Privacy Act of 1974; Notice of Updated Systems of Records

AGENCY:

General Services Administration.

ACTION:

Notice.

SUMMARY:

GSA reviewed its Privacy Act systems to ensure that they are relevant, necessary, accurate, up-to-date, covered by the appropriate legal or regulatory authority, and compliant with OMB M-07-16. This notice is an updated Privacy Act system of records notice.

DATES:

Effective July 6, 2009.

FOR FURTHER INFORMATION CONTACT:

Call or e-mail the GSA Privacy Act Officer: telephone 202-208-1317; e-mail gsa.privacyact@gsa.gov.

ADDRESSES:

GSA Privacy Act Officer (CIB), General Services Administration, 1800 F Street NW., Washington, DC 20405.

SUPPLEMENTARY INFORMATION:

GSA completed an agency wide review of its Privacy Act systems of records. As a result of the review, GSA is publishing an updated Privacy Act system of records notice. Nothing in the revised system notice indicates a change in authorities or practices regarding the collection and maintenance of information, nor do the changes impact individuals' rights to access or amend their records in the system of records. The updated system notice makes administrative changes to the system notice, and ensures compliance with the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004 and the subsequent DHS/TSA Secure Flight Program regarding the collection of relevant personal data.

GSA/GOVT-4

SYSTEM NAME:

Contracted Travel Services Program.

SYSTEM LOCATION:

System records are located at the service providers under contract with a Federal agency and at the Federal agencies using the contracts.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals covered by the system are Federal employees authorized to perform official travel and individuals being provided travel by the Federal Government.

CATEGORIES OF RECORDS IN THE SYSTEM:

System records may include a traveler's profile containing: Full name of individual which matches the name on the form of ID used for travel; Social Security Number; employee identification number; home and office telephones; home address; home and office e-mail addresses; emergency contact name and telephone number; agency name, address, and telephone number; air travel preference; rental car identification number and car preference; hotel preference; current passport and/or visa number(s); credit card numbers and related information; bank account information needed for electronic funds transfer; frequent traveler account information (e.g., frequent flyer account numbers); date of birth; gender; redress number (number DHA assigns to passenger to promote resolution with previous watch list alerts); known traveler number (passenger number DHS utilizes to facilitate passenger clearance); trip information (e.g., destinations, reservation information); travel authorization information; travel claim information; monthly reports from travel agent(s) showing charges to individuals, balances, and other types of account analyses; and other official travel related information.

AUTHORITIES FOR MAINTENANCE:

31 U.S.C. 3511, 3512, and 3523; 5 U.S.C. Chapter 57; and implementing Federal Travel Regulations (41 CFR Chapters 300-304).

PURPOSE:

To establish a comprehensive beginning-to-end travel services system containing information to enable travel service providers under contract to the Federal Government to authorize, issue, and account for travel and travel reimbursements provided to individuals on official Federal Government business.

ROUTINE USES OF THE SYSTEM RECORDS, INCLUDING CATEGORIES OF USERS AND THEIR PURPOSES FOR USING THE SYSTEM:

a. To another Federal agency, Travel Management Center (TMC), online booking engine suppliers and the airlines that are required to support the DHS/TSA Secure Flight program. In this program, DHS/TSA assumes the function of conducting pre-flight comparisons of airline passenger information to Federal Government watch lists. In order to supply the appropriate information, these mentioned parties are responsible for obtaining new data fields consisting of personal information for date of birth, gender, redress number, and known traveler number. At this time, the redress number is optional and the known traveler number is for future programs. They may be required to be stored in another phase of the Secure Flight program.

b. To a Federal, State, local, or foreign agency responsible for investigating, prosecuting, enforcing, or carrying out a statute, rule, regulation, or order, where agencies become aware of a violation or potential violation of civil or criminal law or regulation.

c. To another Federal agency or a court when the Federal Government is party to a judicial proceeding.

d. To a Member of Congress or staff on behalf and at the requests of the individual who is the subject of the record.

e. To a Federal agency employee, expert, consultant, or contractor in performing a Federal duty for purposes of authorizing, arranging, and/or claiming reimbursement for official travel, including, but not limited to, traveler profile information.

f. To a credit card company for billing purposes, including collection of past due amounts.

g. To an expert, consultant, or contractor in the performance of a Federal duty to which the information is relevant.

h. To a Federal agency by the contractor in the form of itemized statements or invoices, and reports of all transactions, including refunds and adjustments to enable audits of charges to the Federal Government.

i. To a Federal agency in connection with the hiring or retention of an employee; the issuance of a security clearance; the reporting of an investigation; the letting of a contract; or the issuance of a grant, license, or other benefit to the extent that the information is relevant and necessary to a decision.

j. To an authorized appeal or grievance examiner, formal complaints examiner, equal employment opportunity investigator, arbitrator, or other duly authorized official engaged in investigation or settlement of a grievance, complaint, or appeal filed by an employee to whom the information pertains.

k. To the Office of Personnel Management (OPM), the Office of Management and Budget (OMB), or the Government Accountability Office (GAO) when the information is required for program evaluation purposes.

l. To officials of labor organizations recognized under 5 U.S.C. chapter 71 when relevant and necessary to their duties of exclusive representation concerning personnel policies, practices, and matters affecting working conditions.

m. To a travel services provider for billing and refund purposes.

n. To a carrier or an insurer for settlement of an employee claim for loss of or damage to personal property incident to service under 31 U.S.C. 3721, or to a party involved in a tort claim against the Federal Government resulting from an accident involving a traveler.

o. To a credit reporting agency or credit bureau, as allowed and authorized by law, for the purpose of adding to a credit history file when it has been determined that an individual's account with a creditor with input to the system is delinquent.

p. Summary or statistical data from the system with no reference to an identifiable individual may be released publicly.

q. To the National Archives and Records Administration (NARA) for records management purposes.

r. To appropriate agencies, entities, and persons when (1) The Agency suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by GSA or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with GSA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF SYSTEM RECORDS:

STORAGE:

Paper records are stored in file cabinets. Electronic records are maintained within a computer (e.g., PC, server, etc.) and attached equipment.

RETRIEVABILITY:

Paper records are filed by a traveler's name and/or Social Security Number/employee identification number at each location. Electronic records are retrievable by any attribute of the system.

SAFEGUARDS:

Paper records are stored in lockable file cabinets or secured rooms. Electronic records are protected by a password system and a FIPS 140-2 compliant encrypted Internet connection. Information is released only to authorized users and officials on a need-to-know basis.

RETENTION AND DISPOSAL:

Records kept by a Federal agency are maintained in accordance with the General Records Retention Schedules issued by the National Archives and Records Administration (NARA) or an agency and NARA approved records disposition schedule.

SYSTEM MANAGER AND ADDRESS:

Director, Office of Travel and Transportation Services (QMC), General Services Administration, Federal Acquisition Service, Room 300, 2200 Crystal Drive, Arlington, VA 22202.

NOTIFICATION PROCEDURE:

Inquiries from individuals should be addressed to the appropriate administrative office for the agency that is authorizing and/or reimbursing their travel.

RECORDS ACCESS PROCEDURES:

Requests from individuals should be addressed to the appropriate administrative office for the agency that is authorizing and/or reimbursing their travel. Individuals must furnish their full name and/or Social Security Number to the authorizing agency for their records to be located and identified.

CONTESTING RECORD PROCEDURES:

Individuals wishing to request amendment of their records should contact the appropriate administrative office for the agency that authorized and/or reimbursed their travel. Individuals must furnish their full name and/or Social Security Number along with the name of the authorizing agency, including duty station where they were employed at the time travel was performed.

RECORD SOURCES CATEGORIES:

The sources are the individuals themselves, employees, travel authorizations, credit card companies, and travel service providers.