70 Fed. Reg. 68479 (Nov. 10, 2005)

Privacy Act of 1974; New Systems of Records

Download PDF

Federal RegisterNov 10, 2005

70 Fed. Reg. 68479 (Nov. 10, 2005)

AGENCY:

Occupational Safety and Health Review Commission.

ACTION:

Notice.

SUMMARY:

This notice announces proposed new systems of records, maintained by the Occupational Safety and Health Review Commission (Review Commission or OSHRC), in accordance with the Privacy Act of 1974, 5 U.S.C. 552a, as amended.

DATES:

Comments must be received by the Review Commission by December 12, 2005. The new and revised systems of records will become effective on January 9, 2006, without any further notice in the Federal Register, unless comments or government approval procedures necessitate otherwise.

ADDRESSES:

Submit any written comments to Ron Bailey, Attorney Advisor, Office of General Counsel, 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457.

FOR FURTHER INFORMATION CONTACT:

Ron Bailey, Attorney Advisor, Office of General Counsel, (202) 606-5410.

SUPPLEMENTARY INFORMATION:

On August 27, 2004, the President signed Homeland Security Presidential Directive (HSPD) 12, Policy for a Common Identification Standard for Federal Employees and Contractors. HSPD 12 requires the development and agency implementation of a mandatory, government-wide standard for secure and reliable forms of identification for Federal employees and contractors. On February 25, 2005, in accordance with HSPD 12, the United States Department of Commerce issued Federal Information Processing Standard Publication 201 (FIPS 201), Personal Identity Verification (PIV) of Federal Employees and Contractors. Part 1 of the standard (PIV I) requires the adoption and use of an approved identity proofing and registration process, see FIPS 201 sec. 2, and Part 2 (PIV II) requires the adoption and use of a PIV system that supports “a common (smart card-based) platform for identity authentication across Federal departments and agencies for access to multiple types of physical and logical access environments,” see FIPS 201 sec. 3. On August 5, 2005, in Memorandum M-05-24, the Office of Management and Budget (OMB) instructed agencies to implement PIV I by October 27, 2005.

In implementing PIV I, the Review Commission has created one new system of records, Personnel Security Records, and has determined that notice of a preexisting system of records, Identification Card Records, has not yet been published. In this notice, these systems of records are designated as OSHRC-7 and OSHRC-8, respectively.

OSHRC-7

SYSTEM NAME:

Personnel Security Records.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

The administrative office at each OSHRC location maintains the records for its employees and contractors. The central office is located at 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457. The branch offices are located at 100 Alabama Street, SW., Building 1924, Room 2R90, Atlanta, GA 30303-3104; and 1244 North Speer Boulevard, Room 250, Denver, CO 80204-3582.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

The system of records notice covers individuals who require long-term access to federally controlled buildings and federally controlled information systems. Specifically, the categories of individuals covered by this system of records include: (1) Federal employees, as defined under 5 U.S.C. 2105, within OSHRC; (2) individuals employed by, detailed to, or assigned to OSHRC; (3) short-term employees of OSHRC, whose terms are for 6 or more months; and (4) individuals under contract to OSHRC, requiring routine access to OSHRC's federally controlled facilities and/or federally controlled information systems.

Federally controlled buildings are defined in FIPS 201 as: (1) Federally owned buildings or leased space, whether for single or multi-tenant occupancy, and its grounds and approaches, all or any of which is under the jurisdiction, custody or control of a department or agency covered by HSPD 12; and (2) federally controlled commercial space shared with non-government tenants. Federally controlled information systems are defined by the Federal Security Management Act of 2002, 44 U.S.C. 3544(a)(1)(A)(ii), as “[i]nformation systems used or operated by an agency or by a contractor of an agency or other organization on behalf of an agency.”

CATEGORIES OF RECORDS IN THE SYSTEM:

The system of records contains a form, titled “Personal Identity Verification (PIV) Request for OSHRC Credential,” on which information relevant to the credentialing process is recorded. The form includes the following information about the individual being credentialed: (1) Name; (2) country of citizenship; (3) phone number; (4) birth date; (5) hair color, eye color, height, weight, and gender; (6) employment position (or position to which individual is to be hired) and work address; (7) e-mail address; (8) information gathered from identity source documents, including the name on the documents, the document numbers, the document titles, the issuers, and the expiration dates; and (9) the name, identifier, and expiration date on the credential issued by OSHRC. The form also includes the signature of the individual being credentialed, and the names, phone numbers, email addresses, and signatures of the various OSHRC employees responsible for sponsoring, registering, and issuing the credential.

The system of records also contains a passport-sized color photograph of each credentialed individual. And, once a National Agency Check with Written Inquiries (NACI) has been completed, a copy of the OFI-79A, which may include information regarding a credentialed individual's criminal history, is included in the system of records.

Other security forms, such as the Standard Form 85 and a fingerprint chart, are completed by each credentialed individual. However, these forms are forwarded to the Office of Personnel Management (OPM) by overnight/FedEx or by certified mail, return receipt requested, and copies of these forms will not be maintained in the system of records. Accordingly, these records are covered by OPM's notice for OPM/CENTRAL-9, Personnel Investigations Records, see 58 FR 19154, 19184, Apr. 12, 1993, and not by the instant notice.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Executive Orders 10450 and 10577; HSPD 12; FIPS 201; and OMB Memorandum M-05-24.

PURPOSE(S):

The categories of records contained in the system must be collected pursuant to the policy that OSHRC has developed to comply with HSPD 12. The purpose of this policy is to create a “reliable, government-wide PIV system for use in applications such as access to federally controlled facilities and information systems.” See FIPS 201 sec. 1.1.

The specific information collected by OSHRC allows OPM to conduct NACIs on those individuals being credentialed, assists OSHRC in verifying the identity of those for whom credentials have been requested, and provides OSHRC the necessary information to issue identification cards.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

See Blanket Routine Uses, 44 FR 18572, Mar. 28, 1979, and 53 FR 36142, Sept. 16, 1988. Also, as to the form titled “Personal Identity Verification (PIV) Request for OSHRC Credential,” and the file copy of the passport-sized photograph, this information is routinely used for the internal agency purpose of verifying the identity of the person applying for a PIV Card.

DISCLOSURE TO CONSUMER REPORTING

Not applicable.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Stored on paper in a file cabinet.

RETRIEVABILITY:

Records are retrievable by an individual's identification card number.

SAFEGUARDS:

Records are maintained in a file cabinet. During duty hours, the file cabinet is under surveillance of personnel charged with custody of the records and, after duty hours, the records are stored behind locked doors. Access to the cabinet is limited to personnel having a need for access to perform their official functions.

RETENTION AND DISPOSAL:

The records are maintained for 3 years after an employee's or contractor's final separation from OSHRC.

SYSTEM MANAGER(S) AND ADDRESS:

The Administrative Officer at the following OSHRC locations: 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457; 100 Alabama Street, SW., Building 1924, Room 2R90, Atlanta, GA 30303-3104; and 1244 North Speer Boulevard, Room 250, Denver, CO 80204-3582.

NOTIFICATION PROCEDURE:

Individuals interested in inquiring about their records should notify: Patricia Randle, Executive Director, OSHRC, 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457. For an explanation on how such requests should be drafted, refer to 29 CFR 2400.5 (notification), and 29 CFR 2400.6 (procedures for requesting records).

RECORD ACCESS PROCEDURES:

Individuals who wish to gain access to their records should notify: Patricia Randle, Executive Director, OSHRC, 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457. For an explanation on how such requests should be drafted, refer to 29 CFR 2400.6 (procedures for requesting records).

CONTESTING RECORD PROCEDURES:

Individuals who wish to contest their records should notify: Patricia Randle, Executive Director, OSHRC, 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457. For an explanation on the specific procedures for contesting the contents of a record, refer to 29 CFR 2400.7 (procedures for requesting amendment).

RECORD SOURCE CATEGORIES:

Information contained in the system is obtained from individuals subject to the credentialing process, OSHRC employees involved in the credentialing process, and investigative record materials furnished by OPM.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.

OSHRC-8

SYSTEM NAME:

Identification Card Records.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

The system of records notice covers individuals who require long-term access to federally controlled buildings. Specifically, the categories of individuals covered by this system of records include: (1) Federal employees, as defined under 5 U.S.C. 2105, within OSHRC; (2) individuals employed by, detailed to, or assigned to OSHRC; (3) short-term employees of OSHRC, whose terms are for 6 or more months; and (4) individuals under contract to OSHRC, requiring routine access to OSHRC's federally controlled facilities.

CATEGORIES OF RECORDS IN THE SYSTEM:

The system of records contains the following information regarding each identification card issued: (1) The name of the individual identified on the card; (2) the identification number associated with the card (the cards are numbered sequentially, starting at “1”); (3) the dates on which the card was issued and, if applicable, destroyed; and (4) whether the card was issued as a replacement. The system of records also contains memoranda verifying which identification cards have been lost or stolen.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Federal Property and Administrative Services Act of 1949, 40 U.S.C. 121(c); HSPD 12; FIPS 201; and OMB Memorandum M-05-24.

PURPOSE(S):

The categories of records contained in the system must be collected pursuant to the policy that OSHRC has developed to comply with HSPD 12. The purpose of this policy is to create a “reliable, government-wide PIV system for use in applications such as access to Federally controlled facilities and information systems.” See FIPS 201 sec. 1.1.

The system of records assists OSHRC in (1) Restricting access to OSHRC facilities, (2) ensuring positive identification of those who are permitted access, (3) maintaining a record of all holders of identification cards, and (4) identifying lost or stolen cards.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

See Blanket Routine Uses, 44 FR 18572, Mar. 28, 1979, and 53 FR 36142, Sept. 16, 1988. Also, the information in this system of records is routinely used to maintain a record of all holders of identification cards and to identify those cards that are lost or stolen.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:

Not applicable.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Stored on paper in a file cabinet.

RETRIEVABILITY:

Records are retrievable by (1) An individual's name, (2) the identification card number, and (3) the date on which the card was issued or destroyed.

SAFEGUARDS:

Records are maintained in a file cabinet. During duty hours, the file cabinet is under surveillance of personnel charged with custody of the records and, after duty hours, the records are stored in a locked file cabinet behind locked doors. Access to the cabinet is limited to personnel having a need for access to perform their official functions.

RETENTION AND DISPOSAL:

The records will be maintained for the life of the system of records.

SYSTEM MANAGER(S) AND ADDRESS:

NOTIFICATION PROCEDURE:

RECORD ACCESS PROCEDURES:

CONTESTING RECORD PROCEDURES:

Individuals who wish to contest their records should notify: Patricia Randle, Executive Director, OSHRC, 1120 20th Street, NW., Ninth Floor, Washington, DC 20036-3457. For an explanation on the specific procedures for contesting the content of a record, refer to 29 CFR 2400.7 (procedures for requesting amendment).

RECORD SOURCE CATEGORIES:

Information contained in the system is obtained from individuals who have been issued OSHRC identification cards.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.

Dated: November 3, 2005.

W. Scott Railton,

Chairman.

[FR Doc. 05-22409 Filed 11-9-05; 8:45 am]

BILLING CODE 7600-01-P