SUPPLEMENTARY INFORMATION:

In accordance with the requirements of the Privacy Act of 1974, OPM proposes to establish a new OPM system of records titled, “OPM/Internal—29, Federal Register Comments.” This system of records supports OPM's public notice and comment process.

When OPM publishes a rulemaking, guidance, or notice document in the Federal Register , anyone can visit Regulations.gov ( https://www.regulations.gov) to access that document and submit a public comment. Commenters may choose to respond anonymously or provide personal identifiers.

The comments and identifying information submitted on Regulations.gov are maintained in the Federal Docket Management System (FDMS), a government-wide platform. Although the General Services Administration eRulemaking Program Office manages Regulations.gov and FDMS, each Federal agency manages its own dockets and public comments within FDMS.

OPM uses FDMS to search, review, organize, analyze, and download the comments, and address them, as appropriate, when finalizing their publications. This system of records will enable OPM to identify individuals who submitted a public comment in response to a request for comments on an OPM document published in the Federal Register . If the commenter provided identifying information, OPM may use that information to ask the commenter to clarify their comment, as appropriate, or for other needs connected to the notice and comment process.

In accordance with 5 U.S.C. 552a(r), OPM has provided a report of this new system of records to the Office of Management and Budget and to Congress. This new system of records will be included in OPM's inventory of record systems.

SYSTEM NAME AND NUMBER:

Office of Personnel Management, OPM/Internal—29, Federal Register Comments.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Office of the Executive Secretariat, Privacy, and Information Management, U.S. Office of Personnel Management, 1900 E Street NW, Washington, DC 20415-0001 and General Services Administration, National Computer Center, 3799 Hopson Road, Research Triangle Park, North Carolina 27709.

SYSTEM MANAGER(S):

Federal Register Liaison, Office of the Executive Secretariat, Privacy, and Information Management, U.S. Office of Personnel Management, 1900 E Street NW, Washington, DC 20415-0001.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Section 206(d) of the E-Government Act of 2002 (Pub. L. 107-347, 44 U.S.C. ( print page 6031) 3501 note); 5 U.S.C. 301, Departmental regulations; 5 U.S.C. 552a, Records maintained on individuals; 5 U.S.C. 553, Rule making; 6 U.S.C. 101, Definitions; 44 U.S.C. chapter 35 subchapter 1, Federal Information Policy; and 5 CFR part 1320, Controlling Paperwork Burdens on the Public.

PURPOSE(S) OF THE SYSTEM:

This system of records will enable OPM to identify individuals who submitted a public comment (a comment and/or supplementary materials provided to OPM in response to an OPM publication in the Federal Register ) in response to a request for comments to an OPM document published in the Federal Register . If the commenter provided identifying information, OPM may use that information to ask the commenter to clarify their comment, as appropriate, or for other needs connected to the notice and comment process.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals who provided personal identifiers when submitting a public comment.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records may include the commenter's name, personal contact information, business contact information, and public comment. Records may also include a comment tracking number, document title, keywords, document identification number, Code of Federal Regulation (CFR) title, CFR citation, document type, document sub type, date posted, and comment period end date.

RECORD SOURCE CATEGORIES:

Individuals who submitted a public comment.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, the records or information contained in this system may be disclosed outside OPM as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

a. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body, when OPM or another agency representing OPM determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.

b. To the Department of Justice when (a) OPM, or any component thereof; (b) any OPM employee in their official capacity; (c) any OPM employee in their individual capacity where the Department of Justice has agreed to represent the employee; or (d) the United States, where OPM determines that litigation is likely to affect OPM or any of its components, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice is deemed by OPM to be relevant and necessary to the litigation.

c. Where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law—criminal, civil, or regulatory in nature—the relevant records may be referred to the appropriate Federal, State, local, territorial, Tribal, or foreign law enforcement authority or other appropriate entity charged with the responsibility for investigating or prosecuting such violation or charged with enforcing or implementing such law.

d. To a member of Congress or staff acting upon the member's behalf, when the member or staff requests the information on behalf of, and at the request of, the individual to whom the record pertains.

e. To the National Archives and Records Administration (NARA) for records management inspections conducted under the authority of 44 U.S.C. 2904 and 2906.

f. To appropriate agencies, entities, and persons when (1) OPM suspects or has confirmed that there has been a breach of the system of records, (2) OPM has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, OPM (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with OPM's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

g. To another Federal agency or Federal entity, when OPM determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

h. To contractors, grantees, experts, consultants, or volunteers performing or working on a contract, service, grant, cooperative agreement, or other assignment for OPM to the extent necessary to accomplish an agency function related to this system of records.

i. To the General Services Administration to operate the eRulemaking system.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

All comments are maintained electronically by the General Services Administration in the Federal Docket Management System (FDMS). Comments are also extracted and stored electronically at OPM for further analysis.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records may be retrieved by the commenter's name, keywords, document identification number, comment tracking number, document title, CFR title, CFR citation, document type, document sub type, date posted, and comment period end date.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Comments on rulemakings are retained permanently in accordance with OPM's NARA approved record schedule DAA-0478-2017-0002-0001. Comments on SORNs are retained for 2 years after supersession by a revised SORN or after system ceases operation in accordance with GRS 4.2, item 150. Records of notices of announcements and other matters not codified in the Code of Federal Regulations are retained for 1 year unless needed longer for a required business use.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

The General Services Administration information technology system that hosts Regulations.gov and FDMS is in a facility protected by physical walls, security guards, and requiring identification badges. Rooms housing the system infrastructure are locked, as are the individual server racks. All security controls are reviewed on a periodic basis by external assessors. The controls themselves include measures for access control, security awareness training, audits, configuration management, contingency planning, incident response, and maintenance.

Several administrative, technical, and physical security measures implemented by OPM also protect the records stored by OPM from unauthorized access and misuse. These ( print page 6032) measures comply with the Federal Information Security Modernization Act of 2002, as amended by the Federal Information Security Modernization Act of 2014, OMB policies, and standards and guidance from the National Institute of Standards and Technology (NIST).

RECORD ACCESS PROCEDURES:

Individuals seeking access to their records in this system may email their request to foia@opm.gov or mail their request to the Office of Personnel Management, Office of the Executive Secretariat, Privacy, and Information Management—FOIA, 1900 E Street NW, OESPIM/FOIA Room 5H35, Washington, DC 20415-0001. The email or letter should:

1. Include the words “Privacy Act Records Access Request”,

2. State that the request relates to OPM/Internal—29, Federal Register Comments, and

3. Clearly describe the information requested.

The letter or email must also include the individual's:

1. Full name, and any former names,

2. Date of birth,

3. Preference for how they want to be contacted (home address, telephone number, and/or personal email), and

4. Signature.

Additional requirements regarding record access requests, including the rights of guardians and how records may be provided, may be found in 5 CFR part 297, Privacy Procedures for Personnel Records.

CONTESTING RECORD PROCEDURES:

Individuals wishing to request an amendment of records about them may email their request to foia@opm.gov or mail their request to the Office of Personnel Management, Office of the Executive Secretariat, Privacy, and Information Management—FOIA, 1900 E Street NW, OESPIM/FOIA Room 5H35, Washington, DC 20415-0001. The email or letter should:

1. Include the words “Privacy Act Amendment Request”,

2. State that the request relates to OPM/Internal—29, Federal Register Comments,

3. Clearly describe the records the individual wants to amend and why, and

4. Include any documents which could help substantiate the request.

The letter or email must also include the individual's:

1. Full name, and any former names,

2. Date of birth,

3. Preference for how they want to be contacted (home address, telephone number, and/or personal email), and

4. Signature.

Additional requirements regarding record access requests, including the rights of guardians and how records may be provided, may be found in 5 CFR part 297, Privacy Procedures for Personnel Records.

NOTIFICATION PROCEDURES:

See “Record Access Procedures.”

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None.