Updated Routine Uses

Routine uses of records maintained in the system, including categories

of users and the purposes of such uses:

    In addition to those disclosures generally permitted under 5 U.S.C.

552a(b) of the Privacy Act, all or a portion of the records or

information contained in this system may be disclosed outside DHS as a

routine use pursuant to 5 U.S.C. 552a(b)(3):

    A. To the Department of Justice or other Federal agency conducting

litigation or in proceedings before any court, adjudicative or

administrative body, when it is necessary to the litigation and one of

the following is a party to the litigation or has an interest in such

litigation:

    1. DHS or any component thereof;

    2. Any employee of DHS in his/her official capacity;

    3. Any employee of DHS in his/her individual capacity where DOJ or

DHS has agreed to represent the employee; or

    4. The United States or any agency thereof, is a party to the

litigation or has an interest in such litigation, and DHS

[[Page 74745]]

determines that the records are both relevant and necessary to the

litigation and the use of such records is compatible with the purpose

for which DHS collected the records.

    B. To a congressional office from the record of an individual in

response to an inquiry from that congressional office made at the

request of the individual to whom the record pertains.

    C. To the National Archives and Records Administration or other

Federal Government agencies pursuant to records management inspections

being conducted under the authority of 44 U.S.C. 2904 and 2906.

    D. To an agency, organization, or individual for the purpose of

performing audit or oversight operations as authorized by law, but only

such information as is necessary and relevant to such audit or

oversight function.

    E. To appropriate agencies, entities, and persons when:

    1. DHS suspects or has confirmed that the security or

confidentiality of information in the system of records has been

compromised;

    2. The Department has determined that as a result of the suspected

or confirmed compromise there is a risk of harm to economic or property

interests, identity theft or fraud, or harm to the security or

integrity of this system or other systems or programs (whether

maintained by DHS or another agency or entity) or harm to the

individual who relies upon the compromised information; and

    3. The disclosure made to such agencies, entities, and persons is

reasonably necessary to assist in connection with DHS's efforts to

respond to the suspected or confirmed compromise and prevent, minimize,

or remedy such harm.

    F. To contractors and their agents, grantees, experts, consultants,

and others performing or working on a contract, service, grant,

cooperative agreement, or other assignment for DHS, when necessary to

accomplish an agency function related to this system of records.

Individuals provided information under this routine use are subject to

the same Privacy Act requirements and limitations on disclosure as are

applicable to DHS officers and employees.

    G. To an appropriate Federal, State, tribal, local, international,

or foreign law enforcement agency or other appropriate authority

charged with investigating or prosecuting a violation or enforcing or

implementing a law, rule, regulation, or order, where a record, either

on its face or in conjunction with other information, indicates a

violation or potential violation of law, which includes criminal,

civil, or regulatory violations and such disclosure is proper and

consistent with the official duties of the person making the

disclosure.

Disclosure to consumer reporting agencies:

    None.

Policies and practices for storing, retrieving, accessing, retaining,

and disposing of records in the system:

Storage:

    RDT&E records maintained in hard copy are stored in a locked file

cabinet or safe. Electronic records are stored in computer files that

require a password for access and are protected by a firewall.