Department of Veterans Affairs (VA).
Notice of a Modified System of Records.
As required by the Privacy Act of 1974, notice is hereby given that the Department of Veterans Affairs (VA) is amending the system of records currently entitled, “Patient Advocate Tracking System (PATS)-VA” (100VA10NS10) as set forth in the Federal Register. VA is amending the system of records by revising the System Name, System Number; System Location; System Manager; Record Source Categories; Routine Uses of Records Maintained in the System, Including Categories of Users and the Purposes of Such Uses; Policies and Practices for Retention and Disposal of Records; and Physical, Administrative and Procedural Safeguards. VA is republishing the system notice in its entirety.
Comments on this amended system of records must be received no later than February 24, 2021. If no public comment is received during the period allowed for comment or unless otherwise published in the Federal Register by the VA, the new system will become effective February 24, 2021.
Written comments may be submitted through www.Regulations.gov; by mail or hand-delivery to Director, Regulation Policy and Management (00REG), Department of Veterans Affairs, 810 Vermont Avenue NW, Room 1064, Washington, DC 20420; or by fax to (202) 273-9026 (Note: not a toll-free number). Comments should indicate they are submitted in response to “Patient Representation Program Records-VA”. Copies of comments received will be available for public inspection in the Office of Regulation Policy and Management, Room 1063B, between the hours of 8:00 a.m. and 4:30 p.m., Monday through Friday (except holidays). Please call (202) 461-4902 for an appointment (Note: not a toll-free number). In addition, comments may be viewed online at www.Regulations.gov.
Start Further Info
FOR FURTHER INFORMATION CONTACT:
Stephania Griffin, Veterans Health Administration (VHA) Privacy Officer, Department of Veterans Affairs, 810 Vermont Avenue NW, Washington, DC 20420; telephone (704) 245-2492.
End Further Info
Start Supplemental Information
Start Printed Page 6989
The System Name is being changed from “Patient Advocate Tracking System (PATS)-VA” to “Patient Advocate Tracking System Replacement (PATS-R)-VA”.
The System Number will be changed from 100VA10NS10 to 100VA10H to reflect the current organizational alignment.
The System Location is being amended to replace the PATS application from being located at Falling Waters to Martinsburg, West Virginia. Being removed from this section is, “A limited set of information is transferred from this central system in Falling Waters to Austin Automation Center. This limited set of information transferred to Austin Automation Center is utilized to run specific reports for central business office.” Being added to the section is that PATS Report of Contact (ROC) encounter data, entered by Patient Advocate users of the application, resides in the centralized PATS database at Austin Information Technology Center (AITC). This ROC data is transferred nightly from the PATS database at AITC to the PATS Reports database at Hines Information Technology Center (HITC) to be utilized to run ROC issue activity and trending reports by Patient Advocates for submission to their VA Medical Center (VAMC)/Integrated Health Care System Director, Service Chiefs and Customer Care leaders to assess service activity and provide feedback to identify trends for process improvement and achieve best practices.
The System Manager is being amended to replace Director, National Veteran Service and Advocacy Program with Executive Director, VHA Office of Patient Advocacy.
The Records Source Categories is being amended to replace 24VA136 with 24VA10A7 and to will now include Veterans Health Information Systems and Technology Architecture (VistA) Records-VA (79VA10P2) and integrated systems.
The Routine Uses of Records Maintained in the System has been amended to change Joint Commission for Accreditation of Healthcare Organizations (JCAHO) to The Joint Commission (TJC) in Routine use #6.
Routine Use #18 has been amended by clarifying the language to state, “VA may disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk to individuals, VA (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, or persons is reasonably necessary to assist in connection with VA efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.”
Routine Use #19 is being added to state, “VA may disclose information from this system to another Federal agency or Federal entity, when VA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach. VA needs this routine use for the data breach response and remedial efforts with another Federal agency.”
New Routine Use #20 is being added to state, “VA may disclose relevant information in response to an inquiry from a member of the general public or third party about the named individual.” VA needs this routine use to permit disclosure to a Veteran when a complaint was submitted on his/her behalf or if a Congressional member submits the complaint but is not retrieved by his/her name or other unique identifier.
The Policies and Practices for Retention and Disposal of Records is being amended to replace Section XLV as authorized by the National Archives and Records Administration of the United States with Subject Identification Code (SIC) 1300.1, records are to be maintained for (7) years as authorized by the National Archives and Records Administration of the United States (N1-15-05-2, Item 1).
The Physical, Administrative and Procedural Safeguards is being amended to replace the PATS data center as being located in Falling Waters, WV, to being located in Martinsburg, West Virginia. Also, the Austin VA Data Processing Center is being replaced with the Austin Information Technology Center (AITC).
The Report of Intent to Amend a System of Records Notice and an advance copy of the system notice have been sent to the appropriate Congressional committees and to the Director of the Office of Management and Budget (OMB) as required by 5 U.S.C. 552a(r) (Privacy Act) and guidelines issued by OMB (65 FR 77677), December 12, 2000.
The Senior Agency Official for Privacy, or designee, approved this document and authorized the undersigned to sign and submit the document to the Office of the Federal Register for publication electronically as an official document of the Department of Veterans Affairs. James P. Gfrerer, Assistant Secretary of Information and Technology and Chief Information Officer, approved this document on June 3, 2020 for publication.
Dated: January 19, 2021.
Amy L. Rose,
Program Analyst, VA Privacy Service, Office of Information Security, Office of Information and Technology, Department of Veterans Affairs.
SYSTEM NAME AND NUMBER:
“Patient Advocate Tracking System Replacement (PATS-R)-VA” (100VA10H)
The PATS application is installed on a centrally located system in Martinsburg, West Virginia. The backup system in case of disaster recovery scenario is located at Hines Information Technology Center (HITC). The data entered into the application also resides on this central system. PATS Report of Contact (ROC) encounter data, entered by Patient Advocate users of the Application, resides in the centralized PATS database at Austin Information Technology Center (AITC).
Patient contacts, as recorded in ROCs, are coded using issue codes in order to facilitate tracking of these encounters to show where system improvements might be made. Aggregate data are maintained at the Network and Headquarters levels for the development of reports to make system wide changes. Records are collected and stored electronically for ease of retrieval by individual patient names and ease in compiling aggregate data. This ROC data is transferred nightly from the PATS database at AITC to the PATS Reports database at HITC to be utilized to run ROC issue activity and trending reports by Patient Advocates for submission to their VAMC/Integrated Health Care System Director, Service Chiefs and Customer Care leaders to assess service activity and provide feedback to identify trends for process improvement and achieve best practices.
Official responsible for policies and procedures; Executive Director, VHA Start Printed Page 6990Office of Patient Advocacy, Department of Veterans Affairs, 810 Vermont Avenue NW, Washington, DC 20420. Telephone number 202-461-7607 (this is not a toll-free number). Officials maintaining the system are the Director at the facility where the individual were associated.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
Title 38, United States Code, Chapter 73, section 7301(b).
PURPOSE(S) OF THE SYSTEM:
The records may be used for such purposes as producing various management and patient follow-up reports; responding to patient and other inquiries; conducting health care-related studies, statistical analysis, and resource allocation planning; providing clinical and administrative support to patient medical care; audits, reviews and investigations conducted by the staff of the health care facility, Veterans Integrated Service Network (VISN), VHA Headquarters, and VA's Office of Inspector General; law enforcement investigations; quality improvement reviews and investigations; personnel management and evaluation; employee ratings and performance evaluations; employee disciplinary or other adverse action, including discharge; advising health care professional licensing or monitoring bodies or similar entities or activities of VA and former VA health care personnel; accreditation of a facility by an entity such as the Joint Commission; and, notifying medical schools of medical students' performance. The information is integrated into the overall quality improvement plans and activities of the facility and used to improve services and communications, as well as, to track categories of complaints and the locations of complaints in order to improve the delivery of health care.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The records include information concerning individual patients, Veterans who have applied for care, their friends, their families, VA health care providers and members of the community. Members of the community include, but are not limited to, Congressional liaisons, Veterans Service Organizations and attorneys.
CATEGORIES OF RECORDS IN THE SYSTEM:
The records may include information maintained in paper records, and entered into a centralized web-based system, PATS, related to concerns and complaints regarding an individual's medical care, VA benefits, and/or encounters with health care facility personnel or other patients. The records include information that is compiled to review, investigate, and resolve these issues.
RECORD SOURCE CATEGORIES:
The patient, family members, and friends, employers or other third parties when otherwise unobtainable from the patient or family; employees, Patient Medical Records-VA (24VA10P2); Veterans Health Information Systems and Technology Architecture (VistA) Records-VA (79VA10P2); private medical facilities and health care professionals; State and local agencies; other Federal agencies; VISNs, Veterans Benefits Administration automated record systems including Veterans and Beneficiaries Identification and Records Location Subsystem-VA (38VA23) and the Compensation, Pension, Education and Rehabilitation Records-VA (58VA21/22); PATS Legacy; and various automated and/or integrated systems providing clinical and managerial support at VA health care facilities.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
To the extent that records contained in the system include information protected by 45 CFR parts 160 and 164, i.e., individually identifiable health information, and 38 U.S.C. 7332, i.e., medical treatment information related to drug abuse, alcoholism or alcohol abuse, sickle cell anemia or infection with the human immunodeficiency virus, that information cannot be disclosed under a routine use unless there is also specific statutory authority in 38 U.S.C. 7332 and regulatory authority in 45 CFR parts 160 and 164 permitting disclosure.
1. The record of an individual who is covered by a system of records may be disclosed to a Member of Congress, or a staff person acting for the Member, when the Member or staff person requests the record on behalf of and at the written request of the individual.
2. Disclosure may be made to the National Archives and Records Administration (NARA) and the General Services Administration (GSA) for the purpose of records management inspections conducted under authority of Title 44, Chapter 29 of the United States Code.
3. VA may disclose information from this system of records to the Department of Justice (DoJ), either on VA's initiative or in response to DoJ's request for the information, after either VA or DoJ determines that such information is relevant to DoJ's representation of the United States or any of its components in legal proceedings before a court or adjudicative body, provided that, in each case, the agency also determines prior to disclosure that release of the records to the DoJ is limited to circumstances where relevant and necessary to the litigation. VA may disclose records in this system of records in legal proceedings before a court or administrative body after determining that release of the records to the DoJ is limited to circumstances where relevant and necessary to the litigation.
4. Disclosure may be made to any facility regarding the hiring, performance, or other personnel-related information with which there is, or there is proposed to be, an affiliation, sharing agreement, contract, or similar arrangement for purposes of establishing, maintaining, or expanding any such relationship.
5. Disclosure may be made to a Federal agency or to a State or local government licensing board and/or to the Federation of State Medical Boards or a similar non-government entity which maintains records concerning individual employment histories or concerning the issuance, retention or revocation of licenses, certifications, or registration necessary to practice an occupation, profession or specialty, in order for the Department to obtain information relevant to a Department decision concerning the hiring, retention or termination of an employee boards or the appropriate nongovernment entities about the health care practices of employees who resigned, were terminated, or retired and whose professional health care activity so significantly failed to conform to generally accepted standards of professional medical practice as to raise reasonable concern for the health and safety of patients receiving medical care in the private sector or from another Federal agency. These records may also be disclosed as part of an ongoing computer-matching program to accomplish these purposes.
6. VA may disclose information for program review purposes and the seeking of accreditation and/or certification to survey teams of The Joint Commission (TJC), College of American Pathologists, American Association of Blood Banks, and similar national accreditation agencies or boards with which VA has a contract or agreement to conduct such reviews, but only to the extent that the information is necessary and relevant to the review.
7. Disclosure may be made to a State or local government entity or national certifying body which has the authority to make decisions concerning the issuance, retention or revocation of Start Printed Page 6991licenses, certifications or registrations required to practice a health care profession, when requested in writing by an investigator or supervisory official of the licensing entity or national certifying body for the purpose of making a decision concerning the issuance, retention or revocation of the license, certification or registration of a named health care professional.
8. Disclosure of information to the Federal Labor Relations Authority, including its General Counsel, when requested in connection with the investigation and resolution of allegations of unfair labor practices, in connection with the resolution of exceptions to arbitrator awards when a question of material fact is raised, in connection with matters before the Federal Service Impasses Panel, and to investigate representation petitions and conduct or supervise representation elections.
9. Disclosure of relevant information may be made to individuals, organizations, private or public agencies, etc., with whom VA has a contract or agreement to perform such services as VA may deem practicable for the purposes of laws administered by VA, in order for the contractor or subcontractor to perform the services of the contract or agreement.
10. Disclosure may be made to a Federal agency, in response to its request, in connection with the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant, or other benefit by the requesting agency, to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
11. Disclosure may be made to a Federal, State or local agency maintaining civil, criminal or other relevant information such as current licenses, if necessary to obtain information relevant to any agency decision concerning the hiring or retention of an employee, the issuance of a security clearance, the letting of a contract, or the issuance of a license, grant or other health, educational or welfare benefit.
12. Disclosure of information may be made to the next-of-kin and/or the person(s) with whom the patient has a meaningful relationship to the extent necessary and on a need-to-know basis consistent with good medical-ethical practices.
13. A record containing the name(s) and address(es) of present or former members of the armed services and/or their dependents may be disclosed under certain circumstances to any criminal or civil law enforcement governmental agency or instrumentality charged under applicable law with the protection of the public's health or safety, if a qualified representative of such organization, agency or instrumentality has made a standing written request that such name(s) or address(es) be provided for a purpose authorized by law; provided that the record(s) will not be used for any purpose other than that stated in the request and that organization, agency or instrumentality is aware of the penalty provision of 38 U.S.C. 5701(f).
14. VA may disclose any information in this system, except the names and home addresses of Veterans and their dependents, which is relevant to a suspected or reasonably imminent violation of law, whether civil, criminal or regulatory in nature and whether arising by general or program statute or by regulation, rule or order issued pursuant thereto, to a Federal, State, local, tribal, or foreign agency charged with the responsibility of investigating or prosecuting such violation, or charged with enforcing or implementing the statute, regulation, rule or order. VA may also disclose the names and addresses of Veterans and their dependents to a Federal agency charged with the responsibility of investigating or prosecuting civil, criminal or regulatory violations of law, or charged with enforcing or implementing the statute, regulation, rule or order issued pursuant thereto.
15. Disclosure may be made to the Equal Employment Opportunity Commission when requested in connection with investigations of alleged or possible discrimination practices, examination of Federal affirmative employment programs, compliance with the Uniform Guidelines of Employee Selection Procedures, or other functions of the Commission as authorized by law or regulation.
16. Disclosure may be made to officials of the Merit Systems Protection Board, including the Office of the Special Counsel, when requested in connection with appeals, special studies of the civil service and other merit systems, review of rules and regulations, investigation of alleged or possible prohibited personnel practices, and such other functions, promulgated in 5 U.S.C. 1205-1206, or as may be authorized by law.
17. Disclosure to other Federal agencies may be made to assist such agencies in preventing and detecting possible fraud or abuse by individuals in their operations and programs.
18. VA may disclose any information or records to appropriate agencies, entities, and persons when (1) VA suspects or has confirmed that there has been a breach of the system of records; (2) VA has determined that as a result of the suspected or confirmed breach there is a risk to individuals, VA (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, or persons is reasonably necessary to assist in connection with VA efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
19. VA may disclose information from this system to another Federal agency or Federal entity, when VA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
20. VA may disclose relevant information in response to an inquiry from a member of the general public or third party about the named individual.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are maintained on paper, microfilm, magnetic tape, disk, or laser optical media. In most cases, copies of back-up computer files are maintained at off-site locations.
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by name, social security number or other assigned identifiers of the individuals on whom they are maintained.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Paper records and information stored on electronic storage media are maintained and disposed of in accordance with Records Control Schedule 10-1, Subject Identification Code (SIC) 1300.1, and are to be maintained for (7) years as authorized by the National Archives and Records Administration of the United States (N1-15-05-2, Item 1).
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
1. Access to VA working and storage areas are restricted to VA employees on Start Printed Page 6992a “need-to-know” basis; strict control measures are enforced to ensure that disclosure to these individuals is also based on this same principle. Generally, VA file areas are locked after normal duty hours and the facilities are protected from outside access by the Federal Protective Service or other security personnel.
2. PATS is a web-based application installed on central computer systems in a data center at Martinsburg, West Virginia. The systems are maintained by authorized personnel. The end users access the application using the Web browser installed on their desktops. Additionally, access to computer rooms at health care facilities is generally limited by appropriate locking devices and restricted to authorized VA employees and vendor personnel. Automated Data Processing (ADP) peripheral devices are placed in secure areas (areas that are locked or have limited access) or are otherwise protected. Information in VistA may be accessed by authorized VA employees. Access to PATS application and data in the application is controlled at two levels; the systems recognize authorized employees by series of individually unique passwords/codes as a part of each data message, and the employees are limited to only that information in the application which is needed in the performance of their official duties. Information that is downloaded from PATS and maintained on personal computers are afforded similar storage and access protections as the data that is maintained in the original files. Access to information stored on automated storage media at other VA locations is controlled by individually unique passwords/codes.
3. Access to the AITC is generally restricted to Center employees, custodial personnel, Federal Protective Service and other security personnel. Access to computer rooms is restricted to authorized operational personnel through electronic locking devices. All other persons gaining access to computer rooms are escorted. Information stored in the computer may be accessed by authorized VA employees at remote locations including VA health care facilities, Information Systems Centers, VA Central Office, and Veteran Integrated Service Networks. Access is controlled by individually unique passwords/codes which must be changed periodically by the employee.
RECORD ACCESS PROCEDURE:
Individuals seeking information regarding access to and contesting of records in this system may write, call or visit the VA facility location where they are or were employed or made contact.
CONTESTING RECORD PROCEDURES:
(See Record Access Procedures above.)
Individuals who wish to determine whether this system of records contains information about them should contact the VA facility location at which they are or were employed or made or have contact. Inquiries should include the person's full name, social security number, dates of employment, date(s) of contact, and return address.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
Last full publication provided in 74 FR 26766 dated June 3, 2009.
End Supplemental Information
[FR Doc. 2021-01501 Filed 1-22-21; 8:45 am]
BILLING CODE 8320-01-P