Skip to Content

Notice

Privacy Act of 1974; National Disaster Medical System Medical Professional Credentials System of Records

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

National Disaster Medical System; Response Division, Federal Emergency Management Agency, Department of Homeland Security.

ACTION:

Notice of Privacy Act system of records.

SUMMARY:

Pursuant to the Privacy Act of 1974, the Department of Homeland Security gives notice that the Federal Emergency Management Agency, Response Division, National Disaster Medical System, is establishing a new system of records entitled the “National Disaster Medical System Medical Professional Credentials System of Records.”

This system of records will enable the National Disaster Medical System to have an efficient, centralized method for collecting medical credentials and verifying continued certification of the credentials of deployable medical personnel.

DATES:

The system of records will be effective November 13, 2006, unless comments are received that result in a contrary determination.

ADDRESSES:

You may submit comments, identified by Docket ID FEMA-2006-0002, by one of the following methods:

  • Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments;
  • E-mail: FEMA-RULES@dhs.gov. Include Docket ID FEMA-2006-0002 in the subject line of the message;
  • Fax: 202-646-4536 (not a toll-free number); or
  • Mail/Hand Delivery/Courier: Rules Docket Clerk, Office of Chief Counsel, Federal Emergency Management Agency, Room 835, 500 C Street, SW., Washington, DC 20472; Maureen Cooney, Acting Chief Privacy Officer, Department of Homeland Security, 601 S. 12th Street, Arlington, VA 22202.

Instructions: All submissions received must include the agency name and Docket ID (if available) for this notice. All comments received will be posted without change to http://www.regulations.gov, including any personal information provided.

Docket: For access to the docket to read background documents or comments received, go to the Federal eRulemaking Portal at http://www.regulations.gov. Submitted comments may also be inspected at FEMA, Office of Chief Counsel, 500 C Street, SW., Room 835, Washington, DC 20472.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Captain Ana Marie Balingit-Wines, Credentialing Program Manager, FEMA/NDMS, 500 C Street, SW., Suite 713, Washington, DC 20472, at 202-646-4248, for credentialing matters; Jean Hardin, Attorney, FEMA Office of Chief Counsel, General Law Division, 500 C Street, SW., Room 713 H, Washington, DC 20472, at 202-646-4059; Hugo Teufel III, Chief Privacy Officer, Department of Homeland Security, 601 S. 12th Street, Arlington, VA 22202-4220, at 571-227-3813.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

The National Disaster Medical System (NDMS), authorized by 42 U.S.C. 300hh-11(b), has primary responsibility for providing emergency medical care after a natural or man-made disaster or in the Start Printed Page 60555event of a public health emergency. NDMS functions as a coordinated effort by the Department of Homeland Security (DHS)/Federal Emergency Management Agency (FEMA), Department of Health and Human Services, the Department of Defense, and the Department of Veterans Affairs, but is managed by FEMA's Response Division.

NDMS personnel are composed of medical professionals and allied health members [1] who are hired and deployed specifically to provide medical care in the event of an emergency. NDMS members are activated and employed as Federal employees not only to provide health care services, but also health-related social services, family assistance, and coordination with other assisting agencies. NDMS personnel also function as appropriate auxiliary service providers for mortuary and veterinary services to respond to the needs of victims during an emergency. These individuals are assigned to Disaster Medical Assistance Teams (DMATS) or other specialty teams that are placed in various locations throughout the United States.

To facilitate the continued provision of high quality care to both people and animals, NDMS collects the information necessary to make decisions concerning the hiring and retention of these individuals for disaster relief efforts. In addition, NDMS collects information on qualified medical professionals who are System Members of the National Urban Search and Rescue Response System (US&R), which also falls under the responsibility of FEMA's Response Division.

To assess qualifications, NDMS asks applicants to complete the Optional Form (OF) 612 or other standard formats for applications for Federal employment or status. While the employment forms, like the OF 612 (used to gather information necessary for credentialing) are currently submitted in paper format, NDMS has developed electronic data entry forms specifically for credentialing and the forms have been submitted to the Office of Management and Budget (OMB) for approval. Information taken from the completed paper applications is transferred to a database that is maintained by NDMS.

The information that is collected on the OF 612 or other application formats, consists of:

  • Name (Last, First, Middle), including any other names known by and when.
  • Social Security Number.
  • Position Being Applied For.
  • Home Address, including street address, City, State, and Zip Code.
  • Home Telephone.
  • Cell Phone, if applicable.
  • Fax number, if applicable.
  • E-mail address, if applicable.
  • Current Employer Name, if applicable, or place of employment.
  • Primary Office Address, including street address, City, State and Zip Code.
  • Primary Office Telephone, Fax, or E-mail.
  • Place of Birth, City, State, Country other than U.S.
  • Citizenship, and if not a citizen, Status and Visa Number.
  • Gender.
  • Military Service History, if applicable, and copy of DD 214.
  • Other Employment History, including name, location, dates, and contact information.
  • Other health care facility affiliations.
  • Education Background, including names and dates for all certificates and diplomas.
  • Specialty(ies), including all certificates or other documentation.
  • If certifying Board membership, Board name and address, and most recent date.
  • Certification, date of initial certification and most recent certification.
  • Examinations passed.
  • Licenses—include for all States.
  • Drug Enforcement Administration Registration Number, if applicable.
  • References, including name, address, phone numbers, and e-mail addresses.
  • Other information, such as criminal history, medical malpractice action, or other disciplinary action taken against the applicant, if applicable. (This includes statements from all malpractice insurance carriers, dating back ten years.)

This collected information serves as the basis by which hiring officials can certify the providers' basic qualifications for the jobs to which they are assigned, as well as to determine the clinical privileges [2] designated to specific team members. The verification of credentials ensures that the medical treatment provided is done by qualified, licensed, professionals who meet the industry standard. Credential verification also provides DHS the ability to utilize these employees in the most effective way possible. Similar information on US&R medical professionals is included in the database.

The Privacy Act (5 U.S.C. 552a) embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses and disseminates personally identifiable information. The Act applies to information that is maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. The National Disaster Medical System Medical Professional Credentials File System established by this notice is such a system of records.

The Privacy Act requires each agency to publish in the Federal Register a description of the type and character of each system of records that the agency maintains, and the routine uses for which such information may be disseminated and the purpose for which the system is maintained. The following description is provided for the National Disaster Medical System Medical Professional Credentials System of Records. In accordance with 5 U.S.C. 552a(r), notification of the creation of this record system has been provided to Congress and to OMB.

DHS/FEMA/NDMS-1

SYSTEM NAME:

National Disaster Medical System Medical Professional Credentials System of Records.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

The database and paper records for this system of records will be maintained within NDMS offices at FEMA Headquarters, 500 C Street, SW., Suite 713, Washington, DC.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

This system of records covers the following types of medical professionals and allied health members who apply to the NDMS and US&R:

  • Doctors (or physicians). Start Printed Page 60556
  • Physician's Assistants.
  • Dentists.
  • Dental Assistants and Hygienists.
  • Pharmacists.
  • Pharmacy Assistants.
  • Nurses—Registered and Licensed Vocational or Licensed Practical Nurses.
  • Nurse's Aides.
  • Dietitians.
  • Psychologists.
  • Paramedics and Emergency Medical Technicians.
  • Social Workers.
  • Therapists.
  • Radiology Technicians.
  • Respiratory Therapists.
  • Medical Technologists.
  • Counselors.
  • Optometrists and Opticians.
  • Veterinarians.

CATEGORIES OF RECORDS IN THE SYSTEM:

FEMA will collect medical credential and qualification information from all medical professionals and allied health members who apply to the NDMS and US&R. The types of information to be maintained in the system of records include:

  • Name (Last, First, Middle), including any other names known by and when.
  • Social Security number.
  • Position Being Applied For.
  • Home Address, including street address, City, State, and Zip Code.
  • Home Telephone.
  • Cell Phone, if applicable.
  • Fax number, if applicable.
  • E-mail address, if applicable.
  • Current Employer Name, if applicable, or place of employment.
  • Primary Office Address, including street address, City, State and Zip Code.
  • Primary Office Telephone, Fax, or E-mail.
  • Place of Birth, City, State, Country other than U.S.
  • Citizenship, and if not a citizen, Status and Visa Number.
  • Gender.
  • Military Service History, if applicable, and copy of DD 214.
  • Other Employment History, including name, location, dates, and contact information.
  • Other health care facility affiliations.
  • Education Background, including names and dates for all certificates and diplomas.
  • Specialty(ies), including all certificates or other documentation.
  • If certifying Board membership, Board name and address, and most recent date.
  • Certification, date of initial certification and most recent certification.
  • Examinations passed.
  • Licenses—include for all States.
  • Drug Enforcement Agency Number.
  • References, including name, address, phone numbers and e-mail addresses.
  • Other information, such as criminal history, medical malpractice action, or other disciplinary action taken against the applicant, if applicable. (This includes statements from all malpractice insurance carriers, dating back ten years.)

Copies of actual diplomas, transcripts, licenses, or certificates, a signed attestation form and a release of information form will also be requested from the applicants, and, in some cases, certified copies must be sent from the institution or certifying agency.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

The collection of information is based on the Robert T. Stafford Disaster Relief and Emergency Assistance Act, 42 U.S.C. 5121-5206, the Homeland Security Act of 2002, Public Law 107-296 (2002), 6 U.S.C. 101, et seq., and the Health Care Quality Improvement Act of 1986, 42 U.S.C. 11101, et seq. The NDMS Statute, 42 U.S.C. 300hh-11, is the authority that places NDMS within DHS/FEMA. The National Response Plan, Emergency Support Function #8, “Public Health and Medical Services Annex” also delineates NDMS responsibilities for providing health care and coordinating with the Department of Defense, Department of Veterans Affairs, and Department of Health and Human Services in an emergency requiring implementation of the National Response Plan.

PURPOSE(S):

Information is collected on potential and current NDMS medical providers and US&R medical providers for three primary purposes: Hiring decisions; certification/recertification; and privileging.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a (b)(3) as follows:

(A) To a Member of Congress or a Congressional staff member in response to an inquiry from the Congressional office made at the request of the individual to whom the records pertain.

(B) To the Department of Justice (DOJ) or other Federal agency conducting litigation or in proceedings before any court, adjudicative or administrative body, when: (1) DHS, or (2) any employee of DHS in his/her official capacity, or (3) any employee of DHS in his/her individual capacity where DOJ or DHS has agreed to represent the employee, or (4) the United States or any agency thereof, is a party to the litigation or has an interest in such litigation, and DHS determines that disclosure is relevant and necessary to the litigation.

(C) To the National Archives and Records Administration (NARA) or other Federal government agencies pursuant to records management inspections being conducted under the authority of 44 U.S.C. sections 2904 and 2906.

(D) To an agency, organization, or individual for the purposes of performing authorized audit or oversight operations.

(E) Where a record, either on its face or in conjunction with other information, indicates a violation or potential violation of law—criminal, civil or regulatory—the relevant records may be referred to an appropriate Federal, State, local, or tribal law enforcement authority or other appropriate agency charged with investigating or prosecuting such a violation or enforcing or implementing such law.

(F) To a Federal, State, local and tribal government to help in identifying and meeting health and medical needs of victims in an Incident of National Significance.

(G) To the other Federal agencies with which NDMS coordinates under the National Response Plan to include the Department of Defense, the Department of Veterans Affairs, and the Department of Health and Human Services.

(H) To credentialing entities, governmental or private, that NDMS agrees to work with to verify credential information and facilitate exchange of information for deployment purposes. This includes entities, such as the National Practitioner Databank, which serves as a clearinghouse for any derogatory information on medical professionals, such as revoked licenses or other information that may prevent these NDMS members from legally performing the medical duties for the position that they hold.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE

Paper records from this system are stored in the FEMA Headquarters Building, NDMS Central Office, at 500 Start Printed Page 60557C Street, SW., Suite 713, Washington, DC 20472. The database into which the information is entered is also maintained within the same office space. FEMA Headquarters manages data use at all locations where it will be needed, including all locations where NDMS or US&R members will be deployed. FEMA has a configuration management process that is used to share any necessary information in a consistent and secure manner with all potential users.

Copies of paper applications as well as information maintained electronically are stored in a work area that is locked when it is not staffed. The doors to the work area are kept closed. There is limited access given to persons who have a need to access the information to perform their official duties. FEMA computer based records such as databases or e-mails are stored in database servers secured in a file server room in another location and backed up nightly.

RETRIEVABILITY:

Files and automated data are retrievable by name, social security number, medical profession, geographic area and/or residence of an applicant or existing NDMS or US&R medical professional employee.

SAFEGUARDS:

Data access within DHS/FEMA computer systems is determined by the system administrator staff on a need-to-know basis only. Access is provided to the online system based upon written authorization of the NDMS Chief or his designee, and will result in generation of a unique userID and password. Passwords must be updated on a regular basis based upon internal FEMA administration requirements. All printouts and paper records will be marked as “For Official Use Only” (FOUO), and will be maintained within NDMS offices at Headquarters location, 500 C Street, SW., Suite 713, Washington, DC 20472. The offices containing these records are locked, with only authorized personnel having unsupervised access.

Information is shared internally within DHS only as specified herein on a need-to-know basis and only for purposes of credentialing and for oversight of the program.

FEMA limits the sharing of personal information collected as part of the NDMS and US&R medical credentialing process to external agencies on a case-by-case basis. Permission to have the credentialing information is based upon the “need to know.” Once the “need to know” has been established and verified, the information will be shared. Only those portions of the requested information for which the “need to know” has been established will be shared.

RETENTION AND DISPOSAL:

Records in this system will be retained in accordance with a schedule approved by NARA for personnel records. Employee files are retained for a period of 65 years after date of employee's separation from the Agency, based on NARA General Records Schedule (GRS), Sec. 1, 1(b). The retention schedule for application information for eligible applicants who are not hired for any reason is delineated in GRS, Schedule 1, Transmittal No. 12, July 2004, Section 33, part a-t, “Examining and Certification Records.”

SYSTEM MANAGER(S) AND ADDRESS:

Chief Medical Officer, National Disaster Medical System (NDMS), 500 C Street, SW., Suite 713, Washington, DC 20472.

NOTIFICATION PROCEDURE:

Requests for Privacy Act protected information must conform with DHS regulations found at 6 CFR Part 5 and FEMA's regulations at 44 CFR Part 6. They must be made in writing, and clearly marked as a “Privacy Act Request” on the envelope and letter. Inquiries should be addressed to FEMA—Records Management Division, 500 C Street, SW., Washington, DC 20472. Requests may also be sent to: Privacy Act Officer, DHS/FEMA Office of Chief Counsel (OGC), General Law Division, Room 518, 500 C Street, SW., Washington, DC 20472.

RECORD ACCESS PROCEDURES:

Same as the Notification Procedure above.

CONTESTING RECORD PROCEDURE:

Same as the Notification Procedure above. The letter should state clearly and concisely the information contested, the reasons for contesting it, and the proposed amendment to the information that is sought pursuant to DHS Privacy Act regulations at 6 CFR Part 5 and FEMA regulations at 44 CFR Part 6.

RECORD SOURCE CATEGORIES:

  • Applicants for NDMS health care related jobs and US&R status requiring specific credentials.
  • Current NDMS medical professionals requiring updated credential verification and privileging.
  • State and local licensing boards.
  • Educational institutions.
  • Sources of information on which to base credentialing decisions for NDMS medical professionals—such as the National Practitioner Databank.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.

Start Signature

Dated: October 2, 2006.

Hugo Teufel III,

Chief Privacy Officer.

End Signature End Supplemental Information

Footnotes

1.  Allied health professionals/members are employed in those clinical healthcare professions distinct from the medical, dental, and nursing profession. As the name implies, they are all allies in the healthcare team, working together to make the healthcare system function.

Back to Citation

2.  Privileges are granted by an institution based on credentials, skill currency, skill proficiency, and resources available within the organization. For example, if an individual was trained in a skill ten years ago but has not practiced that skill recently, the institution would not allow that skill to be performed within its facility without demonstrated refresher training. Privileges are used to ensure providers and institutions are providing quality care.

Back to Citation

[FR Doc. E6-16671 Filed 10-12-06; 8:45 am]

BILLING CODE 4400-10-P