[Federal Register Volume 78, Number 251 (Tuesday, December 31, 2013)]
[Notices]
[Pages 79694-79696]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2013-31308]
=======================================================================
-----------------------------------------------------------------------
GENERAL SERVICES ADMINISTRATION
[Notice-CIB-2013-08; Docket No. 2013-0002; Sequence No. 35]
Privacy Act of 1974; Notice of an Updated System of Records
AGENCY: General Services Administration.
ACTION: Notice.
-----------------------------------------------------------------------
[[Page 79695]]
SUMMARY: GSA reviewed its Privacy Act systems to ensure that they are
relevant, necessary, accurate, up-to-date, and covered by the
appropriate legal or regulatory authority.
DATES: Effective: January 30, 2014.
ADDRESSES: GSA Privacy Act Officer (ISP), U.S. General Services
Administration, 1800 F Street NW., Washington, DC 20405.
FOR FURTHER INFORMATION CONTACT: Call or email the GSA Privacy Act
Officer: Telephone 202-208-1317; email [email protected].
SUPPLEMENTARY INFORMATION: GSA completed an agency-wide review of its
Privacy Act systems of records. As a result of the review, GSA is
publishing an updated Privacy Act system of records notice. A new
routine use was added under the Routine Use Section (Item e) to allow
GSA to send reports, data, and information directly to a client
agency's contract employees.
Nothing in the revised system notice indicates a change in
authorities or practices regarding the collection and maintenance of
information, nor does the changes impact individuals' rights to access
or amend their records in the system of records.
Dated: December 19, 2013.
James L. Atwater,
Director, Human Resources Information Technology (HRIT) Services
Division (IBH).
GSA/PPFM-11
SYSTEM NAME:
Pegasys.
SYSTEM LOCATION:
Pegasys records and files are maintained in the Phoenix Data Center
(PDC), with records also stored in the Washington, DC, Central Office;
Ft. Worth regional office; and Kansas City regional office.
INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by Pegasys include GSA vendors and Federal
employees.
RECORDS IN THE SYSTEM:
Pegasys contains records and files pertaining to financial
information; therefore, these files and records contain the following
privacy data: Social Security Number (SSN); Employee address; Banking
information; Credit card number.
AUTHORITY FOR MAINTAINING THE SYSTEM:
The Chief Financial Officers Act of 1990 (Pub. L. 101-576), as
amended.
PURPOSE:
Pegasys is the GSA core financial management system of records to
make payments and record accounting transactions. This includes funds
management (budget execution and purchasing), credit cards, accounts
payable, disbursements, standard general ledger, and reporting. It is
part of a shared-services financial operation providing a commercial
off-the-shelf (COTS) financial system (in a private-vendor hosted
environment), financial transaction processing, and financial analysis
for its main business lines of Federal supplies and technology, public
buildings, and general management and administration offices. GSA also
utilizes this shared-service operation to cross-service multiple
external client agencies.
ROUTINE USES OF THE SYSTEM RECORDS, INCLUDING CATEGORIES OF USERS AND
THEIR PURPOSE FOR USING THE SYSTEM:
System information accessed by Pegasys may be used by designated
finance center employees and their supervisors, along with designated
analysts and managers. System information also may be used:
a. In any legal proceeding, where pertinent, to which GSA is a
party before a court or administrative body.
b. To conduct investigations, by authorized officials, that are
investigating or settling a grievance, complaint, or appeal filed by an
individual who is the subject of the record.
c. To a Federal agency in connection with the hiring or retention
of an employee; the issuance of a security clearance; the reporting of
an investigation; the letting of a contract; or the issuance of a
grant, license, or other benefit to the extent that the information is
relevant and necessary to a decision.
d. To the U.S. Office of Personnel Management (OPM), the Office of
Management and Budget (OMB), or the U.S. Government Accountability
Office (GAO) when the information is required for program evaluation
purposes.
e. To an expert, consultant, or contractor of GSA in the
performance of a Federal duty to which the information is relevant; to
a board, committee, commission, or small agency receiving
administrative services from GSA to which the information relates; or
an expert, consultant, or contractor of a board, committee, commission,
or small agency receiving administrative services from GSA to which the
information relates in the performance of a Federal duty to which the
information is relevant.
f. To the National Archives and Records Administration (NARA) for
records management purposes.
g. To appropriate agencies, entities, and persons when (1) the
Agency suspects or has confirmed that the security or confidentiality
of information in the system of records has been compromised; (2) the
Agency has determined that as a result of the suspected or confirmed
compromise there is a risk of harm to economic or property interests,
identity theft or fraud, or harm to the security or integrity of this
system or other systems or programs (whether maintained by GSA or
another agency or entity) that rely upon the compromised information;
and (3) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with GSA's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING,
AND DISPOSING OF SYSTEM RECORDS:
STORAGE:
All records and files in Pegasys are stored electronically in a
password-protected database format.
RETRIEVAL:
Information on individuals contained in Pegasys records and files
are retrievable by name or vendor number.
SAFEGUARDS:
Pegasys records and files are safeguarded in accordance with the
requirements of the Privacy Act. Access is limited to authorized
individuals with passwords, and the database is maintained behind a
certified firewall. Information on individuals is released only to
authorized persons on a need-to-know basis and in accordance with the
provisions of the purpose or a routine use. This system undergoes
frequent testing and is certified and accredited for operation.
Periodic Privacy Impact Assessments are performed as well to ensure the
adequacy of security controls to protect personally identifiable
information.
RETENTION AND DISPOSAL:
Pegasys records and files are retained and disposed of according to
GSA records maintenance and disposition schedules and the requirements
of the National Archives and Records Administration (NARA).
SYSTEM MANAGER AND ADDRESS:
Director, Financial Management Systems Operations and Maintenance
Division (IBA), U.S. General Services Administration, 1800 F Street
NW., Washington, DC 20405.
[[Page 79696]]
NOTIFICATION PROCEDURE:
Individuals wishing to inquire if the system contains information
about them should contact the Pegasys system manager.
RECORD ACCESS PROCEDURE:
Requests for access may be directed to the Pegasys system manager.
RECORD CONTESTING PROCEDURE:
GSA rules for accessing records, for contesting the contents, and
appealing initial decisions are in 41 CFR part 105-64, published in the
Federal Register.
RECORD SOURCES:
The sources for information in Pegasys are the individuals about
whom the records are maintained, the supervisors of those individuals,
and existing agency systems.
[FR Doc. 2013-31308 Filed 12-30-13; 8:45 am]
BILLING CODE 6820-34-P