Skip to Content

Notice

Privacy Act of 1974; System of Records

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble Start Printed Page 26766

AGENCY:

Department of Veterans Affairs (VA).

ACTION:

Notice of amendment to system of records.

SUMMARY:

As required by the Privacy Act of 1974, 5 U.S.C. 552a(e), notice is hereby given that the Department of Veterans Affairs (VA) is amending the system of records currently entitled “Patient Representation Program Records—VA” (100VA10NS10) as set forth in the Federal Register 67 FR 211 dated October 31, 2002. VA is amending the system by changing the system name to Patient Advocate Tracking System (PATS); Supplementary Information, Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses, the System Location; Categories of Records in the System; Safeguards; System Manager and Address. VA is republishing the system notice in its entirety.

DATES:

Comments on the amendment of this system of records must be received no later than July 6, 2009. If no public comment is received, the amended system will become effective July 6, 2009.

ADDRESSES:

Written comments may be submitted through http://www.Regulations.gov; by mail or hand-delivery to Director, Regulations Management (02REG), Department of Veterans Affairs, 810 Vermont Avenue, NW., Room 1068, Washington, DC 20420; or by fax to (202) 273-9026. Comments received will be available for public inspection in the Office of Regulation Policy and Management, Room 1063B, between the hours of8 a.m. and 4:30 p.m., Monday through Friday (except holidays). Please call (202) 461-4902 (this is not a toll-free number) for an appointment. In addition, during the comment period, comments may be viewed online through the Federal Docket Management System (FDMS) at http://www.Regulations.gov.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Veterans Health Administration (VHA) Privacy Officer, Department of Veterans Affairs, 810 Vermont Avenue, NW., Washington, DC 20420; telephone (704) 245-2492.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

I. Description of Proposed System of Records

Amendments to this System of Records are the result of the improvement of the tracking system from the Veterans Health Information Systems and Technology Architecture (VistA) to the utilization of a centralized Web based system, Patient Advocate Tracking System (PATS).

The primary function of the Patient Advocate Program is to serve as a direct channel of communication and mediation between VA healthcare facility management and individual patients, veterans who have applied for care, their friends, their families, VA healthcare providers and members of the community. A VA healthcare provider is anyone hired by VA and working at a VA facility be it a VA medical center (VAMC), Outpatient Clinic or Community-Based Outpatient Clinic. An employee may be full-time, part-time, or intermittent and includes temporary workers. Members of the community include congressional liaisons, veteran's service organizations and attorneys. The program functions as the liaison between the patient and the healthcare system, ensures that patients receive entitled healthcare benefits and services in a dignified and compassionate manner, and ensures that healthcare facility policies and practices are in conformance with the VA Patients' Rights and Responsibilities. The program is the primary source for response when veteran patients' expectations are not met within the VA healthcare system. The Patient Advocates' activities cross all organizational lines of authority at the healthcare facilities for the purpose of expressing patient concerns and resolution of patient complaints. Information collected from the program is integrated into the overall quality improvement plans and activities of the healthcare facility. The purpose of the system of records is to establish a repository for the information that is collected to accomplish the purposes described. Records are maintained at the local VA level on behalf of the veteran making the complaint or compliment so improvements may be made at the VA healthcare facility.

II. Proposed Routine Use Disclosures of Data in the System

A new Routine Use 15 is added. VA may disclose information from this system to the Equal Employment Opportunity Commission (EEOC) when requested in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or other functions of the Commission as authorized by law or regulation. This routine use enables VA to provide information to EEOC to assist it in fulfilling its duties to protect employees' rights, as required by statute and regulation.

A new Routine Use 16 is added. VA may disclose information from this system to the Merit Systems Protection Board (MSPB), or the Office of the Special Counsel, when requested in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions promulgated in 5 U.S.C. 1205 and 1206, or as authorized by law. This routine use enables VA to provide information to MSPB to assist it in fulfilling its duties as required by statute and regulation.

A new Routine Use 17 is added. Disclosure to other Federal agencies may be made to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs.

This routine use permits disclosures by the Department to report a suspected incident of identity theft and provide information and/or documentation related to or in support of the reported incident.

A new Routine Use 18 is added. VA may, on its own initiative, disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that the integrity or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise, there is a risk of embarrassment or harm to the reputations of the record subjects, harm to economic or property interests, identity theft or fraud, or harm to the security, confidentiality, or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the potentially compromised information; and (3) the disclosure is to agencies, entities, or persons whom VA determines are reasonably necessary to assist or carry out the Department's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. This routine use permits disclosures by the Department to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 Start Printed Page 26767U.S.C. 5724, as the terms are defined in 38 U.S.C. 5727.

III. Compatibility of the Proposed Routine Uses

The Privacy Act permits VA to disclose information about individuals without their consent for a routine use when the information will be used for a purpose that is compatible with the purpose for which VA collected the information. In all of the routine use disclosures described above, the recipient of the information will use the information in connection with a matter relating to one of VA's programs, will use the information to provide a benefit to VA, or disclosure is required by law.

The notice of intent to publish and an advance copy of the system notice have been sent to the appropriate Congressional committees and to the Director of the Office of Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy Act) and guidelines issued by OMB (65 FR 77677), December 12, 2000.

Start Signature

Approved: May 18, 2009.

John R. Gingrich,

Chief of Staff, Department of Veterans Affairs.

End Signature

100VA10NS10

SYSTEM NAME:

Patient Advocate Tracking System (PATS)-VA.

SYSTEM LOCATION:

PATS application is installed on a centrally located system at Falling Waters. The backup system in case of disaster recovery scenario is located at Hines. The data entered into the application also resides on this central system. A limited set of information is transferred from this central system in Falling Waters to Austin Automation Center. This limited set of information transferred to Austin Automation Center is utilized to run specific reports for central business office.

Patient contacts are coded in order to facilitate tracking of these contacts to show where system improvements might be made. Aggregate data are maintained at the Network and Headquarters levels for the development of reports to make system wide changes. Records are collected and stored electronically for ease of retrieval by individual patient names and ease in compiling aggregate data.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

The records include information concerning individual patients, veterans who have applied for care, their friends, their families, VA healthcare providers and members of the community. Members of the community include congressional liaisons, veterans service organizations and attorneys.

CATEGORIES OF RECORDS IN THE SYSTEM:

The records may include information maintained in paper records, and entered into a centralized Web based system, Patient Advocate Tracking System (PATS) related to concerns and complaints regarding an individual's medical care, VA benefits, and/or encounters with healthcare facility personnel. The records include information that is compiled to review, investigate, and resolve these issues.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Title 38, United States Code, chapter 73, section 7301 (b).

PURPOSE(S):

The records may be used for such purposes as producing various management and patient follow-up reports; responding to patient and other inquiries; conducting healthcare-related studies, statistical analysis, and resource allocation planning; providing clinical and administrative support to patient medical care; audits, reviews and investigations conducted by the staff of the healthcare facility, VISN, VHA Headquarters, and VA's Office of Inspector General (OIG); law enforcement investigations; quality improvement reviews and investigations; personnel management and evaluation; employee ratings and performance evaluations; employee disciplinary or other adverse action, including discharge; advising healthcare professional licensing or monitoring bodies or similar entities or activities of VA and former VA healthcare personnel; accreditation of a facility by an entity such as the Joint Commission; and, notifying medical schools of medical students' performance. The information is integrated into the overall quality improvement plans and activities of the facility and used to improve services and communications, as well as, to track categories of complaints and the locations of complaints in order to improve the delivery of healthcare.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

To the extent that records contained in the system include information protected by 45 CFR Parts 160 and 164, i.e., individually identifiable health information, and 38 U.S.C. 7332, i.e., medical treatment information related to drug abuse, alcoholism or alcohol abuse, sickle cell anemia or infection with the human immunodeficiency virus, that information cannot be disclosed under a routine use unless there is also specific statutory authority in 38 U.S.C. 7332 and regulatory authority in 45 CFR Parts 160 and 164 permitting disclosure.

1. The record of an individual who is covered by a system of records may be disclosed to a Member of Congress, or a staff person acting for the Member, when the Member or staff person requests the record on behalf of and at the written request of the individual.

2. Disclosure may be made to the National Archives and Record Administration and the General Services Administration for records management inspections conducted under authority of Title 44, Chapter 29, of the United States Code (U.S.C.).

3. VA may disclose information from this system of records to the Department of Justice (DoJ), either on VA's initiative or in response to DoJ's request for the Information, after either VA or DoJ determines that such information is relevant to DoJ's representation of the United States or any of its components in legal proceedings before a court or adjudicative body, provided that, in each case, the agency also determines prior to disclosure that release of the records to the DoJ is a use of the information contained in the records that is compatible with the purpose for which VA collected the records. VA, on its own initiative, may disclose records in this system of records in legal proceedings before a court or administrative body after determining that the disclosure of the records to the court or administrative body is a use of the information contained in the records that is compatible with the purpose for which VA collected the records.

4. Disclosure may be made to any facility regarding the hiring, performance, or other personnel-related information with which there is, or there is proposed to be, an affiliation, sharing agreement, contract, or similar arrangement for purposes of establishing, maintaining, or expanding any such relationship.

5. Disclosure may be made to a Federal agency or to a State or local government licensing board and/or to the Federation of State Medical Boards or a similar non-government entity which maintains records concerning individual employment histories or concerning the issuance, retention or revocation of licenses, certifications, or registration necessary to practice an occupation, profession or specialty, in order for the Department to obtain information relevant to a Department decision concerning the hiring, retention or termination of an employee Start Printed Page 26768or to inform Federal agencies, licensing boards or the appropriate non-government entities about the healthcare practices of employees who resigned, were terminated, or retired and whose professional healthcare activity so significantly failed to conform to generally accepted standards of professional medical practice as to raise reasonable concern for the health and safety of patients receiving medical care in the private sector or from another Federal agency. These records may also be disclosed as part of an ongoing computer-matching program to accomplish these purposes.

6. For program review purposes and the seeking of accreditation and/or certification, disclosure may be made to survey teams of the Joint Commission, College of American Pathologists, American Association of Blood Banks, and similar national accreditation agencies or boards with whom VA has a contract or agreement to conduct such reviews, but only to the extent that the information is necessary and relevant to the review.

7. Disclosure may be made to a State or local government entity or national certifying body which has the authority to make decisions concerning the issuance, retention or revocation of licenses, certifications or registrations required to practice a healthcare profession, when requested in writing by an investigator or supervisory official of the licensing entity or national certifying body for the purpose of making a decision concerning the issuance, retention or revocation of the license, certification or registration of a named healthcare professional.

8. Disclosure of information to the Federal Labor Relations Authority (including its General Counsel) when requested in connection with the investigation and resolution of allegations of unfair labor practices, in connection with the resolution of exceptions to arbitration awards when a question of material fact is raised, in connection with matters before the Federal Service Impasses Panel, and to investigate representation petitions and conduct or supervise representation elections.

9. Disclosure of relevant information may be made to individuals, organizations, private or public agencies, or other entities with whom VA has a contract or agreement or where there is a subcontract to perform such services as VA may deem practicable for the purposes of laws administered by VA, in order for the contractor or subcontractor to perform the services of the contract or agreement.

10. Disclosure may be made to a Federal agency, in response to its request, in connection with the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.

11. Disclosure may be made to a Federal, State or local agency maintaining civil, criminal or other relevant information such as current licenses, if necessary to obtain information relevant to any agency decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other health, educational or welfare benefit.

12. Disclosure of information may be made to the next-of-kin and/or the person(s) with whom the patient has a meaningful relationship to the extent necessary and on a need-to-know basis consistent with good medical-ethical practices.

13. A record containing the name(s) and address(es) of present or former members of the armed services and/or their dependents may be disclosed under certain circumstances to any criminal or civil law enforcement governmental agency or instrumentality charged under applicable law with the protection of the public's health or safety, if a qualified representative of such organization, agency or instrumentality has made a standing written request that such name(s) or address(es) be provided for a purpose authorized by law; provided that the record(s) will not be used for any purpose other than that stated in the request and that organization, agency or instrumentality is aware of the penalty provision of 38 U.S.C. 5701(f).

14. VA may disclose on its own initiative any information in this system, except the names and home addresses of veterans and their dependents, which is relevant to a suspected or reasonably imminent violation of law, whether civil, criminal or regulatory in nature and whether arising by general or program statute or by regulation, rule or order issued pursuant thereto, to a Federal, State, local, Tribal, or foreign agency charged with the responsibility of investigating or prosecuting such violation, or charged with enforcing or implementing the statute, regulation, rule or order. On its own initiative, VA may also disclose the names and addresses of veterans and their dependents to a Federal agency charged with the responsibility of investigating or prosecuting civil, criminal or regulatory violations of law, or charged with enforcing or implementing the statute, regulation, rule or order issued pursuant thereto.

15. VA may disclose information from this system to the Equal Employment Opportunity Commission (EEOC) when requested in connection with investigations of alleged or possible discriminatory practices, examination of Federal affirmative employment programs, or other functions of the Commission as authorized by law or regulation.

16. VA may disclose information from this system to the Merit Systems Protection Board (MSPB), or the Office of the Special Counsel, when requested in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions promulgated in 5 U.S.C. 1205 and 1206, or as authorized by law.

17. Disclosure to other Federal agencies may be made to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs.

18. VA may, on its own initiative, disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that the integrity or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise, there is a risk of embarrassment or harm to the reputations of the record subjects, harm to economic or property interests, identity theft or fraud, or harm to the security, confidentiality, or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the potentially compromised information; and (3) the disclosure is to agencies, entities, or persons whom VA determines are reasonably necessary to assist or carry out the Department's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. This routine use permits disclosures by the Department to respond to a suspected or confirmed data breach, including the conduct of any risk analysis or provision of credit protection services as provided in 38 U.S.C. 5724, as the terms are defined in 38 U.S.C. 5727. Start Printed Page 26769

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are maintained on paper, microfilm, magnetic tape, disk, or laser optical media. In most cases, copies of back-up computer files are maintained at off-site locations.

RETRIEVABILITY:

Records are retrieved by name, social security number or other assigned identifiers of the individuals on whom they are maintained.

SAFEGUARDS:

1. Access to VA working and storage areas is restricted to VA employees on a “need-to-know” basis; strict control measures are enforced to ensure that disclosure to these individuals is also based on this same principle. Generally, VA file areas are locked after normal duty hours and the facilities are protected from outside access by the Federal Protective Service or other security personnel.

2. Patient Advocate Tracking System (PATS) is a Web based application installed on central computer systems in a data center at Falling Waters, WV. The systems are maintained by authorized personnel. The end users access the application using the Web browser installed on their desktops. Additionally, access to computer rooms at health care facilities is generally limited by appropriate locking devices and restricted to authorized VA employees and vendor personnel. ADP peripheral devices are placed in secure areas (areas that are locked or have limited access) or are otherwise protected. Information in VistA may be accessed by authorized VA employees. Access to PATS application and data in the application is controlled at two levels; the systems recognize authorized employees by series of individually unique passwords/codes as a part of each data message, and the employees are limited to only that information in the application which is needed in the performance of their official duties. Information that is downloaded from PATS and maintained on personal computers is afforded similar storage and access protections as the data that is maintained in the original files. Access to information stored on automated storage media at other VA locations is controlled by individually unique passwords/codes.

3. Access to the Austin VA Data Processing Center is generally restricted to Center employees, custodial personnel, Federal Protective Service and other security personnel. Access to computer rooms is restricted to authorized operational personnel through electronic locking devices. All other persons gaining access to computer rooms are escorted. Information stored in the computer may be accessed by authorized VA employees at remote locations including VA health care facilities, Information Systems Centers, VA Central Office, and Veteran Integrated Service Networks. Access is controlled by individually unique passwords/codes which must be changed periodically by the employee.

RETENTION AND DISPOSAL:

Paper records and information stored on electronic storage media are maintained and disposed of in accordance with Records Control Schedule 10-1, Section XLV, as authorized by the National Archives and Records Administration of the United States.

SYSTEM MANAGER(S) AND ADDRESS:

Official responsible for policies and procedures; Director, National Veteran Service and Advocacy Program, Department of Veterans Affairs, 810 Vermont Avenue, NW., Washington, DC 20420. Officials maintaining the system are the Director at the facility where the individual were associated.

NOTIFICATION PROCEDURE:

Individuals who wish to determine whether this system of records contains information about them should contact the VA facility location at which they are or were employed or made or have contact. Inquiries should include the person's full name, social security number, dates of employment, date(s) of contact, and return address.

RECORD ACCESS PROCEDURE:

Individuals seeking information regarding access to and contesting of records in this system may write, call or visit the VA facility location where they are or were employed or made contact.

CONTESTING RECORD PROCEDURES:

(See Record Access Procedures above.)

RECORD SOURCE CATEGORIES:

The patient, family members, and friends, employers or other third parties when otherwise unobtainable from the patient or family; Patient Medical Records—VA (24VA136); private medical facilities and healthcare professionals; State and local agencies; other Federal agencies; VISNs, Veterans Benefits Administration automated record systems (including Veterans and Beneficiaries Identification and Records Location Subsystem—VA (38VA23) and the Compensation, Pension, Education and Rehabilitation Records—VA (58VA21/22); and various automated systems providing clinical and managerial support at VA healthcare facilities.

End Supplemental Information

[FR Doc. E9-12954 Filed 6-2-09; 8:45 am]

BILLING CODE 8320-01-P