Voglio sapere a riguardo di…

Federal Register / Vol. 86, No. 38 / Monday, March 1, 2021 / Notices the U.S., and date and time of arrival into the U.S.
RECORD SOURCE CATEGORIES:

We obtain information in this system from applicants, recipients, and beneficiaries under Titles II, XVI and XVIII of the Social Security Act, and from the Department of Homeland Security, Customs and Border Protections Arrival and Departure Information System under established data exchange agreements.
ROUTINE USES OF RECORDS MAINTAINED IN THE
SYSTEM, INCLUDING CATEGORIES OF USERS AND
THE PURPOSES OF SUCH USES:

We will disclose records pursuant to the following routine uses, however, we will not disclose any information defined as return or return information under 26 U.S.C. 6103 of the Internal Revenue Code, unless authorized by statute, the Internal Revenue Service IRS, or IRS
regulations.
1. To a congressional office in response to an inquiry from that office made on behalf of, and at the request of, the subject of the record or third party acting on the subjects behalf.
2. To the Office of the President in response to an inquiry from that office made on behalf of, and at the request of, the subject of the record or a third party acting on the subjects behalf.
3. To the National Archives and Records Administration NARA under 44 U.S.C. 2904 and 2906.
4. To appropriate agencies, entities, and persons when:
a SSA suspects or has confirmed that there has been a breach of the system of records;
b SSA has determined that as a result of the suspected or confirmed breach, there is a risk of harm to individuals, SSA including its information systems, programs, and operations, the Federal Government, or national security; and c the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connections with SSAs efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.
5. To another Federal agency or Federal entity, when SSA determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in:
a Responding to a suspected or confirmed breach; or b preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity including its information
VerDate Sep<11>2014

20:22 Feb 26, 2021

Jkt 253001

systems, programs, and operations, the Federal Government, or national security, resulting from a suspected or confirmed breach.
6. To the Department of Justice DOJ, a court or other tribunal, or another party before such court or tribunal, when:
a SSA, or any component thereof; or b any SSA employee in his/her official capacity; or c any SSA employee in his/her individual capacity where DOJ or SSA, where it is authorized to do so has agreed to represent the employee; or d the United States or any agency thereof where SSA determines the litigation is likely to affect SSA or any of its components, is a party to the litigation or has an interest in such litigation, and SSA
determines that the use of such records by DOJ, a court or other tribunal, or another party before the tribunal is relevant and necessary to the litigation, provided, however, that in each case, the agency determines that disclosures of the records to DOJ, court or other tribunal, or another party is a use of the information contained in the records that is compatible with the purpose for which the records were collected.
7. To Federal, State and local law enforcement agencies and private security contractors, as appropriate, information necessary:
a To enable them to protect the safety of SSA employees and customers, the security of the SSA workplace, the operation of SSA facilities, or b to assist investigations or prosecutions with respect to activities that affect such safety and security or activities that disrupt the operations of SSA facilities.
8. To contractors and other Federal agencies, as necessary, for the purpose of assisting SSA in the efficient administration of its programs. We disclose information under this routine use only in situations in which SSA
may enter into a contractual or similar agreement with a third party to assist in accomplishing an agency function relating to this system of records.
9. To student volunteers, individuals working under a personal services contract, and other workers who technically do not have the status of Federal employees when they are performing work for SSA, as authorized by law, and they need access to personally identifiable information PII
in SSA records in order to perform their assigned agency functions.

PO 00000

Frm 00155

Fmt 4703

Sfmt 4703

12073

POLICIES AND PRACTICES FOR STORAGE OF
RECORDS:

We will maintain records in this system in paper and electronic form.
POLICIES AND PRACTICES FOR RETRIEVAL OF
RECORDS:

We will retrieve records by the names, SSN, and date of birth of applicants, recipients, or beneficiaries under Titles II, XVI, and XVIII of the Social Security Act.
POLICIES AND PRACTICES FOR RETENTION AND
DISPOSAL OF RECORDS:

In accordance with the approved NARA rules codified at 36 CFR 1225.16, we maintain records in accordance with NARA General Records Schedule 4.2
Information Access and Protection Records, Item 130 Personally Identifiable Information Extracts. See https www.archives.gov/files/recordsmgmt/grs/grs04-2.pdf.
ADMINISTRATIVE, TECHNICAL, AND PHYSICAL
SAFEGUARDS:

We retain electronic and paper files with personal identifiers in secure storage areas accessible only by our authorized employees and contractors who have a need for the information when performing their official duties.
Security measures include the use of codes and profiles, personal identification number PIN and password, and personal identification verification cards. We further restrict the electronic records by the use of the PIN for only those employees who are authorized to access the system. We keep paper records in locked cabinets within secure areas, with access limited to only those employees who have an official need for access in order to perform their duties.
We annually provide our employees and contractors with appropriate security awareness training that includes reminders about the need to protect PII and the criminal penalties that apply to unauthorized access to, or disclosure of, PII e.g., 5 U.S.C.
552ai1. Furthermore, employees and contractors with access to databases maintaining PII must sign a sanctions document annually, acknowledging their accountability for inappropriately accessing or disclosing such information.
RECORD ACCESS PROCEDURES:

Individuals may submit requests for information about whether this system contains a record about them by submitting a written request to the system manager at the above address, which includes their name, SSN, or other information that may be in this system of records that will identify
E:FRFM01MRN1.SGM

01MRN1