Skip to Content


Privacy Act of 1974, System of Records

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.


Notice of new system of records.


The United States Agency for International Development (USAID) is issuing public notice of its intent to establish a new system of records maintained in accordance with the Privacy Act of 1974 (5 U.S.C. 552a), as amended, entitled “USAID-33 Phoenix Financial Management System”. This action is necessary to meet the requirements of the Privacy Act to publish in the Federal Register notice of the existence and character of record systems maintained by the agency (5 U.S.C. 522a(e)(4)).


Public comments must be received on or before September 3, 2012. Unless comments are received that would require a revision; this update to the system of records will become effective on September 10, 2012.


You may submit comments:

Paper Comments

  • Fax: (703) 666-5670.
  • Mail: Chief Privacy Officer, United States Agency for International Development, 2733 Crystal Drive, 11th Floor, Arlington, VA 22202.

Electronic Comments


For general questions, please contact, USAID Privacy Office, United States Agency for International Development, 2733 Crystal Drive, 10th Floor, Arlington, VA 22202. E-mail:


The Phoenix Financial Management System is being established as an Agency-wide system of record as it is required to collect, maintain or store personal data requiring protection under the Privacy Act. It is USAID's core financial management system and accounting system of record. Phoenix enables USAID to effectively and efficiently analyze, allocate and report on US foreign assistance funds. Phoenix includes modules such as General Ledger, Accounts Payable, Accounts Receivables, and Budget Execution, which are required to perform necessary accounting operations. Phoenix falls under strict regulatory audit requirements from the Office of Management and Budget, as well as the General Accountability Office.

Dated: July 13, 2012.

William Morgan,

Chief Information Security Officer—Chief Privacy Officer.


System name:

Phoenix Financial Management System.

Security classification:

Sensitive But Unclassified.

System location(s):

Global Financial Service Center (GFSC—DoS), 1969 Dyess Ave, Building A, Computer Room 2A228, Charleston, SC 29405.

Categories of individuals covered by the system:

This system contains records of current employees, contractors, personal service contractors (PSCs), consultants, partners, and those receiving foreign assistance funds.

Categories of records covered by the system:

This system contains USAID organizational information. Phoenix imports the following data elements from NFC Payroll files for Personnel Services Contractors (PSC) and direct hires: name, social security number, details of payroll transactions and work phone numbers. Phoenix imports the following data elements from the E2 Travel system for each traveler: name, date of travel (month/year) and destination.

Authority for maintenance of the system:

Privacy Act of 1974 (Pub. L. 93-579), sec. 552a (c), (e), (f), and (p).


Records in this system will be used:

(1) The payroll information is used to associate PSC payroll-related payments with their contracts and track direct hire payroll payments in the system in order to produce 1099 files. If this information is not imported form NFC to Phoenix, then USAID cannot comply with IRS regulations to maintain and produce 1099s.

(2) The travel information is used to associate E2 travel records with Phoenix accounting information regarding travel authorization and funding.

Disclosure to consumer reporting agencies:

These records are not disclosed to consumer reporting agencies.

Routine Use of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses:

USAID may disclose relevant system records in accordance with any current and future blanket routine uses established for its record systems. These may be for internal communications or with external partners.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:


Electronic records are maintained in user-authenticated, password-protected systems.


All records are accessed only by authorized personnel who have a need to access the records in the performance of their official duties. Information is retrieved by name or by a system specific ID (Vendor ID, Traveller ID, etc.). SSN is not employed as a key, but only present for tax reporting purposes.


Administrative, managerial and technical controls are in place. Phoenix has a current C&A in place. Phoenix is secured through access control provided to only those individuals with a need to know within the Agency. Further, access to the PII is limited to the staff within the CMP and CAR divisions. Phoenix is maintained by the US government, not contractors.

Retention and disposal:

Records are retained using the appropriate, approved National Archives Records Administration -Schedules for the type of record being maintained.

System manager(s) and address:

David Ostermeyer, United States Agency for International Development, U.S. Department of State Annex 44, 455, 301 4th Street SW., Washington, DC 20547.

Notification procedures:

Individuals requesting notification of the existence of records on them must send the request in writing to the Chief Privacy Officer, USAID, 2733 Crystal Drive, 11th Floor, Arlington, Va. 22202. The request must include the requestor's full name, his/her current address and a return address for transmitting the information. The request shall be signed by either notarized signature or by signature under penalty of perjury and reasonably specify the record contents being sought.

Record access procedures:

Individuals wishing to request access to a record must submit the request in writing according to the “Notification Procedures” above. An individual wishing to request access to records in person must provide identity documents, such as government-issued photo identification, sufficient to satisfy the custodian of the records that the requester is entitled to access.

Contesting record procedures:

An individual requesting amendment of a record maintained on himself or herself must identify the information to be changed and the corrective action sought. Requests must follow the “Notification Procedures” above.

Record source categories:

The records contained in this system will be provided by and updated by the individual who is the subject of the record.

Exemptions claimed for the system:


Dated: July 13, 2012.

Meredith Snee,

Privacy Analyst.

[FR Doc. 2012-17975 Filed 7-26-12; 8:45 am]