Skip to Content

Notice

Privacy Act of 1974; Annual Publication of Systems of Records

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble Start Printed Page 60742

AGENCY:

National Institutes of Health, HHS.

ACTION:

Privacy Act: Annual Re-publication of Notices of Revised Systems of Records.

SUMMARY:

The National Institutes of Health (NIH) has conducted a comprehensive review of all Privacy Act systems of records and is publishing the resulting revisions. None of the revisions meet the OMB criteria for a new or altered system of records requiring an advance period for public comment. These changes are in compliance with Circular A-130, Appendix 1. The notices re-published below are complete and accurate as of August 31, 2002

End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

The following information summarizes the current status of systems of records which had minor modifications during 1998 and lists all systems maintained by NIH:

A. System Name

The following systems have been updated to reflect a change in the name of the system.

09-25-0005, Administration: Library Operations and User I.D. File, HHS/NIH/OD

09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/NIH/CC

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC (Grant/Contract/Cooperative Agreement/Chartered Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO

09-25-0054, Administration: Property Accounting, HHS/NIH/ORS

09-25-0140, International Activities: International Scientific Researchers in Intramural Laboratories at the National Institutes of Health, HHS/NIH/FIC

09-25-0158, Administration: Records of Applicants and Awardees of the NIH Intramural Research Training Awards Program, HHS/NIH/OD

09-25-0168, Invention, Patent, and Licensing Documents Submitted to the Public Health Service by its Employees, Grantees, Fellowship Recipients, and Contractors, HHS/PHS/FDA/NIH/OTT

09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the National Institutes of Health (NIH), HHS/NIH/OD

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

09-25-0213, Administration: Employee Conduct Investigative Records, HHS/NIH/OM/OA/OMA

B. Security Classification

None.

C. System Location

The following systems have been updated to reflect a change in the system location or location address. These changes do not affect the access by the individual to the individual's records.

09-25-0005, Administration: Library Operations and User I.D. File, HHS/NIH/OD

09-25-0007, Administration: NIH Safety Glasses Issuance Program, HHS/NIH/ORS

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0033, International Activities: Fellowships Awarded by Foreign Organizations, HHS/NIH/FIC

09-25-0034, International Activities: Scholars-in-Residence Program, HHS/NIH/FIC

09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC (Grant/Contract/Cooperative Agreement/Chartered Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO

09-25-0041, Research Resources: Scientists Requesting Hormone Distribution, HHS/NIH/NIDDK

09-25-0054, Administration: Property Accounting, HHS/NIH/ORS

09-25-0078, Administration: Consultant File, HHS/NIH/NHLBI

09-25-0087, Administration: Senior Staff, HHS/NIH/NIAID

09-25-0099, Clinical Research: Patient Medical Records, HHS/NIH/CC

09-25-0105, Administration: Health Records of Employees, Visiting Scientists, Fellows, and Others Who Receive Medical Care Through the Employee Health Unit, HHS/NIH/ORS

09-25-0106, Administration: Office of the NIH Director and Institute/Center Correspondence Records, HHS/NIH/OD

09-25-0108, Personnel: Guest Researchers, Special Volunteers, and Scientists Emeriti, HHS/NIH/OHRM

09-25-0115, Administration: Curricula Vitae of Consultants and Clinical Investigators, HHS/NIH/NIAID

09-25-0140, International Activities: International Scientific Researchers in Intramural Laboratories at the National Institutes of Health, HHS/NIH/FIC

09-25-0168, Invention, Patent, and Licensing Documents Submitted to the Public Health Service by its Employees, Grantees, Fellowship Recipients, and Contractors, HHS/PHS/FDA/NIH/OTT

09-25-0169, Medical Staff-Credentials Files, HHS/NIH/CC

09-25-0203, National Institute on Drug Abuse, Intramural Research Program, Federal Prisoner and Non-Prisoner Research Files, HHS/NIH/NIDA

09-25-0210, Shipment Records of Drugs of Abuse to Authorized Researchers, HHS/NIH/NIDA

D. Categories of Individuals Covered by the System

The following systems have been updated to reflect a change in the categories of individuals covered by the system.

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the National Institutes of Health, (NIH), HHS/NIH/OD

09-25-0207, Subject-Participants in Pharmacokinetic Studies on Drugs of Abuse and on Treatment Medications, HHS/NIH/NIDA

09-25-0208, Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

E. Categories of Records in the System

The following systems have been updated to reflect a change in the categories of records in the system.

09-25-0011, Clinical Research: Blood Donor Records, HHS/NIH/CC

09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK

F. Legal Authority for Maintenance of the System

None of the systems have been updated to reflect a change in the legal authority for the maintenance of the system.

G. Purpose

The following systems have been updated to reflect a change in the purpose of the system.

09-25-0041, Research Resources: Scientists Requesting Hormone Distribution, HHS/NIH/NIDDK Start Printed Page 60743

09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK

09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the National Institutes of Health (NIH), HHS/NIH/OD

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

H. Routine Uses of Records

The following systems have been updated to reflect a change in the routine uses of the system.

09-25-0005, Administration: Library Operations and User I.D. File, HHS/NIH/OD

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0099, Clinical Research: Patient Medical Records, HHS/NIH/CC

09-25-0158, Administration: Records of Applicants and Awardees of the NIH Intramural Research Training Awards Program, HHS/NIH/OD

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

I. Storage

The following systems have been updated to reflect a change in the storage of the system.

09-25-0005, Administration: Library Operations and User I.D. File, HHS/NIH/OD

09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/NIH/CC

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC (Grant/Contract/Cooperative Agreement/Chartered Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO

09-25-0108, Personnel: Guest Researchers, Special Volunteers, and Scientists Emeriti, HHS/NIH/OHRM

09-25-0158, Administration: Records of Applicants and Awardees of the NIH Intramural Research Training Awards Program, HHS/NIH/OD

09-25-0169, Medical Staff-Credentials Files, HHS/NIH/CC

09-25-0202, Patient Records on PHS Beneficiaries (1935-1974) and Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA

J. Retrieval

The following system has been updated to reflect a change in the retrieval of the system.

09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK

K. Safeguards

The following systems have been updated to reflect a change in the safeguards of the system.

09-25-0005, Administration: Library Operations and User I.D. File, HHS/NIH/OD

09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/NIH/CC

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC (Grant/Contract/Cooperative Agreement/Chartered Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO

09-25-0106, Administration: Office of the NIH Director and Institute/Center Correspondence Records, HHS/NIH/OD

09-25-0115, Administration: Curricula Vitae of Consultants and Clinical Investigators, HHS/NIH/NIAID

09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK

09-25-0202, Patient Records on PHS Beneficiaries (1935-1974) and Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

09-25-0210, Shipment Records of Drugs of Abuse to Authorized Researchers, HHS/NIH/NIDA

L. Retention and Disposal

The following systems have been updated to reflect a change in the retention and disposal of the system.

09-25-0207, Subject-Participants in Pharmacokinetic Studies on Drugs of Abuse and on Treatment Medications, HHS/NIH/NIDA

09-25-0208, Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

M. System Manager(s) and Address

The following systems have been updated to reflect a change in the name and/or address of the system manager(s).

09-25-0005, Administration: Library Operations and User I.D. File, HHS/NIH/OD

09-25-0007, Administration: NIH Safety Glasses Issuance Program, HHS/NIH/ORS

09-25-0011, Clinical Research: Blood Donor Records, HHS/NIH/CC

09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/NIH/CC

09-25-0014, Clinical Research: Student Records, HHS/NIH/CC

09-25-0033, International Activities: Fellowships Awarded by Foreign Organizations, HHS/NIH/FIC

09-25-0034, International Activities: Scholars-in-Residence Program, HHS/NIH/FIC

09-25-0036, Extramural Awards and Chartered Advisory Committees: IMPAC (Grant/Contract/Cooperative Agreement/Chartered Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO

09-25-0041, Research Resources: Scientists Requesting Hormone Distribution, HHS/NIH/NIDDK

09-25-0054, Administration: Property Accounting, HHS/NIH/ORS

09-25-0078, Administration: Consultant File, HHS/NIH/NHLBI

09-25-0087, Administration: Senior Staff, HHS/NIH/NIAID

09-25-0099, Clinical Research: Patient Medical Records, HHS/NIH/CC

09-25-0105, Administration: Health Records of Employees, Visiting Scientists, Fellows, and Others Who Receive Medical Care Through the Employee Health Unit, HHS/NIH/ORS

09-25-0106, Administration: Office of the NIH Director and Institute/Center Correspondence Records, HHS/NIH/OD

09-25-0108, Personnel: Guest Researchers, Special Volunteers, and Scientists Emeriti, HHS/NIH/OHRM

09-25-0115, Administration: Curricula Vitae of Consultants and Clinical Investigators, HHS/NIH/NIAID

09-25-0118, Contracts: Professional Services Contractors, HHS/NIH/NCI

09-25-0121, International Activities: Senior International Fellowships Program, HHS/NIH/FIC

09-25-0124, Administration: Pharmacology Research Associates, HHS/NIH/NIGMS

09-25-0140, International Activities: International Scientific Researchers in Intramural Laboratories at the National Institutes of Health, HHS/NIH/FIC

09-25-0156, Records of Participants in Programs and Respondents in Surveys Start Printed Page 60744Used to Evaluate Programs of the Public Health Service, HHS/PHS/NIH/OD

09-25-0158, Administration: Records of Applicants and Awardees of the NIH Intramural Research Training Awards Program, HHS/NIH/OD

09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK

09-25-0166, Administration: Radiation and Occupational Safety and Health Management Information Systems, HHS/NIH/ORS

09-25-0167, National Institutes of Health (NIH) TRANSHARE Program, HHS/NIH/OD

09-25-0168, Invention, Patent, and Licensing Documents Submitted to the Public Health Service by its Employees, Grantees, Fellowship Recipients, and Contractors, HHS/PHS/FDA/NIH/OTT

09-25-0169, Medical Staff-Credentials Files, HHS/NIH/CC

09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the National Institutes of Health (NIH), HHS/NIH/OD

09-25-0202, Patient Records on PHS Beneficiaries (1935-1974) and Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA

09-25-0203, National Institute on Drug Abuse, Intramural Research Program, Federal Prisoner and Non-Prisoner Research Files, HHS/NIH/NIDA

09-25-0207, Subject-Participants in Pharmacokinetic Studies on Drugs of Abuse and on Treatment Medications, HHS/NIH/NIDA

09-25-0208, Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA

09-25-0209, Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting New Drug Applications, HHS/NIH/NIDA

09-25-0210, Shipment Records of Drugs of Abuse to Authorized Researchers, HHS/NIH/NIDA

09-25-0211, Intramural Research Program Records of In- and Out-Patients with Various Types of Alcohol Abuse and Dependence, Relatives of Patients with Alcoholism, and Healthy Volunteers, HHS/NIH/NIAAA

09-25-0213, Administration: Employee Conduct Investigative Records, HHS/NIH/OM/OA/OMA

09-25-0216, Administration: NIH Electronic Directory, HHS/NIH

N. Notification Procedure

The following systems have been updated to reflect a change in the notification procedure of the system.

09-25-0041, Research Resources: Scientists Requesting Hormone Distribution, HHS/NIH/NIDDK

09-25-0078, Administration: Consultant File, HHS/NIH/NHLBI

09-25-0115, Administration: Curricula Vitae of Consultants and Clinical Investigators, HHS/NIH/NIAID

09-25-0156, Records of Participants in Programs and Respondents in Surveys Used to Evaluate Programs of the Public Health Service, HHS/PHS/NIH/OD

09-25-0200, Clinical, Epidemiologic, and Biometric Studies of the National Institutes of Health (NIH), HHS/NIH/OD

O. Record Access Procedure

The following system has been updated to reflect a change in the record access procedure of the system.

09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/NIH/CC

P. Contesting Record Procedure

None.

Q. Record Source Categories

The following systems have been updated to reflect a change in the record source categories of the system.

09-25-0012, Clinical Research: Candidate Normal Volunteer Records, HHS/NIH/CC

09-25-0160, United States Renal Data System (USRDS), HHS/NIH/NIDDK

R. Systems Exempted From Certain Provisions of the Act

None.

S. No Changes

None.

T. Edits

None.

U. Published Prior to Update

System 09-25-0165, “NIH Office of Loan Repayment and Scholarship (OLRS) Records System, HHS/NIH/OD”was previously altered and updated. It was published in the Federal Register on February 8, 2002.

V. Deleted Systems of Records

The following systems have been deleted.

09-25-0093, Administration: Authors, Reviewers, Editorial Board, and Members of the Journal of the National Cancer Institute, HHS/NIH/NCI

09-25-0112, Grants and Cooperative Agreements: Research, Research Training, Fellowship and Construction Applications and Related Awards, HHS/NIH/OD

09-25-0161, Administration: NIH Consultant File, HHS/NIH/CSR

Start Signature

Dated: September 13, 2002.

Timothy J. Wheeles,

Director, Division of Management Support, OMA/OA/OM/OD/NIH.

End Signature

09-25-0005

SYSTEM NAME:

Administration: Library Operations and NIH Library User I.D. File, HHS/NIH.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

This system of records is an umbrella system comprising separate sets of records located in National Institutes of Health (NIH) facilities in Bethesda, Maryland, or facilities of contractors of the NIH. Write to the appropriate System Manager listed below for list of current contractor locations.

Clinical Center (CC), Building 10, Room 1L07, 10 Center Drive, Bethesda, MD 20892.

National Library of Medicine (NLM), Building 38, Room 1S33, 8600 Rockville Pike, Bethesda, MD 20894.

National Library of Medicine (NLM), Building 38, Room 1N21, 8600 Rockville Pike, Bethesda, MD 20894.

National Library of Medicine (NLM), Building 38, Room B1E21, 8600 Rockville Pike, Bethesda, MD 20894.

National Technical Information Service (NTIS), Accounting Department, 8001 Forbes Place, Room 208F, Springfield, VA 22151.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Users of library services.

CATEGORIES OF RECORDS IN THE SYSTEM:

Name, organization, address, phone number, photographs, issue date, email address, signature, user code and identification number; and when applicable, credit card number and billing information.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Section 301 of the Public Health Service Act, describing the general powers and duties of the Public Health Service relating to research and investigation (42 U.S.C. 241).

PURPOSE(S):

1. To monitor library material, services, and circulation control.

2. To provide user documentation.

3. To provide copying services (duplication of library materials).

4. To manage invoice and billing transactions for library services.Start Printed Page 60745

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

Disclosure may be made to contractors and staff to monitor library material, services, circulation control; to provide user documentation; and to process or refine the records. Recipients are required to maintain Privacy Act safeguards with respect to those records.

Disclosure may be made for billing purposes to: (a) contractors providing copying services and (b) NTIS for document delivery services.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored on computer tape and disk, paper and file cards.

RETRIEVABILITY:

Records are retrieved by name, user code and/or identification number.

SAFEGUARDS:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to Library staff members who need to verify that Library identification cards have been issued to those Library users requesting services such as reference and interlibrary loans. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager. The contractor maintains a list of personnel having authority to access records to perform their duties.

2. Physical Safeguards: The offices housing the cabinets and file drawers for storage of records are locked during all library off-duty hours. During all duty hours offices are attended by employees who maintain the files. The contractor has secured records storage areas which are not left unattended during the working hours and file cabinets which are locked after hours.

3. Procedural Safeguards: Access to the file is strictly controlled by employees who maintain the files. Records may be removed from files only at the request of the system manager or other authorized employees. Access to computerized records is controlled by the use of security codes known only to authorized users. Contractor personnel receive instruction concerning the significance of safeguards under the Privacy Act.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 8000-D-2, which allows records to be kept until superseded or for a maximum period of six years. Refer to the NIH Manual Chapter for specific conditions on disposal.

SYSTEM MANAGER(S) AND ADDRESS:

Management Analyst, Office of Administration, National Library of Medicine (NLM), Building 38A, Room B2N12, 8600 Rockville Pike, Bethesda, MD 20894.

Chief, Reference and Bibliographic Services Section, Library Branch, Office of Research Services, Office of the Director (OD), Building 10, Room 1L21, 10 Center Drive, Bethesda, MD 20892.

Head, Quality Assurance Unit, Preservation and Collection Management Section, Public Services Division, Library Operations, National Library of Medicine (NLM), Building 38, Room B1E21, 8600 Rockville Pike, Bethesda, MD 20894.

Chief, Public Services Division, Library Operations, National Library of Medicine (NLM), Building 38, Room 1S33, 8600 Rockville Pike, Bethesda, MD 20894.

Librarian, History of Medicine Division, National Library of Medicine (NLM), Building 38, Room 1N21, 8600 Rockville Pike, Bethesda, MD 20894.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request an accounting of disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official at the address specified under Notification Procedures above, and reasonably identify the record and specify the information to be contested, the corrective action sought, and the reasons for the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Individual, NIH Library ID card data.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0007

SYSTEM NAME:

Administration: NIH Safety Glasses Issuance Program, HHS/NIH/ORS.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Health Unit, Occupational Medical Service, Division of Safety, Office of Research Services (ORS), Building 13, Room G904, 13 South Drive, Bethesda, MD 20892.

Write to the System Manager at the address below for the address of any Federal Records Center where records from this system may be stored. Start Printed Page 60746

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

NIH employees who apply for safety glasses.

CATEGORIES OF RECORDS IN THE SYSTEM:

Explanation of eye impact and hazard occupation.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5. U.S.C. 7902.

PURPOSE(S):

Records are used for proper distribution of safety glasses and for proof of delivery.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical and procedural safeguards such as the following:

1. Authorized Users: Access is limited to personnel involved in safety glasses issuance program, to supervisors of employees who have requested glasses, and to personnel involved in accounting.

2. Physical Safeguards: Record storage locations are locked when unattended.

3. Procedural Safeguards: Access to file rooms and files is controlled by system manager or designee.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1300-B-3, which allows records to be kept for a maximum period of five years. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Deputy Director, Division of Safety, Office of Research Services (ORS), Building 31, Room 1C02, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official at the address specified under Notification Procedures above, and reasonably identify the record and specify the information to be contested, the corrective action sought, and the reasons for the correction, with supporting information to how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Previous employer and education institutions.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0011

SYSTEM NAME:

Clinical Research: Blood Donor Records, HHS/NIH/CC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Transfusion Medicine Department, Clinical Center (CC), Building 10, Room 1C711, 10 Center Drive, Bethesda, MD 20892-1184.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Donors of blood and blood components to be used in the NIH Clinical Center for patient infusions.

CATEGORIES OF RECORDS IN THE SYSTEM:

Past donations, blood types, phenotypes. Laboratory results of infectious disease testing, serologic reactions on all blood samples, donations of blood or blood components.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

“Preparation of Biological Products” of the Public Health Service Act (42 U.S.C. 263).

PURPOSE(S):

1. To provide a means for contacting blood donors for patient care and research.

2. To provide a medical history of all donors for the transfusion records of each blood unit.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to HHS contractors and their staff in order to accomplish the purposes for which the records are collected. The recipients are required to comply with the requirements of the Privacy Act with respect to such records.

2. Certain diseases and conditions, including infectious diseases, may be reported to State or Federal government as required by State or Federal law.

3. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

4. In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines Start Printed Page 60747that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, for example in defending against a claim based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, the Department may disclose such records as it deems desirable or necessary to the Department of Justice or other appropriate Federal agency to enable that agency to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

5. (a) PHS may inform the sexual and/or needle-sharing partner(s) of a subject individual who is infected with the human immunodeficiency virus (HIV) of their exposure to HIV, under the following circumstances: (1) The information has been obtained in the course of clinical activities at PHS facilities carried out by PHS personnel or contractors; (2) The PHS employee or contractor has made reasonable efforts to counsel and encourage the subject individual to provide the information to the individual's sexual or needle-sharing partner(s); (3) The PHS employee or contractor determines that the subject individual is unlikely to provide the information to the sexual or needle-sharing partner(s) or that the provision of such information cannot reasonably be verified; and (4) The notification of the partner(s) is made, whenever possible, by the subject individual's physician or by a professional counselor and shall follow standard counseling practices.

(b) PHS may disclose information to State or local public health departments, to assist in the notification of the subject individual's sexual and/or needle-sharing partner(s), or in the verification that the subject individual has notified such sexual or needle-sharing partner(s).

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in a computer file, on donor cards, and on microfilm.

RETRIEVABILITY:

Records are retrieved by a unique control number assigned to each individual donor.

SAFEGUARDS:

Access is granted only to authorized employees in the Department of Transfusion Medicine including physicians, nurses, technologists, computer operators, and the department's administrative officer.

1. Authorized Users: Access is granted only to authorized employees of the Department of Transfusion Medicine including physicians, nurses technologists, computer operators and the secretary to the Chief.

2. Physical Safeguards: Record facilities are locked when system personnel are not present.

3. Procedural Safeguards: Access to manual files is limited to authorized users. Access to computerized records is controlled by the use of security codes known only to the authorized users.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 3000-E-50. Refer to the NIH Manual Chapter for specific conditions on disposal.

SYSTEM MANAGER(S) AND ADDRESS:

Chief, Transfusion Medicine Department, Clinical Center (CC), Building 10, Room 1C711, 10 Center Drive, Bethesda, MD 20892-1184.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

An individual who requests notification of or access to a medical record shall, at the time the request is made, designate in writing, a responsible representative, who may be a physician, who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

RECORD ACCESS PROCEDURE:

To obtain access to a record, contact the System Manager at the address specified above. Requesters should provide the same information as is required under the Notification Procedures above. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Data are collected from the individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0012

SYSTEM NAME:

Clinical Research: Candidate Healthy Volunteer Records, HHS/NIH/CC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Clinical Research Volunteer Program, Building 61, 10 Cloister Court, Bethesda, MD 20892-4754.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Normally healthy individuals who volunteer to participate in NIH studies.

CATEGORIES OF RECORDS IN THE SYSTEM:

Program application, health questionnaire and record of participation.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241, 263.

PURPOSE(S):

1. To determine suitability for participation in the normal volunteer program.

2. To document remuneration of normal volunteers.

3. To provide a record of participation to be used (a) in writing letters of recommendation/reference for the volunteer, and (b) preparing reports on the normal volunteer program.Start Printed Page 60748

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Clinical research data are made available to approved or collaborating researchers, including HHS contractors and grantees.

2. Certain diseases and conditions, including infectious diseases, may be reported to appropriate representatives of State or Federal Government as required by State or Federal law.

3. Information may be used to respond to congressional inquiries for constituents concerning admission to the NIH Clinical Center.

4. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Program applications and health questionnaires are stored in file folders. Records of participation are stored in databases and date files.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, procedural safeguards such as the following:

1. Authorized Users: Access is granted only to the Healthy Volunteer Program staff and to NIH physicians who have requested the recruitment of volunteers for their clinical research projects.

2. Physical Safeguards: Access to the files is strictly controlled by the files staff. Records may be removed from the file only at the request of the system manager or other authorized employees. Record facilities are locked when system personnel are not present.

3. Procedural Safeguards: Access to the files is strictly controlled by the files staff. Records may be removed from the file only at the request of the system manager or other authorized employees.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1-“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 3000-E-61, which allows records to be kept for a maximum period of three years after the volunteer period ends. Refer to the NIH Manual Chapter for specific conditions on disposal.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Clinical Research Volunteer Program, Building 61,10 Cloister Court, Bethesda, MD 20892-4745.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

An individual who requests notification of or access to a medical record shall, at the time the request is made, designate in writing, a responsible representative, who may be a physician, who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's or incompetent person's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child or incompetent person as well as his or her own identity.

RECORD ACCESS PROCEDURE:

To obtain access to a record, contact: Clinical Research Volunteer Program, National Institutes of Health, 10 Cloister Court, Building 61, Bethesda, MD 20892-4754 and provide the information described under notification procedures above. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official at the address specified under notification procedures above, and reasonably identify the record and specify the information to be contested, the corrective action sought, and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Volunteer.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0014

SYSTEM NAME:

Clinical Research: Student Records, HHS/NIH/OD/OIR/OE.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Office of Education, Office of Intramural Research, Office of the Director (OD), Building 2, Room 2E06, 2 Center Drive, Bethesda, MD 20892-1158.

Write to the System Manager at the address below for the address of any Federal Records Center where records from this system may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Potential and accepted Clinical and Research Fellows, medical students, and other students in NIH training programs.

CATEGORIES OF RECORDS IN THE SYSTEM:

Application form, transcripts, references, evaluations.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241.

PURPOSE(S):

1. To identify candidates for clinical and research fellow, clinical elective, and other training positions.

2. To maintain a permanent record of those individuals who have received clinical research training at the NIH for historical and reference uses.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Information may be used to respond to congressional inquiries regarding constituents who have applied for training programs.

2. Information may be used to respond to hospitals and other healthcare institutions seeking verification of training for physicians who trained in NIH clinical programs.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders, electronic databases and disks.

RETRIEVABILITY:

Records are retrieved by name and year. Start Printed Page 60749

SAFEGUARDS:

Measures to prevent the unauthorized disclosure of information covered under the Privacy Act are implemented for each training program administered through the Office of Education.

1. Authorized Users: Staff in the Office of Education are instructed to disclose information only to NIH personnel who are involved in the evaluation and selection of candidates for intramural training programs.

2. Physical Safeguards: Paper files and disks are stored in cabinets in a locked room that is under constant surveillance by security personnel. Electronic databases are accessible only with a password on secure web sites.

3. Procedural safeguards: Access to the paper files is strictly controlled by the Office of Education staff. Files may be removed only with the approval of the system manager or other authorized official(s).

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1-“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), items 2300-320-1-13, which allows records to be kept up to a maximum period of ten years. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Deputy Director, Office of Education, Office of Intramural Research, Office of the Director (OD), Building 2, Room 2E06, 2 Center Drive, Bethesda, MD 20892-1158.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

To obtain access to a record, contact the System Manager at the above address and provide the information described under notification procedures above. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the System Manager at the address specified above, and reasonably identify the record and specify the information to be contested, the corrective action sought, and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Applicants, universities and teachers.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0033

SYSTEM NAME:

International Activities: Fellowships Awarded by Foreign Organizations, HHS/NIH/FIC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Fogarty International Center (FIC), Building 31, Room B2C39, 31 Center Drive, Bethesda, MD 20892.

Write to System Manager at the address below for the address of any Federal Records Center where records from this system may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

U.S. citizens qualified in health-related sciences submitting applications through NIH for fellowships for study abroad.

CATEGORIES OF RECORDS IN THE SYSTEM:

Applications and associated records and reports.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

PURPOSE(S):

To perform scientific reviews and evaluations of applicants' suitability of referral to awarding organization in foreign countries.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. After review by the operating agency review panel the applications and all supporting documents are forwarded to the foreign organizations or agencies making awards.

2. In addition, such application may be made available to authorized employees and agents of the Federal Government for purposes of investigations, inspections and audits, and, in appropriate cases, to the Department of Justice for prosecution under civil and criminal laws.

3. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

4. Disclosure may be made to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders.

RETRIEVABILITY:

Records are retrieved by name and fellowship number.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical and procedural safeguards such as the following:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to FIC program staff. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical Safeguards: The records are maintained in locked file cabinets, and offices are locked during off-duty hours.

3. Procedural Safeguards: Access to file rooms and files is strictly controlled by files staff. Records may be removed from files only at the request of the system manager or other authorized employees. Start Printed Page 60750

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), items 2300-320-5, which allows records to be destroyed after a maximum period of six years after the close of a case. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Division of International Training and Research, Fogarty International Center (FIC), Building 31, Room B2C39, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

Requests for notification of or access to records should be addressed to the System Manager, as listed above. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant.

RECORD SOURCE CATEGORIES:

Applicants and persons supplying references.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0034

SYSTEM NAME:

International Activities: Scholars-in-Residence Program, HHS/NIH/FIC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Fogarty International Center (FIC), Building 16, Room 202, 16 Center Drive, Bethesda, MD 20892.

Write to System Manager at the address below for the address of the Federal Records Center where records may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Distinguished scientists and scholars invited to accept NIH scholarships.

CATEGORIES OF RECORDS IN THE SYSTEM:

Employment and education histories; references.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 2421, “International Cooperation” of the PHS Act.

PURPOSE(S):

To administer and award scholarships to distinguished scientists.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Information is made available to authorized employees and agents of the Federal Government for purposes of investigations, inspections and audits, and in appropriate cases, to the Department of Justice for prosecution under civil and criminal laws.

2. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

3. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, and procedural safeguards such as the following:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to FIC program staff. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical safeguards: Records are kept in file cabinets. Offices are locked during off-duty hours.

3. Procedural safeguards: Access to files is strictly controlled by files staff. Files may be removed only at the request of the system manager or other authorized employee.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), items 2300-320-7 which allows records to be destroyed after a maximum period of six years after the close of a case. Refer to the NIH Manual Chapter for specific retention instructions.

SYSTEM MANAGER(S) AND ADDRESS(ES):

Director, Division of Advanced Studies and Policy Analysis, Fogarty International Center (FIC), Building 16, Room 202, 16 Center Drive, Bethesda, MD 20892-6705.

NOTIFICATION PROCEDURE:

Requests for notification of or access to records should be addressed to the System Manager, as listed above. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine. Start Printed Page 60751

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Information is obtained from invitees, reference sources, and persons supplying recommendations.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0036

SYSTEM NAME:

Extramural Awards and Chartered Advisory Committees (IMPAC 2), Contract Information (DCIS), and Cooperative Agreement Information, HHS/NIH.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Office of Policy for Extramural Research Administration, Office of Extramural Research, Office of the Director (OD), Rockledge II, Room 2172, 6701 Rockledge Drive, Bethesda, MD 20892.

Office of Federal Advisory Committee Policy, Office of the Director (OD), Building 31, Room 3B-59, 31 Center Drive, Bethesda, MD 20892.

Office of Acquisition Management and Policy, Office of the Director (OD), 6100 Executive Boulevard, Room 6D01, Bethesda, MD 20892.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Principal investigators; program directors; program and projects staff and others named in the application; National Research Service Awards (NRSA) trainees and fellows; research career awardees; chartered advisory committee members; contractor personnel; subcontractor personnel; and consultants.

CATEGORIES OF RECORDS IN THE SYSTEM:

Funding applications, awards, associated records, trainee appointments, current and historical information pertaining to chartered advisory committees, and past performance information pertaining to contractors.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5. U.S.C. 301; 42 U.S.C. 217a, 241, 282(b)(6), 284a, and 288. 48 CFR Subpart 15.3 and Subpart 42.15.

PURPOSE(S):

1. To support centralized grant programs of the Public Health Service.

Services are provided in the areas of grant application assignment and referral, initial review, council review, award processing and grant accounting. The database is used to provide complete, accurate, and up-to-date reports to all levels of management.

2. To maintain communication with former fellows and trainees who have incurred a payback obligation through the National Research Service Award Program.

3. To maintain current and historical information pertaining to the establishment of chartered advisory committees of the National Institutes of Health and the appointment or designation of their members.

4. To maintain current and historical information pertaining to contracts awarded by the National Institutes of Health, and performance evaluations on NIH contracts and contracts awarded by other Federal agencies that participate in the NIH Contractor Performance System.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to the National Technical Information Service (NTIS), Department of Commerce, for dissemination of scientific and fiscal information on funded awards (abstract of research projects and relevant administrative and financial data).

2. Disclosure may be made to the cognizant audit agency for auditing.

3. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

4. Disclosure may be made to qualified experts not within the definition of Department employees as prescribed in Department regulations for opinions as a part of the application review process.

5. Disclosure may be made to a Federal agency, in response to its request, in connection with the issuance of a license, grant or other benefit by the requesting agency, to the extent that the record is relevant and necessary to the requesting agency's decision in the matter.

6. Disclosure of past performance information pertaining to contractors may be made to a Federal agency upon request. In addition, routine access to past performance information on contractors will be provided to Federal agencies that subscribe to the NIH Contractor Performance System.

7. A record may be disclosed for a research purpose, when the Department: (A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) justifies the risk to the privacy of the individual that additional exposure of the record might bring; (C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining that information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; and (D) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

8. Disclosure may be made to a private contractor or Federal agency for the purpose of collating, analyzing, aggregating or otherwise refining records in this system. The contractor or Federal agency will be required to maintain Privacy Act safeguards with respect to these records.

9. Disclosure may be made to a grantee or contract institution in connection with performance or administration under the conditions of the particular award or contract.

10. Disclosure may be made to the Department of Justice, or to a court or Start Printed Page 60752other adjudicative body, from this system of records when (a) HHS, or any component thereof; or (b) any HHS officer or employee in his or her official capacity; or (c) any HHS officer or employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the officer or employee; or (d) the United States or any agency thereof where HHS determines that the proceeding is likely to affect HHS or any of its components, is a party to proceeding or has any interest in the proceeding, and HHS determines that the records are relevant and necessary to the proceeding and would help in the effective representation of the governmental party.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored by name, application, grant or contract ID number, and contractor tax ID number.

RETRIEVABILITY:

Records are retrieved by name, application, grant or contract ID number, and contractor tax ID number.

SAFEGUARDS:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to NIH extramural and advisory committee staff, NIH contract management staff, and Federal acquisition personnel. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the System manager.

2. Physical Safeguards: Physical access to Office of Extramural Research (OER) work areas is restricted to OER employees. Physical access to the Office of Acquisition and Policy (OAMP) work areas is restricted to OAMP employees. Physical access to Office of Federal Advisory Committee Policy (OFACP) work areas is restricted to OFACP employees. Access to the contractor performance files is restricted through the use of secure socket layer encryption and through an IBM password protection system. Only authorized government contracting personnel are permitted access. Access is monitored and controlled by OAMP.

3. Procedural Safeguards: Access to source data files is strictly controlled by files staff. Records may be removed from files only at the request of the System manager or other authorized employee. Access to computer files is controlled by the use of registered accounts, registered initials, keywords, and similar limited access systems.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 4000-A-2, which allows records to be destroyed when no longer needed for administrative purposes. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

For Extramural Awards: Director, Extramural Information Systems, Division of Grants Compliance and Oversight in the Office of Policy for Extramural Research Administration (OPERA), Office of Extramural Research, Office of the Director (OD), Rockledge II, Room 2172, 6701 Rockledge Drive, Bethesda, MD 20892.

For Chartered Federal Advisory Committees of the National Institutes of Health: Director, Office of Federal Advisory Committee Policy, Office of the Director, Building 31, Room 3B-59, 31 Center Drive, Bethesda, MD 20892.

For Contracts: Office of Acquisition Management and Policy, Office of the Director (OD), 6100 Executive Boulevard, Room 6D01, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Applicant institution, individual, individual's educational institution and references, and participating Federal acquisition personnel.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0041

SYSTEM NAME:

Research Resources: Scientists Requesting Hormone Distribution, HHS/NIH/NIDDK.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

National Institute of Diabetes, and Digestive Kidney Diseases (NIDDK), Democracy Plaza II, Room 693, 6707 Democracy Boulevard, Bethesda, MD 20892-5460.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Scientists requesting hormones from the National Institute of Diabetes, and Digestive Kidney Diseases.

CATEGORIES OF RECORDS IN THE SYSTEM:

Justification for request for hormones, including requester's competence.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241, 263, 289a, 289c.

PURPOSE(S):

1. For review of applications requesting hormones and antibodies for research purposes, prior to awarding these substances.

2. To determine if the requester is qualified to receive these materials.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to NIDDK Contractors for distribution of various hormones to requesters.

2. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

3. In the event of litigation where the defendant is (a) the Department, any component of the Department, or any Start Printed Page 60753employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, the Department may disclose such records as it deems desirable or necessary to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to staff working for the contractor who need the records for hormone distribution, to NIH staff who supervise the Hormone Distribution Program, and, as approved by the system manager, to scientists and physicians who may have need of the information for research.

2. Physical Safeguards: Records are kept in cabinets in offices which are locked during off-duty hours and which have alarms.

3. Procedural Safeguards: Access to files is strictly controlled by files staff. Files may be obtained only at the request of the system manager or other authorized employee.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records

Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 3000-G-3, which allows records to be kept as long as they are useful in scientific research. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Hormone Distribution Program, National Institute of Diabetes, Digestive and Kidney Diseases (NIDDK), Democracy Plaza II, Room 693, 6707 Democracy Boulevard, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists write to: Administrative Officer, National Institute of Diabetes, Digestive and Kidney Diseases (NIDDK), Building 31, Room 9A46, 31 Center Drive, Bethesda, MD 20892.

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Data is obtained from the individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0054

SYSTEM NAME:

Administration: Property Accounting (Card Key System), HHS/NIH/ORS.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

NIH Computer Center, National Institutes of Health, Building 12A, Room 1011, 12 South Drive, Bethesda, MD 20892.

Office of Research Services, Building 13, Room 215, 13 South Drive, Bethesda, MD 20892-5758.

Facilities Engineering Branch, National Institute of Environmental Health Sciences (NIEHS), 102-01, PO Box 12233, Research Triangle Park, NC 27709.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Employees of the National Institutes of Health who are issued card keys.

CATEGORIES OF RECORDS IN THE SYSTEM:

Property management.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 301; 5 U.S.C. 5901; 5 U.S.C. 7903; 40 U.S.C. 318a; 42 U.S.C. 241.

PURPOSE(S):

Used for card keys issuance and control.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. In the event that a system of records maintained by this agency to carry out its functions indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule or order issued pursuant thereto, the relevant records in the system of records may be referred, as a routine use, to the appropriate agency, whether Federal, or foreign, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation or order issued pursuant thereto.

3. In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, the Department may disclose such records as it deems desirable or necessary to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected. Start Printed Page 60754

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders, and on magnetic media.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to officials whose duties require use of the information. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical Safeguards: Textual records are stored in offices which are locked when not in use.

3. Procedural Safeguards: Computer files are password protected.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1300-C-14, which allows records to be destroyed after all listed credentials are accounted for or three months after the return of credentials to the issuing office. Refer to the NIH Manual Chapter for specific instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Management Analyst, Division of Engineering Services, Office of Research Services (ORS), Building 3, Room 112, 3 Center Drive, Bethesda, MD 20892-0307.

Chief, Facilities Engineering Branch, National Institute of Environmental Health Sciences (NIEHS), 102-01, PO Box 12233, Research Triangle Park, NC 27709.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Data is obtained from the individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0078

SYSTEM NAME:

Administration: Consultant File, HHS/NIH/NHLBI.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

National Heart, Lung, and Blood Institute (NHLBI), Rockledge II, 6701 Rockledge Drive, Bethesda, MD 20892.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

List of consultants available for use in evaluation of National Heart, Lung, and Blood Institute special grants and contracts.

CATEGORIES OF RECORDS IN THE SYSTEM:

Names and resumes.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241(d), 281.

PURPOSE(S):

1. To identify and select experts and consultants for program reviews and evaluations.

2. For use in evaluation of NHLBI special grants and contracts.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, the Department may disclose such records as it deems desirable or necessary to the Department of Justice to enable that Department to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Computer disk and file folders.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

1. Authorized Users: Data on computer files is accessed by keyword known only to authorized users.

2. Physical Safeguards: Rooms where records are stored are locked when not in use.

3. Procedural Safeguards: During regular business hours, rooms are unlocked but are controlled by on-site personnel.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1100-G. Refer to the NIH Manual Chapter for specific disposition instructions. Start Printed Page 60755

SYSTEM MANAGER(S) AND ADDRESS:

Chief, Review Branch, National Heart, Lung, and Blood Institute (NHLBI), Rockledge II, Room 7178, 6701 Rockledge Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, contact: Privacy Act Coordinator, National Heart, Lung, and Blood Institute (NHLBI), Building 31, Room 5A33, 31 Center Drive, Bethesda, MD 20892-2490.

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under also pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Subject individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0087

SYSTEM NAME:

Administration: Senior Staff, HHS/NIH/NIAID.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

National Institute of Allergy and Infectious Diseases (NIAID), Building 31, Room 7A50, 31 Center Drive, Bethesda, MD 20892.

Write to System Manager at the address below for the address of the Federal Records Center where records from this system may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Current and former key professional employees of the Institute, and consultants.

CATEGORIES OF RECORDS IN THE SYSTEM:

Press releases, curricula vitae, nominations for awards, and photographs.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241(d), 289a.

PURPOSE(S):

For background records to provide public announcements on National Institute of Allergy and Infectious Diseases research.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Stored in file folders.

RETRIEVABILITY:

Retrieved by name.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, and procedural safeguards such as the following:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to staff whose duties require the use of such information. Authorized users are located in the Office of the Director, NIAID. Other one time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical Safeguards: Records in this system are stored in file folders which are kept in locked cabinets. The room is locked during off-duty hours.

3. Procedural Safeguards: Access to files is strictly controlled by files staff. Records may be removed from files only at the request of the system manager or other authorized employee.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1100-G. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Office of Communications and Public Liaison, National Institute of Allergy and Infectious Diseases (NIAID), Building 31, Room 7A-50, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to: Privacy Act Coordinator, National Institute of Allergy and Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 2143, Bethesda, MD 20892. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as record Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager at the address above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Individuals and newspaper clippings.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0099

SYSTEM NAME:

Clinical Research: Patient Medical Records, HHS/NIH/CC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Medical Record Department, Clinical Center, Building 10, Room 1N208, 10 Start Printed Page 60756Center Drive, Bethesda, MD 20892-1192 and at private organizations under contract. Write to the system manager for a list of current locations.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Registered Clinical Center patients and some individuals not registered as patients but seen in the Clinical Center for diagnostic tests.

CATEGORIES OF RECORDS IN THE SYSTEM:

Medical treatment records.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241, 248: “Research and Investigation,” and “Hospitals, Medical Examinations, and Medical Care.”

PURPOSE(S):

1. To provide a continuous history of the treatment afforded individual patients in the Clinical Center.

2. To provide a data base for the clinical research conducted within the hospital.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Information may be used to respond to Congressional inquiries for constituents concerning their admission to NIH Clinical Center.

2. Social Work Department may give pertinent information to community agencies to assist patients or their families.

3. Referring physicians receive medical information for continuing patient care after discharge.

4. Information regarding diagnostic problems, or having unusual scientific value may be disclosed to appropriate medical or medical research organizations or consultants in connection with treatment of patients or in order to accomplish the research purposes of this system. For example, tissue specimens may be sent to the Armed Forces Institute of Pathology; X-rays may be sent for the opinion of a radiologist with extensive experience in a particular kind of diagnostic radiology. The recipients are required to maintain Privacy Act safeguards with respect to these records.

5. Records may be disclosed to representatives of the Joint Commission on Accreditation of Hospitals conducting inspections to ensure that the quality of the Clinical Center medical record-keeping meets established standards.

6. Certain diseases and conditions, including infectious diseases, may be reported to appropriate representatives of State or Federal Government as required by State or Federal law.

7. Medical information may be disclosed in identifiable form to tumor registries for maintenance of health statistics, e.g., for use in epidemiologic studies.

8. The Department contemplates that it may contract with a private firm for transcribing, updating, copying, or otherwise refining records in this system. Relevant records will be disclosed to such a contractor. The contractor will be required to comply with the requirements of the Privacy Act with respect to such records.

9. In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, for example in defending against a claim based upon an individual's mental or physical condition and alleged to have arisen because of activities of the Public Health Service in connection with such individual, the Department may disclose such records as it deems desirable or necessary to the Department of Justice to enable that agency to present an effective defense, provided that such disclosure is compatible with the purpose for which the records were collected.

10.(a). PHS may inform the sexual and/or needle-sharing partner(s) of a subject individual who is infected with the human immunodeficiency virus (HIV) of their exposure to HIV, under the following circumstances: (1) The information has been obtained in the course of clinical activities at PHS facilities carried out by PHS personnel or contractors; (2) The PHS employee or contractor has made reasonable efforts to counsel and encourage the subject individual to provide the information to the individual's sexual or needle-sharing partner(s); (3) The PHS employee or contractor determines that the subject individual is unlikely to provide the information to the sexual or needle-sharing partner(s) or that the provision of such information cannot reasonably be verified; and (4) The notification of the partner(s) is made, whenever possible, by the subject individual's physician or by a professional counselor and shall follow standard counseling practices.

(b). PHS may disclose information to State or local public health departments, to assist in the notification of the subject individual's sexual and/or needle-sharing partner(s), or in the verification that the subject individual has notified such sexual or needle-sharing partner(s).

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders and/or on microfiche, and on computer tapes.

RETRIEVABILITY:

Records are retrieved by unit number and patient name.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, and procedural safeguards such as the following:

1. Authorized Users: Employees maintaining records in this system are instructed to grant regular access only to physicians and dentists and other health care professionals officially participating in patient care, to contractors, or to NIH researchers specifically authorized by the system manager.

2. Physical Safeguards: All record facilities are locked when system personnel are not present.

3. Procedural Safeguards: Access to files is strictly controlled by the system manager. Records may be removed only by system personnel following receipt of a request signed by an authorized user. Access to computerized records is controlled by the use of security codes known only to the authorized user. Codes are user- and function-specific.

Contractor compliance is assured through inclusion of Privacy Act requirements in contract clauses, and through monitoring by contract and project officers. Contractors who maintain records in this system are instructed to make no disclosure of the records except as authorized by the System Manager.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—Start Printed Page 60757“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 3000-E-22, which allows records to be kept until no longer needed for scientific reference. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Medical Record Department, Clinical Center (CC), Building 10, Room 1N208, 10 Center Drive, Bethesda, MD 20892-1192.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the above address. The requester must provide tangible proof of identity, such as a driver's license. If no identification papers are available, the requester must verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

An individual who requests notification of or access to a medical/dental record shall, at the time the request is made, designate in writing a responsible representative who will be willing to review the record and inform the subject individual of its contents at the representative's discretion. The representative may be a physician, or other health professional, or other responsible individual. The subject individual will be granted direct access unless it is determined that such access is likely to have an adverse effect on him or her. In that case, the medical/dental record will be sent to the designated representative. The individual will be informed in writing if the record is sent to the representative.

A parent or guardian who requests notification of or access to a child's/incompetent person's record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child/incompetent person as well as his/her own identity.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably identify the specific reports and related dates pertaining to the information to be released. There may be a fee for reproducing more than 20 pages of material. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager and reasonably identify the record and specify the information to be contested, and state the corrective action sought and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Referring physicians, other medical facilities (with patient's consent), patients, relatives of patients.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0105

SYSTEM NAME:

Administration: Health Records of Employees, Visiting Scientists, Fellows, and Others who Receive Medical Care Through the Employee Health Unit, HHS/NIH/ORS.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Main Employee Health Unit, Occupational Medical Service, Building 10, 6th Floor Clinic, 10 Center Drive, Bethesda, MD 20892.

Auxiliary Employee Health Unit, Occupational Medical Service, Building 13, Room G904, 13 South Drive, Bethesda, MD 20892.

Employee Health Unit, Rocky Mountain Laboratories, Hamilton, Montana 59840.

Employee Assistance Program, Occupational Medical Service, Building 31, Room B2B57, 31 Center Drive, Bethesda, MD 20892.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Employees, fellows, visiting scientists, relatives of inpatients, visitors, and others who receive medical care through the Employee Health Unit.

CATEGORIES OF RECORDS IN THE SYSTEM:

Medical records.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 7901.

PURPOSE(S):

1. For medical treatment.

2. Upon researcher request with individual's written permission, release of record for research purposes to medical personnel.

3. Upon request by HHS personnel offices for determination of fitness for duty, and for disability retirement and other separation actions.

4. For monitoring personnel to assure that safety standards are maintained.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to Federal, State, and local government agencies for adjudication of benefits under workman's compensation, and for disability retirement and other separation actions.

2. To district office of OPEC, Department of Labor with copies to the U.S. Office of Personnel Management for processing of disability retirement and other separation actions.

3. Upon non-HHS agency request, for examination to determine fitness for duty with copies to requesting agency and to the U.S. Office of Personnel Management.

4. Disclosure may be made to a congressional office from the record of an individual in response to any inquiry from the congressional office made at the request of the individual.

5. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders.Start Printed Page 60758

RETRIEVABILITY:

Records are retrieved by name and social security number.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical and procedural safeguards such as the following:

1. Authorized Users: Access is limited to authorized personnel (system manager and staff; Occupational Medicine Service staff; and personnel and administrative officers with need for information for fitness for duty, disability, and other similar determinations).

2. Physical Safeguards: Files are maintained in locked cabinets.

3. Procedural Safeguards: Access to files is strictly controlled by authorized staff.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule, Manual Chapter 1743 (HHS Records Management Manual, Appendix B-361), item 2300-792-3.

SYSTEM MANAGER(S) AND ADDRESS:

Deputy Director, Division of Safety, Office of Research Services (ORS), Building 31, Room 1C02, 31 Center Drive, Bethesda, MD 20892.

Chief, Rocky Mountain Operations Branch, Rocky Mountain Laboratories, Hamilton, Montana 59840.

NOTIFICATION PROCEDURE:

Contact System Manager at appropriate treatment location listed above, to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requester should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Records contain data resulting from clinical and preventative services provided at treatment location, and data received from individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0106

SYSTEM NAME:

Administration: Office of the NIH Director and Institute/Center Correspondence Records, HHS/NIH/OD.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Executive Secretariat, Office of the Director (OD), Building 1, Room B1-55, 1 Center Drive, Bethesda, MD 20892-0122.

Machine Room, Executive Secretariat, Office of the Director (OD), Building 31, Room 3B33, 31 Center Drive, Bethesda, MD 20892.

Office of Legislative Policy and Analysis, Office of the Director (OD), Building 1, Room 244, 1 Center Drive, Bethesda, MD 20892.

Office of Science Education, Office of Science Policy, Office of the Director (OD), Rockledge I, Room 724, 6705 Rockledge Drive, Bethesda, MD 20892.

Institute/Center staff offices that retain correspondence files and computer servers which store document images.

Write to the appropriate System Manager listed in Appendix I for a list of current locations and for the address of the Federal Records Center where records are stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals who have contacted the NIH Director or his/her subordinates, or have been contacted in writing by one of these officials.

CATEGORIES OF RECORDS IN THE SYSTEM:

Correspondence and other supporting documents; mailing lists.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 301; 44 U.S.C. 3101.

PURPOSE(S):

1. To control, address, and track all correspondence documents addressed or directed to the NIH Director or his/her subordinates, as well as documents/supporting documents initiated by them, in order to assure timely and appropriate attention.

2. Incoming correspondence and supporting documentation is forwarded to other HHS components when a response from them is warranted.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. Disclosure may be made from this system of records by the Department of Health and Human Services (HHS) to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored by computer index, optical image and in file folders.

RETRIEVABILITY:

Records are retrieved by name, document number, date, and subject.

SAFEGUARDS:

1. Authorized Users: Access to textual records is limited to authorized personnel (system managers and staff).

2. Physical Safeguards: Physical access to records and to computer servers containing records is restricted to authorized personnel. Start Printed Page 60759

3. Procedural Safeguards: Access to textual records is strictly controlled by system managers and staff. Records may be removed from files only at the request of system managers or other authorized employees. Computer files are password protected.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1700-C, which allows records to be kept for a maximum period of ten years. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

System Managers are listed in Appendix I; each maintains full responsibility for their specific correspondence system.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the appropriate System Manager as listed in Appendix I.

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Records are derived from incoming and outgoing correspondence.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

Appendix I: System Managers

Information Systems Manager, Executive Secretariat, Office of the Director (OD), Building 1, Room B146, 1 Center Drive, Bethesda, MD 20892-0122.

Acting Associate Director, Office of Legislative Policy and Analysis, Office of the Director (OD), Building 1, Room 244, 1 Center Drive, Bethesda, MD 20892-0160.

Privacy Act Systems Manager, Office of Science Education, Office of Science Policy, Office of the Director (OD), Rockledge I, Room 729, 6705 Rockledge Drive, Bethesda, MD 20892-7984.

Secretary to the Director, National Cancer Institute (NCI), Building 31, Room 11A48, 31 Center Drive, Bethesda, MD 20892-2590.

Secretary to the Director, Office of the Director, National Heart, Lung, and Blood Institute (NHLBI), Building 31, Room 5A52, 31 Center Drive, Bethesda, MD 20892-2486.

Director, Office of Communication and Public Liaison, National Institute of Diabetes and Digestive and Kidney (NIDDK), Building 31, Room 9A04, 31 Center Drive, Bethesda, MD 20892-2560.

Executive Secretariat, National Institute of Environmental Health Sciences (NIEHS), PO Box 12233, South Campus, Building 2, Room B201, Research Triangle Park, NC 27709-B201.

Secretary to the Director, National Eye Institute (NEI), Building 31, Room 6A03, 31 Center Drive, Bethesda, MD 20892-2510.

Executive Assistant to the Director, National Institute of Arthritis and Musculoskeletal and Skin Diseases (NIAMS), Building 31, Room 4C32, 31 Center Drive, Bethesda, MD 20892-2350.

Chief, Administrative Management Branch, National Institute on Deafness and Other Communication Disorders (NIDCD), Building 31, Room 3C02, 31 Center Drive, Bethesda, MD 20892-2320.

Secretary to the Director, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 2AN12D, 45 Center Drive, Bethesda, MD 20892-6200.

Secretary to the Director, Office of the Director, National Library of Medicine (NLM), Building 38, Room 2E17, 8600 Rockville Pike, Bethesda, MD 20894-6075.

Secretary to the Director, Fogarty International Center (FIC), Building 31, Room B2C02, 31 Center Drive, Bethesda, MD 20892-2220.

Special Assistant for Liaison Activities, Office of AIDS Research, Office of the Director (OD), Building 2, Room 4E14, 2 Center Drive, Bethesda, MD 20892.

Executive Secretariat, National Institute on Drug Abuse (NIDA), Neuroscience Center, 6001 Executive Boulevard, Room 5101, Bethesda, MD 20892-9585.

Executive Secretariat, National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building, Room 400, 6000 Executive Boulevard, Bethesda, MD 20892-7003.

Executive Secretariat, National Institute of Mental Health (NIMH), Neuroscience Center, 6001 Executive Boulevard, Room 8208, Bethesda, MD 20892-9667.

Director, Office of Communications, National Center for Complementary and Alternative Medicine (NCCAM), Democracy Plaza II, Room 401, 6707 Democracy Boulevard, Bethesda, MD 20892-5475.

Privacy Act Coordinator, National Institute of Biomedical Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive, Bethesda, MD 20892-2077.

Privacy Act Coordinator, National Center on Minority Health and Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707 Democracy Boulevard, Bethesda, MD 20892-5465.

09-25-0108

SYSTEM NAME:

Personnel: Guest Researchers, Special Volunteers, and Scientists Emeriti, HHS/NIH/OHRM.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

This system is located in the Personnel/Administrative Offices of individual Institutes/Centers of the National Institutes of Health. These records are interspersed with staff records and filed alphabetically.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals using NIH facilities who are not NIH employees.

CATEGORIES OF RECORDS IN THE SYSTEM:

Personal information including name, address, date and place of birth, education, employment, purpose for which NIH facilities are desired, outside sponsor, and NIH sponsor.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241(a)(2), 42 U.S.C. 282(b)(10), and 42 U.S.C. 284(b)(1)(k).

PURPOSE(S):

To determine eligibility to use NIH facilities, to document the individual's presence at NIH, and to record that the individual is not an employee.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to U.S. Office of Personnel Management for program evaluation purposes; to General Accounting Office for fund disbursement determinations.

2. Disclosure may be made to institutions providing financial support.

3. Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office made at the request of that individual. Start Printed Page 60760

4. Disclosure may be made to the Department of Justice or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

5. Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

File folders and computer programs.

RETRIEVABILITY:

Records are retrieved by name.

SAFEGUARDS:

For each location and for the particular records maintained in each project. Each site implements personnel, physical and procedural safeguards such as the following:

1. Authorized Users: Access is granted only to personnel staff, administrative office staff and management officials directly involved in the administration of the Guest Researcher, Special Volunteer and Scientist Emeriti programs.

2. Physical Safeguards: Record facilities are locked when system personnel are not present.

3. Procedural Safeguards: Access to files is strictly controlled by system personnel. Records may be removed from the file only with the approval of the system manager or other authorized employees.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 2300-320-3(a), which allows records to be destroyed after a maximum period of two years after the individual completes work at NIH. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Personnel/Principal or Senior Administrative Officers of National Institutes of Health Institutes/Centers.

NOTIFICATION PROCEDURE:

To determine if a record exists and where it is located, contact the Privacy Act Coordinator, Office of Human Resource Management, Office of the Director (OD), Building 31, Room 1C39, 31 Center Drive, Bethesda, MD 20892.

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Contact the Personnel Officer or Administrative Officer in whose office the record is located and provide verification of identity as described under notification procedure above. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Subject individual, NIH sponsor, funding institution.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0115

SYSTEM NAME:

Administration: Curricula Vitae of Consultants and Clinical Investigators, HHS/NIH/NIAID.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

National Institute of Allergy and Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 3134, Bethesda, MD 20892-7630.

McKesson BioServices Corporation, 7501 Standish Place, Rockville, MD 20850.

Write to the System Manager at the address below for the address of the Federal Records Center where records are stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Consultants and Clinical Investigators under National Institute of Allergy and Infectious Diseases (NIAID) Investigational New Drug Applications.

CATEGORIES OF RECORDS IN THE SYSTEM:

Curricula vitae.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241, 289a.

PURPOSE(S):

1. To maintain a record of the investigators under Investigational New Drug (IND) applications.

2. To appoint consultants to the NIAID Institutional Review Board (IRB).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is Start Printed Page 60761relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Stored in books.

RETRIEVABILITY:

Retrieved by name.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, and procedural safeguards such as the following:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to NIAID staff whose duties require the use of such information. Authorized users are located in the Office of Clinical Research Affairs, Division of Microbiology and Infectious Diseases, NIAID. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical Safeguards: Building is locked during off-duty hours.

3. Procedural safeguards: Access to files is strictly controlled by files staff. Records may be removed from files only at the request of the System Manager or other authorized employee.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1100-G. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Office of Clinical Research Affairs, Division of Microbiology and Infectious Diseases, National Institute of Allergy and Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 3134, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to: Privacy Act Coordinator, National Institute of Allergy and Infectious Disease (NIAID), 6700-B Rockledge Drive, Room 2143, Bethesda, MD 20892.

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Individuals.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0118

SYSTEM NAME:

Contracts: Professional Services Contractors, HHS/NIH/NCI.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Write to System Manager at the address below for the address of the Federal Records Center where records may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals under contract with the National Cancer Institute.

CATEGORIES OF RECORDS IN THE SYSTEM:

Professional services contracts.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241(d), 281.

PURPOSE(S):

Used by staff for general administrative purposes to assure compliance with contract program requirements.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. In the event of litigation where the defendant is (a) the Department, any component of the Department, or any employee of the Department in his or her official capacity; (b) the United States where the Department determines that the claim, if successful, is likely to directly affect the operations of the Department or any of its components; or (c) any Department employee in his or her individual capacity where the Justice Department has agreed to represent such employee, the Department may disclose such records as it deems desirable or necessary to the Department of Justice to enable that Department to present an effective defense, provided such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Stored in file folders.

RETRIEVABILITY:

Retrieved by name.

SAFEGUARDS:

1. Authorized Users: Access is limited to authorized personnel (system manager and staff).

2. Physical Safeguards: Records are maintained in offices which are locked when not in use

3. Procedural Safeguards: Access to files is strictly controlled by system manager and staff.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 2600-A-4, which allows records to be destroyed after a maximum period of six years and three months after final payment. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

ARC Manager, Division of Cancer Treatment and Diagnosis (DCTD), National Cancer Institute (NCI), Start Printed Page 60762Building 31, Room 3A44, 31 Center Drive, Bethesda, MD 20892.

ARC Manager, Office of the Director (OD), National Cancer Institute (NCI), Building 31, Room 11A35, 31 Center Drive, Bethesda, MD 20892.

ARC Manager, Executive Plaza (EP), National Cancer Institute (NCI), Building 6116, Room 220, 6116 Executive Boulevard, Bethesda, MD 20892.

ARC Manager, Building 6116, National Cancer Institute (NCI), 6116 Executive Boulevard, Room 200, Bethesda, MD 20892.

ARC Manager, Division of Cancer Prevention (DCP), National Cancer Institute (NCI), Executive Plaza North, Room 3060, 6130 Executive Boulevard, Bethesda, MD 20892.

ARC Manager, Division of Cancer Biology (DCB), National Cancer Institute (NCI), Executive Plaza North, Room 500, 6130 Executive Boulevard, Bethesda, MD 20892.

ARC Manager, Division of Cancer Control and Population Sciences (DCCPS), National Cancer Institute (NCI), Executive Plaza North, Room 3038, 6130 Executive Boulevard, Bethesda, MD 20892.

ARC Manager, Building 41, National Cancer Institute (NCI), Building 41, Room A101, 41 Medlars Drive, Bethesda, MD 20892.

ARC Manager, Building 37, National Cancer Institute (NCI), Building 37, Room 5A15, 37 Convent Drive, Bethesda, MD 20892.

ARC Manager, Frederick Cancer Research and Development Center (FCRDC), National Cancer Institute (NCI), Building 578, Room 23, Frederick, MD 21702.

ARC Manager, Division of Cancer Epidemiology and Genetics (DCEG), National Cancer Institute (NCI), Executive Plaza South, Room 8086, 6120 Executive Boulevard, Bethesda, MD 20892.

ARC Manager, Center for Cancer Research (CCR), National Cancer Institute (NCI), Building 31, Room 3A19, 31 Center Drive, Bethesda, MD 20892.

ARC Manager, Building 10A, National Cancer Institute (NCI), Building 10, Room 12N210, 10 Center Drive, Bethesda, MD 20892.

ARC Manager, Building 10B, National Cancer Institute (NCI), Building 10, Room 12N210, 10 Center Drive, Bethesda, MD 20892.

ARC Manager, Information Technology (IT), National Cancer Institute (NCI), Building 6116, Room 503, 6116 Executive Boulevard, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

Write to the appropriate System Manager listed above to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Individuals in the system.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0121

SYSTEM NAME:

International Activities: Senior International Fellowships Program, HHS/NIH/FIC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Division of International Training and Research, Fogarty International Center (FIC), Building 31, Room B2C39, 31 Center Drive, Bethesda, MD 20892.

Write to System Manager at the address below for the address of the Federal Records Center where records from this system are stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Applicants for Senior International Fellowships.

CATEGORIES OF RECORDS IN THE SYSTEM:

Applications and associated records and reports.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 242e.

PURPOSE(S):

For award and administration of fellowships to outstanding faculty members in mid-career from U.S biomedical research and educational institutions for study abroad.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Each fellow's home institution receives a notice of award and funding for the fellowship.

2. Applications are made available to authorized employees and agents of the U.S., including the General Accounting Office for purposes of investigations, inspections and audits, and in appropriate cases, to the Department of Justice for proper action under civil and criminal laws.

3. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

4. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

File folders and computer disks.

RETRIEVABILITY:

Name and fellowship number.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as Start Printed Page 60763appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, procedural safeguards such as the following:

1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to Fogarty International Center (FIC) program staff. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical Safeguards: The records are stored in locked file cabinets and offices are locked during off-duty hours.

3. Procedural Safeguards: Access to files is strictly controlled by files staff. Records may be removed from files only at the request of the system manager or other authorized employees. For computerized records access is controlled by the use of security codes known to authorized users and access codes are changed periodically. The computer system maintains an audit record of all requests for access.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 2300-320-7, which allows records to be destroyed after a maximum period of six years after the close of a case. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Division of International Training and Research, Fogarty International Center (FIC), Building 31, Room B2C39, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

Requests for notification of or access to records should be addressed to the System Manager, listed above. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Information obtained from applicants and persons supplying recommendations through the Center for Scientific Review.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0124

SYSTEM NAME:

Administration: Pharmacology Research Associates, HHS/NIH/NIGMS.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Director, PRAT Program, Pharmacological Sciences, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 2AS43D, 45 Center Drive, Bethesda, MD 20892.

Write to System Manager at the address below for the address of the Federal Records Center where records are stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Applicants for positions as Pharmacology Research Associates with the National Institute of General Medical Sciences (NIGMS) and current and former Pharmacology Research Associates.

CATEGORIES OF RECORDS IN THE SYSTEM:

Individual application forms, addresses, telephone numbers, lists of awards received, research keywords, preceptor and institute during time of fellowship for former fellows, academic transcripts, reprints and references, curricula vitae and salary adjustment memorandum for fellows.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 209.

PURPOSE(S):

For review, award and administration of the Pharmacology Research Associate Program (PRAT).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

File folders.

RETRIEVABILITY:

By name of applicant.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for each location and for the particular records maintained in each project. Each site implements personnel, physical, and procedural safeguards such as the following:

1. Authorized Users: Employees who maintain the system are instructed to grant access only to authorized personnel (System manager and staff assigned to the program).

2. Physical Safeguards: The records are maintained in locked file cabinets Start Printed Page 60764when not in use and system location is locked during non-working hours.

3. Procedural Safeguards: Access to files is strictly controlled by responsible individuals who have been instructed in the Privacy Act requirements. Records are returned to the locked cabinets when not in use.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 2300-320-2(a). Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, PRAT Program, Pharmacological Sciences, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 2AS49K, 45 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to System Manager and provide the following information: applicant's name and date of application. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above, and reasonably identify the record and specify the information to be contested, the corrective action sought. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Information obtained from applicants, university registrars, and persons supplying recommendations through the PRAT Program. Salary adjustment memos from preceptors. Information on former fellows obtained from former fellows.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0140

SYSTEM NAME:

International Activities: International Scientific Researchers in Intramural Laboratories at the National Institutes of Health, HHS/NIH/FIC/ORS/DIRS.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Center for Information Technology (CIT), Building 12A, Room 3061, 12 South Drive, Bethesda, Maryland 20892.

Ancillary records are located in the Office of the Associate Director for Intramural Affairs, laboratories, administrative and personnel offices where participants are assigned. Write to System manager at the address below for the address of the Federal Records Center where records are stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Health scientists at all levels of their pre- and postdoctoral or equivalent research careers who are invited to the National Institutes of Health to conduct research related to their doctoral studies, for further postdoctoral training, or to conduct research in their biomedical specialties under the auspices of FIC's administration of International Activities. Most of these scientists are foreign, however some may be resident aliens .

Individuals in these categories include the following: Visiting Scientists (i.e., Title 42 employees) and Foreign Special Experts (also employees) and Visiting Fellows, Guest Researchers, Exchange Scientists, International Research Fellows, Fogarty Scholars, and Special Volunteers.

CATEGORIES OF RECORDS IN THE SYSTEM:

History of fellowship, employment and/or stay at NIH; education, previous institution of affiliation, immigration data, and references. For payroll purposes, social security numbers are requested of all applicants accepted into the program.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 242l and Section 307 of the Public Health Service Act.

PURPOSE(S):

To document the individual's presence at the NIH, to record immigration history of the individual in order to verify continued eligibility in existing programs, and to meet requirements in the code of Federal Regulations (8 CFR, “Aliens and Nationality,” and 22 CFR, “Foreign Relations”).

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Information is made available to authorized employees and agents of the U.S. Government including, but not limited to, the General Accounting Office, the Internal Revenue Service, the FBI and Immigration and Naturalization Service, Department of Justice, and the Department of State for purposes of investigations, inspections and audits.

2. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of the individual.

3. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has any interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders, computer hard disks and tapes, and computer diskettes.

RETRIEVABILITY:

By name, country of citizenship, country of birth, gender, fellowship case number, visa and immigration status, program category, NIH institute and lab, sponsor, degree attained, stipend or salary level, dates of stay at NIH, termination date, work address and telephone number, and home address.Start Printed Page 60765

SAFEGUARDS:

A variety of safeguards is implemented for the various sets of records included under this system according to the sensitivity of the data they contain.

1. Authorized Users: NIH administrative and personnel staff screened by FIC staff to access information on a need-to-know basis. Only FIC staff are authorized to add, change, or delete data. Access by other employees is granted on a need-to-know basis as specifically authorized by the system manager.

2. Physical Safeguards: The records are maintained in file cabinets in offices that are locked during off-duty hours.

3. Procedural Safeguards: Access to files is strictly controlled by files staff. Records may be removed from files only at the request of the system manager or other authorized employees. For computerized records, access is controlled by the use of security codes known only to authorized users; access codes are changed periodically. The computer system maintains an audit record of all requests for access.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 2300-320, which allows records to be destroyed after a maximum period of six years after the close of a case. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS

Director, Division of Intramural Research Services, Office of Research Services (ORS), Building 31, Room 3B65, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

Write to the System Manager to determine if a record exists. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedure. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official listed under Notification Procedure above, and reasonably identify the record, and specify the information to be contested, and state the corrective action sought and the reasons for the correction. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Subject individuals and other Federal agencies.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0156

SYSTEM NAME:

Records of Participants in Programs and Respondents in Surveys Used to Evaluate Programs of the Public Health Service, HHS/PHS/NIH/OD.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

This system of records is an umbrella system comprising separate sets of records located either in the organizations responsible for conducting evaluations or at the sites of programs or activities under evaluation. Locations include Public Health Service (PHS) facilities, or facilities of contractors of the PHS. Write to the appropriate System manager below for a list of current locations.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals covered by this system are those who provide information or opinions that are useful in evaluating programs or activities of the PHS other persons who have participated in or benefitted from PHS programs or activities; or other persons included in evaluation studies for purposes of comparison. Such individuals may include (1) participants in research studies; (2) applicants for and recipients of grants, fellowships, traineeships or other awards; (3) employees, experts and consultants; (4) members of advisory committees; (5) other researchers, health care professionals, or individuals who have or are at risk of developing diseases or conditions studied by PHS; (6) persons who provide feedback about the value or usefulness of information they receive about PHS programs, activities or research results; (7) persons who have received Doctorate level degrees from U.S. institutions; (8) persons who have worked or studied at U.S. institutions that receive(d) institutional support from PHS.

CATEGORIES OF RECORDS IN THE SYSTEM:

This umbrella system of records covers a varying number of separate sets of records used in different evaluation studies. The categories of records in each set depend on the type of program being evaluated and the specific purpose of the evaluation. In general, the records contain two types of information: (1) Information identifying subject individuals, and (2) information which enables PHS to evaluate its programs and services.

1. Identifying information usually consists of a name and address, but it might also include a patient identification number, grant number, social security number, or other identifying number as appropriate to the particular group included in an evaluation study.

2. Information used for evaluation varies according to the program evaluated. Categories of evaluative information include personal data and medical data on participants in clinical and research programs; personal data, publications, professional achievements and career history of researchers; and opinions and other information received directly from individuals in evaluation surveys and studies of PHS programs.

The system does not include any master list, index or other central means of identifying all individuals whose records are included in the various sets of records covered by the system.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Authority for this system comes from the authorities regarding the establishment of the National Institutes of Health, its general authority to conduct and fund research and to provide training assistance, and its general authority to maintain records in connection with these and its other functions (42 U.S.C. 203, 241, 289l-1 and 44 U.S.C. 3101), and Section 301 and 493 of the Public Health Service Act.Start Printed Page 60766

PURPOSE(S):

This system supports evaluation of the policies, programs, organization, methods, materials, activities or services used by PHS in fulfilling its legislated mandate for (1) conduct and support of biomedical research into the causes, prevention and cure of diseases; (2) support for training of research investigators; (3) communication of biomedical information.

This system is not used to make any determination affecting the rights, benefits or privileges of any individual.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to HHS contractors and collaborating researchers, organizations, and State and local officials for the purpose of conducting evaluation studies or collecting, aggregating, processing or analyzing records used in evaluation studies. The recipients are required to protect the confidentiality of such records.

2. Disclosure may be made to organizations deemed qualified by the Secretary to carry out quality assessments, medical audits or utilization review.

3. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

4. The Department may disclose information from this system of records to the Department of Justice, to court or other tribunal, or to another party before such tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the tribunal, or the other party is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Data may be stored in file folders, bound notebooks, or computer-accessible media (e.g., magnetic tapes, disks, cartridges, CD-ROMs, etc.).

RETRIEVABILITY:

Information is retrieved by name and/or participant identification number within each evaluation study. There is no central collection of records in this system, and no central means of identifying individuals whose records are included in the separate sets of records that are maintained for particular evaluation studies.

SAFEGUARDS:

A variety of safeguards are implemented for the various sets of records in this system according to the sensitivity of the data each set contains. Information already in the public domain, such as titles and dates of publications, is not restricted. However, sensitive information, such as personal or medical history or individually identified opinions, is protected according to its level of sensitivity. Records derived from other systems of records will be safeguarded at a level at least as stringent as that required in the original systems. Minimal safeguards for the protection of information which is not available to the general public include the following:

1. Authorized Users: Regular access to information in a given set of records is limited to PHS or to contractor employees who are conducting, reviewing or contributing to a specific evaluation study. Other access is granted only on a case-by-case basis, consistent with the restrictions required by the Privacy Act (e.g., when disclosure is required by the Freedom of Information Act), as authorized by the system manager or designated responsible official.

2. Physical Safeguards: Records are stored in closed or locked containers, in areas which are not accessible to unauthorized users, and in facilities which are locked when not in use. Records collected in each evaluation project are maintained separately from those of other projects. Sensitive records are not left exposed to unauthorized persons at any time. Sensitive data in machine-readable form may be encrypted.

3. Procedural Safeguards: Access to records is controlled by responsible employees and is granted only to authorized individuals whose identities are properly verified. Data stored in mainframe computers is accessed only through the use of keywords known only to authorized personnel. When personal computers are used, magnetic media (e.g. diskettes, CD-ROMs, etc.) are protected as under Physical Safeguards. When data is stored within a personal computer (i.e., on a “hard disk”), the machine itself is treated as though it were a record, or records, under Physical Safeguards. Contracts for operation of this system of records require protection of the records in accordance with these safeguards; PHS project and contracting officers monitor contractor compliance.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1100-C-2. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

See Appendix I.

Policy coordination for this system is provided by: Acting Director, Office of Reports and Analysis, Office of Extramural Research, Office of the Director (OD), Building 1, Room 252, 1 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the official of the organization responsible for the evaluation, as listed in Appendix II. If you are not certain which component of PHS was responsible for the evaluation study, or if you believe there are records about you in several components of PHS, write to: NIH Privacy Act Officer, 6011 Executive Boulevard, Room 601, Bethesda, MD 20892-7669.

Requesters must provide the following information:

1. Full name, and name(s) used while studying or employed;

2. Name and location of the evaluation study or other PHS program in which the requester participated or the institution at which the requester was a student or employee, if applicable;

3. Approximate dates of participation, matriculation or employment, if applicable. Start Printed Page 60767

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

An individual who requests notification of or access to a medical record shall, at the time the request is made, designate in writing, a responsible representative, who may be a physician, other health professional, or other responsible individual, who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of, or access to, a child's or incompetent person's medical record shall designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The parent or guardian must verify relationship to the child or incompetent person as well as his or her own identity.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Information contained in these records is obtained directly from individual participants; from systems of records 09-25-0036, “Extramural Awards and Chartered Advisory Committees: IMPAC (Grants/Contract Information/Cooperative Agreement Information/Chartered Advisory Committee Information), HHS/NIH/OER and HHS/NIH/CMO;” 09-25-0112, “Grants and Cooperative Agreements: Research, Research Training, Fellowship and Construction Applications and Related Awards, HHS/NIH/OD;” NSF-6, “Doctorate Record File,” NSF-43, “Doctorate Work History File” (previously entitled NSF-43, “Roster and Survey of Doctorate Holders in The United States” and other records maintained by the operating programs of NIH; the National Academy of Sciences, professional associations such as the AAMC and ADA, and other contractors; grantees or collaborating researchers; or publicly available sources such as bibliographies.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

Appendix I: System Managers

Office of Reports and Analysis, Office of Extramural Research, Office of the Director (OD), Rockledge II, Room 6212, 6701 Rockledge Drive, Bethesda, MD 20892.

Director, Office of Human Resource Management, Office of the Director (OD), Building 1, Room B160, 1 Center Drive, Bethesda, MD 20892.

Program Analyst, Office of Science and Technology, PSR, National Heart, Lung and Blood Institute (NHLBI), Building 31, Room 5A03, 31 Center Drive, Bethesda, MD 20892-2482.

Associate Director for Health Information Programs Development, National Library of Medicine (NLM), Building 38, Room 2S20, 8600 Rockville Pike, Bethesda, MD 20894.

Associate Director for Science Policy and Legislation, National Eye Institute (NEI), Building 31, Room 6A25, 31 Center Drive, Bethesda, MD 20892-2510.

Public Health Educator, Office of Cancer Communications, National Cancer Institute (NCI), Building 31, Room 10A03, 31 Center Drive, Bethesda, MD 20892.

Chief, Office of Planning, Analysis, National Institute on Aging (NIA), Building 31, Room 5C05, 31 Center Drive, Bethesda, MD 20892.

Associate Director for Science Policy, Analysis, and Communication, National Institute of Child Health and Human Development (NICHD), Building 31, Room 2A18, 31 Center Drive, Bethesda, MD 20892.

Chief, Science Policy and Planning Branch, National Institute on Deafness and Other Communication Disorders (NIDCD), Building 31, Room 3C27, 31 Center Drive, Bethesda, MD 20892-2320.

Evaluation Officer, Office of Science Policy and Analysis, National Institute of Dental and Craniofacial Research (NIDCR), Building 31, Room 5B55, 31 Center Drive, Bethesda, MD 20892-2190.

Program Analyst, Office of Program Planning and Evaluation, National Institute of Environmental Health Sciences (NIEHS), PO Box 12233, Research Triangle Park, NC 27709.

Chief, Office of Program Analysis and Evaluation, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 2AS55F, 45 Center Drive, Bethesda, MD 20892.

Director, Division of Advanced Studies and Policy Analyses, Fogarty International Center (FIC), Building 16, Room 202, 16 Center Drive, Bethesda, MD 20892-6705.

Information Officer, Center for Scientific Review (CSR), Rockledge II, Room 6160, 6701 Rockledge Drive, Bethesda, MD 20892.

Director, Office of Science Policy and Public Liaison, National Center for Research Resources (NCRR), Rockledge II, Room 5046, 6701 Rockledge Drive, Bethesda, MD 20892.

Chief, Office of Planning, Analysis and Evaluation, National Institute of Nursing Research (NINR), Building 31, Room 5B09, 31 Center Drive, Bethesda, MD 20892.

Policy Analyst, Division of Policy and Education, Office of Research Integrity, U.S. Public Health Service, 5515 Security Lane, Suite 700, Rockwall II Building, Rockville, MD 20852.

Contract Officer, National Institute of Mental Health (NIMH), 6001 Executive Boulevard, Room 6107, Bethesda, MD 20892.

Program Evaluation Team, Office of Scientific Affairs, National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building, Room 409, 6000 Executive Boulevard, Bethesda, MD 20892-7003.

Evaluation Officer, Office of Science Policy and Operations, National Center for Complementary and Alternative Medicine (NCCAM), Democracy Plaza II, Room 401, 6707 Democracy Boulevard, Bethesda, MD 20892-5475.

Privacy Act Coordinator, National Institute of Biomedical Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive, Bethesda, MD 20892-2077.

Privacy Act Coordinator, National Center on Minority Health and Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707 Democracy Boulevard, Bethesda, MD 20892-5465.

Appendix II: Notification and Access Officials

Acting Director, Office of Reports and Analysis, Office of Extramural Research, Office of the Director (OD), Building 1, Room 252, 1 Center Drive, Bethesda, MD 20892.

Director, Office of Human Resources Management, Office of the Director (OD), Building 1, Room B160, 1 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Heart, Lung, and Blood Institute (NHLBI), Building 31, Room 5A33, 31 Center Drive, Bethesda, MD 20892.

Assistant Director for Planning and Evaluation, National Library of Medicine (NLM), Building 38, Room 2S18, 8600 Rockville Pike, Bethesda, MD 20894.

Program Evaluation Team, Office of Scientific Affairs, National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building, Room 409, 6000 Executive Boulevard, Bethesda, MD 20892-7003.

Contract Officer, National Institute of Mental Health (NIMH), 6001 Executive Boulevard, Room 6107, Bethesda, MD 20892.

Executive Officer, National Eye Institute (NEI), Building 31, Room 6A03, 31 Center Drive, Bethesda, MD 20892-2510.

Director, Division of Advanced Studies and Policy Analysis, Fogarty International Center (FIC), Building 16, Room 202, 16 Center Drive, Bethesda, MD 20892-6705. Start Printed Page 60768

Information Officer, Center for Scientific Review (CSR), Rockledge II, Room 6160, 6701 Rockledge Drive, Bethesda, MD 20892.

Director, Office of Science Policy and Public Liaison, National Center for Research Resources (NCRR), Rockledge II, Room 5046, 6701 Rockledge Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Cancer Institute (NCI), Building 31, Room 10A30, 31 Center Drive, Bethesda, MD 20892.

09-25-0158

SYSTEM NAME:

Administration: Records of Applicants and Awardees of the NIH Intramural Research Training Awards Program, HHS/NIH/OD/OIR/OE.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

This system is located in each of the intramural offices and laboratories where the Intramural Research Training Awards (IRTA) Fellow is located and assigned, including the respective Scientific Director's office, the administrative and personnel offices, and in Personnel branches responsible for administering the IRTA Program, and the Office of Education, Office of Intramural Research, Office of the Director, Building 2, Room 2E04, 2 Center Drive, Bethesda, MD 20892.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Applicants for IRTA Fellowships, current IRTA Fellows, and former IRTA Fellows.

CATEGORIES OF RECORDS IN THE SYSTEM:

These records contain information relating to education and training, employment history, scientific publications; research goals; letters of reference; and personal information such as name, date of birth, social security number, home address and citizenship; and information related to fellowship awards such as stipend levels, training assignments, training expenses and travel allowances.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 284(b)(1)(C), 286b-3, and 287c-1 authorizes PHS to make awards for biomedical research and research training.

PURPOSE(S):

Records in this system are used to determine individuals' eligibility and evaluate their qualifications for IRTA Fellowships; to document the basis for management actions relating to Fellowships that are awarded; and to provide data for program evaluation.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to the Office of Human Resource Management for evaluation of NIH Personnel programs.

2. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the written request of that individual.

3. Disclosure may be made to the Department of Justice or to a court or other tribunal from this system of records, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case HHS determines that such disclosure is compatible with the purpose for which the records were collected.

4. Disclosure may be made to a Federal, State or local agency maintaining civil, criminal or other pertinent records, such as current licenses, if necessary to obtain a record relevant to an agency decision concerning the selection or retention of a fellow.

5. Disclosure may be made to a Federal agency, in response to its request, in connection with hiring or retention of an employee, the issuance of a security clearance, an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the record is relevant and necessary to the requesting agency's decision on the matter.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored in file folders, and on magnetic tapes and disks and computer programs.

RETRIEVABILITY:

Records are retrieved by name, social security number, or institute list number.

SAFEGUARDS:

1. Authorized Users: Access is granted only to NIH scientists, administrative office staff, personnel staff and financial management staff directly involved in the administration of the IRTA Program.

2. Physical Safeguards: File folders are kept in locked drawers or locked rooms when system personnel are not present.

3. Procedural Safeguards: Access to file folders is controlled by system personnel. Records may be removed from the files only with the approval of the system manager or other authorized employees. Data stored in the automated system is accessed through the use of keywords known only to authorized personnel.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1 -“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 4000-E-3. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Personnel/Principal or Senior Administrative Officers of the National

Institutes of Health Institutes/Centers. Contact the individual listed under notification procedure for the name and address of the appropriate System Manager.

NOTIFICATION PROCEDURE:

To determine if a record exists and where it is located, contact: Chief, Staffing Management Branch, Office of Human Resource Management, Building 31, Room 1C31, 31 Center Drive, Bethesda, MD 20892.

The requestor must also verify his or her identity by providing either a Start Printed Page 60769notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Write to the official specified under the Notification Procedures above, and reasonably identify the record and specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is untimely, incomplete, irrelevant or inaccurate. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Applicants, persons and institutions supplying references.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0160

SYSTEM NAME:

United States Renal Data System (USRDS), HHS/NIH/NIDDK.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Records are located at contractor operated coordinating center. Write to the System manager at address below for address of current location. U.S. Renal Data System, Coordinating Center (CC), 914 South 8th Street, Suite D-206, Minneapolis, MN 55404.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Persons with end-stage renal disease (ESRD), providers of ESRD services.

CATEGORIES OF RECORDS IN THE SYSTEM:

Health and medical record data; fiscal information; patient names, social security number, Centers for Medicare and Medical Services (CMS) beneficiary ID, patient demographic, epidemiologic and survival characteristics; physician provider characteristics; facility provider characteristics.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241a, 289c, as last amended by Pub. L. 100-607, November 4, 1988 under the Health Omnibus Programs Extension of 1988.

PURPOSE(S):

1. To design and implement a consolidated renal disease system that will provide the biostatistical, data management and analytical expertise necessary to characterize the total renal patient population and describe the distribution of patients by sociodemographic variables across treatment modalities.

2. To report on the incidence, prevalence, and mortality rates of renal disease by primary diagnosis.

3. To identify the modalities of treatment best suited to individual patients. To compare the various treatment alternatives to examine the prevention and progression of renal disease by morbidity, mortality, and quality of life criteria.

4. To identify problems and opportunities for more focused investigations of renal research issues currently unaddressed by the consolidated data system.

5. To share data with other PHS agencies and CMS for their use in research analysis and program administration.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure from the record of an individual may be made to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her official capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

2. Disclosure may be made to a Congressional office from the record of an individual in response to a written inquiry from the Congressional office made at the written request of the individual.

3. Disclosure may be made to the HHS contractor for the purpose of collating, analyzing, aggregating or otherwise refining or processing records in this system for developing, modifying and/or manipulating ADP software. Data would also be disclosed to contractors incidental to consultation, programming, operation, user assistance, or maintenance for an ADP or telecommunications systems containing or supporting records in the system. The contractor shall be required to maintain Privacy Act safeguards with respect to such records.

4. A record may be disclosed for a research purpose, when the Department: (A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) Has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (C) Has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; (D) Has secured a written statement attesting to the recipients understanding of, and willingness to abide by these provisions.

Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions. Start Printed Page 60770

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Electronic medium; selected hard copy backup.

RETRIEVABILITY:

Information will be retrieved by patient identification number such as social security number and CMS beneficiary ID. Individual patient data provided only as noted above. Statistical data provided as noted above and to the general public as part of periodic published reports.

SAFEGUARDS:

A variety of safeguards are implemented for the various sets of records in this system according to the sensitivity of the records:

1. Authorized Users: Regular access is limited to National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), CMS and contract personnel who have a need for the data in performance of their duties as determined by the system manager.

2. Physical Safeguards: Records are stored in areas where access is restricted to areas where data are maintained and processed; data tapes and hard copy data are stored in locked files in secured areas; terminal access controlled by user ID and keywords; off-site data backups in two locations—a remote area of the same building and a separate building; and fire protection secured by Halon fire extinguisher system and fire alarm system present in the computer room.

3. Procedural Safeguards: Contractors who maintain records in this system are instructed to make no further disclosure of the records except as authorized by the system manager and permitted by the Privacy Act.

Privacy Act requirements are specifically included in contracts and in agreements with grantees or collaborators participating in research activities supported by this system. HHS project directors, contract officers, and project officers oversee compliance with these requirements.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 3000-G-3(b), which allows records to be kept as long as they are useful in scientific research. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Epidemiology Program Director, National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), Division of Kidney, Urologic and Hematologic Diseases, Rockledge II, Room 615, 6701 Democracy Boulevard, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the address noted above. Provide notarized signature as proof of identity. The request should include as much of the following information as possible: (a) Full name; (b) title of project individual participated in; and (c) approximate dates of participation.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager at the address specified under notification procedures above and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

The majority of health, medical, fiscal and other demographic information on patients and health care providers is from the end stage renal disease program of the Centers for Medicare and Medicaid Services (CMS). Additional data comes from other CMS Medicare patient records, the National Death Index, and other sources of non-Medicare ESRD patient records such as the NIH Continuous Ambulatory Peritoneal Dialysis (CAPD) Registry, the United Network of Organ Sharing (UNOS) transplant patients, the Veteran's Administration, and the Indian Health Service.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0166

SYSTEM NAME:

Administration: Radiation and Occupational Safety and Health Management Information Systems, HHS/NIH/ORS.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Radiation Safety Branch, Division of Safety, Office of Research Services (ORS), Building 21, Room 134, 21 Wilson Drive, Bethesda, MD 20892.

Occupational Safety and Health Branch, Division of Safety, Office of Research Services (ORS), Building 13, Room 3K04, 13 South Drive, Bethesda, Maryland 20892.

Write to appropriate System Manager at the address below for the address of contractor locations, including the address of any Federal Records Center where records from this system may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Radiation Safety Branch (RSB): NIH employees using radioactive materials or radiation producing machinery, contractor employees who provide service to the Radiation Safety Branch and any other individuals who could potentially be exposed to radiation or radioactivity as a result of NIH operations and who, therefore, must be monitored in accordance with applicable regulations.

Occupational Safety and Health Branch (OSHB): Individuals (including NIH employees and NIH service contract employees) who use or come into contact with potentially hazardous biological or chemical materials, and participants of occupational safety and health monitoring/surveillance programs.

CATEGORIES OF RECORDS IN THE SYSTEM:

Employee name, title, organizational affiliation, birth date, social security number (optional), work address, work telephone number, name of supervisor, and other necessary employment information; radiation/occupational safety and health training information; medical and technical information pertaining to safety and health related initiatives; research protocols and other related documents used to monitor and track radiation exposure and exposure to potentially hazardous biological or chemical materials; radiation materials usage data; and incident data. Start Printed Page 60771

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

42 U.S.C. 241, regarding the general powers and duties of the Public Health Service relating to research and investigation; 5 U.S.C. 7902 regarding agency safety programs; and 42 U.S.C. 2201, regarding general duties of the Nuclear Regulatory Commission including the setting of standards to cover the possession and use of nuclear materials in order to protect health.

PURPOSE(S):

1. To provide adequate administrative controls to assure compliance with internal NIH policies, and applicable regulations of the Occupational Safety and Health Administration (OSHA), Department of Labor, and other Federal and/or State agencies which may establish health and safety requirements or standards. Ensure legal compliance with requirements of Nuclear Regulatory Commission to maintain internal and external radiation exposure data.

2. To identify, evaluate and monitor use or contact (including incident follow-up) with: radiation (exposure maintained at lowest levels reasonable); biological and/or chemical (potentially hazardous materials). To monitor, track, and assess the use of personal protective equipment in the work place to ensure availability, effectiveness, and proper maintenance. To address emergent safety and health issues or concerns.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual

2. Disclosure may be made to the Department of Justice or to a court or other tribunal from this system of records, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States of any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case HHS determines that such disclosure is compatible with the purpose for which the records were collected.

3. Disclosure may be made to contractors for the purpose of processing or refining the records. Contracted services may include monitoring, testing, sampling, surveying, evaluating, transcription, collation, computer input, and other records processing. The contractor shall be required to maintain Privacy Act safeguards with respect to such records.

4. Disclosure may be made to: (a) Officials of the United States Nuclear Regulatory Commission which, by Federal regulation, licenses, inspects and enforces the regulations governing the use of radioactive materials; and (b) OSHA, which provides oversight to ensure that safe and healthful work conditions are maintained for employees. Disclosure will also be permitted to other Federal and/or State agencies which may establish health and safety requirements or standards.

5. Radiation exposure and/or training and experience history may be transferred to new employer.

6. A record may be disclosed for a research purpose, when the Department: (A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; (D) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained in file cabinets or in computer databases maintained by the RSB and OSHB. Records may be stored in file folders, binders, magnetic tapes, magnetic disks, optical disks and/or other types of data storage devices.

RETRIEVABILITY:

Records are retrieved by name, social security number, office address, or unique RSB or OSHB assigned identification number.

SAFEGUARDS:

1. Authorized Users: Employees who maintain this system are instructed to grant regular access only to RSB/OSHB staff, authorized contractor personnel, U.S. Nuclear Regulatory Commission Inspectors, Radiation Safety Committee Members, Biosafety Committee members, and other appropriate NIH administrative and management personnel with a need to know. Access to information is thus limited to those with a need to know.

2. Physical Safeguards: Rooms where records are stored are locked when not in use. During regular business hours, rooms are unlocked but are controlled by on-site personnel. Individually identifiable records are kept in locked file cabinets or rooms under the direct control of the Project Director.

3. Procedural Safeguards: Names and other identifying particulars are deleted when data from original records are encoded for analysis. Data stored in computers is accessed through the use of keywords known only to authorized users. All users of personal information in connection with the performance of their jobs (see Authorized Users, above) will protect information from public view and from unauthorized personnel entering an unsupervised office. The computer terminals are in secured areas and keywords needed to access data files will be changed frequently.

4. Additional RSB Technical Safeguards: Computerized records are accessible only through a series of code or keyword commands available from and under direct control of the Project Director or his/her delegated representatives. The computer records are secured by a multiple level security system which is capable of controlling access to the individual data field level. Start Printed Page 60772Persons having access to the computer database can be restricted to a confined application which only permits a narrow “view” of the data. Data on computer files is accessed by keyword known only to authorized users who are NIH or contractor employees involved in work for the program.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361): item 1300-B which applies to Division of Safety records. Refer to the NIH Manual Chapter for specific disposition instructions. Radiation exposure records are retained under item 1300-B-10, which does not allow disposal at this time.

SYSTEM MANAGER(S) AND ADDRESS:

Assistant Chief, Information Technology, Radiation Safety Branch, Division of Safety, Office of Research Services (ORS), National Institutes of Health, Building 21, Room 134, 21 Wilson Drive, Bethesda, Maryland 20892.

Chief, Occupational Safety and Health Branch, Division of Safety, Office of Research Services (ORS), Building 13, Room 3K04, 13 South Drive, Bethesda, Maryland 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the appropriate System Manager as listed above. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is whom he or she claims to be. The request should include: (a) Full name, and (b) appropriate dates of participation.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request an accounting of disclosure of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the appropriate System Manager specified above and reasonably identify the record, specify the information to be contested, and state the corrective action sought with supporting documentation. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Information is obtained from the subject individual, previous employers and educational institutions, contractors, safety and health monitoring/surveillance records, employee interviews, site visits, or other relevant NIH organizational components.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0167

SYSTEM NAME:

National Institutes of Health (NIH) TRANSHARE Program, HHS/NIH/OD.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Employee Transportation Services Office, National Institutes of Health, Building 31, Room B3B08, 31 Center Drive, Bethesda, MD 20892.

Recreation and Welfare Association Activities Desk, National Institutes of Health, Building 31, Room B1W30A, 31 Center Drive, Bethesda, MD 20892.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

NIH employees who apply for and participate in the NIH TRANSHARE Program.

CATEGORIES OF RECORDS IN THE SYSTEM:

Name, home address, parking hanger permit number, unique computer identification number, NIH TRANSHARE commuter card number, NIH pay plan, grade level, office phone number, building and room, Institute/Center designation, name of supervisor, commute mode to work, and type of fare media used.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Section 629 of Pub. L. 101-509, “State or Local Government Programs Encouraging Employee Use of Public Transportation; Federal Agency Participation,” found at 5 U.S.C. note prec. section 7901.

PURPOSE(S):

1. To manage the NIH TRANSHARE Program, including receipt and processing of employee applications, and coordination of the fare media distribution to employees.

2. To monitor the use of appropriated funds used to support the NIH TRANSHARE Program.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING

CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case HHS determines that such disclosure is compatible with the purpose for which the records were collected.

3. NIH may disclose applicant's name, unique computer identification number, NIH TRANSHARE commuter card number, and type of participant's fare media to be disbursed to cashiers of the Recreation and Welfare Association of the National Institutes of Health, Inc. (R&W Association) who are responsible for distribution of fare media. Cashiers are required to maintain Privacy Act safeguards with respect to such records.

4. Disclosure may be made to organizations deemed qualified by the Secretary to carry out quality assessments or utilization review.

5. NIH may disclose statistical reports containing information from this system of records to city, county, State, and Federal Government agencies (including the General Accounting Office).

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained in file folders and computer disks. Start Printed Page 60773

RETRIEVABILITY:

Records are retrieved by name and NIH TRANSHARE commuter card number.

SAFEGUARDS:

1. Authorized Users: Data on computer files is accessed by keyword known only to authorized users who are ETSO employees and cashiers of the R&W Association who are responsible for implementing the Program. Cashier access will be limited to applicant's name, unique computer identification number, NIH TRANSHARE computer card number, and type of fare media disbursed. Access to information is thus limited to those with a need to know.

2. Physical Safeguards: Rooms where records are stored are locked when not in use. During regular business hours, rooms are unlocked but are controlled by on-site personnel.

3. Procedural and Technical Safeguards: A password is required to access the terminal, and a data set name controls the release of data to only authorized users. All users of personal information in connection with the performance of their jobs (see Authorized Users, above) protect information from public view and from unauthorized personnel entering an unsupervised office.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1500-A-3. Records are retained for a maximum of two years following the last month of an employee's participation in the NIH TRANSHARE Program. Paper copies are destroyed by shredding. Computer files are destroyed by deleting the record from the file.

SYSTEM MANAGER(S) AND ADDRESS

Traffic Management Specialist, Employee Transportation Service Officer, Division of Security Operations, Office of Research Services (ORS), Building 31, Room B3B08, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager listed above. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be. The request should include: (a) full name, and (b) appropriate dates of participation. The requester must also understand that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Write to the System Manager specified above to attain access to records and provide the same information as is required under the Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request an accounting of disclosure of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager specified above and reasonably identify the record, specify the information to be contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Subject individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0168

SYSTEM NAME:

Invention, Patent, and Licensing Documents Submitted to the Public Health Service by its Employees, Grantees, Fellowship Recipients, and Contractors, HHS/NIH/OD.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Office of Technology Transfer, Office of Intramural Research, Office of the Director (OD), 6011 Executive Boulevard, Room 325, Bethesda, MD 20892.

Office of Financial Management, Office of the Director (OD), Building 31, Room B1B55, 31 Center Drive, Bethesda, Maryland 20892.

Office of Reports and Analysis, Office of Extramural Research, Office of the Director (OD), Building 1, Room 252, 1 Center Drive, Bethesda, MD 20892-2184.

Public Health Service (PHS) Technology Development Coordinators and PHS Contract Attorneys retain files supplemental to the records maintained by the Office of Technology Transfer.

Extramural Inventions and Technology Resources Branch, Office of Policy for Extramural Research Administration, Office of Extramural Research, Office of the Director (OD), Rockledge I, Room 1040, 6705 Rockledge Drive, Bethesda, MD 20892-7980.

Write to the System Manager at the address below for office locations.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

PHS employees, grantees, fellowship recipients and contractors who have reported inventions, applied for patents, have been granted patents, and/or are receiving royalties from patents.

CATEGORIES OF RECORDS IN THE SYSTEM:

Inventor name, address, social security number (required if inventor is receiving royalties, otherwise optional), title and description of the invention, Employee Invention Report (EIR) number, Case/Serial Number, prior art related to the invention, evaluation of the commercial potential of the invention, prospective licensees' intended development of the invention, associated patent prosecution and licensing documents and royalty payment information.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

35 U.S.C. 200 and 15 U.S.C. 3710 provide authority to maintain the records; 37 CFR Part 401 “Rights to Inventions Made by Nonprofit Organizations and Small Business Firms under Government Grants, Contracts, and Cooperative Agreements;” 37 CFR Part 404 “Licensing of Government Owned Inventions;” and 45 CFR Part 7 “Employee Inventions.”

PURPOSE(S):

Records in this system are used to: (1) Obtain patent protection of inventions submitted by PHS employees; (2) monitor the development of inventions made by grantees, fellowship recipients and contractors and protect the government rights to patents made with NIH support; (3) grant licenses to patents obtained through the invention reports; and (4) provide royalty payments to PHS inventors, non-government contractors, and non-profit and educational institutions. Start Printed Page 60774

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. Disclosure may be made to the Department of Justice or to a court or other tribunal from this system of records, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case HHS determines that such disclosure is compatible with the purpose for which the records were collected. Disclosure may also be made to the Department of Justice to obtain legal advice concerning issues raised by the records in this system.

3. In the event that a system of records maintained by this agency to carry out its functions indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule or order issued pursuant thereto, the relevant records in the system of records may be referred to the appropriate agency, whether Federal, State, or local, charged with enforcing or implementing the statute or rule, regulation or order issued pursuant thereto.

4. NIH may disclose records to Department contractors and subcontractors for the purpose of collecting, compiling, aggregating, analyzing, or refining records in the system. Contractors maintain, and are also required to ensure that subcontractors maintain, Privacy Act safeguards with respect to such records.

5. NIH may disclose information from this system of records for the purpose of obtaining patent protection for PHS inventions and licenses for these patents to: (a) Scientific personnel, both in this agency and other Government agencies, and in non-Governmental organizations such as universities, who possess the expertise to understand the invention and evaluate its importance as a scientific advance; (b) contract patent counsel and their employees and foreign contract personnel retained by the Department for patent searching and prosecution in both the United States and foreign patent offices; (c) all other Government agencies whom PHS contacts regarding the possible use, interest in, or ownership rights in PHS inventions; (d) prospective licensees or technology finders who may further make the invention available to the public through sale or use; (e) parties, such as supervisors of inventors, whom PHS contacts to determine ownership rights, and those parties contacting PHS to determine the Government's ownership; and (f) the United States and foreign patent offices involved in the filing of PHS patent applications.

6. NIH will report to the Treasury Department, Internal Revenue Service (IRS), as taxable income, the amount of royalty payment paid to PHS inventors.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

The records will be stored in file folders, computer tapes and computer disks.

RETRIEVABILITY:

Records are retrieved by name of the inventor, EIR number, or keywords relating to the nature of the invention, Case/Serial Number, Licensing Number, internal reference numbers, contractor, agency, Institute, and/or Center.

SAFEGUARDS:

1. Authorized Users: Data on computer files is accessed by password known only to authorized users who are NIH or contractor employees involved in patenting and licensing of PHS inventions. Access to information is thus limited to those with a need to know.

2. Physical Safeguards: Records are stored in a dedicated file room or in locking file cabinets in file folders. During normal business hours, OTT Records Management on-site contractor personnel regulate availability of the files. During evening and weekend hours the offices are locked and the building is closed.

3. Procedural and Technical Safeguards: Data stored in computers will be accessed through the use of passwords known only to the authorized users. A password is required to access the database. All users of personal information in connection with the performance of their jobs (see Authorized Users, above) protect information, including confidential business information submitted by potential licensees, from public view and from unauthorized personnel entering an unsupervised office.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 1100-L, which allows records to be kept for a maximum of thirty years. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Freedom of Information Act Coordinator, Office of Technology Transfer, Office of Intramural Research, Office of the Director (OD), 6011 Executive Boulevard, Room 325, Bethesda, MD 20892.

Office of Reports and Analysis, Office of Extramural Research, Office of the Director (OD), Building 1, Room 252, 1 Center Drive, Bethesda, Maryland 20892-2184.

Extramural Inventions and Technology Resources Branch, Office of Policy for Extramural Research Administration, Office of Extramural Research, Office of the Director (OD), Rockledge I, 6705 Rockledge Drive, Room 1040, Bethesda, MD 20892-7980.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager listed above. The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine. The request should include: (a) Full name, and (b) appropriate identifying information on the nature of the invention. Start Printed Page 60775

RECORD ACCESS PROCEDURE:

Write to the System Manager specified above to attain access to records and provide the same information as is required under the Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request an accounting of disclosure of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager specified above and reasonably identify the record, specify the information to be contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Inventors and other collaborating persons, grantees, fellowship recipients and contractors; other Federal agencies; scientific experts from non-Government organizations; contract patent counsel and their employees and foreign contract personnel; United States and foreign patent offices; prospective licensees; PHS Technology Development Coordinators, Internet and commercial databases, and third parties whom PHS contacts to determine individual invention ownership or Government ownership.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0169

SYSTEM NAME:

Medical Staff-Credentials Files, HHS/NIH/CC.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Credentialing Services Office, Clinical Center (CC), Building 10, Room 1N204, 10 Center Drive, Bethesda, MD 20892-1192.

Write to the System Manager at the address below for a list of Contractor locations, including the address of any Federal Records Center where records from this system may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals who have been approved as members of the medical staff at the Warren G. Magnuson Clinical Center.

CATEGORIES OF RECORDS IN THE SYSTEM:

Medical staff names, date of birth, home address and telephone number, office address and telephone number, citizenship, visa information, appointment date, hospital-wide computer access privileges, Institute/Center designation, branch/lab, type of medical staff membership, privilege delineation, professional degree(s) including school of attendance and graduation dates, foreign medical examinations, specialty board certifications, licensing information (including state of licensure and license number), record of disciplinary actions, documentation of training, and admitting privileges.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

The authority for collecting the requested information is contained in section 301 (42 U.S.C. 241) of the Public Health Service Act, as amended, outlining the authority of the Secretary to, within the Public Health Service (PHS), promote the coordination of various research and associated activities, including for purposes of study, admitting and treating individuals at PHS facilities. Section 402(b) of the Public Health Service Act (42 U.S.C. 282(b)), as amended, outlining the authority of the Director of the National Institutes of Health (NIH) with respect to the admission and treatment of individuals at NIH facilities for purposes of study.

PURPOSE(S):

These records are used to: (1) Maintain information used in the credentialing and privileging of active medical staff members at the Warren G. Magnuson Clinical Center; (2) document patient care privileges for active members of the medical staff; (3) provide information about active and non-active members of the medical staff to authorized individuals; and (4) report to the National Practitioner Data Bank as required by the provisions of Title IV of Pub. L. 99-660, as amended.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation, and HHS determines that the use of such records by the Department of Justice, court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case HHS determines that such disclosure is compatible with the purpose for which the records were collected.

3. In the event that a system of records maintained by this agency to carry out its functions indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule or order issued pursuant thereto, the relevant records in the system of records may be referred to the appropriate agency, whether Federal, State, or local, charged with enforcing or implementing the statute or rule, regulation or order issued pursuant thereto.

4. NIH may disclose records to Department contractors and subcontractors for the purpose of collecting, compiling, aggregating, analyzing, or refining records in the system. Contractors maintain, and are also required to ensure that subcontractors maintain, Privacy Act safeguards with respect to such records.

5. NIH may disclose information to representatives of the Joint Commission on Accreditation of Healthcare Organizations for the purpose of conducting quality assurance reviews and inspections of the Warren G. Magnuson Clinical Center credentialing policies and procedures.

6. NIH may disclose information from this system of records to State medical boards for purposes of professional quality assurance activities.

7. NIH may disclose information from this system of records to health care facilities for the purpose of verifying that an individual to whom they intend to grant medical staff or patient care privileges has or previously held such privileges at the Warren G. Magnuson Clinical Center. Start Printed Page 60776

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored on paper forms in file folders and in electronic databases.

RETRIEVABILITY:

Records are retrieved by name, date of birth, type of medical staff membership, Institute/Center and licensing status.

SAFEGUARDS:

1. Authorized Users: Data on the computer network system is accessed by a password known only to authorized users who are NIH employees and contractor staff responsible for implementing the medical staff credentials data system. Access to information is thus limited to those with a need to know.

2. Physical Safeguards: Rooms where records are stored are locked when not in use. During regular business hours rooms are unlocked but entry is controlled by on-site personnel.

3. Procedural and Technical Safeguards: Access to files is strictly controlled by the system manager. Names and other identifying particulars are deleted when data from original records are encoded for analysis. Data stored in computers is accessed through a network system by use of a password known only to authorized users. All authorized users of personal information in connection with the performance of their jobs (see Authorized Users, above) protect information from public view and from unauthorized personnel entering an unsupervised office.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1B “Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 2300-293-4, “Medical Staffs' Credential Files,” which allows inactive records to be transferred to the Federal Records Center at five year intervals and to be destroyed after thirty years. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Chief, Credentialing Services Office, Clinical Center, Building 10, Room 1N204, 10 Center Drive, Bethesda, MD 20892-1192.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the above address. The requester must provide tangible proof of identity (e.g., driver's license). If no identification papers are available, the requester must verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Write to the System Manager specified above to attain access to records and provide the same information as that required under the Notification Procedures. Requesters should also reasonably specify the record contents being requested. Individuals may also request an accounting of disclosure of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager specified above and reasonably identify the record, specify the information to be contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely or irrelevant. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Subject individual.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0200

SYSTEM NAME:

Clinical, Basic and Population-based Research Studies of the National Institutes of Health (NIH), HHS/NIH/OD.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Records are located at NIH and Contractor research facilities which collect or provide research data for this system. Contractors may include, but are not limited to: Research centers, clinics, hospitals, universities, medical schools, research institutions/foundations, national associations, commercial organizations, collaborating State and Federal Government agencies, and coordinating centers. A current list of sites, including the address of any Federal Records Center where records from this system may be stored, is available by writing to the appropriate Coordinator listed under Notification Procedure.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Adults and/or children who are the subjects of clinical, basic, or population-based research studies of the NIH. Individuals with disease. Individuals who are representative of the general population or of special groups including, but not limited to: normal controls, normal volunteers, family members and relatives; providers of services (e.g., health care and social work); health care professionals and educators, and demographic sub-groups as applicable, such as age, sex, ethnicity, race, occupation, geographic location; and groups exposed to real and/or hypothesized risks (e.g., exposure to biohazardous microbial agents).

CATEGORIES OF RECORDS IN THE SYSTEM:

The system contains data about individuals as relevant to a particular research study. Examples include, but are not limited to: name, study identification number, address, relevant telephone numbers, social security number (voluntary), driver's license number, date of birth, weight, height, sex, race; medical, psychological and dental information, laboratory and diagnostic testing results; registries; social, economic and demographic data; health services utilization; insurance and hospital cost data, employers, conditions of the work environment, exposure to hazardous substances/compounds; information pertaining to stored biologic specimens (including blood, urine, tissue and genetic materials), characteristics and activities of health care providers and educators and trainers (including curricula vitae); and associated correspondence.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

“Research and Investigation,” “Appointment and Authority of the Directors of the National Research Institutes,” “National Cancer Institute,” “National Eye Institute,” “National Heart, Lung and Blood Institute,” “National Institute on Aging,” “National Start Printed Page 60777Institute on Alcohol Abuse and Alcoholism,” “National Institute on Allergy and Infectious Diseases,” “National Institute of Arthritis and Musculoskeletal and Skin Diseases,” “National Institute of Child Health and Human Development,” “National Institute on Deafness and Other Communication Disorders,” “National Institute of Dental and Craniofacial Research,” “National Institute of Diabetes, and Digestive and Kidney Diseases,” “National Institute of Drug Abuse,” “National Institute of Environmental Health Sciences,” “National Institute of Mental Health,” “National Institute of Neurological Disorders and Stroke,” and the “National Human Genome Research Institute” of the Public Health Service Act. (42 U.S.C. 241, 242, 248, 281, 282, 284, 285a, 285b, 285c, 285d, 285e, 285f, 285g, 285h, 285i, 285j, 285l, 285m, 285n, 285o, 285p, 285q, 287, 287b, 287c, 289a, 289c, and 44 U.S.C. 3101.)

PURPOSE(S):

To document, track, monitor and evaluate NIH clinical, basic, and population-based research activities.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. A record may be disclosed for a research purpose, when the Department: (A) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; e.g., disclosure of alcohol or drug abuse patient records will be made only in accordance with the restrictions of confidentiality statutes and regulations 42 U.S.C. 241, 42 U.S.C. 290dd-2, 42 CFR part 2, and where applicable, no disclosures will be made inconsistent with an authorization of confidentiality under 42 U.S.C. 241 and 42 CFR part 2a; (B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; and (D) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by, these provisions.

2. Disclosure may be made to a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained.

3. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records by the Department of Justice is, therefore, deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.

4. Disclosure may be made to agency contractors, grantees, experts, consultants, collaborating researchers, or volunteers who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).

5. Information from this system may be disclosed to Federal agencies, State agencies (including the Motor Vehicle Administration and State vital statistics offices, private agencies, and other third parties (such as current or prior employers, acquaintances, relatives), when necessary to obtain information on morbidity and mortality experiences and to locate individuals for follow-up studies. Social security numbers, date of birth and other identifiers may be disclosed: (1) To the National Center for Health Statistics to ascertain vital status through the National Death Index; (2) to the Health Care Financing Agency to ascertain morbidities; and (3) to the Social Security Administration to ascertain disabilities and/or location of participants. Social security numbers may also be given to other Federal agencies, and State and local agencies when necessary to locating individuals for participation in follow-up studies.

6. Medical information may be disclosed in identifiable form to tumor registries for maintenance of health statistics, e.g., for use in research studies.

7. PHS may inform the sexual and/or needle-sharing partner(s) of a subject individual who is infected with the human immunodeficiency virus (HIV) of their exposure to HIV, under the following circumstances: (1) The information has been obtained in the course of clinical activities at PHS facilities carried out by PHS personnel or contractors; (2) The PHS employee or contractor has made reasonable efforts to counsel and encourage the subject individual to provide the information to the individual's sexual or needle-sharing partner(s); (3) The PHS employee or contractor determines that the subject individual is unlikely to provide the information to the sexual or needle-sharing partner(s) or that the provision of such information cannot reasonably be verified; and (4) The notification of the partner(s) is made, whenever possible, by the subject individual's physician or by a professional counselor and shall follow standard counseling practices.

PHS may disclose information to State or local public health departments, to assist in the notification of the subject individual's sexual and/or needle-sharing partner(s), or in the verification that the subject individual has notified such sexual or needle-sharing partner(s).

8. Certain diseases and conditions, including infectious diseases, may be reported to appropriate representatives of State or Federal Government as required by State or Federal law.

9. Disclosure may be made to authorized organizations which provide health services to subject individuals or provide third-party reimbursement or fiscal intermediary functions, for the purpose of planning for or providing such services, billing or collecting third-party reimbursements.

10. The Secretary may disclose information to organizations deemed qualified to carry out quality assessment, medical audits or utilization reviews. Start Printed Page 60778

11. Disclosure may be made for the purpose of reporting child, elder or spousal abuse or neglect or any other type of abuse or neglect as required by State or Federal law.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records may be stored on index cards, file folders, computer tapes and disks (including optical disks), photography media, microfiche, microfilm, and audio and video tapes. For certain studies, factual data with study code numbers are stored on computer tape or disk, while the key to personal identifiers is stored separately, without factual data, in paper/computer files.

RETRIEVABILITY:

During data collection stages and follow-up, retrieval is by personal identifier (e.g., name, social security number, medical record or study identification number, etc.). During the data analysis stage, data are normally retrieved by the variables of interest (e.g., diagnosis, age, occupation).

SAFEGUARDS:

1. Authorized Users: Access to identifiers and to link files is strictly limited to the authorized personnel whose duties require such access. Procedures for determining authorized access to identified data are established as appropriate for each location. Personnel, including contractor personnel, who may be so authorized include those directly involved in data collection and in the design of research studies, e.g., interviewers and interviewer supervisors; project managers; and statisticians involved in designing sampling plans. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the system manager. Researchers authorized to conduct research on biologic specimens will typically access the system through the use of encrypted identifiers sufficient to link individuals with records in such a manner that does not compromise confidentiality of the individual.

2. Physical Safeguards: Records are either stored in locked rooms during off-duty hours, locked file cabinets, and/or secured computer facilities. For certain studies, personal identifiers and link files are separated and stored in locked files. Computer data access is limited through the use of key words known only to authorized personnel.

3. Procedural Safeguards: Collection and maintenance of data is consistent with legislation and regulations in the protection of human subjects, informed consent, confidentiality, and confidentiality specific to drug and alcohol abuse patients where these apply. When anonymous data is provided to research scientists for analysis, study numbers which can be matched to personal identifiers will be eliminated, scrambled, or replaced by the agency or contractor with random numbers which cannot be matched. Contractors who maintain records in this system are instructed to make no further disclosure of the records. Privacy Act requirements are specifically included in contracts for survey and research activities related to this system. The OHS project directors, contract officers, and project officers oversee compliance with these requirements. Personnel having access are trained in Privacy Act requirements. Depending upon the sensitivity of the information in the record, additional safeguard measures may be employed.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361), item 3000-G-3, which allows records to be kept as long as they are useful in scientific research. Collaborative Perinatal Project records are retained in accordance with item 3000-G-4, which does not allow records to be destroyed. Refer to the NIH Manual Chapter for specific conditions on disposal or retention instructions.

SYSTEM MANAGER(S) AND ADDRESS:

See Appendix I for a listing of current System Managers. This system is for use by all NIH Institutes and Centers.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the appropriate IC Privacy Act Coordinator listed below. In cases where the requester knows specifically which System Manager to contact, he or she may contact the System Manager directly (See Appendix I). Notification requests should include: individual's name; current address; date of birth; date, place and nature of participation in specific research study; name of individual or organization administering the research study (if known); name or description of the research study (if known); address at the time of participation; and in specific cases, a notarized statement (some highly sensitive systems require two witnesses attesting to the individual's identity). A requester must verify his or her identity by providing either a notarization of the request or by submitting a written certification that the is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine.

Individuals will be granted direct access to their medical records unless the System Manager determines that such access is likely to have an adverse effect (i.e., could cause harm) on the individual. In such cases when the System Manager has determined that the nature of the record information requires medical interpretation, the subject of the record shall be requested to designate, in writing, a responsible representative who will be willing to review the record and inform the subject individual of its contents at the representative's discretion. The representative may be a physician, other health professional, or other responsible individual. In this case, the medical/dental record will be sent to the designated representative. Individuals will be informed in writing if the record is sent to the representative. This same procedure will apply in cases where a parent or guardian requests notification of, or access to, a child's or incompetent person's medical record. The parent or guardian must also verify (provide adequate documentation) their relationship to the child or incompetent person as well as his or her own identity to prove their relationship.

If the requester does not know which Institute or Center Privacy Act Coordinator to contact for notification purposes, he or she may contact directly the NIH Privacy Act Officer at the following address: NIH Privacy Act Officer, Office of Management Assessment, 6011 Executive Blvd., Room 601L, Rockville, MD 20852.

NIH Privacy Act Coordinators

Associate Director for Disease Prevention, Office of the Director (OD), Building 1, Room 260, 1 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, Clinical Center (CC), Building 10, Room 1N208, 10 Center Drive, Bethesda, MD 20892. Start Printed Page 60779

Privacy Act Coordinator, National Center for Complementary and Alternative Medicine (NCCAM), Building 31, Room 2B11, 31 Center Drive, Bethesda, MD 20892-2182.

Privacy Act Coordinator, National Cancer Institute (NCI), Building 31, Room 10A34, 31 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Center on Minority Health and Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707 Democracy Boulevard, Bethesda, MD 20892-5465.

Privacy Act Coordinator, National Center for Research Resources (NCRR), Rockledge I, Room 5140, 6705 Rockledge Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Eye Institute (NEI), Building 31, Room 6A32, 31 Center Drive, Bethesda, MD 20892-2510.

Privacy Act Coordinator, National Human Genome Research Institute (NHGRI), Building 10, 3C710, 10 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Heart, Lung, and Blood Institute (NHLBI), Building 31, Room 5A33, 31 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute on Aging (NIA), Gateway Building 31, Room 2C234, 7201 Wisconsin Avenue, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building, Room 400, 6000 Executive Boulevard, Bethesda, MD 20892-7003.

Privacy Act Coordinator, National Institute of Allergy and Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 2143, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Arthritis and Musculoskeletal and Skin Diseases (NIAMS), Natcher Building, Room 5AS49, 45 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Biomedical Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive, Bethesda, MD 20892-2077.

Privacy Act Coordinator, National Institute of Child Health and Human Development (NICHD), Building 31, Room 2A11, 31 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, Office of Extramural Affairs, National Institute on Drug Abuse (NIDA), Neuroscience Center, 6001 Executive Boulevard, Room 3158, Bethesda, MD 20892-9547.

Privacy Act Coordinator, National Institute on Deafness and Other Communication Disorders (NIDCD), Building 31, Room 3C02, 31 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Dental and Craniofacial Research (NIDCR), Natcher Building, Room 4AS25, 45 Center Drive, Bethesda, MD 20892-6401.

Privacy Act Coordinator, National Institute of Diabetes and Digestive and Kidney Disease (NIDDK), Building 31, Room 9A47, 31 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Environmental Health Sciences (NIEHS), PO Box 12233, Research Triangle Park, NC 27709.

Privacy Act Coordinator, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 2AN32, 45 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Mental Health (NIMH), Neuroscience Center, 6001 Executive Boulevard, Room 8102, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Neurological Disorders and Stroke (NINDS), Building 31, Room 8A33, 31 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Nursing Research (NINR), Rockledge II, Room 710, 6701 Rockledge Drive, Bethesda, MD 20892.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should reasonably specify the record contents being sought. An individual may also request an accounting of disclosures of his/her record, if any.

CONTESTING RECORD PROCEDURE:

Contact the appropriate official at the address specified under Notification Procedure, and reasonably identify the record, specify the information being contested, and state corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

The system contains information obtained directly from the subject individual by interview (face-to-face or telephone), written questionnaire, or by other tests, recording devices or observations, consistent with legislation and regulation regarding informed consent and protection of human subjects. Information is also obtained from other sources, including but not limited to: referring medical physicians, mental health/alcohol/drug abuse or other health care providers; hospitals; organizations providing biological specimens; relatives; guardians; schools; and clinical medical research records.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

Appendix I: System Manager(s) and Address(es)

Associate Director for Disease Prevention, Office of the Director (OD), Building 1, Room 260, 1 Center Drive, Bethesda, MD 20892.

Computer Systems Analyst, Division of Cancer Treatment and Diagnosis, National Cancer Institute (NCI), Executive Plaza North, Room 344, 6130 Executive Boulevard, Bethesda, MD 20892.

American Burkitt's Lymphoma Registry, Division of Cancer Etiology, National Cancer Institute (NCI), Executive Plaza North, Suite 434, 6130 Executive Boulevard, Bethesda, MD 20892.

Chief, Genetic Epidemiology Branch, Division of Cancer Epidemiology and Genetics, National Cancer Institute (NCI), Executive Plaza South, Room 7122, 6120 Executive Boulevard, Bethesda, MD 20892-7236.

Program Director, Research Resources, Biological Carcinogenesis Branch, Division of Cancer Etiology, National Cancer Institute (NCI), Executive Plaza North, Room 540, 6130 Executive Boulevard, Bethesda, MD 20892.

Chief, Environmental Epidemiology Branch, Division of Cancer Etiology, National Cancer Institute (NCI), Executive Plaza North, Room 443, 6130 Executive Boulevard, Bethesda, MD 20892.

Associate Director, Surveillance Program, Division of Cancer Prevention, National Cancer Institute (NCI), Executive Plaza North, Room 343K, 6130 Executive Boulevard, Bethesda, MD 20892.

Head, Biostatistics and Data Management Section, Center for Cancer Research, National Cancer Institute (NCI), Building 6116, Room 702, 6116 Executive Boulevard, Bethesda, MD 20892.

Chief, Clinical Research Branch, Center for Cancer Research, Frederick Cancer Research and Development Center, National Cancer Institute (NCI), 501 W. 7th Street, Room 3, Frederick, MD 21702.

Deputy Branch Chief, Navy Hospital, NCI-Naval Medical Oncology Branch, Center for Cancer Research, National Cancer Institute (NCI), Building 8, Room 5101, Bethesda, MD 20814.

Chief, Pharmaceutical Management Branch, Cancer Therapy Evaluation Program, Division of Cancer Treatment and Diagnosis, National Cancer Institute (NCI), Executive Plaza North, Room 804, 6130 Executive Boulevard, Bethesda, MD 20892.

Director, Extramural Clinical Studies, Frederick Cancer Research and Development Center, National Cancer Institute (NCI), Fort Detrick, Frederick, MD 21702.

Clinical Operations Manager, National Eye Institute (NEI), Building 10, Room 10S224, 10 Center Drive, Bethesda, MD 20892.

Director, Division of Biometry and Epidemiology, National Eye Institute (NEI), Building 31, Room 6A52, 31 Center Drive, Bethesda, MD 20892.Start Printed Page 60780

Associate Director, Office of Clinical Affairs, National Heart, Lung, and Blood Institute (NHLBI), Building 10, Room 8C104,10 Center Drive, Bethesda, MD 20892-1754.

Senior Scientific Advisor, Office of the Director, Division of Epidemiology and Clinical Applications, National Heart, Lung, and Blood Institute (NHLBI), Federal Building, Room 220, 7550 Wisconsin Avenue, Bethesda, MD 20892.

Chief Laboratory of Epidemiology, Demography and Biometry, National Institute on Aging (NIA), Gateway Building, Room 3C309, 7201 Wisconsin Avenue, Bethesda, MD 20892.

Chief, Research Resources Branch, Intramural Research Program, National Institute on Aging (NIA), 5600 Nathan Shock Drive, Baltimore, MD 21224.

Clinical Director, National Institute on Aging (NIA), 5600 Nathan Shock Drive, Baltimore, MD 21224.

Deputy Director, Division of Biometry and Epidemiology, National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building, Room 514, 6000 Executive Boulevard, Bethesda, MD 20892-7003.

Deputy Director, Division of Clinical and Prevention Research, National Institute on Alcohol Abuse and Alcoholism (NIAAA), Willco Building, Room 505, 6000 Executive Boulevard, Bethesda, MD 20892-7003.

Chief, Respiratory Viruses Section, Laboratory of Infectious Diseases, National Institute of Allergy and Infectious Diseases (NIAID), Building 7, Room 106, 7 Memorial Drive, Bethesda, MD 20892.

Chief, Hepatitis Virus Section, Laboratory of Infectious Diseases, National Institute of Allergy and Infectious Diseases (NIAID), Building 7, Room 202, 7 Memorial Drive, Bethesda, MD 20892.

Chief, Biometry Branch, Division of Microbiology and Infectious Diseases, National Institute of Allergy and Infectious Diseases (NIAID), 6700-B Rockledge Drive, Room 3120, Bethesda, MD 20892.

Clinical Director, National Institute of Arthritis and Musculoskeletal and Skin Diseases (NIAMS), Building 10, Room 9S205, 10 Center Drive, Bethesda, MD 20892.

Chief, Contracts Management Branch, National Institute of Child Health and Human Development (NICHD), Executive Plaza North, Room 7A07, 6130 Executive Boulevard, Bethesda, MD 20892.

Director of Intramural Research, National Institute on Deafness and Other Communication Disorders (NIDCD), Building 31, Room 3C02, 31 Center Drive, Bethesda, MD 20892.

Chief, Scientific Programs Branch, National Institute on Deafness and Other Communication Disorders (NIDCD), Executive Plaza South, Room 400C, 6120 Executive Boulevard, Bethesda, MD 20892-7180.

Clinical Director, National Institute of Dental and Craniofacial Research (NIDCR), Building 10, Room 1N117, 10 Center Drive, Bethesda, MD 20892-1191.

Chief, Scientific Review Branch, National Institute of Dental and Craniofacial Research (NIDCR), Building 10, Room 1N117, 10 Center Drive, Bethesda, MD 20892-1191.

Research Psychologist, Gene Therapy and Therapeutics Branch, National Institute of Dental and Craniofacial Research (NIDCR), Building 10, Room 1N105, 10 Center Drive, Bethesda, MD 20892-1190.

Chief, Clinical Investigations, National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), Building 10, Room 9N222, 10 Center Drive, Bethesda, MD 20892.

Chief, Phoenix Clinical Research Section, National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), Phoenix Area Indian Hospital, Room 541, 4212 North 16th Street, Phoenix, AZ 85016.

Chief, Diabetes Research Section, Division of Diabetes, Endocrinology, and Metabolic Diseases, National Institute of Diabetes and Digestive and Kidney Disease (NIDDK), Natcher Building, Room 5AN18G, 45 Center Drive, Bethesda, MD 20892-6600.

Privacy Act Coordinator, Office of Extramural Affairs, National Institute on Drug Abuse (NIDA), 6001 Executive Boulevard, Room 3158, Bethesda, MD 20892-9547.

Chief, Epidemiology Branch, National Institute of Environmental Health Sciences (NIEHS), PO Box 12233, Research Triangle Park, NC 27709.

Director, Intramural Research Program, National Institute of Mental Health (NIMH), Building 10, Room 4N224, 10 Center Drive, Bethesda, MD 20892.

Privacy Act Coordinator, National Institute of Mental Health (NIMH), Neuroscience Center, Room 8102, 6001 Executive Boulevard, Bethesda, MD 20982.

Privacy Act Coordinator, National Institute of Neurological Disorders and Stroke (NINDS), Building 31, Room 8A33, 31 Center Drive, Bethesda, MD 20892.

Chief, Epilepsy Branch, National Institute of Neurological Disorders and Stroke (NINDS), Neuroscience Center, 6001 Executive Boulevard, Suite 2110, Bethesda, MD 20892-9523.

Assistant Director, Clinical Neurosciences Program, Division of Intramural Research, National Institute of Neurological Disorders and Stroke (NINDS), Building 10, Room 5N234, 10 Center Drive, Bethesda, MD 20892.

Acting Chief, Laboratory of Central Nervous Systems Studies, Intramural Research Program, National Institute of Neurological Disorders and Stroke (NINDS), Building 36, Room 4A21, 36 Convent Drive, Bethesda, MD 20892-4123.

Clinical Director, National Human Genome Research Institute (NHGRI), Building 10, Room 10C101D, 10 Center Drive, Bethesda, MD 20892.

Deputy Director, Division of Extramural Research, National Institute of Neurological Disorders and Stroke (NINDS), Neuroscience Center, Room 3307, 6001 Executive Boulevard, Bethesda, MD 20892.

Director, Office of Clinical and Regulatory Affairs, Division of Extramural Research and Training, Democracy Plaza II, Room 401, 6707 Democracy Boulevard, Bethesda, MD 20892-5475.

Privacy Act Coordinator, National Institute of Biomedical Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive, Bethesda, MD 20892-2077.

Privacy Act Coordinator, National Center on Minority Health and Health Disparities (NCMHD), Democracy Plaza II, Room 800, 6707 Democracy Boulevard, Bethesda, MD 20892-5465.

09-25-0202

SYSTEM NAME:

Patient Records on PHS Beneficiaries (1935-1974) and Civilly Committed Drug Abusers (1967-1976) Treated at the PHS Hospitals in Fort Worth, Texas, or Lexington, Kentucky, HHS/NIH/NIDA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Intramural Research Program, National Institute on Drug Abuse (NIDA), National Institutes of Health, Johns Hopkins Bayview Medical Center, P.O. Box 5180, Baltimore, Maryland 21224.

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Washington National Records Center, 4205 Suitland Road, Washington, D.C. 20409.

Iron Mountain, 8200 Preston Court, Suite One, Jessup, MD 20794.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Civilly committed narcotic addicts (1967-1976) and adult PHS beneficiaries (1935-1974) treated at either the PHS hospital in Fort Worth, Texas, or Lexington, Kentucky.

CATEGORIES OF RECORDS IN THE SYSTEM:

Administrative records, such as treatment admission and release dates, name and address, and other demographic data; medical records, such as, but not limited to, medical history information, drug abuse/use data as well as treatment information, any laboratory tests, etc.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Narcotic Addict Rehabilitation Act of 1966, and Narcotic Addict Rehabilitation Amendments of 1971, Titles I and III (42 U.S.C. 3411 et seq. and 28 U.S.C. 2901 et seq.), and Public Health Service Act, Sections 321-326, 341(a) and (c) (42 U.S.C. 248-253, 257(a) and (c)).

PURPOSE(S):

The records were collected originally to monitor the individual's progress while being treated at either of two PHS hospitals and to ensure continuity of that care. These systems are now inactive. The records are used to respond to requests from subject individuals (or his/her designated representative) to (1) establish eligibility for certain Federal benefits for the Start Printed Page 60781individual or his/her dependent(s), and (2) provide information to subsequent health care providers at the request of the individual regarding medical treatment received to ensure continuity of care.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

None.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records at National Institute on Drug Abuse (NIDA) are on microfilm and contain only part of the admission and discharge information. The microfilm is stored in a file cabinet in a locked room. Records sent to Federal Records Center are stored in GSA-approved storage containers.

RETRIEVABILITY:

The administrative records and microfilm are filed by patient name. The medical records are filed either by patient name or by patient's hospital number with a cross-reference list at NIDA matching number to name.

SAFEGUARDS:

1. Authorized Users: Only the System Manager and designated staff.

2. Physical Safeguards: The microfilm is in a room which has limited access, or stored at a security coded warehouse. The room is located in a building with a 24-hour security patrol/television surveillance system. Sign in and out procedures are used at all times. The warehouse has security access; records can only be retrieved by the System Manager or designated staff using a confidential code number. The warehouse is patrolled on a 24-hour basis with television surveillance.

3. Procedural Safeguards: Only the System Manager and his/her staff have access to the microfilm information and have been trained in accordance with the Privacy Act.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

All administrative and medical records have been retired to a Federal Records Center. The records collected under the Narcotic Addict Rehabilitation Act of 1966 will be destroyed when they are 25 years old, which will be in 2001 because the last patient was released from treatment in 1976. The PHS beneficiaries' records will be destroyed at the same time. The records will be shredded in 2003 upon written request from the system manager.

SYSTEM MANAGER(S) AND ADDRESS:

Medical Records Officer, Intramural Research Program, National Institute on Drug Abuse (NIDA), Johns Hopkins Bayview Medical Center, Box 5180, Baltimore, MD 21224.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the address above. An individual may learn if a record exists about himself or herself upon written request with a notarized signature. The request should include, if known: Patient hospital record number, full name or any alias used, patient's address during treatment, birth date, veteran status (if applicable) and approximate dates in treatment, and social security number.

An individual who requests notification of a medical record shall, at the time the request is made, designate in writing a responsible representative who will be willing to review the record and inform the individual of its content at the representative's discretion.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. An individual may also request an accounting of disclosures of his/her record, if any.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above, and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

Patients; patients' drug treatment program counselors; court records; hospital personnel.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0203

SYSTEM NAME:

National Institute on Drug Abuse, Intramural Research Program, Federal Prisoner and Non-Prisoner Research Files, HHS/NIH/NIDA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Intramural Research Program, National Institute on Drug Abuse (NIDA), P.O. Box 5180, Baltimore, MD 21224.

NIDA Warehouse, 5550 Eastern Avenue, Baltimore, MD 21224.

Quest, Pathology Building, 1901 Silver Spring Road, Baltimore, MD 21227.

Federal Records Center, 1557 St. Joseph Avenue, East Point, GA 30344.

Washington National Records Center, 4205 Suitland Road, Washington, DC 20409.

NOVA, Johns Hopkins Bayview Medical Center, Building C, 5500 Nathan Shock Drive, Baltimore, MD 21224.

Iron Mountain, 8200 Preston Court, Suite One, Jessup, MD 20794.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Volunteers, adult males (from 1968 to present), adult females (beginning in l985) and adolescents (ages 13-18, beginning in 1983) and children (neonate to 12 beginning in 1989). Clinical research projects conducted at the Addiction Research Center (ARC). This system also includes records on adult Federal prisoners involved in research projects at ARC when located at Lexington, Kentucky, from 1968-1976, and some records from system 09-30-0020 to be used for statistical research only.

CATEGORIES OF RECORDS IN THE SYSTEM:

The categories of records involved are administrative, medical and research records.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Public Health Service Act, Section 301(a) (42 U.S.C. 241(a)); Sections 341(a) and 344(d) (42 U.S.C. 257(a) and 260(d)); Sections 503 and 515 (42 U.S.C. 290aa-2 and 290cc). These sections authorize the conduct of research in all areas of drug abuse.

PURPOSE(S):

1. To collect and maintain a data base for research activities at NIDA/IRP.

2. To enable Federal drug abuse researchers to evaluate and monitor the subjects' health during participation in a research project. The areas of research include, but are not limited to, biomedical, clinical, behavioral, pharmacological, psychiatric, psycho social, epidemiological, etiological, Start Printed Page 60782statistical, treatment and prevention of narcotic addiction and drug abuse.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. The National Institute on Drug Abuse (NIDA) uses a contractor to recruit volunteers and to screen these individuals for their acceptability to participate in specific research projects, and limits the contractor's access to the records to these procedures. NIDA also uses a contractor to perform routine medical laboratory tests on blood and urine samples. These routine tests verify that the subject is in good health. Both contractors disclose records from this system only to NIDA and are required to maintain Privacy Act safeguards with respect to such records.

2. (a) PHS may inform the sexual and/or needle-sharing partner(s) of a subject individual who is infected with the human immunodeficiency virus (HIV) of their exposure to HIV, under the following circumstances: (1) The information has been obtained in the course of clinical activities at PHS facilities carried out by PHS personnel or contractors; (2) The PHS employee or contractor has made reasonable efforts to counsel and encourage the subject individual to provide the information to the individual's sexual or needle-sharing partner(s); (3) The PHS employee or contractor determines that the subject individual is unlikely to provide the information to the sexual or needle-sharing partner(s) or that the provision of such information cannot reasonably be verified; and (4) The notification of the partner(s) is made, whenever possible, by the subject individual's physician or by a professional counselor and shall follow standard counseling practices.

(b) PHS may disclose information to State or local public health departments, to assist in the notification of the subject individual's sexual and/or needle-sharing partner(s), or in the verification that the subject individual has, notified such sexual or needle-sharing partner(s).

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Data may be stored in file folders or on an internal EISnet, CDS, computer disk, magnetic tape, or microfilm.

RETRIEVABILITY:

Administrative and medical records are indexed and retrieved by the subject's name and identification code number. Research records are indexed and retrieved by the subject's name and identification code number.

SAFEGUARDS:

1. Authorized Users: Only authorized NIDA Intramural Research Program staff are allowed access to these files.

2. Physical Safeguards: Files and file rooms are locked after business hours. Building has electronic controlled entry at all times with a 24-hour guard/television surveillance system. The computer terminals are in a further secured area.

3. Procedural Safeguards: All users of personal information in connection with the performance of their jobs protect information from unauthorized personnel. Access codes to the research records are available only to the Principal Investigator and his/her research team. Access to the records is strictly limited to those staff members trained in accordance with the Privacy Act. The contractor staff members are required to secure the information in accordance with the Privacy Act. Project Officer and contracting officials will monitor contractor compliance.

4. Access to the Clinical Data Warehouse (EISnet): The NIDA IRP computerized medical and research record is strictly limited. All staff must be authorized to use the system and be granted an access code (user name and password) by the system sponsor (NIDA, IRP Chief of Biomedical Informatics). Passwords are required to be changed every six months. Access is limited by job classification and is on a need to know basis only. Data entered is time and date stamped by the staff member's name. Data is not altered once entered. While logged into the system, the name of the staff member is displayed on the screen. An activity log of each use is kept. Data is backed up on a daily basis.

5. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

In addition, because much of the data collected in these research projects are sensitive and confidential, special safeguards have been established. Certificates of confidentiality have been issued under Protection of Identity—Research Subjects Regulations (42 CFR part 2a) to those projects initiated since February 1980. This authorization enables persons engaged in research on mental health, including research on the use and effect of psychoactive drugs, to protect the privacy of research subjects by withholding their names or other identifying characteristics from all persons not connected with the conduct of the research. Persons so authorized may not be compelled in any Federal, State, or local civil, criminal, administrative, legislative, or other proceeding to identify such individuals. In addition, these records are subject to 42 CFR part 2, the Confidentiality of Alcohol and Drug Abuse Patient Records Regulations (42 CFR 2.56), which state: “Where the content of patient records has been disclosed pursuant to these regulations for the purpose of conducting scientific research * * * information contained therein which would directly or indirectly identify any patient may not be disclosed by the recipient thereof either voluntarily or in response to any legal process whether Federal or State.”

RETENTION AND DISPOSAL:

Records will be disposed of in accordance with the NIH Records Control Schedule, i.e., when the records are ten years old or no longer required for administrative or research purposes.

SYSTEM MANAGER(S) AND ADDRESS:

Medical Records Officer, Intramural Research Program, National Institute on Drug Abuse (NIDA), Johns Hopkins Bayview Medical Center, Building C, P.O. Box 5180, Baltimore, MD 21224.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the address above. Provide a notarized signature as proof of identity. This can be waived if the request is made through official Federal, state, or local channels. The request should include the patient's register number and/or the number of years of incarceration (for prisoner subjects), full name at time of participation in the research project, date(s) of research participation, and title of research project or name of drug being studied. An individual who requests notification of a medical record shall, at the time the request is made, designate in writing a responsible representative who will be willing to review the record and inform the subject individual of its contents at the representative's discretion. A parent or legal guardian who requests notification of an adolescent's record shall designate a family physician or other health professional (other than a family member) of the Addiction Research Center staff to whom the record, if any, will be sent. The parent or legal guardian must verify in writing the relationship to the adolescent as well as his/her own identity.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably Start Printed Page 60783specify the record contents being sought. An individual may also request an accounting of disclosures that have been made of his/her records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above and reasonably identify the record, specify the information being contested, and state the corrective action sought and reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

The individual; observations and medical recordings (such as blood pressure, dosage of compound administered, etc.) made by the Principal investigator and his/her research team; system of records number 09-30-0020; drug treatment programs; Bureau of Prisons; case workers; psychiatrists; research laboratories; and pharmacies and hospitals. Many of these records are confidential and privileged communication is guaranteed under Section 344(d) of the PHS Act.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0207

SYSTEM NAME:

Subject-Participants in Pharmacokinetic Studies on Drugs of Abuse and on Treatment Medications, HHS/NIH/NIDA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

University of California, San Francisco, Langley Porter Psychiatric Institute, San Francisco, CA 94143.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Normal, healthy adults who voluntarily participate in studies on the pharmacokinetics and pharmacodynamics of psychoactive drugs at Langley Porter Psychiatric Institute, during the period September 1987 through September 2005.

CATEGORIES OF RECORDS IN THE SYSTEM:

Research records on each subject-participant contain the following information: name; clinician's records including medical history, laboratory test results, physical examinations, psychological profile, and drug use profile; drug study data including records of drugs administered, exposures to radioactivity, and drug reactions; and date of study in which the subject participated.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Public Health Service Act, Sections 301(a), 503 and 405 (42 U.S.C. 241 and 284).

PURPOSE(S):

The primary purpose of this system is to support research on the pharmacokinetics and pharmacodynamics of drugs of abuse as well as treatment drugs. The term “pharmacokinetics” refers to the manner in which the human body processes a drug. “Pharmacodynamics” refers to the manner in which the drug affects the human body.

The clinical investigator used data of a medical nature that is contained in the system to make determinations regarding drug dosages and/or radiochemical exposures appropriate to the individual human subject-participants, in order to preserve and protect the health of each. The system also provides baseline data for studying the drug effects.

The Food and Drug Administration (FDA) also may use the records in routine inspections FDA conducts in accordance with its responsibilities to develop standards on the composition, quality, safety, and efficacy of drugs administered to humans, and to monitor experimental usage of drugs.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. We may disclose to a congressional office the record of an individual in response to a verified inquiry from the congressional office made at the written request of the individual.

2. NIH contractors, use the records in this system to accomplish the research purpose for which the records are collected. The contractors are required to maintain Privacy Act safeguards with respect to such records.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

The contractor maintains the records on paper in file folders.

RETRIEVABILITY:

The contractor indexes and retrieves the records by the subject-participant's name.

SAFEGUARDS:

1. Authorized Users: Only the contract Project Director and his/her research team and the Federal Project Officer and his/her support staff have access to these records.

2. Physical Safeguards: The contractor keeps all records in a locked metal file cabinet in premises with limited accessibility. Only the clinical investigator (Project Director) has the key to the locked files.

3. Procedural Safeguards: Only the contract staff have access to the files. Persons other than subject participants who request individually identifiable data from a record, must provide written consent from the subject participant permitting the requested disclosure. The only exception would be for disclosure to persons or organizations permitted by the Privacy Act, Section 3(B) to obtain personally identifiable data.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook. In addition, the contract staff complies with contractor's (University of California, San Francisco) standard procedures for safeguarding data.

RETENTION AND DISPOSAL:

The records will be kept for at least two years after FDA approves the new drug application for the study medication or the IND is withdrawn. At that time, the NIDA project officer will authorize in writing the clinical investigators to destroy the records by shredding or burning.

SYSTEM MANAGER(S) AND ADDRESS:

Project Officer, Pharmacokinetic Studies on Drugs of Abuse, Medications Development Division, National Institute on Drug Abuse (NIDA), Neuroscience Center, Room 4123, 6001 Executive Boulevard, Bethesda, MD 20892-9551.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager listed above.

Provide the following information: subject-participant's full name and a letter of request (or permission, if the requester is not the subject-participant) with notarized signature of the individual who is the subject of the record, approximate date(s) of experiment(s) in which the individual participated, and drug name (if known). In addition, an individual who requests notification of, or access to, a medical record shall, at the time the request is made, designate in writing a responsible Start Printed Page 60784representative who will be willing to review the record and inform the subject individual of its content at the representative's discretion.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. An individual may also request an accounting of disclosures of his/her record, if any.

CONTESTING RECORD PROCEDURE:

Contact the System Manager at the address above and reasonably identify the record, specify the information to be contested, the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

The subject-participants and the contractor personnel conducting the research studies.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0208

SYSTEM NAME:

Drug Abuse Treatment Outcome Study (DATOS), HHS/NIH/NIDA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Research Triangle Institute, Center for Social Research and Policy Analysis, Research Triangle Park, NC 27709.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Voluntary adult clients of Federally-funded treatment programs, including Treatment Alternative Street Crime (TASC) Programs of the Department of Justice, who requested to be included in TOPS from 1979 through 1986. New data collected from voluntary adults/adolescent clients of public and private funded-treatment programs beginning in 1991 and will continue through 1997.

CATEGORIES OF RECORDS IN THE SYSTEM:

The categories are: demographic data, treatment outcome data, treatment process data, client locator information, and personal identifiers (name and assigned numerical identifier).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Public Health Service Act, Sections 301 and 405 (42 U.S.C. 241 and 284.)

PURPOSE(S):

The purpose of the system is to compile information on drug abusers in drug abuse treatment programs in order to derive information on the treatment environments and abusers' behaviors and characteristics subsequent to treatment. Researchers and drug abuse service providers may use the aggregate data to address issues and generate hypotheses to understand better the interactions among the client and community.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Within the restrictions set forth in HHS regulations concerning the confidentiality of drug abuse patient records (42 CFR 2.56), we may disclose a record for a research purpose, when the Department: (a) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (b) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (c) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except: (A) In emergency circumstances affecting the health or safety of any individual, (B) for use in another research project, under these same conditions, and with written authorization of the Department, (C) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (D) when required by law; (d) has secured a written statement attesting to the recipient's understanding of, and willingness to, abide by these provisions.

2. The Research Triangle Institute, an NIH contractor, uses the records in this system to accomplish the research purpose for which the records are collected. In the event of followup studies or continuation studies because the contract has been terminated for convenience by the Government, we may disclose records in this system to a subsequent NIH contractor. We would require the new contractor to maintain Privacy Act safeguards with respect to such records.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Interview forms, magnetic tapes, and disks.

RETRIEVABILITY:

Records are indexed and retrieved by unique alpha numerical identifier. In order to relate the data collected to specific individuals, one must use the link file discussed under Safeguards.

SAFEGUARDS:

1. Authorized Users: Contractor personnel, the agency project officer, and agency employees whose duties require the use of the information in the system.

2. Physical Safeguards: The data management task leader, the project leader, or the project director provide technical supervision of all data collection and processing activities. Individually identified forms are stored in a secure, vault-like room provided for this purpose. Authorized personnel have access to the room by one locked door with controlled entry, i.e., only on the written authority of the professional staff member in charge. Computerized records are kept in a vault area with limited accession.

3. Procedural Safeguards: Because some of the data collected in this study, such as data on drug use, are sensitive and confidential, special safeguards have been established. A Certificate of Confidentiality has been issued under 42 CFR part 2a. This authorization enables persons engaged in research on mental health, including research on the use and effect of psychoactive drugs, to protect the privacy of research subjects by withholding the names or other identifying characteristics from all persons not connected with the conduct of the research. Persons so authorized may not be compelled in any Federal, State, or local civil, criminal, administrative, legislative, or other proceedings to identify such individuals. In addition, these records are subject to 42 CFR part 2, the Confidentiality of Alcohol and Drug Abuse Patient Records Regulations (42 CFR 2.56), which state: “Where the content of patient records has been disclosed pursuant to (these regulations) for the purpose of conducting scientific research * * *. information contained Start Printed Page 60785therein which would directly or indirectly identify any patient may not be disclosed by the recipient thereof either voluntarily or in response to any legal process whether Federal or State.”

Another safeguard is that the forms containing subject identification information for client followup and data matching purposes do not include any reference to the purpose of the study.

Identification and location information is kept separate from any information that would suggest that the respondent has been in a drug treatment program.

Information on completed forms is entered immediately on the computer. Completed forms and computerized data are released only to authorized persons. Only aggregate data are provided and used in the preparation of necessary and appropriate reports.

A link file system is used. This system has three components: (1) Personal information, (2) data base information, and (3) the link file, which contains identifying number pairs which can be used to match data with individuals. The advantage of this system is that the data base can be used directly for report generation, etc., without the use of decrypting subroutines or access to the personal information or matching link files.

In addition, the computer center being utilized has developed an extensive security system to protect computer account codes and data. This system is described in a publication that is available from the System manager upon request.

We do not anticipate any disclosure of individually identifiable information to other persons or organizations within the Department of Health and Human Services. Nor does the contractor provide individually identification information to the Department of Justice, with which NIDA has a cooperative agreement for this study.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook. In addition, project staff complies with the contractor's (Research Triangle Institute) standard procedures for safeguarding data.

The contractor provides only aggregate information to NIDA.

RETENTION AND DISPOSAL:

The contractor destroys interview forms by shredding or burning immediately after contractor staff have completed and verified direct entry on magnetic tape or disk storage. The contractor will destroy individual identification and location data by shredding or burning, under the explicit written authorization of the System manager, which is anticipated to be no longer than five years after the termination of the study unless the information is needed for research purposes. We will retain aggregate data tapes for research purposes. These tapes will not have any individually identifiable information. In accordance with the NIH Records Control Schedule, these tapes will be retained for five years after completion of the project (approximately 2002). At that time, the tapes will be retired to the Federal Records Center and destroyed when they are ten years old or when they are no longer needed for research purposes.

SYSTEM MANAGER(S) AND ADDRESS:

Drug Abuse Treatment Outcome Study (DATOS), Project Officer, Services Research Branch, Division of Epidemiology, Services, and Prevention Research, National Institute on Drug Abuse (NIDA), Neuroscience Center, Room 4222, 6001 Executive Boulevard, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the address above. An individual may learn if a record exists about himself/herself upon written request, with notarized signature. The request should include, if known, name of the researcher, location of the research site, approximate date of data collection, any alias used, and subject identification number.

An individual who requests notification of a medical record shall, at the time the request in made, designate in writing a responsible representative who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or legal guardian who requests notification of an adolescent's record shall designate a family physician or other health professional (other than a family member) of the Division of Clinical Research staff to whom the record, if any, will be sent. The parent or legal guardian must verify in writing the relationship to the adolescent as well as his/her own identity.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. An individual may also request an accounting of disclosures of his/her record, if any.

Persons other than subject individuals, who request individually identifiable data from a record must provide written consent from the subject individual permitting the requested disclosure. The only exception (if not in conflict with confidentiality regulations) would be for disclosure to persons or organizations permitted by the Privacy Act, section 3(b), to obtain personally identifiable data.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above and reasonably identify the record, specify the information being contested, the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

Research subjects, and staff in participating drug abuse treatment programs, written clinical evaluations, counselors, psychiatrists, psychotherapists, family members, research assistants, hospitals.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0209

SYSTEM NAME:

Subject-Participants in Drug Abuse Research Studies on Drug Dependence and in Research Supporting Investigational New Drug and New Drug Applications, HHS/NIH/NIDA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Veterans Administration Hospital, Cooperative Studies Program, Department of Veterans Medical Center, Perry Point, MD 21902.

Division of Treatment Research and Development, National Institute on Drug Abuse (NIDA), Neuroscience Center, Room 4123, 6001 Executive Boulevard, Bethesda, MD 20892.

Division of Intramural Research Programs, National Institute on Drug Abuse (NIDA), 4940 Eastern Avenue, Baltimore, MD 21224.

Write to the System Manager at the address below for the address of any new locations where records from this system may be stored.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Voluntary clients of Federally funded and other drug abuse treatment Start Printed Page 60786programs who have requested to receive investigational new or marketed drugs, such as but not limited to, naltrexone, levo-alpha acetylmethadol (LAAM), buprenorphine, disulfiram, selegiline, bupropion, and GBR-12909 as part of their treatment. Data collection will continue through calendar year 2010.

CATEGORIES OF RECORDS IN THE SYSTEM:

Demographic data, treatment outcome data, treatment process data, client locator information, and personal identifiers (name and assigned numerical identifier).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Public Health Service Act, Sections 301, 464p, and 405 (42 U.S.C. 241, and 284).

PURPOSE(S):

1. To maintain information on the safety and effectiveness of drugs for treatment of drug dependence with or without abuse potential in various treatment environments and modalities and changes in the behavior and characteristics of drug abusers who received these substances as part of their treatment regimen.

2. To provide data required by the Food and Drug Administration (FDA) to support research on drug dependence, Investigational New Drug Applications (INDs) and potential New Drug Applications (NDAs) for various drugs, and to treat drug dependence with or without abuse potential. A new drug application is a notice to FDA that a pharmaceutical company believes they have enough data to demonstrate the safety and efficacy of a substance to satisfy FDA for marketing the substance. FDA may also use the records in routine inspections that FDA conducts in accordance with its responsibilities to develop standards on the composition, quality, safety and efficacy of drugs administered to humans, and to monitor experimental usage of drugs.

3. To conduct research on the pharmacology, toxicology, and behavioral characteristics of drugs of abuse alone or in combination with proposed treatment drugs.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

NIH contractor(s) and/or interagency collaborators (i.e. Department of Veteran's Affairs) use the records in the system to accomplish the research and development purposes for which the records were collected. In the event of a followup study or continuation study, the responsible project officer may disclose records in this system to a subsequent NIH contractor(s). Any new contractor(s) is and would be required to maintain Privacy Act safeguards with respect to such records and to comply with the confidentiality restrictions of 42 CFR part 2.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Interview and assessment forms, video tapes, magnetic tapes, disks and microfiche in boxes in closed cabinets in a locked room with limited accessibility.

RETRIEVABILITY:

The records are indexed and retrieved by subject-participant's name code (i.e., initials—not name) and unique numerical identifier. In order to relate the data collected to specific individuals, however, one must use the link file discussed under safeguards.

SAFEGUARDS:

1. Authorized Users: For all of the studies, the System Manager or Federal Project Officer and only authorized contract staff have access to the records (computerized and hard copy files) in the system. The contractor provides only aggregate data in reports to NIDA, FDA, or the public. Only the NIDA personnel mentioned previously and selected authorized contract staff, have access to the stored records. A certificate of confidentiality is issued to researchers conducting these studies under 42 CFR, part 2, Protection of Identity—Research Subjects. This authorization enables persons engaged in research on mental health, including research on the use and effect of psychoactive drugs, to protect the privacy of research subjects by withholding the names or other identifying characteristics from all persons not connected with the conduct of the research. Persons so authorized may not be compelled in any Federal, State or local civil, criminal, administrative, legislative, or other proceedings to identify such individuals. These regulations do not prohibit voluntary disclosure by the researcher. However, the records of these studies also are subject to 42 CFR part 2, the Confidentiality of Alcohol and Drug Abuse Patient Records Regulations (42 CFR part 56), which state: Where the content of patient records has been disclosed. Pursuant to (these regulations) for the purpose of conducting scientific research * * * information contained therein which would directly or indirectly identify any patient may not be disclosed by the recipient thereof either voluntarily of in response to any legal process whether Federal or State.” The contractor's institutional review board reviewed and approved the safeguards described above in accordance with 45 CFR part 46 on the Protection of Human Subjects.

2. Physical Safeguards: For the study records, the contractor(s) stored individually identified forms in a locked room with controlled entry, i.e., only on written authority of the professional staff member in charge of data handling and processing). The contractor staff enters the collected information onto computer systems or disks as soon after contact with the subject-participant as possible, and stores the computerized records in a secured area with access limited as above.

For the study records, NIDA stores any individually identified forms in a lockable cabinet in a secure room. Only authorized NIDA personnel (i.e., select members of the Division of Treatment Research and Development professional staff and their support staff have access to the room with controlled entry. The room is in a building which has a 24-hour guard/television surveillance system and has controlled entry (picture identification sign in and out procedures) before and after normal working hours.

Another safeguard for these studies is that the forms containing subject identification information do not include any reference to the purpose of the study. The identification information is separate from any information that would suggest that the respondent is or has been in a drug abuse treatment program. In addition, the computer centers being utilized for data analyses have developed an extensive security system to protect computer account codes and data.

3. Procedural Safeguards: Access to the computerized records of the studies is protected by a computerized password routine which is changed

periodically. In addition, the project staff complies with the contractor's standard procedures for safeguarding data. The link file system that identifies individuals with personal data has three components: (1) Identification information, (2) data base information, and (3) the link file, which contains identifying number pairs which match data with individuals. The advantage of this system is that one may use the baseline data directly for report generation, etc., without using the subroutines or accessing the personal information or link files.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS Start Printed Page 60787General Administration Manual, sbull I11“Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

NIDA will destroy identifiable information by shredding or burning when it is no longer needed for analysis or research purposes; then the tapes, and/or other electronic media, will be erased. NIDA will destroy individual identification and match-up information from other studies by shredding or burning five years after FDA completes the review and approves the new drug applications or when they are no longer needed for research purposes.

NIDA will retain the aggregate data tapes, and/or other electronic media, and/or paper records from studies for research purposes. These tapes will not have any individually identifiable information. In accordance with the FDA regulations governing new drug applications, the aggregate tapes will be retained for at least two years after FDA approves the new drug applications or the IND is withdrawn. At that time, the tapes will be retired to the Federal Records Center and destroyed when they are five years old or when they are no longer needed for research purposes.

SYSTEM MANAGER(S) AND ADDRESS:

Chief, Regulatory Affairs Branch, Division of Treatment Research and Development, National Institute on Drug Abuse (NIDA), Neuroscience Center, Room 4123, 6001 Executive Boulevard, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

An individual may determine if a record exists about himself/herself upon written request, with notarized signature if request is made by mail, or with suitable identification if request is made in person, to the appropriate system manager at the address above. The following information should be included, if known: subject-participant's full name and a letter of request with notarized signature of the subject-participant of the record, any alias used, subject-participant's identification number, name of the researcher, name of clinic or research center, name of substance, and approximate date of study participation.

An individual who requests notification of a medical record must, at the time the request is made, designate in writing a responsible representative who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. An individual may also request an accounting of disclosures of his/her record, if any.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above and reasonably identify the record, specify the information being contested, the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

Research subject-participants, staff in the participating drug abuse treatment programs, written clinical evaluations, private physicians, counselors, psychiatrists, psychotherapists, family members, research assistants, and hospital records.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0210

SYSTEM NAME:

Shipment Records of Drugs of Abuse to Authorized Researchers, HHS/NIH/NIDA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Chemistry and Physiological Systems Research Branch (CPSRB), Division of Neuroscience and Behavioral Research, National Institute on Drug Abuse (NIDA), Neuroscience Center, Room 4282, 6001 Executive Boulevard, Bethesda, MD 20892-9555.

Research Triangle Institute, Research Triangle Park, NC 27709.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individual researchers and organizations who are registered with the Drug Enforcement Administration (DEA), Department of Justice (DOJ), some since 1966, and who have voluntarily submitted documentation to the National Institute on Drug Abuse (NIDA) in order to obtain, through the NIDA Drug Supply Program (DSP), drugs of abuse for use in a research project.

CATEGORIES OF RECORDS IN THE SYSTEM:

While the records in this system are research project-related, they support the eligibility of individual researchers to receive drugs of abuse. Types of information contained in the records are: researcher's name, curricula vitae, research protocol, DEA and (if applicable) Nuclear Regulatory Commission registration numbers (when a radio labeled compound is requested and shipped), business address (location of research project) and telephone number, summary of research project(s), requests for substance(s), name and amount of each compound requested and shipped, dates material is shipped and received, shipment numbers, and order form numbers.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Public Health Service Act, sections 301, and 405 (42 U.S.C. 241 and 284); Controlled Substances Act of 1970 (21 U.S.C. 801 et seq.); Atomic Energy Act of 1954, as amended, section 81 (42 U.S.C 2111); and Energy Reorganization Act of 1974, section 201 (42 U.S.C. 5841).

PURPOSE(S):

To facilitate operation of DSP which is a centralized research support service through which the United States Government supplies to the national and international scientific community for research purposes, most Schedule I and many Schedule II-V controlled and noncontrolled substances as specified in the Controlled Substances Act (CSA) of 1970 (21 U.S.C. 801 et seq.). Controlled substances are chemicals and other substances, and their immediate precursors, that the Attorney General has determined to have such potential for abuse as to warrant regulation under the CSA. Some of these substances are radio labeled materials. Radio labeled materials are substances to which a small amount of radioactivity is added for use in various studies, such as drug metabolism and mechanisms of drug actions.

This system of records was established to facilitate DSP by enabling NIDA:

1. To verify that requests for drugs of abuse, some of which are radio labeled, are from authorized individuals/organizations for use in a research project;

2. To verify that the amounts of the materials requested by researchers for animal, in vivo, and in vitro research are justified and available;

3. To supply controlled substances in amounts approved by the Food and Drug Administration (FDA) to researchers conducting research with human subjects;

4. To ship these materials securely in accordance with CSA and the Atomic Energy Act; and Start Printed Page 60788

5. To maintain records of these transactions.

FDA also may use the records in routine inspections in accordance with FDA's responsibilities to develop standards on the composition, safety, and efficacy of drugs administered to humans, and to monitor experimental usage of drugs.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. We may disclose the record of an individual to a congressional office in response to a verified inquiry from the congressional office made at the written request of the individual.

2. We may disclose information to DEA, DOJ, to enable DEA to carry out its responsibilities as described in the Controlled Substances Act of 1970.

3. An NIH contractor routinely uses the records in this system to ship controlled substances to authorized recipients. Such contractor is required to maintain Privacy Act safeguards with respect to these records.

4. An NIH contractor may have access to the records in this system in the performance of its software modification/correction tasks specified in its contract. Such contractor is required to maintain Privacy Act safeguards with respect to these records.

5. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when (a) HHS, or any component thereof; or (b) any HHS employee in his or her official capacity; or (c) any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or (d) the United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components, is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

NIDA maintains “hard copy” records in file folders and automated records on computer disk.

RETRIEVABILITY:

Authorized NIDA and contractor personnel index and retrieve the computerized records by a researcher code number assigned by a computer program at the time a new record is established. Authorized NIDA personnel index and retrieve “hard copy” records by researcher's name. NIDA maintains a computerized, alphabetical cross-reference list that matches names and numbers.

SAFEGUARDS:

1. Authorized Users: The Chief, CPSR Branch and his or her support staff, program assistant and clerk-typist, and the contracts' project directors and their support staffs have access to the records.

2. Physical Safeguards: The “hard copy” records and main computer are physically located at the Neuroscience Center, Bethesda, Maryland. The computerized records are kept in a room with limited admittance. The room is locked after working hours. The “hard copy” records are stored in locked file cabinets in a room with very limited admittance. This room is also locked after working hours. The Neuroscience Center has a 24-hour guard patrol service.

3. Procedural Safeguards: The terminals are housed in a secured work area with limited admittance. Contract personnel use a password identification system to obtain access; NIDA changes the passwords periodically.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

NIDA maintains an individual's record for five years after the researcher's last request for, or shipment of, a drug of abuse. We consider the record inactive after that, and erase it from the computer disk by a delete routine. The delete routine automatically deletes the computerized cross-reference as well. We destroy the “hard copy” record by shredding. The system is checked once a year for inactive records.

SYSTEM MANAGER(S) AND ADDRESS:

Program Director, Drug Supply Program, Chemistry and Physiological Systems Research Branch, Division of Neuroscience and Behavioral Research, National Institute on Drug Abuse (NIDA), Neuroscience Center, Room 4282, 6001 Executive Boulevard, Bethesda, MD 20892-9555.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the address above. An individual may learn if a record exists about himself or herself upon written request. The request should include the researcher's name and business address at the time of last shipment. The request must be signed in ink by the individual researcher. Verifiable proof of identity is required.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. An individual may also request an accounting of disclosures of his/her record, if any.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above and reasonably identify the record, specify the information being contested, the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

Initial source is the individual researcher. Some of the DEA registration information provided by a researcher is verified through a DEA computer check. FDA provides information concerning type and amount of controlled substance(s) to be shipped to an individual researcher for research projects involving human subjects.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0211

SYSTEM NAME:

Intramural Research Program Records of In- and Out-Patients with Various Types of Alcohol Abuse and Dependence, Relatives of Patients with Alcoholism, and Healthy Volunteers, HHS/NIH/NIAAA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

A list of specific project sites is available from the System Manager.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

In- and out-patients with alcohol abuse and dependence, alcohol-induced organic brain syndromes; their relatives; and healthy volunteers. Start Printed Page 60789

CATEGORIES OF RECORDS IN THE SYSTEM:

Research data of wide variety including biochemical measures, psychophysiological and psychological tests, questionnaires, clinical and behavioral observations and interviews, physical examinations, and correspondence.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Public Health Service Act, as amended, sections 301 (42 U.S.C. 241) and 510 (42 U.S.C. 290bb). These sections authorize the conduct of general health research and research into alcoholism and alcohol abuse.

PURPOSE(S):

These records are used for diagnosis and treatment of patients with alcohol abuse and dependence and related conditions; behavioral research relating to the causes, diagnoses, and treatment of addictions; and basic research on behavioral and biological processes.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

Records in this system are covered by section 527 of the Public Health Service Act (42 U.S.C. 290ee-3) and 42 CFR, chapter I, subchapter A, part 2, on confidentiality of alcohol and drug abuse patient records. In accordance with these regulations, the records are confidential and may only be disclosed with the written consent of the patient with specific restrictions, and without the patient's consent in the following instances: (1) To medical personnel to the extent necessary to meet a bona fide emergency; (2) to qualified personnel for the purpose of conducting scientific research; or (3) if authorized by an appropriate order of a court of competent jurisdiction granted after application showing good cause therefore, after certain considerations, and with appropriate safeguards. Routine uses of information in this system are limited to the following:

1. A record may be disclosed for a research purpose, when the Department: (a) Has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (b) Has determined that the research purpose: (1) Cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) warrants the risk to the privacy of the individual that additional exposure of the record might bring; (c) has required the recipient to—(1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, and (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and (3) make no further use or disclosure of the record except—(A) in emergency circumstances affecting the health or safety of any individual, (B) for use in another research project, under these same conditions, and with written authorization of the Department, (C) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (D) when required by law; (d) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

2. Disclosure may be made to a congressional office from the record of an individual in response to a verified inquiry from the congressional office at the written request of that individual, in accordance with 42 CFR, chapter I, subchapter A, part 2. Records may be disclosed to student volunteers, individuals working under a personal services contract, and other individuals performing functions for PHS who do not technically have the status of agency employees, if they need the records in the performance of their agency functions.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records may be stored in file folders, on index cards, computer tapes and disks, microfiche, microfilm and audio and video tapes. Normally the factual data, with study code numbers, are stored on computer tape or disk, while the key to personal identifiers is stored separately, without factual data, in paper files.

RETRIEVABILITY:

During data collection stages and followup, retrieval by personal identifier (e.g., name or medical record number) is necessary. During the data analysis stage, data are normally retrieved by variables of interest, e.g., age, diagnosis, etc.

SAFEGUARDS:

Measures to prevent unauthorized disclosures are implemented as appropriate for the particular records maintained in each project. Depending on the sensitivity of the project, additional safeguards may be added.

1. Authorized Users: Only NIAAA medical and research staff have access to these records, as authorized by the system manager.

2. Physical Safeguards: Records are stored in locked rooms, locked file cabinets, and/or secured computer facilities. Personal identifiers and link codes are separated as much as possible and stored in locked files.

3. Procedural Safeguards: Collection and maintenance of data are consistent with legislation and regulations for protection of human subjects, informed consent, confidentiality, and confidentiality specific to drug and alcohol abuse patients. Computer data access is limited through the use of key words, a series of account numbers, and passwords which are changed frequently and known only to authorized personnel.

4. Implementation Guidelines: These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records,” supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are held for five years after completion of the project, retired to a Federal Records Center, and subsequently disposed of after ten years.

SYSTEM MANAGER(S) AND ADDRESS:

Clinical Director, Laboratory of Clinical Studies, Division of Intramural Clinical and Biological Research, National Institute on Drug Abuse (NIDA), Building 10, Room 3B-19, 10 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

To determine if a record exists, write to the System Manager at the address above. Provide notarized signature as proof of identity. The request should include as much of the following information as possible: (a) Full name; (b) nature of illness (if any); (c) title of study; (d) name of researcher conducting study. An individual who requests notification of or access to a medical/dental record shall, at the time the request is made, designate in writing a responsible representative who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.

A parent or guardian who requests notification of child's/incompetent Start Printed Page 60790person's record shall at the time the request is made designate a family physician or other health professional (other than a family member) to whom the record, if any, will be sent. The designee will receive the record in all cases and upon review will determine whether the record should be made available to the parent or guardian.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request an accounting of disclosures of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official at the address specified under Notification Procedures above and reasonably identify the record, specify the information being contested, and state the corrective action sought, with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

RECORD SOURCE CATEGORIES:

Information gathered from individuals under study, either patient or normal subject, contract surveys, hospital records, medical and nursing staff notes, and from Privacy Act system of records 09-25-0099, “Clinical Research: Patient Medical Records, HHS/NIH/CC.”

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

09-25-0213

SYSTEM NAME:

Administration: Employee Conduct Investigative Records, HHS/NIH/OD/OM/OA/OMA.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Office of Management Assessment, Office of Administration, Office of Management, Office of the Director (OD), 6011 Executive Boulevard, Room 601, Bethesda, MD 20892-7669.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Individuals who are alleged or suspected to have violated NIH or Departmental regulations or Federal statutes and are: personnel employed by the Federal Government who are under a career, career conditional, or other type of appointment; personnel working under Intergovernmental Personnel Act assignments; Guest Researchers; Volunteers; Individuals on Temporary Appointments (including student appointments); Fogarty International Center Scholars; Staff Fellows; Intramural Research Training Award Fellows; IC Fellowship Award Recipients; Visiting Associates, Scientists, and Fellows; Commissioned Corps; individuals who receive funding through or have responsibility for NIH sponsored grants, contracts, or cooperative agreements and other individuals who transact or seek to transact business with NIH or HHS or use the facilities of those agencies.

CATEGORIES OF RECORDS IN THE SYSTEM:

This system includes records relating to correspondence concerning an individual's employment status or conduct while employed by or working at NIH. Examples of these records include: Correspondence from employees, members of Congress and members of the public alleging misconduct by an official of NIH. It also contains reports of investigations to resolve allegations of misconduct or violations of statutes, with related exhibits of statements, affidavits or records obtained during the investigation; reports of action taken by management; decisions on any misconduct substantiated by the investigation; and reports of legal action resulting from violations of statutes referred for prosecution.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 301, 302; 42 U.S.C. 203, 282; 44 U.S.C. 3101; E.O. 10450

PURPOSE(S):

To document reviews and investigations undertaken by the Office of Management Assessment, NIH to provide management or the Office of Inspector General, Office of the Secretary, HHS with information needed to take action to resolve complaints of misconduct or alleged violations of statutes, regulations, policies, or the terms and conditions of funding.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained, if the disclosure does not compromise the investigative activities of the Office of Management Assessment.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity where the Department of Justice has agreed to represent the employee; or (c) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records by the Department of Justice is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.

3. Disclosure may be made to a court or adjudicative body in a proceeding when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity; or (c) any employee of the agency in his or her individual capacity where the agency has agreed to represent the employee; or (d) the United states Government, is a party to the proceeding or has an interest in such proceeding, and by careful review, the agency determines that the records are both relevant and necessary to the proceeding and the use of such records is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.

4. When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule, or order issued pursuant thereto, disclosure may be made to the appropriate agency, whether Federal, foreign, State, local, or tribal, or other public authority responsible for enforcing, investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation, or order issued pursuant thereto, if the information disclosed is relevant to any enforcement, regulatory, investigative or prosecutorial responsibility of the receiving entity.

5. Disclosure may be made to a Federal, State, local, foreign, or tribal or other public authority of any portion of this system of records that contains information relevant to the retention of an employee, the retention of a security clearance, the letting of a contract, or the issuance or retention of a license, grant, or other benefit. The other agency or licensing organization may then make a request supported by the written consent of the individual for the entire record if it so chooses. No disclosure Start Printed Page 60791will be made unless the information has been determined to be sufficiently reliable to support a referral to another office within the agency or to another Federal agency for criminal, civil, administrative, personnel, or regulatory action.

6. Disclosure may be made to Federal, State, local or foreign agency maintaining, civil, criminal, or other relevant enforcement records, or other pertinent records, or to another public authority or professional organization, if necessary to obtain information relevant to an investigation concerning the retention of an employee or other personnel action, the issuance or retention of a security clearance, the letting of a contract, or the issuance or retention of a grant, or other benefit.

7. Where Federal agencies having the power to subpoena other Federal agencies' records, such as the Internal Revenue Service or the Civil Rights Commission, issue a subpoena to the Department for records in this system of records, the Department is authorized to make such records available.

8. Disclosure may be made to agency contractors, experts, or consultants who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, pursuant to 5 U.S.C. 552a(m).

9. Disclosure may be made in the course of employee discipline or competence determination proceedings.

10. Disclosure may be made to representatives of an awardee of an NIH grant, contract, or cooperative agreement that is the subject of an investigation by Office of Management Assessment, NIH.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored on paper forms in file folders, file cards, magnetic tapes, magnetic disks, optical disks and/or other types of data storage devices.

RETRIEVABILITY:

Records are retrieved by a unique classification number; name of the victim, accused, or complainant, date of birth, social security number; and by the nature of the incident and/or time of occurrence.

SAFEGUARDS:

1. Authorized Users: Data on computer files is accessed by keyword known only to authorized users who are Office of Management Assessment employees or contractor staff who have a need for the data in the performance of their duties as determined by the system manager.

2. Physical Safeguards: Access to the restricted office area containing the rooms where records are stored is controlled through the use of door locks. Only authorized users have the keys to these locks. During regular business hours, rooms in this restricted area are unlocked but entry is controlled by on-site personnel. Rooms where records are stored are locked when not in use. Individually identifiable records are kept in locked file cabinets or in locked rooms under the direct control of the system manager or his/her delegated representatives.

3. Procedural and Technical Safeguards: Computer records are accessible only through a series of code or keyword commands available from and under direct control of the system manager or his/her delegated representatives. These records are secured by a multiple-level security system which is capable of controlling access to the individual data field level. Persons having access to the computer database can be restricted to a confined application which permits only a narrow “view” of the data. All authorized users of personal information in connection with the performance of their jobs (see Authorized Users, above) protect information from public view and from unauthorized personnel entering an unsupervised area/office. These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, supplementary Chapter PHS hf: 45-13, the Department's Automated Information Systems Security Program Handbook, and the National Institute of Standards and Technology Federal Information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31).

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in Manual Chapter 1743, Appendix 1—“Keeping and Destroying Records” (HHS Records Management Manual, Appendix B-361): item 1700-A-4, which allows records to be kept permanently when involving extensive litigation; five years for minor infractions or improprieties when final recommendation is that no action be taken, or 20 years for all other. Refer to the NIH Manual Chapter for specific retention and disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS:

Director, Office of Management Assessment, Office of Administration, Office of Management, Office of the Director (OD), 6011 Executive Boulevard, Room 601, MSC 7669, Bethesda, Maryland 20892-7669.

NOTIFICATION PROCEDURE:

This system is exempt from the notification requirements. However, consideration will be given to requests addressed to the system manager listed above. The requestor must verify his or her identity by providing either a notarization of the request or a written certification that the requestor is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine. The request should include: (a) Full name, (b) address, and, (c) year of records in question.

RECORD ACCESS PROCEDURE:

This system is exempt from the access requirements. However, consideration will be given to requests addressed to the System Manager listed above. The requestor must verify his or her identity by providing either a notarization of the request or a written certification that the requestor is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand dollar fine. The request should include: (a) full name, (b) address, and, (c) year of records in question. Requesters should also reasonably specify the record contents being sought. Although the system is exempt, individuals may, upon request, receive records from this system and an accounting of disclosure of their records, if the system manager determines that disclosure would not compromise the investigative activities of the Office of Management Assessment, NIH.

CONTESTING RECORD PROCEDURE:

Exempt. However, consideration will be given requests addressed to the System Manager. Requests for corrections should reasonably identify the record and specify the information being contested, and state the corrective action sought with supporting information. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).Start Printed Page 60792

RECORD SOURCE CATEGORIES:

Departmental and other Federal, State, and local government records; subjects of investigations, complaints, witnesses; documents and other material furnished by non-government sources; and personal observations by the investigator.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

This system has been exempted pursuant to 5 U.S.C. 552a(k)(2) of the Privacy Act from the access, notification, correction, and amendment provisions of the Privacy Act (5 U.S.C. 552a(c)(3), (d)(1)-(4), (e)(1), (e)(4)(G) and (H) and (f)), because it consists of investigatory material compiled for law enforcement purposes. Individual access to these files could impair investigations and alert subjects of investigations that their activities are being scrutinized, thereby allowing them time to take measures to prevent detection of illegal action or to escape prosecution. Disclosure of investigative techniques/procedures and the existence and identity of confidential sources of information could jeopardize investigative activities. However, any individual who has been denied any right, privilege, or benefit for which he/she would otherwise be entitled or be eligible, as a result of the maintenance of such material, will be given access to the material, except to the extent that the disclosure of the material would reveal the identity of a source who furnished information to the Government under an express promise that the identity of such source would be held in confidence. The system is also exempted from (k)(5) of the Privacy Act in order to allow the agency to exempt from individual access, investigatory materials compiled for the purpose of determining suitability, eligibility, or qualification for federal employment or financial assistance if release of the material would disclose the identity of a confidential source who furnished information to the Government under an express promise that the identity of the source would be held in confidence.

09-25-0216

SYSTEM NAME:

Administration: NIH Electronic Directory, HHS/NIH.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Records are maintained in databases located within the NIH computer facilities and the files of NIH functional offices required to identify individuals in order to manage the federal resources and authorities assigned to them. A current list of sites, including the address of any Federal Records Center where records from this system may be stored, is available by writing the system manager listed under Notification Procedure below.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Users of NIH resources and services including but not limited to: current and past NIH employees, contractors, tenants of NIH facilities, participants in the NIH visiting programs, registered users of NIH computer facilities, grantees, reviewers, council members, collaborators, vendors, and parking permit holders. This system does not cover patients and visitors to the NIH Clinical Center.

CATEGORIES OF RECORDS IN THE SYSTEM:

This system is a source system that provides identification data to a variety of directory services at NIH that share comparable information and assign or relate dedicated federal resources to individuals. This system provides for a central directory that allows NIH to manage NIH corporate business processes and electronic commerce. The types of personal information in this directory are necessary to ensure the accurate identification of individuals doing business in or with the National Institutes of Health. The types of personal information included in this directory are: Name, alias names, date of birth, place of birth, social security number, gender, home address, home phone number, home FAX number, personal pager number, personal mobile phone number, personal email address, emergency contacts, photograph, digitized written signature, digitized biometrics, and NIH-assigned unique identifier. Public data refers to non-sensitive information readily available to the general public (e.g., name, building, room number, and work phone). Non-public data refers to sensitive/confidential information or data for which access is limited to appropriate staff with a valid need-to-know in the performance of their official job duties, or as outlined in the routine uses for disclosure (e.g., social security number, gender, home address, date of birth, place of birth).

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. 301 and 302, 44 U.S.C. 3101 and 3102, Executive Order 9397.

PURPOSE(S):

The purpose is to establish a consolidated and centrally coordinated electronic directory to support e-government of administrative business processes; allow effective controls over the creation, maintenance and use of records in the conduct of current business; provide for effective management of costs, operation and interconnectivity of NIH information systems; provide the required structure for network security; and provide an accurate source of directory information at the NIH. Data collected is used to build an NIH centralized source identification directory and provides for directory security system authentication and authorization and supports NIH corporate business processes and electronic commerce. This system of records enables NIH to reliably identify individuals and those federal resources assigned to them. A NIH unique identifier (UID) will be assigned to each individual to permit identification of a single person with their descriptive information and resources throughout their career.

This system allows for the creation of accurate records for individuals in the NIH directory and ensures that duplicate data files are compared, corrected and combined for accuracy, thus eliminating redundancy. It is the central point of coordination for other automated systems that manage or track resources, particularly information security systems.

INTERNAL USE AND ACCESS TO PERSONAL INFORMATION

Internal use and access to the personal information in this system will be limited to those with a valid need-to-know in the performance of their official duties. Typical internal uses of the system, including categories of users, uses of the data collected and the need for such use are as follows:

1. Trans-NIH Human Resource Personnel, Administrative Officers, and administrative technicians, will access all public and non-public records for employees and/or NIH affiliates within their scope of responsibility to access/track staffing information such as personal/work contact information, physical location, and/or any other information to facilitate current NIH administrative business processes.

2. Information Resources Management staff and Space and Facility Management personnel will have access to view public data (building location and work phone information) to coordinate access for, and the allocation of, telecommunication resources and building space/access.

3. Supervisors, Administrative Officers and Administrative Start Printed Page 60793Technicians will have access to emergency contact information to enable them to contact someone in the event of an emergency.

4. NIH central services staff, NIH police, and NIH management will access both public and non-public data to coordinate/track employee data required for other NIH business processes such as card key access, ID badges, parking permits, library resources, census information gathered for reporting requirements, employee development, training, campus security, and other administrative processes.

5. NIH Security Officers, or other incident response personnel will have access to public/non-public data where NIH deems it necessary for official investigations or security incidents involving suspected intrusion, illegal activity, or unauthorized/unethical misuse of the system of records or data therein.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

1. Disclosure may be made to a congressional office from the records of an individual in response to an inquiry from the congressional office made at the request of that individual.

2. Disclosure may be made to representatives of the General Services Administration or the National Archives and Records Administration who are conducting records management inspections under the authority of 44 U.S.C. 2904 and 2906.

3. Disclosure may be made to agency contractors, experts, consultants, or volunteers who have been engaged by the agency to assist in the performance of a service related to this system of records and who need to have access to the records in order to perform the activity. Recipients are required to maintain Privacy Act safeguards with respect to these records.

4. Disclosure may be made to respond to a Federal agency's request made in connection with the hiring or retention of an employee, the letting of a contract or issuance of a security clearance, grant, license, or other benefit by the requesting agency, but only to the extent that the information disclosed is relevant and necessary to the requesting agency's decision on the matter.

5. Disclosure may be made to the Department of Justice, or to a court or other adjudicative body, from this system of records when (a) HHS, or any component thereof; or (b) any HHS officer or employee in his or her official capacity; or (c) any HHS officer or employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the officer or employee; or (d) the United States or any agency thereof where HHS determines that the proceeding is likely to affect HHS or any of its components, is a party to the proceeding or has any interest in the proceeding, and HHS determines that the records are relevant and necessary to the proceeding and would help in the effective representation of the governmental party.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained on electronic media such as computer tape and disk and/or hard-copy. Automated records are stored in controlled computer areas. Both manual and computerized records will be maintained in accordance with the standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records”, supplementary Chapter PHS hf: 45-13, and the Department's Automated Information System Security Program Handbook.

RETRIEVABILITY:

Records are indexed and retrieved by: name, unique identifier, alias names, and social security number.

SAFEGUARDS:

1. Authorized Users: Non-public data on computer files is accessed by keyword known only to authorized users who are NIH employees or contractor staff who have a legitimate operational responsibility to access the data in the performance of their duties as determined by the System Manager. Staff are only granted access to those directories or fields for which they have operational responsibilities. User activity is recorded. Occurrences of non-routine user or operator activity are recorded. Public data is controlled by user-defined view via a web-based look-up table. View of public data is accessible and controlled via the NIH network.

2. Physical Safeguards: Physical access to the computer systems where records are stored is controlled through the use of door locks and alarms.

3. Procedural and Technical Safeguards: Access to the non-public data will be controlled through: password protection, user authentication, and system administration procedures for user access. User name and password authentication procedures are in place to protect non-public data from public view, and to prevent unauthorized personnel from accessing data. Logical access controls, based on job function, are in place to authorize and/or restrict the user activity and view of the data. Persons having access to data are restricted to a field-by-field confined user interface that permits a controlled, or narrow “view” of the data. Sensitive data transferred between NIH source databases is secured through encryption or similar manner. Digital certificates and automated user audit trail capabilities have been incorporated to ensure data integrity and to detect evidence of data tampering.

These practices are in compliance with standards of Chapter 45-13 of the HHS General Administration Manual, “Safeguarding Records Contained in Systems of Records”, supplementary Chapter PHS hf: 45-13, and the Department's Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records may be retired to a Federal Records Center and subsequently disposed of in accordance with the NIH Records Control Schedule. The Records Control Schedule and disposal standard for these records may be obtained by writing to the System Manager at the address below.

SYSTEM MANAGER(S) AND ADDRESS:

Chiquita Bennett, Clinical Center (CC), Building 10, Room 1C280, 10 Center Drive, Bethesda, MD 20892.

Ann Ellis, Clinical Center (CC), Building 10, Room B1L410B, 10 Center Drive, Bethesda, MD 20892.

Edith Smith, Center for Information Technology (CIT), Fernwood Building, Room 2NW06F, Bethesda, MD 20892.

Maria Miller, Center for Information Technology (CIT), Fernwood Building, Room 2NW06E, Bethesda, MD 20892.

Nadel Griffith, Center for Scientific Review (CSR), Democracy Plaza I, Room 3028, 6701 Rockledge Drive, Bethesda, MD 20892.

Marilyn Cuzzolina, Center for Scientific Review (CSR), Democracy Plaza I, Room 3028, 6701 Rockledge Drive, Bethesda, MD 20892.

Sharon Nieberding, Office of Administrative Management and International Services, Fogarty International Center (FIC), Building 31, Room B2C08, 31 Center Drive, Bethesda, MD 20892-2220.

Allison Wise, Office of Administrative Operations, National Center for Complementary and Alternative Medicine (NCCAM), Building 31, Room 2B11, 31 Center Drive, Bethesda, MD 20892-2182. Start Printed Page 60794

Mike Tucker, National Cancer Institute (NCI), 6116 Executive Boulevard, Room 609, Bethesda, MD 20892.

Mike Floyd, National Cancer Institute (NCI), 6116 Executive Boulevard, Room 609, Bethesda, MD 20892.

Dorothy Keys, National Center for Research Resources (NCRR), Rockledge I, Room 6070, 6705 Rockledge Drive, Bethesda, MD 20892.

Matthew Burr, National Eye Institute (NEI), Building 31, Room 6A19, 31 Center Drive, Bethesda, MD 20892.

Patricia Hylla, National Human Genome Research Institute (NHGRI), Building 49, Room 3A38, 49 Convent Drive, Bethesda, MD 20892.

Christina Roark, National Heart, Lung, and Blood Institute (NHLBI), Democracy Plaza I, Room 7021, 6701 Rockledge Drive, Bethesda, MD 20892-7921.

Agnes Slamen, National Institute on Aging (NIA), Gerontology Research Center, Johns Hopkins Bayview Campus, 5600 Nathan Shock Drive, Room 1E14A, Baltimore, MD 21224.

Gwen Proctor, National Institute on Aging (NIA), Gerontology Research Center, Johns Hopkins Bayview Campus, 5600 Nathan Shock Drive, Room 1E14A, Baltimore, MD 21224.

Andrea Hobbs, National Institute of (NIAAA), Building 31, Room 1B40, 31 Center Drive, Bethesda, MD 20892.

Lennita Lawson, National Institute of Allergy and Infectious Disease (NIAID), Building 31, Room 7A19, 31 Center Drive, Bethesda, MD 20892.

Kai Lakeman, National Institute of Allergy and Infectious Disease (NIAID), Building 31, Room 7A19, 31 Center Drive, Bethesda, MD 20892.

Andrea Ricche, National Institute of Arthritis and Musculoskeletal and Skin Diseases (NIAMS), Natcher Building, Room 5AS51, 45 Center Drive, Bethesda, MD 20892.

Ruby Akomeah, National Institute of Biomedical Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive, Bethesda, MD 20892.

Ivelisse Rodriguez, National Institute of Biomedical Imaging and Bioengineering (NIBIB), Building 31, Room 1B37, 31 Center Drive, Bethesda, MD 20892.

Ruth Maraio, National Institute of Child Health and Human Development (NICHD), Rockledge I, Room 800, 6705 Rockledge Drive, Bethesda, MD 20892.

Donna Tolson, National Institute of Drug Abuse (NIDA), Neuroscience Center, Room 512, 6001 Executive Boulevard, Bethesda, MD 20892.

Anne Sumner, National Institute on Deafness and Other Communication Disorders (NIDCD), Building 31, Room 3C21, 31 Center Drive, Bethesda, MD 20892.

Kathleen Maguire, National Institute of Dental and Craniofacial Research (NIDCR), Natcher Building, Room 4AN12, 45 Center Drive, Bethesda, MD 20892.

Anne Robertson, National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), Democracy Plaza II, Room 909, 6707 Democracy Boulevard, Bethesda, MD 20892.

Linda Mongelli, National Institute of Diabetes and Digestive and Kidney Diseases (NIDDK), Building 10, Room 9N208, 10 Center Drive, Bethesda, MD 20892.

Donna Byrd, National Institute of Environmental Health Sciences (NIEHS), PO Box 12233, Research Triangle Park, NC 27709.

Gail Grosman, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 3AN32, 45 Center Drive, Bethesda, MD 20892.

Crystal James, National Institute of General Medical Sciences (NIGMS), Natcher Building, Room 3AS25A, 45 Center Drive, Bethesda, MD 20892.

Pam Fitzgerald, National Institute of Mental Health (NIMH), Building 31, Room 2B34, 31 Center Drive, Bethesda, MD 20892.

Vicki Dobbins, National Institute of Medical Health (NIMH), Building 31, Room 2B34, 31 Center Drive, Bethesda, MD 20892-9657.

Debbie Jarman, Privacy Act Coordinator, National Institute of Neurological Disorders (NINDS), Building 31, Room 8A33, 31 Center Drive, Bethesda, MD 20892.

Ana Ferreira, National Institute of Nursing Research (NINR), Building 31, Room 5B19A, 31 Center Drive, Bethesda, MD 20892.

Patricia Williams, National Library of Medicine (NLM), Building 38, Room 2W05, 8600 Rockville Pike, Bethesda, MD 20894.

Sandy Freund, Office of the Director (OD), 6011 Executive Boulevard, Room 325, Bethesda, MD 20892.

Dinah Huffer, Office of Research Services (ORS), Building 31, Room 4B30, 31 Center Drive, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

Write to the System Manager listed above. The requester must verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Act, subject to a five thousand-dollar fine. The request should include: (a) Full name, and (b) address, and (c) year of records in question.

RECORD ACCESS PROCEDURE:

Write to the System Manager specified above to attain access to records and provide the same information as is required under the Notification Procedures. Requester should also reasonably specify the record content being sought. Individuals may also request an accounting of disclosure of their records, if any.

CONTESTING RECORD PROCEDURE:

Address a petition for amendment to the System Manager. All requests must be in writing. The individual must identify himself/herself, specify the system of records from which the records are retrieved, the particular records to be corrected or amended, whether seeking an addition to or a deletion or substitution for the records, and the reason for requesting correction or amendment of the record.

RECORD SOURCE CATEGORIES:

NIH employees, contractors, and other persons who are using or performing services on behalf of the NIH, and the NIH human resource databases (i.e., Human Resource Database (HRDB), Fellowship Payment System (FPS), J.E. Fogarty Database of Foreign Visiting Scientists (JEFIC), NIH Telecommunications Database (TELCOM), Parking and Identification Database (PAID), E-mail Directory and Forwarding Service (PH directory), and the Integrated Time and Attendance System (ITAS)).

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.

End Supplemental Information

[FR Doc. 02-23965 Filed 9-25-02; 8:45 am]

BILLING CODE 4140-01-P