Office of the Secretary, DOT.
Notice to amend a system of records.
DOT intends to amend a system of record under the Privacy Act of 1974.
November 18, 2002. If no comments are received, the proposal will become effective on the above date. If comments are received, the comments will be considered and, where adopted, the documents will be republished with changes.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Yvonne L. Coates, Department of Transportation, Office of the Secretary, 400 7th Street, SW., Washington, DC 20590, (202) 366-6964 (telephone), (202) 366-7024 (fax), Yvonne.Coates@ost.dot.gov (Internet address).End Further Info End Preamble Start Supplemental Information
The Department of Transportation system of records notice subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended, has been published in the Federal Register and is available from the above mentioned address.
Identification Media Record Systems.
The system is located in the:
a. Office of Security and Administrative Management, M-40, 400 7th Street, SW., Washington, DC 20590; (for Office of the Secretary of Transportation and all DOT Agencies other than those listed below).
b. Commandant, United States Coast Guard Headquarters, G-O, Washington, DC 20593 and District and Area Offices.
c. Federal Aviation Administration, Office of Security and Investigations, 800 Independence Avenue, SW., Washington, DC 20591; and all FAA Regional Offices and Centers.
d. Federal Highway Administration, Operations and Services Divisions, 400 7th Street, SW., Washington, DC 20590, and all FHWA Regional Offices.
e. Transportation Security Administration, 400 7th Street, SW., Washington, DC 20590, and Federal Security Directors at various airports.
Categories of individuals covered by the system of records:
Present and former employees, contractor employees, consultants, and other individuals or personnel that require access to DOT facilities, information, resources or information-based systems in any element of DOT.
Categories of records in the system:
Applications, photographs, receipts for DOT identification and verification media and official credentials, temporary building passes, security badges, security clearance level and type, date of clearance, clearance basis, entry on duty information, current duty assignment information, routing symbols, limited relevant portions of the background investigation date of background investigation, investigating agency and follow-up investigation data, date of birth, social security number, position title and position sensitivity, assignment to sensitive duty positions, facility access, gender, designations, automated information systems access designations, records of access authorizations granted, biometric data (fingerprint or other biometric data as determined by current standards), PKI certificates and encryption information, digital signature codes and verification data, personal information number (pin)/identification and verification media password, or identification record number and expiration date, applications for other identification needed for official duties, and other fields as dictated by the Governmental SmartCard Interoperability Standard.
Authority for maintenance of the system:
- To control access to DOT facilities, information or information-based systems by authenticating the identity of each person using the system; the system will not be used to monitor or track individuals or their usage habits.
- To provide a ready concentration of employee personal data to facilitate issuance, accountability, and recovery of required identification media issued to employees, contractor employees, consultants, and other individuals or personnel who require access to DOT facilities, information or information-based systems in the performance of their duties.
- To provide for universal and positive verification and control for DOT employees, contractor employees, consultants, and other individuals or personnel needed to perform their official duties.
- To control and account for DOT identification and verification media, credentials, and security badges issued to DOT employees, former employees, contractors, and other individuals who require access to DOT facilities and information or information-based systems in the performance of their DOT or other official duties.
Routine uses of records maintained in the system, including categories of users and the purposes of such uses:
- Records may be disclosed to contractors for the limited purpose of assisting the Department or one of its elements in issuing, controlling and accounting for DOT identification and Start Printed Page 62512verification media, credentials and security badges and maintaining associated databases.
- Records may be disclosed to Departmental contractors concerning their own current and former employees to facilitate the control and accountability of DOT identification and verification media, credential and security badges issued to contract employees.
- See Prefatory Statement of General Routine Uses.
Disclosure to consumer reporting agencies:
Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:
The records are maintained in an electronic database and may be on computer disks/chips, magnetic tape, and paper forms in file folders. The items of information set forth in the category of records section may be contained on an electronic computer chip or other media imbedded on the identification and verification medium of each employee, contractor, or other individual to whom the identification and verification media is issued.
Retrieval from the system is by name, social security number, date of birth, security clearance level, date of investigation, type of investigation, identification and verification media or record number, digital certificates, duty position location (POD), identification and verification media expiration or issue date, other fields as included in the Governmental SmartCard Interoperability Standard, or other category of records and can be accessed only by authorized individuals.
Computers provide privacy and access limitations to records by requiring a user name and password match or equivalent safeguards such as biometrics and public key infrastructure (PKI) technology. Access to decentralized segments is similarly controlled. Only those personnel with a need to have access to the system are given user names and passwords or equivalent technology. Data are manually and/or electronically stored in a locked room with limited access.
The protection of the data/information and of the identification and verification media complies with NIST Standards; at no time will any data/information be placed on the media in a manner less secure than its original source.
Retention and disposal:
Hard copy of information including applications, photographs and identification media is destroyed immediately upon termination of employment and/or expiration of surrendered ID media. Inactive electronic records pertaining to applications, photographs, and identification media is removed from the video ID system monthly. The following schedules apply: General Records Schedule (GRS) 11, item 4, Space and Maintenance Records; and GRS 20, item 3a, Electronic Records.
System manager(s) and address:
a. Office of Security and Administrative Management, M-40, Department of Transportation, 400 7th Street, SW., Washington, DC 20590 (for OST and all DOT agencies other than those listed below).
b. Commandant, G-O United States Coast Guard, Washington, DC 20593.
c. Director of Security and Investigations, Federal Aviation Administration, 800 Independence Avenue, SW., Washington, DC 20591.
d. Chief, Operations and Services Division, Federal Highway Administration, 400 7th Street, SW., Washington, DC 20590.
Same as System Manager. Correspondence contesting records must include the full name and social security number of the individual concerned and documentation justifying the claim.
Record access procedures:
Same as Notification procedure.
Contesting record procedures:
Same as Notification procedure.
Record source categories:
Individuals about whom the record is maintained, automated personnel systems maintained by DOT or any of its elements, and background and clearance investigation systems of records maintained by the DOT or any of its elements.
Exemptions claimed for the system:
Dated: September 30, 2002.
Yvonne L. Coates,
Privacy Act Coordinator.
[FR Doc. 02-25412 Filed 10-4-02; 8:45 am]
BILLING CODE 4910-62-P