AGENCY:

Agency for International for Development (USAID).

ACTION:

Notice of new privacy act system of records.

SUMMARY:

The United States Agency for International Development (USAID) proposes to establish a new Agency-wide system of records entitled, Employee Assistance Program (EAP) Records. The purpose of publishing this Agency-wide notice is to meet federal requirements and promote consistent maintenance of USAID EAP records. EAP is a voluntary program, administered by USAID's Staff Care Wellness Program, designed to assist EAP clients in obtaining help with a wide range of personal and work-related issues or concerns that may affect job performance and their overall physical and mental fitness.

DATES:

Submit comments on or before 3 February 2022. This modified system of records will be effective 3 February 2022 upon publication. The Routine Uses are effective at the close of the comment period.

ADDRESSES:

You may submit comments:

Electronic

• Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions on the website for submitting comments.

• Email: Privacy@usaid.gov.

Paper

• Fax: 202-916-4946.

• Mail: Chief Privacy Officer, United States Agency for International Development, 1300 Pennsylvania Avenue NW, Washington, DC 20523.

FOR FURTHER INFORMATION CONTACT:

Ms. Celida A. Malone, USAID Privacy Program at United States Agency for International Development, Bureau for Management, Office of the Chief Information Officer, Information Assurance Division: ATTN: USAID Privacy Program, 1300 Pennsylvania Avenue NW, Washington, DC 20523, or by phone number at 202-916-4605.

SUPPLEMENTARY INFORMATION:

USAID is establishing this new system of records notice to document the records collected and maintained by staff of the USAID EAP program concerning EAP clients, and to allow for the tracking of the EAP client's progress and participation in the EAP or EAP-related community programs. EAP is a voluntary program designed to assist EAP clients in obtaining help with a wide range of personal- and work-related issues or concerns that may affect job performance and their overall physical and mental fitness.

SYSTEM NAME AND NUMBER:

USAID-35 Employee Assistance Program (EAP) Records.

SECURITY CLASSIFICATION:

Sensitive but Unclassified.

SYSTEM LOCATION:

Harting EAP Corporate Office, 4972 Benchmark Centre Drive Suite 200, Swansea, IL 62226.

SYSTEM MANAGER(S):

Supervisory Social Worker, Staff Care Center, Office of Human Capital and Talent Management, United States Agency for International Development, Ronald Reagan Building, 1300 Pennsylvania Avenue NW, Washington, DC 20523. Email: staffcarecenter@usaid.gov.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Title 5 United States Code (U.S.C.) Section (§ ) 7901—Health Service Programs, and Public Law 79-658; 42 U.S.C. 290dd-1, 290ee-1; 42 U.S.C. 290dd-2; 5 U.S.C. 7361 and 7362, The Federal Employee Substance Abuse Education and Treatment Act of 1986, and Title 5 Code of Federal Regulations (CFR) Part 792; Public Laws 96-180 and 96-181; Public Law 79-658; Executive Order 12564; 44 U.S.C. 3101; 5 CFR part 792, Federal Employees' Health, Counseling, and Work/Life Programs, Subpart A42; CFR part 2, Confidentiality of Substance Use Disorder Patient Records; Public Law 100-71, 101 Stat. 4711, as amended, Program Supplementals; Public Laws 96-180 and 96-181.

Diverse laws and policies require USAID to maintain the confidentiality of an employee, to the extent permitted by law. These include:

• 42 CFR part 2
• The Privacy Act of 1974
• State laws, especially those covering child and elder abuse reporting
• Professional association standards and codes of ethics.

PURPOSE(S) OF THE SYSTEM:

This system will maintain information collected and/or generated for the provision of services by USAID Staff Care. USAID Staff Care promotes a range of programs, services, and resources designed to bolster the resilience, wellness, and work-life balance of USAID's workforce and their family members. The information contained in this system will be used to monitor the EAP client's progress and participation in the EAP or EAP-related community programs (such as support groups, Alcoholics Anonymous, etc.). EAP is a voluntary program that provides cost-free and confidential assessment, short-term counseling, referral, and follow-up services to its clients who experience personal and/or work-related challenges that may affect attendance, work performance, and/or conduct.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

USAID employees and their eligible family members, who seek and/or receive assistance through, or are referred by their supervisors or other Agency officials for assistance through the EAP.

CATEGORIES OF RECORDS IN THE SYSTEM:

This system contains records on USAID Staff Care clients. Records may contain the following information:

• Client Contact Information, including: Name, Employee Identification Numbers, Job Title/Series, Grade, Home/Work Address, Home/Work Telephone Number, and Emergency Contact of EAP Clients.
• Client Sociodemographic Information, including: Date of Birth, Race, Gender, Sexual Orientation, Marital Status, Relationship of Family Member to USAID employee.

• Employment information, including: Employment history, records Start Printed Page 3068 related to work performance or conduct issues, such as records of referrals, leave usage, supervisory/organizational interventions.

• Treatment Records, including: Counselor Intake forms, consultation notes, treatment plans, treatment recommendations, referrals to third-party service providers. Referrals may include those to community-based resources, treatment facilities and/or organizations that provide legal, financial, or other assistance not related to mental health or general medical services. Where clinical referrals have been made, records may include relevant information related to counseling, diagnosis(es), prognosis(es), treatment, and evaluation, along with follow-up data that may be generated by the community program providing the relevant services. Written consent forms are used to permit the disclosure of information outside the EAP.
• Records related to Substance Abuse Testing and Treatment, including: drug and alcohol test results, evaluations, treatment and rehabilitation plans, records of referrals and other information that may be generated by USAID's Drug-Free Workplace Program or treatment facilities from which the EAP client may be receiving treatment.
• Service Provider Information, including: Account Number, Contractor Billing Information, Insurance Information and Government Payments Note 1: Listed below are other types of records that contain information about employee health and fitness, which are not covered by this system of records. Such records are covered by a government-wide system of records (OPM/GOVT-10), which is managed by the U.S. Office of Personnel Management. Records covered by OPM/GOVT-10 include:
• Medical records, forms, and reports completed or obtained when an individual applies for a Federal job and is subsequently employed
• Medical records, forms, and reports completed during employment as a condition of employment, either by the USAID or by another State or local government entity, or a privacy sector entity under contract to USAID
• Records pertaining to and resulting from drug screening for use of illegal drugs under Executive Order 12564
• Reports of on-the-job injuries and medical records, forms, and reports generated as a result of the filing of a claim for Workers Compensation.

RECORD SOURCE CATEGORIES:

Information contained in this system is obtained from:

• The individual to whom the information pertains
• The individual's supervisors or coworkers
• Medical staff who have examined, tested, or treated the individual
• Laboratory reports and test results
• Employee's bargaining unit
• Other external sources who provide relevant information to facilitate the provision of services by the EAP contractor.

In the case of drug abuse counseling, records may also be generated by those administering USAID's Drug-Free Workplace Program.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

The confidentiality of services provided through EAP is strictly maintained. In addition to those disclosures generally permitted under 5 U.S.C. 552a(b), relevant records or information in this system may be disclosed without the EAP client consent as follows:

(a) To law enforcement officers to report information directly related to an EAP client's commission of a crime on the premises of the EAP program or against EAP program personnel or a threat to commit such a crime, provided that the disclosure is limited to the circumstances of the incident, including the client status of the individual committing or threatening to commit the crime, that individual's name and address, and that individual's last known whereabouts.

(b) To appropriate State or local authorities to report, where required under State law, incidents of suspected child, elder, or domestic abuse or neglect.

(c) To any person or entity to the extent necessary to prevent an imminent crime which directly threatens loss of life or serious bodily injury.

(d) To an authorized designee who is responsible for the care of an EAP client when the EAP client to whom the records pertain is mentally incompetent or under legal disability.

(e) To contractors or authorized EAP community health care providers that provide counseling and other services through referrals from the EAP staff to the extent that it is appropriate, relevant, and necessary to enable the contractor or provider to perform his or her evaluation, counseling, treatment, and rehabilitation responsibilities.

(f) To contractors and their agents, grantees, experts, consultants, and others ( e.g., providers contracted to provide Staff Care services to USAID employees and their family members) performing or working on a contract, service, grant, cooperative agreement, or other assignment for USAID, when necessary to accomplish an Agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to USAID officers and employees.

(g) To Medical or Emergency Response Personnel to the extent necessary to meet a bona fide medical emergency.

(h) To a Federal, State or local agency, professional licensing authority, or other appropriate entities as required to ensure the professional responsibility requirements are met by EAP employees.

(i) To a court, magistrate, or other administrative body in the course of presenting evidence, including disclosures to counsel or witnesses in the course of civil discovery, litigation, or settlement negotiations or in connection with criminal or administrative proceedings, when the USAID is a party to the proceeding or has a significant interest in the proceeding, to the extent that the information is determined to be relevant and necessary.

(j) To appropriate agencies, entities, and persons when: (1) USAID suspects or has confirmed that there has been a breach of the system of records; (2) USAID has determined that as a result of the suspected or confirmed breach, there is a risk of harm to individuals (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with USAID's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

(k) To another federal agency or federal entity, when USAID determines that the information from the system of records is reasonably necessary to assist the recipient agency or entity in: (1) Responding to a suspected or confirmed breach; or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, that might result from a suspected or confirmed breach.

(l) To the National Archives and Records Administration (NARA) for the purposes of records management inspections conducted under the Start Printed Page 3069 authority of Sections 2904 and 2906 of Title 44 of the U.S.C. and in its role as Archivist.

Note 2: To the extent that disclosure of substance abuse patient records is more restricted than disclosure of other EAP records, the EAP staff will follow such restrictions. See 42 U.S.C. 290dd-2; 42 CFR part 2. Similarly, nothing in these routine uses should be construed as authorizing a disclosure which is prohibited under State law; nor may any State law either authorize or compel any disclosure of substance abuse patient records not encompassed by this Notice and governing EAP regulations. (See 42 CFR 2.20.)

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

USAID stores records in this system in electronic format and paper format. Records in paper format are stored in file folders in locked cabinets. Records in electronic format are kept in a user-authenticated and password-protected computerized database system.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

USAID EAP staff indexes and retrieves records by the name of the EAP client or by an identifying case number that is cross-indexed to the EAP client's name.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

USAID follows NARA-approved records retention schedule. EAP records, regardless of the storage medium and whether or not an employee has terminated employment with the Agency, are retained during their useful life in accordance with General Records Schedule 2.7, Employee Health and Safety Records.

• Records not related to performance or conduct. These records are destroyed seven (7) years after termination of counseling for adults, or three (3) years after a minor reaches the age of majority, or when the State-specific statute of limitations has expired for contract providers subject to State requirements.
• Records related to employee performance or conduct. These records are destroyed once the employee has met condition(s) specified by agreement or adverse action or a performance-based action case file has been initiated.

Only the EAP Director or equivalent may destroy or dispose of EAP records and must have at least one witness present when paper records are destroyed, or electronic records are deleted. The witness must be an Agency employee familiar with handling confidential records. Whenever possible, witnesses should be other EAP staff members. All EAP records must be destroyed and/or deleted using Agency-approved disposal procedures.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

USAID EAP personnel maintain Internal EAP records. Access to USAID buildings where records are located is restricted by 24-hour electronic identification.

For Paper Records: USAID secures records in lockable metal filing cabinets within a locked room when not in use. Access to these records are strictly limited to authorized USAID EAP personnel. Only the case number appears on the file label. The file is cross-referenced with a separately secured list with a corresponding name and case number.

For Electronic Records: USAID EAP personnel store and password-protect electronic records in a user-authenticated, USAID-issued computer and/or a USAID-approved, computerized database system. These records are maintained separately from other systems of record. Access to these electronic records is strictly limited to authorized USAID EAP personnel.

USAID EAP contractors are also required to maintain all USAID EAP client records with similar safeguards to ensure the security and confidentiality of EAP records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained.

All persons having access to these records shall be trained in the proper handling of records covered by the Privacy Act and 42 CFR part 2 (Confidentiality of Alcohol and Drug Abuse Patient Records). These acts restrict disclosures to unique situations, such as threats of physical harm, medical emergencies, and suspected child abuse, except where the client has consented in writing to such disclosure. Clients of the EAP will be informed in writing of the confidentiality provisions. Secondary disclosure of released information is prohibited without client consent.

RECORD ACCESS PROCEDURES:

Under the Privacy Act, individuals may request access to records about themselves. These individuals must be limited to citizens of the United States or aliens lawfully admitted for permanent residence. If a Federal Department or Agency or a person who is not the individual who is the subject of the records, requests access to records about an individual, the written consent of the individual who is the subject of the records is required.

Individuals seeking access to information about themselves contained in this system of records should address inquiries to the Bureau for Management, Office of Management Services, Information and Records Division (M/MS/IRD), USAID Annex—Room 2.4.0C, 1300 Pennsylvania Avenue NW, Washington, DC 20523. The requester may complete and sign a USAID Form 507-1, Certification of Identity Form or submit signed, written requests that should include the individual's full name, current address, telephone number, and this System of Records Notice number. In addition, the requester must provide either a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

• If executed outside the United States: “I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature).”
• If executed within the United States, its territories, possessions, or commonwealths: “I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature).”

CONTESTING RECORD PROCEDURES:

See Section 3.20 above, Record Access Procedures. Individuals may also contact the appropriate EAP System of Records Manager at the USAID Staff Care email address: staffcarecenter@usaid.gov to: (i) Request access, contest, or amend a notification of records; and (ii) to determine the location of particular EAP records created by contractors on behalf of USAID, or maintained by contractors at the contractor's location.

NOTIFICATION PROCEDURES:

See Section 3.20 above, Record Access Procedures.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None.