88 FR 136 pgs. 45882-45884 - Privacy Act of 1974; System of Records

Next Article Next

Type: NOTICEVolume: 88Number: 136Pages: 45882 - 45884

Docket number: [Docket Number: USDA-2022-0013]

FR document: [FR Doc. 2023-15161 Filed 7-17-23; 8:45 am]

Agency: Agriculture Department

Official PDF Version: PDF Version

Pages: 45882, 45883, 45884

[top]

DEPARTMENT OF AGRICULTURE

[Docket Number: USDA-2022-0013]

Privacy Act of 1974; System of Records

AGENCY:

Departmental Administration (DA), Office of Customer Experience (OCE), Department of Agriculture (USDA).

ACTION:

Notice of a new system of records.

SUMMARY:

In accordance with the Privacy Act of 1974, as amended, and the Office of Management and Budget and Budget (OMB) Circular No. A-108 Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act , the U.S. Department of Agriculture (USDA) proposes a new system of records for the information collected, created, and stored in the centralized omni-channel AskUSDA Contact Center. The purpose of this system is to provide industry standard customer service to respond to inquiries from the general public regarding programs and services provided by USDA. The system keeps track of the people asking questions for continuity of support and maintains a record of their interaction. The system provides multiple public channels like phone, email, and live chat. Also, the system maintains a common knowledge base across the organization that improves response consistency. This system also improves the efficiency of the Federal staff providing answers to public inquiry.

DATES:

In accordance with 5 U.S.C. 552a(e)(4) and (11), this notice is effective upon publication, subject to a 30-day notice and comment period in which to comment on the routine uses described in the routine uses section of this system of records notice. Please submit your comments by August 17, 2023.

ADDRESSES:

You may submit comments by either of the following methods:

Federal eRulemaking Portal: This website provides the ability to type short comments directly into the comment field on this web page or attach a file for lengthier comments. Go to: https://www.regulations.gov. Follow the online instructions at that site for submitting comments. Postal Mail/Commercial Delivery: Please send one copy of your comments to Docket No. USDA-2022-0013, Customer Contact, 1400 Independence Ave, SW, Mailstop 3000, Washington, DC 20250 or at Simchah Suveyke-Bogin, email: simchah.suveykebogin@usda.gov.

Instructions: All items submitted by mail or electronic mail must include the Agency name and docket number USDA- 2022-0013. Comments received in response to this docket will be made available for public inspection and posted with change, including any personal information to: https://www.regulations.gov.

FOR FURTHER INFORMATION CONTACT:

For general questions, please contact: Simchah Suveyke-Bogin, email: simchah.suveykebogin@usda.gov or call 202-913-3020. For Privacy Act questions concerning this system of records notice, please contact Michele Washington, USDA, Department Administration Information Technology Office, Office of the Chief Information Officer, United States Department of Agriculture, 202-577-8021. For general USDA Privacy Act questions, please contact the USDA Chief Privacy Officer, Information Security Center, Office of Chief Information Officer, USDA, Jamie L. Whitten Building, 1400 Independence Ave. SW, Washington, DC 20250, or email: USDAprivacy@ocio.usda.gov.

SUPPLEMENTARY INFORMATION:

USDA is proposing to establish a new System of Records Notice entitled USDA/OCX, AskUSDA Contact Center. The AskUSDA Contact Center serves as the centralized entry point for the public to access information and assistance from USDA through an omni-channel of calls, emails, and chats. The records maintained are the inquirer's contact information, public inquiries, case information, knowledge articles used, and accompanying notes.

SYSTEM NAME AND NUMBER:

USDA/OCX, AskUSDA Contact Center

SECURITY CLASSIFICATION:

Sensitive But Unclassified

SYSTEM LOCATION:

The USD/OCX is maintained and physically located at USDA/OCIO, 1400 Independence Ave SW, Washington, DC 20250-3000. Salesforce Government Cloud-OCIO FR.

SYSTEM MANAGER(S):

Chief Customer Experience Officer, Office of Customer Experience (OCX), USDA 1400 Independence Ave SW, Washington, DC 20250-3300, (202) 913-3020. Third-party service provider, Salesforce Government Cloud, 415 Mission Street, San Francisco, CA 94105.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

This system of records is authorized under OMB Circular A-11, Section 280, S.1088, Federal Agency Customer Experience Act of 2017, Public Law 115-336, Presidents' Management Agenda (PMA) 2021, and Executive Order 1307, Executive Order 14058- Transforming Federal Customer Experience and Service Delivery to Rebuild Trust in Government.

PURPOSE(S) OF THE SYSTEM:

The purpose of this system is to provide industry standard customer service to respond to inquiries from the general public regarding programs and services provided by USDA. The system tracks the individual asking questions for continuity of support and maintains a record of their interaction. The system provides the general public multiple channels like phone, email, and chat. The system also maintains a common knowledge base across the organization that improves response consistency. This system also improves the efficiency of the federal staff providing answers to public inquiry.

CATEGORIES OF INDIVIDUALS CONVERED BY THE SYSTEM:

[top] The categories of individuals covered by the system include the general public and USDA employees. The majority of customers are private individuals and businesses from across the nation that are looking for information regarding USDA programs and services. The

programs and services are provided by the different agencies within USDA.

CATEGORIES OF RECORDS IN THE SYSTEM:

Categories of records created in the system are on individual(s) who have contacted USDA, to include their first and last names, phone numbers, emails, and physical addresses. Knowledge Articles from various mission areas explaining USDA programs and other public sources, and General Inquiry Case Information (Subject, Description-Inquiry Details/Case History, Case Number, Contact, Account, Nature of Inquiry) are in the system.

RECORD SOURCE CATEGORIES:

The sources of information in this system are members of the public, USDA employees, contractors, USDA applicants, and other individuals or entities who contact the USDA Contact Center.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, records maintained in the system may be disclosed outside USDA, as follows:

A. To the U.S. Department of Justice (DOJ) when: (a) USDA or any component thereof; or (b) any employee of USDA in his or her official capacity, or any employee of the agency in his or her individual capacity where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and USDA determines that the records are relevant and necessary to the litigation and the use of such records by the Department of Justice is for a purpose that is compatible with the purpose for which USDA collected the records;

B. When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program, statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate Federal, State, local, foreign, Tribal, or other public authority responsible for enforcing, investigating, or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative or prospective responsibility of the receiving entity;

C. To Congressional office staff in response to an inquiry made at the written request of the individual to whom the record pertains;

D. To appropriate agencies, entities, and persons when: (a) USDA suspects or has confirmed that there has been a breach of the system of records; (b) USDA has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, USDA (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with USDA's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm;

E. To contractors and their agents, grantees, experts, consultants, and other performing or working on a contract, service, grant, cooperative agreement, or other assignment for the USDA, when necessary to accomplish an agency function related to this system of records;

F. To comply with Federal Funding Accountability and Transparency Act (FFATA) and similar statutory requirements for public disclosure in situations where records reflect loans, grants, or other payments to members of the public;

G. To the National Archives and Records Administration (NARA) or other Federal government agencies pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906;

H. To a court or adjudicative body in a proceeding when: (a) USDA or any component thereof; or (b) any employee of USDA in his or her official capacity; or (c) any employee of USDA in his or her individual capacity where USDA has agreed to represent the employee; or the United States Government is a party to litigation or has an interest in such litigation, and USDA determines that the records are both relevant and necessary to the litigation and that use of such records is therefore deemed by USDA to be for a purpose that is compatible with the purpose for which USDA collected the records;

I. To appropriate agencies, entities, and persons when (1) DA/OCE suspects or has confirmed that there has been a breach of the system of records,(2) DA/OCE has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DA/OCE (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DA/OCE's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm; and

J. To another Federal agency or Federal entity to another Federal agency or Federal entity, when DA/OCE determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

The NIST 800-53 controls are employed to reduce the risks of unauthorized and unintended information transfer. OCX records are electronic only records and stored at the FedRamp certified Salesforce Cloud.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Contact information are retrieved by a search of the name or phone number. A key word search retrieves knowledge articles. Only employees with secure and verified access can retrieve Contact Center data information. Employees retrieving this data must have secure access to Salesforce, must pass a single sign- on verification, and have specific permissions granted by a database administrator to retrieve records. The employee would access the platform using a personal identity verification (PIV) card or enter verifiable credentials, use a dashboard or customized report retrieval.

POLICIES AND PRACTICIES FOR RETENTION AND DISPOSAL OF RECORDS:

Records are retained and disposed of in accordance with NARA's General Records Schedule 820-1 but may be retained for a longer period as required by litigation, investigation, and/or audit. Contact details are proposed to maintain for seven years before archived. Personal information stored ( i.e., name, email, and phone number) are encrypted.

ADMINISTRATIVE, TECHICAL, AND PHYSICAL SAFEGUARDS:

[top] All electronic records are secured with proper requirements for access in place. Access is only granted to

employees approved and cleared to receive permissions to Salesforce and have PIV access and clearance. Users who are contractors are provided training during onboarding to use the system and federal employees receive updated training for Salesforce and its dashboards periodically as needed. Access Control (AC), Identification and Authentication (IA) and Systems and Communication Protection (SC) security controls are in place to prevent unauthorized access. Individual systems desk procedures document the process for establishing, activating, and modifying IDs. System Owners define Groups and account types. System Point of Contact (POC) assigns group membership and determines need-to-know validation. The Program Manager verifies user identification. Role Based Access Control are also used. All internal USDA access is managed through the USDA Enterprise Entitlement Management System for requesting internal access.

RECORD ACCESS PROCEDURES:

Individuals seeking to gain access to a record in this system of records should contact the system manager at the address listed above. Provide the system manager with the necessary particulars such as full name, date of birth, work address, and country of citizenship. Requesters must also reasonably specify the record contents sought. The request must meet the requirements of the regulations at 34 CFR 5b.5, including proof of identity. All requests for access to records must be in writing and should be submitted to the system manager at the address listed above. A determination on whether a record may be accessed will be made when a request is received.

CONTESTING RECORD PROCEDURES:

Individuals seeking to contest or amend information maintained in the system should direct their request to the above listed System Manager and should include the reason for contesting it and the proposed amendment to the information with supporting information to show how the record is inaccurate. A request for contesting records should contain: Name, address including zip code, name of the system of records, year of records in question, and any other pertinent information to help identify the data requested.

NOTIFICATION PROCEDURES:

Individuals may be notified if a record in this system of records pertains to them when the individuals request information utilizing the same procedures as those identified in the "RECORD ACCESS PROCEDURES" paragraph, above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

None

Simchah SuveykeBogin,

Chief Customer Experience Officer, Office of Customer Experience, Departmental Administration, United States Department of Agriculture.

[FR Doc. 2023-15161 Filed 7-17-23; 8:45 am]

BILLING CODE 3411-07-P