[Federal Register Volume 77, Number 37 (Friday, February 24, 2012)]
[Notices]
[Pages 11063-11064]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-4192]
�========================================================================
�Notices
� Federal Register
�________________________________________________________________________
�
�This section of the FEDERAL REGISTER contains documents other than rules
�or proposed rules that are applicable to the public. Notices of hearings
�and investigations, committee meetings, agency decisions and rulings,
�delegations of authority, filing of petitions and applications and agency
�statements of organization and functions are examples of documents
�appearing in this section.
�
�========================================================================
�
��Federal Register / Vol. 77, No. 37 / Friday, February 24, 2012 /
Notices��
[[Page 11063]]
AGENCY FOR INTERNATIONAL DEVELOPMENT
Privacy Act of 1974, System of Records
AGENCY: United States Agency for International Development.
ACTION: Notice of new system of records.
-----------------------------------------------------------------------
SUMMARY: The United States Agency for International Development (USAID)
is issuing public notice of its intent to establish a new system of
records maintained in accordance with the Privacy Act of 1974 (5 U.S.C.
552a), as amended, entitled ``USAID-31, HSPD-12 PIV Lifecycle
Management.''
This action is necessary to meet the requirements of the Privacy
Act to publish in the Federal Register notice of the existence and
character of record systems maintained by the agency (5 U.S.C.
522a(e)(4)).
DATES: Public comments must be received on or before March 14, 2012.
Unless comments are received that would require a revision; this update
to the system of records will become effective on March 14, 2012.
ADDRESSES: You may submit comments:
Paper Comments
Fax: (703) 666-1466.
Mail: Chief Privacy Officer, United States Agency for
International Development, 2733 Crystal Drive, 11th Floor, Arlington,
VA. 22202.
Electronic Comments
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions on the Web site for submitting comments.
Email: [email protected].
FOR FURTHER INFORMATION CONTACT: For general questions, please contact,
USAID Privacy Office, United States Agency for International
Development, 2733 Crystal Drive, 10th Floor, Arlington, VA 22202.
Email: [email protected].
SUPPLEMENTARY INFORMATION: Personal Identity Verification (PIV)
Lifecycle Management system allows for the control and flexibility of
PIV card enrollment, issuance, and management under the direction of
USAID Management for domestic and international operations. The direct
management of the PIV deployment enables USAID to update the card and
features at its own pace, implement the use of PIV credential data,
such as a digital signature and encryption certificates for documents
and email and to add biometric authentication capabilities as it
becomes available.
Dated: December 21, 2011.
Jeffery Anouilh,
Deputy Chief Information Security Office and Privacy Officer.
USAID-31
System name:
HSPD-12 PIV Lifecycle Management.
Security classification:
Sensitive But Unclassified.
System location(s):
United States Agency for International Development, 2733 Crystal
Drive, 11th Floor, Arlington, VA 22202.
Categories of individuals covered by the system:
This system contains records of current employees, contractors,
consultants, and partners.
Categories of records covered by the system:
This system contains USAID organizational information. The covered
record, which has already been collected by the Department of State for
issuance of the current USAID PIV badge, are as follows: name; employee
digital photo; two digital fingerprints; organizational affiliation;
Agency; 3-4 Public Key Infrastructure (PKI) certificates; and
expiration date. In order to access the data on the chip, the
cardholder must create a Personal Identification Number (PIN).
Authority for maintenance of the system:
Privacy Act of 1974 (Pub. L. 93-579), sec. 552a(c), (e), (f), and
(p).
Purpose(s):
Records in this system will be used:
(1) To update current USAID Direct Hire employees' card data in
order to comply with OMB M-11-11 for physical and logical access to
USAID networks and facilities.
(2) To issue PIV compliant cards to eligible contractors.
Disclosure to consumer reporting agencies:
These records are not disclosed to consumer reporting agencies.
Routine Use of Records Maintained in the System, Including Categories
of Users and the Purposes of Such Uses:
USAID may disclose relevant system records in accordance with any
current and future blanket routine uses established for its record
systems. These may be for internal communications or with external
partners.
Policies and practices for storing, retrieving, accessing, retaining,
and disposing of records in the system:
Storage:
Data records are located at the hosting environment, and maintained
in user-authenticated, password-protected systems. All records are
accessed only by authorized personnel who have a need to access the
records in the performance of their official duties.
Retrievability:
Records are retrievable by name, PIN number or any other identifier
listed in the categories of records cited above.
Safeguards:
Additional administrative safeguards are provided through the use
of internal standard operating procedures in accordance with the FIPS-
201, and NIST 800-53 standards.
Retention and disposal:
Records are retained using the appropriate, approved National
Archives Records Administration--Schedules for the type of record being
maintained.
System manager(s) and address:
Jeffrey Anouilh, United States Agency for International
Development, 2733 Crystal Drive, 11th Floor, Arlington, VA 22202.
Notification procedures:
Individuals requesting notification of the existence of records on
them must send the request in writing to the Chief Privacy Officer,
USAID, 2733 Crystal Drive, 11th Floor, Arlington, VA 22202.
[[Page 11064]]
The request must include the requestor's full name, his/her current
address and a return address for transmitting the information. The
request shall be signed by either notarized signature or by signature
under penalty of perjury and reasonably specify the record contents
being sought.
Record access procedures:
Individuals wishing to request access to a record must submit the
request in writing according to the ``Notification Procedures'' above.
An individual wishing to request access to records in person must
provide identity documents, such as government-issued photo
identification, sufficient to satisfy the custodian of the records that
the requester is entitled to access.
Contesting record procedures:
An individual requesting amendment of a record maintained on
himself or herself must identify the information to be changed and the
corrective action sought. Requests must follow the ``Notification
Procedures'' above.
Record source categories:
The records contained in this system will be provided by and
updated by the individual who is the subject of the record.
Exemptions claimed for the system:
None.
[FR Doc. 2012-4192 Filed 2-23-12; 8:45 am]
BILLING CODE P