[Federal Register Volume 80, Number 187 (Monday, September 28, 2015)]
[Notices]
[Pages 58283-58286]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2015-24589]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[Docket No. DHS-2015-0038]


Privacy Act of 1974; Department of Homeland Security/ALL-019 
Payroll, Personnel, and Time and Attendance Records System of Records

AGENCY: Privacy Office, Department of Homeland Security.

ACTION: Notice of Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the Department of 
Homeland Security proposes to update and reissue a current Department 
of Homeland Security system of records notice titled, ``Department of 
Homeland Security/ALL-019 Payroll, Personnel and Time and Attendance 
Records System of Records.'' This system of records allows the 
Department of Homeland Security to collect and maintain records on 
current and former Department of Homeland Security employees to track 
time worked, leave, or other absences for reporting and compliance 
purposes, and also to ensure proper payment of salary and benefits. As 
a result of a biennial review of this system, records have been updated 
within the (1) category of records and (2) routine uses. Additionally, 
this notice includes non-substantive changes to simplify the formatting 
and texts of the previously published notice. This updated system will 
be included in the Department's inventory of record systems.

DATES: Submit comments on or before October 28, 2015. This new system 
will be effective October 28, 2015.

ADDRESSES: You may submit comments, identified by docket number DHS-
2015-0038 by one of the following methods:
     Federal e-Rulemaking Portal: http://www.regulations.gov. 
Follow the instructions for submitting comments.
     Fax: 202-343-4010.
     Mail: Karen L. Neuman, Chief Privacy Officer, Privacy 
Office, Department of Homeland Security, Washington, DC 20528-0655.
    Instructions: All submissions received must include the agency name 
and docket number for this rulemaking. All comments received will be 
posted without change to http://www.regulations.gov, including any 
personal information provided.
    Docket: For access to the docket, to read background documents, or 
comments received go to http://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT: For general or privacy questions 
please contact: Karen L. Neuman (202) 343-1717, Chief Privacy Officer, 
Privacy Office, Department of Homeland Security, Washington, DC 20528-
0655.

SUPPLEMENTARY INFORMATION: 

I. Background

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the 
Department of Homeland Security (DHS) proposes to update and reissue a 
current DHS system of records titled, ``DHS/ALL-019 Payroll, Personnel, 
and Time and Attendance Records System of Records.''
    This system helps DHS ensure proper payment of salary and benefits 
to DHS personnel and track time worked and leave or other absences 
(both excused and unexcused) for reporting and compliance purposes. The 
categories of records have been modified to include more specific 
details about information collected from current and former employees 
of DHS. In some instances, DHS Components may use a timekeeping system 
that relies on a hash identification number calculated from a finger 
scan. The hash identification number cannot be used to recreate a 
readable fingerprint to confirm the employee's identity. DHS is also 
modifying routine uses (A), (G), and (I) to provide greater clarity and 
non-substantive grammatical changes. DHS is amending the previous 
routine use (J) to eliminate a redundancy with 5 U.S.C. 552a (b)(11). 
New routine uses (P) through (Z) provide notice and transparency about 
external disclosures as part of the DHS payroll, time, and attendance 
process.
    Consistent with DHS's information sharing mission, information 
stored in the DHS/ALL-019 Payroll, Personnel, and Time and Attendance 
Records may be shared with other DHS Components that have a need to 
know the information to carry out their national security, law 
enforcement, immigration, intelligence, or other homeland security 
functions. In addition, DHS may share information with appropriate 
federal, state, local, tribal, territorial, foreign, and international 
government agencies, members of the public, and other entities 
consistent with the routine uses set forth in this system of records 
notice.
    This updated system will be included in DHS's inventory of record 
systems.

II. Privacy Act

    The Privacy Act embodies fair information principles in a statutory 
framework governing the means by which federal government agencies 
collect, maintain, use, and disseminate individuals' records. The 
Privacy Act applies to information that is maintained in a ``system of 
records.'' A ``system of records'' is a group of any records under the 
control of an agency from which information is retrieved by the name of 
an individual or by some identifying number, symbol, or other 
identifying particular assigned to the individual. In the Privacy Act, 
an individual is defined to encompass U.S. citizens and lawful 
permanent residents. This system covers that defined group, but as a 
matter of policy, DHS extends administrative Privacy Act protections to 
all individuals when systems of records maintain information on U.S. 
citizens, lawful permanent residents, and visitors. Below is the

[[Page 58284]]

description of the DHS/ALL-019 Payroll, Personnel, and Time and 
Attendance Records System of Records.
    In accordance with 5 U.S.C. 552a(r), DHS has provided a report of 
this revised system of records to the Office of Management and Budget 
and to Congress.
System of Records:
    Department of Homeland Security (DHS)/ALL-019

System name:
    DHS/ALL-019 Payroll, Personnel, and Time and Attendance Records.

Security classification:
    Unclassified.

System location:
    Records are maintained at several Headquarters locations; in 
Component offices of DHS, in both Washington, DC and at field 
locations; and at DHS contractual or other federal agency payroll 
service provider locations.

Categories of individuals covered by the system:
    Current and former employees of DHS.

Categories of records in the system:
    Categories of records in this system include:
    Payroll Records:
     Social Security number;
     Employee's name;
     Date of birth;
     Gender, Race/National Origin, and Disability Data;
     Address data such as home mailing address, email address, 
work address, etc.;
     Duty location;
     Position Data such as job title, occupational series, 
grade, step, pay plan, etc.;
     Awards and bonuses;
     Employment verification information;
     Education and training data;
     Military and veteran data;
     Taxes;
     Other deductions;
     Garnishments;
     Salary data;
     Retirement data;
     Pay period;
     Fiscal year data;
     Benefits; and
     Direct deposit information.
    Time and Attendance Records:
     Employee's name;
     Duty location such as work address or Port of Entry;
     Supervisor name;
     Timekeeper name;
     Position Data such as job title, occupational series, 
grade, step, pay plan;
     Fingerprint hash identification number calculated from a 
finger scan that cannot be used to recreate a readable fingerprint;
     Time-off awards or incentives;
     Number and type of hours worked. Type of hours worked may 
include:
    [ssquf] Regular Hours Worked;
    [ssquf] Regular law enforcement availability pay (LEAP);
    [ssquf] Overtime (including administratively uncontrollable 
overtime (AUO));
    [ssquf] Telework;
    [ssquf] Night Differential;
    [ssquf] Compensatory time earned and used;
    [ssquf] Compensatory travel earned and used;
    [ssquf] Training time;
    [ssquf] Tour of duty; and
    [ssquf] Military leave.
     All forms of leave requests, balances, and credits, 
including Leave Without Pay (LWOP);
     All other absence types, including Absent Without Leave 
(AWOL) and Suspension;
     Information necessary to administer any of the agency's 
voluntary leave transfer programs including leave donated or used and 
any supporting documentation from the leave requestor (which may 
include medical records);
     Any other forms of leave available to current and former 
employees of DHS;
     Investigative case title and tracking number (used to 
track time worked associated with a specific case); and
     Fair Labor Standards Act (FLSA) compensation.
    Data Reporting and Personnel and Pay Processing Tables
     Nature of action codes;
     Civil service authority codes;
     Standard remarks;
     Signature block table;
     Position title table;
     Financial organization table; and
     Salary tables.

Authority for maintenance of the system:
    31 U.S.C. 66a; 5 U.S.C. 5501 et seq., 5525 et seq., 5701 et seq., 
and 6301 et seq.; Executive Order 9397, as amended by Executive Order 
13478; Pub. L. 100-202, Pub. L. 100-440, and Pub. L. 101-509.

Purpose(s):
    The purpose of this system is to ensure proper payment of salary 
and benefits to DHS personnel, and to track time worked, leave, or 
other absences for reporting and compliance purposes.

Routine uses of records maintained in the system, including categories 
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C. 
Sec.  552a(b) of the Privacy Act, all or a portion of the records or 
information contained in this system may be disclosed outside DHS as a 
routine use pursuant to 5 U.S.C. Sec.  552a(b)(3) as follows:
    A. To the Department of Justice (DOJ), including Offices of the 
U.S. Attorneys, or other federal agencies conducting litigation or in 
proceedings before any court, adjudicative, or administrative body, 
when it is relevant or necessary to the litigation and one of the 
following is a party to the litigation or has an interest in such 
litigation:
    1. DHS or any Component thereof;
    2. Any employee or former employee of DHS in his or her official 
capacity;
    3. Any employee or former employee of DHS in his or her individual 
capacity when DOJ or DHS has agreed to represent the employee; or
    4. The U.S. Government or any agency thereof.
    B. To a congressional office from the record of an individual in 
response to an inquiry from that congressional office made at the 
request of the individual to whom the record pertains.
    C. To the National Archives and Records Administration (NARA) or 
General Services Administration pursuant to records management 
inspections being conducted under the authority of 44 U.S.C. Sec. Sec.  
2904 and 2906.
    D. To an agency or organization for the purpose of performing audit 
or oversight operations as authorized by law, but only such information 
as is necessary and relevant to such audit or oversight function.
    E. To appropriate agencies, entities, and persons when:
    1. DHS suspects or has confirmed that the security or 
confidentiality of information in the system of records has been 
compromised;
    2. DHS has determined that as a result of the suspected or 
confirmed compromise, there is a risk of identity theft or fraud, harm 
to economic or property interests, harm to an individual, or harm to 
the security or integrity of this system or other systems or programs 
(whether maintained by DHS or another agency or entity) that rely upon 
the compromised information; and
    3. The disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with DHS's efforts to 
respond to the suspected or confirmed compromise and prevent, minimize, 
or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants, 
and others performing or working on a contract, service, grant, 
cooperative

[[Page 58285]]

agreement, or other assignment for DHS, when necessary to accomplish an 
agency function related to this system of records. Individuals provided 
information under this routine use are subject to the same Privacy Act 
requirements and limitations on disclosure as are applicable to DHS 
officers and employees.
    G. To an appropriate federal, state, tribal, territorial, local, 
international, or foreign law enforcement agency or other appropriate 
authority charged with investigating or prosecuting a violation or 
enforcing or implementing a law, rule, regulation, or order, when a 
record, either on its face or in conjunction with other information, 
indicates a violation or potential violation of law, which includes 
criminal, civil, or regulatory violations and such disclosure is proper 
and consistent with the official duties of the person making the 
disclosure.
    H. To provide information to unions recognized as exclusive 
bargaining representatives under the Civil Service Reform Act of 1978, 
5 U.S.C. Sec. Sec.  7111 and 7114.
    I. To designated officers and employees of federal, state, tribal, 
territorial, local, or international agencies in connection with the 
hiring or continued employment of an individual, the conduct of a 
suitability or security investigation of an individual, the grant, 
renewal, suspension, or revocation of a security clearance, or the 
certification of security clearances, to the extent that DHS determines 
the information is relevant and necessary to the hiring agency's 
decision.
    J. To a court, magistrate, or administrative tribunal in the course 
of presenting evidence, including disclosures to opposing counsel or 
witnesses in the course of civil discovery, litigation, or settlement 
negotiations or in connection with criminal law proceedings.
    K. To the other federal agencies who provide payroll personnel 
processing services under a cross-servicing agreement for purposes 
relating to the conversion of DHS employee payroll and personnel 
processing services; the issuance of paychecks to employees and 
distribution of wages; and the distribution of allotments and 
deductions to financial and other institutions, some through electronic 
funds transfer.
    L. To federal, state, tribal, territorial, or local agencies for 
use in locating individuals and verifying their income sources to 
enforce child support orders, to establish and modify orders of 
support, and for enforcement of related court orders.
    M. To provide wage and separation information to another federal 
agency as required by law for payroll purposes.
    N. To the Office of Personnel Management, the Merit System 
Protection Board, Federal Labor Relations Authority, or the Equal 
Employment Opportunity Commission when requested in the performance of 
their authorized duties.
    O. To the Department of Labor in connection with a claim filed by 
an employee for compensation due to a job-connected injury or illness.
    P. To the Department of the Treasury to issue checks.
    Q. To State offices of unemployment compensation with survivor 
annuity or health benefits claims or records reconciliations.
    R. To Federal Employee's Group Life Insurance or Health Benefits 
carriers in connection with survivor annuity or health benefits claims 
or records reconciliations.
    S. To the Internal Revenue Service and State and local tax 
authorities for which an employee is or was subject to tax regardless 
of whether tax is or was withheld in accordance with Treasury Fiscal 
Requirements, as required.
    T. To officials of labor organizations recognized under 5 U.S.C. 
Chapter 71 for the purpose of providing information as to the identity 
of DHS employees contributing union dues each pay period and the amount 
of dues withheld from each contributor.
    U. To any source from which additional information is requested by 
DHS relevant to a DHS determination concerning an individual's pay, 
leave, or travel expenses, to the extent necessary to identify the 
individual, inform the source of the purpose(s) of the request, and to 
identify the type of information requested.
    V. To the Office of Management and Budget at any stage in the 
legislative coordination and clearance process in connection with 
private relief legislation as set forth in OMB Circular No. A-19.
    W. To the Social Security Administration and the Department of the 
Treasury to disclose pay data on an annual basis.
    X. To a federal agency or in response to a congressional inquiry 
when additional or statistical information is requested relevant to the 
DHS Transit Fare Subsidy Program.
    Y. To the Department of Health and Human Services for the purpose 
of providing information on new hires and quarterly wages as required 
under the Personal Responsibility and Work Opportunity Reconciliation 
Act of 1996.
    Z. To the news media and the public, with the approval of the Chief 
Privacy Officer in consultation with counsel, when there exists a 
legitimate public interest in the disclosure of the information or when 
disclosure is necessary to preserve confidence in the integrity of DHS 
or is necessary to demonstrate the accountability of DHS's officers, 
employees, or individuals covered by the system, except to the extent 
it is determined that release of the specific information in the 
context of a particular case would constitute an unwarranted invasion 
of personal privacy.

Disclosure to consumer reporting agencies:
    Pursuant to 5 U.S.C. Sec.  552a(b)(12): Disclosures may be made 
from this system to consumer reporting agencies as defined in the Fair 
Credit Reporting Act (15 U.S.C. Sec.  1681a(f)) or the Federal Claims 
Collection Act of 1966 (31 U.S.C. Sec.  3701(a)(3)).

Policies and practices for storing, retrieving, accessing, retaining, 
and disposing of records in the system:
Storage:
    DHS stores records in this system electronically or on paper in 
secure facilities in a locked drawer behind a locked door. The records 
are stored on magnetic disc, tape, and digital media.

Retrievability:
    DHS may retrieve records by an individual's name, Social Security 
number, position, organizational element, pay period, investigative 
case title or tracking number (for time worked associated with a 
specific case), and/or fiscal year.

Safeguards:
    DHS safeguards records in this system in accordance with applicable 
rules and policies, including all applicable DHS automated systems 
security and access policies. DHS has imposed strict controls to 
minimize the risk of compromising the stored information. DHS limits 
access to the computer system containing the records in this system to 
those individuals who have a need to know the information for the 
performance of their official duties and who have appropriate 
clearances or permissions.

Retention and disposal:
    In accordance with NARA General Records Schedule 2, Item 7, time 
and attendance records are destroyed after a Government Accountability 
Office audit or when six years-old; whichever is sooner. In accordance 
with NARA General Records Schedule 2, Item 1(b),

[[Page 58286]]

individual employee payroll records are destroyed when 56 years-old. In 
accordance with NARA General Records Schedule 1, Item 18, supervisor 
personnel files are reviewed annually and destroyed when a file is 
superseded/obsolete, or within one year after separation or transfer of 
an employee. Duplicate official personnel records are destroyed when 
six months-old.

System Manager and address:
    For DHS Headquarters, the System Manager is the Office of the Chief 
Human Capital Officer, Department of Homeland Security, Washington, DC 
20528. For Components of DHS, the System Manager is the respective 
Human Capital Officer of the component.

Notification procedure:
    Individuals seeking notification of and access to any record 
contained in this system of records, including DHS records hosted by 
another federal agency under a cross-servicing agreement for financial 
management services, or seeking to contest its content, may submit a 
request in writing to the Chief Privacy Officer and the Headquarters or 
Component's Freedom of Information Act (FOIA) Officer, whose contact 
information can be found at http://www.dhs.gov/foia-contact-information. If an individual believes more than one Component 
maintains Privacy Act records concerning him or her the individual may 
submit the request to the Chief Privacy Officer, Department of Homeland 
Security, 245 Murray Drive, SW., Building 410, STOP-0655, Washington, 
DC 20528-0655.
    When seeking records about yourself from this system of records or 
any other Departmental system of records your request must conform with 
the Privacy Act regulations set forth in 6 CFR part 5. You must first 
verify your identity, meaning that you must provide your full name, 
current address, and date and place of birth. You must sign your 
request, and your signature must either be notarized or submitted under 
28 U.S.C. 1746, a law that permits statements to be made under penalty 
of perjury as a substitute for notarization. While no specific form is 
required, you may obtain forms for this purpose from the Chief FOIA 
Officer on the Department's Web site at http://www.dhs.gov or by 
calling toll free 1-866-431-0486. In addition you should:
     Explain why you believe the Department would have 
information on you.
     Identify which Component(s) of the Department you believe 
may have the information about you.
     Specify when you believe the records would have been 
created.
     Provide any other information that will help the FOIA 
staff determine which DHS component agency may have responsive records.
    If your request is seeking records pertaining to another living 
individual, you must include a statement from that individual 
certifying his/her agreement for you to access his/her records.
    Without this bulleted information the Component(s) may not be able 
to conduct an effective search, and your request may be denied due to 
lack of specificity or lack of compliance with applicable regulations.

Record access procedures:
    See ``Notification procedure'' above.

Contesting record procedures:
    See ``Notification procedure'' above.

Record Source Categories:
    Records are obtained from the individual.

Exemptions claimed for the system:
    None.

    Dated: September 18, 2015.
Karen L. Neuman
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2015-24589 Filed 9-25-15; 8:45 am]
BILLING CODE 9110-9B-P