Privacy Act of 1974; System of Records

Issuing agencies

Abstract

Pursuant to the Privacy Act of 1974 and Office of Management and Budget Circular No. A-108, the U.S. Department of Agriculture (USDA) give notice that a component agency, the Animal and Plant Health Inspection Service (APHIS) proposes to modify an existing system of records notice titled Emergency Management Response System (EMRS), USDA/APHIS-11. This system, among other things, helps APHIS to manage and investigate incidents of foreign animal diseases within the United States.

Full Text

<html>
<head>
<title>Federal Register, Volume 86 Issue 234 (Thursday, December 9, 2021)</title>
</head>
<body><pre>
[Federal Register Volume 86, Number 234 (Thursday, December 9, 2021)]
[Notices]
[Pages 70082-70086]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2021-26684]


-----------------------------------------------------------------------

DEPARTMENT OF AGRICULTURE

Animal and Plant Health Inspection Service

[Docket No. APHIS-2020-0015]


Privacy Act of 1974; System of Records

AGENCY: Animal and Plant Health Inspection Service, USDA.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

[[Page 70083]]

SUMMARY: Pursuant to the Privacy Act of 1974 and Office of Management 
and Budget Circular No. A-108, the U.S. Department of Agriculture 
(USDA) give notice that a component agency, the Animal and Plant Health 
Inspection Service (APHIS) proposes to modify an existing system of 
records notice titled Emergency Management Response System (EMRS), 
USDA/APHIS-11. This system, among other things, helps APHIS to manage 
and investigate incidents of foreign animal diseases within the United 
States.

DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), this notice is 
applicable upon publication, subject to a 30-day notice and comment 
period in which to comment on the routine uses described in the routine 
uses section of this system of records notice. Please submit any 
comments by January 10, 2022.

ADDRESSES: You may submit comments by either of the following methods:
    <bullet> Federal eRulemaking Portal: Go to <a href="http://www.regulations.gov">http://www.regulations.gov</a>. Enter APHIS-2020-0015 in the Search field. Select 
the Documents tab, then select the comment button in the list of 
documents.
    <bullet> Postal Mail/Commercial Delivery: Send your comment to 
Docket No. APHIS-2020-0015, Regulatory Analysis and Development, PPD, 
APHIS, Station 3A-03.8, 4700 River Road, Unit 118, Riverdale, MD 20737-
1238.
    Supporting documents and any comments we receive on this docket may 
be viewed at <a href="http://www.regulations.gov">http://www.regulations.gov</a> or in our reading room, which 
is located in Room 1620 of the USDA South Building, 14th Street and 
Independence Avenue SW, Washington, DC. Normal reading room hours are 8 
a.m. to 4:30 p.m., Monday through Friday, except holidays. To be sure 
someone is there to help you, please call (202) 799-7039 before coming.

FOR FURTHER INFORMATION CONTACT: For general questions, please contact 
Dr. Fred G. Bourgeois, EMRS National Coordinator, Strategy and Policy, 
National Preparedness and Incident Command, VS, APHIS, Lake Charles, 
LA; (318) 288-4083; <a href="/cdn-cgi/l/email-protection#41273324256f266f232e343326242e283201343225206f262e37"><span class="__cf_email__" data-cfemail="680e1a0d0c460f460a071d1a0f0d07011b281d1b0c09460f071e">[email&#160;protected]</span></a>. For Privacy Act 
questions concerning this system of records notice, please contact Ms. 
Tonya Woods, Director, Freedom of Information and Privacy Act Staff, 
4700 River Road, Unit 50, Riverdale, MD 20737; (301) 851-4076. For USDA 
Privacy Act questions, please contact the USDA Chief Privacy Officer, 
Information Security Center, Office of Chief Information Officer, USDA, 
Jamie L. Whitten Building, 1400 Independence Ave. SW, Washington, DC 
20250; email: <a href="/cdn-cgi/l/email-protection#7e2b2d3a3f2e0c17081f1d073e0b0d1a1f50191108"><span class="__cf_email__" data-cfemail="8bded8cfcadbf9e2fdeae8f2cbfef8efeaa5ece4fd">[email&#160;protected]</span></a>.

SUPPLEMENTARY INFORMATION: The U.S. Department of Agriculture (USDA) 
Animal and Plant Health Inspection Service (APHIS) is modifying an 
existing system of records notice for APHIS' Emergency Management 
Response System (EMRS), USDA/APHIS-11, which was last published on 
April 30, 2008, in its entirety in the Federal Register (73 FR 23409-
23412, Docket No. APHIS-2008-0039).\1\
---------------------------------------------------------------------------

    \1\ To view the notice, go to <a href="http://www.regulations.gov">www.regulations.gov</a> and enter 
APHIS-2008-0039 in the Search field.
---------------------------------------------------------------------------

    EMRS is used by APHIS' Veterinary Services (VS) to help manage, 
coordinate, report, and investigate activities such as incidents of 
foreign animal diseases in the United States (including disposal, 
cleaning and disinfection, and associated indemnity payments), 
surveillance and control programs, State-specific disease outbreaks, 
national animal health emergency responses (all-hazards), and allow for 
tracing of animal movement and records, as well as premises and 
activity mapping. If an animal disease were to be detected in the 
United States, VS would activate its Incident Command System (ICS). ICS 
team members are trained to control and eradicate foreign animal 
diseases. As necessary and appropriate for the specific incident, team 
members would, among other things, confirm the presence of the disease, 
inspect infected and exposed animals, appraise the value of animals 
that may have to be destroyed, conduct vaccination programs and 
epidemiological studies, dispose of animal carcasses, and clean and 
disinfect premises. Records of these activities would be maintained in 
EMRS.
    APHIS is making the following changes to the system of records 
notice:
    <bullet> Updating the system location and system manager;
    <bullet> Updating the purpose of the system;
    <bullet> Expanding the categories of individuals to identify the 
roles of the APHIS employees included in the system and to add 
responders and coordinators since these individuals will participate in 
activities associated with the system;
    <bullet> Making minor editorial changes to the categories of 
records;
    <bullet> Revising the record source categories to add reference to 
a database within EMRS and to add that information in the system may be 
obtained from the Financial Modernization Incentive for payment status;
    <bullet> Updating the policies and practices for storage, 
retrievability, and retention and disposal of records in the system;
    <bullet> Updating the system safeguards;
    <bullet> Updating the notification, record access, and contesting 
record procedures; and
    <bullet> Deleting, revising, redesignating, and establishing 
routine uses as follows:
    [cir] Revising current routine uses 1 and 2 to add reference to 
Tribal animal health officials and, in routine use 1, adding that 
information may be shared to identify premises before an event to allow 
for faster response;
    [cir] Deleting current routine use 3 because EMRS has never shared 
data or connected data to/from the Department of Homeland Security's 
(DHS) National Biosurveillance Integration System (now known as 
Biosurveillance Common Operating Network (BCON)) and APHIS' Offshore 
Pest Information System (OPIS). However, if this should change, 
information would be shared with DHS' BCON system as described in 
routine uses 1 and 2. A routine use for OPIS is not needed since it is 
a system that is internal to USDA;
    [cir] Revising current routine use 4 and redesignating it as 
routine use 3. The changes are editorial and intended to more 
accurately describe the referral of records to appropriate law 
enforcement agencies, entities, and persons;
    [cir] Revising current routine use 5 and redesignating it as 
routine use 4. The changes are editorial and conforming changes;
    [cir] Revising current routine use 6 and redesignating it as 
routine use 5. The changes are editorial and intended to more 
accurately describe the disclosure of records to a court or 
adjudicative body;
    [cir] Revising current routine use 7 and redesignating as routine 
use 6. The changes are editorial and intended to more accurately 
describe the disclosure of records to appropriate agencies;
    [cir] Establishing new routine use 7 for disclosure to another 
Federal agency or entity of information reasonably necessary to assist 
in responding to a suspected or confirmed breach or to prevent, 
minimize, or remedy harm, in accordance with Office of Management and 
Budget (OMB) Memorandum M-17-12 (Preparing for and Responding to a 
Breach of Personally Identifiable Information);
    [cir] Revising current routine use 8. The changes are editorial and 
intended to more accurately describe disclosure to USDA contractors and 
other parties assisting in administering the program, analyzing data, 
information

[[Page 70084]]

management systems, Freedom of Information Act requests, and audits;
    [cir] Removing current routine use 9 since this routine use is 
included in revised routine use 8;
    [cir] Establishing new routine use 9 to describe disclosure to 
Congressional offices in response to an inquiry made at the written 
request of the individual to whom the record pertains; and
    [cir] Revising current routine use 10 to more accurately reflect 
where record management inspections may occur.
    A report on the modified system of records, required by 5 U.S.C. 
552a(r), as implemented by OMB Circular A-108, was sent to the 
Chairman, Committee on Homeland Security and Governmental Affairs, 
United States Senate; the Chairwoman, Committee on Oversight and 
Reform, House of Representatives; and the Administrator, Office of 
Information and Regulatory Affairs, OMB.

    Done in Washington, DC, this 30th day of November 2021.
Jack Shere,
Acting Administrator, Animal and Plant Health Inspection Service.

SYSTEM NAME AND NUMBER:
    USDA/APHIS-11, Emergency Management Response System (EMRS).

SECURITY CLASSIFICATION:
    None.

SYSTEM LOCATIONS:
    The Animal and Plant Health Inspection Service (APHIS) located at 
4700 River Road, Riverdale, MD 20737, is responsible for the system. 
EMRS records are maintained in a Government-approved cloud server 
accessed through secure data centers in the continental United States. 
Paper files are held at various Veterinary Services (VS) national, 
district, and field offices. Due to the number of offices, specific 
addresses can be found at: <a href="https://www.aphis.usda.gov/aphis/ourfocus/animalhealth/contact-us">https://www.aphis.usda.gov/aphis/ourfocus/animalhealth/contact-us</a>. Cloud service providers are MS Azure 
Government (US Gov Virginia), 101 Herbert Dr., Boydton, VA 23917 
(Eastern Region); and MS Azure Government (US Gov Texas), 5150 Rogers 
Road, San Antonio, TX 78251 (Western Region).

SYSTEM MANAGER:
    EMRS National Coordinator, National Preparedness & Incident 
Coordination, Veterinary Services, APHIS, USDA, Lake Charles, LA; (318) 
288-4083.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    Animal Health Protection Act (7 U.S.C. 8301 et seq.).

PURPOSES OF THE SYSTEM:
    APHIS' VS program uses EMRS to help manage, coordinate, report, and 
investigate activities such as incidents of foreign animal diseases in 
the United States (including disposal, cleaning and disinfection, and 
associated indemnity payments), surveillance and control programs, 
State-specific disease outbreaks, national animal health emergency 
responses (all-hazards), and allow for tracing of animal movement and 
records, as well as premises and activity mapping. To fulfill this 
purpose, EMRS allows for APHIS to use visualization software to build 
premises maps and epidemiological models. EMRS will also maintain 
information concerning APHIS employees who may be deployed as members 
of Incident Command System teams.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Categories of individuals covered by the system include, but are 
not limited to, customers, such as State animal health officials and 
industry, who obtain services under EMRS, including the owner or 
operator of the premises where the animals subject to investigation are 
located and the referring contact who provided initial premises 
information; APHIS employees involved in the diagnostic and 
investigation activities; and responders and cooperators.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Categories of records in the system include:
    Owner or operator of the premises where the animals subject to 
investigation are located; the system includes the following 
information, such as, but not limited to, the name; address (including 
city, county, State, postal code, and latitude/longitude coordinates); 
premises identification number; and telephone number.
    Referring contact information, which includes name and telephone 
number.
    Case coordinator of the premises investigation. (The system 
includes name, telephone number, and email address.)
    APHIS employees. (The system includes information such as, but not 
limited to, the name; agency, program, and group; current duty 
assignment; encrypted employee identification number; grade, series, 
and step; duty city and State; home address, including latitude/
longitude coordinates; home telephone number; home email address; 
emergency contact information; work and field addresses, email 
addresses and telephone numbers; supervisor contact information; 
personal protective equipment type, size, and model; existing and 
desired skills, experience and training; position certifications; 
AgLearn training classes; medical clearance information; and a 
description of property or fleet vehicle assigned to the employee.)
    The system will also include nicknames, titles, and organization 
for the entities above, as applicable.

RECORD SOURCE CATEGORIES:
    Information in this system comes primarily from the customers, 
including the owner or operator of the premises where the animals 
subject to investigation are located, the referring contact who 
provided initial premises information, and case coordinator. Such 
information may be supplemented by information from an address-
validation database, by APHIS personnel during an on-site 
investigation, by State and Tribal veterinary offices and State 
laboratories, or by APHIS' National Veterinary Services Laboratories. 
Information may also be obtained from the Financial Management 
Modernization Incentive for payment status. Employee information is 
obtained primarily from the employee. Additionally, employee 
information may be obtained from the U.S. Department of Agriculture's 
(USDA's) National Finance Center, AgLearn database, and Federal 
Occupational Health, U.S. Department of Health and Human Services.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b) of the Privacy Act, records contained in the system may be 
disclosed outside USDA as a routine use under 5.U.S.C. 552a(b)(3), to 
the extent that such uses are compatible with the purposes for which 
the information was collected. Such permitted routine uses include the 
following:
    (1) To certain Federal, State, and Tribal animal health officials 
to identify premises before an event to allow for faster response, 
monitor the status of an animal disease investigation, document actions 
taken relating to an animal disease investigation, track the status of 
animals susceptible to foreign animal diseases, determine the costs of 
an animal disease investigation, monitor the use and availability of 
assets and personnel relating to animal disease investigations, or 
perform epidemiological and geospatial analyses of such investigations;
    (2) To Federal, State, and Tribal animal health officials within 
the system to obtain feedback regarding the

[[Page 70085]]

EMRS system and emergency preparedness guidelines, and to educate and 
involve them in program development, program requirements, and 
standards of conduct;
    (3) When a record on its face, or in conjunction with other 
records, indicates a violation or potential violation of law, whether 
civil, criminal, or regulatory in nature, and whether arising by 
general statute or particular program, statute, or by regulation, rule, 
or order issued pursuant thereto, disclosure may be made to the 
appropriate agency, whether Federal, foreign, State, Tribal, local, or 
other public authority responsible for enforcing, investigating, or 
prosecuting such violation or charged with enforcing or implementing 
the statute, or rule, regulation, or order issued pursuant thereto, if 
the information disclosed is relevant to any enforcement, regulatory, 
investigative, or prosecutive responsibility of the receiving entity;
    (4) To the Department of Justice when: (a) USDA or any component 
thereof; or (b) any employee of USDA in his or her official capacity, 
where the Department of Justice has agreed to represent the employee; 
or (c) the United States Government, is a party to litigation or has an 
interest in such litigation, and USDA determines that the records are 
both relevant and necessary to the litigation and the use of such 
records by the Department of Justice is for a purpose that is 
compatible with the purpose for which USDA collected the records;
    (5) In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body or official, when USDA or other 
Agency representing USDA determines that the records are relevant and 
necessary to the proceeding; or in an appropriate proceeding before an 
administrative or adjudicative body when the adjudicator determines the 
records to be relevant to the proceeding;
    (6) To appropriate agencies, entities, and persons when: (a) USDA 
suspects or has confirmed that the security or confidentiality of 
information in the system of records has been compromised; (b) USDA has 
determined that as a result of the suspected or confirmed breach there 
is a risk of harm to individuals, USDA (including its information 
systems, programs, and operations), the Federal Government, or national 
security; and (c) the disclosure made to such agencies, entities, and 
persons is reasonably necessary to assist in connection with USDA's 
efforts to respond to the suspected or confirmed compromise and 
prevent, minimize, or remedy such harm;
    (7) To another Federal agency or Federal entity, when information 
from this system of records is reasonably necessary to assist the 
recipient agency or entity in (a) responding to a suspected or 
confirmed breach or (b) preventing, minimizing, or remedying the risk 
of harm to individuals, the agency (including its information systems, 
programs, and operations), the Federal Government, or national 
security;
    (8) To contractors and their agents, grantees, experts, 
consultants, and others performing or working on a contract, service, 
grant, cooperative agreement, or other assignment for the USDA, when 
necessary to accomplish an agency function related to this system of 
records;
    (9) To a Congressional office in response to an inquiry from that 
Congressional office made at the written request of the individual 
about whom the record pertains; and
    (10) To the National Archives and Records Administration (NARA) or 
other Federal Government agencies pursuant to records management 
inspections being conducted under 44 U.S.C. 2904 and 2906.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:
    None.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic records are stored on servers located as indicated above 
under ``System Locations''. Paper files are held at various VS 
national, district, and field offices that are locked during non-
business hours and require presentation of employee identification for 
admittance and access at all times.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Data can be retrieved only by personnel who successfully 
authenticate using their eAuthentication PIV or eAuthentication 
username/password credential and are authorized with specific EMRS 
role(s). Data can be retrieved by premises identification number, 
reference control number, name, premises, incident group, or incident 
site. Data regarding an employee, cooperator, or responder can be 
retrieved by name, nickname, employee identification number, title, 
organization, property, or fleet vehicle.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    In accordance with NARA-approved records disposition authorities, 
paper records will be retained for the following periods of time: All 
incident-related premise record data associated with a foreign animal 
disease investigation will be retained for a period of 50 years. For 
the remaining records, APHIS is in the process of preparing a records 
disposition request from NARA, and these records will be retained until 
appropriate disposition authority is obtained from NARA.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    The EMRS safeguards include management, operational, and technical 
controls to prevent misuse of data by system users. These controls 
include role-based access. State and Tribal entities have access 
limited to data from their State or area. Access to the restricted 
portions of the database system requires certain levels of 
authorization through USDA eAuthentication, which is a system that 
enables individuals to obtain user-identification accounts with 
password-protected access to certain USDA web-based applications and 
services through the internet. APHIS personnel who input data must have 
a high-level eAuthentication account.

RECORD ACCESS PROCEDURES:
    All requests for access to records must be in writing and should be 
submitted to the APHIS Privacy Act Officer, 4700 River Road, Unit 50, 
Riverdale, MD 20737; or by facsimile (301) 734-5941; or by email 
<a href="/cdn-cgi/l/email-protection#7130213938222103180710120831040215105f161e07"><span class="__cf_email__" data-cfemail="5514051d1c0605273c2334362c15202631347b323a23">[email&#160;protected]</span></a>. In accordance with 7 CFR 1.112 (Procedures for 
requests pertaining to individual records in a record system), the 
request must include the full name of the individual making the 
request; the name of the system of records; and preference of 
inspection, in person or by mail. In accordance with 7 CFR 1.113, prior 
to inspection of the records, the requester shall present sufficient 
identification (e.g., driver's license, employee identification card, 
social security card, credit cards) to establish that the requester is 
the individual to whom the records pertain. In addition, if an 
individual submitting a request for access wishes to be supplied with 
copies of the records by mail, the requester must include with his or 
her request sufficient data for the agency to verify the requester's 
identity.

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest or amend records maintained in this 
system of records must direct their request to the address indicated 
above in the ``RECORD ACCESS PROCEDURES'' paragraph and must follow the 
procedures set forth in 7 CFR 1.116 (Request for correction or

[[Page 70086]]

amendment to record). All requests must state clearly and concisely 
what record is being contested, the reasons for contesting it, and the 
proposed amendment to the record.

NOTIFICATION PROCEDURES:
    Individuals may be notified if a record in this system of records 
pertains to them when the individuals request information utilizing the 
same procedures as those identified in the ``RECORD ACCESS PROCEDURES'' 
paragraph above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    On April 30, 2008 (73 FR 23409-23412, Docket No. APHIS-2008-0039), 
USDA/APHIS-11, ``Emergency Management Response System'' was published 
as a new system of records and effective on June 9, 2008.

[FR Doc. 2021-26684 Filed 12-8-21; 8:45 am]
BILLING CODE 3410-34-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>