[Federal Register: December 12, 2007 (Volume 72, Number 238)]
[Notices]
[Page 70559]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr12de07-15]
========================================================================
Notices
Federal Register
________________________________________________________________________
This section of the FEDERAL REGISTER contains documents other than rules
or proposed rules that are applicable to the public. Notices of hearings
and investigations, committee meetings, agency decisions and rulings,
delegations of authority, filing of petitions and applications and agency
statements of organization and functions are examples of documents
appearing in this section.
========================================================================
[[Page 70559]]
AGENCY FOR INTERNATIONAL DEVELOPMENT
Privacy Act of 1974; System of Records
AGENCY: United States Agency for International Development.
ACTION: Notice of proposed general routine use.
-----------------------------------------------------------------------
SUMMARY: The United States Agency for International Development (USAID)
is providing notice to alter each of its system of records by adding a
new general routine use subject to the Privacy Act of 1974, as amended
(5 U.S.C. 552a). The new general routine use will permit disclosure of
USAID records protected by the Privacy Act when reasonably necessary to
respond, prevent, minimize or remedy harm that may result from an
agency data breach. This notice complies with subsection (e)(11) of the
Privacy Act (5 U.S.C. 552a), which requires agencies to publish advance
notice of any new routine use of information in a system of records.
DATES: Written comments must be received on or before December 12,
2007. The proposed general routine use will be effective January 11,
2008 unless the Agency receives comments which would result in a
contrary determination.
ADDRESSES: You may submit comments to:
E-mail: privacy@usaid.gov.
Mail: Philip M. Heneghan, Chief Privacy Officer, United States
Agency for International Development, 1300 Pennsylvania Avenue, NW.,
Office 2.12-003, Washington, DC 20523-2120.
FOR FURTHER INFORMATION CONTACT: For general questions regarding this
notice, please contact: Rhonda L. Turnbow, Deputy Chief Privacy
Officer, United States Agency for International Development, 1300
Pennsylvania Avenue, NW., Office 7.6-06A, Washington, DC 20523-2120 or
by e-mail: privacy@usaid.gov.
SUPPLEMENTARY INFORMATION: Pursuant to the provisions of the Privacy
Act of 1974, as amended (5 U.S.C. 552a) notice is hereby given that
USAID proposes to modify all of its Privacy Act system of records to
include a new general routine use permitting disclosure to appropriate
persons and entities for purposes of response and remedial efforts in
the event of a breach or compromise of data contained in a system of
records. USAID is publishing notice of this new general routine use and
giving the public a 30 day period to comment before adopting it as
final. The purpose and intent of publishing the routine use is to give
individuals full and fair notice of the extent of potential
disclosures, consistent with the Privacy Act's requirement that
individuals be made aware of how their records may be disclosed.
USAID is following recommendations from the Office of Management
and Budget (OMB) memorandum M-07-16 ``Safeguarding Against and
Responding to the Breach of Personally Identifiable Information'' and
the President's Identity Theft Task Force's Strategic Plan, which
advised all federal agencies to publish a routine use for their systems
of records allowing for the disclosure of information in the course of
responding to a breach of data maintained in a system of records. The
routine use will facilitate an effective response to a confirmed or
suspected breach by allowing for the disclosure to those individuals
affected by the breach, as well as to others who are in a position to
assist in the Agency's response efforts, either by a role in
preventing, minimizing or remedying harms from the breach.
The Privacy Act authorizes the Agency to adopt routine uses that
are consistent with the purpose for which information is collected and
subject to the Privacy Act. OMB guidance also recognizes cases in which
routine uses are necessary and proper for the efficient conduct of the
government and in the best interest of both the individual and the
public. A routine use to provide for disclosure in connection with
response and remedial efforts in the event of a breach of federal data
would qualify as a necessary and proper use of information.
A report of the proposed new general routine use has been sent to
Congress and to the Office of Management and Budget for their
evaluation.
Accordingly, USAID proposes to amend its Privacy Act general
routine uses, as published by adding the following new routine use at
the end of the existing routine uses set forth:
Statement of General Routine Uses
* * * * *
15. To appropriate agencies, entities, and persons when (1) USAID
suspects or has confirmed that the security or confidentiality of
information in the system of records has been compromised; (2) USAID
has determined that as a result of the suspected or confirmed
compromise there is a risk of harm to economic or property interests,
identity theft or fraud, or harm to the security or integrity of this
system or other systems or programs (whether maintained by the USAID or
another Agency or entity) that rely upon the compromised information;
and (3) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with USAID's efforts to
respond to the suspected or confirmed compromise and prevent, minimize,
or remedy such harm.
Dated: December 5, 2007.
Philip M. Heneghan,
Chief Privacy Officer.
[FR Doc. E7-24062 Filed 12-11-07; 8:45 am]
BILLING CODE 6116-01-P