2020-19821. Privacy Act of 1974: System of Records  

  • Start Preamble

    AGENCY:

    National Capital Planning Commission.

    ACTION:

    Notice of a New System of Records.

    SUMMARY:

    In accordance with the Privacy Act of 1974, the National Capital Planning Commission (NCPC or Commission) is providing notice of a new system of records (System of Records or Systems) titled, NCPC-5, General Information Technology Records System. This system consists of information collected in order to provide authorized individuals with access to NCPC information technology Start Printed Page 55699resources. Upon adoption the new System of Records will be titled NCPC-5, General Information Technology Records System.

    DATES:

    This document will become effective October 9, 2020. If no comments are received, the proposed System of Records will become effective on the stated date. If comments are received, they will be considered, and if adopted, the document will be republished in revised form.

    ADDRESSES:

    You may submit written comments on this proposed System of Records Notice (Notice) by either of the methods listed below.

    1. U.S. mail, courier, or hand delivery to Anne Schuyler, General Counsel/Privacy Act Officer/National Capital Planning Commission, 401 9th Street NW, Suite 500, Washington, DC 20004.

    2. Electronically to privacy@ncpc.gov.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Anne R. Schuyler, General Counsel/Privacy Act Officer at 202-642-0591 or privacy@ncpc.gov.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    The routine uses of the System of Records provide authorized individuals access to NCPC IT resources, and to allow NCPC to track use of NCPC IT resources. Upon adoption, the System of Records will be titled NCPC- 5, General Information Technology Records System.

    The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses, and disseminates individuals' records. The Privacy Act applies to information that is maintained in what is known as a System of Records. A System of Records is defined by the Privacy Act as a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined to encompass United States citizens and legal permanent residents. As a matter of policy, NCPC extends administrative Privacy Act protection to all individuals for Systems of Records that contain information on U.S. citizens, lawful permanent residents, and visitors. Individuals may access their own records contained in a System of Records in the possession or under the control of NCPC in the manner described by NCPC's Privacy Act Regulations found at 1 CFR part 603.

    The Privacy Act requires each agency to publish in the Federal Register a description of the type and character of each System of Records that the agency maintains and the routine uses for the records contained in each system. This requirement renders agency recordkeeping practices transparent, notifies individuals of how and why their respective records are used, and assists individuals in locating records about themselves that are maintained by the agency. This notice complies with the requirements of the Privacy Act regarding Systems of Records and sets forth below the requisite information concerning NCPC's General Information Technology System of Records.

    In accordance with guidance provided by the Office of Management and Budget (OMB), NCPC provided a report of this new Systems of Records to OMB, to the House Committee on Oversight and Government Reform, and the Senate Committee on Governmental Affairs.

    SYSTEM NAME AND NUMBER:

    NCPC-5, General Information Technology Records System.

    SECURITY CLASSIFICATION:

    Unclassified.

    SYSTEM LOCATION:

    The records containing general information technology information are located at NCPC, 401 9th Street NW, Suite 500 North, Washington, DC 20004.

    SYSTEM MANAGERS:

    For records indicated in the System Location above, information about the system manager can be obtained from NCPC's Director, Office of Administration, (202) 482-7200.

    AUTHORITY FOR THE SYSTEM:

    44 U.S.C. Chapter 3101.

    PURPOSE OF THE SYSTEM:

    The purpose of the system is to provide authorized individuals access to NCPC information technology resources and information systems.

    CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

    Categories of individuals covered by this system include all current and former NCPC employees, contractors, and interns assigned government-owned assets (e.g., laptop computers, communication equipment, and other assets).

    CATEGORIES OF RECORDS IN THE SYSTEM:

    Categories of records maintained in this system include: Individual's name; Email address; Division; Office location; Office telephone number; Records on access to NCPC information systems including user ID and passwords; Logs of activity of NCPC IT resources; IP address of access; Logs of internet activity; and Email addresses of senders and recipients.

    RECORD SOURCE CATEGORIES:

    Records are generated from account request forms submitted by Division Directors on behalf of new employees, contractors, and interns. Records are also discovered automatically using IT asset management tools and audit log and monitoring tools.

    ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USE:

    NCPC uses records in this system to assign unique electronic user accounts for employees, contractors, and interns to access NCPC information systems. The records are also used to track and monitor user activity and use of NCPC IT resources.

    See, Appendix I for other ways the Privacy Act permits NCPC to disclose system records outside the agency.

    POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

    NCPC stores records electronically in its computer system or on paper in secure facilities such as a locked office or file cabinet. The records may be stored on magnetic disc, tape, digital media, and paper.

    POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

    Records may be retrieved by an individual's name; general contact information, such as email addresses; office number; office division; unique user ID; or IP address.

    POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

    Records are retained until an individual separates from the agency; or as otherwise prescribed under record schedules and procedures issued or approved by the National Archives and Records Administration (NARA).

    ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

    Access to records is restricted to NCPC IT administrators whose responsibilities include logical access and maintenance of the NCPC network and IT resources. Paper records are maintained in locked offices or file cabinets. Access to electronic records is controlled by use of a personal identity verification (PIV) ID card to the NCPC network and a “user ID” and password combination to the account management application.

    NCPC's offices are located in a public building guarded and monitored by security personnel, cameras, ID check, and other physical security measures. Start Printed Page 55700NCPC's office suite is accessed by means of an electronic key card system (employees) and clearance by an office receptionist (visitors). Visitors must sign-in, wear an identification badge, and be escorted by NCPC personnel during their visit to other than public portions of the office (public portions include the Commission chambers and adjacent meeting room). NCPC's suite entrances are also monitored by electronic surveillance.

    Records processed, stored or transmitted and used by contractors are protected by controls implemented by the vendor pursuant to terms incorporated into its contract with NCPC.

    RECORD ACCESS PROCEDURES:

    Individuals seeking access to a record pertaining to them in the System of Records described herein shall follow the procedures in set forth in NCPC's Privacy Act Regulations contained in 1 CFR part 603. The request should be directed to: NCPC Privacy Act Officer, National Capital Planning Commission, 401 9th Street NW, Suite 500, Washington, DC 20004.

    CONTESTING RECORD PROCEDURES:

    Individuals seeking to contest the content of a record contained in the System of Records described in this Notice shall follow the procedures set forth in Record Access Procedures above.

    NOTIFICATION PROCEDURES:

    Individuals seeking to determine if the System of Records described in this Notice contains a record pertaining to him/her shall follow the procedures set forth in Record Access Procedures above.

    EXEMPTIONS PROMULGATED FOR THE SYSTEM:

    None.

    HISTORY:

    None.

    Start Signature

    Dated: September 2, 2020.

    Anne R. Schuyler,

    General Counsel.

    End Signature End Supplemental Information

    [FR Doc. 2020-19821 Filed 9-8-20; 8:45 am]

    BILLING CODE 7502-02-P

Document Information

Effective Date:
10/9/2020
Published:
09/09/2020
Department:
National Capital Planning Commission
Entry Type:
Notice
Action:
Notice of a New System of Records.
Document Number:
2020-19821
Dates:
This document will become effective October 9, 2020. If no comments are received, the proposed System of Records will become effective on the stated date. If comments are received, they will be considered, and if adopted, the document will be republished in revised form.
Pages:
55698-55700 (3 pages)
PDF File:
2020-19821.Pdf