90 FR 146 pgs. 36176-36178 - Privacy Act of 1974; System of Records
Type: NOTICEVolume: 90Number: 146Pages: 36176 - 36178
Pages: 36176, 36177, 36178Docket number: [Docket No. FR-7104-N-08]
FR document: [FR Doc. 2025-14575 Filed 7-31-25; 8:45 am]
Agency: Housing and Urban Development Department
Official PDF Version: PDF Version
[top]
DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT
[Docket No. FR-7104-N-08]
Privacy Act of 1974; System of Records
AGENCY:
Office of the Chief Financial Officer, HUD.
ACTION:
Notice of a Modified System of Records.
SUMMARY:
Pursuant to the provisions of the Privacy Act of 1974, as amended, the Department of the Housing and Urban Development (HUD), Office of the Chief Financial Officer (OCFO) Accounting Operations Center, is modifying a system of records titled, "Financial Data Mart." Financial Data Mart (FDM) is a warehouse of data extracted from various HUD systems and is supported by several query tools for improved financial and program data reporting. FDM facilitates viewing, understanding and reporting of financial data. FDM is the primary reporting tool used to generate internal ad-hoc reports, scheduled event-driven reports, and queries. This system of records is being revised to make clarifying changes within: System Name and number, System Manager, Purpose of the System, Categories of Individuals Covered by the System, Categories of Records in the System, Records Source Categories, Routine Uses Maintained in the System, Retrieval of Records, Retention and Disposal of Records and Administrative, Technical and Physical Safeguards, Record Access Procedures, Contesting Record Procedures, and Notification Procedures. The SORN modifications are outlined in the SORN SUPPLEMENTARY INFORMATION section.
DATES:
Comments will be accepted on or before September 2, 2025. This proposed action will be effective on the date following the end of the comment period unless comments are received which result in a contrary determination.
ADDRESSES:
You may submit comments, identified by the docket number or by one of the following methods:
Federal e-Rulemaking Portal : http://www.regulations.gov. Follow the instructions provided on that site to submit comments electronically.
Fax : 202-619-8365.
Email : privacy@hud.gov.
Mail : Attention: Privacy Office; Shalanda Capehart, Acting Chief Privacy Officer; The Office of Executive Secretariat; 451 7th Street SW, Room 10139; Washington, DC 20410-0001.
Instructions : All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.
Docket : For access to the docket to read background documents or comments received go to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT:
Shalanda Capehart, Acting Chief Privacy Officer, 451 7th Street SW, Room 10139, Washington, DC 20410-0001; telephone (202) 402-5085 (this is not a toll-free number). HUD welcomes and is prepared to receive calls from individuals who are deaf or hard of hearing, as well as individuals with speech or communication disabilities. To learn more about how to make an accessible telephone call, please visit https://www.fcc.gov/consumers/guides/telecommunications-relay-service-trs.
SUPPLEMENTARY INFORMATION:
[top] HUD amends the system of records notice (SORN) for the Financial Data Mart
• System Name and Number: Updated to reflect the correct system number.
• System Manager: Updated to reflect personnel changes.
• Purpose of the System: Updated for greater clarity and conciseness.
• Categories of Individuals: Updated to include additional categories.
• Categories of Records: Updated to include additional categories.
• Record Source Categories: Updated to include Loan Accounting System (LAS) and GSA's System for Award Management (SAM).
• Routine Use of Records Maintained: Updated to include NARA's requirement for FOIA requests.
• Retrieval of Records: Updated to include email address in the list.
• Retention and Disposal of Records: Updated to align with NARA's requirements.
• Administrative, Technical, and Physical Safeguards: Updated to remove information unrelated to FDM.
• Record Access Procedures, Contesting Record Procedures, and Notification Procedures sections: Updated to reflect current guidance.
SYSTEM NAME AND NUMBER:
Financial Data Mart (FDM), HUD/CFO-04.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
HUD Headquarters, 451 7th Street SW, Washington, DC 20410-1000 and National Center for Critical Information Processing and Storage (NCCIPS), Stennis Space Center, MS 39529-6000. The backup data center is at Mid-Atlantic Data Center in Clarksville, VA 23927-3201.
SYSTEM MANAGER(S):
Kate Darling, Assistant Chief Financial Officer for Systems, Office of the Chief Financial Officer, Department of Housing and Urban Development, 451 7th Street SW, Room 3100, Washington, DC 20410-0001; telephone (202) 402-3912.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
31 U.S.C. 3511; The Chief Financial Officers Act of 1990 (31 U.S.C. 901, et seq. ); Executive Order 9397, as amended by Executive Order 13478; Housing and Community Development Act of 1987, 42 U.S.C. 3543.
PURPOSE(S) OF THE SYSTEM:
Financial Data Mart (FDM) is a centralized repository of data extracted from a variety of HUD's financial systems, supported by query tools to enhance financial and program data reporting. FDM is designed to facilitate viewing, understanding, and reporting of financial data. FDM serves as the primary tool for generating internal ad-hoc reports, scheduled event-driven reports, and queries.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
General public, Federal Employees, Contractors, Third-Party vendors, and recipients of grants, subsidies, or loans.
CATEGORIES OF RECORDS IN THE SYSTEM:
Names, Social Security Numbers (SSNs), Taxpayer-IDs (which may include SSNs for sole-proprietors), Home/business addresses, Financial Information ( e.g., bank account number, bank routing numbers), Email addresses, salaries, and User IDs.
RECORD SOURCE CATEGORIES:
FDM receives records from other HUD information systems such as HUD Central Accounting and Program Systems (HUDCAPS), Loan Accounting System (LAS), Line of Credit Control System (LOCCS), HUD Integrated Human Resources and Training System (HIHRTS), Geocoding Service Center (GSC), Office 365 Multi-Tenant Software, and non-Personally Identifiable Information (non-PII) from Integrated Real Estate Management System (IREMS). FDM receives records from external sources, such as the General Services Administration, System for Award Management (SAM) and the Department of Treasury, Administrative Resource Center (ARC)'s Oracle Federal Financials.
ROUTINE USES MAINTINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSEs OF SUCH USES:
(A) To a congressional office from the record of an individual, in response to an inquiry from the congressional office made at the request of that individual.
(B) To appropriate agencies, entities, and persons when: (I) HUD suspects or has confirmed that there has been a breach of the system of records; (II) HUD has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, HUD (including its information systems, programs, and operations), the Federal Government, or national security; and (III) The disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with HUD's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
(C) To another Federal agency or Federal entity, when HUD determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (I) responding to a suspected or confirmed breach or (II) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
(D) To a court, magistrate, administrative tribunal, or arbitrator in the course of presenting evidence, including disclosures to opposing counsel or witnesses in the course of civil discovery, litigation, mediation, or settlement negotiations; or in connection with criminal law proceedings; when HUD determines that use of such records is relevant and necessary to the litigation and when any of the following is a party to the litigation or have an interest in such litigation: (1) HUD, or any component thereof; or (2) any HUD employee in his or her official capacity; or (3) any HUD employee in his or her individual capacity where HUD has agreed to represent the employee; or (4) the United States, or any agency thereof, where HUD determines that litigation is likely to affect HUD or any of its components.
(E) To any component of the Department of Justice or other Federal agency conducting litigation or in proceedings before any court, adjudicative, or administrative body, when HUD determines that the use of such records is relevant and necessary to the litigation and when any of the following is a party to the litigation or have an interest in such litigation: (1) HUD, or any component thereof; or (2) any HUD employee in his or her official capacity; or (3) any HUD employee in his or her individual capacity where the Department of Justice or agency conducting the litigation has agreed to represent the employee; or (4) the United States, or any agency thereof, where HUD determines that litigation is likely to affect HUD or any of its components.
[top] (F) To appropriate Federal, State, local, tribal, or other governmental agencies or multilateral governmental organizations responsible for investigating or prosecuting the violations of, or for enforcing or implementing, a statute, rule, regulation, order, or license, where HUD determines that the information would assist in the enforcement of civil or criminal laws when such records, either
(G) To Federal agencies, non-Federal entities, their employees, and agents (including contractors, their agents or employees; employees or contractors of the agents or designated agents); or contractors, their employees or agents with whom HUD has a contract, service agreement, grant, cooperative agreement, or computer matching agreement for the purpose of: (I) Detection, prevention, and recovery of improper payments; (II) detection and prevention of fraud, waste, and abuse in major Federal programs administered by a Federal agency or non-Federal entity; (III) for the purpose of establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefits programs or recouping payments or delinquent debts under such Federal benefits programs; (IV) detection of fraud, waste, and abuse by individuals in their operations and programs. Records under this routine use may be disclosed only to the extent that the information shared is necessary and relevant to verify pre-award and prepayment requirements prior to the release of Federal funds or to prevent and recover improper payments for services rendered under programs of HUD or of those Federal agencies and non-Federal entities to which HUD provides information under this routine use.
(H) To contractors, grantees, experts, consultants and their agents, or others performing or working under a contract, service, grant, cooperative agreement, or other agreement with HUD, when necessary to accomplish an agency function related to a system of records. Disclosure requirements are limited to only those data elements considered relevant to accomplishing an agency function.
(I) To the National Archives and Records Administration, Office of Government Information Services (OGIS), to the extent necessary to fulfill its responsibilities in 5 U.S.C. 552(h), to review administrative agency policies, procedures and compliance with the Freedom of Information Act (FOIA), and to facilitate OGIS' offering of mediation services to resolve disputes between persons making FOIA requests and administrative agencies.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic only.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Name, Social Security Number, Taxpayer ID, Email address, and User-ID.
POLICIES AND PRACTICIES FOR RETENTION AND DISPOSAL OF RECORDS:
Temporary. Destroy 6 years after final payment or cancellation, but longer retention is authorized if required for business use.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
All HUD employees have undergone background investigations. HUD buildings are guarded and monitored by security personnel, cameras, ID checks, and other physical security measures. Access is restricted to authorized personnel or contractors whose responsibilities require access. System users must take the mandatory security awareness training annually as mandated by the Federal Information Security Management Act (FISMA). Users must also sign a Rules of Behavior form certifying that they agree to comply with the requirements before they are granted access to the system. FDM resides in the HUD Office of Chief Information Officer (OCIO) Local Area Network (LAN). The HUD OCIO Infrastructure and Operations Office (IOO) secures the Data Centers where the LAN resides. FDM sends and receives data through HUD SFTP (Security File Transfer Protocol), which encrypts the data in the database. All users authenticate to the HUD LAN with PIV cards before they can access FDM. OCFO limits access to records that contain PII data on a need-to-know basis, user recertification is performed, audit logs are reviewed, security assessments are performed, and background checks are performed prior to granting access to privileged roles. Not all employees and contractors have access to the vendor table that includes the PII. Supervisors determine and authorize FDM access for their employees, and OCFO checks their suitability. The majority of FDM users are read-only and cannot enter data into FDM. A system user recertification is conducted to ensure each FDM user requires access to the system.
RECORD ACCESS PROCEDURES:
Individuals requesting records of themselves should address written inquiries to the Department of Housing Urban and Development 451 7th Street SW, Washington, DC 20410-0001. For verification, individuals should provide their full name, current address, and telephone number. In addition, the requester must provide either a notarized statement or an unsworn declaration made under 24 CFR 16.4.
CONTESTING RECORD PROCEDURES:
The HUD rule for contesting the content of any record pertaining to the individual by the individual concerned is published in 24 CFR 16.8 or may be obtained from the system manager.
NOTIFICATION PROCEDURES:
Individuals requesting notification of records of themselves should address written inquiries to the Department of Housing Urban Development, 451 7th street SW, Washington, DC 20410-0001. For verification purposes, individuals should provide their full name, office or organization where assigned, if applicable, and current address and telephone number. In addition, the requester must provide either a notarized statement or an unsworn declaration made under 24 CFR 16.4.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
Docket No. FR-7062-N-12, 87 FR 50640, August 17, 2022.
Shalanda Capehart,
Acting Chief Privacy Officer, Office of Administration.
[FR Doc. 2025-14575 Filed 7-31-25; 8:45 am]
BILLING CODE 4210-67-P