Information Technology
NASA 10SECR—Security Records System
SYSTEM NAME: Security Records System (October 1, 2007, 72 FR 55817-55833).
SECURITY CLASSIFICATION: None.
SYSTEM LOCATION: Locations 1 through 9 and Locations 11, 12, and 14 as set forth in Appendix A.
CATEGORIES
OF INDIVIDUALS COVERED BY THE SYSTEM:
This
system maintains information on civil Servant Employees, applicants,
NASA committee members, NASA consultants, NASA experts, NASA Resident
Research Associates, guest workers, contractor employees, detailees,
visitors, correspondents (written and telephonic), Faculty Fellows,
Intergovernmental Personnel Mobility Act (IPA) Employees, Grantees,
Cooperative Employees, and Remote Users of NASA Non-Public
Information Technology Resources.
CATEGORIES
OF RECORDS IN THE SYSTEM:
Personnel
Security Records, Personal Identity Records including NASA visitor
files, Emergency Data Records, Criminal Matters, and Traffic
Management. Specific records fields include, but are not limited to:
Name, former names, date of birth, place of birth, social security
number, home address, phone numbers, citizenship, traffic infraction,
security violation, security incident, security violation discipline
status and action taken.
AUTHORITY
FOR MAINTENANCE OF THE SYSTEM:
42
U.S.C. 2451, et seq., the National Aeronautics and Space Act of 1958,
as amended; Espionage and Information Control Statutes, 18 U.S.C.
793–799; Sabotage Statutes, 18 U.S.C. 2151–2157;
Conspiracy Statute, 18 U.S.C. 371; 18 U.S.C. 202–208, 3056;
Internal Security Act of 1950; Atomic Energy Act of 1954, as amended;
Executive Order 12958, as amended, Classified National Security
Information; Executive Order 12968, as amended, Access to Classified
Information; Executive Order 10865, Safeguarding Classified
Information Within Industry; Executive Order 10450, Security
Requirements for Government Employees; Pub. L. 81–733; Pub. L.
107–347, Federal Information Security Management Act 2002; 41
CFR Chapter 101; 14 CFR Part 1203; and 44 U.S.C. 3101; Homeland
Security Presidential Directive (HSPD) 12, Policy for a Common
Identification Standard for Federal Employees and Contractors, August
27, 2004.
ROUTINE
USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF
USERS AND THE PURPOSES OF SUCH USES:
Any
disclosures of information will be compatible with the purpose for
which the Agency collected the information. The records and
information in these records may be disclosed to:
To the Department of Justice when: (a) The agency or any component thereof; or (b) any employee of the agency in his or her official capacity; (c) any employee of the agency in his or her individual capacity where agency or the Department of Justice has agreed to represent the employee; or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records by DOJ is therefore deemed by the agency to be for a purpose compatible with the purpose for which the agency collected the records.
To a court or adjudicative body in a proceeding when: (a) The agency or any component thereof; (b) any employee of the agency in his or her official capacity; (c) any employee of the agency in his or her individual capacity where agency or the Department of Justice has agreed to represent the employee; or (d) the United States Government, is a party to litigation or has an interest in such litigation, and by careful review, the agency determines that the records are both relevant and necessary to the litigation and the use of such records is therefore deemed by the agency to be for a purpose that is compatible with the purpose for which the agency collected the records.
To an Agency in order to provide a basis for determining preliminary visa eligibility.
To a Member of Congress or to a Congressional staff member in response to an inquiry of the Congressional office made at the written request of the constituent about whom the record is maintained.
To a staff member of the Executive Office of the President in response to an inquiry from the White House.
To the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. §§ 2904 and 2906.
To agency contractors, grantees, or volunteers who have been engaged to assist the agency in the performance of a contract service, grant, cooperative agreement, or other activity related to this system of records and who need to have access to the records in order to perform their activity. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. § 552a.
To other Federal agencies and relevant contractor facilities to determine eligibility of individuals to access classified National Security information.
To any official investigative or judicial source from which information is requested in the course of an investigation, to the extent necessary to identify the individual, inform the source of the nature and purpose of the investigation, and to identify the type of information requested.
To the news media or the general public, factual information the disclosure of which would be in the public interest and which would not constitute an unwarranted invasion of personal privacy, consistent with Freedom of Information Act standards.
To a Federal State, or local agency, or other appropriate entities or individuals, or through established liaison channels to selected foreign governments, in order to enable an intelligence agency to carry out its responsibilities under the National Security Act of 1947 as amended, the CIA Act of 1949 as amended, Executive Order 12333 or any successor order, applicable national security directives, or classified implementing procedures approved by the Attorney General and promulgated pursuant to such statutes, orders or directives.
In order to notify an employee’s next-of-kin or contractor in the event of a mishap involving that employee or contractor.
To notify another Federal agency when, or verify whether, a PIV card is no longer valid.
To provide relevant information to an internal or external organization or element thereof conducting audit activities of a NASA contractor or subcontractor.
Disclosure to a NASA contractor, subcontractor, grantee, or other Government organization information developed in an investigation or administrative inquiry concerning a violation of a Federal or state statute or regulation on the part of an officer or employee of the contractor, subcontractor, grantee, or other Government organization.
NASA standard routine uses as set forth in Appendix B.
POLICIES
AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND
DISPOSING OF RECORDS IN THE SYSTEM: STORAGE:
Records
in this system are maintained on electronic media and hard-copy
documents.
RETRIEVABILITY:
Records
are retrieved from the system by individual’s name, file
number, badge number, decal number, payroll number, Agency-specific
unique personal identification code, and/or Social Security Number.
SAFEGUARDS:
Access
to system records is controlled by either Government personnel or
selected personnel of NASA contractor guard/security force and
contractor personnel. After presenting proper identification and
requesting a file or record, a person with an official need to know
and, if appropriate, a proper clearance may have access to a file or
records only after it has been retrieved and approved for release by
a NASA security representative. These records are secured in security
storage equipment, and/or information technology systems employing
security countermeasures.
RETENTION
AND DISPOSAL:
The
Personnel Security Records are maintained in Agency files and
destroyed upon notification of the death or within 5 years after
separation or transfer of employee or within 5 years after contract
relationship expires, whichever is applicable in accordance with NASA
Records Retention Schedules (NRRS), Schedule 1 Item 103.
The Personal Identity Records are maintained in Agency files and destroyed upon notification of the death or within 5 years after separation or transfer of employee or within 5 years after contract relationship expires, whichever is applicable in accordance with NRRS, Schedule 1 Item 103. Visitor files are maintained and destroyed in accordance with NRRS, Schedule 1 Item 114.
The Emergency Data Records are maintained in Agency files and destroyed when superseded or obsolete in accordance with NRRS 1, Item 100B.
The Criminal Matter Records are maintained in Agency files and destroyed in accordance with Items A and B of National Archives and Records Administration Disposition Authorization N1-255-07-2 after its approval by the Archivist of the United States.
The Traffic Management Records are maintained in Agency files and destroyed in accordance with Item C of National Archives and Records Administration Disposition Authorization N1-255-07-2 after its approval by the Archivist of the United States.
SYSTEM
MANAGER(S) AND ADDRESS:
Director,
Security Management Division, Location 1. Subsystem Managers: Chief,
Protective Services Division, Location 2; Chief, Security Branch,
Locations 4 and 5; Security Officer, Location 3, 8, and 11; Chief,
Protective Services Office, Location 6; Head, Office of Security and
Public Safety, Location 7; Chief, Security Division, Location 9;
Chief, Administration Office, Location 12; Safety and Security
Officer at Location 14. Locations are as set forth in Appendix A.
NOTIFICATION
PROCEDURE:
Information
may be obtained from the cognizant system or subsystem manager listed
above. Requests must contain the following identifying data
concerning the requestor: First, middle, and last name; date of
birth; Social Security Number; period and place of employment with
NASA, if applicable.
RECORD
ACCESS PROCEDURES:
Personnel
Security Records compiled solely for the purpose of determining
suitability, eligibility, or qualifications for Federal civilian
employment, Federal contracts, or access to classified information
have been exempted by the Administrator under 5 U.S.C. 552a(k)(5)
from the access provisions of the Act. Personal Identity Records:
Requests from individuals should be addressed to the same address as
stated in the Notification section above. Emergency Data Records:
Requests from individuals should be addressed to the same address as
stated in the Notification section above. Criminal Matter Records
compiled for civil or criminal law enforcement purposes have been
exempted by the Administrator under 5 U.S.C. 552a(k)(2) from the
access provision of the Act.
Traffic Management Records: Requests from individuals should be addressed to the same address as stated in the Notification section above.
CONTESTING
RECORD PROCEDURES:
For
Personnel Security Records and Criminal Matters Records, see Record
Access Procedures, above. For Personal Identity Records, Emergency
Data Records, and Traffic Management Records, the NASA rules for
access to records and for contesting contents and appealing initial
determinations by the individual concerned appear at 14 CFR part
1212.
RECORD
SOURCE CATEGORIES:
Information
is obtained from a variety of sources including the employee,
contractor, or applicant via use of the Standard Form (SF) SF–85,
SF–85P, or SF–86 and personal interviews; employers’
and former employers’ records; FBI criminal history records and
other databases; financial institutions and credit reports; medical
records and health care providers; educational institutions;
interviews of witnesses such as neighbors, friends, coworkers,
business associates, teachers, landlords, or family members; tax
records; and other public records. Security violation information is
obtained from a variety of sources, such as guard reports, security
inspections, witnesses, supervisor’s reports, audit reports.
EXEMPTIONS
CLAIMED FOR THE SYSTEM:
Personnel
Security Records compiled solely for the purpose of determining
suitability, eligibility, or qualifications for Federal civilian
employment, Federal contracts, or access to classified information,
but only to the extent that the disclosure of such material would
reveal the identity of a confidential source, are exempt from the
following sections of the Privacy Act of 1974, 5 U.S.C. 552a(c)(3)
relating to access to the disclosure accounting; (d) relating to
access to the records; (e)(1) relating to the type of information
maintained in the records; (e)(4)(G), (H) and (I) relating to
publishing in the annual system notice information as to agency
procedures for access and correction and information as to the
categories of sources of records; and (f) relating to developing
agency rules for gaining access and making corrections. The
determination to exempt the Personnel Security Records portion of the
Security Records System has been made by the Administrator of NASA in
accordance with 5 U.S.C. 552a(k)(5) and Subpart 5 of the NASA
regulations appearing in 14 CFR part 1212. Criminal Matter Records to
the extent they constitute investigatory material compiled for law
enforcement purposes are exempt from the following sections of the
Privacy Act of 1974, 5 U.S.C. 552a(c)(3) relating to access to the
disclosure accounting; (d) relating to access to the records; (e)(1)
relating to the type of information maintained in the records;
(e)(4)(G), (H) and (I) relating to publishing in the annual system
notice information as to agency procedures for access and correction
and information as to the categories of sources of records; and (f)
relating to developing agency rules for gaining access and making
corrections. The determination to exempt the Criminal Matter Records
portion of the Security Records System has been made by the
Administrator of NASA in accordance with 5 U.S.C. 552a(k)(2) and
subpart 5 of the NASA regulations appearing in 14 CFR part 1212.
Records subject to the provisions of 5 U.S.C. 552(b)(1) required by Executive Order to be kept secret in the interest of national defense or foreign policy are exempt from the following sections of the Privacy Act of 1974, 5 U.S.C. 552a:(c)(3) relating to access to the disclosure accounting; (d) relating to the access to the records; (e)(1) relating to the type of information maintained in the records; (e)(4)(G), (H) and (I) relating to publishing in the annual system notice information as to agency procedures for access and correction and information as to the categories of sources of records; and (f) relating to developing agency rules for gaining access and making corrections.
The determination to exempt this portion of the Security Records System has been made by the Administrator of NASA in accordance with 5 U.S.C. 552a(k)(1) and subpart 5 of the NASA regulations appearing in 14 CFR part 1212.
File Type | application/msword |
Author | fmoorete |
Last Modified By | fmoorete |
File Modified | 2014-07-25 |
File Created | 2014-07-25 |