Privacy Act of 1974; System of Records

AGENCY:

Department of the Treasury.

ACTION:

Notice of a New System of Records.

SUMMARY:

In accordance with the Privacy Act of 1974, the Department of the Treasury (“Treasury” or the “Department”) (including Treasury bureaus, offices, and other subcomponents), proposes to establish a new Treasury system of records titled, “Department of the Treasury .020—Health Screening and Contact Tracing Records.” Treasury collects these records when it knows or suspects that a person who was infected with a communicable disease came in close physical proximity to or had physical contact with other persons while working in or visiting a Treasury facility (including Treasury sponsored events in non-Treasury facilities), and Treasury determines that the collection of such records is necessary to protect the health of Treasury personnel (meaning employees, grantees, contractors, and interns), and Treasury visitors (which includes non-Treasury federal employees and contractors, detailees from other federal agencies working at a Treasury facility, and members of the public who visit a Treasury facility). Treasury may collect these records in response to a health-related declaration of a national emergency by the President, a public health emergency declared by the Health and Human Service (HHS) Secretary or a designated federal official or a designated state official. Even in the absence of a health-related declaration of national emergency or declaration of public health emergency (HHS or state level), Treasury may collect these records if it determines that a significant risk of substantial harm exists to the health of Treasury personnel or visitors.

DATES:

Submit comments on or before March 26, 2021. The <new and/or significantly modified> routine uses will be applicable on March 26, 2021.

ADDRESSES:

Comments may be submitted to the Federal E-Rulemaking Portal electronically at http://www.regulations.gov. Comments can also be sent to the Deputy Assistant Secretary for Privacy, Transparency, and Records, Department of the Treasury, Departmental Offices, 1750 Pennsylvania Avenue NW, Washington, DC 20220, Attention: Revisions to Privacy Act Systems of Records. All comments received, including attachments and other supporting documents, are part of the public records and subject to public disclosure. All comments received will be posted without change to www.regulations.gov,, including any personal information provided. You should submit only information that you wish to make publicly available.

FOR FURTHER INFORMATION CONTACT:

For general questions and privacy issues please contact: Deputy Assistant Secretary for Privacy, Transparency, and Records (202-622-5710), Department of the Treasury, 1500 Pennsylvania Avenue NW, Washington, DC 20220.

SUPPLEMENTARY INFORMATION:

In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the Department of the Treasury (“Treasury”) proposes to establish a new Treasury system of records titled, “Department of the Treasury, Treasury .020—Health Screening and Contact Tracing Records.”

Treasury is publishing this system of records to provide notice to individuals regarding the collection, maintenance, use and disclosure of health screening and contact tracing information collected from and about Treasury personnel (meaning employees, grantees, contractors, and interns), and Treasury visitors (meaning non-Treasury federal employees, detailees from other federal agencies, non-Treasury federal contractors, and members of the public) working at or visiting a Treasury facility or a Treasury sponsored event at a non-Treasury facility. Treasury is collecting this information to protect the health of Treasury personnel and Treasury visitors who seek to enter a Treasury facility and/or were physically present in a Treasury facility and came in close proximity to or had physical contact with Treasury personnel and/or visitors who, at the time, were infected or had symptoms of infection with a communicable disease.

Health screening information will be used to reduce the risk that individuals with symptoms consistent with a communicable disease will enter a Treasury facility or event and infect Treasury personnel and/or visitors with a communicable disease. Contact tracing information will be used to identify other Treasury personnel and/or visitors who were present in a Treasury facility and came in close proximity to or had physical contact with Treasury personnel and/or visitors who, at the time, were infected or had symptoms of infection with a communicable disease.

Treasury may collect these records in response to a health-related declaration of a national emergency by the President, a public health emergency declared by the Health and Human Service (HHS) Secretary or a designated federal official or a designated state official. Even in the absence of a health-related declaration of national emergency or declaration of public health emergency (HHS or state level), Treasury may collect these records if it determines that a significant risk of substantial harm exists to the health of Treasury personnel or visitors.

The Occupational Safety and Health Act (OSHA) of 1970, Public Law 91-596, 29 U.S.C. 668, Section 19(a) requires the head of each Federal agency to establish and maintain an effective and comprehensive occupational safety and health program and safe and healthful places and conditions of employment, and to keep adequate records of all occupational accidents and illnesses for proper evaluation and necessary corrective action. OSHA also requires that Federal agencies maintain an injury and illness prevention program, which is a proactive process designed to reduce injuries, illnesses, and fatalities.

The Secretary of the Department of Health and Human Services (HHS) may, under section 319 of the Public Health Service (PHS) Act (codified at 42 U.S.C. 247d), declare that: (a) A disease or disorder presents a public health emergency; or (b) that a public health emergency, including significant outbreaks of infectious disease or bioterrorist attacks, otherwise exists.

Most state governors also have the authority to declare public health emergencies by executive order or other declaration. State declared public health emergencies could also involve a significant risk of substantial harm to Treasury personnel or visitors.

Treasury is not seeking exemption from any Privacy Act provisions for this system of records.

The proposed system of records will have an effect on individual privacy because medical information is required to conduct health screening, to identify persons who have or may have been exposed to or infected with a communicable disease (e.g., to reduce risk by allowing them to work from home or use leave, as needed), and to identify other persons with whom an infected person might have had contact in a Treasury facility (including Treasury bureau, office, and other subcomponent facilities) or another facility hosting a Treasury-sponsored event. In order to reduce the risk to individual privacy, Treasury is minimizing the information it maintains. For example, if Treasury personnel or visitors test positive for a communicable disease and reveal this information to Treasury (or Treasury acquires this information from another source), their identity will not be disclosed to other persons with whom they came in close physical contact unless otherwise authorized by law.

Treasury will include this system in its inventory of record systems.

Treasury provided a report of this system of records to the Committee on Oversight and Government Reform of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate, and the Office of Management and Budget (OMB), pursuant to 5 U.S.C. 552a(r) and OMB Circular A-108, “Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act,” dated December 23, 2016.

Below, is the description of Treasury .020—Health Screening and Contact Tracing Records.

SYSTEM NAME AND NUMBER:

Department of the Treasury—.020—Health Screening and Contact Tracing Records—Department of the Treasury.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

The records are located at Main Treasury and in other Treasury bureaus, offices, and other subcomponents, both in Washington, DC and at field locations as follows:

(1) Departmental Offices: 1500 Pennsylvania Ave. NW, Washington, DC 20220;

(2) Alcohol and Tobacco Tax and Trade Bureau: 1310 G St. NW, Washington, DC 20220.

(3) Office of the Comptroller of the Currency: Constitution Center, 400 Seventh St. SW, Washington, DC 20024;

(4) Fiscal Service: Liberty Center Building, 401 14th St. SW, Washington, DC 20227;

(5) Internal Revenue Service: 1111 Constitution Ave. NW, Washington, DC 20224;

(6) United States Mint: 801 Ninth St. NW, Washington, DC 20220;

(7) Bureau of Engraving and Printing: District of Columbia Facility, 14th and C Streets SW, Washington, DC 20228 and Western Currency Facility, 9000 Blue Mound Rd., Fort Worth, TX 76131;

(8) Financial Crimes Enforcement Network: Vienna, VA 22183;

(9) Special Inspector General for the Troubled Asset Relief Program (SIGTARP): 1801 L St. NW, Washington, DC 20220;

(10) Office of Inspector General: 740 15th St. NW, Washington, DC 20220; and

(11) Office of the Treasury Inspector General for Tax Administration: 1125 15th St. NW, Suite 700A, Washington, DC 20005.

Data are also located at contractor sites. A list of contractor sites where individually identified data are currently located is available upon request.

SYSTEM MANAGER(S):

(1) Departmental Offices: 1500 Pennsylvania Ave. NW, Washington, DC 20220;

(2) Alcohol and Tobacco Tax and Trade Bureau: 1310 G St. NW, Washington, DC 20220.

(3) Office of the Comptroller of the Currency: Constitution Center, 400 Seventh St. SW, Washington, DC 20024;

(4) Fiscal Service: Liberty Center Building, 401 14th St. SW, Washington, DC 20227;

(5) Internal Revenue Service: 1111 Constitution Ave. NW, Washington, DC 20224;

(6) United States Mint: 801 Ninth St. NW, Washington, DC 20220;

(7) Bureau of Engraving and Printing: District of Columbia Facility, 14th and C Streets SW, Washington, DC 20228 and Western Currency Facility, 9000 Blue Mound Rd., Fort Worth, TX 76131;

(8) Financial Crimes Enforcement Network: Vienna, VA 22183;

(9) Special Inspector General for the Troubled Asset Relief Program (SIGTARP): 1801 L St. NW, Washington, DC 20220;

(10) Office of Inspector General: 740 15th St. NW, Washington, DC 20220; and

(11) Office of the Treasury Inspector General for Tax Administration: 1125 15th St. NW, Suite 700A, Washington, DC 20005.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Occupational Safety and Health Act (OSHA) of 1970, Public Law 91-596, Section 19(a) (29 U.S.C. 668(a)); 5 U.S.C. 301; Section 319 of the Public Health Service Act (42 U.S.C. 247d; American with Disabilities Act, including 42 U.S.C. 12112(d)(3)(B) (allowing medical examination after an offer of employment has been made to a job applicant), 29 CFR 602.14, 1630.2(r), 1630.14(b)(1), (c)(1), (d)(4); Medical Examinations for Fitness for Duty Requirements, including 5 CFR part 339; Executive Order 12196, 5 U.S.C. 7902(d); 29 U.S.C. 668, 29 CFR part 1904, 29 CFR 1910.1020, and 29 CFR 1960.66.

PURPOSE(S) OF THE SYSTEM:

The Department of the Treasury (including Treasury bureaus, offices, and other subcomponents) collects these records when it knows or suspects that a person was infected with a communicable disease and came in close physical proximity to or had physical contact with other persons while working in or visiting a Treasury facility (including Treasury sponsored events in non-Treasury facilities), and Treasury (or another federal or state authority) determines that a significant risk of substantial harm exists to the health or safety of Treasury employees or visitors. These records are used to: (1) Comply with Occupational Safety and Health Administration Act recordkeeping requirements; (2) respond to a significant risk of substantial harm to Treasury personnel or visitors; (3) document reports of illness or communicable disease that are the subject of a declaration of public health emergency by the Health and Human Service (HHS) Secretary or a designated state official that may pose a significant risk of substantial harm to the health of Treasury personnel (meaning employees, grantees, and interns), and/or Treasury visitors (meaning non-Treasury federal employees, detailees from other federal agencies, contractors, and members of the public); (4) perform contact tracing investigations of and notifications to Treasury personnel and Treasury visitors known or suspected of exposure to communicable diseases who came in close physical proximity to or had physical contact with other persons while working in or visiting a Treasury facility; (5) inform federal, state or local public health authorities so that these authorities may act to protect public health as allowed or required by law; and (6) take such actions (e.g., quarantine or isolation) as necessary to prevent the introduction, transmission, and spread of communicable disease by persons who have contracted or were exposed to such a disease and came in close physical proximity to or had physical contact with other persons while working in or visiting a Treasury facility or event.

Treasury may collect this information in response to a declaration of public health emergency by the Secretary of the Department of Health and Human Services (HHS). Under section 319 of the Public Health Service Act, the HHS Secretary may declare that: (a) A disease or disorder presents a public health emergency; or (b) that a public health emergency, including significant outbreaks of infectious disease or bioterrorist attacks, otherwise exists. When the HHS Secretary determines that a public health emergency exists, Treasury must respond to protect the health of its workforce. Treasury's response will depend on the nature of the particular public health emergency, but may include collecting information on Treasury personnel (meaning employees, grantees, and interns), and Treasury visitors (meaning non-Treasury federal employees, detailees from other federal agencies, contractors, and members of the public).

Treasury may also collect this information when it determines that the spread of a communicable disease presents a significant risk of substantial harm to the health of Treasury personnel or visitors. Treasury will consider any public health emergency declared by state or local officials in making such a determination.

In other circumstances, even in the absence of a health related declaration of national emergency or declaration of public health emergency (HHS or state level), Treasury may collect this information where it determines that the spread of a communicable disease presents a significant risk of substantial harm to the health of Treasury personnel or visitors.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Persons who provide health screening information prior to being admitted to a Treasury facility or event; persons denied entry to a Treasury facility or event after health screening; persons who worked in or visited a Treasury facility or event while infected or potentially infected with a communicable disease; and persons exposed to or potentially infected with a communicable disease while working in or visiting a Treasury facility or a Treasury sponsored event at a non-Treasury facility.

CATEGORIES OF RECORDS IN THE SYSTEM:

Health screening and contact tracing records may include identification and contact information (such as name, address, work or personal phone number(s), work or personal email address(es), work office/division, date of birth, employee ID number, badge number, Social Security Number, passport number), medical reports, assessments, vaccination status, testing status (where and when it occurred; status of results), test type, test results, disease type, health status, approximate date of exposure, last date physically present in a Treasury facility/at a Treasury event, name of facility (including bureau or office or other unit/component) visited, areas of a Treasury or other facility (if a Treasury event at a non-Treasury facility) traversed, areas and objects touched, workplace contacts, names of persons who had physical contact with or was in prolonged close physical proximity to infected/potentially infected persons, proximity monitoring device identification and serial number, time monitoring device was first picked up and returned, extended proximity event time and date, number of events, number of individuals in an event, number of individuals at location, dates and locations of domestic and international travel, and related information and documents collected for the purpose of screening and contact tracing.

RECORD SOURCE CATEGORIES:

Records are obtained through interviews or electronically (using proximity monitoring devices) from the individuals infected or potentially infected while physically present in a Treasury facility or at a Treasury event, other individuals with whom an infected or potentially infected individual had close contact, other federal or state agencies, physicians (as allowed by law or with consent from the individual), Treasury visitors or their employers, and Treasury personnel and visitors who maintain (manually or electronically) a log or report of their close physical contacts (and the duration of that contact) while in Treasury facilities to individuals designated by Treasury.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under the Privacy Act of 1974, 5 U.S.C. 552a(b), records and/or information or portions thereof maintained as part of this system may be disclosed outside Treasury as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

(1) To the United States Department of Justice (“DOJ”), for the purpose of representing or providing legal advice to the Department in a proceeding before a court, adjudicative body, or other administrative body before which the Department is authorized to appear, when such proceeding involves:

(a) The Department or any component thereof;

(b) Any employee of the Department in his or her official capacity;

(c) Any employee of the Department in his or her individual capacity where the Department of Justice or the Department has agreed to represent the employee; or

(d) The United States, when the Department determines that litigation is likely to affect the Department or any of its components; and the use of such records by the DOJ is deemed by the DOJ or the Department to be relevant and necessary to the litigation.

(2) To a Federal, State, local, or other public authority maintaining civil, criminal or other relevant enforcement information or other pertinent information, which has requested information relevant to or necessary to the requesting agency's, bureau's, or authority's hiring or retention of an individual, or issuance of a security clearance, license, contract, grant, or other benefit;

(3) To a Congressional office in response to an inquiry made at the request of the individual to whom the record pertains;

(4) To the National Archives and Records Administration (NARA) or General Services Administration pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906;

(5) To appropriate agencies, entities, and persons when (1) the Department of the Treasury and/or one of its bureaus suspects or has confirmed that there has been a breach of the system of records; (2) the Department of the Treasury and/or bureau has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Department of the Treasury and/or bureau (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department of the Treasury's and/or bureau's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm;

(6) To another Federal agency or Federal entity, when the Department of the Treasury and/or bureau determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach;

(7) To Federal agencies such as the Health and Human Services (HHS), State and local health departments, and other public health or cooperating medical authorities in connection with program activities and related collaborative efforts to deal more effectively with exposures to communicable diseases, and to satisfy mandatory reporting requirements when applicable.

(8) To missing person location organizations to obtain information to aid in locating persons who were possibly exposed or exposed others to a communicable disease at a Treasury facility.

(9) To contractors to assist the agency in health screening and contact tracing activities and assessing/revising/improving Treasury processes, procedures, performance and implementation of health screening and contact tracing activities.

(10) To appropriate federal, state, local, tribal, or foreign governmental agencies or multilateral governmental organizations, to the extent permitted by law, and in consultation with legal counsel, for the purpose of protecting the vital interests of a data subject or other persons, including to assist such agencies or organizations in preventing exposure to or transmission of a communicable or quarantinable disease or to combat other significant public health threats.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records in this system are stored electronically in secure facilities. Paper records (if they must be created/maintained) are stored in a locked drawer, behind a locked door or at a secure offsite location.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records are retrieved by an individual's name or other identification information (such as email address, employee identification number, or SSN).

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records are managed in accordance with National Archives and Records Administration General Records Schedule 2.7 Item 040. Contact tracing records will be maintained in the agency in accordance with proposed retention schedules.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

Records in this system are safeguarded in accordance with applicable law, rules and policies, including all applicable Treasury automated systems security and access policies. Strict controls have been imposed to minimize the risk of compromising the information that is being stored. Access to the computer system containing the records in this system is limited to those individuals who have a need to know the information for the performance of their official duties and who have appropriate clearances.

RECORD ACCESS PROCEDURES:

See “Notification Procedures” below.

CONTESTING RECORD PROCEDURES:

See “Notification Procedures” below.

NOTIFICATION PROCEDURES:

Individuals seeking notification of and access to any record contained in this system of records, or seeking to contest its content, may submit a request in writing, in accordance with Treasury's Privacy Act regulations (located at 31 CFR 1.26), to the Freedom of Information Act (FOIA) and Transparency Liaison, whose contact information can be found at http://www.treasury.gov/FOIA/Pages/index.aspx under “FOIA Requester Service Centers and FOIA Liaison.” If an individual believes more than one bureau maintains Privacy Act records concerning him or her, the individual may submit the request to the Office of Privacy, Transparency, and Records, FOIA and Transparency, Department of the Treasury, 1500 Pennsylvania Ave. NW, Washington, DC 20220.

No specific form is required, but a request must be written and:

• Be signed and either notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization;
• State that the request is made pursuant to the FOIA and/or Privacy Act disclosure regulations;
• Include information that will enable the processing office to determine the fee category of the user;
• Be addressed to the bureau that maintains the record (in order for a request to be properly received by the Department, the request must be received in the appropriate bureau's disclosure office);
• Reasonably describe the records;
• Give the address where the determination letter is to be sent;
• State whether or not the requester wishes to inspect the records or have a copy made without first inspecting them; and
• Include a firm agreement from the requester to pay fees for search, duplication, or review, as appropriate. In the absence of a firm agreement to pay, the requester may submit a request for a waiver or reduction of fees, along with justification of how such a waiver request meets the criteria for a waiver or reduction of fees found in the FOIA statute at 5 U.S.C. 552(a)(4)(A)(iii).

You may also submit your request online at https://rdgw.treasury.gov/foia/pages/gofoia.aspx and call 1-202-622-0930 with questions.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None.