AGENCY:

Privacy Office, Department of Homeland Security.

ACTION:

Notice of Privacy Act System of Records.

SUMMARY:

In accordance with the Privacy Act of 1974, the Department of Homeland Security proposes to update and reissue a current Department of Homeland Security system of records notice titled, “Department of Homeland Security/Federal Emergency Management Agency—006 Citizen Corps Database” and retitle it “Department of Homeland Security/Federal Emergency Management Agency—006 Citizen Corps Program System of Records.” This system of records allows the Department of Homeland Security/Federal Emergency Management Agency to collect and maintain records on individuals who contact the agency about their interest in specific voluntary programs, members of the Citizen Corps Program who have been assigned disaster duties, and points of contact for Citizen Corps Councils, Community Emergency Response Teams, and Citizen Corps partners. As a result of a biennial review of this system, records have been updated within the: (1) System name; (2) categories of individuals; (3) categories of records; (4) authorities; (5) purpose; (6) routine uses of information; (7) system manager and address; (8) notification procedures; and (9) records source categories. Additionally, this notice includes non-substantive changes to simplify the formatting and text of the previously published notice. This updated system will be included in the Department of Homeland Security's inventory of record systems.

DATES:

Submit comments on or before August 21, 2013. This updated system will be effective August 21, 2013.

ADDRESSES:

You may submit comments, identified by docket number DHS-2013-0049, by one of the following methods:

• Federal e-Rulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments.
• Fax: 202-343-4010.
• Mail: Jonathan R. Cantor, Acting Chief Privacy Officer, Privacy Office, Start Printed Page 43891Department of Homeland Security, Washington, DC 20528.

Instructions: All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to http://www.regulations.gov,, including any personal information provided.

Docket: For access to the docket to read background documents or comments received, please visit http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT:

For general questions please contact: Eric M. Leckey, (202) 212-5100, Privacy Officer, Federal Emergency Management Agency, Washington, DC 20472. For privacy issues please contact: Jonathan R. Cantor, (202) 343-1717, Acting Chief Privacy Officer, Privacy Office, Department of Homeland Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the Department of Homeland Security (DHS) Federal Emergency Management Agency (FEMA) proposes to update and reissue a current DHS systems of records titled, “DHS/FEMA—006 Citizen Corps Database” and retitle it “DHS/FEMA—006 Citizen Corps Program System of Records.”

FEMA administers the Citizen Corps Program to strengthen the collaboration with communities and to enhance their preparation and response to threats of terrorism, crime, public health issues, and disasters of all kinds. Through the Citizen Corps Program, communities can set up and register their own Councils and Community Emergency Response Team (CERT) programs.

As part of the process for reviewing the Citizen Corps application and database information technology systems, and the biennial review of the associated system of records, DHS is updating and reissuing this system of records. As a result of a biennial review of this system, records have been updated as described below:

First, the system name has been updated to more accurately align with the Citizen Corps Program and not just the technology records. Second, categories of individuals have been updated to include individuals designated as points of contacts for Citizen Corps Council, Community Emergency Response Team (CERT), and other Citizen Corps partners. Third, categories of records have been modified to include user access information and other program information collected by FEMA. Fourth, the authorities have been streamlined to more accurately reflect specific authorities for the establishment of the Citizen Corps Program. Fifth, the purpose now includes the registration of Councils, CERTs, and Citizen Corps partners; and community preparedness surveys and assessments conducted by FEMA. Sixth, the routine uses of information have been updated to include routine use (I) for sharing information with members of the public accessing the Citizen Corps Program Web site and routine use (K) for sharing information with news media and the public, with approval of the DHS Chief Privacy Officer in consultation with counsel. Additionally, routine use (A) has been modified to include former employees of DHS and to eliminate redundant language, routine use (C) has been updated to specify that information may be shared with the General Services Administration (GSA), routine uses (D) and (E) have been modified to clarify and make non-substantive grammatical changes, routine uses (H) and (J) have been updated to include the Congress and to allow sharing of information with Citizen Corps partners, respectively. Seventh, system manager and address have been updated to provide more accurate contact information. Eighth, notification procedures have been updated to reflect FEMA's internal reorganization. Lastly, record source categories have been modified to align with the system's purpose and to include additional sources of records.

Consistent with DHS' information-sharing mission, information stored in the DHS/FEMA—006 Citizen Corps Program System of Records may be shared with other DHS components that have a need to know the information to carry out their national security, law enforcement, immigration, intelligence, or other homeland security functions. In addition, information may be shared with appropriate federal, state, local, tribal, territorial, foreign, or international government agencies consistent with the routine uses set forth in this system of records notice.

This updated system will be included in DHS' inventory of record systems.

II. Privacy Act

The Privacy Act embodies fair information practice principles in a statutory framework governing the means by which federal government agencies collect, maintain, use, and disseminate individuals' records. The Privacy Act applies to information that is maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined to encompass U.S. citizens and lawful permanent residents. As a matter of policy, DHS extends administrative Privacy Act protections to all individuals when systems of records maintain information on U.S. citizens, lawful permanent residents, and visitors.

Below is the description of the DHS/FEMA—006 Citizen Corps Program System of Records.

In accordance with 5 U.S.C. 552a(r), DHS has provided a report of this system of records to the Office of Management and Budget and to Congress.

System of Records

Department of Homeland Security (DHS)/Federal Emergency Management Agency (FEMA)—006

System name:

DHS/FEMA—006 Citizen Corps Program

Security classification:

Unclassified.

System location:

Records are maintained within the Citizen Corps Application and Database, at the FEMA Headquarters in Washington, DC, and field offices.

Categories of individuals covered by the system:

Individuals designated as the point of contact for a Council, Community Emergency Response Team (CERT), or other Citizen Corps partner organization; individuals who contact the agency about their interest in Citizen Corps programs, its partner organizations, or other volunteer activities supporting state, local, tribal, and territorial governments; individuals participating in national preparedness surveys; and individuals designated to approve Council and or CERT programs into the national registry. These individuals include members of the general public, and federal, state, local, tribal, and territorial officials.

Categories of records in the system:

• Full name (First, last, and middle initial);
• Organization's name;
• Mailing address(es);
• Email address(es);
• Phone number(s);
• Volunteer program area and type of interest;Start Printed Page 43892
• Username;
• Password;
• User Type;
• Emergency preparedness training information, such as courses taken and dates of courses;
• Other CERT program information including, but not limited to, emergency support function designation, funding information for Council/CERT (e.g., Homeland Security Grant Program or other sources of funding for preparedness activities), and if CERT performs background checks on participants; and
• Community preparedness surveys and assessments.

Authority for maintenance of the system:

Exec. Order No. 13254, “Establishing the USA Freedom Corps”, Jan. 29, 2002, and 31 U.S.C. 1342.

Purpose(s):

The purpose of this system is to allow state, local, tribal, and territorial communities to setup and register Citizen Corps Councils and CERT programs. Also, this system provides a way for individuals to locate and contact Councils, CERTs, and other Citizen Corps partners for more information regarding volunteer programs and opportunities nation-wide. Additionally, this system uses surveys to assess and enhance communities' preparedness and to improve the effectiveness of the Citizen Corps Program.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

A. To the Department of Justice (DOJ), including U.S. Attorney Offices, or other federal agency conducting litigation or in proceedings before any court, adjudicative, or administrative body, when it is relevant or necessary to the litigation and one of the following is a party to the litigation or has an interest in such litigation:

1. DHS or any component thereof;

2. Any employee or former employee of DHS in his/her official capacity;

3. Any employee or former employee of DHS in his/her individual capacity when DOJ or DHS has agreed to represent the employee; or

4. The United States or any agency thereof.

B. To a congressional office from the record of an individual in response to an inquiry from that congressional office made at the request of the individual to whom the record pertains.

C. To the National Archives and Records Administration (NARA) or General Services Administration pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.

D. To an agency or organization for the purpose of performing audit or oversight operations as authorized by law, but only such information as is necessary and relevant to such audit or oversight function.

E. To appropriate agencies, entities, and persons when:

1. DHS suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised;

2. DHS has determined that as a result of the suspected or confirmed compromise, there is a risk of identity theft or fraud, harm to economic or property interests, harm to an individual, or harm to the security or integrity of this system or other systems or programs (whether maintained by DHS or another agency or entity) that rely upon the compromised information; and

3. The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DHS' efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

F. To contractors and their agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for DHS, when necessary to accomplish an agency function related to this system of records. Individuals provided information under this routine use are subject to the same Privacy Act requirements and limitations on disclosure as are applicable to DHS officers and employees.

G. To an appropriate federal, state, tribal, local, international, or foreign law enforcement agency or other appropriate authority charged with investigating or prosecuting a violation or enforcing or implementing a law, rule, regulation, or order, when a record, either on its face or in conjunction with other information, indicates a violation or potential violation of law, which includes criminal, civil, or regulatory violations and such disclosure is proper and consistent with the official duties of the person making the disclosure.

H. To the USA Freedom Corps, Executive Office of the President and the U.S. Congress for the purpose of oversight of the Citizen Corps Program.

I. To individuals accessing the Citizen Corps Program Web site for the purpose of contacting Citizen Corps partners for specific Citizen Corps partner program information.

J. To organizations participating, partnering, or affiliated with the Citizen Corps Program if an individual has volunteered to assist this specific type of organization.

K. To the news media and the public, with the approval of the Chief Privacy Officer in consultation with the General Counsel and FEMA Office of Chief Counsel, when there exists a legitimate public interest in the disclosure of the information or when disclosure is necessary to preserve confidence in the integrity of DHS or is necessary to demonstrate the accountability of DHS' officers, employees, or individuals covered by the system, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.

Disclosure to consumer reporting agencies:

None.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Records in this system are stored electronically or on paper in secure facilities in a locked drawer behind a locked door. The records are stored on magnetic disc, tape, and digital media.

Retrievability:

Records may be retrieved by individual's name, mailing address, email address, or volunteer program(s) in which the respondent indicates an interest.

Safeguards:

Records in this system are safeguarded in accordance with applicable rules and policies, including all applicable DHS automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to the computer system containing the records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances or permissions.Start Printed Page 43893

Retention and disposal:

Routine correspondence with governors, mayors, and other state, local, tribal, and territorial officials, as well as private citizens relating to FEMA programs will be destroyed when no longer needed in accordance with FEMA Records Schedule N1-311-86-1, Item 1B4. Records relating to establishment, organization, membership, and policy of external committees that are sponsored by FEMA, but have a membership including representatives from other federal agencies, states, local governments, and/or public citizens are permanent and will be maintained in accordance with FEMA Records Schedule N1-311-97-2, Item 1.

System Manager and address:

Director, Individual and Community Preparedness Division, FEMA, 800 K Street NW., Washington, DC 20531.

Notification procedure:

Individuals seeking notification of and access to any record contained in this system of records, or seeking to contest its content, may submit a request in writing to the FEMA Disclosure Officer, 500 C Street SW., Washington, DC 20472. If an individual believes more than one component maintains Privacy Act records concerning him or her, the individual may submit the request to the Chief Privacy Officer, Department of Homeland Security, 245 Murray Drive SW., Building 410, STOP-0550, Washington, DC 20528.

When seeking records about yourself from this system of records or any other FEMA system of records your request must conform with the Privacy Act regulations set forth in 6 CFR Part 5. You must first verify your identity, meaning that you must provide your full name, current address, and date and place of birth. You must sign your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. While no specific form is required, you may obtain forms for this purpose from the Chief Privacy Officer and Chief Freedom of Information Act Officer, http://www.dhs.gov/​foia or 1-866-431-0486. In addition, you should:

• Explain why you believe the Department would have information on you;
• Identify which component(s) of the Department you believe may have the information about you;
• Specify when you believe the records would have been created; and
• Provide any other information that will help the FOIA staff determine which DHS component agency may have responsive records; and

If your request is seeking records pertaining to another living individual, you must include a statement from that individual certifying his/her agreement for you to access his/her records.

Without the above information the component(s) may not be able to conduct an effective search, and your request may be denied due to lack of specificity or lack of compliance with applicable regulations.

Record access procedures:

See “Notification procedure” above.

Contesting record procedures:

See “Notification procedure” above.

Record source categories:

Records are obtained from the general public, state, local, tribal, and territorial government officials, and Citizen Corps partners.

Exemptions claimed for the system:

None.