Skip to Content

Notice

Privacy Act of 1974; System of Records-Office of Inspector General Data Analytics System

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble

AGENCY:

Office of the Inspector General, Department of Education.

ACTION:

Notice of a new system of records.

SUMMARY:

In accordance with the Privacy Act of 1974, as amended (Privacy Act), the Department of Education (Department) publishes this notice of a new system of records entitled “The Office of Inspector General Data Analytics System (ODAS)” (System Number 18-10-02). This system will store individually identifying information from a variety of individuals who have applied for or received grants, contracts, loans, or payments from the Department.

DATES:

The Department seeks comment on the new system of records described in this notice, in accordance with the requirements of the Privacy Act. We must receive your comments about the new system of records on or before November 17, 2008.

The Department filed a report describing the new system of records covered by this notice with the Chair of the Senate Committee on Homeland Security and Governmental Affairs, the Chair of the House of Representatives Committee on Oversight and Government Reform, and the Administrator of the Office of Information and Regulatory Affairs, Office of Management and Budget (OMB) on October 9, 2008. TThis system of records will become effective at the later date of— (1) the expiration of the 40-day period for OMB review on November 19, 2008 unless OMB waives 10 days of the 40-day review period for compelling reasons shown by the Department, or (2) November 17, 2008, unless the system of records needs to be changed as a result of public comment or OMB review.

ADDRESSES:

Address all comments about the new system of records to the Assistant Inspector General for Information Technology Audits and Computer Crime Investigations, Office of Inspector General, U.S. Department of Education, 400 Maryland Avenue, SW., Potomac Center Plaza (PCP), 8th Floor, Start Printed Page 61407Washington, DC 20202-1510. If you prefer to send comments through the Internet, use the following address: comments@ed.gov

You must include the term “ODAS” in the subject line of your electronic message.

During and after the comment period, you may inspect all public comments about this notice at the U.S. Department of Education in the PCP, Room 8166, 500 12th Street, SW., Washington, DC 20024, between the hours of 8 a.m. and 4:30 p.m., Eastern time, Monday through Friday of each week except Federal holidays.

Assistance to Individuals With Disabilities in Reviewing the Rulemaking Record

On request, we will supply an appropriate aid, such as a reader or print magnifier, to an individual with a disability who needs assistance to review the comments or other documents in the public rulemaking record for this notice. If you want to schedule an appointment for this type of aid, please contact the person listed under FOR FURTHER INFORMATION CONTACT.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Shelley Shepherd, Assistant Counsel to the Inspector General, 400 Maryland Ave., SW., PCP, Washington, DC 20202. Telephone: (202) 245-7077.

If you use a telecommunications device for the deaf (TDD), call the Federal Relay Service (FRS), toll free, at 1-800-877-8339.

Individuals with disabilities can obtain this document in an alternative format (e.g., Braille, large print, audiotape, or computer diskette) on request to the contact person listed in the preceding paragraph.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

Introduction

The Privacy Act (5 U.S.C. 552a(e)(4)) requires the Department to publish in the Federal Register a notice of new system of records maintained by the Department. The Department's regulations implementing the Privacy Act are contained in the Code of Federal Regulations (CFR) in 34 CFR part 5b.

The Privacy Act applies to information about an individual that is maintained in a system of records from which individually identifying information is retrieved by a unique identifier associated with each individual, such as a name or social security number. The information about each individual is called a “record,” and the system, whether manual or computer-driven, is called a “system of records.” The Privacy Act requires each agency to publish a system of records notice in the Federal Register and to submit reports to the Administrator of the Office of Information and Regulatory Affairs, OMB, the Chair of the House of Representatives Committee on Oversight and Government Reform, and the Chair of the Senate Committee on Homeland Security and Governmental Affairs, whenever the agency publishes a new or altered system of records.

Background of System of Records

ODAS is a system of records that will store individually identifying information from a variety of individuals who have applied for or received grants, contracts, loans, or payments from the Department. These individuals include: Employees of the Department; consultants; contractors; grantees; advisory committee members or others who have received funds from the Department for performing services; students who have applied for Federal student financial assistance; Pell Grant recipients; borrowers of William D. Ford Federal Direct Loans, Federal Family Education loans, Federal Insured Student loans or Federal Perkins loans; owners, board members, officials, or authorized agents of postsecondary institutions; and individuals applying to the Department's Office of Federal Student Aid for a personal identification number.

Information in this system will be obtained from the following systems of records maintained by the Department: Education's Central Automated Processing System (EDCAPS)(System Number 18-03-02); Federal Student Aid Application File (System Number 18-11-01); Recipient Financial Management System (the Department expects to amend this system soon and re-name it as the Common Origination and Disbursement System (COD)) (System Number 18-11-02); Title IV Program Files (System Number 18-11-05); National Student Loan Data System (NSLDS)(System Number 18-11-06); Student Financial Assistance Collection Files (System Number 18-11-07); Postsecondary Education Participants System (PEPS)(System Number 18-11-09); the Department of Education (ED) PIN (Personal Identification Number) (System Number 18-11-12); and the Student Authentication Network Audit File (System Number 18-11-13).

This new system of records notice is being established because it will involve the new use of records covered by existing Department systems of records. This new system of records will be used to identify internal control weaknesses and to identify system issues to improve methods of data modeling and annual audit planning. This system will provide the Department's Office of Inspector General (OIG) with access to a single repository of data that currently resides in many, different Department systems of records. OIG will conduct data modeling on this data, using statistical and mathematical techniques, in order to predict anomalies indicating fraudulent activity.

Under the Inspector General Act of 1978, as amended, 5 U.S.C. Appendix, Inspectors General, including the Department's Inspector General, are responsible for conducting, supervising, and coordinating audits and investigations, relating to programs and operations of the Federal agency for which their office is established. This system of records facilitates OIG's performance of this statutory duty.

Pursuant to 5 U.S.C. 552a(k)(2), through rulemaking, may exempt from a limited number of Privacy Act requirements a system of records that contains investigatory materials compiled for law enforcement purposes. The materials in this system of records fall within the scope of section 552a(k)(2).

Pursuant to 5 U.S.C. 552a(k)(2), the Secretary has issued final regulations published elsewhere in this issue of the Federal Register exempting the ODAS from the following Privacy Act requirements:

5 U.S.C. 552a(c)(3)—access to accounting of disclosure.

5 U.S.C. 552a(c)(4)—notification to outside parties and agencies of correction or notation of dispute made in accordance with 5 U.S.C. 552a(d).

5 U.S.C. 552a(d)(1) through (4) and (f)—procedures for notification or access to, and correction or amendment of, records.

5 U.S.C. 552a(e)(1)—maintenance of only relevant and necessary information.

5 U.S.C. 552a(e)(4)(G) and (H)—inclusion of information in the system of records notice regarding Department procedures on notification of, access to, correction of, and amendment of records.

Electronic Access to This Document

You can view this document, as well as all other documents of this Department published in the Federal Register, in text or Adobe Portable Document Format (PDF) on the Internet at the following site: http://www.ed.gov/​news/​fedregister.

To use PDF you must have Adobe Acrobat Reader, which is available free at this site. If you have questions about using PDF, call the U.S. Government Start Printed Page 61408Printing Office (GPO), toll free, at 1-888-293-6498; or in the Washington, DC, area at (202) 512-1530.

Note:

The official version of this document is the document published in the Federal Register. Free Internet access to the official edition of the Federal Register and the Code of Federal Regulations is available on GPO Access at: http://www.gpoaccess.gov/​nara/​index.html.

Start Signature

Dated: October 10, 2008.

Mary Mitchelson,

Acting Inspector General.

End Signature

For the reasons discussed in the preamble, the Inspector General of the U.S. Department of Education (Department) publishes a notice of a new system of records to read as follows:

18-10-02

SYSTEM NAME:

The Office of Inspector General Data Analytics System (ODAS).

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

The Office of Inspector General, Information Technology Audits and Computer Crimes Investigations (ITACCI), U.S. Department of Education, 550 12th Street, SW., room 8089, Washington, DC 20024-6122.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

This system will include records on individuals that are obtained from the following other systems of records maintained by the Department:

Education Central Automated Processing System (18-03-02)

The categories of individuals included from this system are employees of the Department, consultants, contractors, grantees, advisory committee members, and other individuals receiving funds from the Department for performing services for the Department.

Federal Student Aid Application File (18-11-01)

The categories of individuals included from this system are students applying for Federal student financial assistance under Title IV of the Higher Education Act of 1965, as amended (HEA).

Recipient Financial Management System (the Department soon expects to amend this system and re-name it as the Common Origination and Disbursement System (COD)) (18-11-02)

The categories of individuals included from this system are records of individuals who apply for or receive a grant or loan which is made under (1) the Federal Pell Grant Program; (2) the Academic Competitiveness Grant (ACG) Program; (3) the National Science and Mathematics Access to Retain Talent Grant (National SMART Grant) Program; and (4) the William D. Ford Federal Direct Loan (Direct Loan) Program, Federal Direct Unsubsidized and Subsidized Stafford/Ford Loans, and Federal Direct PLUS Loans.

Title IV Program Files (18-11-05)

The categories of individuals included from this system are: individuals who apply for Federal financial student aid; recipients of Federal Pell Grants; recipients of Federal Direct Student Loans; and borrowers whose loan defaulted or borrower died, became disabled or had a loan discharged in bankruptcy under the Federal Direct Student Loan program.

National Student Loan Data System (NSLDS) (18-11-06)

The categories of individuals included from this system are:

(1) Borrowers who have applied for and received loans under the William D. Ford Federal Direct Loan Program, the Federal Family Education Loan (FFEL) Program, the Federal Insured Student Loan (FISL) Program, and the Federal Perkins Loan Program (including National Defense Student Loans, National Direct Student Loans, Perkins Expanded Lending and Income Contingent Loans); and

(2) Recipients of Federal Pell Grants and persons who owe an overpayment on a Federal Pell Grant, Federal Supplemental Educational Opportunity Grant or Federal Perkins Loans.

Student Financial Assistance Collection Files (18-11-07)

The categories of individuals included from this system are individuals who have student loans made under the FFEL Program: Stafford Loans (formerly the Guaranteed Student Loan Program (GSL), including Federally Insured Student Loans), Supplemental Loans for Students (SLS), PLUS Loans (formerly Parental Loans for Undergraduate Students), and Consolidation Loans; the William D. Ford Federal Direct Student Loan (Direct Loan) Program (formerly known as the Stafford/Ford Loan Program (SFLP), Federal Direct Unsubsidized Stafford/Ford Loan Program, Federal Direct Consolidation Loan, and Federal Direct Plus Loans; and Federal Perkins Loans (formerly known as National Direct/Defense Student Loans (NDSL)) and those who are awarded grants under the Federal Pell Grant Program and the Supplemental Education Opportunity Grant Program (SEOG).

Postsecondary Education Participants System (PEPS) (18-11-09)

The categories of individuals included from this system are owners (individuals, either solely or as partners, and corporate entities), officials, and authorized agents of postsecondary institutions; members of boards of directors or trustees of such institutions; employees of foreign entities that evaluate the quality of education; third-party servicers, including contact persons.

Department of Education (ED) PIN (Personal Identification Number) (18-11-12)

The categories of individuals included from this system are former, current and prospective students and parents who apply for an ED PIN number. The ED PIN number is used for identification purposes when PIN holders access other Department systems, including the Free Application for Federal Student Aid (FAFSA), Access America and the Direct Loan Program.

Student Authentication Network Audit File (18-11-13)

The categories of individuals included from this system are individuals who have had, or attempted to have, their identity verified for the purpose of electronically completing and signing promissory notes and other documents in connection with applying for or obtaining aid, or carrying out other activities under the Student Financial Assistance Programs authorized by Title IV of the Higher Education Act of 1965, as amended.

CATEGORIES OF RECORDS IN THE SYSTEM:

This system will include records that are obtained from the following other systems of records maintained by the Department:

Education's Central Automated Processing System (18-03-02)

The categories of records included from this system are individual's name, address, social security number, eligibility codes, detailed and summary obligation data, reports of expenditures, and grant management data, including application and close out information.

Federal Student Aid Application File (18-11-01)

The categories of records included from this system are the name, address, birth date, social security number, parents' and students' personal identification numbers assigned by the Department, and financial data necessary to identify applicants, verify applicant data, and calculate their expected family contributions for Federal student financial assistance. Also included from this system will be Start Printed Page 61409information on the student's prior Federal Pell Grant awards and student loan status from the NSLDS database is maintained in the system. Finally, included from this system will be information from an individual's processed FAFSA form, such as Estimated Family Contribution, dependency status and post-secondary school identifier.

Recipient Financial Management System (the Department expects to amend this system soon and re-name it as the Common Origination and Disbursement System (COD)) (18-11-02)

The categories of records included from this system are records that are sent by institutions of higher education to the Department, and that include, but are not limited to, information such as an individual's social security number, birth date, name, address, e-mail address, driver's license number, telephone number, citizenship status, cost of attendance, enrollment information, type of financial aid award, and the amount and disbursement date of Federal financial aid awarded. In addition, this system contains collection referral amounts, loan repayment information, and promissory notes for loans made under the Federal Direct Loan program.

Title IV Program Files (18-11-05)

The categories of records included from this system are records regarding the amount of Pell Grant received; an applicant's demographic background; loan and education status; family income; social security number; address and telephone number; and employment information on borrowers and co-signers; default claim number; amount of claim; information pertaining to locating a borrower; collection and repayment history; information pertaining to the amount of the loan and repayment obligation; forbearance; cancellation; disability; and deferment information; and personal identification numbers assigned by the Department.

National Student Loan Data System (NSLDS) (18-11-06)

The categories of records included from this system are records regarding: (1) Student/borrower identifier information including social security number, date of birth and name; (2) the information on borrowers' loans covering the entire life cycle of a loan from origination through final payment, cancellation, discharge or other final disposition including details regarding each loan received by a student such as information on loan amounts, educational status, disbursements, balances, loan status, collections, claims, deferments, refunds and cancellations; (3) enrollment information including school(s) attended, anticipated completion date, enrollment status and effective dates; (4) student demographic information such as course of study, dependency, citizenship, gender, data on family income, expected family contribution, and address; (5) Federal Pell Grant amounts and dates; and (6) Federal Pell Grant, Federal Supplemental Educational Opportunity Grant, and Federal Perkins Loan Program overpayments.

Student Financial Assistance Collection Files (18-11-07)

The categories of records included from this system are records regarding an applicant's demographic background; loan, repayment history, and educational status; family income; social security number; address and telephone numbers; employment information on borrowers and co-signers; collection activity on accounts; default claim number; amount of claim; information pertaining to locating a borrower; collection and repayment obligation; forbearance; cancellation; disability; deferment; administrative wage garnishment; bankruptcy, death; closed school discharge; hearings; photocopy of all promissory notes; account collection records; administrative resolutions and litigations; and parents' and students' personal identification numbers assigned by the Department.

Postsecondary Education Participants System (PEPS) (18-11-09)

The categories of records included from this system are records regarding the eligibility, administrative capability, and financial responsibility of postsecondary institutions that participate in the student financial aid programs, including the names, taxpayer identification numbers (social security numbers), business addresses, and phone numbers of the individuals with substantial ownership interests in, or control over, those institutions, and personal identification numbers assigned by the Department.

The Department of Education (ED) PIN (Personal Identification Number) Registration System (PIN) (18-11-12)

The categories of records included from this system are name, social security number, date of birth and address of prospective students and parents who apply for an ED PIN number.

Student Authentication Network Audit File (18-11-13)

The categories of records included from this system are related to individuals seeking to have their identity verified for the purpose of electronically completing and signing promissory notes and other documents in connection with applying for or obtaining aid. Records include the individual's social security number; date of birth; first and last name; user code (i.e., the Department, lenders, schools, guarantee agencies and holders of Federal student loans) identifying the entity seeking to verify the individual's identity; data provided by the user that may subsequently be used for auditing or other internal purposes of the user); an action code documenting the “affirmed” or “denied” verification response the system receives from the Department's PIN database; a unique identifier comprising a system-generated sequence number; and, the date and time the individual's identity is authenticated against the Department's PIN database.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

The Inspector General Act of 1978, as amended, (5 U.S.C. Appendix.

PURPOSE(S):

This system of records is maintained for the general purpose of enabling OIG to fulfill the requirements of section (4)(a)(1) and (3) of the Inspector General Act of 1978, as amended, which requires OIG to provide policy direction for and to conduct, supervise, and coordinate audits and investigations relating to the programs and operations of the Department and to conduct, supervise and coordinate activities for the purpose of promoting economy and efficiency in the administration of, or preventing and detecting fraud and abuse in, the programs and operations of the Department. This system is maintained for the purpose of improving the efficiency, quality, and accuracy of existing data collected by the Department. Records in this system will be used to conduct data modeling for indications of fraud, abuse and internal control weaknesses concerning Department programs and operations. The result of that data modeling may be used in the conduct of audits, investigations, inspections or other activities as necessary to prevent and detect waste, fraud and abuse in Department programs and operations.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES FOR SUCH USES:

The Department may disclose information contained in a record in this system of records without the consent of the individual if the disclosure is compatible with the purpose for which the record was collected, under the following routine uses. OIG may make these disclosures Start Printed Page 61410on a case-by-case basis or, if OIG has met the requirements of the Computer Matching and Privacy Protection Act of 1988, as amended, under a computer matching agreement.

(1) Disclosure for Use by Other Law Enforcement Agencies. The Department may disclose information from this system of records as a routine use to any Federal, State, local, or foreign agency or other public authority responsible for enforcing, investigating, or prosecuting violations of administrative, civil, or criminal law or regulations if that information is relevant to any enforcement, regulatory, investigative, or prosecutorial responsibility of the receiving entity.

(2) Disclosure to Public and Private Entities to Obtain Information Relevant to Department of Education Functions and Duties. The Department may disclose information from this system of records as a routine use to public or private sources to the extent necessary to obtain information from those sources relevant to an OIG investigation, audit, inspection, or other inquiry.

(3) Disclosure for Use in Employment, Employee Benefit, Security Clearance, and Contracting Decisions.

(a) For Decisions by the Department. The Department may disclose information from this system of records as a routine use to a Federal, State, local, or foreign agency maintaining civil, criminal, or other relevant enforcement or other pertinent records, or to another public authority or professional organization, if necessary to obtain information relevant to a Department decision concerning the hiring or retention of an employee or other personnel action, the issuance or retention of a security clearance, the letting of a contract, or the issuance or retention of a license, grant, or other benefit.

(b) For Decisions by Other Public Agencies and Professional Organizations. The Department may disclose information from this system of records as a routine use to a Federal, State, local, or foreign agency, other public authority, or professional organization in connection with the hiring or retention of an employee or other personnel action, the issuance or retention of a security clearance, the letting of a contract, or the issuance or retention of a license, grant, or other benefit.

(4) Disclosure to Public and Private Sources in Connection with the Higher Education Act of 1965, as Amended (HEA). The Department may disclose information from this system of records as a routine use to facilitate compliance with program requirements to any accrediting agency that is or was recognized by the Secretary of Education pursuant to the HEA; to any educational institution or school that is or was a party to an agreement with the Secretary of Education pursuant to the HEA; to any guaranty agency that is or was a party to an agreement with the Secretary of Education pursuant to the HEA; or to any agency that is or was charged with licensing or legally authorizing the operation of any educational institution or school that was eligible, is currently eligible, or may become eligible to participate in any program of Federal student assistance authorized by the HEA.

(5) Litigation and Alternative Dispute Resolution (ADR) Disclosures.

(a) Disclosure to the Department of Justice. If the disclosure of certain records to the Department of Justice (DOJ) is relevant and necessary to litigation or ADR and is compatible with the purpose for which the records were collected, the Department may disclose those records as a routine use to the DOJ. The Department may make such a disclosure in the event that one of the following parties is involved in the litigation or ADR or has an interest in the litigation or ADR:

(i) The Department or any component of the Department;

(ii) Any employee of the Department in his or her official capacity;

(iii) Any Department employee in his or her individual capacity if the DOJ has been asked or has agreed to provide or arrange for representation for the employee;

(iv) Any employee of the Department in his or her individual capacity if the Department has agreed to represent the employee or in connection with a request for that representation; or

(v) The United States, if the Department determines that the litigation or ADR proceeding is likely to affect the Department or any of its components.

(b) Other Litigation or ADR Disclosure. If disclosure of certain records to a court, adjudicative body before which the Department is authorized to appear, individual or entity designated by the Department or otherwise empowered to resolve disputes, counsel, or other representative, party, or potential witness is relevant and necessary to litigation or ADR and is compatible with the purpose for which the records were collected, the Department may disclose those records as a routine use to the court, adjudicative body, individual or entity, counsel or other representative, party, or potential witness. The Department may make such a disclosure in the event that one of the following parties is involved in the litigation or ADR or has an interest in the litigation or ADR:

(i) The Department or any component of the Department;

(ii) Any employee of the Department in his or her official capacity;

(iii) Any Department employee in his or her individual capacity if the DOJ has been asked or has agreed to provide or arrange for representation for the employee;

(iv) Any employee of the Department in his or her individual capacity if the Department has agreed to represent the employee; or

(v) The United States, if the Department determines that the litigation or ADR is likely to affect the Department or any of its components.

(6) Disclosure to Contractors and Consultants. The Department may disclose information from this system of records as a routine use to the employees of any entity or individual with whom or with which the Department contracts for the purpose of performing any functions or analyses that facilitate or are relevant to an OIG investigation, audit, inspection, or other inquiry. Before entering into such a contract, the Department must require the contractor to maintain Privacy Act safeguards, as required under 5 U.S.C. 552a(m) with respect to the records in the system.

(7) Debarment and Suspension Disclosure. The Department may disclose information from this system of records as a routine use to another Federal agency considering suspension or debarment action if the information is relevant to the suspension or debarment action. The Department also may disclose information to any Federal, State, or local agency to gain information in support of the Department's own debarment and suspension actions.

(8) Disclosure to the Department of Justice. The Department may disclose information from this system of records as a routine use to the DOJ to the extent necessary for obtaining the DOJ's advice on any matter relevant to Department of Education programs or operations.

(9) Congressional Member Disclosure. The Department may disclose information from this system of records to a Member of Congress or to a congressional staff member in response to an inquiry from the congressional office made at the written request of the constituent about whom the record is maintained. The member's right to the information is no greater than the right of the individual who requested the inquiry.Start Printed Page 61411

(10) Benefit Program Disclosure. The Department may disclose records as a routine use to any Federal, State, local, or foreign agency, or other public authority, if relevant to the prevention or detection of fraud and abuse in benefit programs administered by any agency or public authority.

(11) Collection of Debts and Overpayment Disclosure. The Department may disclose records as a routine use to any Federal, State, local, or foreign agency, or other public authority, if relevant to the collection of debts or to overpayments owed to any agency or public authority.

(12) Disclosure to the President's Council on Integrity and Efficiency (PCIE). The Department may disclose records as a routine use to members and employees of the PCIE for the preparation of reports to the President and Congress on the activities of the Inspectors General.

(13) Disclosure for Qualitative Assessment Reviews. The Department may disclose records as a routine use to members of the PCIE, the DOJ, the U.S. Marshals Service, or any Federal agency for the purpose of conducting qualitative assessment reviews of the investigative or audit operations of the Department's OIG to ensure that adequate internal safeguards and management procedures are maintained.

(14) Disclosure in the Course of Responding to Breach of Data. The Department may disclose records to appropriate agencies, entities, and persons when (a) it is suspected or confirmed that the security or confidentiality of information in this system has been compromised; (b) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or by another agency or entity) that rely upon the compromised information; and, (c) the disclosure is made to such agencies, entities, and persons who are reasonably necessary to assist the Department in responding to the suspected or confirmed compromise and in helping the Department prevent, minimize, or remedy such harm.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:

Not applicable to this system of records.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISCLOSING OF RECORDS IN THE SYSTEM:

STORAGE:

The records are maintained on encrypted magnetic disks and encrypted tape cartridges in a locked computer facility within the U.S. Department of Education's OIG.

RETRIEVABILITY:

Records in this system of records are retrieved by name or other identifying information of an individual or institution.

SAFEGUARDS:

Access to data in ODAS is restricted to authorized OIG staff members and is recorded in an access log. All physical access to the Department's site where this system of records is maintained is controlled and monitored by security personnel who check each individual entering the buildings for his or her employee or visitor badge. All data contained in the system of records are kept on a secured and restricted private network and stored in a combination-locked computer laboratory. ODAS is housed within a secure and controlled computer lab. Access to the lab is by authorized OIG personnel only. The general public does not have access to ODAS.

All information stored in this system is secured by using database encryption technology and is resistant to tampering and circumvention by unauthorized users. Access to data by all users will be monitored using both automated and manual controls. The information is accessed by OIG staff on a “need-to-know” and intended systems usage basis.

OIG maintains ODAS in a secure and controlled facility. Access to the computer lab is by authorized OIG personnel only. The general public does not have access to ODAS. The information maintained in ODAS is secured in accordance with OMB M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002, September 26, 2003, the E-Government Act, Section 208, Attachment A, and NIST 800-53, Revision 1, Recommended Security Controls for Federal Information Systems, December 2006.

Contractors will not maintain this system, but under certain limited circumstances they may have access to the system. In accordance with the Department's Administrative Communications System Directive OM: 5-101 entitled “Contractor Employee Personnel Security Screenings,” all Department personnel who have facility access and system access must undergo a security clearance investigation. Individuals requiring access to Privacy Act data are required to hold, at a minimum, a moderate-risk security clearance level. These individuals are required to undergo periodic screening at five-year intervals.

In addition to conducting security clearances, individuals with access to this system are required to complete security awareness training on an annual basis. Annual security awareness training is required to ensure that users are appropriately trained in safeguarding Privacy Act data in accordance with OMB Circular No. A-130, Appendix III.

The computer system employed by the Department offers a high degree of resistance to tampering and circumvention. All users of this system of records are given a unique user identification, and users are required to change their password at least every 90 days in accordance with the Department's information technology standards.

RETENTION AND DISPOSAL:

Records are maintained and disposed of in accordance with the Department's Records Disposition Schedules applicable to the aforementioned records. A new records retention and disposition schedule is under development for this system of records. Until NARA approves a retention and disposition schedule for these records, The Department will not destroy any records.

SYSTEM MANAGER AND ADDRESS:

Roland Wong, Director, Computer Assisted Assessment Techniques, Information Technology Audits and Computer Crimes Investigations, Department of Education, Office of Inspector General, 400 Maryland Avenue, SW., PCP, Washington, DC 20202-1510.

NOTIFICATION PROCEDURE:

This system is exempt from the notification procedures in 5 U.S.C. 552a(e)(4)(G) pursuant to 5 U.S.C. 552a(k)(2) and 34 CFR 5b.11(c)(1).

RECORD ACCESS PROCEDURE:

This system is exempt from the record access procedures in 5 U.S.C. 552a(e)(4)(H) pursuant to 5 U.S.C. 552a(k)(2) and 34 CFR 5b.11(c)(1).

CONTESTING RECORD PROCEDURE:

This system is exempt from the contesting record procedures in 5 U.S.C. 552a(e)(4)(H) pursuant to 5 U.S.C. 552a(k)(2) and 34 CFR 5b.11(c)(1).Start Printed Page 61412

RECORD SOURCE CATEGORIES:

This system contains records taken from the following Department systems: Education's Central Automated Processing System (EDCAPS) (System Number 18-03-02); Federal Student Aid Application File (System Number 18-11-01); Recipient Financial Management System (the Department expects to amend this system soon and re-name it as the Common Origination and Disbursement System (COD)) (System Number 18-11-02); Title IV Program Files (System Number 18-11-05); National Student Loan Data System (NSLDS) (System Number 18-11-06); Student Financial Assistance Collection Files (System Number 18-11-07); Postsecondary Education Participants System (PEPS) (System Number 18-11-09); The Department of Education (ED) PIN (Personal Identification Number) Registration System (System Number 18-11-12); and the Student Authentication Network Audit File (System Number 18-11-13).

EXEMPTIONS CLAIMED FOR THE SYSTEM:

Pursuant to 5 U.S.C. 552a(k)(2), the Secretary, through rulemaking, may exempt from a limited number of Privacy Act requirements a system of records that contains investigatory materials compiled for law enforcement purposes. The materials in this system fall within the scope of section 552a(k)(2) because they are investigatory materials compiled for purposes of enforcing Federal legal requirements. Therefore, the Secretary has issued final regulations published elsewhere in this issue of the Federal Register exempting the ODAS from the following Privacy Act requirements:

5 U.S.C. 552a(c)(3)—access to accounting of disclosure.

5 U.S.C. 552a(c)(4)—notification to outside parties and agencies of correction or notation of dispute made in accordance with 5 U.S.C. 552a(d).

5 U.S.C. 552a(d)(1) through (4) and (f)—procedures for notification or access to, and correction or amendment of, records.

5 U.S.C. 552a(e)(1)—maintenance of only relevant and necessary information.

5 U.S.C. 552a(e)(4)(G) and (H)—inclusion of information in the system of records notice regarding Department procedures on notification of, access to, correction of, or amendment of records.

End Supplemental Information

[FR Doc. E8-24610 Filed 10-15-08; 8:45 am]

BILLING CODE 4000-01-P