83 FR 52852 - Privacy Act of 1974; System of Records

OCCUPATIONAL SAFETY AND HEALTH REVIEW COMMISSION

Federal Register Volume 83, Issue 202 (October 18, 2018)

In accordance with the Privacy Act of 1974, as amended, the

[Federal Register Volume 83, Number 202 (Thursday, October 18, 2018)]
[Notices]
[Pages 52852-52854]
From the Federal Register Online  [www.thefederalregister.org]
[FR Doc No: 2018-22677]



=======================================================================

-----------------------------------------------------------------------



OCCUPATIONAL SAFETY AND HEALTH REVIEW COMMISSION




Privacy Act of 1974; System of Records



AGENCY: Occupational Safety and Health Review Commission.



ACTION: Notice of a modified system of records and rescindment of a 

system of records notice.



-----------------------------------------------------------------------



SUMMARY: In accordance with the Privacy Act of 1974, as amended, the 

Occupational Safety and Health Review Commission (OSHRC) is revising 

the notice for system-of-records OSHRC-7 and is rescinding the notice 

for system-of-records OSHRC-8.



DATES: Comments must be received by OSHRC on or before November 19, 

2018. The revisions to the system-of-records notice for OSHRC-7, and 

the rescindment of the notice for OSHRC-8, will become effective on 

that date, without any further notice in the Federal Register, unless 

comments or government approval procedures necessitate otherwise.



ADDRESSES: You may submit comments by any of the following methods:

     Email: [email protected]. Include ``PRIVACY ACT SYSTEM OF 

RECORDS'' in the subject line of the message.

     Fax: (202) 606-5417.

     Mail: One Lafayette Centre, 1120 20th Street NW, Ninth 

Floor, Washington, DC 20036-3457.

     Hand Delivery/Courier: Same as mailing address.

    Instructions: All submissions must include your name, return 

address, and email address, if applicable. Please clearly label 

submissions as ``PRIVACY ACT SYSTEM OF RECORDS.''



FOR FURTHER INFORMATION CONTACT: Ron Bailey, Attorney-Advisor, Office 

of the General Counsel, via telephone at (202) 606-5410, or via email 

at [email protected].



SUPPLEMENTARY INFORMATION: The Privacy Act of 1974, 5 U.S.C. 

552a(e)(4), requires federal agencies such as OSHRC to publish in the 

Federal Register notice of any new or modified system of records. As 

detailed below, OSHRC is revising the notice for Personnel Security 

Files, OSHRC-7, to (1) account for changes in the names of the 

pertinent office and positions within the agency; (2) eliminate OSHRC's 

regional offices as system locations and managers; (3) revise the 

method by which records are retrieved; (4) update the authorities 

permitting maintenance of this system of records and the reference to 

the applicable General Records Schedule; (5) simplify the explanations 

concerning the categories of individuals covered by the system, and the 

categories of records in the system; and (6) accurately describe 

storage and safeguarding practices. To this system, OSHRC is also 

adding records relating to the issuance of office access cards, which 

are retrievable by name, and include the first and last names of those 

issued cards, and the dates that the cards were activated, deactivated, 

and turned in. In addition, OSHRC has previously relied on blanket



[[Page 52853]]



routine uses to describe the circumstances under which records may be 

disclosed. Going forward, as revised notices are published for new and 

modified systems of records, a full description of the routine uses--

rather than a reference to blanket routine uses--will be included in 

each notice. This is simply a change in format that has not resulted in 

any substantive changes to the routine uses for this system of records.

    OSHRC is also rescinding the notice for OSHRC-8--Identification 

Card and Office Key Distribution Records. Most of the records covered 

by OSHRC-8 are no longer maintained by OSHRC due to the issuance and 

use of personal identity verification (PIV) cards, in accordance with 

Homeland Security Presidential Directive (HSPD) 12. Records concerning 

these PIV cards are maintained by the General Services Administration 

(GSA) and are covered by the governmentwide system-of-records notice 

GSA/GOVT-7 (HSPD-12 USAccess). OSHRC does, however, maintain records, 

as described above, on office access cards. OSHRC has concluded, 

however, that such records are related to personnel security and 

therefore should be included in OSHRC-7, Personnel Security Records.

    The notices for the rescission of OSHRC-8, and for modified system-

of-records OSHRC-7, are as follows.

SYSTEM NAME AND NUMBER

    Identification Card and Office Key Distribution Records, OSHRC-8.



HISTORY:

    April 14, 2006, 71 FR 19556; August 4, 2008, 73 FR 45256; October 

5, 2015, 80 FR 60182; and September 28, 2017, 82 FR 45324.



SYSTEM NAME AND NUMBER:

    Personnel Security Records, OSHRC-7.



SECURITY CLASSIFICATION:

    Unclassified.



SYSTEM LOCATION:

    The Office of the Executive Director maintains the records in this 

system. The office is located at 1120 20th Street NW, Ninth Floor, 

Washington, DC 20036-3457.



SYSTEM MANAGER(S):

    Human Resources Specialist, 1120 20th Street NW, Ninth Floor, 

Washington, DC 20036-3457; (202) 606-5100.



AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

    Executive Orders 10450, 10577, 13467, and 13488; Homeland Security 

Presidential Directive (HSPD) 12; and Federal Information Processing 

Standard (FIPS) 201.



PURPOSE(S) OF THE SYSTEM:

    The information collected by OSHRC allows the Office of Personnel 

Management (OPM) to conduct background investigations on those 

individuals being credentialed, assists in verifying the identity of 

those for whom credentials have been requested, and provides the 

necessary information for issuance of identification and access cards.



CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

    This system of records covers current OSHRC employees, contractors, 

and Commission members, and, as to records concerning office access 

cards, also former employees, contractors, and Commission members.



CATEGORIES OF RECORDS IN THE SYSTEM:

    This system of records may include an individual's name and former 

names; signature; date and place of birth; social security number; 

citizenship information; residential history; education; employment 

history; criminal history and police records; names of associates and 

references, and their contact information; military history and 

selective service record; illegal drug activities; telephone numbers; 

hair and eye color, weight, and height; gender; financial records; 

investigative records; foreign countries visited; marital status and 

name, date and place of birth, address, and social security number of 

spouse; names of certain relatives who work for the government; names, 

addresses, dates and countries of birth, and citizenship of certain 

relatives. As to office access cards, the records include only the 

individual's name, and the date that the access card was activated, 

deactivated, and turned in.

    Most of these records are decentralized copies from OPM and remain 

subject to the practices and policies set forth in system-of-records 

notice OPM/CENTRAL-9 (Personnel Investigations Records).



RECORD SOURCE CATEGORIES:

    Information contained in the system is obtained from individuals 

subject to the credentialing process, OSHRC employees involved in the 

credentialing process, and investigative record materials furnished by 

OPM.



ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 

OF USERS AND PURPOSES OF SUCH USES:

    In addition to disclosures generally permitted under 5 U.S.C. 

552a(b), all or a portion of the records or information contained in 

this system of records may be disclosed as a routine use pursuant to 5 

U.S.C. 552a(b)(3) under the circumstances or for the purposes described 

below, to the extent such disclosures are compatible with the purposes 

for which the information was collected:

    (1) To the Department of Justice (DOJ), or to a court or 

adjudicative body before which OSHRC is authorized to appear, when any 

of the following entities or individuals--(a) OSHRC, or any of its 

components; (b) any employee of OSHRC in his or her official capacity; 

(c) any employee of OSHRC in his or her individual capacity where DOJ 

(or OSHRC where it is authorized to do so) has agreed to represent the 

employee; or (d) the United States, where OSHRC determines that 

litigation is likely to affect OSHRC or any of its components--is a 

party to litigation or has an interest in such litigation, and OSHRC 

determines that the use of such records by DOJ, or by a court or other 

tribunal, or another party before such tribunal, is relevant and 

necessary to the litigation.

    (2) To an appropriate agency, whether federal, state, local, or 

foreign, charged with investigating or prosecuting a violation or 

enforcing or implementing a law, rule, regulation, or order, when a 

record, either on its face or in conjunction with other information, 

indicates a violation or potential violation of law, which includes 

civil, criminal or regulatory violations, and such disclosure is proper 

and consistent with the official duties of the person making the 

disclosure.

    (3) To a federal, state, or local agency maintaining civil, 

criminal or other relevant enforcement information, such as current 

licenses, if necessary to obtain information relevant to an OSHRC 

decision concerning the hiring, appointment, or retention of an 

employee; the issuance, renewal, suspension, or revocation of a 

security clearance; the execution of a security or suitability 

investigation; the letting of a contract; or the issuance of a license, 

grant or other benefit.

    (4) To a federal, state, or local agency, in response to that 

agency's request for a record, and only to the extent that the 

information is relevant and necessary to the requesting agency's 

decision in the matter, if the record is sought in connection with the 

hiring, appointment, or retention of an



[[Page 52854]]



employee; the issuance, renewal, suspension, or revocation of a 

security clearance; the execution of a security or suitability 

investigation; the letting of a contract; or the issuance of a license, 

grant or other benefit by the requesting agency.

    (5) To an authorized appeal grievance examiner, formal complaints 

manager, equal employment opportunity investigator, arbitrator, or 

other duly authorized official engaged in investigation or settlement 

of a grievance, complaint, or appeal filed by an employee, only to the 

extent that the information is relevant and necessary to the case or 

matter.

    (6) To OPM in accordance with the agency's responsibilities for 

evaluation and oversight of federal personnel management.

    (7) To officers and employees of a federal agency for the purpose 

of conducting an audit, but only to the extent that the record is 

relevant and necessary to this purpose.

    (8) To OMB in connection with the review of private relief 

legislation at any stage of the legislative coordination and clearance 

process, as set forth in Circular No. A-19.

    (9) To a Member of Congress or to a person on his or her staff 

acting on the Member's behalf when a written request is made on behalf 

and at the behest of the individual who is the subject of the record.

    (10) To the National Archives and Records Administration (NARA) for 

records management inspections and such other purposes conducted under 

the authority of 44 U.S.C. 2904 and 2906.

    (11) To appropriate agencies, entities, and persons when: (a) OSHRC 

suspects or has confirmed that there has been a breach of the system of 

records; (b) OSHRC has determined that as a result of the suspected or 

confirmed breach there is a risk of harm to individuals, OSHRC, the 

Federal Government, or national security; and (c) the disclosure made 

to such agencies, entities, and persons is reasonably necessary to 

assist in connection with OSHRC's efforts to respond to the suspected 

or confirmed breach or to prevent, minimize, or remedy such harm.

    (12) To NARA, Office of Government Information Services (OGIS), to 

the extent necessary to fulfill its responsibilities in 5 U.S.C. 

552(h), to review administrative agency policies, procedures and 

compliance with FOIA, and to facilitate OGIS' offering of mediation 

services to resolve disputes between persons making FOIA requests and 

administrative agencies.

    (13) To another federal agency or federal entity, when OSHRC 

determines that information from this system of records is reasonably 

necessary to assist the recipient agency or entity in (a) responding to 

a suspected or confirmed breach or (b) preventing, minimizing, or 

remedying the risk of harm to individuals, the recipient agency or 

entity (including its information systems, programs, and operations), 

the Federal Government, or national security, resulting from a 

suspected or confirmed breach.



POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

    Records are stored on paper in locked file cabinets.



POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

    Records are retrieved by an individual's name.



POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

    Office access card records are retained and disposed of in 

accordance with NARA's General Records Schedule 5.6, Item 21. However, 

paper copies of personnel security records from OPM are shredded once 

an employee, contractor, or Commission member no longer works at OSHRC.



ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

    Records are maintained in a locked file cabinet. Access to the 

cabinet is limited to personnel having a need for access to perform 

their official functions.



RECORD ACCESS PROCEDURES:

    Individuals who wish to gain access to their records should notify: 

Privacy Officer, OSHRC, 1120 20th Street NW, Ninth Floor, Washington, 

DC 20036-3457. For an explanation on how such requests should be 

drafted, refer to 29 CFR 2400.6 (procedures for requesting records).



CONTESTING RECORD PROCEDURES:

    Individuals who wish to contest their records should notify: 

Privacy Officer, OSHRC, 1120 20th Street NW, Ninth Floor, Washington, 

DC 20036-3457. For an explanation on the specific procedures for 

contesting the contents of a record, refer to 29 CFR 2400.8 (Procedures 

for requesting amendment), and 29 CFR 2400.9 (Procedures for 

appealing).



NOTIFICATION PROCEDURES:

    Individuals interested in inquiring about their records should 

notify: Privacy Officer, OSHRC, 1120 20th Street NW, Ninth Floor, 

Washington, DC 20036-3457. For an explanation on how such requests 

should be drafted, refer to 29 CFR 2400.5 (notification), and 29 CFR 

2400.6 (procedures for requesting records).



EXEMPTIONS PROMULGATED FOR THE SYSTEM:

    None.



HISTORY:

    April 14, 2006, 71 FR 19556; August 4, 2008, 73 FR 45256; October 

5, 2015, 80 FR 60182; and September 28, 2017, 82 FR 45324.



    Dated: October 11, 2018.

Nadine N. Mancini,

General Counsel, Senior Agency Official for Privacy.

[FR Doc. 2018-22677 Filed 10-17-18; 8:45 am]

 BILLING CODE 7600-01-P