E7-15602. Proposed Routine Use; Request for Public Comment  

  • Start Preamble

    SUMMARY:

    The Peace Corps proposes to adopt a new routine use that would permit disclosure of Peace Corps records governed by the Privacy Act when reasonably necessary to respond to, prevent, minimize, or remedy, harm that may result from an agency data breach or compromise.

    Start Printed Page 44879

    DATES:

    The deadline for public comments is September 24, 2007. Comments received after that date will be considered at the Peace Corps' discretion.

    ADDRESSES:

    You may submit comments by e-mail to sglasow@peacecorps.gov. Include Privacy Act System of Records Routine Use in the subject line of the message. You may also submit comments by mail to Suzanne Glasow, Office of the General Counsel, Peace Corps, Suite 8200, 1111 20th Street, NW., Washington, DC 20526. Contact Suzanne Glasow for copies of comments.

    Start Further Info

    FOR FURTHER INFORMATION CONTACT:

    Suzanne Glasow, Associate General Counsel, 202-692-2150, sglasow@peacecorps.gov.

    End Further Info End Preamble Start Supplemental Information

    SUPPLEMENTARY INFORMATION:

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, this document provides public notice that the Peace Corps is proposing to adopt a new “routine use” that will apply to all Peace Corps records systems covered by the Privacy Act of 1974. The Act applies to agency systems of records identified in the list below (including number of system, system name, volume number in the Federal Register, and the date(s) of publication). The new routine use would be added to the list of General Routine Uses, which describes routine uses that apply to all Peace Corps Privacy Act records systems listed below.

    PC system numberSystem nameDate publishedFR volume number
    PC-1Accounts Receivable (Collection of Debts Claims Records)09-05-0065 FR 53772
    PC-2Congressional Files09-05-0065 FR 53772
    PC-3Contractors and Consultants Files09-05-0065 FR 53772
    PC-4Discrimination Complaint Files09-05-0065 FR 53772
    PC-5Employee Occupational Injury and Illness Reports09-05-0065 FR 53772
    PC-6Employee Pay and Leave Records09-05-0065 FR 53772
    PC-7Peace Corps Volunteers: Reasons for Resignation09-05-0065 FR 53772
    PC-8Legal Files—Staff, Volunteers and Applicants09-05-0065 FR 53772
    PC-9Payment Records: Transportation, Travel Authorizations, and Household Storage09-05-0065 FR 53772
    PC-10Office of Private Sector Cooperation and International Volunteerism Database09-05-0065 FR 53772
    PC-11Personal Services Contracts09-05-0065 FR 53772
    PC-12Property Records09-05-0065 FR 53772
    PC-13Personnel Security Records09-05-0065 FR 53772
    PC-14Administrative Grievance Records09-05-0065 FR 53772
    PC-15Overseas Executive Selection and Support09-05-0065 FR 53772
    PC-16Travel Files09-05-0065 FR 53772
    PC-17Peace Corps Volunteer Database Management System01-14-8550 FR 1950
    PC-18Former Peace Corps Volunteers and Staff Database09-05-0065 FR 53772
    PC-19Office of Inspector General Investigative Records09-05-0065 FR 53772
    PC-20Building Management, Parking, and Metro Pool09-05-0065 FR 53772
    PC-21Crisis Corps Database09-05-0065 FR 53772
    PC-22Financial Management System05-04-0772 FR 25343
    PC-23Health Benefits Program for Peace Corps Volunteers09-05-0065 FR 53772
    PC-24Privacy and Freedom of Information Act Requests09-05-0065 FR 53772
    PC-25Early Termination and Special Action09-05-0065 FR 53772
    PC-26Peace Corps Computer Systems Activity and Access Records07-29-0267 FR 49048
    PC-27Antimalaria Tolerance Survey07-16-04 updated 10-03-0569 FR 42784 70 FR 57630
    PC-28Applications for Employment09-23-0570 FR 55929
    PC-29World Wise Schools05-25-0772 FR 29357

    This new routine use is needed in order to allow for disclosure of records to appropriate persons and entities for purposes of response and remedial efforts in the event of a breach of data contained in the protected systems. This routine use will facilitate an effective response to a confirmed or suspected breach by allowing for disclosure to individuals affected by the breach, in cases, if any, where such disclosure is not otherwise authorized under the Act. This routine use will also authorize disclosures to others who are in a position to assist in response efforts, either by assisting in notification to affected individuals or otherwise playing a role in preventing, minimizing, or remedying harms from the breach.

    The Privacy Act authorizes the agency to adopt routine uses that are consistent with the purpose for which information is collected and subject to that Act. 5 U.S.C. 552a(b)(3); see also 5 U.S.C. 552a(a)(7). The Peace Corps believes that it is consistent with the collection of information pertaining to such individuals to disclose Privacy Act records when, in doing so, it will help prevent, minimize or remedy a data breach or compromise that may affect such individuals. The Peace Corps believes that failure to take reasonable steps to help prevent or minimize the harm that may result from such a breach or compromise would jeopardize, rather than promote, the privacy of such individuals. Accordingly, the Peace Corps concludes that it is authorized under the Privacy Act to adopt a routine use permitting disclosure of Privacy Act records for such purposes.

    In accordance with the Privacy Act, see 5 U.S.C. 552a(e)(4) and (11), the Peace Corps is publishing notice of this routine use and giving the public a 30-day period to comment before adopting it as final. The Peace Corps is also providing at least 40 days advance notice of this proposed system notice amendment to OMB and the Congress, as required by the Act, 5 U.S.C. 552a(r), and OMB Circular A-130, Revised, Appendix I. We note that the text of this routine use is taken from the routine use that has already been published in final form by the Department of Justice and the Federal Trade Commission after public comment. See 72 FR 3410 (Jan. 25, 2007); 72 FR 31835 (June 8, 2007). Similarly, after taking into account Start Printed Page 44880comments, if any, received by the Peace Corps, the Peace Corps intends to publish its proposed routine use as final after the period for OMB and Congressional review is complete.

    Accordingly, the Peace Corps hereby proposes to amend General Routine Uses of its Privacy Act system notices, as published at 65 FR 53,772 (September 5, 2000), by adding the following new routine use:

    * * * * *

    General Routine Use M: To all appropriate agencies, entities, and persons when (1) The Peace Corps suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Peace Corps has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Peace Corps or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Peace Corps' efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

    Start Signature

    Dated: August 3, 2007.

    Wilbert Bryant,

    Associate Director—Management.

    End Signature End Supplemental Information

    [FR Doc. E7-15602 Filed 8-8-07; 8:45 am]

    BILLING CODE 6015-01-P

Document Information

Comments Received:
0 Comments
Published:
08/09/2007
Department:
Peace Corps
Entry Type:
Notice
Document Number:
E7-15602
Dates:
The deadline for public comments is September 24, 2007. Comments received after that date will be considered at the Peace Corps' discretion.
Pages:
44878-44880 (3 pages)
PDF File:
e7-15602.pdf