From: "Saved by Windows Internet Explorer 8"
Subject: Federal Register, Volume 77 Issue 141 (Monday, July 23, 2012)
Date: Tue, 27 May 2014 11:12:24 -0400
MIME-Version: 1.0
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Location: http://www.gpo.gov/fdsys/pkg/FR-2012-07-23/html/2012-17783.htm
X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7601.17609

=EF=BB=BF<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Federal Register, Volume 77 Issue 141 (Monday, July =
23, 2012)</TITLE>
<META content=3D"text/html; charset=3Dutf-8" http-equiv=3DContent-Type>
<META name=3DGENERATOR content=3D"MSHTML 8.00.7601.18446"></HEAD>
<BODY><PRE>[Federal Register Volume 77, Number 141 (Monday, July 23, =
2012)]
[Notices]
[Pages 43100-43103]
From the Federal Register Online via the Government Printing Office [<A =
href=3D"http://www.gpo.gov/">http://www.gpo.gov/</A>]
[FR Doc No: 2012-17783]


=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary

[Docket No. DHS-2011-0097]


Privacy Act of 1974; Department of Homeland Security, Federal=20
Emergency Management Agency--009 Hazard Mitigation Assistance Grant=20
Programs System of Records

AGENCY: Privacy Office, DHS.

ACTION: Notice of Privacy Act system of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, the Department of=20
Homeland Security, Federal Emergency Management Agency proposes to=20
update and reissue a current system of records titled, ``Department of=20
Homeland Security/Federal Emergency Management Agency--2006--0002=20
National Emergency Management Information System (NEMIS)--Mitigation=20
(MT) Electronic Grants Management System of Records,'' and retitle it=20
``Department of Homeland Security/Federal Emergency Management Agency--
009 Hazard Mitigation Assistance Grant Programs System of Records.'' As=20
a result of the biennial review of this system, the Department of=20
Homeland Security, Federal Emergency Management Agency is proposing=20
changes to the following: (1) System name: (2) categories of=20
individuals; (3) categories of records; (4) purposes; (5) routine uses;=20
and (6) sources of records. This revised system will be included in the=20
Department of Homeland Security, Federal Emergency Management Agency's=20
inventory of record systems.

DATES: Submit comments on or before August 22, 2012. This revised=20
system will be effective August 22, 2012.

ADDRESSES: You may submit comments, identified by docket number DHS-
2011-0097, by one of the following methods:
    <BULLET> Federal e-Rulemaking Portal: <A =
href=3D"http://www.regulations.gov/">http://www.regulations.gov/</A>.=20
Follow the instructions on the Web site.
    <BULLET> Fax: 703-483-2999.
    <BULLET> Mail: Mary Ellen Callahan, Chief Privacy Officer, Privacy=20
Office, Department of Homeland Security, Washington, DC 20528.
    Instructions: All submissions received must include the agency name=20
and docket number for this rulemaking. All comments received will be=20
posted without change to <A =
href=3D"http://www.regulations.gov/">http://www.regulations.gov/</A>, =
including any=20
personal information provided.
    Docket: For access to the docket to read background documents or=20
comments received, please visit <A =
href=3D"http://www.regulations.gov/">http://www.regulations.gov/</A>.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact:=20
Eric M. Leckey (202) 212-5100, Privacy Officer, Federal Emergency=20
Management Agency, Department of Homeland Security, Washington, DC=20
20478. For privacy issues, please contact: Mary Ellen Callahan (703)=20
235-0780, Chief Privacy Officer, Privacy Office, Department of Homeland=20
Security, Washington, DC 20528.

SUPPLEMENTARY INFORMATION:

I. Background

    In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, the=20
Department of Homeland Security (DHS), Federal Emergency Management=20
Agency (FEMA) proposes to update and reissue a current system of=20
records titled, ``DHS/FEMA--2006--0002 National Emergency Management=20
Information System (NEMIS)--Mitigation (MT) Electronic Grants=20
Management System of Records (69 FR 75079, December 15, 2004),'' and=20
retitle it, ``DHS/FEMA--009 Hazard Mitigation Assistance Grant Programs=20
System of Records.'' As part of the process for reviewing information=20
technology under the National Emergency Management Information System=20
(NEMIS)--Mitigation (MT) Electronic Grants Management System (NEMIS--MT=20
eGrants), DHS is updating both the Privacy Impact Assessment (PIA)=20
published at <A =
href=3D"http://www.dhs.gov/privacy">www.dhs.gov/privacy</A> and this =
system of records notice to=20
reflect changes in the program and technology.
    FEMA collects personally identifiable information (PII) through=20
paper and electronic applications for Hazard Mitigation Assistance=20
(HMA) grant programs. This SORN includes renaming the system of records=20
to eliminate the specific reference to ``electronic grants management''=20
and therefore broaden the coverage of the system of records to include=20
paper-based applications for Hazardous Mitigation Assistance (HMA)=20
grant programs.
    The categories of individuals has been broadened to cover grant=20
applicants from additional HMA grants programs not previously included=20
in the MT Electronic Grants Management System of Records. The HMA grant=20
programs include, but may not be limited to, the Pre-Disaster=20
Mitigation (PDM) grant program (42 U.S.C. 5133), the Hazard Mitigation=20
Grant Program (HMGP) (42 U.S.C. 5170c), the Flood Mitigation Assistance=20
(FMA) grant program (42 U.S.C. 4104c), the Severe Repetitive Loss (SRL)=20
grant program (42 U.S.C. 4102a), and the Repetitive Flood Claims (RFC)=20
grant program (42 U.S.C. 4030). HMA grant programs provide funds to=20
eligible applicants to implement mitigation activities to reduce or=20
eliminate the risk of future damage to life and property from hazards.
    Eligible applicants for FEMA HMA grants include all fifty states,=20
the District of Columbia, the U.S. Virgin Islands, the Commonwealth of=20
Puerto Rico, Guam, American Samoa, the Commonwealth of the Northern=20
Mariana Islands, and federally recognized tribal governments. Eligible=20
sub-applicants of HMA grants include state agencies, local governments,=20
tribal governments, and, for HMGP only, certain private, non-profit=20
entities, to which a sub-grant is awarded by an applicant.
    Some applications for HMA grant programs propose mitigation=20
activities that impact property privately owned by individuals, such=20
as: retrofitting structures, elevating structures, acquiring and=20
demolishing or relocating structures, minor structural flood control=20
projects, or constructing safe rooms. These applications include the=20
minimum amount of the property owner's PII necessary to ascertain the=20
eligibility of the property and/or structure under mitigation grant=20
program regulations.
    This SORN has been revised to update categories of records to=20
provide additional transparency. Categories of records now include:=20
information about points of contact (POC) who submit grant=20
applications, including the name of the organizations submitting the=20
grant; the name of the organization's POC for the grant and the grant=20
POC's office phone number, office mailing address, and email address;=20
and information about the Governor's representatives who may sign grant=20
applications, such as the representative's name and signature.=20
Categories of records also now include

[[Page 43101]]

information related to payments or financial assistance property owners=20
may receive from non-FEMA sources.
    The purpose of this system of records has been expanded to include=20
the Hazard Mitigation Grant Program, the Severe Repetitive Loss=20
Program, the Repetitive Flood Claims Program, and any other authorized=20
Hazard Mitigation Assistance grant programs where the same type of=20
information is collected and used for the same purpose of review and=20
approving hazard mitigation grants.
    The routine uses have been updated to be consistent with the=20
existing order and content of all DHS SORNs. In addition, two new=20
routine uses have been added. Routine use I has been added to clarify=20
that information will be shared for routine management and oversight=20
between FEMA and other federal agencies, state and local governments,=20
or other public or private entities (to include voluntary/non-
governmental organizations, insurance companies, insurance agents/
brokers, individual's employer, and/or financial institutions) when an=20
individual property owner's eligibility for grant assistance to the=20
property, in whole or in part, depends upon financial benefits already=20
received or available from another source for similar purposes. Routine=20
use J has been added in order to allow the Department to disclose=20
information to the public when the public's need to know the=20
information outweighs the risk to privacy.
    DHS/FEMA is clarifying the language under the sources of records.=20
FEMA collects information in its HMA grant applications from state,=20
local, tribal, and territorial partners seeking grant funding. However,=20
private and non-profit organizations may be additional sources of=20
information.
    This updated system will be included in DHS/FEMA's inventory of=20
record systems.

II. Privacy Act

    The Privacy Act embodies fair information principles in a statutory=20
framework governing the means by which the United States Government=20
collects, maintains, uses, and disseminates personally identifiable=20
information. The Privacy Act applies to information that is maintained=20
in a ``system of records.'' A ``system of records'' is a group of any=20
records under the control of an agency from which information is=20
retrieved by the name of an individual or by some identifying number,=20
symbol, or other identifying particular assigned to the individual. In=20
the Privacy Act, an individual is defined to encompass U.S. citizens=20
and lawful permanent residents. As a matter of policy, DHS extends=20
administrative Privacy Act protections to all individuals where systems=20
of records maintain information on U.S. citizens, lawful permanent=20
residents, and visitors. Individuals may request access to their own=20
records that are maintained in a system of records in the possession or=20
under the control of DHS by complying with DHS Privacy Act regulations,=20
6 CFR part 5.
    The Privacy Act requires each agency to publish in the Federal=20
Register a description denoting the type and character of each system=20
of records that the agency maintains, and the routine uses of the=20
records contained in each system in order to make agency record keeping=20
practices transparent; to notify individuals regarding the uses to=20
which personally identifiable information is put; and to assist=20
individuals to more easily find such files within the agency. Below is=20
the description of the DHS/FEMA--009 Hazard Mitigation Assistance Grant=20
Programs System of Records.
    In accordance with 5 U.S.C. 552a(r), DHS has provided a report of=20
this system change to the Office of Management and Budget and to=20
Congress.

System of Records:
    Department of Homeland Security (DHS)/Federal Emergency Management=20
Agency (FEMA)--009.

System name:
    DHS/FEMA--009 Hazard Mitigation Assistance Grant Programs System of=20
Records.

Security classification:
    Unclassified.

System location:
    Mitigation eGrants, the Hazard Mitigation Grant Program (HMGP)=20
system, and hard copy records are maintained at Federal Emergency=20
Management Agency Headquarters, in Washington, DC and field locations.

Categories of individuals covered by the system:
    Categories of individuals covered by this system include:
    <BULLET> The points of contact for the grant applications,=20
including applications that are denied, and awarded grants (grantees),=20
such as state, local, tribal, and territorial governments, and private=20
and non-profit organizations applying for HMA grant funds; and
    <BULLET> Individual private property owners whose properties are=20
identified in applications for Hazard Mitigation Assistance (HMA) grant=20
funds.

Categories of records in the system:
    The following information may be collected:
    <BULLET> Individual property owner's name;
    <BULLET> Individual property owner's damaged property address;
    <BULLET> Individual property owner's home phone number;
    <BULLET> Individual property owner's office phone number;
    <BULLET> Individual property owner's cell phone number;
    <BULLET> Individual property owner's mailing address;
    <BULLET> Individual property owner's status regarding flood=20
insurance;
    <BULLET> Individual property owner's National Flood Insurance=20
Program (NFIP) policy number;
    <BULLET> Individual property owner's insurance policy provider for=20
the property proposed to be mitigated with FEMA funds;
    <BULLET> Individual property owner's signature;
    <BULLET> Grant applicant organization name;
    <BULLET> Grant applicant organization POC;
    <BULLET> Grant applicant organization POC office phone number;
    <BULLET> Grant applicant organization POC office mailing address;
    <BULLET> Grant applicant organization POC email address;
    <BULLET> Grant applicant's Dun and Bradstreet Data Universal=20
Numbering System (DUNS);
    <BULLET> Governor's authorized representative name;
    <BULLET> Governor's authorized representative signature;
    <BULLET> Notations and reports of decisions from insurance,=20
disaster, or similar financial aid and/or income from other federal and=20
state agencies, insurance companies, employers, banks, financial or=20
credit data services, and public or private entities as they relate to=20
payments and/or financial assistance received by individual property=20
owners for the subject property; and
    <BULLET> Mitigation activity type, hazard type, award date, and/or=20
Congressional district.

Authority for maintenance of the system:
    Sections 203 and 404 of the Robert T. Stafford Disaster Relief and=20
Emergency Assistance Act, as amended, 42 U.S.C. 5133 and 5170c;=20
Sections 1366, 1323, and 1361A of the National Flood Insurance Act, as=20
amended, 42 U.S.C. 4030, 4102a, and 4104c.

Purpose(s):
    The purpose of this system is to determine the eligibility of a=20
property or structure for FEMA's hazard mitigation grant programs,=20
verify the eligibility of activities for mitigation grants, identify

[[Page 43102]]

repetitive loss properties, and implement measures to reduce future=20
property damage from hazards.

Routine uses of records maintained in the system, including categories=20
of users and the purposes of such uses:
    In addition to those disclosures generally permitted under 5 U.S.C.=20
552a(b) of the Privacy Act, all or a portion of the records or=20
information contained in this system may be disclosed outside DHS as a=20
routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
    A. To the Department of Justice (including United States Attorney=20
Offices) or other federal agency conducting litigation or in=20
proceedings before any court, adjudicative or administrative body, when=20
it is relevant or necessary to the litigation and one of the following=20
is a party to the litigation or has an interest in such litigation:
    1. DHS or any component thereof;
    2. Any employee of DHS in his/her official capacity;
    3. Any employee of DHS in his/her individual capacity where DOJ or=20
DHS has agreed to represent the employee; or
    4. The United States or any agency thereof.
    B. To a congressional office from the record of an individual in=20
response to a written inquiry from that congressional office made=20
pursuant to a Privacy Act waiver from the individual to whom the record=20
pertains.
    C. To the National Archives and Records Administration (NARA) or=20
General Services Administration pursuant to records management=20
inspections being conducted under the authority of 44 U.S.C. 2904 and=20
2906.
    D. To an agency or organization for the purpose of performing audit=20
or oversight operations as authorized by law, but only such information=20
as is necessary or relevant to such audit or oversight function.
    E. To agencies, entities, and persons when:
    1. DHS suspects or has confirmed that the security or=20
confidentiality of information in the system of records has been=20
compromised;
    2. DHS has determined that as a result of the suspected or=20
confirmed compromise, there is a risk of identity theft or fraud, harm=20
to economic or property interests, harm to an individual, or harm to=20
the security or integrity of this system or other systems or programs=20
(whether maintained by DHS or another agency or entity) that rely upon=20
the compromised information; and
    3. The disclosure made to such agencies, entities, and persons is=20
reasonably necessary to assist in connection with DHS's efforts to=20
respond to the suspected or confirmed compromise and prevent, minimize,=20
or remedy such harm.
    F. To contractors and their agents, grantees, experts, consultants,=20
students, and others performing or working on a contract, service,=20
grant, cooperative agreement, or other assignment for DHS, when=20
necessary to accomplish an agency function related to this system of=20
records. Individuals provided information under this routine use are=20
subject to the same Privacy Act requirements and limitations on=20
disclosure as are applicable to DHS officers and employees.
    G. To an appropriate federal, state, tribal, local, international,=20
or foreign law enforcement agency or other appropriate authority=20
charged with investigating or prosecuting a violation or enforcing or=20
implementing a law, rule, regulation, or order, where a record, either=20
on its face or in conjunction with other information, indicates a=20
violation or potential violation of law, which includes criminal,=20
civil, or regulatory violations and such disclosure is proper and=20
consistent with the official duties of the person making the=20
disclosure.
    H. To another federal, state, or local government agency charged=20
with administering federal mitigation or disaster relief programs in=20
order to prevent a duplication of efforts by FEMA and the other agency,=20
or a duplication of benefits to an individual eligible to apply for=20
mitigation grant programs administered by FEMA.
    I. To a federal, state, or local government agency, or other public=20
or private entity (to include voluntary/non-governmental organizations,=20
insurance companies, insurance agents/brokers, individual's employer,=20
and/or financial institutions), when an individual property owner's=20
eligibility for grant assistance to the property, in whole or in part,=20
depends upon financial benefits already received or available from that=20
source for similar purposes.
    J. To the news media and the public, with the approval of the Chief=20
Privacy Officer in consultation with counsel, when there exists a=20
legitimate public interest in the disclosure of the information or when=20
disclosure is necessary to preserve confidence in the integrity of DHS=20
or is necessary to demonstrate the accountability of DHS's officers,=20
employees, or individuals covered by the system, except to the extent=20
it is determined that release of the specific information in the=20
context of a particular case would constitute an unwarranted invasion=20
of personal privacy.

Disclosure to consumer reporting agencies:
    None.

Policies and practices for storing, retrieving, accessing, retaining,=20
and disposing of records in the system.
Storage:
    Records in this system are stored electronically or on paper in=20
secure facilities in a locked drawer behind a locked door. The records=20
are stored on magnetic disc, tape, digital media, and CD-ROM.

Retrievability:
    Records may be retrieved by applicant or sub-applicant organization=20
submitting the grant application, mitigation activity type, hazard=20
type, award date, congressional district, and/or individual's flood=20
insurance policy information.

Safeguards:
    Records in this system are safeguarded in accordance with=20
applicable rules and policies, including all applicable DHS automated=20
systems security and access policies. Strict controls have been imposed=20
to minimize the risk of compromising the information that is being=20
stored. Access to the computer system containing the records in this=20
system is limited to those individuals who have a need to know the=20
information for the performance of their official duties and who have=20
appropriate clearances or permissions.

Retention and disposal:
    In accordance with Government Records Schedule (GRS) 3, Item 14,=20
grant administrative records and hard copies of unsuccessful grant=20
applications files are destroyed when two years old. In accordance with=20
GRS 3, Item 13, electronically received and processed copies of=20
unsuccessful grant application files will be stored for 3 years from=20
the date of denial, and then deleted. In accordance with FEMA Records=20
Schedule N1-311-95-1, Item 1, grant project records are maintained for=20
three years after the end of the fiscal year that the grant or=20
agreement is finalized or when no longer needed, whichever is sooner.=20
In accordance with FEMA Records Schedule N1-311-95-1, Item 3, grant=20
final reports are retired to the Federal Records Center (FRC) three=20
years after cutoff, and then transferred to National Archives and=20
Records Administration (NARA) 20 years after cutoff. In accordance with=20
FEMA Records Schedule N1-311-95-1, Item 2; N1-311-01-8, Item 1; and N1-
311-04-1, Item 1, all other grant (both disaster and non disaster)=20
records will be stored

[[Page 43103]]

for 6 years and 3 months from the date of closeout (where closeout is=20
the date FEMA closes the grant in its financial system) and final audit=20
and appeals are resolved and then deleted. Records of real properties=20
(property acquisition agreement and lists of acquired properties)=20
acquired with FEMA funds for maintenance in accordance with agreement=20
terms of the grant cannot be destroyed until agreement with locality is=20
no longer viable.

System Manager and address:
    Director, Risk Reduction Division, FEMA, 1800 South Bell Street,=20
Arlington, VA 20598-3030.

Notification procedure:
    Individuals seeking notification of and access to any record=20
contained in this system of records, or seeking to contest its content,=20
may submit a request in writing to the FEMA FOIA Officer, whose contact=20
information can be found at <A =
href=3D"http://www.dhs.gov/foia">http://www.dhs.gov/foia</A> under =
``contacts.''=20
If an individual believes more than one component maintains Privacy Act=20
records concerning him or her the individual may submit the request to=20
the Chief Privacy Officer and Chief Freedom of Information Act Officer,=20
Department of Homeland Security, 245 Murray Drive SW., Building 410,=20
STOP-0655, Washington, DC 20528.
    When seeking records about yourself from this system of records or=20
any other Departmental system of records your request must conform with=20
the Privacy Act regulations set forth in 6 CFR part 5. You must first=20
verify your identity, meaning that you must provide your full name,=20
current address and date and place of birth. You must sign your=20
request, and your signature must either be notarized or submitted under=20
28 U.S.C. 1746, a law that permits statements to be made under penalty=20
of perjury as a substitute for notarization. While no specific form is=20
required, you may obtain forms for this purpose from the Chief Privacy=20
Officer and Chief Freedom of Information Act Officer, <A =
href=3D"http://www.dhs.gov/">http://www.dhs.gov/</A> or 1-866-431-0486. =
In addition you must:
    <BULLET> Explain why you believe the Department would have=20
information on you;
    <BULLET> Identify which component(s) of the Department you believe=20
may have the information about you;
    <BULLET> Specify when you believe the records would have been=20
created;
    <BULLET> Provide any other information that will help the FOIA=20
staff determine which DHS component agency may have responsive records;=20
and
    <BULLET> If your request is seeking records pertaining to another=20
living individual, you must include a statement from that individual=20
certifying his/her agreement for you to access his/her records.
    Without the above information the component(s) may not be able to=20
conduct an effective search, and your request may be denied due to lack=20
of specificity or lack of compliance with applicable regulations.

Record access procedures:
    See ``Notification procedure'' above.

Contesting record procedures:
    See ``Notification procedure'' above.

Record source categories:
    Information in this system of records is obtained by FEMA from=20
state, local, tribal, territorial governments, and private and non-
profit organizations via hard copy and electronic applications for=20
assistance. Individual property owners cannot apply directly to FEMA=20
for assistance.

Exemptions claimed for the system:
    None.

    Dated: July 12, 2012.
Mary Ellen Callahan,
Chief Privacy Officer, Department of Homeland Security.
[FR Doc. 2012-17783 Filed 7-20-12; 8:45 am]
BILLING CODE 9110-17-P


</PRE></BODY></HTML>
