AGENCY:

Agency for International for Development (USAID).

ACTION:

Notice of Modified Privacy Act System of Records.

SUMMARY:

The United States Agency for International Development proposes to modify various sections of the existing System of Records Notice titled USAID–28, USAID Personnel Locator System consistent with the requirements detailed in OMB Circular A–108: Federal Agency Responsibilities for Review, Reporting and Publication Under the Privacy Act. USAID is providing notice of its intent to change the name of the system to USAID–28, Emergency Notification System, and to update various sections of the existing System of Records Notice in accordance with OMB guidance. The system will collect Personally Identifiable Information (PII) necessary to provide rapid communications regarding emergencies and urgent situations, such as office dismissal, and closure situations that impact access to USAID facilities. USAID is issuing this Notice to clarify the purpose for which the information is collected, update the authorities, and to expand upon the routine uses for the information maintained in this system. All other changes to the Notice are administrative in nature.

DATES:

Submit comments on or before 15 May 2023. This modified system of records will be effective 15 May 2023 upon publication. The Routine Uses are effective at the close of the comment period.

ADDRESSES:

You may submit comments:

Electronic

• Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions on the website for submitting comments.

• Email: Privacy@usaid.gov.

Paper

• Fax: 202–916–4946.

• Mail: Chief Privacy Officer, United States Agency for International Development, 1300 Pennsylvania Avenue NW, Washington, DC 20523.

FOR FURTHER INFORMATION CONTACT:

Ms. Celida A. Malone, USAID Privacy Program at United States Agency for International Development, Bureau for Management, Office of the Chief Information Officer, Information Assurance Division: ATTN: USAID Privacy Program, 1300 Pennsylvania Avenue NW, Washington, DC 20523, or by phone number at 202–916–4605.

SUPPLEMENTARY INFORMATION:

USAID is modifying the SORN to change the name from USAID–28—Personnel Locator System to USAID–28: Emergency Notification System (ENS) and update elements of the SORN contents to increase transparency into the Agency's enhanced capacity to transform and modernize the rapid delivery of emergency communications. The Categories of Records in the System was significantly modified to reduce the amount of Personally Identifiable Information (PII) that is collected. This information is used to enable the system owner to target emergency notifications to employees, contractors and others who may be affected by emergency situations at or near an USAID facility.

Dated: May 25, 2022.

Mark Joseph Johnson.

Chief Privacy Officer, United States Agency for International Development.

SYSTEM NAME AND NUMBER:

USAID–28: Emergency Notification System (ENS).

SECURITY CLASSIFICATION:

Sensitive But Unclassified.

SYSTEM LOCATION:

Records are maintained at the United States Agency for International Development, Bureau for Management, Office of Management Services, Headquarters Management Division, 1300 Pennsylvania Ave. NW, Washington, DC 20523. The cloud-based servers are managed at data operations centers located in Santa Clara, CA and Ashburn, VA.

SYSTEM MANAGER:

Continuity Program Manager, United States Agency for International Development, Bureau for Management, Office of Management Services, Headquarters Management Division, 1300 Pennsylvania Avenue NW, Washington, DC 20523. Email: efristoe@usaid.gov.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Homeland Security Act of 2002, Public Law 107–296, § 501–521, National Continuity Policy Implementation Plan, Federal Continuity Directive, Federal Executive Branch National Continuity Program and Requirements, National Security Presidential Directive-51/Homeland Security Presidential Directive-20; and 5 U.S.C. 301.

PURPOSE OF THE SYSTEM:

The purpose of the Emergency Notification System (ENS) is to maintain current, up-to-date emergency contact information for USAID employees and contractors. Using multiple communication pathways, such as email, text-to-voice phone calls, short message service (SMS) text messages, computer desktop pop-up messages and/or public social media postings, ENS provides high-speed message delivery to all workforce members in response to threat alerts issued by the Department of Homeland Security, USAID's Critical Coordination Unit and Facilities Management staff, and local emergency officials regarding weather-related emergencies, or other urgent situations that may disrupt the operations and accessibility of a USAID facility/worksite. It also enables USAID, emergency responders, and others to account for workforce members during an emergency.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals covered by this system include, but are not limited to: current and former USAID employees; personal services contractors; institutional support contractors; consultants; detailees; fellows; interns; and volunteers.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records maintained in this system contain contact information necessary to ensure the timely emergency notification to USAID workforce Start Printed Page 20849 members. The types of personal information include

• Employee Contact Information includes: Name; home phone number; personal cell phone number; personal email address; official or work phone number; official or work email address; assigned office; work location; emergency contact name; emergency contact phone number; and emergency contact alternate number.

RECORD SOURCE CATEGORIES:

The information maintained in this system is obtained from employees, contractors, consultants, detailees, fellows, interns, and volunteers who voluntarily register for ENS alerts. In addition, information is obtained from the Personal Identity Verification (PIV) Card Management System, USAID Human Capital and Talent Management (HCTM) Operational Databases, as well as organizations that employ/sponsor contractors, interns, fellows, and volunteers.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed as a routine use as follows:

(1) To Federal, state, tribal, local, international, or foreign governmental agencies or executive offices, relief agencies, and non-governmental organizations, when disclosure is appropriate for performance of the official duties required in response to all-hazards and declared emergencies, including technical, manmade, or natural disasters.

(2) To current and former Federal employees and contractors when the records are relevant and necessary to carry out emergency response activities.

(3) To designated or identified emergency contacts of USAID workforce members, including current and former employees and contractors, when disclosure is necessary to protect public and personal health and safety during an emergency.

(4) To Federal, state, local, foreign, tribal, or self-regulatory agencies or organizations responsible for investigating, prosecuting, enforcing, implementing, issuing, or carrying out a statute, rule, regulation, order, or policy whenever the information is relevant and necessary to respond to a potential violation of civil or criminal law, regulation, order, or policy.

(5) To another Federal agency, to a court, magistrate, or other administrative tribunal in the course of an administrative or judicial proceeding, including disclosures to opposing counsel or witnesses (including expert witnesses) in the course of discovery or other pre-hearing exchanges of information, litigation, or settlement negotiations, where relevant or potentially relevant to a proceeding, or in connection with criminal law proceedings, subject to USAID's determination that the disclosure of the records is a use of the information that is compatible with the purpose for which the records were collected.

(6) To any component of the Department of Justice, or in a proceeding before a court, adjudicative body, or other administrative body before which the Agency is authorized to appear, when: (a) the Agency or any component thereof; or (b) any employee of the Agency in her or his official capacity; or (c) any employee of the Agency in his or her individual capacity where the Department of Justice or the Agency has agreed to represent the employee; or (d) the United States, when the Agency determines that litigation is likely to affect the Agency or any of its components, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice or the Agency is deemed by the Agency to be relevant and necessary to the litigation provided, however, that in each case it has been determined that the disclosure is compatible with the purpose for which the records were collected.

(7) To the Department of Justice for the purpose of obtaining legal counsel, including whether the records or information in this system of records should be disclosed outside USAID.

(8) To a Federal government agency or department that assists USAID for the purpose of vetting, and for the purposes of ensuring accuracy of existing records and updating government records when a match between an applicant and another database is identified.

(9) To disclose information to contractors (personal service contractors or institutional support contractors) in furtherance of the contractor's work performance on behalf of the Federal government under a contract, including contracts that support the vetting program.

(10) To the National Archives and Records Administration for the purposes of records management inspections conducted under the authority of 44 U.S.C. 2904 and 2906 and in its role as Archivist.

(11) To the Office of Management and Budget in connection with review of private relief legislation, as set forth in OMB Circular No. A–19, at any stage of the legislative coordination and clearance process as set forth in that Circular.

(12) To appropriate agencies, entities, and persons when: (a) USAID suspects or has confirmed that there has been a breach of the system of records; (b) USAID has determined that, as a result of the suspected or confirmed breach, there is a risk of harm to individuals, USAID (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with USAID's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

(13) To another Federal agency or Federal entity when USAID determines information from this system of records is reasonably necessary to assist the recipient agency or entity in: (a) responding to a suspected or confirmed breach; or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

(14) To Congressional offices in response to an inquiry from that office made at the request of the individual to whom the record pertains.

(15) To the Office of the President in response to an inquiry from that Office made on behalf of, and at the request of, the subject of the record or third party acting on the subject's behalf.

(16) To disclose information to officials of labor organizations when relevant and necessary to fulfill their duties of exclusive representation concerning personnel policies, practices, and matters affecting working conditions.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Electronic records in this system are maintained in user-authenticated, password-protected systems. All records are accessed only by authorized personnel who have a need to access the records in the performance of their official duties.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

USAID records are retrievable by name, location, or any other identifier listed in the Categories of Records cited above. Start Printed Page 20850

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

The records are maintained in accordance with the National Archives and Records Administration (NARA), General Records Schedule No-1-Item 18(a). Records are reviewed and updated annually. The records relating to a former employee may be retained for a period of three years after separation or transfer, if required to meet the business needs of the Agency.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

USAID safeguards records in this system according to applicable rules and policies, including all applicable USAID Automated Directive System operational policies. USAID has implemented controls to minimize the risk of compromising the information that is being stored. Access to the records in this system is limited to those individuals who have a need to know the information for performance of their official duties and who have appropriate clearances and permissions. USAID ensures the practices stated in the Emergency Notification System (ENS) Privacy Impact Assessment are followed by leveraging standard operating procedures (SOP), training, policies, rules of behavior, and auditing and accountability.

RECORD ACCESS PROCEDURES:

Under the Privacy Act, individuals may request access to records about themselves. These individuals must be limited to citizens of the United States or aliens lawfully admitted for permanent residence. If a Federal Department or Agency or a person who is not the individual who is the subject of the records, requests access to records about an individual, the written consent of the individual who is the subject of the records is required.

Individuals seeking access to information about themselves contained in this system of records should address inquiries to the Bureau for Management, Office of Management Services, Information and Records Division (M/MS/IRD), USAID Annex—Room 2.4.0C, 1300 Pennsylvania Avenue NW, Washington, DC 20523. The requester may complete and sign a USAID Form 507–1, Certification of Identity Form or submit signed, written requests that should include the individual's full name, current address and telephone number, and this System of Records Notice number. In addition, the requester must provide either a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

If executed outside the United States: “I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature).”

If executed within the United States, its territories, possessions, or commonwealths: “I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature).”

CONTESTING RECORD PROCEDURES:

The USAID rules for accessing records, contesting contents, and appealing initial Agency determinations are contained in 22 CFR 212 or may be obtained from the program manager or system owner.

NOTIFICATION PROCEDURES:

Individuals seeking to determine if information about themselves is contained in this system of records should address inquiries to the Bureau for Management, Office of Management Services, Information and Records Division (M/MS/IRD), USAID Annex—Room 2.4.0C, 1300 Pennsylvania Avenue NW, Washington, DC 20523. Individuals may complete and sign a USAID Form 507–1, Certification of Identity Form, or submit signed, written requests that should include the individual's full name, current address, and telephone number. In addition, the requester must provide either a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

If executed outside the United States: “I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature).”

If executed within the United States, its territories, possessions, or commonwealths: “I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature).”

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

77 FR 64095, October 18, 2012.