AGENCY:

Department of Veterans Affairs (VA), Financial Services Center (FSC).

ACTION:

Notice of a modified system of records.

SUMMARY:

The system maintains a system for operating, auditing, and managing the charge card program involving commercial purchases authorized by VA employees.

DATES:

Comments on this modified system of records must be received no later than 30 days after date of publication in the Federal Register. If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by VA, the modified system of records will become effective a minimum of 30 days after date of publication in the Federal Register. If VA receives public comments, VA shall review the comments to determine whether any changes to the notice are necessary.

ADDRESSES:

Comments may be submitted through www.Regulations.gov or mailed to VA Privacy Service, 810 Vermont Avenue NW, (005R1A), Washington, DC 20420. Comments should indicate that they are submitted in response to Purchase Credit Card Program-VA (131VA047). Comments received will be available at regulations.gov for public viewing, inspection or copies.

FOR FURTHER INFORMATION CONTACT:

Lori Thomas, Financial Services Center, Department of Veterans Affairs, 1615 Woodward Street, Austin, TX 78772, (512) 460-5189 or Lori.Thomas2@va.gov.

SUPPLEMENTARY INFORMATION:

The General Services Administration established a governmentwide charge card service. This service is used as a payment mechanism and is designed to provide better financial and cash management controls over the Federal Government's low dollar value procurements. Individual employees are selected by their agencies to obtain and use the Government's purchase card, called SmartPay3, to aid in the employee's procurement responsibilities. An individual employee obtains a purchase card by applying to a private contractor bank. This application is given to the Agency/Organization Program Coordinator, who serves as the focal point for coordination of applications, issuance and destruction of cards, establishment of reports, and administrative training. This Program Coordinator also serves as a liaison between the agency and the bank. Prior to obtaining this account, an employee receives a delegation of authority from his/her agency, which indicates the maximum dollar amount Start Printed Page 52551for each single purchase made and a monthly dollar limit for total purchases. At the close of each billing cycle, each employee receives a “Statement of Account” from the bank that itemizes each transaction. In order to successfully participate in the SmartPay3 purchase card program, VA must maintain certain records on the employees who have obtained a purchase card. This information includes name, address, employment information, telephone numbers, information needed for identification verification, charge card applications, charge card statements, terms and conditions for use of the charge card, and monthly report from contractor(s) showing charges to individual account numbers, balances and other types of account analysis.

Signing Authority

The Senior Agency Official for Privacy, or designee, approved this document and authorized the undersigned to sign and submit the document to the Office of the Federal Register for publication electronically as an official document of the Department of Veterans Affairs. Dominic A. Cussatt, Acting Assistant Secretary of Information and Technology and Chief Information Officer, approved this document on August 4, 2021 for publication.

SYSTEM NAME AND NUMBER:

Purchase Credit Card Program-VA (131VA047).

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

This system of record is located in the Financial Services Center, Austin, TX.

SYSTEM MANAGER(S):

Lori Thomas, Division Chief of Charge Card Services Division, Financial Services Center, Department of Veterans Affairs, 1615 Woodward Street, Austin, TX, 78772, (512) 460- 5189 or Lori.Thomas2@va.gov.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Federal Acquisition Regulation (FAR), part 13, 48 CFR, part 13, and Public Law 93-579. Section 7(b).

PURPOSE(S) OF THE SYSTEM:

To maintain a system for operating, auditing, and managing the purchase card program involving commercial purchases by authorized VA employees.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals covered by the system are current VA employees who have their own Government assigned charge card, or who have had a charge card.

CATEGORIES OF RECORDS IN THE SYSTEM:

Records include name, work addresses, work telephone numbers, information needed for identification verification, charge card applications, charge card statements, terms and conditions for use of the charge card, and monthly report from contractor(s) showing charges to individual account numbers, balances, and other types of account analysis.

RECORD SOURCE CATEGORIES:

Transactional data from the contracting bank.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

1. Congress. VA may disclose information to a Member of Congress or staff acting upon the Member's behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.

2. Data Breach Response and Remediation, for VA. VA may disclose information to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records, (2) VA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, VA (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with VA's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm involving.

3. Data Breach Response and Remediation, for Another Federal Agency. VA may disclose information to another Federal agency or Federal entity, when VA determines that the information is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

4. Law Enforcement. VA may disclose information that, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, to a Federal, state, local, territorial, tribal, or foreign law enforcement authority or other appropriate entity charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing such law. The disclosure of the names and addresses of VA employees, from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.

5. DoJ for Litigation or Administrative Proceeding. VA may disclose information to the Department of Justice (DoJ), or in a proceeding before a court, adjudicative body, or other administrative body before which VA is authorized to appear, when:

(a) VA or any component thereof;

(b) Any VA employee in his or her official capacity;

(c) Any VA employee in his or her official capacity where DoJ has agreed to represent the employee; or

(d) The United States, where VA determines that litigation is likely to affect the agency or any of its components, is a party to such proceedings or has an interest in such proceedings, and VA determines that use of such records is relevant and necessary to the proceedings.

6. Contractors. VA may disclose information to contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for VA, when reasonably necessary to accomplish an agency function related to the records.

7. OPM. VA may disclose information to the Office of Personnel Management (OPM) in connection with the application or effect of civil service laws, rules, regulations, or OPM guidelines in particular situations.

8. EEOC. VA may disclose information to the Equal Employment Opportunity Commission (EEOC) in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or other functions of the Commission as authorized by law.

9. FLRA. VA may disclose information to the Federal Labor Relations Authority (FLRA) in connection with: The investigation and resolution of allegations of unfair labor practices, the Start Printed Page 52552resolution of exceptions to arbitration awards when a question of material fact is raised; matters before the Federal Service Impasses Panel; and the investigation of representation petitions and the conduct or supervision of representation elections.

10. MSPB. VA may disclose information to the Merit Systems Protection Board (MSPB) and the Office of the Special Counsel in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions promulgated in 5 U.S.C. 1205 and 1206, or as authorized by law.

11. NARA. VA may disclose information to NARA in records management inspections conducted under 44 U.S.C. 2904 and 2906, or other functions authorized by laws and policies governing NARA operations and VA records management responsibilities.

12. Federal Agencies, Courts, Litigants, for Litigation or Administrative Proceedings. VA may disclose information to another federal agency, court, or party in litigation before a court or in an administrative proceeding conducted by a Federal agency, when the government is a party to the judicial or administrative proceeding.

13. Law Enforcement, for Locating Fugitive. In compliance with 38 U.S.C. 5313B(d), VA may disclose information to any Federal, state, local, territorial, tribal, or foreign law enforcement agency in order to identify, locate, or report a known fugitive felon. If the disclosure is in response to a request from a law enforcement entity, the request must meet the requirements for a qualifying law enforcement request under the Privacy Act, 5 U.S.C. 552a(b)(7).

14. OMB. VA may disclose information to the Office of Management and Budget (OMB) for the performance of its statutory responsibilities for evaluating Federal programs.

15. Treasury, to Report Earnings as Income. VA may disclose information to the Department of the Treasury to report calendar year earnings of $600 or more for income tax reporting purposes.

16. APA. VA may disclose information as necessary, to comply with the requirements of the Administrative Procedure Act (APA) to make available for public review comments submitted in response to VA's solicitation of public comments as part of the agency's notice and rulemaking activities under the APA if VA determines that release of personally identifiable information, such as an individual's telephone number, is integral to the public's understanding of the comment submitted

17. Unions. VA may disclose information identified in 5 U.S.C. 7114(b)(4) to officials of labor organizations recognized under 5 U.S.C. Chapter 71 when relevant and necessary to their duties of exclusive representation concerning personnel policies, practices, and matters affecting working conditions.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

The FSC Purchase Card program retains only electronic data on its servers for transaction purposes for a period of 6 years.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

These records may be retrieved using various combinations of name or identification number (charge card number) of the individual on whom the records are maintained.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

In accordance with General Records Schedule 1.1, Item #10, records are destroyed 6 years after final payment or cancellation, but longer retention is authorized for business use.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

Access to these records is restricted to authorized VA employees or contractors, on a “need to know” basis. Offices where these records are maintained are locked after working hours and are protected from outside access by the Federal Protective Service, other security officers, and alarm systems. Access to computerized records is restricted to authorized VA employees or contractors, by means of unique user identification and passwords.

RECORD ACCESS PROCEDURES:

Individuals seeking information concerning the existence of a record pertaining to them must submit a written request to the VA station where the records are maintained. Such requests must contain a reasonable description of the records requested. In addition, identification of the individual requesting the information will be required in the written request and will consist of the requester's name, signature, and address, as a minimum.

CONTESTING RECORD PROCEDURES:

(See Notification procedure above.)

NOTIFICATION PROCEDURES:

Please contact Lori Thomas, Division Chief of Charge Card Services Division, Financial Services Center, Department of Veterans Affairs, 1615 Woodward Street, Austin, TX 78772, (512) 460-5189 or Lori.Thomas2@va.gov.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

There is no category of records in this system that has been identified as exempt from any section of the Privacy Act.

HISTORY:

Purchase Credit Card Program-VA (131VA047) was published on February 11, 2005 at 70 FR 7320.