82 FR 32564 - Privacy Act of 1974; System of Records

DEPARTMENT OF HOMELAND SECURITY

Federal Register Volume 82, Issue 134 (July 14, 2017)

Page Range		32564-32567
FR Document		2017-14839

In accordance with the Privacy Act of 1974, the Department of Homeland Security proposes to modify and reissue a current Department of Homeland Security system of records titled, ``Department of Homeland Security/Federal Emergency Management Agency-002 Quality Assurance Recording System of Records.'' This system of records allows the Department of Homeland Security/Federal Emergency Management Agency to collect and maintain records on the customer service performance of its employees and contractors who interact with individuals who apply for the Agency's individual assistance and public assistance programs. As a result of a biennial review of this system, the Department of Homeland Security/Federal Emergency Management Agency is updating this system of records notice to update the system location, remove the use of the term vendors for clarity as it is interchangeable with contractors in this instance, and replace the use of the term National Processing Service Center (NPSC) with the new term Regional Service Center (RSC). Additionally, this notice includes non-substantive changes to simplify the formatting and text of the previously published notice. This modified system will be included in the Department of Homeland Security's inventory of record systems.

Federal Register, Volume 82 Issue 134 (Friday, July 14, 2017)

[Federal Register Volume 82, Number 134 (Friday, July 14, 2017)]
[Notices]
[Pages 32564-32567]
From the Federal Register Online [www.thefederalregister.org]
[FR Doc No: 2017-14839]

-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

[Docket No. DHS-2017-0023]

Privacy Act of 1974; System of Records

AGENCY: Department of Homeland Security, Privacy Office.

ACTION: Notice of Modified Privacy Act System of Records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the Department of
Homeland Security proposes to modify and reissue a current Department
of Homeland Security system of records titled, ``Department of Homeland
Security/Federal Emergency Management Agency-002 Quality Assurance
Recording System of Records.'' This system of records allows the
Department of Homeland Security/Federal Emergency Management Agency to
collect and maintain records on the customer service performance of its
employees and contractors who interact with individuals who apply for
the Agency's individual assistance and public assistance programs.
As a result of a biennial review of this system, the Department of
Homeland Security/Federal Emergency Management Agency is updating this
system of records notice to update the system location, remove the use
of the term vendors for clarity as it is interchangeable with
contractors in this instance, and replace the use of the term National
Processing Service Center (NPSC) with the new term Regional Service
Center (RSC). Additionally, this notice includes non-substantive
changes to simplify the formatting and text of the previously published
notice. This modified system will be included in the Department of
Homeland Security's inventory of record systems.

DATES: Submit comments on or before August 14, 2017. This modified
system will be effective August 14, 2017.

ADDRESSES: You may submit comments, identified by docket number DHS-
2017-0023 by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
Fax: 202-343-4010.
Mail: Jonathan R. Cantor, Acting Chief Privacy Officer,
Privacy Office, Department of Homeland Security, Washington, DC 20528-
0655.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact:
William Holzerland, (202) 212-5100, Senior Director for Information
Management, Federal Emergency Management Agency, Washington, DC 20478.
For privacy questions, please contact: Jonathan R. Cantor, (202) 343-
1717, Acting Chief Privacy Officer, Privacy Office, Department of
Homeland Security, Washington, DC 20528-0655.

SUPPLEMENTARY INFORMATION:

I. Background

In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the
Department of Homeland Security (DHS)/Federal Emergency Management
Agency (FEMA) proposes to modify and reissue a current DHS system of
records titled, ``DHS/FEMA-002 Quality Assurance Recording System of
Records.''
DHS/FEMA published this system of records notice because FEMA
collects, uses, maintains, and retrieves personally identifiable
information (PII) from its employees and contractors for internal
employee performance evaluations, training, process improvement, and
quality assurance purposes to improve customer service to individual
assistance and public assistance applicants. FEMA collects information
from individual applicants (including PII) as necessary, or uses
information previously collected from them to provide customer service
to these applicants.
FEMA is updating this system of records notice to provide greater
transparency to the public on its migration to the Contact Center
Capability Modernization Program (C3MP), a new information technology
system. FEMA is updating the system location to: 1) include the C3MP IT
system, which maintains these records; 2) remove the use of the term
vendors for clarity as it is interchangeable with contractors in this
instance; and 3) replace the use of the term National Processing
Service Center (NPSC) with the new term Regional Service Center (RSC).
Additionally, FEMA is making non-substantive grammatical changes
throughout this notice for the purpose of clarification.
The purpose of this system of records is to enable FEMA's Quality
Control Department, Customer Satisfaction Analysis Section, Contract
Oversight Management Section, and FEMA RSC Supervisory staff to better
monitor, evaluate, and assess its employees and contractors so that
FEMA can improve customer service to those seeking disaster assistance.
The purpose is consistent with FEMA's mission to improve its capability
to respond to all hazards and support the citizens of our Nation.
FEMA is authorized to collect information in order to properly
administer the programs that are

[[Page 32565]]

authorized and described in this system of record notice. FEMA
collects, uses, and maintains the records within this system under the
authority of: 5 U.S.C. 301; 5 CFR 430.102; 5 U.S.C. 4302; 5 U.S.C.
7106(a); 6 U.S.C. 795; 29 U.S.C. 204(b); Executive Order No. 13571;
FEMA Directive 3100.1; FEMA Directive 3700.1; and FEMA Directive
3700.2.
Consistent with DHS's information sharing mission, information
stored in the DHS/FEMA-002 Quality Assurance Recording System of
Records may be shared with other DHS components that have a need to
know the information to carry out their national security, law
enforcement, immigration, intelligence, or other homeland security
functions. In addition, DHS/FEMA may share information with appropriate
federal, state, local, tribal, territorial, foreign, or international
government agencies consistent with the routine uses set forth in this
system of records notice.
This modified system will be included in the Department of Homeland
Security's inventory of record systems.

II. Privacy Act

The Privacy Act embodies fair information practice principles in a
statutory framework governing the means by which Federal Government
agencies collect, maintain, use, and disseminate individuals' records.
The Privacy Act applies to information that is maintained in a ``system
of records.'' A ``system of records'' is a group of any records under
the control of an agency from which information is retrieved by the
name of an individual or by some identifying number, symbol, or other
identifying particular assigned to the individual. In the Privacy Act,
an individual is defined to encompass U.S. citizens and lawful
permanent residents. Additionally, and similarly, the Judicial Redress
Act (JRA) provides a statutory right to covered persons to make
requests for access and amendment to covered records, as defined by the
JRA, along with judicial review for denials of such requests. In
addition, the JRA prohibits disclosures of covered records, except as
otherwise permitted by the Privacy Act.
Below is the description of the DHS/FEMA-002 Quality Assurance
Recording System of Records.
In accordance with 5 U.S.C. 552a(r), DHS has provided a report of
this system of records to the Office of Management and Budget and to
Congress.

SYSTEM NAME AND NUMBER:
Department of Homeland Security (DHS)/Federal Emergency Management
Agency (FEMA)-002 Quality Assurance Recording System.

SECURITY CLASSIFICATION:
Unclassified.

SYSTEM LOCATION:
Records are maintained at the FEMA Headquarters in Washington, DC
and field offices, and also within the Contact Center Modernization
Program (C3MP) IT system.

SYSTEM MANAGER(S):
Program Manager, Recovery Technology Programs Division, Federal
Emergency Management Agency, Texas Recovery Service Center, Denton, TX
76208, (940) 891-8500.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301; 5 CFR 430.102; 5 U.S.C. 4302; 5 U.S.C. 7106(a); 6
U.S.C. 795; 29 U.S.C. 204(b); Executive Order No. 13571; FEMA Directive
3100.1; FEMA Directive 3700.1; and FEMA Directive 3700.2.

PURPOSE OF THE SYSTEM:
The purpose of this system is to collect, maintain, use, and
retrieve performance records of the FEMA employees and contractors who
interact with applicants of the Agency's individual assistance and
public assistance programs for internal employee and contractor
performance evaluations, training, and quality assurance purposes to
improve FEMA's customer service to and satisfaction of those
individuals applying for FEMA's individual and public assistance
programs.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
This system collects information from FEMA employees and
contractors who are making or receiving telephone calls to or from
disaster assistance applicants; FEMA employees and contractors engaged
in the case review of disaster assistance applications not related to a
telephone call to or from a disaster assistance applicant; and FEMA
employees and contractors performing customer service satisfaction
assessments involving applicants of FEMA individual assistance or
public assistance programs. Voice recordings or screenshots may be
captured during provision of customer service for training and feedback
purposes. These captures may contain disaster survivor information as
listed below under ``Categories of Record in the System.''

CATEGORIES OF RECORDS IN THE SYSTEM:
Voice recordings of telephone calls between FEMA employees
and contractors and applicants for FEMA's individual assistance and
public assistance programs. Telephone calls may include a third-party
vendor that is providing language translation services on behalf of
FEMA;
A ``quality result'' generated in C3MP for each call or
case processing activity that is evaluated by a FEMA supervisor or
quality control specialist assessing the level of customer service
provided by the FEMA employee/contractor to the FEMA individual
assistance or public assistance applicant;
System-generated Contact ID;
Name of FEMA employee who conducted the assessment;
Identification number of FEMA employee who conducted the
assessment;
FEMA employee/contractor name; and
FEMA employee/contractor user identification number.
Tracking of FEMA employee/contractor activity related to call
recordings, case review processing not related to a phone call, and
customer satisfaction assessments may include the following individual
assistance applicant information:
Survey ID;
Applicant's name;
Applicant email address;
Home address;
Social Security number;
Applicant phone number(s);
Current mailing address; and
Personal financial information including applicant's bank
name, bank account information, insurance information, and individual
or household income.
Tracking of FEMA employee/contractor activity related to call
recordings for customer satisfaction assessments may include the
following public assistance applicant information:
Survey ID;
Applicant/Point of Contact name and title;
Applicant email address;
Organization Name;
Applicant's organization phone number(s); and
Organization's business and/or mailing address.

RECORD SOURCE CATEGORIES:
FEMA obtains records from FEMA employees and contractors who assist
disaster survivors in the disaster

[[Page 32566]]

assistance application and casework process, FEMA employees, and
contractors initiating customer satisfaction assessments of FEMA
disaster assistance applicants, and from supervisors or quality control
specialists. This system of records contains personally identifiable
information (PII) of individual assistance applicants, which is part of
the DHS/FEMA-008 Disaster Recovery Assistance Files System of Records,
78 FR 25282 (April 30, 2013), as well as PII of public assistance
applicants, which is part of the DHS/FEMA-009 Hazard Mitigation
Disaster Public Assistance and Disaster Loan Programs System of
Records, 79 FR 16015 (March 24, 2014).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DHS as a
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To the Department of Justice (DOJ), including Offices of the
U.S. Attorneys, or other federal agency conducting litigation or in
proceedings before any court, adjudicative, or administrative body,
when it is relevant or necessary to the litigation and one of the
following is a party to the litigation or has an interest in such
litigation:
1. DHS or any component thereof;
2. Any employee or former employee of DHS in his/her official
capacity;
3. Any employee or former employee of DHS in his/her individual
capacity when DOJ or DHS has agreed to represent the employee; or
4. The United States or any agency thereof.
B. To a congressional office from the record of an individual in
response to an inquiry from that congressional office made at the
request of the individual to whom the record pertains.
C. To the National Archives and Records Administration (NARA) or
General Services Administration pursuant to records management
inspections being conducted under the authority of 44 U.S.C. 2904 and
2906.
D. To an agency or organization for the purpose of performing audit
or oversight operations as authorized by law, but only such information
as is necessary and relevant to such audit or oversight function.
E. To appropriate agencies, entities, and persons when:
1. DHS determines that information from this system of records is
reasonably necessary and otherwise compatible with the purpose of
collection to assist another federal recipient agency or entity in (1)
responding to a suspected or confirmed breach or (2) preventing,
minimizing, or remedying the risk of harm to individuals, the recipient
agency or entity (including its information systems, programs, and
operations), the Federal Government, or national security, resulting
from a suspected or confirmed breach; or
2. DHS suspects or has confirmed that there has been a breach of
this system of records; and (a) DHS has determined that as a result of
the suspected or confirmed breach, there is a risk of harm to
individuals, harm to DHS (including its information systems, programs,
and operations), the Federal Government, or national security; and (b)
the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with DHS's efforts to
respond to the suspected or confirmed breach or to prevent, minimize,
or remedy such harm.
F. To contractors and their agents, grantees, experts, consultants,
and others performing or working on a contract, service, grant,
cooperative agreement, or other assignment for DHS, when necessary to
accomplish an agency function related to this system of records.
Individuals provided information under this routine use are subject to
the same Privacy Act requirements and limitations on disclosure as are
applicable to DHS officers and employees.
G. To an appropriate federal, state, tribal, local, international,
or foreign law enforcement agency or other appropriate authority
charged with investigating or prosecuting a violation or enforcing or
implementing a law, rule, regulation, or order, when a record, either
on its face or in conjunction with other information, indicates a
violation or potential violation of law, which includes criminal,
civil, or regulatory violations and such disclosure is proper and
consistent with the official duties of the person making the
disclosure.
H. To the news media and the public, with the approval of the Chief
Privacy Officer in consultation with counsel, when there exists a
legitimate public interest in the disclosure of the information, when
disclosure is necessary to preserve confidence in the integrity of DHS,
or when disclosure is necessary to demonstrate the accountability of
DHS's officers, employees, or individuals covered by the system, except
to the extent the Chief Privacy Officer determines that release of the
specific information in the context of a particular case would
constitute a clearly unwarranted invasion of personal privacy.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
DHS/FEMA stores records in this system electronically or on paper
in secure facilities in a locked drawer behind a locked door. The
records may be stored on magnetic disc, tape, and digital media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by the FEMA employee and/or contractor's
name and user identification number, or system-generated Contact ID
number. This system does not retrieve information by individual or
public assistance applicant information.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
The retention period for information maintained in C3MP depends on
the use of the data. Records within C3MP that are used in an evaluation
of a FEMA employee or contractor are retained for six years, pursuant
to FEMA Records Schedule, Series 15-1 ``National Processing Service
Centers Evaluated Call Recordings,'' NARA Authority N1-311-08-1.
Records that are not used in an evaluation of a FEMA employee or
contractor are purged from the secured servers within 45 days, per FEMA
Records Schedule, Series 15-2 ``National Processing Service Centers
Unevaluated Call Recordings,'' also under NARA Authority N1-311-08-1.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
DHS/FEMA safeguards records in this system according to applicable
rules and policies, including all applicable DHS automated systems
security and access policies. FEMA has imposed strict controls to
minimize the risk of compromising the information that is being stored.
Access to the computer system containing the records in this system is
limited to those individuals who have a need to know the information
for the performance of their official duties and who have appropriate
clearances or permissions.

RECORDS ACCESS PROCEDURES:
Individuals seeking access to and notification of any record
contained in this system of records, or seeking to contest its content,
may submit a request in writing to the Chief Privacy Officer and
Headquarters or FEMA Freedom of Information Act (FOIA) Officer, whose
contact information can be found at http://www.dhs.gov/foia

[[Page 32567]]

under ``Contacts Information.'' If an individual believes more than one
component maintains Privacy Act records concerning him or her, the
individual may submit the request to the Chief Privacy Officer and
Chief Freedom of Information Act Officer, Department of Homeland
Security, Washington, DC 20528-0655. Even if neither the Privacy Act
nor the Judicial Redress Act provide a right of access, certain records
about you may be available under the Freedom of Information Act.
When seeking records about yourself from this system of records or
any other Departmental system of records, your request must conform to
the Privacy Act regulations set forth in 6 CFR part 5. You must first
verify your identity, meaning that you must provide your full name,
current address, and date and place of birth. You must sign your
request, and your signature must either be notarized or submitted under
28 U.S.C. 1746, a law that permits statements to be made under penalty
of perjury as a substitute for notarization. While no specific form is
required, you may obtain forms for this purpose from the Chief Privacy
Officer and Chief Freedom of Information Act Officer, http://www.dhs.gov/foia or 1-866-431-0486. In addition, you should:
Explain why you believe the Department would have
information on you;
Identify which component(s) of the Department you believe
may have the information about you;
Specify when you believe the records would have been
created; and
Provide any other information that will help the FOIA
staff determine which DHS component agency may have responsive records;
If your request is seeking records pertaining to another living
individual, you must include a statement from that individual
certifying his/her agreement for you to access his/her records.
Without the above information, the component(s) may not be able to
conduct an effective search, and your request may be denied due to lack
of specificity or lack of compliance with applicable regulations.

CONTESTING RECORD PROCEDURES:
For records covered by the Privacy Act or covered JRA records, see
``Record Access Procedures'' above. For records not covered by the
Privacy act or JRA covered records an applicant may call and connect
directly with a live Human Services Specialist (HSS) to update the
applicant's information.

NOTIFICATION PROCEDURES:
See ``Record Access Procedures.''

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.

HISTORY:
79 FR 35366; 76 FR 8758.

Dated: July 10, 2017.
Jonathan R. Cantor,
Acting Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2017-14839 Filed 7-13-17; 8:45 am]
BILLING CODE 9110-17-P

32564 Federal Register / Vol. 82, No. 134 / Friday, July 14, 2017 / Notices

electronic submission of responses. The DEPARTMENT OF HOMELAND Management Agency, Washington, DC
comments that are submitted will be SECURITY 20478. For privacy questions, please
summarized and included in the request contact: Jonathan R. Cantor, (202) 343–
[Docket No. DHS–2017–0023]
for approval. All comments will become 1717, Acting Chief Privacy Officer,
a matter of public record. Privacy Act of 1974; System of Privacy Office, Department of Homeland
Records Security, Washington, DC 20528–0655.
Overview of This Information
SUPPLEMENTARY INFORMATION:
Collection AGENCY: Department of Homeland
Security, Privacy Office. I. Background
Title: Foreign Trade Zone Annual
Reconciliation Certification and Record ACTION: Notice of Modified Privacy Act In accordance with the Privacy Act of
Keeping Requirement. System of Records. 1974, 5 U.S.C. 552a, the Department of
OMB Number: 1651–0051. Homeland Security (DHS)/Federal
SUMMARY: In accordance with the Emergency Management Agency
Form Number: None. Privacy Act of 1974, the Department of (FEMA) proposes to modify and reissue
Current Actions: CBP proposes to Homeland Security proposes to modify a current DHS system of records titled,
extend the expiration date of this and reissue a current Department of ‘‘DHS/FEMA–002 Quality Assurance
information collection. There is no Homeland Security system of records Recording System of Records.’’
change to the burden hours, the titled, ‘‘Department of Homeland DHS/FEMA published this system of
information collected, or to the record Security/Federal Emergency records notice because FEMA collects,
keeping requirements. Management Agency-002 Quality uses, maintains, and retrieves
Type of Review: Extension (without Assurance Recording System of personally identifiable information (PII)
change). Records.’’ This system of records allows from its employees and contractors for
Affected Public: Businesses or other the Department of Homeland Security/ internal employee performance
for-profit institutions. Federal Emergency Management Agency evaluations, training, process
Abstract: In accordance with 19 CFR to collect and maintain records on the improvement, and quality assurance
146.4 and 146.25 foreign trade zone customer service performance of its purposes to improve customer service to
(FTZ) operators are required to account employees and contractors who interact individual assistance and public
for zone merchandise admitted, stored, with individuals who apply for the assistance applicants. FEMA collects
manipulated and removed from FTZs. Agency’s individual assistance and information from individual applicants
FTZ operators must prepare a public assistance programs. (including PII) as necessary, or uses
reconciliation report within 90 days As a result of a biennial review of this information previously collected from
after the end of the zone year for a spot system, the Department of Homeland them to provide customer service to
check or audit by CBP. In addition, Security/Federal Emergency these applicants.
Management Agency is updating this FEMA is updating this system of
within 10 working days after the annual
system of records notice to update the records notice to provide greater
reconciliation, FTZ operators must
system location, remove the use of the transparency to the public on its
submit to the CBP port director a letter
term vendors for clarity as it is migration to the Contact Center
signed by the operator certifying that the
interchangeable with contractors in this Capability Modernization Program
annual reconciliation has been prepared
instance, and replace the use of the term (C3MP), a new information technology
and is available for CBP review and is
National Processing Service Center system. FEMA is updating the system
accurate. These requirements are
(NPSC) with the new term Regional location to: 1) include the C3MP IT
authorized by Foreign Trade Zones Act,
Service Center (RSC). Additionally, this system, which maintains these records;
as amended (Pub. L. 104–201, 19 U.S.C.
notice includes non-substantive changes 2) remove the use of the term vendors
81a et seq.) for clarity as it is interchangeable with
to simplify the formatting and text of the
Record Keeping Requirements Under previously published notice. This contractors in this instance; and 3)
19 CFR 146.4 modified system will be included in the replace the use of the term National
Department of Homeland Security’s Processing Service Center (NPSC) with
Estimated Number of Respondents: the new term Regional Service Center
276. inventory of record systems.
(RSC). Additionally, FEMA is making
Estimated Time per Respondent: 45 DATES: Submit comments on or before
non-substantive grammatical changes
minutes. August 14, 2017. This modified system throughout this notice for the purpose of
Estimated Total Annual Burden will be effective August 14, 2017. clarification.
Hours: 207. ADDRESSES: You may submit comments, The purpose of this system of records
identified by docket number DHS– is to enable FEMA’s Quality Control
Certification Letter Under 19 CFR 2017–0023 by one of the following Department, Customer Satisfaction
146.25 methods: Analysis Section, Contract Oversight
Estimated Number of Respondents: • Federal e-Rulemaking Portal: http:// Management Section, and FEMA RSC
276. www.regulations.gov. Follow the Supervisory staff to better monitor,
Estimated Time per Respondent: 20 instructions for submitting comments. evaluate, and assess its employees and
minutes. • Fax: 202–343–4010. contractors so that FEMA can improve
• Mail: Jonathan R. Cantor, Acting customer service to those seeking
Estimated Total Annual Burden Chief Privacy Officer, Privacy Office, disaster assistance. The purpose is
mstockstill on DSK30JT082PROD with NOTICES

Hours: 91. Department of Homeland Security, consistent with FEMA’s mission to
Dated: July 11, 2017. Washington, DC 20528–0655. improve its capability to respond to all
Seth Renkema, FOR FURTHER INFORMATION CONTACT: For hazards and support the citizens of our
Branch Chief, Economic Impact Analysis general questions, please contact: Nation.
Branch, U.S. Customs and Border Protection. William Holzerland, (202) 212–5100, FEMA is authorized to collect
[FR Doc. 2017–14785 Filed 7–13–17; 8:45 am] Senior Director for Information information in order to properly
BILLING CODE 9111–14–P Management, Federal Emergency administer the programs that are

VerDate Sep<11>2014 17:44 Jul 13, 2017 Jkt 241001 PO 00000 Frm 00037 Fmt 4703 Sfmt 4703 E:\FR\FM\14JYN1.SGM 14JYN1

32566 Federal Register / Vol. 82, No. 134 / Friday, July 14, 2017 / Notices

assistance application and casework reasonably necessary and otherwise context of a particular case would
process, FEMA employees, and compatible with the purpose of constitute a clearly unwarranted
contractors initiating customer collection to assist another federal invasion of personal privacy.
satisfaction assessments of FEMA recipient agency or entity in (1)
POLICIES AND PRACTICES FOR STORAGE OF
disaster assistance applicants, and from responding to a suspected or confirmed
RECORDS:
supervisors or quality control breach or (2) preventing, minimizing, or
specialists. This system of records remedying the risk of harm to DHS/FEMA stores records in this
contains personally identifiable individuals, the recipient agency or system electronically or on paper in
information (PII) of individual entity (including its information secure facilities in a locked drawer
assistance applicants, which is part of systems, programs, and operations), the behind a locked door. The records may
the DHS/FEMA–008 Disaster Recovery Federal Government, or national be stored on magnetic disc, tape, and
Assistance Files System of Records, 78 security, resulting from a suspected or digital media.
FR 25282 (April 30, 2013), as well as PII confirmed breach; or POLICIES AND PRACTICES FOR RETRIEVAL OF
of public assistance applicants, which is 2. DHS suspects or has confirmed that RECORDS:
part of the DHS/FEMA–009 Hazard there has been a breach of this system
Records may be retrieved by the
Mitigation Disaster Public Assistance of records; and (a) DHS has determined
FEMA employee and/or contractor’s
and Disaster Loan Programs System of that as a result of the suspected or
name and user identification number, or
Records, 79 FR 16015 (March 24, 2014). confirmed breach, there is a risk of harm
system-generated Contact ID number.
to individuals, harm to DHS (including
This system does not retrieve
ROUTINE USES OF RECORDS MAINTAINED IN THE its information systems, programs, and
SYSTEM, INCLUDING CATEGORIES OF USERS AND information by individual or public
operations), the Federal Government, or
PURPOSES OF SUCH USES: assistance applicant information.
national security; and (b) the disclosure
In addition to those disclosures made to such agencies, entities, and POLICIES AND PRACTICES FOR RETENTION AND
generally permitted under 5 U.S.C. persons is reasonably necessary to assist DISPOSAL OF RECORDS:
552a(b) of the Privacy Act, all or a in connection with DHS’s efforts to The retention period for information
portion of the records or information respond to the suspected or confirmed maintained in C3MP depends on the use
contained in this system may be breach or to prevent, minimize, or of the data. Records within C3MP that
disclosed outside DHS as a routine use remedy such harm. are used in an evaluation of a FEMA
pursuant to 5 U.S.C. 552a(b)(3) as F. To contractors and their agents, employee or contractor are retained for
follows: grantees, experts, consultants, and six years, pursuant to FEMA Records
A. To the Department of Justice (DOJ), others performing or working on a Schedule, Series 15–1 ‘‘National
including Offices of the U.S. Attorneys, contract, service, grant, cooperative Processing Service Centers Evaluated
or other federal agency conducting agreement, or other assignment for DHS, Call Recordings,’’ NARA Authority N1–
litigation or in proceedings before any when necessary to accomplish an 311–08–1. Records that are not used in
court, adjudicative, or administrative agency function related to this system of an evaluation of a FEMA employee or
body, when it is relevant or necessary to records. Individuals provided contractor are purged from the secured
the litigation and one of the following information under this routine use are servers within 45 days, per FEMA
is a party to the litigation or has an subject to the same Privacy Act Records Schedule, Series 15–2
interest in such litigation: requirements and limitations on ‘‘National Processing Service Centers
1. DHS or any component thereof; disclosure as are applicable to DHS Unevaluated Call Recordings,’’ also
2. Any employee or former employee officers and employees. under NARA Authority N1–311–08–1.
of DHS in his/her official capacity; G. To an appropriate federal, state,
3. Any employee or former employee tribal, local, international, or foreign law ADMINISTRATIVE, TECHNICAL, AND PHYSICAL
of DHS in his/her individual capacity enforcement agency or other appropriate SAFEGUARDS:
when DOJ or DHS has agreed to authority charged with investigating or DHS/FEMA safeguards records in this
represent the employee; or prosecuting a violation or enforcing or system according to applicable rules
4. The United States or any agency implementing a law, rule, regulation, or and policies, including all applicable
thereof. order, when a record, either on its face DHS automated systems security and
B. To a congressional office from the or in conjunction with other access policies. FEMA has imposed
record of an individual in response to information, indicates a violation or strict controls to minimize the risk of
an inquiry from that congressional office potential violation of law, which compromising the information that is
made at the request of the individual to includes criminal, civil, or regulatory being stored. Access to the computer
whom the record pertains. violations and such disclosure is proper system containing the records in this
C. To the National Archives and and consistent with the official duties of system is limited to those individuals
Records Administration (NARA) or the person making the disclosure. who have a need to know the
General Services Administration H. To the news media and the public, information for the performance of their
pursuant to records management with the approval of the Chief Privacy official duties and who have appropriate
inspections being conducted under the Officer in consultation with counsel, clearances or permissions.
authority of 44 U.S.C. 2904 and 2906. when there exists a legitimate public
D. To an agency or organization for interest in the disclosure of the RECORDS ACCESS PROCEDURES:
the purpose of performing audit or information, when disclosure is Individuals seeking access to and
oversight operations as authorized by necessary to preserve confidence in the notification of any record contained in
mstockstill on DSK30JT082PROD with NOTICES

law, but only such information as is integrity of DHS, or when disclosure is this system of records, or seeking to
necessary and relevant to such audit or necessary to demonstrate the contest its content, may submit a
oversight function. accountability of DHS’s officers, request in writing to the Chief Privacy
E. To appropriate agencies, entities, employees, or individuals covered by Officer and Headquarters or FEMA
and persons when: the system, except to the extent the Freedom of Information Act (FOIA)
1. DHS determines that information Chief Privacy Officer determines that Officer, whose contact information can
from this system of records is release of the specific information in the be found at http://www.dhs.gov/foia

VerDate Sep<11>2014 17:44 Jul 13, 2017 Jkt 241001 PO 00000 Frm 00039 Fmt 4703 Sfmt 4703 E:\FR\FM\14JYN1.SGM 14JYN1

Document Created: 2018-10-24 11:17:52
Document Modified: 2018-10-24 11:17:52

Category		Regulatory Information
Collection		Federal Register
sudoc Class		AE 2.7: GS 4.107: AE 2.106:
Publisher		Office of the Federal Register, National Archives and Records Administration
Section		Notices
Action		Notice of Modified Privacy Act System of Records.
Dates		Submit comments on or before August 14, 2017. This modified system will be effective August 14, 2017.
Contact		For general questions, please contact: William Holzerland, (202) 212-5100, Senior Director for Information Management, Federal Emergency Management Agency, Washington, DC 20478. For privacy questions, please contact: Jonathan R. Cantor, (202) 343- 1717, Acting Chief Privacy Officer, Privacy Office, Department of Homeland Security, Washington, DC 20528-0655.
FR Citation		82 FR 32564