AGENCY:

Veterans Health Administration (VHA), Department of Veterans Affairs (VA).

ACTION:

Notice of a modified system of records.

SUMMARY:

Pursuant to the Privacy Act of 1974, notice is hereby given that VA is modifying the system of records entitled, “Community Residential Care and Medical Foster Home Programs–VA” (142VA114). This system is used for determining a potential facility's initial eligibility and ongoing participation in the program, provision of medical and psycho-social services to Veterans, operation of the programs, and information required by VA Medical Centers to complete quarterly statistical reports.

DATES:

Comments on this modified system of records must be received no later than 30 days after date of publication in the Federal Register . If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by VA, the modified system of records will become effective a minimum of 30 days after date of publication in the Federal Register . If VA receives public comments, VA shall review the comments to determine whether any changes to the notice are necessary.

ADDRESSES:

Comments may be submitted through www.Regulations.gov or mailed to VA Privacy Service, 810 Vermont Avenue NW, (005X6F), Washington, DC 20420. Comments should indicate that they are submitted in response to “Community Residential Care and Medical Foster Home Programs–VA” (142VA114). Comments received will be available at regulations.gov for public viewing, inspection or copies.

FOR FURTHER INFORMATION CONTACT:

Stephania Griffin, VHA Chief Privacy Officer, Department of Veterans Affairs, 810 Vermont Avenue NW, (105HIG) Washington, DC 20420; telephone 704–245–2492 (Note: This is not a toll-free number) or stephania.griffin@va.gov.

SUPPLEMENTARY INFORMATION:

VA is amending the system of records by revising the System Number; System Location; System Manager; Categories of Records in the System; Routine Uses of Records Maintained in the System; Policies and Practices for Retention and Disposal of Records; and Administrative, Technical and Physical Safeguards. VA is republishing the system notice in its entirety.

The System Number is being updated from 142VA114 to 142VA10 to reflect the current VHA organizational routing symbol.

The System Location will be updated to replace VA Data Processing Center, with Austin Information Technology Center (AITC). Also being added, Community Residential Care (CRC) locations are listed in VA Appendix 5. Medical Foster Home (MFH) programs have been established or are in development at all VA health care facilities.

The System Manager is being updated to include Director, Home and Community Based Programs. Telephone number 202–632–8321. (Note: This is not a toll-free number).

The Categories of Records in the System is being updated to include operators and staff of CRC and MFH Homes.

The language in Routine Use number 4 is being updated. It previously reflected the following language, “Disclosure of the records to the Department of Justice (DoJ) is a use of the information contained in the records that is compatible with the purpose for which VA collected the records and that VA may disclose records in this system of records in legal proceedings before a court or administrative body after determining that the disclosure of the records to the court or administrative body is a use of the information contained in the records that is compatible with the purpose for which VA collected the records.”

Routine Use number 4 will now read as follows, “DoJ, or in a proceeding before a court, adjudicative body, or other administrative body before which VA is authorized to appear, when:

(a) VA or any component thereof;

(b) Any VA employee in his or her official capacity;

(c) Any VA employee in his or her official capacity where DoJ has agreed to represent the employee; or

(d) The United States, where VA determines that litigation is likely to affect the agency or any of its components,

is a party to such proceedings or has an interest in such proceedings, and VA determines that use of such records is relevant and necessary to the proceedings.”

Routine use number 15 is being added to state, VA may disclose any information or records to appropriate agencies, entities and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk to individuals, VA (including its information systems, programs and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities or persons is reasonably necessary to assist in connection with VA efforts to respond to the suspected or confirmed breach or to prevent, minimize or remedy such harm.

Policies and Practices for Retention and Disposal of Records is being updated to remove “Paper records and information are maintained and disposed of in accordance with records disposition authority approved by the Archivist of the United States.” This section is being updated to state that Records are scheduled in accordance with Records Control Schedule (RCS) 10–1, 6110.4, temporary disposition; Destroy approved applications 1 year after home withdraws from program. Destroy disapproved applications after 5 years.

Administrative, Technical and Physical Safeguards is being updated to replace Austin VA Data Processing Center with Austin Information Technology Center (AITC).

The Report of Intent to Amend a System of Records Notice and an advance copy of the system notice have been sent to the appropriate Congressional committees and to the Director of the Office of Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy Act) and guidelines issued by OMB Circular No. A–108, Federal Agency Responsibilities for Review, Reporting, and Publication Under the Privacy Act, 81 FR 94424 (December 23, 2016). Start Printed Page 48959

Signing Authority

The Senior Agency Official for Privacy, or designee, approved this document and authorized the undersigned to sign and submit the document to the Office of the Federal Register for publication electronically as an official document of the Department of Veterans Affairs. Kurt D. DelBene, Assistant Secretary for Information and Technology and Chief Information Officer, approved this document on June 19, 2023 for publication.

SYSTEM NAME AND NUMBER:

“Community Residential Care and Medical Foster Home Programs–VA” (142VA10).

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Records are maintained at selected VA health care facilities that have Community Residential Care (CRC) and Medical Foster Home (MFH) Programs (in most cases, back-up computer tape information is stored at the Austin Information Technology Center (AITC), 1615 East Woodward Street, Austin, Texas 78772). Address locations for VA facilities are listed in VA Appendix 1. CRC locations are listed in VA Appendix 5. MFH programs have been established or are in development at all VA health care facilities. In addition, information from these records or copies of records may be maintained at the Department of Veterans Affairs, 810 Vermont Avenue NW, Washington, DC, Austin Information Technology Center (AITC), and Veterans Integrated Service Network (VISN) Offices.

SYSTEM MANAGER(S):

Official responsible for policies and procedures: Director, Home and Community Based Programs, Office of Geriatrics and Extended Care, Department of Veterans Affairs, 810 Vermont Avenue NW, Washington, DC 20420. Telephone number 202–632–8321. (Note: This is not a toll-free number).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

38 U.S.C 1730.

PURPOSE(S) OF THE SYSTEM:

The records and information may be used for determining a potential non-VA facility's initial eligibility and ongoing participation in the program, provision of medical and psycho-social services to Veterans, operation of the programs, and information required by VA health care facility to complete quarterly statistical reports.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

These records include information concerning Veterans who reside in CRC or MFH homes. In addition, the records include information on the operators and staff of these homes.

CATEGORIES OF RECORDS IN THE SYSTEM:

These records may include information on operators and staff of CRC and MFH Homes related to:

1. Applications, background checks, agreements with Veterans, educational programs, driver's licenses, health screenings, etc.

2. Home inspection reports, corrective plans of action, emergency plans, correspondence and hearing documents.

3. Personal identifiers (including name, date of birth, financial information, pictures, etc.)

These records may include information on Veterans who reside in CRC and MFH Homes related to:

1. Personal identifiers (including name, date of birth, Social Security Number, VA claim number, financial information, pictures) and health records.

RECORD SOURCE CATEGORIES:

Information in this system of records is provided by individuals requesting participation in the CRC and MFH programs.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

To the extent that records contained in the system include information protected by 38 U.S.C. 7332, i.e., medical treatment information related to drug abuse, alcoholism or alcohol abuse, sickle cell anemia, or infection with the human immunodeficiency virus, or 45 CFR parts 160 and 164, i.e., individually identifiable health information of VHA or any of its business associates, that information cannot be disclosed under a routine use unless there is also specific statutory authority in those provisions.

1. Congress: To a Member of Congress or staff acting upon the Member's behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.

2. National Archives and Records Administration (NARA): To the NARA in records management inspections conducted under 44 U.S.C. 2904 and 2906, or other functions authorized by laws and policies governing NARA operations and VA records management responsibilities. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

3. Law Enforcement: To a Federal, state, local, territorial, tribal or foreign law enforcement authority or other appropriate entity charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing such law, provided that the disclosure is limited to information that, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

4. Department of Justice (DoJ), Litigation, Administrative Proceeding: To the DoJ, or in a proceeding before a court, adjudicative body, or other administrative body before which VA is authorized to appear, when:

(a) VA or any component thereof;

(b) Any VA employee in his or her official capacity;

(c) Any VA employee in his or her official capacity where DoJ has agreed to represent the employee; or

(d) The United States, where VA determines that litigation is likely to affect the agency or any of its components,

is a party to such proceedings or has an interest in such proceedings, and VA determines that use of such records is relevant and necessary to the proceedings.

5. Contractors: To contractors, grantees, experts, consultants, students and others performing or working on a contract, service, grant, cooperative agreement or other assignment for VA, when reasonably necessary to accomplish an agency function related to the records.

6. Federal Agencies, Fraud and Abuse: To other Federal agencies to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs.

7. Data Breach Response and Remediation, for Another Federal Agency: To another Federal agency or Start Printed Page 48960 Federal entity, when VA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

8. Federal Agencies, for Computer Matches: To other Federal agencies for the purpose of conducting computer matches to obtain information to determine or verify eligibility of Veterans receiving VA benefits or medical care under Title 38, U.S.C.

9. Health Care Providers, for Referral by VA: To: (1) a Federal agency or health care provider when VA refers a patient for medical and other health services, or authorizes a patient to obtain such services and the information is needed by the Federal agency or health care provider to perform the services; or (2) a Federal agency or to health care provider under the provisions of 38 U.S.C. 513, 7409, 8111, or 8153, when treatment is rendered by VA under the terms of such contract or agreement or the issuance of an authorization, and the information is needed for purposes of medical treatment or follow-up, determination of eligibility for benefits, or recovery by VA of the costs of the treatment.

10. Office of Management and Budget (OMB): To OMB for the performance of its statutory responsibilities for evaluating Federal programs.

11. Guardians Ad Litem, for Representation: To a fiduciary or guardian ad litem in relation to his or her representation of a claimant in any legal proceeding as relevant and necessary to fulfill the duties of the fiduciary or guardian ad litem.

12. Guardians, Courts, for Incompetent Veterans: To a court, magistrate or administrative tribunal in the course of presenting evidence; in matters of guardianship, inquests and commitments; to private attorneys representing Veterans rated incompetent in conjunction with issuance of Certificates of Incompetency; and to probation and parole officers in connection with court-required duties.

13. Claims Representatives: At the request of the claimant, i.e., Veteran or their beneficiary, to accredited service organizations, VA-approved claim agents, and attorneys acting under a declaration of representation, the name, address, the basis and nature of a claim, amount of benefit payment information, medical information, and military service and active duty separation information, so that these individuals can aid claimants in the preparation, presentation, and prosecution of claims under the laws administered by VA.

14. Nursing Home, for Pre-Admission Screening: To a non-VA nursing home facility that is considering the patient for admission, when information concerning the individual's medical care is needed for the purpose of preadmission screening under 42 CFR 483.20(f) to identify patients who are mentally ill or mentally retarded so they can be evaluated for appropriate placement.

15. Data Breach Response and Remediation, for VA: To appropriate agencies, entities and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk to individuals, VA (including its information systems, programs and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities or persons is reasonably necessary to assist in connection with VA efforts to respond to the suspected or confirmed breach or to prevent, minimize or remedy such harm.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records are maintained on computers, paper and removable, or external hardware.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are retrieved by name, Social Security Number or other assigned identifiers of the individuals on whom they are maintained.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

In accordance with Records Control Schedule (RCS) 10–1, 6110.4, temporary disposition; approved applications are destroyed 1 year after home withdraws from program, and disapproved applications are destroyed after 5 years.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

1. Access to VA working and storage areas is restricted to VA employees on a “need-to- know” basis; strict control measures are enforced to ensure that disclosure to these individuals is also based on this same principle. Generally, VA file areas are locked after normal duty hours and the facilities are protected from outside access by the Federal Protective Service or other security personnel.

2. Access to computer rooms at health care facilities is generally limited by appropriate locking devices and restricted to authorized VA employees and vendor personnel. Automated Data Processing peripheral devices are placed in secure areas (areas that are locked or have limited access) or are otherwise protected. Information in VistA may be accessed by authorized VA employees. Access to file information is controlled at two levels; the systems recognize authorized employees by series of individually unique passwords/codes as a part of each data message, and the employees are limited to only that information in the file which is needed in the performance of their official duties. Information that is downloaded from VistA and maintained on personal computers is afforded similar storage and access protections as the data that is maintained in the original files. Access to information stored on automated storage media at other VA locations is controlled by individually unique passwords/codes.

3. Access to the AITC is generally restricted to Center employees, custodial personnel, Federal Protective Service, and other security personnel. Access to computer rooms is restricted to authorized operational personnel through electronic locking devices. All other persons gaining access to computer rooms are escorted. Information stored in the computer may be accessed by authorized VA employees at remote locations including VA health care facilities, Information Systems Centers, VA Central Office, and VISNs. Access is controlled by individually unique passwords/codes which must be changed periodically by the employee.

RECORD ACCESS PROCEDURES:

Individuals seeking information on the existence and content of records in this system pertaining to them should contact the system manager in writing as indicated above or write or visit the VA facility location where they normally receive their care. A request for access to records must contain the requester's full name, address and telephone number, be signed by the requester and describe the records sought in sufficient detail to enable VA personnel to locate them with a reasonable amount of effort.

CONTESTING RECORD PROCEDURES:

Individuals seeking to contest or amend records in this system pertaining to them should contact the system Start Printed Page 48961 manager in writing as indicated above. A request to contest or amend records must state clearly and concisely what record is being contested, the reasons for contesting it, and the proposed amendment to the record.

NOTIFICATION PROCEDURES:

Generalized notice is provided by the publication of this notice. For specific notice, see Record Access Procedure, above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

76 FR 67561 (November 1, 2011).

VA Appendix 5

Community Residential Care Programs

Birmingham, AL; Tuscaloosa, AL; Tuskegee, AL; Fayetteville, AR; Little Rock, AR; Loma Linda, CA; Long Beach, CA; Los Angeles, CA; San Diego, CA; Washington, DC; Wilmington, DE; Bay Pines, FL; Gainesville, FL; Jacksonville, FL; Pensacola, FL; Tampa, FL; West Palm Beach, FL; Atlanta, GA; Augusta, GA; Chicago- Hines, IL; Danville, IL; Indianapolis, IN; Marion, IN; Des Moines, IA; Iowa City, IA; Topeka, KS; Lexington, KY; Louisville, KY; Alexandria, LA; New Orleans, LA; Shreveport, LA; Augusta, ME; Perry Point, MD; Bedford, MA; Boston, MA; Springfield, MA; Battle Creek, MI; Biloxi, MS; Jackson, MS; St Louis, MO; Lyons, NJ; Salisbury, NC; Montrose, NY; Northport, NY; Chillicothe, OH; Cleveland, OH; Columbus, OH; Dayton, OH; Coatesville, PA; Lebanon, PA; Philadelphia, PA; Pittsburgh, PA; Wilkes Barre, PA; San Juan, PR; Providence, RI; Mountain Home, TN; Murfreesboro, TN; Nashville, TN; Dallas, TX; Houston, TX; San Antonio, TX; Waco, TX; Hampton, VA; Richmond, VA; Salem, VA; Tacoma, WA; Martinsburg, WV; Tomah, WI.