thefederalregister.org Federal Register Research Archive

Document

Privacy Act of 1974; System of Records

The U.S. Environmental Protection Agency's (EPA or Agency) Office of Finance and Administration is giving notice that it proposes to modify a system of records pursuant to the p...

PDF versionFederalRegister.gov
[Federal Register Volume 91, Number 73 (Thursday, April 16, 2026)]
[Notices]
[Pages 20428-20431]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2026-07406]


-----------------------------------------------------------------------

ENVIRONMENTAL PROTECTION AGENCY

[EPA-HQ-OFA-2026-1882; FRL-13285-01-OMS]


Privacy Act of 1974; System of Records

AGENCY: Environmental Protection Agency (EPA).

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: The U.S. Environmental Protection Agency's (EPA or Agency) 
Office of Finance and Administration is giving notice that it proposes 
to modify a system of records pursuant to the provisions of the Privacy 
Act of 1974. Compass records and tracks accounts receivable to help the 
Agency collect debts owed; records and tracks accounts payable for 
authorized travel and other services; supports tracking and execution 
of the Agency's budget; and provides reporting across these activities. 
The modification is to add a new routine use as required by Executive 
Order 14249 and Office of Management and Budget (OMB) Memorandum M-25-
32. The notice also updates the contact information for the Agency 
Privacy Officer.

DATES: This action will become effect on April 16, 2026. The routine 
uses in this action will become effective May 18, 2026, unless the EPA 
makes changes based on comments received. Written comments should be 
submitted on or before May 18, 2026.
    Persons wishing to comment on this system of records notice must do 
so by May 18, 2026.

ADDRESSES: Submit your comments, identified by Docket ID No. EPA-HQ-
OFA-2026-1882, by one of the following methods:
    Federal eRulemaking Portal: https://www.regulations.gov. Follow the 
online instructions for submitting comments.
    Email: docket_oms@epa.gov. Include the Docket ID number in the 
subject line of the message.
    Fax: 202-566-1752.

[[Page 20429]]

    Mail: OMS Docket, Environmental Protection Agency, Mail Code: 
2822T, 1200 Pennsylvania Ave. NW, Washington, DC 20460.
    Hand Delivery: OMS Docket, EPA/DC, WJC West Building, Room 3334, 
1301 Constitution Ave. NW, Washington, DC 20460. Such deliveries are 
only accepted during the Docket's normal hours of operation, and 
special arrangements should be made for deliveries of boxed 
information.
    Instructions: Direct your comments to Docket ID No. EPA-HQ-OFA-
2026-1882. The EPA policy is that all comments received will be 
included in the public docket without change and may be made available 
online at https://www.regulations.gov, including any personal 
information provided, unless the comment includes information claimed 
to be Controlled Unclassified Information (CUI) or other information 
for which disclosure is restricted by statute. Do not submit 
information that you consider to be CUI or otherwise protected through 
https://www.regulations.gov. The https://www.regulations.gov website is 
an ``anonymous access'' system for EPA, which means the EPA will not 
know your identity or contact information unless you provide it in the 
body of your comment. Each agency determines submission requirements 
within their own internal processes and standards. EPA has no 
requirement to include personal information. If you send an email 
comment directly to the EPA without going through https://www.regulations.gov your email address will be automatically captured 
and included as part of the comment that is placed in the public docket 
and made available on the internet. If you submit an electronic 
comment, the EPA recommends that you include your name and other 
contact information in the body of your comment. If the EPA cannot read 
your comment due to technical difficulties and cannot contact you for 
clarification, the EPA may not be able to consider your comment. 
Electronic files should avoid the use of special characters, any form 
of encryption, and be free of any defects or viruses. For additional 
information about the EPA public docket, visit the EPA Docket Center 
homepage at https://www.epa.gov/dockets.
    Docket: All documents in the docket are listed in the https://www.regulations.gov index. Although listed in the index, some 
information is not publicly available, e.g., CUI or other information 
for which disclosure is restricted by statute. Certain other material, 
such as copyrighted material, will be publicly available only in hard 
copy. Publicly available docket materials are available either 
electronically in https://www.regulations.gov or in hard copy at the 
OMS Docket, EPA/DC, WJC West Building, Room 3334, 1301 Constitution 
Ave. NW, Washington. DC 20460.
    We encourage the public to submit comments via https://www.regulations.gov or email, as there may be a delay in processing 
mail and faxes. Hand deliveries and couriers may be received by 
scheduled appointment only. For further information on EPA Docket 
Center services and the current status, please visit us online at 
https://www.epa.gov/dockets. The telephone number for the Public 
Reading Room is (202) 566-1744, and the telephone number for the OMS 
Docket is (202) 566-1752.

FOR FURTHER INFORMATION CONTACT: Please submit questions to Lee Kelly, 
Agency Privacy Act Officer, 1200 Pennsylvania Ave. NW, Washington, DC 
20460; telephone number: (202) 566-1197, email address: 
kelly.lee@epa.gov.

SUPPLEMENTARY INFORMATION: EPA is modifying this system of records 
notice (SORN) to comply with Executive Order 14249 and OMB Memorandum 
M-25-32, which require agencies to modify relevant SORNs to include a 
routine use that allows for the disclosure of records to the U.S. 
Department of the Treasury for the purpose of identifying, preventing, 
or recouping fraud and improper payments. Additionally, EPA is updating 
the contact information for the Agency Privacy Officer. This system of 
records is composed of an accounts receivable module and travel and 
other accounts payable modules. The system contains personal 
identifying information such as names, addresses, and Social Security 
numbers of people indebted to or owed money by EPA. The accounts 
receivable module contains information about the nature of the debt or 
claim, the amount owed, the historical status of the debt, and 
information that relates to and documents efforts to collect debts owed 
the Agency. The travel and other accounts payable modules contain 
information about the travel authorization; travel vouchers, which 
support the claim for the reimbursement to the travel; travel advance 
authorizations, which provide fund advances to pay travel expenses 
incurred in the performance of official government business; and 
finally itemized invoices for other services performed for EPA. In both 
modules, banking information necessary to support electronic funds 
transfers may be maintained.

SYSTEM NAME AND NUMBER:
    Compass Financials IT System, EPA-29.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    National Computer Center, Environmental Protection Agency, Research 
Triangle Park, North Carolina 27711; other EPA offices.

SYSTEM MANAGER(S):
    Controller, Office of Financial Operations and Management, 
Environmental Protection Agency, William Jefferson Clinton Building, 
1200 Pennsylvania Avenue NW, Washington, DC 20460.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    OMB Circular A-127; Chief Financial Officers Act of 1990, Public 
Law 101-576; Federal Managers Financial Integrity Act of 1982, Public 
Law 97-255 (31 U.S.C. 3512 et seq.); 31 U.S.C. Chapter 11.

PURPOSE(S) OF THE SYSTEM:
    Records in the accounts receivable module is used primarily to 
create a record of, and track, all accounts receivable and to assist 
the EPA in collecting debts owed the Agency. Records in the travel and 
other accounts payable modules are used primarily to create a record of 
and to track all monies owed by the EPA for authorized travel and for 
other services performed for the EPA. Tracks and executes the Agency's 
budget. The system provides reporting in all areas listed above.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals who owe monies to and individuals who are owed monies 
from the Environmental Protection Agency are covered by the system. 
This includes, but is not limited to, individuals who owe monies to the 
EPA for refunds, penalties, travel advances, Interagency Agreements, or 
Freedom of Information Act Requests. This system also contains 
information on corporations and other entities that are in debt to the 
EPA. This system also includes monies owed by the EPA to Agency 
employees, consultants, private citizens, and others who travel or 
perform other services for the EPA.

CATEGORIES OF RECORDS IN THE SYSTEM:
    This system of records is composed of an accounts receivable 
module, travel, other accounts payable modules and reporting. The 
system contains personal identifying information such as names, 
addresses, and Social Security numbers

[[Page 20430]]

of persons indebted to or owed money by the EPA. The accounts 
receivable module contain information about the nature of the debt or 
claim, the amount owed, the historical status of the debt, and 
information that relates to and documents efforts to collect debts owed 
the Agency. The travel and other accounts payable modules contain 
information about the travel authorization; travel vouchers, which 
support the claim for the reimbursement to the travel; travel advance 
authorizations, which provide fund advances to pay travel expenses 
incurred in the performance of official government business; and 
itemized invoices for other services performed for the EPA. In both 
modules, banking information necessary to support electronic funds 
transfers may be maintained.

RECORD SOURCE CATEGORIES:
    Record subjects, supervisors, consumer reporting agencies, debt 
collection agencies, the Department of the Treasury and other Federal 
agencies.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    General routine uses D, E, F, G, K and L apply to this system. 
Records may also be disclosed:
    1. To the Department of Treasury for Purpose of carrying out the 
EPA's financial management functions and responsibilities. This refers 
to the routine, system-driven processes that enable core financial 
management activities, such as payment processing, financial reporting, 
reconciliations, and other operational transactions necessary to 
support the agency's financial operations. Another use for Treasury is 
to identify and prevent payment errors, waste, fraud, and abuse within 
federal spending.
    2. To disclose limited debtor information to debt collection 
agencies under contract with the EPA solely for the purpose of 
collecting debts owed to the Agency. For this routine use, ``debtor 
information'' is limited to the individual's name, address, Social 
Security number, and other information necessary to identify the 
individual; the amount, status, and history of the claim; and the 
agency or program under which the claim arose. Debt collection agencies 
must comply with the Privacy Act, and their agents are subject to the 
Act's criminal penalty provisions.
    3. To the U.S. Department of the Treasury when disclosure of the 
information is relevant to review payment and award eligibility through 
the Do Not Pay Working System for the purposes of identifying, 
preventing, or recouping improper payments to an applicant for, or 
recipient of, Federal funds, including funds disbursed by a state 
(meaning a state of the United States, the District of Columbia, a 
territory or possession of the United States, or a federally recognized 
Indian Tribe) in a state-administered, federally funded program.
Disclosure to Consumer Reporting Agencies
    Pursuant to 5 U.S.C. 552a(b)(12), disclosure may be made to a 
consumer reporting agency as defined in the Fair Credit Reporting Act 
(15 U.S.C. 1681a(f)) or the Federal Claims Collection Act of 1966 (31 
U.S.C. 3701(a)(30)).

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    The Compass Momentum component stores records on a storage area 
network (SAN), located at Research Triangle Park, North Carolina. 
Backup tapes are maintained at a disaster recovery site. The Compass 
Data Warehouse also stores data on a SAN, located at Research Triangle 
Park, North Carolina.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Accounts receivable module records are indexed by account 
receivable control number (a number assigned to each ``incoming'' 
account receivable). Individual records can be accessed by using a 
cross-reference table which links accounts receivable control numbers 
with the debtor's name and records. Travel and other accounts payable 
module records are retrievable by name and social security number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records are maintained for 6 years and 3 months after final 
payment, in accordance with applicable federal records schedules. They 
are deleted when applicable records schedules allow and when no longer 
needed for agency business, unless related to the Superfund program 
cost recovery efforts. In accordance with applicable federal records 
schedules, Superfund cost recovery records are maintained more than 30 
years after the completion of cost recovery at the site. The Records 
Control Schedule is #054.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Security controls used to protect personally identifiable 
information in Compass Financials IT are commensurate with those 
required for an information system rated moderate for confidentiality, 
integrity, and availability, as prescribed in NIST Special Publication, 
800-53, ``Security and Privacy Controls for Information Systems and 
Organizations,'' Revision 5.
    1. Administrative Safeguards: EPA personnel are required to 
complete annual agency Information Security and Privacy training. EPA 
personnel are instructed to lock their computers when they leave their 
desks.
    2. Technical Safeguards: Electronic records are maintained in a 
secure, password protected electronic system. Compass Financials IT 
System access is limited to authorized, authenticated users. All of the 
system's electronic communication utilizes Transport Layer Security 
(TLS) secure communication protocol for all transactions.
    3. Physical Safeguards: All records are maintained in secure, 
access-controlled areas or buildings.

RECORD ACCESS PROCEDURES:
    All requests for access to personal records should cite the Privacy 
Act of 1974 and reference the type of request being made (i.e., 
access). Requests must include: (1) the name and signature of the 
individual making the request; (2) the name of the Privacy Act system 
of records to which the request relates; (3) a statement whether a 
personal inspection of the records or a copy of them by mail is 
desired; and (4) proof of identity. A full description of EPA's Privacy 
Act procedures for requesting access to records is included in EPA's 
Privacy Act regulations at 40 CFR part 16.

CONTESTING RECORD PROCEDURES:
    Requests for correction or amendment must include: (1) the name and 
signature of the individual making the request; (2) the name of the 
Privacy Act system of records to which the request relates; (3) a 
description of the information sought to be corrected or amended and 
the specific reasons for the correction or amendment; and (4) proof of 
identity. A full description of EPA's Privacy Act procedures for the 
correction or amendment of a record is included in EPA's Privacy Act 
regulations at 40 CFR part 16.

NOTIFICATION PROCEDURES:
    Individuals who wish to be informed whether a Privacy Act system of 
records maintained by EPA contains any record pertaining to them, 
should make a written request to EPA, Attn: Agency Privacy Officer, MC 
2810A, 1200 Pennsylvania Ave. NW, Washington, DC 20460, 
privacy@epa.gov, or submit their request online at https://epabap.my.site.com/privacy/s/. A full

[[Page 20431]]

description of EPA's Privacy Act procedures is included in EPA's 
Privacy Act regulations at 40 CFR part 16.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.
    History: N/A.
    FRL-7145-7-posted on February 22, 2002: The EPA provided notice 
that it proposed to establish a new system of records, the EPA Travel, 
Other Accounts Payable, and Accounts Receivable Files.

Carter Farmer,
Senior Agency Official for Privacy.
[FR Doc. 2026-07406 Filed 4-15-26; 8:45 am]
BILLING CODE 6560-50-P

Legal Citation

Federal Register Citation

Use this for formal legal and research references to the published document.

91 FR 20428

Web Citation

Suggested Web Citation

Use this when citing the archival web version of the document.

“Privacy Act of 1974; System of Records,” thefederalregister.org (April 16, 2026), https://thefederalregister.org/documents/2026-07406/privacy-act-of-1974-system-of-records.