Agency Information Collection Activities; Submission for OMB Review; Comment Request
| Citation | 84 FR 18845 |
| Record Number | 2019-08909 |
| Published date | 02 May 2019 |
| Section | Notices |
| Court | Federal Trade Commission |
18845
Federal Register / Vol. 84, No. 85 / Thursday, May 2, 2019 / Notices
records for applicants who are hired
may be maintained in accordance with
the System of Records entitled BGFRS–
41 ‘‘FRB—Ethics Program Records.’’
Onboarding records for hires who
become employees of the Board are
maintained in accordance with the
respective Board system of records for
the records including BGFRS–4 ‘‘FRB—
General Personnel Records,’’ BGFRS–7
‘‘FRB—Payroll and Leave Records,’’
BGFRS–24 ‘‘FRB—EEO General Files,’’
and BGFRS–34 ‘‘FRB—ESS Staff
Identification Card File.’’
ADMINISTRATIVE
,
TECHNICAL
,
AND PHYSICAL
SAFEGUARDS
:
Paper records are secured by lock and
key and electronic files are stored on
secure servers. The system has the
ability to track individual user actions
within the system. The audit and
accountability controls are based on
NIST and Board standards which, in
turn, are based on applicable laws and
regulations. The controls assist in
detecting security violations and
performance or other issues in the
system. Access to the system is
restricted to authorized users within the
Board who require access for official
business purposes. Users are classified
into different roles and common access
and usage rights are established for each
role. User roles are used to delineate
between the different types of access
requirements such that users are
restricted to data that is required in the
performance of their duties. Periodic
assessments and reviews are conducted
to determine whether users still require
access, have the appropriate role, and
whether there have been any
unauthorized changes.
RECORD ACCESS PROCEDURES
:
The Privacy Act allows individuals
the right to access records maintained
about them in a Board system of
records. Your request for access must:
(1) Contain a statement that the request
is made pursuant to the Privacy Act of
1974; (2) provide either the name of the
Board system of records expected to
contain the record requested or a
concise description of the system of
records; (3) provide the information
necessary to verify your identity; and (4)
provide any other information that may
assist in the rapid identification of the
record you seek.
Current or former Board employees
may make a request for access by
contacting the Board office that
maintains the record. The Board
handles all Privacy Act requests as both
a Privacy Act request and as a Freedom
of Information Act request. The Board
does not charge fees to a requestor
seeking to access or amend his/her
Privacy Act records.
You may submit your Privacy Act
request to the—Secretary of the Board,
Board of Governors of the Federal
Reserve System, 20th Street and
Constitution Avenue NW, Washington,
DC 20551.
You may also submit your Privacy Act
request electronically through the
Board’s FOIA ‘‘Electronic Request
Form’’ located here: https://
www.federalreserve.gov/secure/forms/
efoiaform.aspx.
CONTESTING RECORD PROCEDURES
:
The Privacy Act allows individuals to
seek amendment of information that is
erroneous, irrelevant, untimely, or
incomplete and is maintained in a
system of records that pertains to them.
To request an amendment to your
record, you should clearly mark the
request as a ‘‘Privacy Act Amendment
Request.’’ You have the burden of proof
for demonstrating the appropriateness of
the requested amendment and you must
provide relevant and convincing
evidence in support of your request.
Your request for amendment must: (1)
Provide the name of the specific Board
system of records containing the record
you seek to amend; (2) identify the
specific portion of the record you seek
to amend; (3) describe the nature of and
reasons for each requested amendment;
(4) explain why you believe the record
is not accurate, relevant, timely, or
complete; and (5) unless you have
already done so in a related Privacy Act
request for access or amendment,
provide the necessary information to
verify your identity.
NOTIFICATION PROCEDURES
:
Same as ‘‘Access procedures’’ above.
You may also follow this procedure in
order to request an accounting of
previous disclosures of records
pertaining to you as provided for by 5
U.S.C. 552a(c).
EXEMPTIONS PROMULGATED FOR THE SYSTEM
:
Certain portions of this system of
records may be exempt from 5 U.S.C.
552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and
(I), and (f) of the Privacy Act pursuant
to subsections 5 U.S.C. 552a(k)(2) and
(k)(5).
HISTORY
:
This SORN was previously published
in the Federal Register at 81 FR 39923
(June 20, 2016) and 73 FR 24984 at
24987 (May 6, 2008). The SORN was
also amended to incorporate two new
routine uses required by OMB at 83 FR
43872 (August 28, 2018).
Board of Governors of the Federal Reserve
System, April 29, 2019.
Ann Misback,
Secretary of the Board.
[FR Doc. 2019–08978 Filed 5–1–19; 8:45 am]
BILLING CODE P
FEDERAL TRADE COMMISSION
Agency Information Collection
Activities; Submission for OMB
Review; Comment Request
AGENCY
: Federal Trade Commission
(FTC).
ACTION
: Notice and request for comment.
SUMMARY
: The FTC requests that the
Office of Management and Budget
(OMB) extend for three years the current
PRA clearance for information
collection requirements contained in the
agency’s Health Breach Notification
Rule. The existing clearance expires on
May 31, 2019. The public should
address comments to this notice to the
OMB.
DATES
: Comments must be received by
June 3, 2019.
ADDRESSES
: Comments in response to
this notice should be submitted to the
OMB Desk Officer for the Federal Trade
Commission within 30 days of this
notice. You may submit comments
using any of the following methods:
Electronic: Write ‘‘Health Breach
Notification Rule: PRA Comment,
P072108,’’ on your comment and file
your comment online at https://
www.regulations.gov, by following the
instructions on the web-based form.
Email: Wendy_L._Liberante@
omb.eop.gov.
Fax: (202) 395–5806.
Mail: Office of Information and
Regulatory Affairs, Office of
Management and Budget, Attention:
Desk Officer for the Federal Trade
Commission, New Executive Office
Building, Docket Library, Room 10102,
725 17th Street NW, Washington, DC
20503.
FOR FURTHER INFORMATION CONTACT
:
Robin Wetherill, 202–326–2220,
Attorney, Privacy & Identity Protection,
Bureau of Consumer Protection, 600
Pennsylvania Ave. NW, Washington, DC
20580.
SUPPLEMENTARY INFORMATION
:
Title: Health Breach Notification Rule.
OMB Control Number: 3084–0150.
Type of Review: Extension of a
currently approved collection.
Abstract: The Health Breach
Notification Rule (Rule), 16 CFR part
318, requires vendors of personal health
records and PHR related entities to
VerDate Sep<11>2014 18:51 May 01, 2019 Jkt 247001 PO 00000 Frm 00083 Fmt 4703 Sfmt 4703 E:\FR\FM\02MYN1.SGM 02MYN1
khammond on DSKBBV9HB2PROD with NOTICES
18846
Federal Register / Vol. 84, No. 85 / Thursday, May 2, 2019 / Notices
1
Hourly wages throughout this document are
updated from the 60-Day Federal Register notice
and are based on mean hourly wages found at
http://www.bls.gov/news.release/ocwage.htm
(‘‘Occupational Employment and Wages–May
2018,’’ U.S. Department of Labor, released March
2019, Table 1 (‘‘National employment and wage
data from the Occupational Employment Statistics
survey by occupation, May 2018’’).
The breakdown of labor hours and costs is as
follows: 50 hours of computer and information
systems managerial time at approximately $73 per
hour; 12 hours of marketing manager time at $71
per hour; 33 hours of computer programmer time
at $43 per hour; and 5 hours of legal staff time at
$69 per hour. The cost of telephone operators is
estimated at $19/hour.
2
Average wages for information security analysts
are estimated at $49/hour.
provide: (1) Notice to consumers whose
unsecured personally identifiable health
information has been breached; and (2)
notice to the Commission. The Rule
only applies to electronic health records
and does not include recordkeeping
requirements. The Rule requires third
party service providers (i.e., those
companies that provide services such as
billing or data storage) to vendors of
personal health records and PHR related
entities to provide notification to such
vendors and PHR related entities
following the discovery of a breach. To
notify the FTC of a breach, the
Commission developed a simple, two-
page form requesting minimal
information and consisting mainly of
check boxes, which is posted at
www.ftc.gov/healthbreach.
On February 8, 2019, the FTC sought
comment on the information collection
requirements associated with the Rule.
84 FR 2868. The FTC received seven
non-germane comments that did not
address either the burden associated
with the Rule or any of the other issues
raised by the public comment request.
Pursuant to OMB regulations, 5 CFR
part 1320, that implement the PRA, 44
U.S.C. 3501 et seq., the FTC is providing
this second opportunity for public
comment while seeking OMB approval
to renew the pre-existing clearance for
the Rule. For more details about the
Rule requirements and the basis for the
calculations summarized below, see 84
FR 2868.
Likely Respondents: Vendors of
personal health records, PHR related
entities and third party service
providers.
Estimated Annual Hours Burden:
4,779.
Estimated Frequency: 25,000 single-
person breaches per year and 0.33 major
breaches per year.
Total Annual Labor Cost: $96,656.
1
Total Annual Capital or Other Non-
Labor Cost: $29,952.
2
Request for Comment
Your comment—including your name
and your state—will be placed on the
public record of this proceeding at the
https://www.regulations.gov website.
Because your comment will be made
public, you are solely responsible for
making sure that your comment does
not include any sensitive personal
information, such as anyone’s Social
Security number; date of birth; driver’s
license number or other state
identification number, or foreign
country equivalent; passport number;
financial account number; or credit or
debit card number. You are also solely
responsible for making sure that your
comment does not include any sensitive
health information, such as medical
records or other individually
identifiable health information. In
addition, your comment should not
include any ‘‘trade secret or any
commercial or financial information
which . . . is privileged or
confidential’’—as provided by Section
6(f) of the FTC Act, 15 U.S.C. 46(f), and
FTC Rule 4.10(a)(2), 16 CFR 4.10(a)(2)—
including in particular competitively
sensitive information such as costs,
sales statistics, inventories, formulas,
patterns, devices, manufacturing
processes, or customer names.
Heather Hippsley,
Deputy General Counsel.
[FR Doc. 2019–08909 Filed 5–1–19; 8:45 am]
BILLING CODE 6750–01–P
DEPARTMENT OF HEALTH AND
HUMAN SERVICES
Centers for Disease Control and
Prevention
[30Day–19–19LI]
Agency Forms Undergoing Paperwork
Reduction Act Review
In accordance with the Paperwork
Reduction Act of 1995, the Centers for
Disease Control and Prevention (CDC)
has submitted the information
collection request titled Long-term
sequela of Rocky Mountain spotted
fever (RMSF) to the Office of
Management and Budget (OMB) for
review and approval. CDC previously
published a ‘‘Proposed Data Collection
Submitted for Public Comment and
Recommendations’’ notice on February
7, 2019 to obtain comments from the
public and affected agencies. CDC did
not receive comments related to the
previous notice. This notice serves to
allow an additional 30 days for public
and affected agency comments.
CDC will accept all comments for this
proposed information collection project.
The Office of Management and Budget
is particularly interested in comments
that:
(a) Evaluate whether the proposed
collection of information is necessary
for the proper performance of the
functions of the agency, including
whether the information will have
practical utility;
(b) Evaluate the accuracy of the
agencies estimate of the burden of the
proposed collection of information,
including the validity of the
methodology and assumptions used;
(c) Enhance the quality, utility, and
clarity of the information to be
collected;
(d) Minimize the burden of the
collection of information on those who
are to respond, including, through the
use of appropriate automated,
electronic, mechanical, or other
technological collection techniques or
other forms of information technology,
e.g., permitting electronic submission of
responses; and
(e) Assess information collection
costs.
To request additional information on
the proposed project or to obtain a copy
of the information collection plan and
instruments, call (404) 639–7570 or
send an email to omb@cdc.gov. Direct
written comments and/or suggestions
regarding the items contained in this
notice to the Attention: CDC Desk
Officer, Office of Management and
Budget, 725 17th Street NW,
Washington, DC 20503 or by fax to (202)
395–5806. Provide written comments
within 30 days of notice publication.
Proposed Project
Long-term sequela of Rocky Mountain
spotted fever (RMSF)—New ICR—
National Center for Emerging and
Zoonotic Infectious Diseases (NCEZID),
Centers for Disease Control and
Prevention (CDC).
Background and Brief Description
Data collection for this investigation
was initiated in July 2018 following
OMB approval on 7/22/2018, with a
second approval on 11/15/2018 under
the Emergency Epidemic Investigations
(EEI) Generic ICR (OMB Control
Number 0920–1011, exp 1/31/2020). A
full OMB package is being submitted to
allow for continuation of the project.
CDC is seeking three years of OMB
approval.
Rocky Mountain spotted fever
(RMSF), a life-threatening and rapidly
progressive tickborne disease, is caused
by infection with the bacterium
Rickettsia rickettsii. Infection begins
VerDate Sep<11>2014 18:51 May 01, 2019 Jkt 247001 PO 00000 Frm 00084 Fmt 4703 Sfmt 4703 E:\FR\FM\02MYN1.SGM 02MYN1
khammond on DSKBBV9HB2PROD with NOTICES
