[Federal Register Volume 85, Number 83 (Wednesday, April 29, 2020)]
[Notices]
[Pages 23880-23882]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-09074]
=======================================================================
-----------------------------------------------------------------------
SOCIAL SECURITY ADMINISTRATION
[Docket No. SSA-2019-0043]
Privacy Act of 1974; System of Records
AGENCY: Office of Privacy and Disclosure, Office of the General
Counsel, Social Security Administration (SSA).
ACTION: Notice of a modified system of records.
-----------------------------------------------------------------------
SUMMARY: In accordance with the Privacy Act, we are issuing public
notice of our intent to modify an existing system of records entitled,
Parking Management Record System, 60-0230, last published in full
January 11, 2006. This notice publishes details of the modified system
as set forth under the caption, SUPPLEMENTARY INFORMATION.
DATES: The system of records notice (SORN) is applicable upon its
publication in today's Federal Register, with the exception of the new
routine uses, which are effective May 29, 2020. We invite public
comment on the routine uses or other aspects of this SORN. In
accordance with 5 U.S.C. 552a(e)(4) and (e)(11), the public is given a
30-day period in which to submit comments. Therefore, please submit any
comments by May 29, 2020.
ADDRESSES: The public, Office of Management and Budget (OMB), and
Congress may comment on this publication by writing to the Executive
Director, Office of Privacy and Disclosure, Office of the General
Counsel, Social Security Administration, Room G-401 West High Rise,
6401 Security Boulevard, Baltimore, Maryland 21235-6401, or through the
Federal e-Rulemaking Portal at http://www.regulations.gov, please
reference docket number SSA-2019-0043. All comments we receive will be
available for public inspection at the above address and we will post
them to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: Elizabeth Boorstein, Government
Information Specialist, Privacy Implementation Division, Office of
Privacy and Disclosure, Office of the General Counsel, SSA, Room G-401
West High Rise, 6401 Security Boulevard, Baltimore, Maryland 21235-
6401, telephone: (410) 966-5855, email: [email protected].
SUPPLEMENTARY INFORMATION: We are modifying the existing system of
record notice to reflect changes to the process for applying for
parking on SSA properties; the categories and types of records captured
within this system; and for the storage and retrieval of parking policy
violations.
We are also modifying the notice throughout to correct
miscellaneous stylistic formatting and typographical errors of the
previously published notice, and to ensure the language reads
consistently across multiple systems. We are republishing the entire
notice for ease of reference.
In accordance with 5 U.S.C. 552a(r), we provided a report to OMB
and Congress on this modified system of records.
Matthew Ramsey,
Executive Director, Office of Privacy and Disclosure, Office of the
General Counsel.
SYSTEM NAME AND NUMBER:
Social Security Administration (SSA), Parking Management Record
System, 60-0230
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Social Security Administration, Office of Security and Emergency
Preparedness, Parking and Credentialing Office, 1501 Robert M. Ball
Building, 6401 Security Boulevard, Baltimore, Maryland 21235-6401.
Information is also located in additional locations in connection
with cloud-based services and kept at an additional location as backup
for business continuity purposes.
SYSTEM MANAGER(S):
Director, Office of Security Administration and Project Management,
Social Security Administration, 1501 Robert M. Ball Building, 6401
Security Boulevard, Baltimore, Maryland 21235-6401, (410) 966-5855.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Federal Property and Administrative Services Act of 1949, as
amended, (see 40 U.S.C. 101, 121, and 41 CFR 102-74.265-310 and 41 CFR
102-74.430)
PURPOSE(S) OF THE SYSTEM:
The purpose of the SSA Parking Management System is to facilitate
and enforce SSA parking policies. The SSA Parking Management System
will capture vehicle and owner information on SSA employees,
contractors, interns, and visitors to SSA facilities who apply for a
parking permit, who have assignment of space for parking, and who park
on SSA-controlled property and on property assigned to SSA by the
General Services Administration or any other agency. This system will
also capture information about those who violate SSA Parking Policy,
including parking violation citations.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
All Headquarters SSA employees as well as any visitors, carpool
members, contractors, vendors or building tenants utilizing SSA
Headquarters parking facilities.
[[Page 23881]]
CATEGORIES OF RECORDS IN THE SYSTEM:
This system includes all documentation in support of parking
applications or assignment of parking, such as vehicle owner name,
Social Security number (SSN), vehicle registration number (license
plate), state of vehicle registration, vehicle make, model, color. For
those that received a parking citation by violating SSA Parking Policy,
this also includes vehicle owner home address.
RECORD SOURCE CATEGORIES:
Records are developed from the individual during the parking
assignment application process or at the issuance of parking citations
due to parking infractions.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES
OF USERS AND THE PURPOSES OF SUCH USES:
Disclosure may be made for routine use as indicated below:
1. To a congressional office in response to an inquiry from that
office made on behalf of, and at the request of, the subject of the
record or a third party acting on the subject's behalf.
2. To the Department of Justice (DOJ), a court or other tribunal,
or another party before such tribunal, when:
a. SSA, or any component thereof; or
b. any SSA employee in his/her official capacity; or
c. any SSA employee in his/her individual capacity where DOJ (or
SSA where it is authorized to do so) has agreed to represent the
employee; or
d. the United States or any agency thereof where SSA determines
that there is litigation likely to affect the operations of SSA or any
of its components, is a party to the litigation or has an interest in
such litigation, and SSA determines that the use of such records by
DOJ, a court or other tribunal, or another party before tribunal, is
relevant and necessary to the litigation, provided, however, that in
each case, SSA determines that such disclosure is compatible with the
purpose(s) for which the records were collected.
3. To student volunteers, individuals working under a personal
services contract, and other workers who technically do not have the
status of Federal employees, when they are performing work for SSA, as
authorized by law, and they need access to personally identifiable
information (PII) in SSA records in order to perform their assigned
agency functions.
4. To the National Archives Records Administration under 44 U.S.C.
2904 and 2906.
5. To appropriate agencies, entities, and persons when: (a) SSA
suspects or has confirmed that there has been a breach of this system
of records; (b) SSA has determined that as a result of the suspected or
confirmed breach there is a risk of harm to individuals, SSA (including
its information systems, programs, and operations), the Federal
Government, or national security; and (c) the disclosure made to such
agencies, entities, and persons is reasonably necessary to assist in
connection with SSA's efforts to respond to the suspected or confirmed
breach or to prevent, minimize, or remedy such harm.
6. To another Federal agency or Federal entity, when SSA determines
that information from this system of records is reasonably necessary to
assist the recipient agency or entity in: (a) Responding to a suspected
or confirmed breach; or (b) preventing, minimizing, or remedying the
risk of harm to individuals, the recipient agency or entity (including
its information systems, programs, and operations), the Federal
Government, or national security resulting from a suspected or
confirmed breach.
7. To Federal, State, and local law enforcement agencies and
private security contractors, as appropriate, information necessary:
(a) To enable them to protect the safety of SSA employees and
customers, the security of the SSA workplace and the operation of SSA
facilities; or (b) to assist investigations or prosecutions with
respect to activities that affect such safety and security, or
activities that disrupt the operation of SSA facilities.
8. To the Office of Personnel Management, the Merit Systems
Protection Board, or the Office of the Special Counsel when information
is requested in connection with appeals, special studies of the civil
service and other merit systems, review of those agencies' rules and
regulations, investigation of alleged or possible prohibited personnel
practices, and for such other function of these agencies as may be
authorized by law, e.g., 5 U.S.C. 1205 and 1206.
9. To the Equal Employment Opportunity Commission when requested in
connection with investigations into alleged or possible discriminatory
practices in the Federal sector, examination of Federal affirmative
employment programs, compliance by Federal agencies with the Uniform
Guidelines on Employee Selection Procedures, or other functions vested
in the Commission.
10. To the Federal Labor Relations Authority, its General Counsel,
the Federal Mediation and Conciliation Service, the Federal Service
Impasses Panel, or an arbitrator when information is requested in
connection with investigations of allegations of unfair practices,
matters before an arbitrator or the Federal Service Impasses Panel.
11. To officials of labor organizations recognized under 5 U.S.C.
Chapter 71 when relevant and necessary to their duties of exclusive
representation concerning personnel policies, practices, and matters
affecting conditions of employment.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Initial parking applications (form SSA-391) are maintained in paper
form; these forms are used by employees and contractors who have yet to
access SSA systems and are completed prior to their official duty start
date. Parking citation records are maintained in an electronic format
using the parking citation system.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by vehicle owner name, vehicle registration
number (license plate), state of vehicle registration, vehicle make,
model, or color.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Superseded materials are maintained by the SSA Office of Security
Administration and Project Management for historical purposes and the
control purpose has been met and the records are then destroyed per
General Records Schedule 01-1 (001): The record retention is
temporary--destroy when 3 years old, but longer retention is authorized
if needed for business use. Superseded materials are maintained by the
SSA Protective Security Officer for historical purposes and the control
purpose has been met and the records are then destroyed.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
We retain electronic and paper files with personal identifiers in
secure storage areas accessible only by our authorized employees and
contractors who have a need for the information when performing their
official duties. Security measures include the use of codes and
profiles, personal identification number and password, and personal
identification verification cards. Further, management grants specific
personnel access authority to the parking citation system; parking
enforcement officers are the only personnel allowed to electronically
upload parking citations. We keep paper records in locked cabinets
within secure
[[Page 23882]]
areas, with access limited to only those employees who have an official
need for access in order to perform their duties. We annually provide
our employees and contractors with appropriate security awareness
training that includes reminders about the need to protect PII and the
criminal penalties that apply to unauthorized access to, or disclosure
of, PII (e.g., 5 U.S.C. 552a(i)(1)). Furthermore, employees and
contractors with access to databases maintaining PII must sign a
sanctions document annually, acknowledging their accountability for
inappropriately accessing or disclosing such information.
RECORD ACCESS PROCEDURES:
Individuals requesting notification of, or access to, a record by
mail must include a notarized statement to us to verify their identity
or must certify in the request that they are the individual they claim
to be and that they understand that the knowing and willful request
for, or acquisition of, a record pertaining to another individual under
false pretenses is a criminal offense.
Individuals requesting notification of, or access to, records in
person must provide their name, SSN, or other information that may be
in this system of records that will identify them, as well as provide
an identity document, preferably with a photograph, such as a driver's
license. Individuals lacking identification documents sufficient to
establish their identity must certify in writing that they are the
individual they claim to be and that they understand that the knowing
and willful request for, or acquisition of, a record pertaining to
another individual under false pretenses is a criminal offense. These
procedures are in accordance with our regulations at 20 CFR 401.40 and
401.45.
CONTESTING RECORD PROCEDURES:
Same as Notification procedures. Also, requesters should reasonably
identify the record, specify the information they are contesting and
the corrective action sought, and the reasons for the correction, with
supporting justification showing how the record is incomplete,
untimely, inaccurate or irrelevant. These procedures are in accordance
with SSA regulations (20 CFR 401.65(a)).
NOTIFICATION PROCEDURES:
An individual can determine if this system contains a record about
him/her by writing to the system manager(s) at the above address and
providing his/her name, SSN or other information that may be in the
system of records that will identify him/her. An individual requesting
notification of records in person should provide the same information,
as well as provide an identity document, preferably with a photograph,
such as a driver's license or some other means of identification. If an
individual does not have any identification documents sufficient to
establish his/her identity, the individual must certify in writing that
he/she is the person claimed to be and that he/she understands that the
knowing and willful request for, or acquisition of, a record pertaining
to another individual under false pretenses is a criminal offense.
If notification is requested by telephone, an individual must
verify his/her identity by providing identifying information that
parallels information in the record to which notification is being
requested. If it is determined that the identifying information
provided by telephone is insufficient, the individual will be required
to submit a request in writing or in person. If an individual is
requesting information by telephone on behalf of another individual,
the subject individual must be connected with SSA and the requesting
individual in the same phone call. SSA will establish the subject
individual's identity (his/her name, SSN, address, date of birth and
place of birth, along with one other piece of information, such as
mother's maiden name) and ask for his/her consent in providing
information to the requesting individual.
If a request for notification is submitted by mail, an individual
must include a notarized statement to SSA to verify his/her identity or
must certify in the request that he/she is the person claimed to be and
that he/she understands that the knowing and willful request for, or
acquisition of, a record pertaining to another individual under false
pretenses is a criminal offense. These procedures are in accordance
with SSA regulations (20 CFR 401.40).
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
17 FR 1846, Social Security Administration Parking Management
Record System.
72 FR 69723, Social Security Administration Parking Management
Record System.
83 FR 54969, Social Security Administration Parking Management
Record System.
[FR Doc. 2020-09074 Filed 4-28-20; 8:45 am]
BILLING CODE 4191-02-P