BILLING CODE: 5001-06
DEPARTMENT OF DEFENSE
Office of the Secretary
Docket ID: DoD-2024-DHRA-XXXX
Privacy Act of 1974; System of Records
AGENCY: Defense Human Resources Activity, DoD
ACTION: Notice of a modified system of records
SUMMARY: In accordance with the Privacy Act of 1974, the Department of Defense (DoD) is modifying and reissuing a current system of records titled, Defense Travel System (DTS), DHRA 08. The DTS manages and processes unclassified DoD temporary duty travel. It procures commercial travel services via the DTS web portal. The DTS web portal books travel reservations, verifies travel requirements, computes the costs associated with each trip, reconciles cost, disburses payments, and archives each travel record in accordance with DoD requirements. This modification also includes consolidation of the systems and processes contained in the Commercial Travel Information Management System (CTIM), DHRA 14 SORN into the DTS SORN. CTIM is a defense business system that supports the Department in improving performance, providing efficiencies and cost savings, and setting and managing DoD station and housing allowance for military personnel in accordance with Title 37, United States Code. After consolidation with the DTS SORN the DHRA 14 CTIM SORN will be rescinded.
DATES: This system of records is effective upon publication; however, comments on the Routine Uses will be accepted on or before [INSERT DATE 30 DAYS AFTER DATE OF PUBLICATION IN THE FEDERAL REGISTER]. The Routine Uses are effective at the close of the comment period.
ADDRESSES: You may submit comments, identified by docket number and title, by either of the following methods:
Federal Rulemaking Portal: https://www.regulations.gov. Follow the instructions for submitting comments.
Mail: Department of Defense, Office of the Assistant to the Secretary of Defense for Privacy, Civil Liberties, and Transparency, Regulatory Directorate, 4800 Mark Center Drive, Attn: Mailbox 24, Suite 08D09, Alexandria, VA 22350-1700.
Instructions: All submissions received must include the agency name and docket number for this Federal Register document. The general policy for comments and other submissions from members of the public is to make these submissions available for public viewing on the Internet at https://www.regulations.gov as they are received without change, including any personal identifiers or contact information.
FOR FURTHER INFORMATION CONTACT: DHRA Component Privacy Officer, 400 Gigling Rd, Rm DODC-MB 7028, Seaside, CA 93955, dodhra.mc-alex.dhra-hq.mbx.privacy@mail.mil or 831-220-7330.
SUPPLEMENTARY INFORMATION:
I. Background
The Defense Human Resources Activity is modifying the Defense Travel System (DTS) System of Records to ensure it properly represents DoD travel systems. This modification reflects a change to system location, system manager, authority for maintenance of the system, purpose of the system, categories of records in the system, routine uses of records maintained in the system, administrative, physical, and technical safeguards, record access procedures, and notification procedures.
CTIM is required to provide the key tools that are integral to the Defense Travel Management Office to maximize visibility into travel spending, improve program management, and drive down the cost of travel allowing DoD to target areas for savings, adjust policy to reduce spending, and leverage the buying power of the Department. CTIM also supports annual reporting requirements to the General Services Administration and Office of Management and Budget.
DoD SORNs have been published in the Federal Register and are available from the address in FOR FURTHER INFORMATION CONTACT or at the Office of the Assistant to the Secretary for Defense for Privacy, Civil Liberties, and Transparency (OATSD(PLCT)) website at https://dpcld.defense.gov/privacy.
II. Privacy Act
Under the Privacy Act, a “system of records” is a group of records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifiers assigned to the individual. In the Privacy Act, an individual is defined as a U.S. citizen or lawful permanent resident.
In accordance with 5 U.S.C. 552a(r) and Office of Management and Budget (OMB) Circular No. A-108, OATSD (PCLT) has provided a report of this system of records to the OMB and to Congress.
Dated:
Aaron T. Siegel
Alternate OSD Federal Register
Liaison Officer, Department of Defense
SYSTEM NAME AND NUMBER: Defense Travel System, DHRA 08.
SECURITY CLASSIFICATION: Unclassified
SYSTEM LOCATION:
Operational DTS resides at the Central Data Center 1, Quality Technology Services (QTS), 1506 Moran Road, Sterling, VA 20166 with the COOP site at the Central Data Center 2, Quality Technology Services (QTS), 600 Technology Blvd., Sandston, VA 23150.
The Employee Rewards System resides at Amazon Web Service, 21155 Smith Switch Road, Ashburn, VA 20147.
The Automated Trip Request Information Process (ATRIP) resides at the Defense Threat Reduction Agency, 8725 John J. Kingman Road, Stop 6201, Fort Belvoir,
VA 22060-6201.
CTIM resides at the Ashburn Data Center, 44461 Chilum Pl, Ashburn, VA 20147.
Department of Defense (Department or DoD), located at 1000 Defense Pentagon,
Washington, DC 20301-1000, and other Department installations, offices, or
mission locations. Information may also be stored within a government-certified cloud implemented and overseen by the Department's Chief Information Officer (CIO), 6000 Defense Pentagon, Washington, DC 20301-6000.
SYSTEM MANAGERS:
For DTS, DTS Modernization and the Employee Rewards System: Deputy Director, Defense Travel Management Office, 4800 Mark Center Drive, Suite 04J25-01, Alexandria, VA 22350-6000; email: [email protected].
For DTS Archive records: Deputy Director, Defense Travel System Archive, Defense Manpower Data Center, 4800 Mark Center Drive, Alexandria, VA 22350-9000; email: [email protected].
For ATRIP records: Chief, Program Integration Office, Cooperative Threat
Reduction, Defense Threat Reduction Agency, 8725 John J. Kingman Road, Stop 6201, Fort
Belvoir, VA 22060-6201; email: [email protected].
For CTIM: Deputy Director, Defense Travel Management Office, 4800 Mark Center Drive, Alexandria, VA 22350-9000, email: [email protected]
AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 5 U.S.C. 57, Travel, Transportation, and Subsistence; 10 U.S.C. 135, Under Secretary of Defense (Comptroller); 10 U.S.C. 136, Under Secretary of Defense for Personnel and Readiness; 37 U.S.C. 463, Programs of Compliance, Electronic Processing of Travel Claims; 50 U.S.C. § 3711, Authority to carry out Department of Defense Cooperative Threat Reduction Program; 41 C.F.R. 300-304, The Federal Travel Regulation (FTR); DTR 4500.9-R, Defense Transportation Regulation, Parts I - Passenger Movement, II - Cargo Movement, III- Mobility, IV - Personal Property, V - Customs; The Joint Travel Regulations (JTR), Uniformed Service Members and DoD Civilian Employees; Department of Defense (DoD) Directive 5100.87, Department of Defense Human Resources Activity; DoDD 5105.62, Defense Threat Reduction Agency (DTRA);
DoD Instruction 5154.31, Volumes 1 - 6, Commercial Travel Management: Defense Travel System (DTS); DoD Financial Management Regulation 7000.14-R, Vol. 9, Defense Travel System Regulation, current edition; DoD Directive 4500.09E, Transportation and Traffic Management; DoD Directive 4500.09E, Transportation and Traffic Management; DoD Directive 5100.87, Department of Defense Human Resources Activity (DoDHRA); DoD Instruction 1100.13, Surveys of DoD Personnel and E.O. 9397 (SSN), as amended.
PURPOSE(S) OF THE SYSTEM:
A. DTS provides a DoD-wide travel management process that covers official TDY travel, from pre-travel arrangements to post-travel payments. DTS verifies individual travel information is accurate, current, and meets DoD foreign nation requirements for travel within the continental United States and outside the continental United States. The system facilitates the processing of official travel requests for DoD personnel and other individuals traveling on DoD travel orders. DTS provides information to financial systems to reimburse individual travel expenses, as well as to a commercial system to facilitate a voluntary rewards program for travelers using government travel charge cards (GTCC) for select purchases. DTS includes a tracking and reporting system to monitor travel authorizations, obligations, and payments. Additionally, the DoD uses DTS data to conduct surveys of program effectiveness, provide insight into the gap between product/service delivery and customer expectations, and assist in understanding the drivers of customer satisfaction.
B. The DTS business intelligence tool and archives provide a repository for reporting and archiving travel records. It assists with planning, budgeting, and allocating resources for future DoD travel, conducting oversight operations, analyzing travel, budgetary, or other trends, detecting potential fraud and abuse, and provides a mechanism for responding to authorized internal and external requests for data relating to DoD official travel and travel-related services.
C. CTIM establishes a repository of DoD travel records consisting of travel booked within the Defense Travel System (DTS) as well as through commercial travel vendors in order to: satisfy reporting requirements; identify and notify travelers in potential distress due to natural or man-made disaster; assist in the planning, budgeting, and allocation of resources for future DoD travel; conduct oversight operations; analyze travel, budgetary, or other trends; detect potential fraud and abuse; conduct surveys for the evaluation of program effectiveness, calculate travel and housing allowances, provide insight into the gap between product/service delivery and customer expectations, and assist in understanding what drives customer satisfaction; and respond to authorized internal and external requests for data relating to DoD official travel and travel related services, including premium class travel. In addition, CTIM contains rental car program data for US Federal Government travelers. CTIM also provides website-registered guests an online customer support site for submitting inquiries regarding commercial travel within the DoD, including assistance with DTS.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: DoD civilian personnel; active, former, and retired military members; Reserve and National Guard personnel; military academy nominees, applicants, and cadets; all other individuals in receipt of DoD travel orders; foreign nationals in receipt of DoD issued invitational travel orders; dependents of DoD sponsors accompanying the DoD sponsors on travel; registered website guests submitting inquiries regarding DoD commercial travel.
CATEGORIES OF RECORDS IN THE SYSTEM:
A. The DTS collects the following types of personal information: Full name, Social Security Number (SSN), DoD Identification Number (DoD ID Number), gender, date of birth, place of birth, citizenship, passport information, visa information, mailing address, home address, emergency contact name, phone number and personal email address.
1. Employment information including service/agency, duty station information, title/rank/grade, civilian/ military status information, work email address, work phone number, and security clearance level.
2. Financial information including GTCC number and expiration date, personal credit card number and expiration date, personal checking and or savings account numbers and bank routing information.
3. Travel information including frequent flier information, travel itineraries (includes dates of travel) and reservations, trip record number, trip cost estimates, travel vouchers, travel-related receipts, travel document status information, travel budget information, commitment of travel funds, records of actual payment of travel funds, and supporting documentation.
B. CTIM collects records of DoD travelers, information from commercial travel booking systems and the Defense Travel System (DTS) include the following elements: Name, Social Security Number (SSN), truncated SSN, gender, date of birth, e-mail address, Service/Agency, organizational information, mailing address, home address, home, business, and cellular phone numbers, emergency contact information (includes name and telephone number), duty station information, title/rank, civilian/military status information, travel preferences, frequent flyer information, passport information, DoD ID number.
1. Financial information to include government and/or personal charge card account numbers and expiration information, government travel charge card transactions, personal checking and/or savings account numbers, government accounting code/budget information.
2. Trip information to include travel itineraries (includes dates of travel) and reservations, trip record number, trip cost estimates, travel vouchers, travel-related receipts, travel document status information, travel budget information, commitment of travel funds, records of actual payment of travel funds and supporting documentation.
3. For repository records of foreign nationals on invitational travel orders CTIM collects: Foreign Identification (ID) Number or Individual Taxpayer ID Number, name, date of birth, and passport information.
4. For repository records of dependents who are accompanying the DoD sponsor on travel CTIM collects: name, date of birth, and passport information.
5. For registered website guests CTIM collects: name, phone number, e-mail address.
6. If affiliated with DoD CTIM collects: duty station, rank, DoD ID number.
7. If desiring travel alerts CTIM collects: cellular phone number and cellular phone provider.
8. If requiring assistance with DTS: last four of the SSN.
RECORD SOURCE CATEGORIES: Records and information stored in this system of records are obtained from: Individuals, authorized DoD personnel, the Defense Travel System Datamart, the General Services Administration data repository, commercial systems (travel global distribution systems including Sabre, Citi), DoD information systems via electronic import such as the Air Reserve Orders Writing System and Navy Reserve Order Writing System.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, as amended, all or a portion of the records or information contained herein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
A. To contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for the federal government when necessary to accomplish an agency function related to this system of records.
B. To the appropriate Federal, State, local, territorial, tribal, foreign, or international law enforcement authority or other appropriate entity where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether criminal, civil, or regulatory in nature.
C. To any component of the Department of Justice for the purpose of representing the DoD, or its components, officers, employees, or members in pending or potential litigation to which the record is pertinent.
D. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when the DoD or other Agency representing the DoD determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.
E. To the National Archives and Records Administration for the purpose of records management inspections conducted under the authority of 44 U.S.C. 2904 and 2906.
F. To a Member of Congress or staff acting upon the Member’s behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.
G. To appropriate agencies, entities, and persons when (1) the DoD suspects or confirms a breach of the system of records; (2) the DoD determines as a result of the suspected or confirmed breach there is a risk of harm to individuals, the DoD (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the DoD’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
H. To another Federal agency or Federal entity, when the DoD determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.
I. To another Federal, State, or local agency for the purpose of comparing to the agency’s system of records or to non-Federal records, in coordination with an Office of Inspector General in conducting an audit, investigation, inspection, evaluation, or some other review as authorized by the Inspector General Act.
J. To such recipients and under such circumstances and procedures as are mandated by Federal statute or treaty.
K. To Federal and private entities providing travel services for purposes of arranging
transportation at Government expense for official business.
L. To the Internal Revenue Service to provide information concerning the pay of travel
allowances which are subject to federal income tax.
M. To banking establishments for the purpose of confirming billing or expense data.
N. To foreign or international law enforcement, security, or investigatory authorities to
comply with requirements imposed by, or to claim rights conferred in, international agreements and arrangements, including those regulating the stationing and status in foreign countries of DoD military and civilian personnel.
O. To a federal agency, in response to its request in connection with an investigation of an
employee, service member, or other authorized individual to the extent that the information is relevant and necessary to the requesting agency's decision on the matter.
P. To the Office of Personnel Management (OPM) concerning information on pay and leave,
benefits, retirement deduction, and any other information necessary for the OPM to carry out its legally authorized government-wide personnel management functions and studies.
Q. To the Merit Systems Protection Board, including the Office of the Special Counsel, for
the purpose of litigation, including administrative proceedings, appeals, special studies of the civil service and other merit systems, review of OPM or component rules and regulations, investigation of alleged or possible prohibited personnel practices;
and administrative proceedings involving any individual subject of a DoD investigation, and such other functions, promulgated in 5 U.S.C. 1205 and 1206, or as may be authorized by law.
POLICIES AND PRACTICES FOR STORAGE OF RECORDS: Records may be stored electronically or on paper in secure facilities in a locked drawer behind a locked door. The records may be stored on magnetic disc, tape, or digital media; in agency-owned cloud environments; or in vendor Cloud Service Offerings certified under the Federal Risk and Authorization Management Program (FedRAMP).
POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: Records may be retrieved by:
DTS: Travel authorization and voucher records for DoD employees are retrieved by the DoD Component, individuals name, and/or partial or full SSN. For US citizens: records can be retrieved using the full name, trip number, travel dates and travel destination, and DoD component. For employees’ dependents: records can be retrieved using the host employee’s component, individuals name, and SSN.
CTIM: records are retrieved by an individual’s name, email address, passport number, SSN, and/or DoD ID number.
POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: Records are retained by:
DTS: Most records will be destroyed 6 years after the final payment or cancellation. Records relating to a claim will be destroyed 6 years and 3 months after the claim is closed, or when any applicable court order is lifted. In the case of a waiver of a claim, the record will be destroyed 6 years and 3 months after the close of the fiscal year in which the waiver was approved. In the case of a claim for which the Government’s right to collect was not extended, the record will be destroyed 10 years and 3 months after the year in which the Government’s right to collect first accrued.
Employee Rewards System records are cutoff and destroyed when no longer needed for business use.
ATRIP records will be destroyed 6 years after the final payment or cancellation.
CTIM: Records are destroyed 6 years after final payment or cancellation.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS: The DoD safeguards records in this system of records according to applicable rules, policies, and procedures, including all applicable DoD automated systems security and access policies. DoD policies require the use of controls to minimize the risk of compromise of personally identifiable information (PII) in paper and electronic form and to enforce access by those with a need to know and with appropriate clearances. Additionally, the DoD established security audit and accountability policies and procedures which support the safeguarding of PII and detection of potential PII incidents. The DoD routinely employs safeguards such as the following to information systems and paper recordkeeping systems: Multifactor log-in authentication including Common Access Card (CAC) authentication and password; Secret Internet Protocol Router (SIPR token as required); physical and technological access controls governing access to data; network encryption to protect data transmitted over the network;
disk encryption securing disks storing data; key management services to safeguard encryption keys; masking of sensitive data as practicable; mandatory information assurance and privacy training for individuals who will have access; identification, marking, and safeguarding of PII; physical access safeguards including multifactor identification physical access controls, detection, and electronic alert systems for access to servers and other network infrastructure; and electronic intrusion detection systems in DoD facilities.
RECORD ACCESS PROCEDURES: Individuals seeking access to their records should follow the procedures in 32 CFR part 310.
Individuals seeking access to the records contained in DTS, the DTS Archive, or CTIM should address written inquiries to: Office of the Secretary of Defense/Joint Staff, Freedom of Information Act Requester Service Center, Office of Freedom of Information, 1155 Defense Pentagon, Washington, DC 20301-1155.
Requests for records maintained in the ATRIP go to: the Defense Threat Reduction Agency (DTRA) Freedom of Information/Privacy Act Office Request Center, Defense Threat Reduction Agency (DTRA), 8725 John J. Kingman Road, Stop 6201, Fort Belvoir, VA 22060–6201.
Signed, written requests for DTS, DTS Archive, and ATRIPS records should include: the name and number of this system of records notice, along with full name, SSN (if applicable), office or organization where assigned when trip was taken, travel destination, and dates of travel.
Signed, written requests for CTIM records should include: the name and number of this system of records notice along with full name, current address, phone number, and personal email address of the individual.
In addition, the requester must provide either a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the appropriate format:
If executed outside the United States: “I declare [or certify, verify, or state] under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on [date]. [Signature].”
If executed within the United States, its territories, possessions, or commonwealths: “I declare [or certify, verify, or state] under penalty of perjury that the foregoing is true and correct. Executed on [date]. [Signature].”
CONTESTING RECORD PROCEDURES: The DoD rules for accessing records, contesting contents, and appealing initial Component determinations are contained in 32 CFR part 310, or may be obtained from the system manager.
NOTIFICATION PROCEDURES: Individuals seeking to determine whether information about themselves is contained in this system of records should follow the instructions for Record Access Procedures above.
EXEMPTIONS PROMULGATED FOR THE SYSTEMS: None.
HISTORY: March 27, 2020, 85 FR 17319; March 24, 2010, 75 FR 14142
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | BarronTE |
| File Modified | 0000-00-00 |
| File Created | 2024-10-28 |