2022-00087. Privacy Act of 1974; System of Records  

  • Start Preamble

    AGENCY:

    Office of Small & Disadvantaged Business Utilization (OSDBU), Department of Veterans Affairs (VA).

    ACTION:

    Notice of a modified system of records.

    SUMMARY:

    The purpose of this modified system of record is to combine SORN 132VAOSDBU with this SORN, 181VAOSDBU, to reflect the merging of the system interfaces. The combined system's purpose is fourfold: To gather and maintain information on small businesses owned and controlled by Veterans, including service-disabled Veterans; provide VA personnel with access to resources that allow them to perform market research upon Veteran Owned Small Businesses (VOSBs) and Service-Disabled Veteran Owned Small Businesses (SDVOSBs); provide a platform for registration and announcement of Direct Access Program (DAP) events; and allow Federal, State, and local government personnel and the general public, including private sector companies and corporate entities, the ability to locate potential Veteran entrepreneur resources through searches of the Vendor Information Pages (VIP). This combined system provides the mechanism that enables Veteran owned businesses to compete effectively for Federal contracts. It also provides the Office of Small & Disadvantaged Business Utilization (OSDBU) with the data and reports needed to manage their responsibilities under the Veterans Entrepreneurship and Small Business Development Act of 1999, as amended. VA personnel may utilize the VIP database to counsel and assist Veteran entrepreneurs in starting a small business or expanding an existing small business.

    DATES:

    Comments on this modified system of records must be received no later than 30 days after date of publication in the Federal Register . If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by VA, the modified system of records will become effective a minimum of 30 days after date of publication in the Federal Register . If VA receives public comments, VA shall review the comments to determine whether any changes to the notice are necessary.

    ADDRESSES:

    Comments may be submitted through www.regulations.gov or mailed to VA Privacy Service, 810 Vermont Ave. NW, (005R1A), Washington, DC 20420. Comments should indicate that they are submitted in response to Center for Verification and Evaluation (CVE) VA VetBiz Vendor Information Pages (VIP) (181VAOSDBU). Comments received will be available at regulations.gov for public viewing, inspection or copies.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    For general questions about the system contact Renetta Bradford at Office of Small & Disadvantaged Business Utilization at 810 I Street NW, Washington, DC 20420, osdbuexeccorr@va.gov and (202) 461-4600.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    OSDBU provides numerous services for Veterans and service-disabled Veterans who seek to open or expand a business. The OSDBU staff coordinates the tasks required of the U.S. Department of Veterans Affairs by several Federal laws, including:

    • Public Law 108-183 (December 2003), the Veterans Benefits Act of 2003, Sections 301, 305, 308.
    • Public Law 106-554 (December 2000), Sections 803 and 808.
    • Public Law 106-50 (August 1999), the Veterans Entrepreneurship and Small Business Development Act of 1999.
    • Public Law 105-135 (December 1997), Title VII, Service-Disabled Veterans Program.
    • Public Law 93-237 (January 1974), “Special Consideration for Veterans”.

    Public Law 106-50, Section 302, Entrepreneurial Assistance, subsection (5) requires VA to support the “establishment of an information clearinghouse to collect and distribute information, including electronic means, on the assistance programs of Federal, state, and local governments, and of the private sector, including information on office locations, key personnel, telephone numbers, mailing and email addresses, and contracting and sub-contracting opportunities.”

    The parts of the Veterans Benefits Act of 2003 (Pub. L. 108-183) that pertain to Veteran entrepreneurship are contained in Title III—Education Benefits, Employment Provisions, and Related Matters. They are as follows:

    • Section 301—Expands the Montgomery GI Bill program by authorizing educational assistance for on-job training in certain self-employment training programs.
    • Section 305—Authorizes the use of VA education benefits to pay for nondegree/non-credit entrepreneurship courses at approved institutions:

    ○ Small Business Development Centers, and

    ○ National Veterans Business Development Corporation (also known as Veterans Corporation).

    • Section 308—Furnishes Federal agencies discretionary authority to:

    ○ Restrict certain contracts to disabled Veteran-owned small businesses if at least two such concerns are qualified to bid on the contract, and

    ○ Create “sole-source” contracts for disabled Veteran-owned small businesses—up to $5 million for manufacturing contract awards and up to $3 million for nonmanufacturing contract awards.

    A Web-based application allows Governmental and support sector organizations to “register” their services. This clearinghouse enables any user to search for business support services at the Federal, State, and local government levels and private providers in their respective category of business development, management, financial, technical or procurement assistance.

    The site allows support organizations to update their business information and give the Department the ability to upload data from other sources to populate the proposed database. Contact information is kept as well as a means to extract this information to satisfy the Department's need to send out information.

    The Center for Verification and Evaluation (CVE) operates and maintains the Department of Veterans Affairs (VA), CVE VetBiz Vendor Information Pages (VIP)—VA. This system enables VA to maintain and access an automated database containing the information on Veteran owned businesses resources set forth in the law (section 302, paragraph (5) and section 604, paragraph (b)). Because some information may be retrieved by the name or other personal identifiers of individuals acting in an entrepreneurial capacity, such as a sole proprietor of a small business, VA is using this system of records.

    The information in this system is maintained in electronic form. The information in these records are available to government agencies, companies, and the general public via the internet.

    The solution uses a combination of commercial off-the-shelf software (COTS) and cloud-based applications. These COTS and Cloud products Start Printed Page 1008 leverage market-tested products that are currently listed as enterprise solutions in the VA environment and comply with the VA's technology standards for enterprise-class software.

    The VetBiz/VIP solution provides an internet-facing portal for submitting data and tracking the progress of the verification team as well as an integrated customer relationship management (CRM) system with strong document management, collaboration, notification, and reporting functionality in alignment with the security requirements dictated by the collection, capture, and distribution of sensitive material.

    This SORN has been modified to include information collected by Event Management Scheduling System (EMSS), include data elements stored, changes in Routine Uses, as required, by Office of Management and Budget (OMB), and combining SORN 132VAOSDBU VETBIZ APP into this SORN.

    Signing Authority

    The Senior Agency Official for Privacy, or designee, approved this document and authorized the undersigned to sign and submit the document to the Office of the Federal Register for publication electronically as an official document of the Department of Veterans Affairs. Neil C. Evans, M.D., Chief Officer, Connected Care, Performing the Delegable Duties of the Assistant Secretary for Information and Technology and Chief Information Officer, approved this document on November 28, 2021 for publication.

    Start Signature

    Dated: January 4, 2022.

    Amy L. Rose,

    Program Analyst, VA Privacy Service, Office of Information Security, Office of Information and Technology, Department of Veterans Affairs.

    End Signature

    SYSTEM NAME AND NUMBER:

    Center for Verification and Evaluation (CVE) VA VetBiz Vendor Information Pages (VIP)—VA (181VAOSDBU).

    SECURITY CLASSIFICATION:

    Information in this SORN is not classified information.

    SYSTEM LOCATION:

    The system is hosted on the Veterans Affairs (VA) Enterprise Cloud (EC), Microsoft Azure Government (MAG). The VA EC MAG is in Azure Government Region 1 and Region 2, or Region 3, and is designed to allow U.S. government agencies, contractors and customers to move sensitive workloads into the cloud for addressing specific regulatory and compliance requirements.

    SYSTEM MANAGER(S):

    Renetta Bradford, Information Technology Systems Integration (ITSI) Program Manager, Department of Veterans Affairs (VA), Office of Small & Disadvantaged Business Utilization (OSDBU), 810 Vermont Ave. NW, Room 1064, Washington, DC 20420. Renetta.bradford@va.gov, osdbuexeccorr@va.gov, and (202) 461-4600.

    AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

    38 U.S.C. 8127 and Public Law 106-50, as amended.

    PURPOSE(S) OF THE SYSTEM:

    1. Gather and maintain information on small businesses owned and controlled by Veterans, including service-disabled Veterans.

    2. Provide VA personnel with access to resources that allow them to perform market research upon Veteran Owned Small Businesses (VOSBs) and Service-Disabled Veteran Owned Small Businesses (SDVOSBs).

    3. Provide a platform for registration and announcement of Direct Access Program (DAP) events.

    4. Allow Federal, State, and local government personnel and the general public, including private sector companies and corporate entities, the ability to locate potential Veteran entrepreneur resources through searches of the Vendor Information Pages (VIP).

    5. VA personnel may utilize the VIP database to counsel and assist Veteran entrepreneurs in starting a small business or expanding an existing small business.

    CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

    The system of records will cover Veteran entrepreneurs who have applied to have their small businesses included in the VIP database, and, if deceased, their surviving spouses, that wish to be a part of the information clearinghouse. Programs of Federal, State, and local governments, and private sector organizations and companies offering business or business assistance services to Veteran businesses will be accessing the information to improve Veteran business opportunities.

    CATEGORIES OF RECORDS IN THE SYSTEM:

    The records will contain data on Veteran-owned companies who have contacted the Center for Verification and Evaluation or have been extracted from e-government databases to which the companies have voluntarily submitted the data as a part of the marketing efforts to the federal government. The records may include: Access Roles, AD Domain, Address, Address City, Address Country, Address Postal Code, Address State, agency Contract. Are you currently doing business or have a contract with the VA? (Yes/No), Assurance Level, Authentication Authority, Authentication Method, Authentication Time, Authorization Data (DS Logon only), Award Rating, BIRLS Disability Rating, BIRLS File Number, Business Email, Business Name, Business Type, category Contract, CCR_Registration Number, Cell Phone, Certifications, City, Common Name, Company Address, Company City, Company Country, Company Name, Company Phone, Company State/Province, Company website URL, Company Zip, company Certification, company Contact, Core Competency/Strength, Corporate Participant ID, Credential Service Identifier, Credential Service Provider (CSP) Traits Only Indicator, CSP Object, Current Password, CVE Verification Expiration Date, Data Universal Numbering System DUNS®, Date of Birth (DOB), Defense Contract Audit Agency number (optional), Discharge Type, Do you have a Defense Contract Audit Agency Compliant Account, DoD Electronic Data Interchange Personal Identifier (EDIPI), DoD Sponsor ED IPI, Duty Location, EIN, Email, Environment Identifier, Excluded Parties Flag, extent Contract, Fax Number, fedbizopps, Federal Supply Contracting Vehicle, Fedmine Module, FirstName, Gender, Government Category, GSA Contract, GSA Schedule Contract, Hash, Have you had a contract with the VA in the last 5 years? (Yes/No), Header Version, Highest Level of Personal Security Clearance, Home city, Home State, Home street address, Home Zip Code, IAM Role One, IAM Role Three, IAM Role Two, IAM Service Down Indicator, IDV Contract, Industry, Integration Control Number (ICN), Issue Modified, Issue instant, Last Name, Level of Assurance, Mailing Address, MHV identifier (IEN), Middle Name, Middle Name, Initial, NAICS, NAICS Contract, Name, Office, office Contract, Owner Name, Person ID (PID), Personal Email Address, Personal Fax Number, Personal Mailing Address, Personal Phone Number(s), Phone Number, Position, Prefix, pricing Contract, Product Service Code, Profile Photographs, Proofing authority, PSC, PSC Contract, Registration Email, Salutation, samAccountName, SDVOSB_Flag, Security ID (SecID), Start Printed Page 1009 Session Scope, socio Contract, Socio-Economic Category, Sponsor Electronic Data Interchange Personal Identifier, SSOi Landing URL, SSOi Logged Out URL, State, States in which you do Business, subaward Agency Contract, subaward Duns Contract, subaward NAICS Contract, subaward POP Contract, Subject Organization, Subject Organization ID, Subject Role, Suffix, System for Award Management (SAM) Unique Entity Identifier (UEI), System Permissions, Tax Identification Number, Transaction ID, type Of Set Aside Contract, UPN, User Hash, User ID, VAUID, Veteran ID/Service Number, Veteran Status, VISN, Vista Id, VOSB, Flag, Year Business was established, and Zip Code.

    RECORD SOURCE CATEGORIES:

    The information in this system of records is obtained from the following sources:

    a. Information voluntarily submitted by the business;

    b. Information gathered from official VA data sources such as Identity Access Management (IAM), Master Personnel Index (MPI), and Beneficiary Identification Records Locater Subsystem (BIRLS);

    c. Public information extracted from other business databases, System for Award Management (SAM), and Dun and Bradstreet (D&B).

    ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

    1. Congress

    VA may disclose information to a Member of Congress or staff acting upon the Member's behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.

    2. Data Breach Response and Remediation, for VA

    VA may disclose information from this system to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, VA (including its information systems, programs, and operations), and the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with VA's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

    3. Data Breach Response and Remediation, for Another Federal Agency

    VA may disclose information to another Federal agency or Federal entity, when VA determines that the information is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

    4. Law Enforcement

    VA may disclose information that, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, to a Federal, state, local, territorial, tribal, or foreign law enforcement authority or other appropriate entity charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing such law. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

    5. DoJ for Litigation or Administrative Proceeding

    VA may disclose information to the Department of Justice (DoJ), or in a proceeding before a court, adjudicative body, or other administrative body before which VA is authorized to appear, when:

    (a) VA or any component thereof;

    (b) Any VA employee in his or her official capacity;

    (c) Any VA employee in his or her individual capacity where DoJ has agreed to represent the employee; or

    (d) The United States, where VA determines that litigation is likely to affect the agency or any of its components,

    is a party to such proceedings or has an interest in such proceedings, and VA determines that use of such records is relevant and necessary to the proceedings.

    6. Contractors

    VA may disclose information to contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for VA, when reasonably necessary to accomplish an agency function related to the records.

    7. OPM

    VA may disclose information to the Office of Personnel Management (OPM) in connection with the application or effect of civil service laws, rules, regulations, or OPM guidelines in particular situations.

    8. EEOC

    VA may disclose information to the Equal Employment Opportunity Commission (EEOC) in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or other functions of the Commission as authorized by law.

    9. FLRA

    VA may disclose information to the Federal Labor Relations Authority (FLRA) in connection with: The investigation and resolution of allegations of unfair labor practices, the resolution of exceptions to arbitration awards when a question of material fact is raised; matters before the Federal Service Impasses Panel; and the investigation of representation petitions and the conduct or supervision of representation elections.

    10. MSPB

    VA may disclose information to the Merit Systems Protection Board (MSPB) and the Office of the Special Counsel in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions promulgated in 5 U.S.C. 1205 and 1206, or as authorized by law.

    11. NARA

    VA may disclose information to NARA in records management inspections conducted under 44 U.S.C. 2904 and 2906, or other functions authorized by laws and policies governing NARA operations and VA records management responsibilities.

    12. Federal Agencies, for Research

    VA may disclose information to a Federal agency for the purpose of conducting research and data analysis to perform a statutory purpose of that Federal agency upon the prior written request of that agency.

    13. Federal Agencies, for Computer Matches

    VA may disclose information from this system to other federal agencies for the purpose of conducting computer matches to obtain information to determine or verify eligibility of Veterans receiving VA benefits or medical care under Title 38, U.S.C.

    14. Federal Agencies, Courts, Litigants, for Litigation or Administrative Proceedings

    VA may disclose information to another federal agency, court, or party in litigation before a court or in an administrative proceeding conducted by Start Printed Page 1010 a Federal agency, when the government is a party to the judicial or administrative proceeding.

    15. Governmental Agencies, for VA Hiring, Security Clearance, Contract, License, Grant

    VA may disclose information to a Federal, state, local, or other governmental agency maintaining civil or criminal violation records, or other pertinent information, such as employment history, background investigations, or personal or educational background, to obtain information relevant to VA's hiring, transfer, or retention of an employee, issuance of a security clearance, letting of a contract, or issuance of a license, grant, or other benefit. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

    16. State or Local Agencies, for Employment

    VA may disclose information to a state, local, or other governmental agency, upon its official request, as relevant and necessary to that agency's decision on the hiring, transfer, or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant, or other benefit by that agency. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

    16. SSA, HHS, for SSN Validation

    VA may disclose information to the Social Security Administration and the Department of Health and Human Services for the purpose of conducting computer matches to obtain information to validate the social security numbers maintained in VA records.

    POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

    The VetBiz VIP will be stored in a computerized database. The system will operate on servers, located on the VA EC MAG, Region 1 and Region 2, or Region 3. Data backups will reside on appropriate media, according to normal system backup plans for VA Enterprise Operations. The system will be managed by VA OSDBU, in VA Headquarters, Washington, DC.

    POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

    Automated records may be retrieved by:

    1. Organization Name.

    2. Contact Name.

    3. Email Address.

    4. Web Address.

    5. Area Code and Phone Number.

    6. Zip Code.

    7. County Code (NaCO).

    8. State(s).

    9. Type of Organization: Government (Federal; State; County; Municipal; Other); Nongovernmental Organization; Commercial.

    10. Type of Assistance: (Paperwork packaging; grants/loans; procurement assistance; management/technical assistance; mentoring/incubator; contract opportunities; other).

    11. Service Area Limits (if any).

    12. Service limited to Veterans.

    13. Fees.

    14. Organization Funding Limits: (None; term—funding expires on a specific date).

    15. Year Established.

    16. Full-time/part-time.

    17. Days and Hours of Service.

    18. Other Professional Staff Available.

    POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

    Records will be maintained and disposed of, in accordance with the records disposal authority approved by the Archivist of the United States, the National Archives and Records Administration, and published in Agency Records Control Schedules.

    ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

    Read access to the system is via internet access, while VA staff, and contractor personnel will have access to the system, via VA Intranet and local connections, for operations, management and maintenance purposes and tasks. Access to the Intranet portion of the system is via VA PIV authentication and role-based access control, at officially approved access points. Veteran-owned small businesses will establish and maintain user-ids and passwords for accessing their corporate information under system control using VA's DS Logon or ID.me through Access VA. Policy regarding issuance of user-ids and passwords is formulated in VA by the Office of Information and Technology, Washington, DC. Security for data in the VetBiz database complies with applicable statutes, regulations and government-wide and VA policies. The system is configured so that access to the public data elements in the database does not lead to access to the non-public data elements, such as Veteran social security number.

    RECORD ACCESS PROCEDURES:

    Individuals seeking access to records about themselves, contained in this system of records, may access the records via the internet, or submit a written request to the system manager.

    CONTESTING RECORD PROCEDURES:

    An individual who wishes to contest records maintained under his or her name or other personal identifier may write or call the system manager. VA's rules for accessing records and contesting contents and appealing initial agency determinations are published in regulations set forth in the Code of Federal Regulations. See 38 CFR 1.577, 1.578.

    NOTIFICATION PROCEDURES:

    Individuals wishing to inquire, whether this system of records contains information about themselves, should contact the Deputy Director, IT Systems Integration (OSDBU), 810 Vermont Ave. NW, Washington, DC 20420.

    EXEMPTIONS PROMULGATED FOR THE SYSTEM:

    There are no exemptions for the system.

    HISTORY:

    The previous SORN only applied to Vendor Information Pages that involved collecting Veteran Owned business information. It was published as 85 FR 22798. Publication date was 04/23/2020.

    VAF 29-0877, VETBIZ VENDOR INFORMATION PAGES VERIFICATION PROGRAM, OMB Control No. 2900-0675, Expiration Date: 03/31/2021 and VA VetBiz Assistance Program Pages—VA (132VA00VE), published as 69 FR 62936, 10/28/2004, was the last full publication of OSDBU's SORN 132VA00VE which provided updated information regarding OSDBU's records.

    End Supplemental Information

    [FR Doc. 2022-00087 Filed 1-6-22; 8:45 am]

    BILLING CODE P

Document Information

Published:
01/07/2022
Department:
Veterans Affairs Department
Entry Type:
Notice
Action:
Notice of a modified system of records.
Document Number:
2022-00087
Dates:
Comments on this modified system of records must be received no later than 30 days after date of publication in the Federal Register. If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by VA, the modified system of records will become effective a minimum of 30 days after date of publication in the Federal Register. If VA receives public comments, VA shall review the comments to determine whether any changes to the notice ...
Pages:
1007-1010 (4 pages)
PDF File:
2022-00087.pdf
Supporting Documents:
» Privacy Act; Systems of Records; FR Doc No: 2022-20177
» Privacy Act; Matching Program; FR Doc No: 2022-20191
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: Maintenance of Records; OMB No. 0515; FR Doc No: 2022-16282
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: Acquisition Regulation Construction Provisions and Clauses; OMB No. 0422; FR Doc No: 2022-16289
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: Certification of Loan Disbursement, Verification of Deposit and Verification of Employment; OMB No. 0521; FR Doc No: 2022-15477
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: Loan Service Report; OMB No. 0249; FR Doc No: 2022-13650
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: Request for a Certificate of Eligibility for VA Home Loan Benefit; OMB No. 0086; FR Doc No: 2022-13258
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: GI Bill Comparison Tool Ratings Survey; OMB No. New; FR Doc No: 2022-12659
» Agency Information Collection Activities; Proposals, Submissions, and Approvals: Maintenance of Records; OMB No. 0515; FR Doc No: 2022-11369
» Privacy Act; Systems of Records; FR Doc No: 2022-10848