86 FR 234 pgs. 70082-70086 - Privacy Act of 1974; System of Records
Type: NOTICEVolume: 86Number: 234Pages: 70082 - 70086
Pages: 70082, 70083, 70084, 70085, 70086Docket number: [Docket No. APHIS-2020-0015]
FR document: [FR Doc. 2021-26684 Filed 12-8-21; 8:45 am]
Agency: Agriculture Department
Sub Agency: Animal and Plant Health Inspection Service
Official PDF Version: PDF Version
[top]
DEPARTMENT OF AGRICULTURE
Animal and Plant Health Inspection Service
[Docket No. APHIS-2020-0015]
Privacy Act of 1974; System of Records
AGENCY:
Animal and Plant Health Inspection Service, USDA.
ACTION:
Notice of a modified system of records.
[top]
SUMMARY:
Pursuant to the Privacy Act of 1974 and Office of Management and Budget Circular No. A-108, the U.S. Department of Agriculture (USDA) give notice that a component agency, the Animal and Plant Health Inspection Service (APHIS) proposes to modify an existing system of records notice titled Emergency Management Response System (EMRS), USDA/APHIS-11. This system, among other things, helps APHIS to manage and investigate incidents of foreign animal diseases within the United States.
DATES:
In accordance with 5 U.S.C. 552a(e)(4) and (11), this notice is applicable upon publication, subject to a 30-day notice and comment period in which to comment on the routine uses described in the routine uses section of this system of records notice. Please submit any comments by January 10, 2022.
ADDRESSES:
You may submit comments by either of the following methods:
• Federal eRulemaking Portal: Go to http://www.regulations.gov. Enter APHIS-2020-0015 in the Search field. Select the Documents tab, then select the comment button in the list of documents.
• Postal Mail/Commercial Delivery: Send your comment to Docket No. APHIS-2020-0015, Regulatory Analysis and Development, PPD, APHIS, Station 3A-03.8, 4700 River Road, Unit 118, Riverdale, MD 20737-1238.
Supporting documents and any comments we receive on this docket may be viewed at http://www.regulations.gov or in our reading room, which is located in Room 1620 of the USDA South Building, 14th Street and Independence Avenue SW, Washington, DC. Normal reading room hours are 8 a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure someone is there to help you, please call (202) 799-7039 before coming.
FOR FURTHER INFORMATION CONTACT:
For general questions, please contact Dr. Fred G. Bourgeois, EMRS National Coordinator, Strategy and Policy, National Preparedness and Incident Command, VS, APHIS, Lake Charles, LA; (318) 288-4083; fred.g.bourgeois@usda.gov. For Privacy Act questions concerning this system of records notice, please contact Ms. Tonya Woods, Director, Freedom of Information and Privacy Act Staff, 4700 River Road, Unit 50, Riverdale, MD 20737; (301) 851-4076. For USDA Privacy Act questions, please contact the USDA Chief Privacy Officer, Information Security Center, Office of Chief Information Officer, USDA, Jamie L. Whitten Building, 1400 Independence Ave. SW, Washington, DC 20250; email: USDAPrivacy@usda.gov.
SUPPLEMENTARY INFORMATION:
The U.S. Department of Agriculture (USDA) Animal and Plant Health Inspection Service (APHIS) is modifying an existing system of records notice for APHIS' Emergency Management Response System (EMRS), USDA/APHIS-11, which was last published on April 30, 2008, in its entirety in the Federal Register (73 FR 23409-23412, Docket No. APHIS-2008-0039). 1
Footnotes:
1 ?To view the notice, go to www.regulations.gov and enter APHIS-2008-0039 in the Search field.
EMRS is used by APHIS' Veterinary Services (VS) to help manage, coordinate, report, and investigate activities such as incidents of foreign animal diseases in the United States (including disposal, cleaning and disinfection, and associated indemnity payments), surveillance and control programs, State-specific disease outbreaks, national animal health emergency responses (all-hazards), and allow for tracing of animal movement and records, as well as premises and activity mapping. If an animal disease were to be detected in the United States, VS would activate its Incident Command System (ICS). ICS team members are trained to control and eradicate foreign animal diseases. As necessary and appropriate for the specific incident, team members would, among other things, confirm the presence of the disease, inspect infected and exposed animals, appraise the value of animals that may have to be destroyed, conduct vaccination programs and epidemiological studies, dispose of animal carcasses, and clean and disinfect premises. Records of these activities would be maintained in EMRS.
APHIS is making the following changes to the system of records notice:
• Updating the system location and system manager;
• Updating the purpose of the system;
• Expanding the categories of individuals to identify the roles of the APHIS employees included in the system and to add responders and coordinators since these individuals will participate in activities associated with the system;
• Making minor editorial changes to the categories of records;
• Revising the record source categories to add reference to a database within EMRS and to add that information in the system may be obtained from the Financial Modernization Incentive for payment status;
• Updating the policies and practices for storage, retrievability, and retention and disposal of records in the system;
• Updating the system safeguards;
• Updating the notification, record access, and contesting record procedures; and
• Deleting, revising, redesignating, and establishing routine uses as follows:
? Revising current routine uses 1 and 2 to add reference to Tribal animal health officials and, in routine use 1, adding that information may be shared to identify premises before an event to allow for faster response;
? Deleting current routine use 3 because EMRS has never shared data or connected data to/from the Department of Homeland Security's (DHS) National Biosurveillance Integration System (now known as Biosurveillance Common Operating Network (BCON)) and APHIS' Offshore Pest Information System (OPIS). However, if this should change, information would be shared with DHS' BCON system as described in routine uses 1 and 2. A routine use for OPIS is not needed since it is a system that is internal to USDA;
? Revising current routine use 4 and redesignating it as routine use 3. The changes are editorial and intended to more accurately describe the referral of records to appropriate law enforcement agencies, entities, and persons;
? Revising current routine use 5 and redesignating it as routine use 4. The changes are editorial and conforming changes;
? Revising current routine use 6 and redesignating it as routine use 5. The changes are editorial and intended to more accurately describe the disclosure of records to a court or adjudicative body;
? Revising current routine use 7 and redesignating as routine use 6. The changes are editorial and intended to more accurately describe the disclosure of records to appropriate agencies;
? Establishing new routine use 7 for disclosure to another Federal agency or entity of information reasonably necessary to assist in responding to a suspected or confirmed breach or to prevent, minimize, or remedy harm, in accordance with Office of Management and Budget (OMB) Memorandum M-17-12 (Preparing for and Responding to a Breach of Personally Identifiable Information);
[top] ? Revising current routine use 8. The changes are editorial and intended to more accurately describe disclosure to USDA contractors and other parties assisting in administering the program, analyzing data, information
? Removing current routine use 9 since this routine use is included in revised routine use 8;
? Establishing new routine use 9 to describe disclosure to Congressional offices in response to an inquiry made at the written request of the individual to whom the record pertains; and
? Revising current routine use 10 to more accurately reflect where record management inspections may occur.
A report on the modified system of records, required by 5 U.S.C. 552a(r), as implemented by OMB Circular A-108, was sent to the Chairman, Committee on Homeland Security and Governmental Affairs, United States Senate; the Chairwoman, Committee on Oversight and Reform, House of Representatives; and the Administrator, Office of Information and Regulatory Affairs, OMB.
Done in Washington, DC, this 30th day of November 2021.
Jack Shere,
Acting Administrator, Animal and Plant Health Inspection Service.
SYSTEM NAME AND NUMBER:
USDA/APHIS-11, Emergency Management Response System (EMRS).
SECURITY CLASSIFICATION:
None.
SYSTEM LOCATIONS:
The Animal and Plant Health Inspection Service (APHIS) located at 4700 River Road, Riverdale, MD 20737, is responsible for the system. EMRS records are maintained in a Government-approved cloud server accessed through secure data centers in the continental United States. Paper files are held at various Veterinary Services (VS) national, district, and field offices. Due to the number of offices, specific addresses can be found at: https://www.aphis.usda.gov/aphis/ourfocus/animalhealth/contact-us. Cloud service providers are MS Azure Government (US Gov Virginia), 101 Herbert Dr., Boydton, VA 23917 (Eastern Region); and MS Azure Government (US Gov Texas), 5150 Rogers Road, San Antonio, TX 78251 (Western Region).
SYSTEM MANAGER:
EMRS National Coordinator, National Preparedness & Incident Coordination, Veterinary Services, APHIS, USDA, Lake Charles, LA; (318) 288-4083.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Animal Health Protection Act (7 U.S.C. 8301 et seq. ).
PURPOSES OF THE SYSTEM:
APHIS' VS program uses EMRS to help manage, coordinate, report, and investigate activities such as incidents of foreign animal diseases in the United States (including disposal, cleaning and disinfection, and associated indemnity payments), surveillance and control programs, State-specific disease outbreaks, national animal health emergency responses (all-hazards), and allow for tracing of animal movement and records, as well as premises and activity mapping. To fulfill this purpose, EMRS allows for APHIS to use visualization software to build premises maps and epidemiological models. EMRS will also maintain information concerning APHIS employees who may be deployed as members of Incident Command System teams.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Categories of individuals covered by the system include, but are not limited to, customers, such as State animal health officials and industry, who obtain services under EMRS, including the owner or operator of the premises where the animals subject to investigation are located and the referring contact who provided initial premises information; APHIS employees involved in the diagnostic and investigation activities; and responders and cooperators.
CATEGORIES OF RECORDS IN THE SYSTEM:
Categories of records in the system include:
Owner or operator of the premises where the animals subject to investigation are located; the system includes the following information, such as, but not limited to, the name; address (including city, county, State, postal code, and latitude/longitude coordinates); premises identification number; and telephone number.
Referring contact information, which includes name and telephone number.
Case coordinator of the premises investigation. (The system includes name, telephone number, and email address.)
APHIS employees. (The system includes information such as, but not limited to, the name; agency, program, and group; current duty assignment; encrypted employee identification number; grade, series, and step; duty city and State; home address, including latitude/longitude coordinates; home telephone number; home email address; emergency contact information; work and field addresses, email addresses and telephone numbers; supervisor contact information; personal protective equipment type, size, and model; existing and desired skills, experience and training; position certifications; AgLearn training classes; medical clearance information; and a description of property or fleet vehicle assigned to the employee.)
The system will also include nicknames, titles, and organization for the entities above, as applicable.
RECORD SOURCE CATEGORIES:
Information in this system comes primarily from the customers, including the owner or operator of the premises where the animals subject to investigation are located, the referring contact who provided initial premises information, and case coordinator. Such information may be supplemented by information from an address-validation database, by APHIS personnel during an on-site investigation, by State and Tribal veterinary offices and State laboratories, or by APHIS' National Veterinary Services Laboratories. Information may also be obtained from the Financial Management Modernization Incentive for payment status. Employee information is obtained primarily from the employee. Additionally, employee information may be obtained from the U.S. Department of Agriculture's (USDA's) National Finance Center, AgLearn database, and Federal Occupational Health, U.S. Department of Health and Human Services.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, records contained in the system may be disclosed outside USDA as a routine use under 5.U.S.C. 552a(b)(3), to the extent that such uses are compatible with the purposes for which the information was collected. Such permitted routine uses include the following:
(1) To certain Federal, State, and Tribal animal health officials to identify premises before an event to allow for faster response, monitor the status of an animal disease investigation, document actions taken relating to an animal disease investigation, track the status of animals susceptible to foreign animal diseases, determine the costs of an animal disease investigation, monitor the use and availability of assets and personnel relating to animal disease investigations, or perform epidemiological and geospatial analyses of such investigations;
[top] (2) To Federal, State, and Tribal animal health officials within the system to obtain feedback regarding the
(3) When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program, statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate agency, whether Federal, foreign, State, Tribal, local, or other public authority responsible for enforcing, investigating, or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative, or prosecutive responsibility of the receiving entity;
(4) To the Department of Justice when: (a) USDA or any component thereof; or (b) any employee of USDA in his or her official capacity, where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and USDA determines that the records are both relevant and necessary to the litigation and the use of such records by the Department of Justice is for a purpose that is compatible with the purpose for which USDA collected the records;
(5) In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when USDA or other Agency representing USDA determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding;
(6) To appropriate agencies, entities, and persons when: (a) USDA suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (b) USDA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, USDA (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with USDA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm;
(7) To another Federal agency or Federal entity, when information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the agency (including its information systems, programs, and operations), the Federal Government, or national security;
(8) To contractors and their agents, grantees, experts, consultants, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for the USDA, when necessary to accomplish an agency function related to this system of records;
(9) To a Congressional office in response to an inquiry from that Congressional office made at the written request of the individual about whom the record pertains; and
(10) To the National Archives and Records Administration (NARA) or other Federal Government agencies pursuant to records management inspections being conducted under 44 U.S.C. 2904 and 2906.
DISCLOSURE TO CONSUMER REPORTING AGENCIES:
None.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic records are stored on servers located as indicated above under "System Locations". Paper files are held at various VS national, district, and field offices that are locked during non-business hours and require presentation of employee identification for admittance and access at all times.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Data can be retrieved only by personnel who successfully authenticate using their eAuthentication PIV or eAuthentication username/password credential and are authorized with specific EMRS role(s). Data can be retrieved by premises identification number, reference control number, name, premises, incident group, or incident site. Data regarding an employee, cooperator, or responder can be retrieved by name, nickname, employee identification number, title, organization, property, or fleet vehicle.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
In accordance with NARA-approved records disposition authorities, paper records will be retained for the following periods of time: All incident-related premise record data associated with a foreign animal disease investigation will be retained for a period of 50 years. For the remaining records, APHIS is in the process of preparing a records disposition request from NARA, and these records will be retained until appropriate disposition authority is obtained from NARA.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
The EMRS safeguards include management, operational, and technical controls to prevent misuse of data by system users. These controls include role-based access. State and Tribal entities have access limited to data from their State or area. Access to the restricted portions of the database system requires certain levels of authorization through USDA eAuthentication, which is a system that enables individuals to obtain user-identification accounts with password-protected access to certain USDA web-based applications and services through the internet. APHIS personnel who input data must have a high-level eAuthentication account.
RECORD ACCESS PROCEDURES:
All requests for access to records must be in writing and should be submitted to the APHIS Privacy Act Officer, 4700 River Road, Unit 50, Riverdale, MD 20737; or by facsimile (301) 734-5941; or by email APHISPrivacy@usda.gov. In accordance with 7 CFR 1.112 (Procedures for requests pertaining to individual records in a record system), the request must include the full name of the individual making the request; the name of the system of records; and preference of inspection, in person or by mail. In accordance with 7 CFR 1.113, prior to inspection of the records, the requester shall present sufficient identification ( e.g., driver's license, employee identification card, social security card, credit cards) to establish that the requester is the individual to whom the records pertain. In addition, if an individual submitting a request for access wishes to be supplied with copies of the records by mail, the requester must include with his or her request sufficient data for the agency to verify the requester's identity.
CONTESTING RECORD PROCEDURES:
[top] Individuals seeking to contest or amend records maintained in this system of records must direct their request to the address indicated above in the "RECORD ACCESS PROCEDURES" paragraph and must follow the procedures set forth in 7 CFR 1.116 (Request for correction or
NOTIFICATION PROCEDURES:
Individuals may be notified if a record in this system of records pertains to them when the individuals request information utilizing the same procedures as those identified in the "RECORD ACCESS PROCEDURES" paragraph above.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
On April 30, 2008 (73 FR 23409-23412, Docket No. APHIS-2008-0039), USDA/APHIS-11, "Emergency Management Response System" was published as a new system of records and effective on June 9, 2008.
[FR Doc. 2021-26684 Filed 12-8-21; 8:45 am]
BILLING CODE 3410-34-P