83 FR 34156 - Privacy Act of 1974; System of Records

DEPARTMENT OF THE INTERIOR
Office of the Secretary

Federal Register Volume 83, Issue 139 (July 19, 2018)

Pursuant to the provisions of the Privacy Act of 1974, as amended, the Department of the Interior proposes to modify the Department of the Interior system of records titled, ``Payroll, Attendance, Retirement, and Leave Records--Interior, DOI-85.'' This system of records allows the Department of the Interior to manage human resources and payroll functions; ensure proper payment for salary and benefits; track time worked, leave, or other absences for reporting and compliance purposes; and meet regulatory requirements such as specialized pay, garnishments, and special appointment programs. The Department of the Interior is updating this system of records notice to (1) add new proposed routine uses, (2) modify existing routine uses to provide clarification, (3) modify the categories of records and categories of individuals covered by the system, and (4) update system location, authority for maintenance of the system, storage, retrievability, safeguards, retention and disposal, system manager and address, notification procedures, records access and contesting procedures, and records source categories. This modified system will be included in the Department of the Interior's inventory of record systems.

[Federal Register Volume 83, Number 139 (Thursday, July 19, 2018)]
[Notices]
[Pages 34156-34161]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2018-15445]


-----------------------------------------------------------------------

DEPARTMENT OF THE INTERIOR

Office of the Secretary

[DOI-2018-0004; 18XD4523WC DS68644000 DWCHF0000.000000 
DQ.FPPJB.18000000]


Privacy Act of 1974; System of Records

AGENCY: Office of the Secretary, Interior.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the Department of the Interior proposes to modify the 
Department of the Interior system of records titled, ``Payroll, 
Attendance, Retirement, and Leave Records--Interior, DOI-85.'' This 
system of records allows the Department of the Interior to manage human 
resources and payroll functions; ensure proper payment for salary and 
benefits; track time worked, leave, or other absences for reporting and 
compliance purposes; and meet regulatory requirements such as 
specialized pay, garnishments, and special appointment programs. The 
Department of the Interior is updating this system of records notice to 
(1) add new proposed routine uses, (2) modify existing routine uses to 
provide clarification, (3) modify the categories of records and 
categories of individuals covered by the system, and (4) update system 
location, authority for maintenance of the system, storage, 
retrievability, safeguards, retention and disposal, system manager and 
address, notification procedures, records access and contesting 
procedures, and records source categories. This modified system will be 
included in the Department of the Interior's inventory of record 
systems.

DATES: This modified system will be effective upon publication. New or 
modified routine uses will be effective August 20, 2018. Submit 
comments on or before August 20, 2018.

ADDRESSES: You may submit comments, identified by docket number DOI-
2018-0004, by any of the following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Mail: Teri Barnett, Departmental Privacy Officer, U.S. 
Department of the Interior, 1849 C Street NW, Room 7112, Washington, DC 
20240.
     Hand-delivering comments to Teri Barnett, Departmental 
Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, 
Room 7112, Washington, DC 20240.
     Email: [email protected].
All submissions received must include the agency name and docket 
number. All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.

FOR FURTHER INFORMATION CONTACT: Teri Barnett, Departmental Privacy 
Officer, U.S. Department of the Interior, 1849 C Street NW, Room 7112, 
Washington, DC 20240, email at [email protected] or by telephone 
at (202) 208-1605.

SUPPLEMENTARY INFORMATION:

I. Background

    The Department of the Interior (DOI), Interior Business Center 
(IBC) maintains the ``Payroll, Attendance, Retirement, and Leave 
Records--Interior, DOI-85'' system of records. This system helps DOI 
manage human resources and payroll functions; ensure proper payment for 
salary and benefits; track time worked, leave, or other absences for 
reporting and compliance purposes;

[[Page 34157]]

and meet regulatory requirements such as specialized pay, garnishments, 
and special appointment programs. DOI uses the integrated Federal 
Personnel and Payroll System (FPPS) and supporting systems to manage 
these payroll, time and attendance, and human capital management 
functions, meet regulatory requirements, and prepare reports to other 
Federal agencies including the Department of the Treasury and the 
Office of Personnel Management. The DOI payroll, attendance, 
retirement, and leave records described in this system of records 
notice form a part of the information contained in FPPS. Some personnel 
records contained in the FPPS may be covered under OPM/GOVT-1, General 
Personnel Records, the government-wide system of records notice 
published by the Office of Personnel Management.
    The DOI IBC is a Federal agency shared services provider that 
provides payroll and personnel processing services to internal and 
external customers, including its bureaus and offices and other Federal 
agency customers, through FPPS and its supporting systems. FPPS creates 
and generates the full life cycle of personnel transactions; allows for 
edits and updates of personnel and payroll data; and manages the 
regulatory requirements. Federal agency customers enter into agreements 
with the DOI IBC to host customer payroll and personnel data in the 
FPPS, and process payroll and personnel transactions on the customer's 
behalf. FPPS has interconnections with other Federal agencies; private 
organizations; Federal agency customers; state, city and county 
governments; and IBC internal systems that allow IBC to perform 
required transactions to fulfill its responsibilities to process 
payroll, personnel actions, and related functions.
    Although DOI hosts and processes payroll and personnel transactions 
on behalf of IBC customers, each customer retains ownership and control 
over its own records and is responsible for meeting requirements under 
the Privacy Act for the collection, maintenance and sharing of their 
records. Federal agency customers have published their own system of 
records notices for their employees' payroll and personnel related 
records hosted or processed by DOI. Individuals seeking access to, 
notification or correction of their records owned and maintained by 
external Federal agency customers must submit their requests to the 
employing Federal agency customer that owns the records in accordance 
with the applicable system of records notice published by that Federal 
agency customer.
    DOI is publishing this revised notice to reorganize the sections 
and update section titles in accordance with Office of Management and 
Budget (OMB) Circular A-108; describe the purpose of the system; and 
provide general and administrative updates to the system location, 
categories of individuals covered by the system, categories of records 
in the system, authority for maintenance of the system, storage, 
retrievability, safeguards, retention and disposal, system manager and 
address, notification procedures, records access and contesting 
procedures, and records source categories sections. Additionally, DOI 
is modifying existing routine uses to provide clarity and transparency. 
Routine use A was modified to further clarify disclosures to the 
Department of Justice or other Federal agencies when necessary in 
relation to litigation or judicial proceedings. Routine uses B, C, K, 
N, O, V, W, Z, EE, and GG have been modified to provide additional 
clarification on external organizations and circumstances where 
disclosures are proper and necessary to facilitate payroll and 
personnel functions or to comply with Federal requirements.
    DOI is proposing to add new routine uses HH through UU to 
facilitate sharing of information with agencies and organizations to 
ensure the efficient and effective management of personnel data and 
proper payment of salary and benefits for employees, promote the 
integrity of the records in the system, or carry out a statutory 
responsibility of the DOI or the Federal Government. Proposed routine 
use HH facilitates sharing of information with the Executive Office of 
the President to resolve issues concerning individual's records. 
Routine use II facilitates payroll and personnel functions under a 
cross-servicing agreement with other Federal agencies. Routine use JJ 
allows sharing of information to effectively manage Federal personnel 
functions related to complaints, claims and appeals initiated by 
employees. Routine use KK facilitates sharing of information to process 
or reconcile employees' unemployment claims, benefits, and related 
functions. Routine use LL facilitates sharing of information with 
carriers to process or reconcile survivor annuity or health benefits 
claims. Routine use MM allows DOI to share information to resolve 
issues or errors that may affect pay and leave in order to ensure an 
individual's personnel and payroll data is processed accurately. 
Routine use NN ensures the efficient and effective conduct of the 
Federal Government, to meet statutory obligations to ensure integrity 
during the administration of benefits programs, eligibility for 
Federally-funded or administered benefit programs, tax administration, 
and to prevent fraud or attempted fraud. Routine use OO facilitates 
sharing of information with Congress in its oversight role to help 
improve performance and ensure accountability of the Federal Government 
and to meets its constitutional responsibilities. Routine use PP allows 
sharing of wage information with the Department of Health and Human 
Services as required under the Personal Responsibility and Work 
Opportunity Reconciliation Act of 1996. Routine uses QQ and RR allow 
DOI to share information with appropriate Federal agencies or entities 
when reasonably necessary to respond to a breach of personally 
identifiable information and to prevent, minimize, or remedy the risk 
of harm to individuals or the Federal Government, or assist an agency 
in locating individuals affected by a breach in accordance with OMB 
Memorandum M-17-12, ``Preparing for and Responding to a Breach of 
Personally Identifiable Information.'' Routine use SS allows 
organizations authorized and required by law to perform audits or 
oversight operations to ensure accurate and effective personnel and 
payroll functions, proper payment for salary and benefits. Routine uses 
TT and UU allow sharing of information with a court, grand jury, 
tribunal, or other administrative or adjudicative body for the 
resolution of any legal dispute involving records in the system.

II. Privacy Act

    The Privacy Act of 1974, as amended, embodies fair information 
practice principles in a statutory framework governing the means by 
which Federal agencies collect, maintain, use, and disseminate 
individuals' records. The Privacy Act applies to records about 
individuals that are maintained in a ``system of records.'' A ``system 
of records'' is a group of any records under the control of an agency 
from which information is retrieved by the name of an individual or by 
some identifying number, symbol, or other identifying particular 
assigned to the individual. The Privacy Act defines an individual as a 
United States citizen or an alien lawfully admitted for permanent 
residence. Individuals may request access to their own records that are 
maintained in a system of records in the possession or under the 
control of DOI by complying with DOI Privacy Act regulations at 43 CFR 
part 2, subpart K, and following the procedures outlined

[[Page 34158]]

in the Records Access, Contesting Record, and Notification Procedures 
sections of this notice.
    The Privacy Act requires each agency to publish in the Federal 
Register a description denoting the existence and character of each 
system of records that the agency maintains and the routine uses of 
each system. The revised Payroll, Attendance, Retirement, and Leave 
Records system of records notice is published in its entirety below. In 
accordance with 5 U.S.C. 552a(r), DOI has provided a report of this 
modified system of records to the Office of Management and Budget and 
to Congress.

III. Public Participation

    You should be aware your entire comment including your personal 
identifying information, such as your address, phone number, email 
address, or any other personal identifying information in your comment, 
may be made publicly available at any time. While you may request to 
withhold your personal identifying information from public review, we 
cannot guarantee we will be able to do so.

Teri Barnett,
Departmental Privacy Officer.
SYSTEM NAME AND NUMBER
    INTERIOR/DOI-85, Payroll, Attendance, Retirement, and Leave 
Records.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    (1) The INTERIOR/DOI-85, Payroll, Attendance, Retirement, and Leave 
Records system of records is centrally managed by the Personnel and 
Payroll Systems Division, Interior Business Center, U.S. Department of 
the Interior, 7301 West Mansfield Avenue, MS D-2400, Denver, CO 80235-
2230.
    (2) Records are also located at Departmental, bureau and office 
systems and locations that prepare and provide input documents and 
information for data processing and administrative actions for this 
system.

SYSTEM MANAGER(S):
    Chief, Personnel and Payroll Systems Division, Interior Business 
Center, U.S. Department of the Interior, 7301 West Mansfield Avenue, 
Denver, CO 80235-2230.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    5 U.S.C. 5101, et seq., Government Organization and Employees; 31 
U.S.C. 3512, et seq., Executive Agency Accounting and Other Financial 
Management Reports and Plans; 31 U.S.C. 1101, et seq., the Budget and 
Fiscal, Budget, and Program Information; 5 CFR part 293, subpart B, 
Personnel Records Subject to the Privacy Act; 5 CFR part 297, Privacy 
Procedures for Personnel Records; Executive Order 9397 as amended by 
Executive Order 13478, relating to Federal agency use of Social 
Security numbers; and Public Law 101-576 (Nov. 15, 1990), the Chief 
Financial Officers (CFO) Act of 1990.

PURPOSE(S) OF THE SYSTEM:
    The primary purpose of the system is to manage personnel and 
payroll functions, to ensure proper payment for salary and benefits, 
track time and attendance, leave, and other absences for reporting and 
compliance purposes; and facilitate reporting requirements to other 
Federal agencies, including the Department of the Treasury and the 
Office of Personnel Management, for payroll, tax, and human capital 
management purposes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals covered by the system include current and former DOI 
employees, emergency workers, volunteers, contractors, and applicants 
for Federal employment. This system may also include limited 
information regarding employee spouses, dependents, emergency contacts, 
beneficiaries, or estate trustees who meet the definition of 
``individual'' as defined in the Privacy Act.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system maintains records including:
     Employee biographical and employment information: Employee 
name, other names used, citizenship, gender, date of birth, age, group 
affiliation, marital status, Social Security number (SSN), truncated 
SSN, legal status, place of birth, records related to position, 
occupation, duty location, security clearance, financial information, 
medical information, disability information, education information, 
driver's license, race, ethnicity, personal or work telephone number, 
personal or work email address, military status and service, home or 
mailing address, Taxpayer Identification Number (TIN), bank account 
information, professional licensing and credentials, family 
relationships, involuntary debt (garnishments or child support 
payments), employee common identifier (ECI), organization code, user 
identification and any other employment information.
     Third-party information: Spouse information, emergency 
contact, beneficiary information, savings bond co-owner name(s) and 
information, and family members and dependents information.
     Salary and benefits information: Salary data, retirement 
data, tax data, deductions, health benefits, allowances, union dues, 
insurance data, Flexible Spending Account, Thrift Savings Plan 
information and contributions, pay plan, payroll records, awards, court 
order information, back pay information, debts owed to the government 
as a result of overpayment, refunds owed, or a debt referred for 
collection on a transferred employee or emergency worker.
     Timekeeping information: Time and attendance records, and 
leave records.
    This system may also contain correspondence, documents and other 
information required to administer payroll, leave, and related 
functions.

RECORD SOURCE CATEGORIES:
    Information is obtained from individuals on whom the records are 
maintained, official personnel records of individuals on whom the 
records are maintained, supervisors, timekeepers, previous employers, 
the Internal Revenue Service and state tax agencies, the Department of 
the Treasury, other Federal agencies, courts, state child support 
agencies, employing agency accounting offices, and third-party benefit 
providers.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, all or a portion of the records or 
information maintained in this system may be disclosed to authorized 
entities outside DOI for purposes determined to be relevant and 
necessary as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (DOJ), including Offices of the 
U.S. Attorneys, or other Federal agency conducting litigation or in 
proceedings before any court, adjudicative, or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    (1) DOI or any component of DOI;
    (2) Any other Federal agency appearing before the Office of 
Hearings and Appeals;
    (3) Any DOI employee or former employee acting in his or her 
official capacity;

[[Page 34159]]

    (4) Any DOI employee or former employee acting in his or her 
individual capacity when DOI or DOJ has agreed to represent that 
employee or pay for private representation of the employee; or
    (5) The United States Government or any agency thereof, when DOJ 
determines that DOI is likely to be affected by the proceeding.
    B. To the Department of the Treasury or other Federal agency as 
required for payroll purposes, for preparation of payroll and other 
checks and electronic funds transfers to Federal, State, and local 
government agencies, non-governmental organizations, and individuals.
    C. To the Department of the Treasury, Internal Revenue Service, and 
state and local tax authorities for which an employee is or was subject 
to tax regardless of whether tax is or was withheld in accordance with 
Treasury Fiscal Requirements, as required.
    D. To the Office of Personnel Management or its contractors in 
connection with programs administered by that office, including, but 
not limited to, the Federal Long Term Care Insurance Program, the 
Federal Dental and Vision Insurance Program, the Flexible Spending 
Accounts for Federal Employees Program, and the electronic Human 
Resources Information Program.
    E. To another Federal agency to which an employee or DOI emergency 
worker has transferred or to which a DOI volunteer transfers in a 
volunteer capacity.
    F. To any criminal, civil, or regulatory law enforcement authority 
(whether Federal, state, territorial, local, tribal or foreign) when a 
record, either alone or in conjunction with other information, 
indicates a violation or potential violation of law--criminal, civil, 
or regulatory in nature.
    G. To a congressional office in response to a written inquiry that 
an individual covered by the system, or the heir of such individual if 
the covered individual is deceased, has made to the office.
    H. To Federal, State or local agencies where necessary to enable 
the employee's, DOI emergency worker's, or DOI volunteer's agency to 
obtain information relevant to the hiring or retention of that 
employee, DOI emergency worker, or DOI volunteer, or the issuance of a 
security clearance, contract, license, grant or other benefit.
    I. To appropriate Federal and state agencies to provide reports 
including data on unemployment insurance.
    J. To the Social Security Administration to credit the employee or 
emergency worker account for Old-Age, Survivors, and Disability 
Insurance (OASDI) and Medicare deductions.
    K. To officials of labor organizations recognized under 5 U.S.C. 
Chapter 71 (Labor-Management Relations) for the purpose of providing 
information as to the identity of DOI employees contributing union dues 
each pay period and the amount of dues withheld from each contributor.
    L. To employee or emergency worker associations to report dues 
deductions.
    M. To insurance carriers to report employee or DOI emergency worker 
election information and withholdings for health insurance.
    N. To charitable institutions when an employee designates an 
institution to receive contributions through salary deduction.
    O. To the Department of the Treasury, Internal Revenue Service, or 
to another Federal agency or its contractor, to disclose debtor 
information solely to aggregate information for the Internal Revenue 
Service to collect debts owed to the Federal Government through the 
offset of tax refunds.
    P. To any creditor Federal agency seeking assistance for the 
purpose of that agency implementing administrative or salary offset 
procedures in the collection of unpaid financial obligations owed the 
United States Government from an individual.
    Q. To any Federal agency where the individual debtor is employed or 
receiving some form of remuneration for the purpose of enabling that 
agency to collect debts on the employee's behalf by administrative or 
salary offset procedures under the provisions of the Debt Collection 
Act of 1982.
    R. To the Department of the Treasury, Internal Revenue Service, and 
state and local authorities for the purpose of locating a debtor to 
collect a claim against the debtor.
    S. With respect to Bureau of Indian Affairs employee or DOI 
emergency worker records, to a Federal, State, local agency, or Indian 
tribal group or any establishment or individual that assumes 
jurisdiction, either by contract or legal transfer, of any program 
under the control of the Bureau of Indian Affairs.
    T. With respect to Bureau of Reclamation employee or DOI emergency 
worker records, to non-Federal auditors under contract with DOI or the 
Department of Energy or water user and other organizations with which 
the Bureau of Reclamation has written agreements permitting access to 
financial records to perform financial audits.
    U. To the Federal Retirement Thrift Investment Board's record 
keeper, which administers the Thrift Savings Plan, to report 
deductions, contributions, and loan payments.
    V. To the Office of Child Support Enforcement, Administration for 
Children and Families, Department of Health and Human Services, for the 
purposes of locating individuals to establish paternity; establishing 
and modifying orders of child support; identifying sources of income; 
and for other child support enforcement actions as required by the 
Personal Responsibility and Work Opportunity Reconciliation Act of 
1996.
    W. To an expert, consultant, grantee, or contractor (including 
employees of the contractor) of DOI that performs services requiring 
access to these records on DOI's behalf to carry out the purposes of 
the system, including employment verifications, unemployment claims, W-
2 processing services, leave and earning statements, and 1095-C 
Affordable Care Act statements.
    X. To the Office of Personnel Management Employee Express, which is 
an employee self-service system, to initiate personnel and payroll 
actions and to obtain payroll information.
    Y. To the Department of Labor for processing claims for employees, 
emergency workers, or volunteers injured on the job or claiming 
occupational illness.
    Z. To Federal agencies and organizations to support interfaces with 
other systems operated by the Federal agencies for which the employee 
or DOI emergency worker is employed, or the DOI volunteer is located, 
for the purpose of avoiding duplication, increasing data integrity and 
streamlining government operations.
    AA. To another Federal agency to provide information needed in the 
performance of official duties related to reconciling or reconstructing 
data files or to enable that agency to respond to an inquiry by the 
individual to whom the record pertains.
    BB. To the National Archives and Records Administration (NARA) to 
conduct records management inspections under the authority of 44 U.S.C. 
2904 and 2906.
    CC. To the Office of Management and Budget (OMB) during the 
coordination and clearance process in connection with legislative 
affairs as mandated by OMB Circular A-19.
    DD. To Federal, state, territorial, local, tribal, or foreign 
agencies that have requested information relevant or necessary to the 
hiring, firing or retention of an employee or contractor, regarding the 
issuance of a security

[[Page 34160]]

clearance, license, contract, grant or other benefit.
    EE. To state, territorial, and local governments, and tribal 
organizations to provide information needed in response to court order 
and/or discovery purposes related to litigation, when the disclosure is 
compatible with the purpose for which the records were compiled.
    FF. To the Department of the Treasury to recover debts owed to the 
United States.
    GG. To the news media and the public, with the approval of the 
Public Affairs Officer in consultation with counsel and the Senior 
Agency Official for Privacy, where there exists a legitimate public 
interest in the disclosure of the information or when disclosure is 
necessary to preserve confidence in the integrity of DOI or is 
necessary to demonstrate the accountability of DOI's officers, 
employees, or individuals covered by the system, except to the extent 
it is determined that release of the specific information in the 
context of a particular case would constitute an unwarranted invasion 
of personal privacy.
    HH. To the Executive Office of the President in response to an 
inquiry from that office made at the request of the subject of a record 
or a third party on that person's behalf, or for a purpose compatible 
with the reason for which the records are collected or maintained.
    II. To other Federal agencies and organizations to provide payroll 
and personnel processing services under a shared service provider 
cross-servicing agreement for purposes relating to DOI payroll and 
personnel processing.
    JJ. To the Office of Personnel Management, the Merit System 
Protection Board, Federal Labor Relations Authority, or the Equal 
Employment Opportunity Commission when requested in the performance of 
their authorized duties.
    KK. To state offices of unemployment compensation to assist in 
processing an individual's unemployment, survivor annuity, or health 
benefit claim, or for records reconciliation purposes.
    LL. To Federal Employees' Group Life Insurance or Health Benefits 
carriers in connection with survivor annuity or health benefits claims 
or records reconciliations.
    MM. To any source from which additional information is requested by 
DOI relevant to a DOI determination concerning an individual's pay, 
leave, or travel expenses, to the extent necessary to identify the 
individual, inform the source of the purpose(s) of the request, and to 
identify the type of information requested.
    NN. To the Social Security Administration and the Department of the 
Treasury to disclose pay data on an annual basis, and as necessary to 
execute their statutory responsibilities for the effective 
administration of benefits programs, payroll and taxes.
    OO. To a Federal agency or in response to a congressional inquiry 
when additional or statistical information is requested relevant to a 
Federal benefit or program, such as the DOI Transit Fare Subsidy 
Program.
    PP. To the Department of Health and Human Services for the purpose 
of providing information on new hires and quarterly wages as required 
under the Personal Responsibility and Work Opportunity Reconciliation 
Act of 1996.
    QQ. To appropriate agencies, entities, and persons when:
    (1) DOI suspects or has confirmed that there has been a breach of 
the system of records;
    (2) DOI has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DOI (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and
    (3) the disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with DOI's efforts to 
respond to the suspected or confirmed breach or to prevent, minimize, 
or remedy such harm.
    RR. To another Federal agency or Federal entity, when DOI 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in:
    (1) Responding to a suspected or confirmed breach; or
    (2) preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    SS. To an agency or organization for the purpose of performing 
audit or oversight operations as authorized by law, but only such 
information as is necessary and relevant to such audit or oversight 
function.
    TT. To a court, magistrate, or administrative tribunal, including 
disclosures to opposing counsel in the course of discovery, pursuant to 
appropriate court order or other judicial process in the course of 
criminal, civil or administrative litigation.
    UU. In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body, when the Department of Justice 
determines that the records are arguably relevant to the proceeding; or 
in an appropriate proceeding before an administrative or adjudicative 
body when the adjudicator determines the records to be relevant to the 
proceeding.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    Disclosure pursuant to 5 U.S.C. 552a(b)(12). Disclosures may be 
made from this system to consumer reporting agencies as defined in the 
Fair Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal Claims 
Act of 1966 (31 U.S.C. 3701(a)(3)).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records are maintained in manual, microfilm, microfiche, 
electronic, imaged and computer printout form. Original input documents 
are stored in standard office filing equipment and/or as imaged 
documents on magnetic media at all locations which prepare and provide 
input documents and information for data processing. Paper records are 
maintained in file folders stored within locking filing cabinets or 
locked rooms in secured facilities with controlled access. Electronic 
records are stored in computers, removable drives, storage devices, 
electronic databases, and other electronic media under the control of 
DOI.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records may be retrieved by employee name, SSN, TIN, ECI, birth 
date, organizational code, or assigned person number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are maintained in accordance with General Records Schedule 
(GRS) 1.0 ``Finance'' and GRS 2.0 ``Human Resources,'' and Departmental 
Records Schedule (DRS) 1.2C, Retirement and Payroll Records Warranting 
Extended Preservation (DAA-0048-2013-0001-0008), which are approved by 
NARA. The system generally maintains temporary records, and retention 
periods vary based on the type of record under each item and the needs 
of the agency. Paper records are disposed of by shredding or pulping, 
and records maintained on electronic media are degaussed or erased in 
accordance with the applicable records retention schedule and NARA 
guidelines.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The records maintained in this system are safeguarded in accordance 
with 43

[[Page 34161]]

CFR 2.226 and other applicable security rules and policies. During 
normal hours of operation, paper or micro format records are maintained 
in locked file cabinets in secured rooms under the control of 
authorized personnel. Information technology systems follow the 
National Institute of Standards and Technology privacy and security 
standards developed to comply with the Privacy Act of 1974 as amended, 
5 U.S.C. 552a; the Paperwork Reduction Act of 1995, Public Law 104-13; 
the Federal Information Security Modernization Act of 2014, Public Law 
113-283, as codified at 44 U.S.C. 3551, et seq.; and the Federal 
Information Processing Standard 199, Standards for Security 
Categorization of Federal Information and Information Systems.
    Computer servers on which electronic records are stored are located 
in secured DOI facilities with physical, technical and administrative 
levels of security to prevent unauthorized access to the DOI network 
and information assets. Security controls include encryption, 
firewalls, audit logs, and network system security monitoring. 
Electronic data is protected through user identification, passwords, 
database permissions and software controls. Access to records in the 
system is limited to authorized personnel who have a need to access the 
records in the performance of their official duties, and each person's 
access is restricted to only the functions and data necessary to 
perform that person's job responsibilities. System administrators and 
authorized users for DOI are trained and required to follow established 
internal security protocols and must complete all security, privacy, 
and records management training, and sign DOI Rules of Behavior. A 
Privacy Impact Assessment was completed for FPPS to ensure that Privacy 
Act requirements and personally identifiable information safeguard 
requirements are met, and may be viewed at https://www.doi.gov/privacy/pia.

RECORD ACCESS PROCEDURES:
    An individual requesting records on himself or herself should send 
a signed, written inquiry to the applicable System Manager identified 
above. The request must include the requester's bureau and office 
affiliation to facilitate location of the applicable records. The 
request envelope and letter should both be clearly marked ``PRIVACY ACT 
REQUEST FOR ACCESS.'' A request for access must meet the requirements 
of 43 CFR 2.238.

CONTESTING RECORD PROCEDURES:
    An individual requesting corrections or the removal of material 
from his or her records should send a signed, written request to the 
applicable System Manager identified above. The request must include 
the requester's bureau and office affiliation to facilitate location of 
the applicable records. A request for corrections or removal must meet 
the requirements of 43 CFR 2.246.

NOTIFICATION PROCEDURES:
    An individual requesting notification of the existence of records 
on himself or herself should send a signed, written inquiry to the 
applicable System Manager as identified above. The request must include 
the requester's bureau and office affiliation to facilitate location of 
the applicable records. The request envelope and letter should both be 
clearly marked ``PRIVACY ACT INQUIRY.'' A request for notification must 
meet the requirements of 43 CFR 2.235.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    73 FR 19090 (April 8, 2008).

[FR Doc. 2018-15445 Filed 7-18-18; 8:45 am]
 BILLING CODE 4334-63-P