Privacy Act of 1974; System of Records

AGENCY:

Corporation for National and Community Service.

ACTION:

Notice of a new system of records (SORN).

SUMMARY:

In accordance with the Privacy Act of 1974, as amended, the Corporation for National and Community Service (CNCS, operating as AmeriCorps) is issuing a public notice of its intent to create the AmeriCorps Privacy Act system of records “Personal Health and Religious Information.” This system of records maintains personal health and religious information collected in response to (1) medical-based and religious-based reasonable accommodation requests; (2) public health emergency or similar health and safety incidents, such as a pandemic, epidemic, or man-made emergency; and/or (3) any other lawful collection of health-related information that is necessary to ensure a safe and healthy environment for individuals who are occupying AmeriCorps facilities, attending AmeriCorps-sponsored events, participating in AmeriCorps programs, or otherwise engaged in official business on behalf of the agency. The system of records will assist the agency in the collection, storing, dissemination, and disposal of personal health and religious information collected and maintained by the agency.

DATES:

This new system will be effective upon publication. New or modified routine uses will be effective December 20, 2021. Submit comments on or before December 20, 2021.

ADDRESSES:

Commenters are strongly encouraged to submit public comments electronically. AmeriCorps expects to have limited personnel available to process public comments that are submitted on paper through mail. Until further notice, any comments submitted on paper will be considered only to the extent practicable. All submissions must include the agency's name (AmeriCorps) and reference this notice. You may submit comments, identified by system name and number via any of the following methods:

1. Electronically through regulations.gov . Once you access regulations.gov , locate the web page for this System of Records Notice (SORN) by searching for CNCS-10-CEO-PHRI-Personal Health and Religious Information. If you upload any files, please make sure they include your first name, last name, and the name of the proposed SORN.

2. By email at privacy@cns.gov .

3. By mail: AmeriCorps, Attn: Chief Privacy Officer, OIT, 250 E Street SW, Washington, DC 20525.

4. By hand delivery or courier to AmeriCorps at the address for mail between 9:00 a.m. and 4:00 p.m. Eastern Standard Time, Monday through Friday, except for Federal holidays.

Please note that all submissions received may be posted without change to the agency's website and to regulations.gov , including any personal information.

FOR FURTHER INFORMATION CONTACT:

Ayanna McKinnon, Office of General Counsel, 202-914-8966, amckinnon@cns.gov or Bilal Razzaq, Chief Privacy Officer and Chief Information Security Officer, 202-948-9711, brazzaq@cns.gov. If you have general questions about the system of record, you may email them to privacy@cns.gov or mail them to the address in the ADDRESSES section above. Please include the system of record's name and number.

SUPPLEMENTARY INFORMATION:

Additional information about AmeriCorps is available at https://americorps.gov/.

I. Background

AmeriCorps will maintain the “Personal Health and Religious Information” system of records. AmeriCorps is committed to providing all employees (including political appointees, career employees, detailees, and interns), applicants and candidates for employment, contractors, national service members, volunteers, applicants and candidates for AmeriCorps national service programs, and occupants of, and visitors to, its facilities, with a safe and healthy environment. To ensure and maintain the safety of all parties during standard operations and public health emergencies or similar health and safety incidents, such as a pandemic, epidemic, or man-made emergency, AmeriCorps may develop and institute additional safety measures that require the collection of personal health or religious information, as applicable.

AmeriCorps is committed to providing medical-based reasonable accommodation to qualified AmeriCorps employees and applicants for employment, pursuant to section 501 of the Rehabilitation Act of 1973, as amended, unless doing so would cause undue hardship. AmeriCorps is also committed to complying with Executive 14043, Requiring Coronavirus Disease 2019 Vaccination, which requires Federal agencies to collect employee health information related to the Coronavirus 2019 (hereafter “COVID-19). AmeriCorps may develop and institute additional measures that require the collection of personal health information.

Additionally, AmeriCorps is committed to ensuring grantee and sponsor compliance in providing reasonable accommodation to qualified AmeriCorps national service applicants, candidates, members and volunteers, unless doing so would cause undue hardship, pursuant to section 504 of the Rehabilitation Act of 1973, as amended, and section 175 of the National and Community Service Act of 1990, as amended, and section 417 of the Domestic Volunteer Service Act of 1973, as amended.

Moreover, pursuant to Title VII of the Civil Rights Act of 1964, as amended, AmeriCorps is committed to providing reasonable accommodation to AmeriCorps employees (including political appointees, career employees, detailees, interns, and applicants and candidates for employment) based on religion or religious belief, unless doing so would cause undue hardship. Also, AmeriCorps is committed to ensuring grantee and sponsor compliance in providing religious-based reasonable accommodation to AmeriCorps national service applicants, candidates, members and volunteers, unless doing so would cause undue hardship, pursuant to section 175 of the National and Community Service Act of 1990, as amended, and section 417 of the Domestic Volunteer Service Act of 1973, as amended.

AmeriCorps may collect medical-based and religious-based reasonable accommodation requests for AmeriCorps employees (including political appointees, career employees, detailees, and interns), applicants and candidates for employment, contractors, national service members and volunteers, and applicants and candidates for AmeriCorps national service programs.

In addition, in response to public health emergencies, including a pandemic or epidemic, AmeriCorps may collect health related information (including but not limited to vaccination status and proof of vaccination status) for AmeriCorps employees (including political appointees, career employees, detailees, and interns), applicants and candidates for employment, contractors, national service members, volunteers, applicants and candidates for AmeriCorps national service programs, and visitors to AmeriCorps facilities, as necessary to ensure a safe and healthy work environment.

Information will be collected, maintained, and disclosed in accordance with applicable law, regulations, and statutes, including, but not limited to, the Rehabilitation Act, the Genetic Information Nondiscrimination Act, the Executive Order 14043, and regulations and guidance published by the U.S. Occupational Safety and Health Administration, the U.S. Equal Employment Opportunity Commission, and the U.S. Centers for Disease Control and Prevention, the Office of Management and Budget, Safer Federal Workforce Taskforce, or other relevant entities. This newly established system will be included in the AmeriCorps inventory of record systems.

A report of this system of records has been sent to Congress and the Office of Management and Budget.

II. Privacy Act

The Privacy Act of 1974, as amended, embodies fair information practice principles in a statutory framework governing how Federal agencies collect, maintain, use, and disseminate individuals' records. The Privacy Act applies to records about individuals that are maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. The Privacy Act defines an individual as a United States citizen or lawful permanent resident. Individuals may request access to their own records that are maintained in a system of records in the possession or under the control of AmeriCorps by complying with Privacy Act regulations at 43 CFR part 2, subpart K, and following the procedures outlined in the Records Access, Contesting Record, and Notification Procedures sections of this notice.

The Privacy Act requires each agency to publish in the Federal Register a description denoting the existence and character of each system of records that the agency maintains, and the routine uses of each system. The “Personal Health and Religious Information” system of records notice is published in its entirety below. In accordance with 5 U.S.C. 552a(r), AmeriCorps has provided a report of this system of records to the Office of Management and Budget and to Congress.

III. Public Participation

You should be aware your entire comment including your personally identifiable information, such as your address, phone number, email address, or any other personal information in your comment, may be made publicly available at any time. While you may request to withhold your personally identifiable information from public review, we cannot guarantee we will be able to do so.

SYSTEM NAME AND NUMBER:

CNCS-10-CEO-PHRI, Personal Health and Religious Information (PHRI).

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

CEO Immediate Office, Corporation for National and Community Service, 250 E Street SW, Suite 300, Washington, DC 20525.

SYSTEM MANAGER(S):

CEO Immediate Office, Corporation for National and Community Service, 250 E Street SW, Suite 300, Washington, DC 20525.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

The authority to collect this information derives from Title VII of the Civil Rights Act of 1964, as amended, sections 501 and 504 of the Rehabilitation Act of 1973, as amended, section 175 of the National and Community Service Act of 1990, as amended, and section 417 of the Domestic Volunteer Service Act of 1973, as amended. The substantive standards of the Americans with Disabilities Act of 1990, as amended (42 U.S.C. 12101 et seq. ) apply to the Federal Government through the Rehabilitation Act. (29 U.S.C. 791 et seq. ). Additional authority is derived from 5 U.S.C. chapters 11 and 79, and in discharging the functions directed under Executive Order 14043, Requiring Coronavirus Disease 2019 Vaccination for Federal Employees (Sept. 9, 2021), Executive Order 14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors (Sept. 2, 2021), Executive Order 13163, Increasing Opportunity for Individuals With Disabilities To Be Employed in the Federal Government (Jul. 26, 2000), and Executive Order 13164, Requiring Federal Agencies to Establish Procedures to Facilitate the Provision of Reasonable Accommodation (Jul. 26, 2000).

PURPOSE(S) OF THE SYSTEM:

AmeriCorps' Equal Employment Opportunity Program (EEOP) proposes to collect this information to maintain personal health and religious information collected in response to (1) medical-based and religious-based reasonable accommodation requests; (2) public health emergency or similar health and safety incidents, such as a pandemic, epidemic, or man-made emergency; and/or (3) any other lawful collection of health-related information that is necessary to ensure a safe and healthy environment for individuals who are occupying AmeriCorps facilities, attending AmeriCorps-sponsored events, participating in AmeriCorps programs, or otherwise engaged in official business on behalf of the agency. The system will assist the agency in the collection, storing, dissemination, and disposal of personal health and religious information collected and maintained by the agency.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals covered by the system include all AmeriCorps employees (including political appointees, career employees, detailees, and interns), applicants and candidates for employment, contractors, national service members, volunteers, applicants and candidates for AmeriCorps national service programs, and visitors to AmeriCorps facilities. This includes authorized individuals or representatives who file a request for a reasonable accommodation on behalf of any of the above-referenced parties.

CATEGORIES OF RECORDS IN THE SYSTEM:

The personal health and religious information records system may contain some or all of the following information: General personal information including, but not limited to, the name, address, social security number, maiden name, place of birth, financial information, alias, gender, telephone number, military service, age, email address, physical characteristics, race/ethnicity, education, other contact information, and medical information including vaccination status; reasonable accommodation requests, including requestor's name and contact information (if different than the employee/service member who needs an accommodation); date request was initiated; information concerning the nature of the disability and the need for accommodation, including appropriate medical documentation and other supporting documents; information concerning religious affiliation, the nature of the sincerely held religious belief, practice, or observance, and the need for accommodation, including any appropriate documentation; details of the accommodation requests, such as: Type of accommodation requested, how the requested accommodation would assist the individual in the performance of their job, essential duties of the position, information relating to an individual's capability to satisfactorily perform the duties of the position currently held, estimated cost of accommodation, action by deciding official, and other supporting documents relating to reasonable accommodation, the sources of technical assistance consulted in trying to identify alternative reasonable accommodation, any additional information provided by the requestor related to the processing of the request, and whether the request was approved or denied, and whether the accommodation was approved for a trial period; and notification(s) to the employee/service member and his/her supervisor(s) regarding the accommodation. These records may also contain work-related data, including but not limited to service information, occupation, telephone number, salary, job title, email address, work history, work address, business associates, and/or program office to which the employee is assigned.

RECORD SOURCE CATEGORIES:

Records in this system are obtained directly from employees (including political appointees, career employees, detailees, and interns), applicants and candidates for employment, contractors, national service members, volunteers, applicants and candidates for AmeriCorps national service programs, or any family member, health professional, or other person responding to an information request as a representative of any of the above-referenced parties, or visitors when obtaining necessary health information; therefore, the accuracy is ensured by collecting the information from the source who may be required to certify under penalty of perjury that the information is true and accurate to the best of their knowledge.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside AmeriCorps as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

A. A record from this system of records may be disclosed as a routine use to a prospective employer of a Government employee. Upon transfer of the employee to another Federal agency, the information is transferred to such agency.

B. A record from this system of records may be disclosed as a routine use to provide information to the OPM and/or MSPB for review, audit, or reporting purposes.

C. To the appropriate Federal, State, or local agency responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order where the record, either alone or in conjunction with other information, indicates a violation or potential violation of a civil or criminal law or regulation.

D. To other federal agencies if required to operate a jointly managed national service program and manage those members.

E. To the Office of the President, a Member of Congress, or their personnel in response to a request made on behalf of, and at the request of, the individual who is the subject of the record. These advocates will receive the same records that individuals would have received if they filed their own request.

F. To another Federal agency or a party in litigation before a court or in an administrative proceeding being conducted by a Federal agency, when the Government is a party to the judicial or administrative proceeding, and such information is the subject of a court order directing disclosure or deemed by AmeriCorps to be relevant and necessary to the litigation.

G. To NARA's Office of Government Information Services so that it may review agency compliance with the Freedom of Information Act of 1967, as amended, (FOIA) provide mediation services to resolve FOIA disputes, and identify policies and procedures for improving FOIA compliance, and to the extent necessary to fulfill its responsibilities as required by 5 U.S.C. 552(h)(2)(A-B) and (3).

H. By AmeriCorps, in the production of summary descriptive statistics and analytical studies in support of the function for which the records are collected and maintained, or for related workforce studies. While published statistics and studies do not contain individual identifiers, in some instances, the selection of elements of data included in the study may be structured in such a way as to make the data individually identifiable by inference.

I. A record from this system of records may be disclosed as a routine use to provide information to the OPM and/or MSPB for review, audit, or reporting purposes.

J. A record from this system of records may be disclosed as a routine use to AmeriCorps-paid experts or consultants, and those under contract with the AmeriCorps on a “need-to-know” basis for a purpose within the scope of the pertinent AmeriCorps task. This access will be granted to an AmeriCorps contractor or employee of such contractor by a system manager only after satisfactory justification has been provided to the system manager.

K. The United States, when AmeriCorps determines that litigation is likely to affect AmeriCorps or any of its components, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice or AmeriCorps is deemed by AmeriCorps to be relevant and necessary to the litigation.

L. To disclose information to officials of the Merit Systems Protection Board or the Office of the Special Counsel, when requested in connection with appeals, special studies of the civil service and other merit systems, review of OPM rules and regulations, investigations of alleged or possible prohibited personnel practices, and such other functions as promulgated in 5 U.S.C. 1205 and 1206, or as may be authorized by law.

M. To disclose information to the U.S. Equal Employment Opportunity Commission when requested in connection with investigations into alleged or possible discrimination practices in the Federal sector, examination of Federal affirmative employment programs, compliance by Federal agencies with the Uniform Guidelines of Employee Selection Procedures, or other functions vested in the Commission.

N. To disclose information to the Federal Labor Relations Authority or its General Counsel when requested in connection with investigations of allegations of unfair labor practices of matters before the Federal Service Impasses Panel.

O. To disclose information to the Office of Management and Budget at any stage of the legislative coordination and clearance process in connection with private relief legislation as set forth in OMB circular No. A-19.

P. To provide authorized AmeriCorps officials, vendors or staff members information needed in the performance of official duties related to succession planning, workforce analysis, skills gap closure, training and development, or recruitment and retention.

Q. To authorized contractors, vendors, grantees, or volunteers performing or working on a contract, service, grant, cooperative agreement, or job for AmeriCorps or the Federal government that is in the performance of a Federal duty to which the information is deemed relevant.

R. To disclose to a requesting Federal agency, information in connection with the hiring, retention, separation, or retirement of an employee; the issuance of a security clearance; the reporting of an investigation of an employee; the letting of a contract; the classification of a job; or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that AmeriCorps determines that the information is relevant and necessary to the requesting party's decision on the matter.

S. To an appeal, grievance, hearing, or complaints examiner; an equal opportunity investigator, arbitrator, or mediator; and an exclusive representative or other person authorized to investigate or settle a grievance, complaint, or appeal filed by an individual who is the subject of the record.

T. For Data Breach and Mitigation Response to provide information to appropriate agencies, entities, and persons when:

a. AmeriCorps suspects or has confirmed that there has been a breach of the system of records.

b. AmeriCorps has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, AmeriCorps (including its information systems, programs, and operations), the Federal Government, or national security, and

c. The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with AmeriCorps' efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

U. To provide information to another Federal agency or Federal entity, when AmeriCorps determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach, or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Paper records are stored in locked rooms, file cabinets, and desks. Electronic records and backups are stored on secure servers and encrypted media to include computers and network drives.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Information covered by this system of records notice may be retrieved by the name of the individual.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

All records in the system will be retained until their retention and disposal schedule is approved by NARA, then retained and disposed according to the applicable schedule.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

AmeriCorps has established security and privacy protocols that meet the required security and privacy standards issued by the National Institute of Standards and Technology (NIST). Records are maintained in a secure, password protected electronic system that utilizes security hardware and software to include multiple firewalls, active intruder detection, and role-based access controls. AmeriCorps has adopted appropriate administrative, technical, and physical controls in accordance with its security program to protect the confidentiality, integrity, and availability of the information, and to ensure that records are not disclosed to or accessed by unauthorized individuals. Electronic records are stored on computer networks, which may include cloud-based systems, and protected by controlled access with either Personal Identity Verification (PIV) cards or by assigning user accounts to individuals needing access to the records passwords set by authorized users that must be changed periodically. Paper records are maintained in locked rooms, file cabinets, and desks when not in use.

RECORD ACCESS PROCEDURES:

Individuals requesting access to their individual records should follow the Notification Procedure below.

CONTESTING RECORD PROCEDURES:

Individuals contesting the content of records about themselves contained in this system of records should follow the Notification Procedure below.

NOTIFICATION PROCEDURES:

Individuals requesting notification of the existence of records on themselves or requesting access to their individual records must send a signed, written inquiry that includes their name, address, date of birth, and verification of identity to Gina Cross, Senior Agency Official for Privacy, Corporation for National and Community Service, 250 E Street SW, Suite 300, Washington, DC 20525, or email gcross@cns.gov. The request envelope (or subject line) and letter should both be clearly marked “PRIVACY ACT INQUIRY.” A request for notification must meet the requirements of 43 CFR 2.235.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None.