4312-52
DEPARTMENT OF THE INTERIOR
National Park Service
[Insert Accounting Code]
Privacy Act of 1974; System of Records
AGENCY: National Park Service, Interior.
ACTION: Notice of a New System of Records.
SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as amended, the Department of the Interior is issuing a public notice of its intent to create the National Park Service Privacy Act system of records, Common Learning Portal – NPS-31”. The purpose of the system is to serve as a common location for advertising national, regional, and park specific training events to NPS employees, volunteers, and partners and to establish communities of practice using interest groups and forums in order to increase communication among the NPS training community and engage the public. This newly established system will be included in the Department of the Interior’s inventory of record systems.
DATE: This new system will be effective [INSERT DATE OF PUBLICATION IN THE FEDERAL REGISTER], and the new routine uses will be effective [INSERT DATE 30 DAYS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER]. Comments on new routine uses must be received by [INSERT DATE 30 DAYS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER].
ADDRESSES: Any person interested in commenting on this notice may do so by: submitting comments in writing to Teri Barnett, Departmental Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, Mail Stop 7456 MIB, Washington, DC 20240; hand-delivering comments to Teri Barnett, Departmental Privacy Officer, U.S. Department of the Interior, 1849 C Street NW, Mail Stop 7456 MIB, Washington, DC 20240; or e-mailing comments to [email protected].
FOR FURTHER INFORMATION CONTACT: Program Manager, Distance Learning Group, Office of Learning and Development, Workforce Inclusion Directorate, National Park Service, 51 Mather Place, Harpers Ferry, WV 25425.
SUPPLEMENTARY INFORMATION:
I. Background
The Department of the Interior (DOI), National Park Service maintains the “Common Learning Portal – NPS-31” system of records. The purpose of the system is to serve as a common location for advertising national, regional, and park specific training events to NPS employees and to establish communities of practice using interest groups and forums in order to increase communication among the NPS training community and engage the public.
The new system will be effective [INSERT DATE OF PUBLICATION IN THE FEDERAL REGISTER], and the proposed new routine uses will be effective [INSERT DATE 30 DAYS AFTER PUBLICATION IN THE FEDERAL REGISTER], unless comments are received which would require a contrary determination. DOI will publish a revised notice if changes are made based upon a review of the comments received.
II. Privacy Act
The Privacy Act of 1974, as amended, embodies fair information practice principles in a statutory framework governing the means by which Federal agencies collect, maintain, use, and disseminate individuals’ personal information. The Privacy Act applies to records about individuals that are maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency for which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. The Privacy Act defines an individual as a United States citizen or lawful permanent resident. As a matter of policy, DOI extends administrative Privacy Act protections to all individuals. Individuals may request access to their own records that are maintained in a system of records in the possession or under the control of DOI by complying with DOI Privacy Act regulations at 43 CFR Part 2, Subpart K.
The Privacy Act requires each agency to publish in the Federal Register a description denoting the type and character of each system of records that the agency maintains, the routine uses of each system to make agency recordkeeping practices transparent, to notify individuals regarding the uses of their records, and to assist individuals to more easily find such records within the agency. The new “Common Learning Portal – NPS-31” system of records notice is published in its entirety below.
In accordance with 5 U.S.C. 552a(r), DOI has provided a report of this system of records to the Office of Management and Budget and to Congress.
III. Public Disclosure
You should be aware your entire comment including your personal identifying information including your address, phone number, e-mail address, or any other personal identifying information in your comment – may be made publicly available at any time. While you may request to withhold your personal identifying information from public review, we cannot guarantee we will be able to do so.
Date: ____________________________
Signed: ___________________________
Teri Barnett
Departmental Privacy Officer
SYSTEM NAME AND NUMBER:
Common Learning Portal – NPS-31.
SECURITY CLASSIFICATION:
Unclassified.
SYSTEM LOCATION:
Records in this system are maintained by the Distance Learning Group, Office of Learning and Development, Workforce Inclusion Directorate, National Park Service, 51 Mather Place, Harpers Ferry, WV 25425.
SYSTEM MANAGER:
Program Manager, Distance Learning Group, Office of Learning and Development, Workforce Inclusion Directorate, National Park Service, 51 Mather Place, Harpers Ferry, WV 25425.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
54 U.S.C. § 101321, Service employee training; and 54 U.S.C. § 101322, Management development and training.
PURPOSE(S) OF THE SYSTEM:
The purpose of the system is to serve as a common location for advertising national, regional, and park specific training events to NPS employees and to establish communities of practice using interest groups and forums in order to increase communication among the NPS training community and engage the public.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Individuals covered by the system include DOI employees, partners, contractors, and members of the public interested in NPS training events.
CATEGORIES OF RECORDS IN THE SYSTEM:
The system contains individual’s system account and profile information and may include email address and full name, job title, location, individual’s expertise, duties, internal user identifier assigned automatically by the system, and any other optional information entered by the individual about themselves or while posting a discussion.
RECORD SOURCE CATEGORIES:
Records in the system are entered by the individual when and if they choose to register for an account on the system.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DOI as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
(1) (a) To any of the following entities or individuals, when the circumstances set forth in paragraph (b) are met:
(i) The U.S. Department of Justice (DOJ);
(ii) A court or an adjudicative or other administrative body;
(iii) A party in litigation before a court or an adjudicative or other administrative body; or
(iv) Any DOI employee acting in his or her individual capacity if DOI or DOJ has agreed to represent that employee or pay for private representation of the employee;
(b) When:
(i) One of the following is a party to the proceeding or has an interest in the proceeding:
(A) DOI or any component of DOI;
(B) Any other Federal agency appearing before the Office of Hearings and Appeals;
(C) Any DOI employee acting in his or her official capacity;
(D) Any DOI employee acting in his or her individual capacity if DOI or DOJ has agreed to represent that employee or pay for private representation of the employee;
(E) The United States, when DOJ determines that DOI is likely to be affected by the proceeding; and
(ii) DOI deems the disclosure to be:
(A) Relevant and necessary to the proceeding; and
(B) Compatible with the purpose for which the records were compiled.
(2) To a congressional office in response to a written inquiry that an individual covered by the system, or the heir of such individual if the covered individual is deceased, has made to the office.
(3) To the Executive Office of the President in response to an inquiry from that office made at the request of the subject of a record or a third party on that person's behalf, or for a purpose compatible with the reason for which the records are collected or maintained.
(4) To any criminal, civil, or regulatory law enforcement authority (whether Federal, state, territorial, local, tribal or foreign) when a record, either alone or in conjunction with other information, indicates a violation or potential violation of law – criminal, civil, or regulatory in nature, and the disclosure is compatible with the purpose for which the records were compiled.
(5) To an official of another Federal agency to provide information needed in the performance of official duties related to reconciling or reconstructing data files or to enable that agency to respond to an inquiry by the individual to whom the record pertains.
(6) To Federal, state, territorial, local, tribal, or foreign agencies that have requested information relevant or necessary to the hiring, firing or retention of an employee or contractor, or the issuance of a security clearance, license, contract, grant or other benefit, when the disclosure is compatible with the purpose for which the records were compiled.
(7) To representatives of the National Archives and Records Administration (NARA) to conduct records management inspections under the authority of 44 U.S.C. 2904 and 2906.
(8) To state, territorial and local governments and tribal organizations to provide information needed in response to court order and/or discovery purposes related to litigation, when the disclosure is compatible with the purpose for which the records were compiled.
(9) To an expert, consultant, or contractor (including employees of the contractor) of DOI that performs services requiring access to these records on DOI’s behalf to carry out the purposes of the system.
(10) To appropriate agencies, entities, and persons when:
(a) DOI suspects or has confirmed that there has been a breach of the system of records;
(b) DOI has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOI (including its information systems, program, and operations), the Federal government, or national security; and
(c) the disclosure made to such agencies, entities and persons is reasonably necessary to assist in connection with DOI’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
(11) To another Federal agency or Federal entity, when DOI determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in:
(a) responding to a suspected or confirmed breach; or
(b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
(12) To the Office of Management and Budget (OMB) during the coordination and clearance process in connection with legislative affairs as mandated by OMB Circular A-19.
(13) To the Department of the Treasury to recover debts owed to the United States.
(14) To the news media and the public, with the approval of the Public Affairs Officer in consultation with counsel and the Senior Agency Official for Privacy, where there exists a legitimate public interest in the disclosure of the information, except to the extent it is determined that release of the specific information in the context of a particular case would constitute an unwarranted invasion of personal privacy.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Electronic records are maintained in computers, computer databases, e-mail, and electronic media such as removable hard drives, magnetic disks, compact discs, and computer tapes.
POLICIES AND PRACTICES FOR RETRIEVABILITY OF RECORDS:
Email address or an internal user identifier assigned automatically by the system could be used to retrieve information on a user as both information types are considered unique. Data retrieval will be performed by the portal systematically in order to authenticate users and display information related to them, such as their profile page or portal pages that they have favorited.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
Records in this system are maintained in accordance with the National Park Service Management and Accountability (Item 10), D. Housekeeping and Supporting Records Record Schedule (N1-79-08-9) which has been approved by the National Archives and Records Administration. Records are temporary and destroyed/deleted 3 years after closure.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
The records contained in this system are safeguarded in accordance with 43 CFR 2.226 and other applicable security rules and policies. The system is hosted in a certified Federal Risk and Authorization Management Program (FEDRAMP) cloud-based environment. Access to DOI networks and records in this system requires a valid username and password and Personal Identity Verification (PIV) card, and is limited to DOI personnel who have a need to know the information for the performance of their official duties.
Access to records in the system is limited to authorized personnel whose official duties require such access; authorized personnel are required to complete annual Federal Information Systems Security Awareness and Privacy and Records Management FISSA training and sign the DOI Rules of Behavior. Electronic data will be protected through user identification, encrypted passwords, database permissions and software controls. All data, including PII, delivered to and from an individual’s web browser will be encrypted using approved federal encryption protocols. These security measures will establish different degrees of access for different types of users.
A
Privacy Impact Assessment was conducted on the Common Learning Portal
to ensure that Privacy Act requirements are met and appropriate
privacy controls were implemented to safeguard the personally
identifiable information contained in the system.
RECORD
ACCESS PROCEDURES:
An individual requesting records on himself or herself should send a signed, written inquiry to the applicable System Manager identified above. The request must include the specific bureau or office that maintains the record to facilitate location of the applicable records. The request envelope and letter should both be clearly marked “PRIVACY ACT REQUEST FOR ACCESS.” A request for access must meet the requirements of 43 CFR 2.238.
CONTESTING RECORD PROCEDURES:
An individual requesting corrections or the removal of material from his or her records should send a signed, written request to the applicable System Manager as identified above. The request must include the specific bureau or office that maintains the record to facilitate location of the applicable records. A request for corrections or removal must meet the requirements of 43 CFR 2.246.
NOTIFICATION PROCEDURES:
An individual requesting notification of the existence of records on himself or herself should send a signed, written inquiry to the applicable System Manager as identified above. The request must include the specific bureau or office that maintains the record to facilitate location of the applicable records. The request envelope and letter should both be clearly marked “PRIVACY ACT INQUIRY.” A request for notification must meet the requirements of 43 CFR 2.235.
EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.
HISTORY:
None.
File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
File Modified | 0000-00-00 |
File Created | 2021-01-22 |