Notice of alteration to existing Privacy Act systems of records.
In accordance with the requirements of the Privacy Act of 1974, as amended, the National Science Foundation is altering its existing systems of records in accordance with OMB Memorandum M-07-16, “Safeguarding Against and Responding to the Breach of Personally Identifiable Information.” M-07-16 calls on agencies to publish a routine use for appropriate systems specifically applying to the disclosure of information in connection with response and remedial efforts in the event of a data breach.
A Federal agency's ability to respond quickly and effectively in the event of a breach of Federal data is critical to its efforts to prevent or minimize any consequent harm. An effective response may necessitate disclosure of information regarding the breach to those individuals affected by it, as well as to persons and entities in a position to cooperate, either by assisting in notification to affected individuals or playing a role in preventing or minimizing harms from the breach.
The information to be disclosed to such persons and entities may be subject to the Privacy Act, 5 U.S.C. 552a. The Privacy Act prohibits the disclosure of any record in a system of records absent the written consent of the subject individual, unless the disclosure falls within one of the twelve statutory exceptions, including a routine use, 5 U.S.C. 552a(b)(3).
As described in the President's Identity Theft Task Force's Strategic Plan, all agencies should publish a routine use for their systems of records allowing for the disclosure of information in the course of responding to a breach of Federal data. See Appendix B of the Identity Theft Task Force report (http://www.identity theft.gov/reports/StrategicPlan.pdf). Such a routine use will serve to protect the interests of the individuals whose information is at issue by allowing agencies to take appropriate steps to facilitate a timely and effective response, thereby improving their ability to prevent, minimize, or remedy any harm resulting from a compromise of data maintained in their systems of records.
Accordingly, NSF proposes to add the following routine use to each of its Systems of Records Notices listed below:
To appropriate agencies, entities, and persons when (1) the NSF suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the NSF has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the NSF or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the NSF's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
Submit comments on or before August 30, 2007. The proposed altered systems will become effective on September 30, 2007.
Send comments to Leslie Jensen, National Science Foundation, Office of the General Counsel, Room 1265, 4201 Wilson Boulevard, Arlington, Virginia 22230 or by electronic mail (e-mail) to: firstname.lastname@example.org.End Preamble Start Supplemental Information
This publication is in accordance with the Privacy Act requirement that agencies publish their amended systems of records in the Federal Register when there is a revision, change, or addition. NSF's Office of the General Counsel (OGC) has reviewed its Systems of Records notice and has determined that its records systems notices must be revised to incorporate the change described herein. As required by 5 U.S.C. 552a(R) and Appendix I to OMB Circular A-130, “Federal Agency Responsibilities for Maintaining Records about Individuals,” dated November 30, 2000, a report of an altered system of records has been submitted to the Committee on Government Reform of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate, and the Office of Management and Budget.
Submit comments as an ASCII file avoiding the use of special characters and any form of encryption. Identify all comments sent in electronic E-mail with Subject Line: Comments on proposed changes to Privacy Act SORNs.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Leslie Jensen (703) 292-5065.Start Signature
Dated: August 14, 2007.
NSF-3 Application and Account for Advance of Funds
NSF-6 Doctorate Records File
NSF-8 Employee Grievance Files
NSF-10 Employee's Payroll Jacket
NSF-12 Fellowships and Other Awards
NSF-13 Fellowship Payroll
NSF-16 Individual Retirement Record (SF-2806)
NSF-18 Integrated Personnel System (IPERS)
NSF-19 Medical Examination Records for Service in the Polar Regions
NSF-22 NSF Payroll System
NSF-23 NSF Staff Biography
NSF-24 Official Passports
NSF-26 Personnel Security
NSF-34 Integrated Time and Attendance System (ITAS)
NSF-36 Personnel Tracking System (Antarctic)
NSF-38 Visa Applications and Alien Application for Consideration of Waiver of Two-Year Foreign Residence Requirements—NSF
NSF-43 Doctorate Work History File
NSF-48 Telephone Call Detail Program Records
NSF-49 Frequent Traveler Profile
NSF-50 Principal Investigator/Proposal File & Associated Records
NSF-51 Reviewer/Proposal File & Associated Records
NSF-52 Office of Inspector General Investigative Files
NSF-53 Public Transportation Subsidy Program Start Printed Page 46521
NSF-54 Reviewer/Fellowship & Other Award File & All Associated Records
NSF-55 Debarment/Scientific Misconduct Files
NSF-56 Antarctic Conservation Act Files
NSF-57 Delinquent Debtors File
NSF-59 Science & Technology Centers (STC) Database
NSF-60 Antarctica Service Records
NSF-61 Diving Safety Records (Polar Regions)
NSF-62 Radiation Safety Records (Polar Regions)
NSF-63 Accident & Injury Reports (Antarctic)
NSF-64 Project Participant File
NSF-65 NSF Electronic Payment File
NSF-66 NSF Photo Identification Card System
NSF-67 Invention, Patent & Licensing Documents
NSF-68 Project Results Information Database
NSF-69 Education and Training Records Files
NSF-70 NSF Visitor Credentials System
NSF-71 General Correspondence FilesEnd Further Info End Supplemental Information
[FR Doc. 07-4049 Filed 8-17-07; 8:45 am]
BILLING CODE 7555-01-P