Privacy Act of 1974: Systems of Records
| Citation | 86 FR 33780 |
| Record Number | 2021-13599 |
| Published date | 25 June 2021 |
| Section | Notices |
| Court | National Credit Union Administration |
Federal Register, Volume 86 Issue 120 (Friday, June 25, 2021)
[Federal Register Volume 86, Number 120 (Friday, June 25, 2021)]
[Notices]
[Pages 33780-33782]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-13599]
=======================================================================
-----------------------------------------------------------------------
NATIONAL CREDIT UNION ADMINISTRATION
Privacy Act of 1974: Systems of Records
AGENCY: National Credit Union Administration (NCUA)
ACTION: Notice of a new system of records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the Privacy Act of 1974, the National Credit Union
Administration (NCUA) gives notice of a new proposed Privacy Act system
of records. The new proposed system is the Mailing, Contact and Other
Lists System, NCUA-23. This system will support the NCUA's
communications and outreach efforts to members of the public, and the
NCUA's statutorily mandated examination and supervision activities of
credit unions. This system will store information pertaining to
individuals in the performance of the NCUA's statutory duties.
DATES: Submit comments on or before July 26, 2021. This action will
take effect without further notice on July 26, 2021 unless comments are
received that would result in a contrary determination.
ADDRESSES: You may submit comments by any of the following methods, but
please send comments by one method only:
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
[[Page 33781]]
NCUA website: http://www.ncua.gov/RegulationsOpinionsLaws/proposed_regs/proposed_regs.html. Follow the instructions for
submitting comments.
Fax: (703) 518-6319. Use the subject line described above
for email.
Mail: Address to Melane Conyers-Ausbrooks, Secretary of
the Board, National Credit Union Administration, 1775 Duke Street,
Alexandria, Virginia 22314-3428.
Hand Delivery/Courier: Same as mail address.
FOR FURTHER INFORMATION CONTACT: Ben Hardaway, Director, Division of
Communications, Office of External Affairs and Communications; Susan
Brown, Systems Officer, Office of Examination and Insurance; or Rena
Kim, Privacy Attorney, Office of General Counsel, the National Credit
Union Administration, 1775 Duke Street, Alexandria, Virginia, 22314.
SUPPLEMENTARY INFORMATION: This notice informs the public of the NCUA's
proposal to establish and maintain a new system of records. The
proposed new system is being established under the NCUA's authority
under the Federal Credit Union Act, 12 U.S.C. 1751, et. seq. The
information collected in the NCUA-23 system of records will facilitate
communication with the NCUA's stakeholders, including members of the
public, providing interested parties with information on the agency's
initiatives, required reports including the 5300 Call Report, and
credit union examination and supervision policies and practices. This
notice satisfies the Privacy Act requirement that an agency publish a
system of records notice in the Federal Register when there is an
addition to the agency's systems of records.
The format of NCUA-23 aligns with the guidance set forth in OMB
Circular A-108. NCUA-23 and all of the NCUA's Standard Routine Uses are
published in full below. All of the NCUA's SORNs are available at
www.ncua.gov.
By the National Credit Union Administration Board.
Melane Conyers-Ausbrooks,
Secretary of the Board.
SYSTEM NAME AND NUMBER:
Mailing, Contact and Other Lists--NCUA-23.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
The system is operated and maintained in part by the NCUA staff,
and in part by third-party vendors. Please contact the system managers
(below) for more information.
SYSTEM MANAGER(S):
Director of the Office of External Affairs and Communications, and
the Director of the Office of Examination and Insurance, National
Credit Union Administration, 1775 Duke Street, Alexandria, Virginia
22314-3428.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
12 U.S.C. 1751, et. seq.
PURPOSE(S) OF THE SYSTEM:
This system of records is maintained for the purposes of supporting
the National Credit Union Administration's (NCUA's) communications and
outreach efforts to members of the public and to facilitate the NCUA's
statutorily mandated examination and supervision activities, including:
1. Handling requests for informational literature, newsletters, and
other NCUA materials;
2. Processing event registrations, conducting surveys, and
providing information about NCUA-related activities and events and;
3. Notifying credit unions of mandatory actions and updates that
they must complete and are related to the NCUA's mission of providing a
safe and sound credit union system.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by this system are (1) Current and former
directors, officers, employees, and volunteers of credit unions; (2)
Members of the public; and (3) NCUA employees and contractors.
CATEGORIES OF RECORDS IN THE SYSTEM:
Records in the system may contain contact information including
name, title, address, phone number, and email address.
RECORD SOURCE CATEGORIES:
The information in the system about credit union officials is
generally provided by credit unions for supervision and examination
activities. Other information may be from members of the public who
submit requests for information, subscriptions, inquiries, guidance,
and other assistance to the NCUA, and those who have registered for
NCUA events and responded to questionnaires, request forms, feedback
forms or surveys. NCUA employees and contractors may add or update
information to the system as part of their assigned duties to handle
such correspondence, or for credit union supervision and examination
activities. Whenever practicable, the NCUA collects information about
an individual directly from that individual.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, these records or information contained
therein may specifically be disclosed outside the NCUA as a routine use
pursuant to 5 U.S.C. 552a(b)(3) as follows:
1. NCUA's Standard Routine Uses apply to this system of records.
2. To appropriate agencies, entities, and persons for the purpose
of supervision, enforcement, training, or other outreach activities.
3. To an entity or person that is the subject of supervision or
enforcement activities including examinations, investigations,
administrative proceedings, and litigation, and the attorney or non-
attorney representative for that entity or person.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic records and backups are stored on secure servers,
approved by NCUA's Office of the Chief Information Officer (OCIO),
within a FedRAMP-authorized commercial Cloud Service Provider's (CSP)
Software-as-a-Service solution hosting environment and accessed only by
authorized personnel. No paper files are maintained.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records may be retrieved by any of the following: Name, address,
phone number, or email address.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records are maintained until they become inactive and, in
accordance with the General Records Retention Schedules issued by the
National Archives and Records Administration (NARA) or a NCUA records
disposition schedule approved by NARA.
ADMINISTRATIVE, TECHNICAL AND PHYSICAL SAFEGUARDS:
NCUA and the Cloud Service Provider have implemented the
appropriate administrative, technical, and physical controls in
accordance with the Federal Information Security Modernization Act of
2014, Public Law 113-283, S. 2521, and NCUA's information security
policies to protect the confidentiality, integrity, and availability of
the information system and the information contained therein. Access is
limited only to individuals authorized through NIST-compliant Identity,
Credential,
[[Page 33782]]
and Access Management policies and procedures. The records are
maintained behind a layered defensive posture consistent with all
applicable federal laws and regulations, including OMB Circular A-130
and NIST Special Publications 800-37.
RECORD ACCESS PROCEDURES:
Individuals wishing access to their records should submit a written
request to the Senior Agency Official for Privacy, NCUA, 1775 Duke
Street, Alexandria, VA 22314, and provide the following information:
1. Full name.
2. Any available information regarding the type of record involved.
3. The address to which the record information should be sent.
4. You must sign your request.
Attorneys or other persons acting on behalf of an individual must
provide written authorization from that individual for the
representative to act on their behalf. Individuals requesting access
must also comply with NCUA's Privacy Act regulations regarding
verification of identity and access to records (12 CFR 792.55).
CONTESTING RECORD PROCEDURES:
Individuals wishing to request an amendment to their records should
submit a written request to the Senior Agency Official for Privacy,
NCUA, 1775 Duke Street, Alexandria, VA 22314, and provide the following
information:
1. Full name.
2. Any available information regarding the type of record involved.
3. A statement specifying the changes to be made in the records and
the justification therefore.
4. The address to which the response should be sent.
5. You must sign your request.
Attorneys or other persons acting on behalf of an individual must
provide written authorization from that individual for the
representative to act on their behalf.
NOTIFICATION PROCEDURES:
Individuals wishing to learn whether this system of records
contains information about them should submit a written request to the
Senior Agency Official for Privacy, NCUA, 1775 Duke Street, Alexandria,
VA 22314, and provide the following information:
1. Full name.
2. Any available information regarding the type of record involved.
3. The address to which the record information should be sent.
4. You must sign your request.
Attorneys or other persons acting on behalf of an individual must
provide written authorization from that individual for the
representative to act on their behalf. Individuals requesting access
must also comply with NCUA's Privacy Act regulations regarding
verification of identity and access to records (12 CFR 792.55).
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
This is a new system.
[FR Doc. 2021-13599 Filed 6-24-21; 8:45 am]
BILLING CODE P
