2020-11199. Privacy Act of 1974; System of Records  

  • Start Preamble

    AGENCY:

    Farm Credit Administration.

    ACTION:

    Notice of a modified system of records.

    SUMMARY:

    Pursuant to the provisions of the Privacy Act of 1974, as amended, notice is given that the Farm Credit Administration (FCA or Agency) is amending the General Statement of Routine Uses applicable to and incorporated by reference in each of the Agency's Systems of Records.

    DATES:

    You may send written comments on or before June 25, 2020. The FCA filed an amended System Report with Congress and the Office of Management and Budget on April 20, 2020. The revised Systems of Records Notices and Statement of General Routine Uses will become effective without further publication on July 6, 2020 unless modified by a subsequent notice to incorporate comments received from the public.

    ADDRESSES:

    We offer a variety of methods for you to submit your comments. For accuracy and efficiency reasons, commenters are encouraged to submit comments by email or through FCA's website. As facsimiles (fax) are difficult for us to process and achieve compliance with section 508 of the Rehabilitation Act, we are no longer accepting comments submitted by fax. Regardless of the method of use, please do not submit your comment multiple times via different methods. You may submit comments by any of the following methods:

    • Email: Send us an email at reg-comm@fca.gov.
    • FCA website: http://www.fca.gov. Click inside the “I want to . . .” field, near the top of the page; select “comment on a pending regulation” from the dropdown menu; and click “Go.” This takes you to an electronic public comment form.
    • Mail: David Grahn, Director, Office of Regulatory Policy, Farm Credit Administration, 1501 Farm Credit Drive, McLean, VA 22102-5090.

    You may review copies of comments we receive at our office in McLean, Virginia, or from our website at http://www.fca.gov. Once you are in the website, click inside the “I want to . . .” field, near the top of the page; select “find comments on a pending regulation” from the dropdown menu; and click “Go.” This will take you to the Comment Letters page, where you can select the SORN for which you would like to read public comments. The comments will be posted as submitted but, for technical reasons, items such as logos and special characters may be omitted. Identifying information that you provide, such as phone numbers and addresses, will be publicly available. However, we will attempt to remove email addresses to help reduce internet spam.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Autumn R. Agans, Privacy Act Officer, Farm Credit Administration, McLean, Virginia 22102-5090, (703) 883-4019, TTY (703) 883-4020.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    In accordance with the Privacy Act of 1974, as amended, 5 U.S.C. 552a(r), a report of these systems of records is being filed with the Chair of the House Committee on Oversight and Government Reform, the Chair of the Senate Committee on Homeland Security and Governmental Affairs, and the Administrator of the Office of Information and Regulatory Affairs of the Office of Management and Budget.

    The Agency is adding four new routine uses and making non-substantive changes to two existing routine uses.

    The Privacy Act governs the means by which the United States Government collects, maintains, and uses personally identifiable information (PII) in a system of records. A “system of records” is a group of any records under the control of a Federal agency from which information about individuals is retrieved by name or other personal identifier. The Privacy Act requires each agency to publish in the Federal Register, for public notice and comment, a system of records notice (SORN) identifying and describing each system of records the agency maintains, including the purposes for which the agency uses PII in the system and the routine uses for which the agency discloses such information outside the agency. As provided in “Privacy Act Guidelines” issued by the Office of Management and Budget (OMB) on July 1, 1975 (see 40 FR 28966), once an agency has published a routine use that will apply to all of its systems of record (i.e., a general routine use) in the Start Printed Page 31496 Federal Register for public notice and comment, the agency may thereafter incorporate the publication by reference in each system's SORN without inviting further public comment on that use. To date, FCA has published eight general routine uses (see 64 FR 8175 published February 18, 1999). The amended general routine uses reflect non-substantive changes to two existing FCA general routine uses (see 64 FR 8175, published February 18, 1999).

    The four new general routine uses implemented by this Notice allow for (i) disclosure of records in response to a breach or suspected breach of an FCA system of records; (ii) disclosure of records in response to a breach or suspected breach of or in response to another agency's system of records; (iii) disclosure of records to contractors or other authorized agents performing work on behalf of the Agency; and (iv) a routine use allowing disclosure to other federal and state agencies to facilitate access to, amendment or correction of records, or to verify the identity of individuals making such requests.

    The new general routine uses are compatible with the purposes for which the information to be disclosed was originally collected. Individuals whose personally identifiable information is in FCA systems expect their information to be secured. Sharing their information with appropriate parties in responding to a confirmed or suspected breach of an FCA system, or another agency's system, will help FCA and all Federal agencies protect them against potential misuse of their information by unauthorized persons. Moreover, these new routine uses are necessary to comply with OMB Memorandum M-17-12, “Preparing for and Responding to a Breach of Personally Identifiable Information” (January 3, 2017).

    Sharing information with contractors or other authorized agents performing work on behalf of the Agency facilitates efficient use of government resources by leveraging contract support in developing and deploying capabilities or enhancing services. Disclosure requirements are limited to only those data elements considered relevant to accomplishing a specific agency function as it relates to the system of records from which the records are disclosed. Sharing information with other federal and state agencies to facilitate access to, amendment or correction of records, or to verify the identity of individuals making requests for access to, amendment or correction of records facilitates transparency efforts while simultaneously ensuring the privacy of individuals to whom the information being requested applies.

    In order that the Agency's Statement of General Routine Uses, including those new uses described above, will be contained in a single notice readily accessible by the public, the FCA is republishing the General Statement of Routine Uses previously published on February 18, 1999 (64 FR 8175), which were not revised under this notice.

    SYSTEM NAME AND NUMBER:

    FCA-1—Employee Attendance, Leave, and Payroll Records—FCA.

    FCA-2—Financial Management Records—FCA.

    FCA-3—Property Accountability Records—FCA.

    FCA-4—Biographical Files—FCA.

    FCA-5—Assignments and Communication Tracking System—FCA.

    FCA-6—Freedom of Information and Privacy Act Requests—FCA.

    FCA-7—Inspector General Investigative Files—FCA.

    FCA-8—FCA internet Access System—FCA.

    FCA-9—Personnel Security Files—FCA.

    FCA-10—Farm Credit System Institution Criminal Referrals—FCA.

    FCA-11—Litigation and Administrative Adjudication Files—FCA.

    FCA-12—Health and Life Insurance Records—FCA.

    FCA-13—Correspondence Files—FCA.

    FCA-14—Employee Travel Records—FCA.

    FCA-15—Employee Training—FCA.

    FCA-16—Examiner Training and Education Records—FCA.

    FCA-17—Organization Locator and Personnel Roster System—FCA.

    FCA-18—Inspector General Investigative Files—FCA.

    Security Classification:

    Unclassified.

    SYSTEM LOCATION:

    Farm Credit Administration, 1501 Farm Credit Drive, McLean, VA 22102-5090.

    SYSTEM MANAGER(S):

    The system manager for each system is described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

    The authority for each system is described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    PURPOSE(S) OF THE SYSTEM:

    The purpose for each system is described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

    The categories of individuals covered by each system are described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    CATEGORIES OF RECORDS IN THE SYSTEM:

    The categories of individuals covered by each system are described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    Record Source Categories:

    The categories of sources of records for each system is described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    Routine Uses of Records Maintained in the System, Including Categories of Users and Purposes of Such Uses:

    FCA is amending its General Statement of Routine Uses by making non-substantive changes to routine uses 1 and 5, and adding routine uses 9, 10, 11, and 12.

    General Statement of Routine Uses

    In addition to the disclosures permitted under 5 U.S.C. 552a(b), we may disclose these records or information in the record systems under 5 U.S.C. 552a(b)(3), as provided below. The following routine uses apply to and are incorporated by reference into each system of records set forth below unless otherwise indicated.

    (1) We may disclose a record or information in the record system when it indicates a violation or potential violation of law. Violations may be civil, criminal, or regulatory, arising by statute, regulation, rule, or related order. Disclosure will be made to the appropriate federal, state, local, or foreign authority responsible for investigating or prosecuting relevant violations or charged with enforcing compliance with the law.

    (2) We may disclose a record or information in the record system to a responsible licensing authority if the records are relevant and necessary in the particular licensing decision.

    (3) We may disclose a record or information in the record system to an agency, office, or establishment of the executive, legislative, or judicial branch of the federal or state government, in Start Printed Page 31497response to its request, in connection with hiring or retaining an employee, issuing a security clearance, reporting on an investigation of an employee, letting a contract, or issuing a license, grant, or other benefit to the subject of the record.

    (4) We may disclose a record or information in the record system to a Federal congressional office to respond to an inquiry from that office made at the request of the person who is the subject of the record.

    (5) We may disclose a record or information in the record system to the U.S. Department of Justice (“DOJ”) for its use in providing legal advice to the FCA or in representing the FCA in a proceeding before a court, adjudicative body, or other administrative body, where the use of such information by the DOJ is deemed by the FCA to be relevant and necessary to the advice or proceeding, and in the case of a proceeding, such proceeding names as a party in interest:

    (a) The FCA;

    (b) Any employee of the FCA in his or her official capacity;

    (c) Any employee of the FCA in his or her individual capacity where DOJ has agreed to represent the employee; or

    (d) The United States, where the FCA determines that litigation is likely to affect the FCA;

    (6) We may disclose a record or information in the record system to a court, magistrate, or administrative tribunal in presenting evidence, including disclosures to counsel or witnesses during civil discovery, litigation, administrative proceedings, settlement negotiations, or in connection with criminal proceedings, when FCA is a party to the litigation or proceeding.

    (7) We may disclose a record or information in the record system to a court or other adjudicative body before which FCA is authorized to appear when,

    (i) FCA, or

    (ii) Any FCA employee in his or her individual capacity, is a party or has an interest in the litigation or proceeding and FCA deems the use of such records to be relevant and necessary.

    (8) We may disclose a record or information in the record system to the National Archives and Records Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906.

    (9) We may disclose a record or information in the record system to another federal agency or entity, when FCA determines that information from the record system is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the federal government, or national security, resulting from a suspected or confirmed breach.

    (10) We may disclose a record or information in the record system to appropriate agencies, entities, and persons when (a) the FCA suspects or has confirmed that there has been a breach of the system of records; (b) the FCA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the FCA (including its information systems, programs, and operations), the federal government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with FCA's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

    (11) We may disclose a record or information in the record system to entities and persons performing work on a contract, service, cooperative agreement, or other activity on behalf of the FCA or federal government and who have a need to access the record or information in the performance of their duties or activities.

    (12) We may disclose a record or information in the record system to another federal or state agency to (a) make a decision on the access, amendment or correction of records to be made in consultation with or by that agency, or (b) verify an individual's identity or the accuracy of information submitted by an individual who has requested access to or amendment or correction of records.

    Policies and Practices for Storage of Records:

    The storage practices for each system are set out in the corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    Policies and Practices for Retrieval of Records:

    Depending on the particular system, paper and electronic records may be retrieved by name or other identifying aspects.

    Policies and Procedures for Retention and Disposal of Records:

    The retention period for each system is set out in the corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    Adminsitrative, Technical, and Physical Safeguards:

    FCA implements multiple layers of security to ensure access to records is limited to those with need-to-know in support of their official duties. Records are physically safeguarded in a secured environment using locked file rooms, file cabinets, or locked offices and other physical safeguards. Computerized records are safeguarded through use of user roles, passwords, firewalls, encryption, and other information technology security measures.

    Record Access Procedures:

    To obtain a record, contact: Privacy Act Officer, Farm Credit Administration, 1501 Farm Credit Drive, McLean, VA 22102-5090, as provided in 12 CFR part 603.

    Contesting Record Procedures:

    Direct requests for amendments to a record to: Privacy Act Officer, Farm Credit Administration, 1501 Farm Credit Drive, McLean, VA 22102-5090, as provided in 12 CFR part 603.

    Notification Procedure:

    Direct all inquiries about this system of records to: Privacy Act Officer, Farm Credit Administration, McLean, VA 22102-5090.

    Exemptions Claimed for the System:

    Any exemptions claimed for each specific system is described in the system's corresponding SORN located here: https://www.fca.gov/​required-notices/​privacy-program/​.

    History:

    The history of the FCA's various systems can be located at: https://www.fca.gov/​required-notices/​privacy-program/​. In order that the Agency's general routine uses will be contained in a single notice readily accessible by the public, the FCA is taking the opportunity to republish the Statement of General Routine Uses previously published in Federal Register Vol. 64, No. 100/Tuesday, May 25, 1999, page 21875.

    Start Signature

    Dated: May 19, 2020.

    Dale Aultman,

    Secretary, Farm Credit Administration Board.

    End Signature End Supplemental Information

    [FR Doc. 2020-11199 Filed 5-22-20; 8:45 am]

    BILLING CODE 6705-01-P

Document Information

Effective Date:
7/6/2020
Published:
05/26/2020
Department:
Farm Credit Administration
Entry Type:
Notice
Action:
Notice of a modified system of records.
Document Number:
2020-11199
Dates:
You may send written comments on or before June 25, 2020. The FCA filed an amended System Report with Congress and the Office of Management and Budget on April 20, 2020. The revised Systems of Records Notices and Statement of General Routine Uses will become effective without further publication on July 6, 2020 unless modified by a subsequent notice to incorporate comments received from the public.
Pages:
31495-31497 (3 pages)
PDF File:
2020-11199.Pdf