AGENCY:

Office of the Chief Information Officer, General Services Administration (GSA).

ACTION:

Notice of a modified system of records.

SUMMARY:

GSA proposes to modify a system of records subject to the Privacy Act of 1974. GSA is modifying the notice to update the system name to “Office of the Chief Financial Officer's (OCFO) Imaging/Workflow Solution”. It is a subsystem within the Ancillary Corporate Applications (ACA) at GSA. OCFO's Imaging/Workflow Solution allows users in the Payroll Services Branch, Accounts Payable and customer agencies to annotate metadata to scanned images, and search and view documents ( i.e., invoices, payroll, property records, deeds, transfers) that have been scanned/stored.

DATES:

Submit comments on or before April 13, 2023. The new and/or significantly modified routine uses will be applicable on April 13, 2023.

ADDRESSES:

Submit comments by any of the following methods:

• Regulations.gov: https://www.regulations.gov. Search for Notice-ID-2023-03, Rescindment of a System of Records Notice. Select the link “Comment Now” that corresponds with “Notice-ID-2023-03, Rescindment of a System of Records Notice.” Follow the instructions provided on the screen. Please include your name, company name (if any), and “Notice-ID-2023-03, Rescindment of a System of Records Notice” on your attached document.

• By email to the GSA Privacy Act Officer:gsa.privacyact@gsa.gov.

• By mail to: Privacy Office (IDE), GSA, 1800 F Street NW, Washington, DC 20405.

FOR FURTHER INFORMATION CONTACT:

Call or email Richard Speidel, the GSA Chief Privacy Officer (Office of the Deputy Chief Information Officer): telephone 202-969-5830; email gsa.privacyact@gsa.gov.

SUPPLEMENTARY INFORMATION:

GSA proposes to modify a system of records subject to the Privacy Act of 1974, 5 U.S.C. 552a. Office of the Chief Financial Officer's (OCFO) Imaging/Workflow Solution (previously named ImageNow), is the subsystem within the Ancillary Corporate Applications (ACA) at GSA. Please refer to the SORN link below: https://www.federalregister.gov/​documents/​2009/​08/​10/​E9-19102/​privacy-act-of-1974-notice-of-new-system-of-records.

SYSTEM NAME AND NUMBER:

OCFO Imaging/Workflow Solution GSA/PPFM-12.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

The system is maintained in Kansas City, MO, in the Financial Administrative Systems Division (BDT).

SYSTEM MANAGER:

Director, Financial and Payroll Services Division, OCFO, GSA (BCE), 1500 E Bannister Road, Kansas City, MO 66085.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. Part III, Subparts D and E, 26 U.S.C. Chapter 24 and 2501, and Executive Order 9397, and the Chief Financial Officers (CFO) Act of 1990 (Pub. L. 101-576) as amended (Chapter 9 of Title 31 of the U.S. Code (2009)). Start Printed Page 15721

PURPOSES OF THE SYSTEM:

The purpose of the system is to capture electronic images of financial documents, and store, retrieve, and process these images. It will maintain these images in order to support the day-to-day official operating needs of GSA's financial and payroll operations.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

This system covers individuals with electronic facility access credentials including GSA employees, contractor employees, building occupants, interns, and volunteers.

CATEGORIES OF RECORDS IN THE SYSTEM:

System records include information that identify vendors and/or employees by their names or other unique identifier in conjunction with other data elements such as gender, birth date, age, marital status, spouse and dependents, home email addresses, home addresses, home phone numbers, health records, Social Security Numbers, Employer Identification Numbers, payroll deductions, banking information, personal credit card information, and similar personally identifiable information.

RECORD SOURCE CATEGORIES:

The source for the image data in the system originates from the individuals and vendors who submit the documents on their own behalf. In addition, documents may come from Federal Government Agencies that may include Privacy Act information.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

System users will be limited to those U.S. government employees that require this information to perform their assigned official responsibilities. All access will be reviewed and approved by the employee's supervisor, system owner and the information system security officer. Information from this system also may be disclosed as a routine use:

a. In any legal proceeding, where pertinent, to which GSA is a party before a court or administrative body.

b. To a Federal, State, local, or foreign agency responsible for investigating, prosecuting, enforcing, or carrying out a statute, rule, regulation, or order when GSA becomes aware of a violation or potential violation of civil or criminal law or regulation.

c. To conduct investigations, by authorized officials, that are investigating or settling a grievance, complaint, or appeal filed by an individual who is the subject of the record.

d. To the Office of Personnel Management (OPM), the Office of Management and Budget (OMB), and the Government Accountability Office (GAO) when the information is required for program evaluation purposes.

e. To a Member of Congress or his or her staff on behalf of and at the request of the individual who is the subject of the record.

f. To a federal agency in connection with the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation; the letting of a contract; or the issuance of a grant, license, or other benefit to the extent that the information is relevant and necessary to a decision.

g. To authorized officials of the agency that provided the information for inclusion in ACMIS.

h. To an expert, consultant, or contractor of GSA in the performance of Start Printed Page 39962a Federal duty to which the information is relevant.

i. To the National Archives and Records Administration (NARA) for records management purposes.

j. To appropriate agencies, entities, and persons when (1) The Agency suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by GSA or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with GSA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS: STORAGE:

All records are stored electronically in client-server computer format.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are retrievable with indexing values or other unique identifiers such as name or Social Security Number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

System records are retained and disposed of according to GSA records maintenance and disposition schedules and the requirements of the National Archives and Records Administration (General Records Schedule 2.3, item 20).

RETENTION AND DISPOSAL:

Records created for input to other financial systems are intermediary records according to NARA's General Records Schedule 5.2 item 020 and can be destroyed upon verification of successful creation of the final document or file, or when no longer needed for business use, whichever is later.

Records managed by the system and accessed by other financial systems such as through an Application Programming Interface (API) are treated as financial records and their disposition is determined by the type of financial record and disposed according to the appropriate item in GRS schedule 1.1, Financial Management and Reporting Records.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: Safeguards

System records are safeguarded in accordance with the requirements of the Privacy Act, the Computer Security Act, and the System Security Plan. Technical, administrative, and personnel security measures are implemented to ensure confidentiality and integrity of the data. Security measures include password protections, assigned roles, and transaction tracking.

RECORD ACCESS PROCEDURES:

Individuals wishing to access their own records may do so by sending a request to the program manager. Director, Financial and Payroll Services Division, OCFO, GSA (BCE), 1500 E Bannister Road, Kansas City, Missouri 66085.

CONTESTING RECORD PROCEDURES:

GSA rules for access to records, and for contesting the contents and appealing initial determinations are provided in 41 CFR part 105-64.

NOTIFICATION PROCEDURES:

Individuals wishing to inquire if the system contains information about them should contact the program manager. Director, Financial and Payroll Services Division, OCFO, GSA (BCE), 1500 E Bannister Road, Kansas City, Missouri 66085.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

This notice modifies the Supplemental Information section of the system of records notice that is Start Printed Page 15722 published in full at 74 FR 39961, September 09, 2009.