempt from notification; however, 
consideration will be given to all notification requests addressed to 
the System Manager. Any individual who wants to know whether this 
system of records contains a record about him or her must make a 
written request to the System Manager identified above. The requester 
should provide either a notarization of the request or a written 
certification that the requester is who he or she claims to be and 
understands that the knowing and willful request of a record pertaining 
to an individual under false pretenses is a criminal offense under the 
Privacy Act, subject to a five thousand dollar fine. The request should 
include the requester's full name and address, and should also include 
the following information, if known: The approximate date(s) the 
information was collected, the type(s) of information collected, and 
the office(s) or official(s) responsible for the collection of 
information.

[[Page 88694]]

RECORD ACCESS PROCEDURE:
    Certain material will be exempt from access; however, consideration 
will be given to all access requests addressed to the System Manager. 
To request access to a record about you, write to the System Manager 
identified above, and provide the information described under 
``Notification Procedure''. Individuals may also request an accounting 
of disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE (REDRESS):
    Certain material will be exempt from amendment; however, 
consideration will be given to all amendment requests addressed to the 
System Manager. To contest information in a record about you, write to 
the System Manager identified above, reasonably identify the record and 
specify the information being contested, state the corrective action 
sought and the reason(s) for requesting the correction, and provide 
supporting information. The right to contest records is limited to 
information that is factually inaccurate, incomplete, irrelevant, or 
untimely (obsolete).

RECORD SOURCE CATEGORIES:
    Information in records retrieved by a particular individual's 
identifier will be obtained directly from that individual or from other 
individuals and entities named in, contacted about, or involved in 
processing the records, including applicant institutions; NIH and 
customer agency acquisition personnel; educational, trainee and awardee 
institutions; and third parties that provide references or 
recommendations concerning the subject individual.

SYSTEM EXEMPTED FROM CERTAIN PROVISIONS OF THE PRIVACY ACT:
    Pursuant to 5 U.S.C. 552a(k)(5), the following subset of records in 
this system of records qualifies as investigatory material compiled 
solely for the purpose of determining suitability, eligibility, or 
qualifications for federal contracts, and will be exempted from the 
Privacy Act requirements pertaining to providing an accounting of 
disclosures, access and amendment, and notification (5 U.S.C. 552a 
(c)(3) and (d)):

    Material that would inappropriately reveal the identities of 
referees who provide letters of recommendation and peer reviewers who 
provide written evaluative input and recommendations to NIH about 
particular funding applications under an express promise by the 
government that their identities in association with the written work 
products they authored and provided to the government will be kept 
confidential; this includes only material that would reveal a 
particular referee or peer reviewer as the author of a specific work 
product (e.g., reference or recommendation letters, reviewer critiques, 
preliminary or final individual overall impact/priority scores, and/or 
assignment of peer reviewers to an application and other evaluative 
materials and data compiled by NIH/OER); it includes not only an 
author's name but any content that could enable the author to be 
identified from context.

    The exemptions will be effective upon publication of a final rule 
in the Federal Register, promulgating the exemptions as an amendment to 
HHS' Privacy Act regulations at 45 CFR 5b.11. To the extent that 
records in System No. 09-25-0225 are retrieved by personal identifiers 
for individuals other than referees and peer reviewers (for example, 
individual funding applicants, and other individuals who are the 
subject of assessment or evaluation), the exemptions will enable the 
agency to prevent, when appropriate, those individual record subjects 
from having access to, and other rights under the Privacy Act with 
respect to, the above-described confidential source-identifying 
material in the records.

[FR Doc. 2016-29059 Filed 12-7-16; 8:45 am]
 BILLING CODE 4140-01-P

88692 Federal Register / Vol. 81, No. 236 / Thursday, December 8, 2016 / Notices

reporting, tracking, compliance, • any employee of HHS agencies in establish reasonable administrative,
evaluation, audit, and communications. the employee’s individual capacity technical, and physical safeguards to
2. To track individual trainees who where the DOJ, HHS, or the prevent unauthorized use or disclosure
receive support from NIH through grants participating agency has agreed to of the record, (2) remove or destroy the
such as fellowship or career awards or represent the employee; or information that identifies the
who are supported through institutional • the United States, individual at the earliest time at which
training grant awards. Included are is a party to litigation or has a direct removal or destruction can be
individuals in training for research and and substantial interest in the accomplished consistent with the
development supported in an proceeding and the disclosure of such purpose of the research project, unless
investigator’s laboratory which has an records is deemed by the agency to be the recipient has presented adequate
NIH-funded award (e.g., R01); these relevant and necessary to the justification of the research, and (3)
trainees are defined as ‘‘closely proceeding; provided, however, that in makes no further use or disclosure of
associated trainees’’. each case, it has been determined that the record except when required by law,
3. To communicate matters related to the disclosure is compatible with the and reports results of the research in de-
agency award programs with (1) purpose for which the records were identified or aggregate form; and (D) has
applicant organizations, including collected. secured a written statement attesting to
associated systems or system providers; 3. When a record on its face, or in the recipient’s understanding of and
(2) applicant persons such as the combination with other records, willingness to abide by these provisions
authorized institutional representatives, indicates a violation or potential (i.e., signed data access agreement for
principal investigator(s), trainees, or violation of law, whether civil, criminal system data) in which the data may
foreign collaborators; (3) peer reviewers; or regulatory in nature, and whether relate to reports of the composition of
or (4) other entities such as Congress; arising by general statute or particular biomedical and/or research and
federal departments or agencies, non- program statute, or by regulation, rule, development workforce; authors of
federal agencies or entities, or the or order issued pursuant thereto, publications attributable to federally-
general public. disclosure may be made to the funded awards; information made
4. To monitor the operation of review appropriate public authority, whether available through third-party systems as
and award processes to detect and deal federal, foreign, state, local, tribal, or permitted by applicants or awardees for
appropriately with any instances of real otherwise responsible for enforcing, agency awards; information related to
or apparent inequities. investigating, or prosecuting the agency research integrity investigations;
5. To provide mandated and other violation or charged with enforcing or or award payment information reported
requested reports to Congress and in implementing the statute, rule, to federal databases.
compliance with statutory, regulatory, regulation, or order issued pursuant 7. A record from this system may be
and policy requirements. thereto, if the information disclosed is disclosed to a federal, foreign, state,
6. To maintain communication with relevant to the enforcement, regulatory, local, tribal or other public authority of
former fellows and trainees who have investigative, or prosecutorial the fact that this system of records
incurred a payback obligation through responsibility of the receiving entity. contains information relevant to the
4. To appropriate federal agencies and hiring or retention of an employee, the
the National Research Service Award
HHS contractors, grantees, consultants, issuance or retention of a security
Program and other federal research
or volunteers who have been engaged by clearance, the letting of a contract, or
training programs.
HHS to assist in the accomplishment of the issuance or retention of a license,
7. To maintain official administrative
an HHS function relating to the grant or other benefit. The other agency
files of agency-funded research
purposes of this system of records and or licensing organization may then make
programs.
8. To manage research portfolios. that need to have access to the records a request supported by the written
9. To document inventions, patents, in order to assist HHS in performing the consent of the individual for further
and utilization data and protect the activity. Any contractor will be required information if it so chooses. HHS will
government’s right to patents made with to comply with the Privacy Act of 1974, not make an initial disclosure unless the
NIH support. as amended. information has been determined to be
5. To appropriate federal agencies and sufficiently reliable to support a referral
ROUTINE USES OF RECORDS MAINTAINED IN THE HHS contractors with a need to know to another office within the agency or to
SYSTEM, INCLUDING CATEGORIES OF USERS AND the information for the purpose of another federal agency for criminal,
THE PURPOSES OF SUCH USES: assisting agency efforts to respond to a civil, administrative, personnel, or
Records about an individual may be suspected or confirmed breach of the regulatory action.
disclosed from this system of records to security or confidentiality of 8. To qualified experts not within the
the following parties outside HHS, information maintained in this system definition of agency employees as
without the individual’s prior written of records, if the information disclosed prescribed in agency regulations or
consent, for the following purposes: is relevant and necessary for that policies to obtain their opinions on
1. To a congressional office from the assistance. applications for grants, CRADAs,
record of an individual in response to a 6. To a party for a research purpose inventions, or other awards as a part of
written inquiry from the congressional when NIH: (A) Has determined that the the peer review process.
office made at the written request of the use or disclosure does not violate legal 9. To the National Archives and
individual. or policy limitations under which the Records Administration (NARA),
record was provided, collected, or
sradovich on DSK3GMQ082PROD with NOTICES

2. To the Department of Justice (DOJ) General Services Administration (GSA),
or to a court or other adjudicative body obtained; (B) has determined that the or other federal government agencies
when: research purpose (1) cannot be pursuant to records management
• HHS or any component thereof or reasonably accomplished unless the inspections conducted under the
participating agencies; or record is provided in individually authority of 44 U.S.C. 2904 and 2906.
• any employee of HHS or identifiable form, and (2) warrants the NIH may also disclose information
participating agencies in the employee’s risk to the privacy of the individual; (C) about an individual, without the
official capacity; or has required the recipient to (1) individual’s prior written consent, from

VerDate Sep<11>2014 17:28 Dec 07, 2016 Jkt 241001 PO 00000 Frm 00036 Fmt 4703 Sfmt 4703 E:\FR\FM\08DEN1.SGM 08DEN1

88694 Federal Register / Vol. 81, No. 236 / Thursday, December 8, 2016 / Notices

RECORD ACCESS PROCEDURE: confidential; this includes only material 1500N, Washington, DC 20229, tel. 202–
Certain material will be exempt from that would reveal a particular referee or 344–1060.
access; however, consideration will be peer reviewer as the author of a specific SUPPLEMENTARY INFORMATION: Notice is
given to all access requests addressed to work product (e.g., reference or hereby given pursuant to 19 CFR 151.13,
the System Manager. To request access recommendation letters, reviewer that Petrospect, Inc., 499 N. Nimitz
to a record about you, write to the critiques, preliminary or final Highway, Pier 21, Honolulu, HI 96817,
System Manager identified above, and individual overall impact/priority has been approved to gauge petroleum
provide the information described scores, and/or assignment of peer and certain petroleum products for
under ‘‘Notification Procedure’’. reviewers to an application and other customs purposes, in accordance with
Individuals may also request an evaluative materials and data compiled the provisions of 19 CFR 151.13.
accounting of disclosures that have been by NIH/OER); it includes not only an Petrospect, Inc. is approved for the
made of their records, if any. author’s name but any content that following gauging procedures for
could enable the author to be identified petroleum and certain petroleum
CONTESTING RECORD PROCEDURE (REDRESS):
from context. products from the American Petroleum
Certain material will be exempt from The exemptions will be effective upon Institute (API):
amendment; however, consideration publication of a final rule in the Federal
will be given to all amendment requests Register, promulgating the exemptions API chapters Title
addressed to the System Manager. To as an amendment to HHS’ Privacy Act
contest information in a record about regulations at 45 CFR 5b.11. To the 3 ..................... Tank Gauging.
you, write to the System Manager extent that records in System No. 09–
7 ..................... Temperature Determination.
identified above, reasonably identify the 8 ..................... Sampling.
25–0225 are retrieved by personal 11 ................... Physical Properties Data.
record and specify the information identifiers for individuals other than
being contested, state the corrective 12 ................... Calculations.
referees and peer reviewers (for 17 ................... Marine Measurement.
action sought and the reason(s) for example, individual funding applicants,
requesting the correction, and provide and other individuals who are the Anyone wishing to employ this entity
supporting information. The right to subject of assessment or evaluation), the to conduct gauger services should
contest records is limited to information exemptions will enable the agency to request and receive written assurances
that is factually inaccurate, incomplete, prevent, when appropriate, those from the entity that it is approved by the
irrelevant, or untimely (obsolete). individual record subjects from having U.S. Customs and Border Protection to
RECORD SOURCE CATEGORIES: access to, and other rights under the conduct the specific gauger service
Information in records retrieved by a Privacy Act with respect to, the above- requested. Alternatively, inquiries
particular individual’s identifier will be described confidential source- regarding the specific gauger service this
obtained directly from that individual or identifying material in the records. entity is approved to perform may be
from other individuals and entities [FR Doc. 2016–29059 Filed 12–7–16; 8:45 am] directed to the U.S. Customs and Border
named in, contacted about, or involved BILLING CODE 4140–01–P Protection by calling (202) 344–1060.
in processing the records, including The inquiry may also be sent to
applicant institutions; NIH and CBPGaugersLabs@cbp.dhs.gov. Please
customer agency acquisition personnel; DEPARTMENT OF HOMELAND reference the Web site listed below for
educational, trainee and awardee SECURITY a complete listing of CBP approved
institutions; and third parties that gaugers and accredited laboratories.
provide references or recommendations Customs and Border Protection http://www.cbp.gov/about/labs-
concerning the subject individual. scientific/commercial-gaugers-and-
Approval of Petrospect, Inc., as a laboratories.
SYSTEM EXEMPTED FROM CERTAIN PROVISIONS Commercial Gauger
OF THE PRIVACY ACT:
Dated: November 30, 2016.
Pursuant to 5 U.S.C. 552a(k)(5), the AGENCY: U.S. Customs and Border Ira S. Reese,
following subset of records in this Protection, Department of Homeland Executive Director, Laboratories and
system of records qualifies as Security. Scientific Services Directorate.
investigatory material compiled solely ACTION: Notice of approval of Petrospect, [FR Doc. 2016–29402 Filed 12–7–16; 8:45 am]
for the purpose of determining Inc. as a commercial gauger. BILLING CODE 9111–14–P
suitability, eligibility, or qualifications
for federal contracts, and will be SUMMARY: Notice is hereby given,
exempted from the Privacy Act pursuant to CBP regulations, that DEPARTMENT OF HOMELAND
requirements pertaining to providing an Petrospect, Inc. has been approved to SECURITY
accounting of disclosures, access and gauge petroleum and certain petroleum
products for customs purposes for the Federal Emergency Management
amendment, and notification (5 U.S.C. Agency
552a (c)(3) and (d)): next three years as of June 10, 2016.
Material that would inappropriately DATES: Effective Dates: The approval of [Internal Agency Docket No. FEMA–4291–
reveal the identities of referees who Petrospect, Inc. as commercial gauger DR; Docket ID FEMA–2016–0001]
provide letters of recommendation and became effective on June 10, 2016. The
next triennial inspection date will be Virginia; Amendment No. 3 to Notice of
peer reviewers who provide written
sradovich on DSK3GMQ082PROD with NOTICES

scheduled for June 2019. a Major Disaster Declaration
evaluative input and recommendations
to NIH about particular funding FOR FURTHER INFORMATION CONTACT: AGENCY: Federal Emergency
applications under an express promise Approved Gauger and Accredited Management Agency, DHS.
by the government that their identities Laboratories Manager, Laboratories and ACTION: Notice.
in association with the written work Scientific Services Directorate, U.S.
products they authored and provided to Customs and Border Protection, 1300 SUMMARY: This notice amends the notice
the government will be kept Pennsylvania Avenue NW., Suite of a major disaster declaration for the

VerDate Sep<11>2014 17:28 Dec 07, 2016 Jkt 241001 PO 00000 Frm 00038 Fmt 4703 Sfmt 4703 E:\FR\FM\08DEN1.SGM 08DEN1

Document Created: 2016-12-08 00:26:39
Document Modified: 2016-12-08 00:26:39

Category		Regulatory Information
Collection		Federal Register
sudoc Class		AE 2.7: GS 4.107: AE 2.106:
Publisher		Office of the Federal Register, National Archives and Records Administration
Section		Notices
Action		Notice to establish an exempt system of records.
Dates		The comment period for this System of Records Notice (SORN) is co-extensive with the 60-day comment period provided in the NPRM; i.e., written comments on the SORN should be submitted within 60 days from today's publication date. The new system, including the routine uses and the exemptions, will become effective when NIH publishes a Final Rule, which will not occur until the 60-day comment period provided in the NPRM has expired and any comments received on the NPRM (or on this
Contact		NIH Privacy Act Officer, Office of Management Assessment (OMA), Office of the Director (OD), National Institutes of Health (NIH), 6011 Executive Boulevard, Suite 601, MSC 7669, Rockville, Maryland 20852, or telephone (301) 402-6201.
FR Citation		81 FR 88690

81 FR 88690 - Privacy Act of 1974; Notice To Establish an Exempt System of Records

DEPARTMENT OF HEALTH AND HUMAN SERVICESNational Institutes of Health

Federal Register Volume 81, Issue 236 (December 8, 2016)

DEPARTMENT OF HEALTH AND HUMAN SERVICES
National Institutes of Health