Privacy Act; systems of records,

Text

---

Federal Register: October 3, 2007 (Volume 72, Number 191)NoticesPage 56434-56437From the Federal Register Online via GPO Access [wais.access.gpo.gov]

DOCID:fr03oc07-126

[Page 56434]

DEPARTMENT OF THE TREASURY

Privacy Act of 1974; System of Records

AGENCY: Department of the Treasury.

ACTION: Notice of alteration of the Department's Privacy Act Systems of Records.

SUMMARY: The Department of the Treasury gives notice of a proposed alteration to each of its systems of records by adding a routine use subject to the Privacy Act of 1974, as amended (5 U.S.C. 552a).

DATES: Comments must be received no later than November 2, 2007. The proposed alteration will be effective November 13, 2007 unless the Department receives comments which would result in a contrary determination.

ADDRESSES: Comments must be submitted to Disclosure Services, Department of the Treasury, 1500 Pennsylvania Avenue, NW., Washington, DC 20220. Comments received will be available for inspection by appointment at the library, U.S. Department of the Treasury, 1500 Pennsylvania Avenue, NW., Washington, DC 20220, Room 1428, between the hours of 9 a.m. and 4 p.m. Monday through Friday. To make an appointment, please call the library at 202-622-0990 or contact the library by e-mail: library.reference@do.treas.gov.

FOR FURTHER INFORMATION CONTACT: Dale Underwood, Deputy Director, Disclosure Services, phone: 202-622-0874, by fax: 202-622-3895, or by e-mail at dale.underwoodd@do.treas.gov.

SUPPLEMENTARY INFORMATION: Pursuant to the provisions of the Privacy Act of 1974, 5 U.S.C. 552a, notice is given that the Department of the Treasury, proposes to modify all of its Privacy Act systems of records, as identified below, to include a new routine use permitting disclosure to appropriate persons and entities for purposes of response and remedial efforts in the event of a breach or compromise of data contained in the applicable system of records. The purpose and intent of publishing the routine use is to give individuals full and fair notice of the extent of potential disclosures, consistent with the Privacy Act's requirement that individuals be made aware of how their records may be disclosed, even if the Department anticipates that there may often be very limited or no disclosure of an individual's records to third parties as part of the agency's investigatory or remedial efforts.

The President's Identity Theft Task Force's Strategic Plan recommended that all federal agencies publish a routine use for their systems of records allowing for the disclosure of information in the course of responding to a breach of data maintained in a system of records. The term ``breach'' is used to include the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access, or any similar term referring to situations where persons other than authorized users and/or for an other than authorized purpose have access or potential access to personally identifiable information (PII), whether physical or electronic.

On May 22, 2007, the Office of Management and Budget (OMB) issued M-07-16 ``Safeguarding Against and Responding to the Breach of Personally Identifiable Information.'' It requires agencies to develop and implement breach notification policies within 120 days. As part of that effort the Department is publishing the routine use recommended by the President's Identity Theft Task Force and set out in OMB M-07-16.

The routine use will facilitate an effective response to a confirmed or suspected breach by allowing for disclosure to those individuals affected by the breach, as well as to others who are in a position to assist in the Department's response efforts, either by assisting in notification to affected individuals or otherwise playing a role in preventing, minimizing, or remedying harms from the breach or compromise. When there is a clear need for a rapid response following a breach with a prompt and effective investigation and possible mitigation, waiting until a breach has occurred before adding or amending a routine use to accommodate disclosures in response to the breach is not a viable option.

Although a routine use may permit the disclosure of information from a system of records without the consent of the record subject, the information may also be subject to a statutory scheme that prohibits or otherwise restricts the disclosure information as a matter of law. The Department of the Treasury is required to protect information it receives from taxpayers or those required to file certain information under the Bank Secrecy Act. Accordingly, tax returns and return information may only be disclosed under this routine use as provided by 26 U.S.C. 6103. Bank Secrecy Act information may only be disclosed under this routine use as provided by 31 U.S.C. 5311 et seq.

The Privacy Act authorizes the agency to adopt routine uses that are consistent with the purpose for which information is collected. The Department believes that it is consistent with the collection of information pertaining to such individuals to disclose Privacy Act records when, in doing so, could help prevent, minimize or remedy a data breach or compromise that might affect such individuals. By contrast, it is believed that failure to take reasonable steps to help prevent or minimize the harm that may result from such a breach or compromise would jeopardize, rather than promote, the privacy of such individuals.

The report on the proposed routine use, as required by 5 U.S.C. 552a(r) of the Privacy Act, has been submitted to the Committee on Government Reform and Oversight of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate and the Office of Management and Budget, pursuant to Appendix I to OMB Circular A-130, ``Federal Agency Responsibilities for Maintaining Records About Individuals,'' dated November 30, 2000.

For the reasons set forth above, the proposed routine use is added to the systems of records as follows:

The following Treasury-wide systems of records were last published in the Federal Register in their entirety on August 1, 2005, beginning at 70 FR 44178:

Treasury .001--Treasury Payroll and Personnel System Treasury .002--Grievance Records Treasury .003--Treasury Child Care Tuition Assistance Records Treasury .004--Freedom of Information Act/Privacy Act Request Records Treasury .005--Public Transportation Incentive Program Records Treasury .006--Parking and Carpool Program Records Treasury .007--Personnel Security System Treasury .008--Treasury Emergency Management System Treasury .009--Treasury Financial Management Systems Treasury .010--Telephone Call Detail Records Treasury .011--Treasury Safety Incident Management Information System (SIMIS) Treasury .012--Fiscal Service Public Key Infrastructure (PKI) System

The following Departmental Offices (DO) systems of records were last published in the Federal Register in their entirety on August 9, 2005, beginning at 70 FR 46268:

DO .003--Law Enforcement Retirement Claims Records DO .007--General Correspondence Files DO .010--Office of Domestic Finance, Actuarial Valuation System

[Page 56435]DO .015--Political Appointee Files DO .060--Correspondence Files and Records on Dissatisfaction DO .111--Office of Foreign Assets Control Census Records DO .114--Foreign Assets Control Enforcement Records DO .118--Foreign Assets Control Licensing Records DO .144--General Counsel Litigation Referral and Reporting System DO .149--Foreign Assets Control Legal Files DO .190--Investigation Data Management System DO .191--Human Resources and Administrative Records System DO .193--Employee Locator and Automated Directory System DO .194--Circulation System DO .196--Security Information System DO .202--Drug-Free Workplace Program Records DO .207--Waco Administrative Review Group Investigation DO .209--Personal Services Contracts (PSC) DO .214--D.C. Pensions Retirement Records DO .216--Treasury Security Access Control and Certificates Systems DO .301--TIGTA--General Personnel and Payroll DO .302--TIGTA--Medical Records DO .303--TIGTA--General Correspondence DO .304--TIGTA--General Training DO .305--TIGTA--Personal Property Management Records DO .306--TIGTA--Recruiting and Placement Records DO .307--TIGTA--Employee Relations Matters, Appeals, Grievances, and Complaint Files DO .308--TIGTA--Data Extracts DO .309--TIGTA--Chief Counsel Case Files DO .310--TIGTA--Chief Counsel Disclosure Section DO .311--TIGTA--Office of Investigations Files

The following Alcohol and Tobacco Tax and Trade Bureau (TTB) systems of records were last published in the Federal Register in their entirety on August 30, 2001, beginning at 66 FR 45893:

ATF .001--Administrative Record System ATF .002--Correspondence Record System ATF .003--Criminal Investigation Report System ATF .007--Personnel Record System ATF .008--Regulatory Enforcement Record System ATF .009--Technical and Scientific Services Record System

The following Comptroller of the Currency (CC) systems of records were last published in the Federal Register in their entirety on July 11, 2005, beginning at 70 FR 39853:

CC .100--Enforcement Action Report System CC .110--Reports of Suspicious Activities CC .120--Bank Fraud Information System CC .200--Chain Banking Organizations System CC .210--Bank Securities Dealers System CC .220--Section 914 Tracking System CC .340--Access Control System CC .500--Chief Counsel's Management Information System CC .510--Litigation Information System CC .600--Consumer Complaint and Inquiry Information System CC .700--Correspondence Tracking System

The following Bureau of Engraving and Printing (BEP) systems of records were last published in the Federal Register in their entirety on July 27, 2005, beginning at 70 FR 43508:

BEP .002--Personal Property Claim File BEP .004--Counseling Records BEP .005--Compensation Claims BEP .006--Debt Files (Employees) BEP .014--Employee's Production Record BEP .016--Employee Suggestions BEP .020--Industrial Truck Licensing Records BEP .021--Investigative Files BEP .027--Access Control and Alarm Monitoring Systems (ACAMS) BEP .035--Tort Claims (Against the United States) BEP .038--Unscheduled Absence Record BEP .041--Record of Discrimination Complaints BEP .045--Mail Order Sales Customer Files BEP .046--Automated Mutilated Currency Tracking System BEP .047--Employee Emergency Notification system

The following Financial Management Service (FMS) systems of records were last published in the Federal Register in their entirety on July 14, 2005, beginning at 70 FR 34522, unless otherwise indicated by a parenthetical:

FMS .001--Administrative Records FMS .002--Payment Issue Records for Regular Recurring Benefit Payments FMS .003--Claims and Inquiry Records on Treasury Checks, and International Claimants FMS .004--Education and Training Records FMS .005--FMS Personnel Records FMS .006--Direct Deposit Enrollment Records (October 10, 2005, at 70 FR 59395) FMS .007--Payroll and Pay Administration FMS .010--Records of Accountable Officers' Authority With Treasury FMS .012--Pre-complaint Counseling and Complaint Activities FMS .013--Gifts to the United States FMS .014--Debt Collection Operations System FMS .016--Payment Records for Other Than Regular Recurring Benefit Payments FMS .017--Collection Records

The following Internal Revenue Service (IRS) systems of records were last published in the Federal Register in their entirety on December 10, 2001, beginning at 66 FR 63784, unless otherwise indicated by a parenthetical:

IRS 00.001--Correspondence Files (including Stakeholder Relationship files) and Correspondence Control Files IRS 00.002--Correspondence Files/Inquiries About Enforcement Activities IRS 00.003--Taxpayer Advocate Service and Customer Feedback and Survey Records IRS 00.007--Employee Complaint and Allegation Referral Records (May 28, 2002, at 67 FR 36963) IRS 00.008--Recorded Quality Review Records (November 11, 2003, at 68 FR 65996) IRS 00.009--IRS Taxpayer Assistance Center Recorded Quality Review Records (February 24, 2005, at 70 FR 9132) IRS 00.333--Third Party Contact Records IRS 00.334--Third Party Contact Reprisal Records IRS 10.001--Biographical Files, Chief, Communications and Liaison IRS 10.004--Stakeholder Relationship Management and Subject Files, Chief, Communications and Liaison IRS 10.007--SPEC Taxpayer Assistance Reporting System (STARS) (June 19, 2004, at 68 FR 43055) IRS 10.555--Volunteer Records (February 10, 2006, at 71 FR 7115) IRS 21.001--Tax Administration Resources File, Office of Tax Administration Advisory Services IRS 22.003--Annual Listing of Undelivered Refund Checks IRS 22.011--File of Erroneous Refunds IRS 22.012--Health Coverage Tax Credit Program Records (June 4, 2003, at 68 FR 33577) IRS 22.026--Form 1042S Index by Name of Recipient

[Page 56436]IRS 22.027--Foreign Information System (FIS) IRS 22.028--Disclosure Authorizations for U.S. Residency Certification Letters IRS 22.032--Individual Microfilm Retention Register IRS 22.034--Individual Returns Files, Adjustments and Miscellaneous Documents Files IRS 22.043--Potential Refund Litigation Case Files IRS 22.044--P.O.W.-M.I.A. Reference File IRS 22.054--Subsidiary Accounting Files IRS 22.059--Unidentified Remittance File IRS 22.060--Automated Non-Master File (ANMF) IRS 22.061--Individual Return Master File (IRMF) IRS 22.062--Electronic Filing Records IRS 24.013--Combined Account Number File, Taxpayer Services IRS 24.029--Individual Account Number File (IANF) IRS 24.030--CADE Individual Master File (IMF) IRS 24.031--Medicare Prescription Drug Transitional Assistance Records (May 12, 2004, at 69 FR 26432) IRS 24.046--CADE Business Master File (BMF) IRS 24.047--Audit Underreporter Case File IRS 24.070--Debtor Master File (DMF) IRS 26.001--Acquired Property Records IRS 26.006--Form 2209, Courtesy Investigations IRS 26.008--IRS and Treasury Employee Delinquency IRS 26.009--Lien Files (Open and Closed) IRS 26.010--Lists of Prospective Bidders at Internal Revenue Sales of Seized Property IRS 26.011--Litigation Case Files IRS 26.012--Offer in Compromise (OIC) File IRS 26.013--Trust Fund Recovery Cases/One Hundred Percent Penalty Cases IRS 26.014--Record 21, Record of Seizure and Sale of Real Property IRS 26.016--Returns Compliance Programs (RCP) IRS 26.019--Taxpayer Delinquent Accounts (TDA) Files including subsystems: (a) Adjustments and Payment Tracers Files, (b) Collateral Files, (c) Seized Property Records, (d) Tax SB/SE, W&I, LMSB Waiver, Forms 900, Files, and (e) Accounts on Child Support Obligations IRS 26.020--Taxpayer Delinquency Investigation (TDI) Files IRS 26.021--Transferee Files IRS 26.022--Delinquency Prevention Programs IRS 26.055--Private Collection Agency (PCA) Quality Review Records (June 19, 2006, at 71 FR 41075) IRS 30.003--Requests for Printed Tax Materials Including Lists IRS 30.004--Security Violations IRS 34.003--Assignment and Accountability of Personal Property Files IRS 34.007--Record of Government Books of Transportation Requests IRS 34.009--Safety Program Files IRS 34.012--Emergency Preparedness Cadre Assignments and Alerting Rosters Files IRS 34.013--Identification Media Files System for Employees and Others Issued IRS ID IRS 34.014--Motor Vehicle Registration and Entry Pass Files IRS 34.016--Security Clearance Files IRS 34.020--IRS Audit Trail Lead Analysis System (ATLAS) IRS 34.021--Personnel Security Investigations, National Background Investigations Center IRS 34.022--National Background Investigations Center Management Information System (NBICMIS) (November 28, 2005, at 70 FR 71376) IRS 34.037--IRS Audit Trail and Security Records System IRS 35.001--Reasonable Accommodation Request Records (October 5, 2004, at 69 FR 59645) IRS 36.001--Appeals, Grievances and Complaints Records IRS 36.002--Employee Activity Records IRS 36.003--General Personnel and Payroll Records IRS 36.005--Medical Records IRS 36.008--Recruiting, Examining and Placement Records IRS 36.009--Retirement, Life Insurance and Health Benefits Records System IRS 36.888--Employee Tax Compliance Records (ETC) IRS 37.006--Correspondence, Miscellaneous Records and Information Management Records (December 1, 2006, at 71 FR 69615) IRS 37.007--Practitioner Disciplinary Records (December 1, 2006, at 71 FR 69616) IRS 37.009--Enrolled Agent Records (December 1, 2006, at 71 FR 69618) IRS 38.001--General Training Records IRS 42.001--Examination Administrative File IRS 42.002--Excise Compliance Programs (November 8, 2006, at 71 FR 65570) IRS 42.008--Audit Information Management System (AIMS) IRS 42.013--Project Files for the Uniform Application of Laws as a Result of Technical Determinations and Court Decisions IRS 42.014--Internal Revenue Service Employees' Returns Control Files IRS 42.016--Classification/Centralized Files and Scheduling Files IRS 42.017--International Enforcement Program Files IRS 42.021--Compliance Programs and Projects Files IRS 42.027--Data on Taxpayers Filing on Foreign Holdings IRS 42.030--Discriminant Function File (DIF) IRS 42.031--Anti-Money Laundering/Bank Secrecy Act (BSA) and Form 8300 Records (April 30, 2004, at 69 FR 23854) IRS 44.001--Appeals Case Files IRS 44.003--Appeals Centralized Data System IRS 44.004--Art Case File IRS 44.005--Expert Witness and Fee Appraiser Files IRS 46.002--Criminal Investigation Management Information System (CIMIS) IRS 46.003--Confidential Informants, Criminal Investigation Division IRS 46.004--Controlled Accounts (Open and Closed) IRS 46.005--Electronic Surveillance File, Criminal Investigation Division IRS 46.009--Centralized Evaluation and Processing of Information Items (CEPIIs), Evaluation and Processing of Information (EOI), Criminal Investigation Division IRS 46.011--Illinois Land Trust Files, Criminal Investigation Division IRS 46.015--Relocated Witnesses, Criminal Investigation Division IRS 46.016--Secret Service Details, Criminal Investigation Division IRS 46.022--Treasury Enforcement Communications System (TECS), Criminal Investigation Division IRS 46.050--Automated Information Analysis System IRS 46.051--Criminal Investigation Audit Trail Records System IRS 48.001--Disclosure Records IRS 48.008--Defunct Special Service Staff File Being Retained Because of Congressional Directive IRS 49.001--Collateral and Information Requests System IRS 49.002--Tax Treaty Information Management System IRS 49.003--Financial Statements File IRS 49.007--Overseas Compliance Projects System IRS 49.008--International Correspondence System IRS 50.001--Employee Plans/Exempt Organizations Correspondence Control Records IRS 50.003--Employee Plans/Exempt Organizations, Reports of Significant Matters in Technical IRS 50.222--Tax Exempt/Government Entities (TE/GE) Case Management Records (December 7, 2005, at 70 FR 72876)

[Page 56437]IRS 60.000--Employee Protection System Records (November 30, 2001, at 59839) IRS 70.001--Individual Income Tax Returns, Statistics of Income IRS 90.001--Chief Counsel Criminal Tax Case Files IRS 90.002--Chief Counsel Disclosure Litigation Case Files IRS 90.003--Chief Counsel General Administrative Systems IRS 90.004--Chief Counsel General Legal Services Case Files IRS 90.005--Chief Counsel General Litigation Case Files IRS 90.007--Chief Counsel Legislation and Regulations Division, Employee Plans and Exempt Organizations Division, and Associate Chief Counsel (Technical and International) Correspondence and Private Bill File IRS 90.009--Chief Counsel Field Services Case Files IRS 90.010--Digest Room Files Containing Briefs, Legal Opinions, and Digests of Documents Generated Internally or by the Department of Justice Relating to the Administration of the Revenue Laws IRS 90.011--Attorney Recruiting Files IRS 90.013--Legal Case Files of the Chief Counsel, Deputy Chief Counsel and Associate Chief Counsels IRS 90.015--Reference Records of the Library in the Office of Chief Counsel IRS 90.016--Counsel Automated Tracking System (CATS) Records IRS 90.017--Correspondence Control and Records, Associate Chief Counsel (Technical and International) IRS 90.018--Expert Witness Library IRS

The following United States Mint (Mint) systems of records were last published in the Federal Register in their entirety on June 13, 2005, beginning at 70 FR 34178:

Mint .001--Cash Receivable Accounting Information System Mint .003--Employee and Former Employee Travel & Training Accounting Information System Mint .004--Occupational Safety and Health, Accident and Injury Records, and Claims for Injuries or Damage Compensation Records Mint .005--Employee-Supervisor Performance Evaluation, Counseling, and Time and Attendance Records Mint .007--General Correspondence Mint .008--Employee Background Investigations Files Mint .012--Grievances: Union/Agency Negotiated Grievances; Adverse Performance Based Personnel Actions; Discrimination Complaints; Third Party Actions United States Mint

The following Bureau of the Public Debt (BPD) systems of records were last published in the Federal Register in their entirety on June 10, 2005, beginning at 70 FR 33939:

BPD .001--Human Resources and Administrative Records BPD .002--United States Savings-Type Securities BPD .003--United States Securities (Other than Savings-Type Securities) BPD .004--Controlled Access Security System BPD .005--Employee Assistance Records BPD .006--Health Service Program Records BPD .007--Gifts to Reduce the Public Debt BPD .008--Retail Treasury Securities Access Application BPD .009--U.S. Treasury Securities Fraud Information System

The following Office of Thrift Supervision (OTS) systems of records were last published in the Federal Register in their entirety on July 15, 2005, beginning at 70 FR 41085, unless otherwise indicated by a parenthetical:

OTS .001--Confidential Individual Information System OTS .002--Correspondence/Correspondence Tracking (April 18, 2007, at 72 FR 19580) OTS .003--Consumer Complaint (April 18, 2007, at 72 FR 19581) OTS .004--Criminal Referral Database OTS .005--Employee Counseling Service OTS .006--Employee Locator File (April 18, 2007, at 72 FR 19582) OTS .008--Employee Training Database (April 18, 2007, at 72 FR 19582) OTS .011--Positions/Budget (April 18, 2007, at 72 FR 19583) OTS .012--Payroll/Personnel Systems & Payroll Records. (April 18, 2007, at 72 FR 19584)

The following Financial Crimes Enforcement Network (FinCEN) systems of records were last published in the Federal Register in their entirety on August 8, 2005:

FinCEN .001--FinCEN Data Base FinCEN .002--Suspicious Activity Reporting System (SARS) FinCEN .003--Bank Secrecy Act Reports System * * * * *

Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses

* * * * *

Description of changes: Replace the period ``(.)'' at the end of the last routine use with a semicolon ``(;)'' and add the following routine use at the end thereof in numerical order:

``( ) To appropriate agencies, entities, and persons when (1) the Department suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.'' * * * * *

Dated: September 20, 2007. Peter B. McCarthy, Assistant Secretary for Management and Chief Financial Officer.

FR Doc. E7-19529 Filed 10-2-07; 8:45 amBILLING CODE 4811-42-P

If you are already a vLex customer, access here

---