[Federal Register Volume 65, Number 240 (Wednesday, December 13, 2000)]
[Notices]
[Pages 77953-77956]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 00-31655]
=======================================================================
-----------------------------------------------------------------------
SOCIAL SECURITY ADMINISTRATION
Privacy Act of 1974; Report of New System of Records and Routine
Uses
AGENCY: Social Security Administration.
ACTION: New system of records and routine uses.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act, 5 U.S.C. 552a(e)(4) and
(e)(11), we are issuing public notice of our intent to establish a new
system of records. The proposed system of records is entitled Records
of Individuals Authorized Entry into Secured Areas by Digital Lock
Systems, Electronic Key Card Systems or Other Electronic Access
Devices, SSA/RO 60-0270. The proposed system will maintain records on
individuals authorized to enter secured areas in SSA regional offices,
field offices, teleservice centers, program service centers, hearing
offices and satellite facilities. We invite public
[[Page 77954]]
comments on the proposed system and the routine uses.
DATES: We filed a report of the proposed system with the Chairman,
Committee on Government Reform and Oversight, House of Representatives,
the Chairman, Committee on Governmental Affairs, United States Senate,
and the Director, Office of Information and Regulatory Affairs, Office
of Management and Budget on December 4, 2000. We have requested OMB to
waive the 40-day advance notice period. If OMB does not waive the 40-
day advance period, we will not implement the proposed system until
January 15, 2001, unless we receive comments on or before that date
that would result in a contrary determination.
ADDRESSES: Interested individuals may comment on this publication by
writing to the SSA Privacy Officer, Social Security Administration, 3-
A-6 Operations Building, 6401 Security Boulevard, Baltimore, Maryland
21235. All comments received will be available at the above address for
public inspection and photocopying between 8 a.m. and 4:30 p.m., Monday
through Friday.
FOR FURTHER INFORMATION CONTACT: Ms. Cetta Ruzicka, Social Insurance
Policy Specialist, Office of Disclosure Policy, Social Security
Administration, 3-A-6 Operations Building, 6401 Security Boulevard,
Baltimore, Maryland 21235, Telephone (410) 965-1743.
SUPPLEMENTARY INFORMATION:
I. Purpose of the Proposed System
SSA is responsible for ensuring the safety of personnel and for
safeguarding government records and property in its facilities. Through
the use of digital lock systems, electronic key card systems or other
electronic access devices, SSA is able to monitor and control the
access to its facilities. The digital lock systems, electronic key card
systems and other electronic access devices have the capacity to
maintain entry and exit data, such as the name and/or personal
identification number (PIN) of the individual entering the secured
area, the location of the secured area, the date of the entry and the
time of the entry and exit. Data in the system is used for security
purposes and may be used in a disciplinary action.
II. Collection and Maintenance of Data in the Proposed System
SSA security personnel will assign a PIN to each individual who is
authorized to enter secured areas. For electronic key card systems, the
name of the individual and assigned PIN will be encoded on the key
card. Security personnel will maintain a computer file of the name of
the individual and the assigned PIN.
To enter secured areas, an individual manually enters his or her
PIN into the digital or electronic access device, or in the case of an
electronic key card system, the individual uses his or her key card to
facilitate entry. These systems maintain a record of the name and/or
PIN of the individual, the entry point, the date of the entry and the
time of the entry. Some digital lock systems and electronic lock system
are connected to computer systems that maintain the information in
computer files. Information will be retrieved by individuals' names
and/or PINs.
Only authorized SSA personnel will download and print information
from computer files, digital lock systems, electronic key card systems
or other electronic access devices. The information will be maintained
in file folders and disclosed to Agency personnel on a need-to-know
basis or to other individuals or entities consistent with the routine
uses below.
III. Proposed Routine Uses of Information in the System
We are proposing to establish routine uses of information that will
be maintained in the system as discussed below.
1. To disclose pertinent information to the appropriate Federal,
state or local agency responsible for investigating, prosecuting,
enforcing or implementing a statute, rule or regulation, or order when
the Agency becomes aware of an indication of a violation of civil or
criminal law or regulations pertaining to this system of records.
We contemplate disclosing information under this routine use to law
enforcement entities that are responsible for investigating alleged
violations of civil or criminal statutes or alleged violations of
Standards of Conduct governing Federal employees.
2. To a congressional office in response to an inquiry from that
office made at the request of the subject of the record.
We contemplate disclosing information under this routine use only
in situations in which an individual may ask his or her congressional
representative to intercede in an SSA matter on his or her behalf.
Information will be disclosed when the congressional representative
makes an inquiry and presents evidence that he or she is acting on
behalf of the individual whose record is requested.
3. To the Department of Justice (DOJ), a court or other tribunal
(including an adjudicative or administrative body, or other third-party
before such tribunal when:
(a) SSA, or any component thereof; or
(b) Any SSA employee in his/her official capacity; or
(c) Any SSA employee in his/her individual capacity where DOJ (or
SSA where it is authorized to do so) has agreed to represent the
employee; or
(d) The United States or any agency thereof where SSA determines
that the litigation is likely to affect the operations of SSA or any of
its components is a party to litigation or has an interest in such
litigation; and SSA determines that the use of such records by DOJ, the
court or other tribunal is relevant and necessary to the litigation.
We contemplate disclosing information under this routine use, as
necessary, to enable the Department of Justice to effectively defend
SSA, its components or employees. We contemplate disclosing information
under this routine use when SSA has an interest in litigation involving
the proposed systems of records and/or the records contained therein.
4. Nontax return information which is not restricted from
disclosure by federal law may be disclosed to the General Services
Administration (GSA) and the National Archives and Records
Administration (NARA) under 44 U.S.C. 2904 and 2906, as amended by NARA
Act of 1984, for the use of those agencies in conducting records
management studies.
The Administrator of GSA and the Archivist of NARA are charged by
44 U.S.C. 2904 with promulgating standards, procedures and guidelines
regarding records management and conducting records management studies.
Section 2906 of that law, also amended by the NARA Act of 1984,
provides that GSA and NARA are to have access to federal agencies'
records and that agencies are to cooperate with GSA and NARA. In
carrying out these responsibilities, it may be necessary for GSA and
NARA to have access to this proposed system of records. In such
instances, the routine use will facilitate disclosure.
IV. Compatibility of Proposed Routine Use
The Privacy Act (5 U.S.C. 552a(b)(3)) and our disclosure
regulations (20 CFR Part 401) permit us to disclose information under a
published routine use for a purpose which is compatible with the
purpose for which we collected the information. Section 401.150(c) of
the regulations permits us to disclose information under a routine use
where necessary to assist in carrying out SSA
[[Page 77955]]
programs. Section 401.120 of the regulations provides that we will
disclose information when a law specifically requires the disclosure.
The proposed routine uses numbered 1-3 above will ensure efficient
administration of Social Security programs; the disclosures that would
be made under routine use number 4 is required by Federal law. Thus,
all of the routine uses are appropriate and meet the relevant statutory
and regulatory criteria.
V. Records Storage Medium and Safeguards
We will maintain information in digital lock systems, electronic
key card systems, or other electronic access devices, computer memory
(including floppy diskettes) and paper form. Only SSA security
personnel who have a need for the information in the performance of
their official duties will be permitted to retrieve information.
VI. Effect of the System on Individuals
The proposed system will maintain information that could lead to
administrative, civil or criminal action. This action would occur only
after an investigation. Individuals will be afforded all appropriate
due process and appeal rights. Thus, we do not anticipate that the
proposed system will have any unwarranted adverse effect on the privacy
of individuals.
Dated: December 4, 2000.
Kenneth S. Apfel,
Commissioner of Social Security.
Social Security Administration Notice of System of Records Required
by the Privacy Act of 1974
System number: SSA, RO-60-0270.
System name: Records of Individuals Authorized Entry into Secured
Areas by Digital Lock Systems, Electronic Key Card Systems or Other
Electronic Access Devices, SSA.
Security classification: None.
System Location: Social Security Administration, Offices of the
Regional Commissioners.
Categories of individuals covered by the system: Those individuals
who are authorized entry into secured areas in regional offices, field
offices, teleservice centers, program service centers, hearings offices
and satellite facilities.
Categories of records in the system: This system of records
contains the name and/or personal identifying number(s) for each
individual who is authorized to enter secured areas in regional
offices, field offices, teleservice centers, program service centers,
hearing offices and satellite facilities. The system also contains the
entry point, the date of entry and the time of entry.
Authority for maintenance of the system: 42 U.S.C. 902 and 1302;
5 U.S.C. 552a(e)(10); 41 CFR 101-20.302.
Purpose(s): The principal purpose is to maintain a record of
individuals who entered secured areas in the Social Security
Administration's facilities and to ensure the security of personnel and
property. The system of record may also be used in a disciplinary
action.
Routine uses of records maintained by the system, including
categories of users and the purposes of such uses: Disclosure may be
made for routine uses as indicated below:
1. To disclose pertinent information to the appropriate Federal,
state or local agency responsible for investigating, prosecuting,
enforcing or implementing a statute, rule or regulation, or order when
the Agency becomes aware of an indication of a violation of civil or
criminal law or regulations pertaining to this system of records.
2. To a congressional office in response to an inquiry from that
office made at the request of the subject of the record.
3. To the Department of Justice (DOJ), a court or other tribunal,
(including an adjudicative or administrative body) or other third-party
before such tribunal when:
(a) SSA, or any component thereof; or
(b) Any SSA employee in his/her official capacity; or
(c) Any SSA employee in his/her individual capacity where DOJ (or
SSA where it is authorized to do so) has agreed to represent the
employee; or
(d) The United States or any agency thereof where SSA determines
that the litigation is likely to affect the operations of SSA or any of
its components is a party to litigation or has an interest in such
litigation: and SSA determines that the use of such records by DOJ, the
court or other tribunal is relevant and necessary to the litigation.
4. Nontax return information which is not restricted from
disclosure by federal law may be disclosed to the General Services
(GSA) and the National Archives and Records Administration (NARA) under
44 U.S.C. 2904 and 2906, as amended by NARA Act of 1984, for the use of
those agencies in conducting records management studies.
Policies and Practices for Storing, Retrieving, Accessing, Retaining
and Disposing of Records in the System
Storage: Records in this system are stored in the digital lock
systems, electronic key card systems, other electronic access devices,
computer memory (including floppy diskettes) and paper form.
Retrievability: Records in this system may be retrieved by name of
the individual, by assigned personal identifying number(s), by date, by
time period, and by entry point.
Safeguards: Only authorized SSA personnel have access to this
system of records. Employees who are authorized to retrieve records
will be assigned a personal identification number (PIN) and passwords.
The information will be processed in a manner that will protect
confidentiality and in such a way that unauthorized individuals cannot
retrieve it by means of computer, remote terminal or other means. The
paper records that result from the digital lock or other electronic
access systems are kept in locked cabinets or in otherwise secure
areas. All SSA employees, including contractor personnel, having access
to data in the system of records are required to adhere to SSA rules
concerning safeguards, access, and use of the data. They also are
informed of the criminal penalties of the Privacy Act for unauthorized
access to or disclosure of information maintained in this system of
records.
Retention and disposal: SSA retains records in this system up to 3
years following the expiration of an individual's authority to enter
into secured areas. SSA destroys a paper record by shredding and a non-
paper record by deleting-wiping it from the digital, magnetic and/or
computer memory.
System manager(s) and address: The systems manager will be the
Regional Security Officer (or his/her designee) in those Regions where
SSA purchases digital lock systems, electronic key card systems or
other electronic access devices.
Region I--Boston: Social Security Administration, Regional Security
Officer, Room 1975, JFK Federal Building, Boston, Massachusetts 02203-
1101, Telephone: (617) 565-2852.
Region II--New York: Social Security Administration, Regional
Security Officer, 26 Federal Plaza, Room 4011, New York, New York
10278, Telephone: (212) 264-1716.
Region III--Philadelphia: Social Security Administration, P.O. Box
8788, Philadelphia, Pennsylvania 19101, Telephone: (215) 597-8531.
Region IV--Atlanta: Social Security Administration, Atlanta
Regional Security Office, Security and Integrity Team, P.O. Box 10085,
Birmingham, Alabama 35202, Telephone: (205) 801-1300.
[[Page 77956]]
Region V--Chicago: Social Security Administration, Center for
Material Resources, Security and Integrity Section, Box 87479, Chicago,
Illinois 60680, Telephone: (312) 353-1224.
Region VI--Dallas: Social Security Administration, MB-1 Room 1400,
Management and Budget, ATTN: RSO, 1200 Main Tower Building, Suite M110
Dallas, Texas 75202-4324, Telephone: (214) 767-4331.
Region VII--Kansas City: Social Security Administration, MAMPSC,
SIS, 601 East Twelfth Street, P.O. Box 15625, Kansas City, Missouri
64106, Telephone: (816) 426-3095.
Region VIII--Denver: Social Security Administration /M&B/BFS, Attn:
Regional Security Office, 1961 Stout Street, Room 325, Denver, Colorado
80294-3538, Telephone: (303) 844-3347.
Region IX--San Francisco: Social Security Administration, FHFB,
Field Facilities Team, P.O. Box 4205, Richmond, California 98402,
Telephone: (510) 970-8340.
Region X--Seattle: Social Security Administration, Security and
Integrity Team, Suite 2900, M/S-291B, 701 Fifth Avenue, Seattle,
Washington 98104-7006, Telephone: (206) 615-2150.
Notification procedure: An individual may determine if this system
contains a record about him or her by writing to the systems manager.
When requesting notification, the individual should provide his or her
name and/or personal identifying number(s) and refer to this system.
Record access procedures: Same as notification procedures.
Requestors should also reasonably specify the contents of the record
being sought.
Contesting record procedures: Same as notification procedures.
Requestors should also reasonably: identify the particular record;
specify whether he/she is seeking an addition to or a deletion or
substitution of the record; and state his/her reason(s) for requesting
corrective action or amendment to the record (e.g., why it is not
accurate, timely, complete, relevant or necessary).
Record source categories: SSA obtains information in this system
from the individuals who are covered by the system or the security
personnel.
Systems exempted from certain provisions of the Privacy Act: None.
[FR Doc. 00-31655 Filed 12-12-00; 8:45 am]
BILLING CODE 4190-11-P