Privacy Act; Systems of Records

Federal Register: April 24, 2008 (Volume 73, Number 80)

Notices

Page 22125-22127

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

DOCID:fr24ap08-17

Notices

Federal Register

This section of the FEDERAL REGISTER contains documents other than rules or proposed rules that are applicable to the public. Notices of hearings and investigations, committee meetings, agency decisions and rulings, delegations of authority, filing of petitions and applications and agency statements of organization and functions are examples of documents appearing in this section.

Page 22125

DEPARTMENT OF AGRICULTURE

Office of the Secretary

Privacy Act of 1974; Report of a System of Records

AGENCY: Office of the Secretary, Department of Agriculture (USDA).

ACTION: Notice of Privacy Act System of Records.

SUMMARY: In accordance with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a, the Department of Agriculture gives notice of a proposed system of records entitled Integrated Acquisition

System (IAS).

DATES: Comments must be received no later than May 27, 2008. This system of records will be effective June 3, 2008 unless USDA receives comments which would result in a contrary determination.

ADDRESSES: Comments should be sent to Ruby Harvey, Division Chief, DA/

OPPM-PSD, USDA, 300 7th Street, SW., Room 262, Washington, DC 20024,

(202) 401-1023. Comments will be available for inspection and copying in the USDA Freedom of Information Reading Room, Room 1141, USDA South

Building, 1400 Independence Avenue, SW., Washington, DC 20250-9883.

Normal Reading Room hours are from 8 a.m. to 4:30 p.m., Monday through

Friday, except holidays. Please call (202) 690-2817 to ensure that assistance will be available in the Reading Room.

FOR FURTHER INFORMATION CONTACT: Ruby Harvey, Division Chief, DA/OPPM-

PSD, USDA, 300 7th Street, SW., Room 262, Washington, DC 20024, (202) 401-1023.

SUPPLEMENTARY INFORMATION: Pursuant to the Executive Order 12931,

Federal Procurement Reform, which directed effective and efficient spending of public funds through fundamental reforms in Government procurement, USDA has developed and implemented a new system of records designated as the USDA Integrated Acquisition System (IAS). The Office of Procurement and Property Management, a component of the Departmental

Administration staff office, will maintain IAS. IAS will allow USDA to better serve the public through a USDA-wide accounting and procurement system that conforms to generally accepted accounting standards and business best practices and ensures financial and procurement integrity.

USDA takes this action pursuant to the Federal Acquisition

Streamlining Act of 1994 (Pub. L. 103-355), the Government Paperwork

Elimination Act (GPEA), Pub. L. 105-277, Div. C., Title XVII, 1701 to 1710, principally classified as a note under 44 U.S.C. 3504; Sec. 101; 15 U.S.C. 7001 et seq., and the EGovernment Act of 2002, Pub. L. 107- 347, 44 U.S.C. 3541, et seq. These statutory authorities mandate standards and goals for acquisition reform, efficiency and effectiveness.

Prior to the implementation of IAS, the various USDA component agencies performed acquisition activities using multiple, disparate systems which were not connected. These systems included: Purchase

Order System, Agriculture Contract Automation System, Procurement

Request Information System, Comprizon.buy, XPDite, Pontius, FARA,

Logistics Management System, Contract Administration Reporting System and Procurement Reporting System. With the implementation of the IAS, the aforementioned disparate acquisition systems were merged into an enterprise system, which serves all of the USDA mission areas namely:

Farm and Foreign Agricultural Services; Food, Nutrition and Consumer

Services; Food Safety; Marketing and Regulatory Programs; Natural

Resources and Environment; Research, Education and Economics; and,

Rural Development.

Date: April 17, 2008.

Edward T. Schafer,

Secretary.

USDA/DA-01

SYSTEM NAME:

USDA Integrated Acquisition System, USDA/DA-01.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

This is a USDA Web-based system hosted at geographically dispersed locations and is available for access by authorized USDA personnel.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

These records include information about contractors of the United

States Department of Agriculture, including their employees and subcontractors, and the officials of both.

CATEGORIES OF RECORDS IN THE SYSTEM:

The records in this system include all information incident to and developed in the acquisition process including, but not limited to, solicitations and statements of work; contractor bids, quotes, and proposals; awards; and other documents relevant to particular acquisitions. In order to facilitate payment to the contractor, the system includes contractor and subcontractor names, names and tax identification or Social Security numbers of their employees and officials; and other potentially personally identifiable information related to contractor and subcontractor employees and officials.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Federal Property and Administrative Services Act, as amended, 41

U.S.C. 251, et seq.; Competition in Contracting Act, Pub. L. 98-369;

The Federal Acquisition Streamlining Act of 1994, Pub. L. 103-355;

Clinger-Cohen Act of 1996, Pub. L. 104-106. The E-Government Act of 2002, 44 U.S.C. 3541, et seq., the Government Paperwork Elimination Act

(GPEA), Pub. L. 105-277, 5 U.S.C. 3504 note; the Paperwork Reduction

Act, 44 U.S.C. 3501 to 3520.

AGENCY OFFICIAL RESPONSIBLE FOR SYSTEM OF RECORDS:

Senior Chief Procurement Officer, U.S. Department of Agriculture, 1400 Independence Ave., SW., Washington, DC 20250.

PURPOSE:

The purpose of this system of records is to record and store the information and documentation incident to and developed in the acquisition process at USDA.

Page 22126

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES

OF USERS AND PURPOSES OF SUCH USES:

Records in this system may be disclosed as follows:

(1) Records in this system may be disclosed to the Department of

Justice when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity where the

Department of Justice has agreed to represent the employee; or (d) the

United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records by the Department of Justice is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.

(2) Records in this system may be disclosed to a court or adjudicative body in a proceeding when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity; or (c) any employee of the agency in his or her individual capacity where the agency has agreed to represent the employee; or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.

(3) Records in this system may be disclosed when a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate agency, whether Federal, foreign, State, local, or tribal, or other public authority responsible for enforcing, investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, or prosecutive responsibility of the receiving entity.

(4) Records in this system may be disclosed to a Member of Congress or to a congressional staff member in response to an inquiry of the congressional office made at the written request of the constituent about whom the record is maintained.

(5) Records in this system may be disclosed to the National

Archives and Records Administration or to the General Services

Administration for records management inspections conducted under 44

U.S.C. 2904 and 2906.

(6) Records in this system may be disclosed to agency employees, contractors, grantees, experts, consultants, or volunteers who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).

(7) The name and current address of record of an individual may be disclosed from this system of records to the parent locator service of the Department of Health and Human Services authorized persons defined by Public Law 93-647. 42 U.S.C. 653.

(8) Records in this system may be disclosed to Federal, State, local or foreign agency maintaining civil, criminal, or other relevant enforcement records, or other pertinent records, or to another public authority or professional organization, if necessary to obtain information relevant to an investigation concerning the retention of an employee or other personnel action (other than hiring), the retention of a security clearance, the letting of a contract, or the issuance or retention of a grant, or other benefit.

(9) Records in this system may be disclosed to a Federal, State, local, foreign, or tribal or other public authority the fact that this system of records contains information relevant to the retention of an employee, the retention of a security clearance, the letting of a contract, or the issuance or retention of a license, grant, or other benefit. The other agency or licensing organization may then make a request supported by the written consent of the individual for the entire record if it so chooses. No disclosure will be made unless the information has been determined to be sufficiently reliable to support a referral to another office within the agency or to another Federal agency for criminal, civil, administrative, personnel, or regulatory action.

(10) Records in this system may be disclosed to appropriate agencies, entities, and persons when (i) USDA suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (ii) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and (iii) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

(11) Records in this system may be disclosed to the Office of

Government Ethics when the records are relevant and necessary to resolving any conflict of interest, conduct, financial statement reporting, or other ethics matter within the jurisdiction of that office.

(12) USDA will disclose information about individuals from this system of records in accordance with the Federal Funding Accountability and Transparency Act of 2006 (Pub. L. 109-282; codified at 31 U.S.C. 6101 note); section 204 of the E-Government Act of 2002 (Pub. L. 107- 347; 44 U.S.C. 3501 note), and the Office of Federal Procurement Policy

Act (41 U.S.C. 403, et seq.), or similar statutes requiring agencies to make available public information concerning Federal financial assistance, including grants, subgrants, loan awards, cooperative agreements, and other financial assistance; and contracts, subcontracts, purchase orders, task orders, and delivery orders.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:

These records, or information derived from these records, may be disclosed to a consumer reporting agency pursuant to 5 U.S.C. 552a(12) and in accordance with 31 U.S.C. 3711(e).

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING

AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained electronically on magnetic backup tapes and in an electronic database.

RETRIEVAL:

Data is retrieved by employee or contractor name, tax identification number, or Social Security number.

SAFEGUARDS:

Only authorized USDA procurement personnel will have access to these

Page 22127

records. IAS has been categorized as a moderate impact system as identified in Federal Information Processing Standard (FIPS) 199. The security controls implemented within IAS will correspond with those published in the National Institute of Standards and Technology Special

Publication 800-53, Recommended Security Controls for Federal

Information Technology Systems (Revision 1) for a moderate impact system. Users are granted system access only upon successful completion of security training and each user is supplied with a unique and strong user-id and password. The user roles and access are restrictive and based on the principle of least privilege allowing for adequate performing of job functions and access to information based on a need to know. Due to the financial nature of IAS, the system also adheres to the security controls identified in the Federal Information Security

Control Audit Manual (FISCAM). The mandatory requirements of FIPS 199 and FIPS 200 support the Federal Information Security Management Act and the FISCAM supports the mandated OMB Circular A-123, Management of

Internal Controls. Moreover, system users and managers observe specific

USDA security requirements set forth in the USDA Cyber Security Manuals including but not limited to: USDA Departmental Manual (DM) 3545-000

Personnel Security, and DM 3510-001 Physical Security Standards for

Information Technology Restricted Space.

RETENTION AND DISPOSAL:

IAS records are retained and disposed of in accordance with General

Records Schedule 3--Procurement, Supply and Grant Records; and General

Records Schedule 24--Information Technology Operations and Management

Records; as appropriate.

SYSTEM MANAGER(S) AND ADDRESS:

Division Chief, DA/OPPM-PSD, 300 7th Street, SW., Room 262,

Washington, DC 20024, (202) 401-1023.

NOTIFICATION PROCEDURE:

Direct inquiries as to whether this system contains a record pertaining to an individual to the Privacy Act Officer, Departmental

Administration, 1400 Independence Avenue, SW., Washington, DC 20250- 9883.

RECORDS ACCESS PROCEDURES:

Direct access to a record pertaining to an individual should be directed to the Privacy Act Officer, Departmental Administration, 1400

Independence Avenue, SW., Washington, DC 20250-9883.

CONTESTING RECORDS PROCEDURES:

Contesting a record pertaining to an individual should be directed to the Privacy Act Officer, Departmental Administration, 1400

Independence Avenue, SW., Washington, DC 20250-9883.

RECORDS SOURCE CATEGORIES:

Employee name, contractor name, home address, contractor office phone number, contractor address, tax identification number and social security number are derived from a system account application.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.

FR Doc. E8-8917 Filed 4-23-08; 8:45 am

BILLING CODE 3410-93-P