[Federal Register Volume 80, Number 107 (Thursday, June 4, 2015)]
[Notices]
[Pages 31905-31907]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-13701]
=======================================================================
-----------------------------------------------------------------------
GENERAL SERVICES ADMINISTRATION
[Notice-2015-ISP-01; Docket No. 2015-0002; Sequence 13]
Privacy Act of 1974; Notice of an Updated System of Records
AGENCY: General Services Administration.
ACTION: Updated notice.
-----------------------------------------------------------------------
SUMMARY: GSA proposes to update a system of records subject to the
Privacy Act of 1974, as amended, 5 U.S.C. 552a.
DATES: Effective: July 6, 2015.
ADDRESSES: GSA Privacy Act Officer (ISP), General Services
Administration, 1800 F Street NW., Washington, DC 20405.
FOR FURTHER INFORMATION CONTACT: Call the GSA Privacy Act Officer at
202-368-1852 or email [email protected].
SUPPLEMENTARY INFORMATION: GSA is updating a system of records subject
to the Privacy Act of 1974, 5 U.S.C. 552a. The updated system will
allow the public and GSA Users to utilize the Salesforce application
environment. Nothing in the notice will impact individuals' rights to
access or amend their records in the systems of records.
Dated: June 1, 2015.
James L. Atwater,
Director, Policy and Compliance Division, Office of the Chief
Information Officer.
GSA/CEO-1
SYSTEM NAME:
GSA's Customer Engagement Organization.
SYSTEM LOCATION:
The GSA Salesforce Customer Engagement Organization is hosted in
the salesforce.com cloud environment. Some employees and contractors
may download and store information from this system. Those copies are
located within the employees' or contractors' offices or on encrypted
workstations issued by GSA for individuals when they are out of the
office.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The categories of individuals covered by this system are:
(1) The public who have access, or are granted access, to specific,
minor applications in the salesforce.com environment in GSA, including
but not limited to, applicants for the childcare subsidy.
(2) Individuals collectively referred to as ``GSA Users'', which
are GSA
[[Page 31906]]
employed individuals who require routine access to agency information
technology systems, including federal employees, contractors, child
care workers and other temporary workers with similar access
requirements.
The system does not apply to or contain occasional visitors or
short-term guests not cleared for use under HSPD-12.
CATEGORIES OF RECORDS IN THE SYSTEM:
This system contains information needed for the functionality of
specific minor applications that are developed for GSA's implementation
of the Customer Engagement Organization on the salesforce.com platform.
This system contains the following information:
Full name.
Personal physical home address.
Personal home or mobile phone.
Personal email addresses.
U.S. citizenship status.
U.S. armed forces veteran status.
Current employer.
Optional links to social networking profiles.
Resume/CV.
Social Security Number.
Grade.
Work phone Number.
Total Income.
Number of dependent children.
Number of children on whose behalf the parent is applying for a
subsidy.
Information on child care providers used, including name, address,
provider license number and State where issued, tuition cost, and
provider tax identification number.
Copies of IRS Forms 1040 and 1040A for verification purposes.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301; 40 U.S.C. 11315; 44 U.S.C. 3506; E.O. 9397, as
amended; E-Government Act of 2002 (Pub. L. 107- 347); Pub. L. 106-58
(Title VI, Section 643); and Homeland Security Presidential Directive
12 (HSPD-12).
PURPOSES:
For the functionality and use of specific minor applications within
GSA's implementation of salesforce.com. Information may be collected to
meet the business requirements of the application, site, group or
instance. The new system will allow users to utilize the Salesforce
application environment used by GSA, and to establish and verify GSA
employees' and other agency employees' eligibility for child care
subsidies in order for GSA and other agencies to provide monetary
assistance to their employees.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
a. To a Member of Congress or to a Congressional staff member in
response to an inquiry of the Congressional office, made at the written
request of the constituent about whom the record is maintained.
b. To the National Archives and Records Administration (NARA) for
records management purposes.
c. To Agency contractors, grantees, consultants, or experts who
have been engaged to assist the agency in the performance of a Federal
duty to which the information is relevant.
d. To a Federal, State, local, foreign, or tribal or other public
authority, on request, in connection with the hiring or retention of an
employee, the issuance or retention of a security clearance, the
letting of a contract, or the issuance or retention of a license,
grant, or other benefit, to the extent that the information is relevant
and necessary to the requesting agency's decision.
e. To the Office of Management and Budget (OMB) when necessary to
the review of private relief legislation pursuant to OMB circular No.
A-19.
f. To designated Agency personnel for the purpose of performing an
authorized audit or oversight evaluation.
g. To the Office of Personnel Management (OPM), the Office of
Management and Budget (OMB), the Government Accountability Office
(GAO), or other Federal agencies when the information is required for
program evaluation purposes.
h. To appropriate agencies, entities, and persons when (1) the
Agency suspects or has confirmed that the security or confidentiality
of information in the system of records has been compromised; (2) the
Agency has determined that as a result of the suspected or confirmed
compromise there is a risk of harm to economic or property interests,
identity theft or fraud, or harm to the security or integrity of this
system or other systems or programs (whether maintained by GSA or
another agency or entity) that rely upon the compromised information;
(3) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with GSA's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
i. In any criminal, civil or administrative legal proceeding, where
pertinent, to which GSA, a GSA employee, or the United States or other
entity of the United States Government is a party before a court or
administrative body.
j. To an appeal, grievance, hearing, or complaints examiner; an
equal employment opportunity investigator, arbitrator, or mediator;
and/or an exclusive representative or other person authorized to
investigate or settle a grievance, complaint, or appeal filed by an
individual who is the subject of the record.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING
AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Computer records are stored on a secure server and accessed over
the Web via encryption software. Paper records, when created, are kept
in file folders and cabinets in secure rooms. When individuals download
information, it is kept on encrypted computers that are accessed using
PIV credentials. It is their responsibility to protect the data,
including compliance with 2180.1 CIO P, GSA Rules of Behavior for
Handling Personally Identifiable Information (PII).
RETRIEVABILITY:
Records are retrievable by a combination of first name and last
name. Group records are retrieved by organizational code or other
listed identifiers as configured in the application by the program
office for their program requirements, and may also be cross referenced
to Social Security Number.
SAFEGUARDS:
Cloud systems are authorized to operate separately by the GSA CIO
at the moderate level. All GSA Users utilize two-factor authentication
to access Google Apps and salesforce.com. Access is limited to
authorized individuals with passwords or keys. Computer records are
protected by a password system that is compliant with National
Institute of Standards and Technology standards. Paper records are
stored in locked metal containers or in secured rooms when not in use.
Information is released to authorized officials based on their need to
know.
RETENTION AND DISPOSAL:
Records are retained and disposed of according to GSA records
maintenance and disposition schedules, GSA Records Maintenance and
Disposition System (CIO P 1820.1), GSA 1820.2ADM, and requirements of
the National Archives and Records Administration.
SYSTEM MANAGER AND ADDRESS:
Division Director for Business Intelligence and Enterprise
Information
[[Page 31907]]
Management (BI&EIM), 1800 F Street NW., Washington, DC 20405.
NOTIFICATION PROCEDURE:
An individual can determine if this system contains a record
pertaining to him/her by sending a request in writing, signed, to the
System Manager at the above address. When requesting notification of or
access to records covered by this notice, an individual should provide
his/her full name, date of birth, region/office, and work location. An
individual requesting notification of records in person must provide
identity documents sufficient to satisfy the custodian of the records
that the requester is entitled to access.
RECORD ACCESS PROCEDURES:
Individuals wishing to access their own records should contact the
System Manager at the address above.
CONTESTING RECORD PROCEDURES:
Rules for contesting the content of a record and appealing a
decision are contained in 41 CFR 105-64.
RECORD SOURCE CATEGORIES:
The sources for information in the system are the individuals about
whom the records are maintained, the supervisors of those individuals,
existing GSA systems, a sponsoring agency, a former sponsoring agency,
other Federal agencies, contract employers, or former employers.
Information is provided by GSA employees who apply for child care
subsidies. Furnishing of the information is voluntary.
[FR Doc. 2015-13701 Filed 6-3-15; 8:45 am]
BILLING CODE 6820-38-P