Privacy Act of 1974; System of Records

Issuing agencies

Abstract

In accordance with the Privacy Act of 1974, as amended, the Corporation for National and Community Service (operating as AmeriCorps) proposes to establish a new system of records titled CNCS- 11-CPO-AHB-AmeriCorps Health Benefits System of Records. AmeriCorps will use this system of records to track, store, manage, and evaluate the paper and electronic records associated with the healthcare benefits offered to AmeriCorps VISTA, AmeriCorps NCCC, and AmeriCorps FEMA Corps members (Members). The records in the system will include information about the enrollment, other insurance coverage, bank account, and medical bills and related healthcare information of the Members, and information about Members' accidents or injuries which may require medical care.

Full Text

<html>
<head>
<title>Federal Register, Volume 88 Issue 144 (Friday, July 28, 2023)</title>
</head>
<body><pre>
[Federal Register Volume 88, Number 144 (Friday, July 28, 2023)]
[Notices]
[Pages 48803-48805]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2023-16026]



[[Page 48803]]

-----------------------------------------------------------------------

CORPORATION FOR NATIONAL AND COMMUNITY SERVICE


Privacy Act of 1974; System of Records

AGENCY: Corporation for National and Community Service.

ACTION: Notice of new systems of records.

-----------------------------------------------------------------------

SUMMARY: In accordance with the Privacy Act of 1974, as amended, the 
Corporation for National and Community Service (operating as 
AmeriCorps) proposes to establish a new system of records titled CNCS-
11-CPO-AHB-AmeriCorps Health Benefits System of Records. AmeriCorps 
will use this system of records to track, store, manage, and evaluate 
the paper and electronic records associated with the healthcare 
benefits offered to AmeriCorps VISTA, AmeriCorps NCCC, and AmeriCorps 
FEMA Corps members (Members). The records in the system will include 
information about the enrollment, other insurance coverage, bank 
account, and medical bills and related healthcare information of the 
Members, and information about Members' accidents or injuries which may 
require medical care.

DATES: You may submit comments until August 28, 2023. Unless comments 
are received that would require a revision, this new system of records 
will become effective on August 28, 2023.

ADDRESSES: You may submit comments identified by system name and number 
by any of the following methods:
    1. Electronically through <a href="http://www.regulations.gov">www.regulations.gov</a>. Once you access 
<a href="http://www.regulations.gov">www.regulations.gov</a>, find the web page for this SORN by searching for 
CNCS-11-CPO-AHB.
    2. By email at <a href="/cdn-cgi/l/email-protection#abdbd9c2ddcac8d2ebc8c5d885ccc4dd"><span class="__cf_email__" data-cfemail="5525273c2334362c15363b267b323a23">[email&#160;protected]</span></a>.
    3. By mail: AmeriCorps Attn: Chief Privacy Officer, OIT, 250 E St. 
SW, Washington, DC 20525.
    4. By hand delivery or courier to AmeriCorps at the address for 
mail between 9:00 a.m. and 4:00 p.m. Eastern Standard Time, Monday 
through Friday, except for Federal holidays.
    Please note that all submissions received may be posted without 
change to <a href="http://www.regulations.gov">www.regulations.gov</a>, including any personal information. 
Commenters should be careful to include in their comments only 
information that they wish to make publicly available.

FOR FURTHER INFORMATION CONTACT: If you have general questions about 
the system of records, you may call ZhuoHong Liu at 202-938-7868, email 
her at <a href="/cdn-cgi/l/email-protection#5d273134281d3e332e733a322b"><span class="__cf_email__" data-cfemail="542e383d2114373a277a333b22">[email&#160;protected]</span></a> or mail them to the address in the ADDRESSES 
section above. Please include the system of record's name and number.

SUPPLEMENTARY INFORMATION: 

I. Background

    The system will enable AmeriCorps to administer and manage the 
healthcare benefit and medical records of its Members and provide 
enhanced streamlined service. This notice of a new system of records, 
as required by 5 U.S.C. 552a, fully complies with all Office of 
Management and Budget policies.
    The website for AmeriCorps VISTA Members' health benefits plans is 
currently <a href="https://americorpsvista.imglobal.com/">https://americorpsvista.imglobal.com/</a>. The website for 
AmeriCorps NCCC and AmeriCorps FEMA Corps' health benefits plan is 
currently <a href="https://americorpsnccc.imglobal.com/">https://americorpsnccc.imglobal.com/</a>.

II. Privacy Act

    The Privacy Act codifies fair information practice principles in a 
statutory framework governing the means by which Federal Government 
agencies collect, maintain, use, and disseminate individuals' records. 
The Privacy Act applies to information that is maintained in a ``system 
of records.'' A ``system of records'' is a group of any records under 
the control of an agency from which information is retrieved by the 
name of an individual or by some identifying number, symbol, or other 
identifying particular assigned to the individual. In the Privacy Act, 
an individual is defined to encompass U.S. citizens and lawful 
permanent residents.
    AmeriCorps will share information from the system in accordance 
with the requirements of the Privacy Act. A full list of routine uses 
is included in the routine uses section of the document published with 
this notice.
    In accordance with 5 U.S.C. 552a(r), AmeriCorps has provided a 
report of this system of records to the Office of Management and Budget 
and to Congress.
    Below is the description of CNCS-11-CPO-AHB-AmeriCorps Health 
Benefits System.

SYSTEM NAME AND NUMBER:
    CNCS-11-CPO-AHB-AmeriCorps Health Benefits System.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Chief of Program Operations Immediate Office, AmeriCorps, 250 E 
Street SW, Washington, DC 20525.

SYSTEM MANAGER(S):
    AHB Information System Owner, Chief of Program Operations Immediate 
Office, AmeriCorps, 250 E Street SW, Washington, DC 20525.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    42 U.S.C. 4955--Support services; 42 U.S.C. 12618--Authorized 
benefits for Corps members; and 45 CFR 2556--Volunteer in Service to 
America.

PURPOSE(S) OF THE SYSTEM:
    AmeriCorps and its contractors use the system to track, store, 
manage, and evaluate the records associated with the health benefits 
offered to the members of AmeriCorps VISTA, AmeriCorps NCCC, and 
AmeriCorps FEMA Corps.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    The system contains records about (1) current and former Members, 
(2) individuals who maintained an insurance policy that covered a 
Member, and (3) individuals connected to an accident or injury that 
resulted in a Member seeking medical care.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records in the system may include, but are not limited to, names, 
genders, dates of birth, addresses, emails, phone numbers, National 
Service Participant Identification (NSPID) Numbers, Exemption 
Certification Numbers, insurance IDs, benefit information, information 
about additional insurance coverage, bank account information, services 
dates and roles, medical bills and related healthcare information, and 
information about accidents and injuries that resulted in a Member 
seeking medical care.

RECORD SOURCE CATEGORIES:
    The sources of records in the system may include, but are not 
limited to, Members and their representatives, AmeriCorps databases, 
healthcare providers, other insurance companies, individuals connected 
to accidents and injuries involving Members, contractors, and 
subcontractors.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b), all or a portion of the records or information contained in 
this system of records may be disclosed outside of AmeriCorps as a 
routine use pursuant to 5 U.S.C. 552a(b)(3) under the circumstances or 
for the purposes described below, to the extent such disclosures are 
compatible with the purposes for which the information was collected:

[[Page 48804]]

    1. To healthcare providers and entities, insurance companies, and 
their authorized representatives to provide healthcare and services and 
coordinate benefits.
    2. To the Office of the President, a Member of Congress, or their 
personnel in response to a request made on behalf of, and at the 
request of, the individual who is the subject of the record. These 
advocates will receive the same records that individuals would have 
received if they had filed their own request.
    3. To any component of the Department of Justice for the purpose of 
representing AmeriCorps or its components, officers, employees, or 
members in pending or potential litigation to which the record is 
pertinent.
    4. In an appropriate proceeding before a court, judicial, 
administrative, or adjudicative body, or official, when AmeriCorps or 
another agency representing AmeriCorps determines the records are 
relevant and necessary to the proceeding, or in an appropriate 
proceeding before an administrative or adjudicative body when the 
adjudicator determines the records to be relevant to the proceeding.
    5. To a Federal or State agency, judicial, administrative, or 
adjudicative body, another party, or their representative to a legal 
matter, or witness when (a) the Federal Government is a party or 
potential party to a judicial, administrative, or adjudicative 
proceeding and (b) the record is both necessary and relevant or 
potentially relevant to that proceeding.
    6. To prospective claimants and their attorneys to negotiate a 
settlement of an actual or prospective claim against AmeriCorps or its 
current or former employees, in advance of the initiation of a formal 
legal proceeding.
    7. To an arbiter, mediator, or another individual authorized to 
investigate or settle a grievance, complaint, or appeal filed by an 
individual who is the subject of, or party to, the record.
    8. To any agency, entity, or individual when necessary to acquire 
information relevant to an investigation.
    9. To an appropriate Federal, State, local, Tribal, international, 
or foreign law enforcement agency or other appropriate authority 
charged with investigating or prosecuting a violation or enforcing or 
implementing a statute, rule, regulation, or order, when a record, 
either on its face or in conjunction with other information, indicates 
a violation or potential violation of civil or criminal law or 
regulatory violations.
    10. To a former AmeriCorps employee for the purpose of responding 
to an official inquiry by a Federal, State, local, Territorial, or 
Tribal entity or professional licensing authority, for the purpose of 
facilitating communications with a former employee that may be 
necessary for personnel-related or other official purposes where the 
AmeriCorps requires information and/or consultation assistance from the 
former employee regarding a matter within that person's former area of 
responsibility.
    11. To unions recognized as exclusive bargaining representatives 
under the Civil Service Reform Act of 1978, 5 U.S.C. 7111 and 7114, the 
Merit Systems Protection Board, arbitrators, the Federal Labor 
Relations Authority, and other parties responsible for the 
administration of the Federal labor-management program for the purpose 
of processing any corrective actions, or grievances, or conducting 
administrative hearings or appeals.
    12. To OPM for the purpose of addressing civilian pay and leave, 
benefits, retirement deduction, and any other information necessary for 
the OPM to carry out its legally authorized government-wide personnel 
management functions and studies.
    13. To appropriate agencies, entities, and persons when:
    a. AmeriCorps suspects or has confirmed that there has been a 
breach of the system of records;
    b. AmeriCorps has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, AmeriCorps 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and
    c. The disclosure made to such agencies, entities, and persons is 
reasonably necessary to assist in connection with AmeriCorps' efforts 
to respond to the suspected or confirmed breach or to prevent, 
minimize, or remedy such harm.
    14. To another Federal agency or Federal entity, when AmeriCorps 
determines that information from the system of records is reasonably 
necessary to assist the recipient agency or entity in:
    a. Responding to a suspected or confirmed breach or
    b. Preventing, minimizing, or remedying the risk of harm to 
individuals, the recipient agency or entity (including its information 
systems, programs, and operations), the Federal Government, or national 
security, resulting from a suspected or confirmed breach.
    15. To the National Archives and Records Administration (NARA) as 
needed to assist AmeriCorps with records management, conduct 
inspections of AmeriCorps records management practices, and carry out 
other activities required by 44 U.S.C. 2904 and 2906.
    16. To respond to a Privacy Act request per the requirements in 45 
CFR part 2508.
    17. To agency contractors, grantees, interns, and other authorized 
individuals engaged to assist the agency in the performance of a 
project, contract, service, grant, cooperative agreement, or other 
activity when it requires access to the records to accomplish an agency 
function, task, or assignment. Individuals provided information under 
this routine use are subject to the same Privacy Act requirements and 
limitations on disclosure as are applicable to AmeriCorps employees.
    18. To the Equal Employment Opportunity Commission when requested 
in connection with investigations into alleged or possible 
discrimination practices in the Federal sector, compliance by Federal 
agencies with the Uniform Guidelines on Employee Selection Procedures, 
or other functions vested in the Commission and to otherwise ensure 
compliance with the provisions of 5 U.S.C. 7201.
    19. To an agency or organization to audit or oversee AmeriCorps' or 
a vendor's operations as authorized by law, but only such information 
as is necessary and relevant to such audit or oversight function.
    20. To any official or designee charged with the responsibility to 
conduct qualitative assessments at a designated statistical agency and 
other well established and trusted public or private research 
organizations, academic institutions, or agencies for an evaluation, 
study, research, or other analytical or statistical purpose.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Paper records are stored in locked rooms, file cabinets, and desks. 
Electronic records and backups are stored on secure servers and 
encrypted media, including computers and network drives.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records in the system may be retrieved by the name, phone number, 
email, date of birth, IMG Member ID, or NSPID Number of Members.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    The system's record schedule is currently under review per 
amendment to title 36, chapter XII, subchapter B, dated June 5, 2023, 
and product records are being appraised to determine their current 
value. Until the records

[[Page 48805]]

schedule is approved by NARA, Federal records would be maintained as 
retrievable and useable indefinitely.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    AmeriCorps safeguards records in this system according to 
applicable laws, rules, and policies, including all applicable 
AmeriCorps systems security and access policies. AmeriCorps has strict 
controls in place to minimize the risk of compromising the information 
that is being stored. Access to the computer system containing the 
records in this system is limited to those individuals who have a need 
to know the information for the performance of their official duties 
and who have appropriate clearances or permissions. Paper records are 
maintained in locked rooms, file cabinets, and desks when not in use. 
Electronic records are maintained in accordance with National Institute 
of Standards and Technology Special Publication 800-53 Rev.5, Security 
and Privacy Controls for Federal Information Systems and Organizations 
or the updated equivalent.

RECORD ACCESS PROCEDURES:
    In accordance with 45 CFR part 2508--Implementation of the Privacy 
Act of 1974, as amended, individuals wishing to access their own 
records as stored within the system of records may contact the FOIA 
Officer/Privacy Act Officer by sending (1) an email to <a href="/cdn-cgi/l/email-protection#0e4841474f4e6d607d20696178"><span class="__cf_email__" data-cfemail="e7a1a8aea6a7848994c9808891">[email&#160;protected]</span></a> or 
(2) a letter addressed to the System Manager, attention Privacy 
Inquiry. Individuals who make a request must include enough identifying 
information (i.e., full name, current address, date, and signature) to 
locate their records, indicate that they want to access their records, 
and be prepared to confirm their identity as required by 45 CFR part 
2508.

CONTESTING RECORD PROCEDURES:
    All requests to contest or amend information maintained in the 
system will be directed to the FOIA Officer/Privacy Act Officer. 
Individuals who make a request must include enough identifying 
information to locate their records, in the manner described above in 
the Record Access Procedures section. Requests should state clearly and 
concisely what information is being contested, the reasons for 
contesting it, and the proposed amendment to the information.

NOTIFICATION PROCEDURES:
    Any individual desiring to contest or amend information not subject 
to exemption may contact the FOIA Officer/Privacy Act Officer via the 
contact information in the Record Access Procedures section. 
Individuals who make a request must include enough identifying 
information to locate their records, indicate that they want to be 
notified whether their records are included in the system, and be 
prepared to confirm their identity as required by 45 CFR part 2508.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.

Prabhjot Bajwa,
Senior Agency Official for Privacy and Chief Information Officer.
[FR Doc. 2023-16026 Filed 7-27-23; 8:45 am]
BILLING CODE 6050-28-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>