88 FR 112 pgs. 38139-38141 - Privacy Act of 1974; System of Records
Type: NOTICEVolume: 88Number: 112Pages: 38139 - 38141
Pages: 38139, 38140, 38141FR document: [FR Doc. 2023-12395 Filed 6-9-23; 8:45 am]
Agency: Veterans Affairs Department
Official PDF Version: PDF Version
[top]
DEPARTMENT OF VETERANS AFFAIRS
Privacy Act of 1974; System of Records
AGENCY:
Financial Services Center (FSC), Department of Veterans Affairs (VA).
ACTION:
Notice of a new system of records.
SUMMARY:
The Privacy Act of 1974 requires that all agencies publish in the Federal Register a notice of the existence and character of their systems of records. Notice is hereby given that the Department of Veterans Affairs (VA) is establishing a new system of records titled "Other Government Agencies-VA" (OGA) (213VA0475A1).
DATES:
Comments on this new system of records must be received no later than 30 days after date of publication in the Federal Register . If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by VA, the new system of records will become effective a minimum of 30 days after date of publication in the Federal Register . If VA receives public comments, VA shall review the comments to determine whether any changes to the notice are necessary.
ADDRESSES:
Comments may be submitted through www.Regulations.gov or mailed to VA Privacy Service, 810 Vermont Avenue NW, (005X6F), Washington, DC 20420. Comments should indicate that they are submitted in response to "Other Government Agencies-VA" (213VA0475A1). Comments received will be available at regulations.gov for public viewing, inspection, or copies.
FOR FURTHER INFORMATION CONTACT:
Carl G. Herrmann, OGA Program Manager, carl.herrmann@va.gov, 254-338-1758.
SUPPLEMENTARY INFORMATION:
VA maintains Franchise Agreements with agencies such as Department of Health & Human Services (HHS) and Immigration Customs Enforcement (ICE) Healthcare Services Corps (IHSC) to provide medical and financial claims processing services. This system stores administrative and financial records that are generated during the medical and financial claim request and adjudication process. These records document VA FSC activities related to claims processing and are the means that other government agencies such HHS and ICE IHSC use to determine the status of their claims or historical requests.
Signing Authority
The Senior Agency Official for Privacy, or designee, approved this document and authorized the undersigned to sign and submit the document to the Office of the Federal Register for publication electronically as an official document of the Department of Veterans Affairs. Kurt D. DelBene, Assistant Secretary for Information and Technology and Chief Information Officer, approved this document on April 26, 2023 for publication.
Dated: June 6, 2023.
Amy L. Rose,
Program Analyst, VA Privacy Service, Office of Information Security, Office of Information and Technology, Department of Veterans Affairs.
SYSTEM NAME AND NUMBER:
[top] "Other Government Agencies-VA" (213VA0475A1)
SECURITY CLASSIFICATION:
The information in this system is unclassified.
SYSTEM LOCATION:
VA Data Processing Center, 7600 Metropolis Dr., Austin, TX 78744 and fiscal offices of Central Office; field stations where fiscal transactions are processed.
SYSTEM MANAGER(S):
Angela Repka, System Owner, VA FSC, 7600 Metropolis Dr., Austin, TX 78744. Email: Angela.Repka1@va.gov, Telephone: 512-541-5868.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301; 44 U.S.C. 3101; 31 U.S.C. 3512; OMB Circular A-123, Management's Responsibility for Internal Control; and OMB Circular A-127, Financial Management Systems.
PURPOSE(S) OF THE SYSTEM:
This system of records stores administrative and financial records that are generated during the claim request and adjudication process. These records are the means that other government agencies such as HHS and IHSC Contracted Healthcare Providers use to determine the status of their claims or historical requests.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
These records include information on contractors, vendors, medical providers, salaried employees, physicians, dentists, and immigration detainees who require medical care.
CATEGORIES OF RECORDS IN THE SYSTEM:
The records may include vendor identification listings; invoiced payment records; claimant information (including full name, claim number, patient control number, alien number, dates of service, diagnosis-procedure codes related to medical conditions, date of birth and referral number); and, medical procedures billed.
RECORD SOURCE CATEGORIES:
Information in this system of records is provided by vendors; individual or legal representative as part of an application for a benefit, contract, or reimbursement; Department of Treasury; Internal Revenue Service; and other Federal entities such as the IHSC.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:
1. Congress: to a Member of Congress or staff acting upon the Member's behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.
2. Data breach response and remediation, for VA: to appropriate agencies, entities and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records,· (2) VA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, VA (including its information systems, programs and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities and persons is reasonably necessary to assist in connection with VA's efforts to respond to the suspected or confirmed breach or to prevent, minimize or remedy such harm.
3. Data breach response and remediation, for another Federal agency: to another Federal agency or Federal entity, when VA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government or national security, resulting from a suspected or confirmed breach.
4. Law Enforcement: to a Federal, state, local, territorial, tribal, or foreign law enforcement authority or other appropriate entity charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing such law, provided that the disclosure is limited to information that, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature. The disclosure of the names and addresses of Veterans and their dependents from VA records under this routine use must also comply with the provisions of 38 U.S.C. 5701.
5. Department of Justice (DOJ) for Litigation or Administrative Proceeding: to DOJ, or in a proceeding before a court, adjudicative body, or other administrative body before which VA is authorized to appear, when:
(a) VA or any component thereof;
(b) Any VA employee in his or her official capacity;
(c) Any VA employee in his or her individual capacity where DoJ has agreed to represent the employee; or
(d) The United States, where VA determines that litigation is likely to affect the agency or any of its components,
is a party to such proceedings or has an interest in such proceedings, and VA determines that use of such records is relevant and necessary to the proceedings.
6. To those federal agencies which VA FSC has entered into an agreement to provide financial services.
7. Office of Personnel Management (OPM): to OPM in connection with the application or effect of civil service laws, rules, regulations or OPM guidelines in particular situations.
8. Equal Employment Opportunity Commission (EEOC): to EEOC in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs or other functions of the Commission as authorized by law.
9. Federal Labor Relations Authority (FLRA): to FLRA in connection with the investigation and resolution of allegations of unfair labor practices, the resolution of exceptions to arbitration awards when a question of material fact is raised, matters before the Federal Service Impasses Panel and the investigation of representation petitions and the conduct or supervision of representation elections.
10. Merit Systems Protection Board (MSPB): to MSPB in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices and such other functions promulgated in 5 U.S.C. 1205 and 1206, or as authorized by law.
11. National Archives and Records Administration (NARA): to NARA in records management inspections conducted under 44 U.S.C. 2904 and 2906, or other functions authorized by laws and policies governing NARA operations and VA records management responsibilities.
12. Federal Agencies, for Litigation: To another federal agency, court, or party in litigation before a court or in an administrative proceeding conducted by a federal agency, when the government is a party to the judicial or administrative proceeding.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are stored electronically on a VA server or magnetic discs. Paper documents may be scanned/digitized and stored for viewing electronically.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
[top] VA Directive 6300, Records, and Information Management; VA Directive
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records for this system are retained as defined by its NARA approved Records Control Schedule, MP-4, Part X and within rules of the General Records Schedule (GRS). Per NARA practice, documentation for permanent electronic records must be transferred with the related records using the disposition authority of the related electronic records rather than the GRS disposition authority. Agency policy and responsibility for media and electronic sanitization is explicated in VA Handbook 6500.1, Electronic Media Sanitization. This Handbook sets forth policies and responsibilities for the proper sanitization of electronic media prior to repair, disposal, reuse or recycling. These guidelines are in accordance with Federal Information Processing Standard (FIPS) 200, Minimum Security Requirements for Federal Information and Information Systems; and NIST Special Publication 800-88 Revision 1, Guidelines for Media Sanitization. VA Directive 6371, Destruction of Temporary Paper Records, is Agency policy for the destruction of temporary paper records.
ADMINISTRATIVE, TECHNICAL AND PHYSICAL SAFEGUARDS:
VA will store records produced within this system of records in an area that is always physically and technologically secure from access by unauthorized persons. Only authorized personnel will transport records within this system of records. VA will process records produced within this system of records under immediate supervision and control of authorized personnel in a manner that will protect the confidentiality of the records, so that unauthorized persons cannot retrieve any records by computer, remote terminal or other means. VA will store records using FIPS 140-2 compliant encryption. Systems personnel must enter personal identification numbers when accessing records on the agencies' systems. VA will strictly limit authorization to those electronic records areas necessary for the authorized analyst to perform his or her official duties.
RECORD ACCESS PROCEDURES:
An individual wanting notification or access, including contesting the record, should mail or deliver a request to the office identified in the SORN. If an individual does not know the "office concerned," the request may be addressed to the following with below requirements: PO or FOIA/PO of any VA field station or the Department of Veterans Affairs Central Office, 810 Vermont Avenue NW, Washington, DC 20420. The receiving office must promptly forward the mail request received to the office of jurisdiction clearly identifying it as "Privacy Act Request" and notify the requester of the referral. Approved VA authorization forms may be provided to individuals for use.
CONTESTING RECORD PROCEDURES:
An individual may request amendment of a record pertaining to him or her contained in a specific VA system of records by mailing or delivering the request to the office concerned. The request must be in writing and must conform to the following requirements: It must state the nature of the information in the record the individual believes to be inaccurate, irrelevant, untimely, or incomplete; why the record should be changed; and the amendment desired. The requester must be advised of the title and address of the VA official who can assist in preparing the request to amend the record if assistance is desired. Not later than business 10 days after the date of a request to amend a record, the VA official concerned will acknowledge in writing such receipt. If a determination for correction or amendment has not been made, the acknowledgement will inform the individual of when to expect information regarding the action taken on the request. VA will complete a review of the request to amend or correct a record within 30 business days of the date of receipt. Where VA agrees with the individual's request to amend his or her record(s), the requirements of 5 U.S.C. 552a(d) will be followed. The record(s) will be corrected promptly, and the individual will be advised promptly of the correction. If the record has previously been disclosed to any person or agency, and an accounting of the disclosure was made, prior recipients of the record will be informed of the correction. An approved VA notification of amendment form letter may be used for this purpose. An individual wanting notification or access, including contesting the record, should mail or deliver a request to the Privacy Office or FOIA/Privacy Office of any VA field station or the Department of Veterans Affairs Central Office, 810 Vermont Avenue NW, Washington, DC 20420.
NOTIFICATION PROCEDURES:
Notification for correcting the information will be accomplished by informing the individual to whom the record pertains by mail. The individual making the amendment must be advised in writing that the record has been amended and provided with a copy of the amended record. System Manager for the concerned VA system of records, Privacy Officer, or their designee, will notify the relevant persons or organizations whom had previously received the record about the amendment. The review must be completed as soon as possible, in most cases within 30 workdays from receipt of the request. If the anticipated completion date indicated in the acknowledgment cannot be met, the individual must be advised, in writing, of the reasons for the delay and the date action is expected to be completed. The delay may not exceed 90 calendar days from receipt of the request.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
N/A.
HISTORY:
None.
[FR Doc. 2023-12395 Filed 6-9-23; 8:45 am]
BILLING CODE P