Draft SORN

DEPARTMENT OF DEFENSE

BILLING CODE:

Department of the Army

[Docket ID: USA-2019-XXXX]

Privacy Act of 1974; System of Records

AGENCY: Department of the Army, DoD.

ACTION: Notice of a New System of Records.

SUMMARY:

DATES: Comments will be accepted on or before [INSERT 30 DAYS FROM DATE OF PUBLICATION IN THE FEDERAL REGISTER]. This proposed action will be effective the date following the end of the comment period unless comments are received which result in a contrary determination.

ADDRESSES: You may submit comments, identified by docket number and title, by any of the following methods:

* Federal Rulemaking Portal: http://www.regulations.gov.

Follow the instructions for submitting comments.

* Mail: Department of Defense, Office of the Chief Management Officer, Directorate of

Oversight and Compliance, 4800 Mark Center Drive, Mailbox #24, Suite 08D09B, Alexandria, VA 22350-1700.

Instructions: All submissions received must include the agency name and docket number for this Federal Register document. The general policy for comments and other submissions from members of the public is to make these submissions available for public viewing on the Internet at http://www.regulations.gov as they are received without change, including any personal identifiers or contact information.

FOR FURTHER INFORMATION CONTACT: Ms. Tracy Rogers, Department of the Army, U.S. Army Records Management and Declassification Agency, ATTENTION: Army Privacy and Civil Liberties Office, 9301 Chapek Road (Building 1458), Fort Belvoir, VA 22060-5605, or by calling 571-515-0248.

SUPPLEMENTARY INFORMATION:

The Department of the Army’s notices for system of records subject to the Privacy Act of

1974, as amended, have been published in the Federal Register and are available from the address in FOR FURTHER INFORMATION CONTACT or from the Defense Privacy, Civil Liberties, and Transparency Division website at http://defense.gov/privacy.

The proposed systems reports, as required by the Privacy Act, as amended, were submitted on [INSERT DATE], to the House Committee on Oversight and Government Reform, the Senate Committee on Homeland Security and Governmental Affairs, and the Office of Management and Budget (OMB) pursuant to OMB Circular No. A-108, “Federal Agency Responsibilities for Review, Reporting, and Publication Under the Privacy Act,” revised December 23, 2016 (December 23, 2016, 81 FR 94424).

Dated:

Aaron Siegel,

Alternate OSD Federal Register Liaison Officer, Department of Defense.

SYSTEM NAME AND NUMBER: Survivor Outreach Service (SOS) Case Management System, A0608-01.

SECURITY CLASSIFICATION: Unclassified

SYSTEM LOCATION: Installation Management Command, G9, Family Programs Division, 2455 Reynolds Road, Joint Base San Antonio Fort Sam Houston, TX 78234-7588. Third party service provider Amazon Web Services, Incorporated, 410 Terry Avenue North, Seattle, WA 98109-5210.

SYSTEM MANAGER(S) AND ADDRESS: Installation Management Command, G9, Chief, Family Programs Division, 2455 Reynolds Road, Joint Base San Antonio Fort Sam, Houston 78234-7588.

SPECIFIC AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 10 U.S.C. 1475, Death gratuity: death of members on active duty or inactive duty training and of certain other persons; 10 U.S.C. 7013, Secretary of the Army; DODI 1300.18, Department of Defense (DoD) Personnel Casualty Matters, Policies, and Procedures; Army Regulation (AR) 608-1, Army Community Service; AR 638-8, Army Casualty Program; and AR 638-2, Army Mortuary Affairs Program.

PURPOSE OF ESTABLISHING THE SYSTEM: The Survivor Outreach Service Case Management System maintains data necessary to assist surviving family members with benefits and entitlements and captures historical case action information. Records may also be used as a management tool for statistical analysis, tracking, reporting, evaluation of program effectiveness and conducting research.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: Deceased members of the United States Armed Forces and family members of deceased service members of the United States Armed Forces.

CATEGORIES OF RECORDS IN THE SYSTEM: Military service member’s name, branch of service, military status, rank and pay grade. Service member family member names, dates of birth, personal home and cell telephone numbers, home addresses, email addresses, relationship to service member and DCIPS ID.

RECORD SOURCE CATEGORIES: The individual, Casualty Assistance Officers and the Defense Casualty Information Processing System.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, as amended, the records contained herein may specifically be disclosed outside the Department of Defense as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

a. To contractors, experts, consultants, and others performing or working on a contract, service, cooperative agreement, or other assignment for the federal government when necessary to accomplish an agency function related to this system of records.

b. To any component of the Department of Justice for the purpose of representing the DoD, or its components, officers, employees, or members in pending or potential litigation to which the record is pertinent.

c. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when the DoD or other Agency representing the DoD determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.

d. To the National Archives and Records Administration for the purpose of records management inspections conducted under the authority of 44 U.S.C. §§ 2904 and 2906.

e. To a Member of Congress or staff acting upon the Member’s behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.

f. To appropriate agencies, entities, and persons when (1) The Department of Defense suspects or has confirmed that the security or confidentiality of the information in the system of records; (2) the Department of Defense has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Department of Defense (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department of Defense’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

g. To another Federal agency or Federal entity, when the Department of Defense determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS: The records are maintained in electronic storage media, in accordance with the safeguards mentioned below.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: The records are retrieved primarily by the name of the deceased service member, the deceased family member’s name and date of birth.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: Destroy when superseded, obsolete, or when customer requests the agency to remove the records.

ADMINISTRATIVE, PHYSICAL, AND TECHNICAL SAFEGUARDS: Paper and electronic records are protected in accordance with policies in DoD Manual 5200.01, Volume 4, DoD Information Security Program: Controlled Unclassified Information (CUI) and DoD Instruction 8510.01, DoD Risk Management Framework (RMF) for DoD Information Technology (IT). Physical entry to record locations is restricted by the use of locks, and is accessible only to authorized personnel with a need-to-know. The system is maintained in controlled facilities that employ physical restrictions and safeguards such as security guards, identification badges, key cards, and locks. Access to personal data is limited to person(s) responsible for maintaining and servicing VPAS data in performance of their official duties and who are properly trained, screened and cleared for a need-to-know. Access to personal data is further restricted by encryption and the use of Common Access Card (CAC). Security Controls are implemented to provide adequate administrative, technical and physical safeguards in accordance with Risk Management Framework requirements. RECORD ACCESS PROCEDURES: Individuals seeking access to information about themselves contained in this system should address written inquiries to the Installation Management Command, G9, Chief, Family Programs Division, 2455 Reynolds Road, Joint Base San Antonio Fort Sam Houston, TX 78234-7588.

Signed, written requests should include the individual’s full name, telephone number, street address, email address, and name and number of this system of records notice.

In addition, the requester must provide a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

If executed outside the United States: “I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature).”

If executed within the United States, its territories, possessions, or commonwealths: “I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature).”

CONTESTING RECORD PROCEDURES: The Army's rules for accessing records, contesting contents, and appealing initial agency determinations are contained in 32 CFR part 310; Army Regulation 25-22, The Army Privacy Program; or may be obtained from the system manager.

NOTIFICATION PROCEDURES: Individuals seeking to determine whether information about themselves is contained in this system should address written inquiries to the Survivor Outreach Service Program Manager, 2455 Reynolds Road, Joint Base San Antonio Fort Sam Houston, TX 78234-7588.

Signed, written requests should contain the individual’s full name, telephone number, street address, email address and name and number of this system of records notice.

In addition, the requester must provide a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

If executed outside the United States: “I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature).”

If executed within the United States, its territories, possessions, or commonwealths: “'I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature).”

EXEMPTIONS PROMULGATED FOR THE SYSTEM: None.

HISTORY: None.