Privacy Act of 1974; System of Records

Issuing agencies

Abstract

Pursuant to the Privacy Act of 1974, Office of Management and Budget (OMB) Circular No. A-108, and Federal law, notice is hereby given that the DOJ's Office of Justice Programs (OJP) proposes a new system of records notice titled the Peer Review Management System (PRMS), JUSTICE/OJP-020. The DOJ uses the PRMS, a web-based tool, to manage the planning, selection, and assignment of peer reviewers as part of the merit review of DOJ's funding opportunities.

Full Text

<html>
<head>
<title>Federal Register, Volume 89 Issue 229 (Wednesday, November 27, 2024)</title>
</head>
<body><pre>
[Federal Register Volume 89, Number 229 (Wednesday, November 27, 2024)]
[Notices]
[Pages 93656-93658]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2024-27570]


-----------------------------------------------------------------------

DEPARTMENT OF JUSTICE

[CPCLO Order No. 007-2024


Privacy Act of 1974; System of Records

AGENCY: Office of Justice Programs, United States Department of 
Justice.

ACTION: Notice of a new system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the Privacy Act of 1974, Office of Management and 
Budget (OMB) Circular No. A-108, and Federal law, notice is hereby 
given that the DOJ's Office of Justice Programs (OJP) proposes a new 
system of records notice titled the Peer Review Management System 
(PRMS), JUSTICE/OJP-020. The DOJ uses the PRMS, a web-based tool, to 
manage the planning, selection, and assignment of peer reviewers as 
part of the merit review of DOJ's funding opportunities.

DATES: In accordance with 5 U.S.C. 552a(e)(4) and (11), this system of 
records is effective upon publication, subject to a 30-day period in 
which to comment on the routine uses described below. Please submit any 
comments by December 27, 2024.

ADDRESSES: The public, OMB, and Congress are invited to submit any 
comments by mail to the United States Department of Justice, Office of 
Privacy and Civil Liberties, ATTN: Privacy Analyst, 145 N St. NE, Suite 
8W, Washington, DC 20002; by facsimile at 202-307-0693; or by email at 
<a href="/cdn-cgi/l/email-protection#4333312a3522203a6d202c2e332f2a222d2026033630272c296d242c35"><span class="__cf_email__" data-cfemail="7e0e0c17081f1d07501d11130e12171f101d1b3e0b0d1a111450191108">[email&#160;protected]</span></a>. To ensure proper handling, please 
reference the above CPCLO Order No. on your correspondence.

FOR FURTHER INFORMATION CONTACT: Bryce Mitchell, Division Director; 
Enterprise Application Development Division, Office of the Chief 
Information Officer, Office of Justice Programs; 999 North Capitol 
Street NE, Washington, DC 20002, <a href="/cdn-cgi/l/email-protection#fdbf8f849e98d3b094899e95989191bd888e999297d39a928b"><span class="__cf_email__" data-cfemail="7331010a10165d3e1a07101b161f1f330600171c195d141c05">[email&#160;protected]</span></a>, (202) 598-
9418.
    Jennifer Tyson, Deputy Director, Grants Management Division, Audit, 
Assessment, and Management, Office of Justice Programs; 999 North 
Capitol Street NE, Washington, DC 20002, <a href="/cdn-cgi/l/email-protection#a7edc2c9c9cec1c2d589f3ded4c8c9e7d2d4c3c8cd89c0c8d1"><span class="__cf_email__" data-cfemail="f4be919a9a9d929186daa08d879b9ab48187909b9eda939b82">[email&#160;protected]</span></a>, 
(202) 307-0750.

SUPPLEMENTARY INFORMATION: 
    Potential peer reviewers, who may be members of the public or 
Federal Government personnel, use the PRMS online tool to enter their 
records via enrollment applications (i.e., profiles) to be considered 
for peer review assignments. Authorized DOJ users (i.e. DOJ program 
office and contract staff) can search these profiles to nominate and 
invite a peer reviewer to review and score DOJ funding opportunity 
applications. Authorized users (i.e., those members of the public or 
Federal Government personnel invited by a DOJ program office staff to 
serve as peer reviewer) may log into PRMS to review their profiles and 
obtain access to assigned peer review tasks.
    In accordance with 5 U.S.C. 552a(r), the DOJ has provided a report 
to OMB and Congress on this new system of records.

    Dated: November 19, 2024
Peter A. Winn,
Acting Chief Privacy and Civil Liberties Officer, United States 
Department of Justice.
JUSTICE/OJP--020

SYSTEM NAME AND NUMBER: \
    Peer Review Management System (PRMS), JUSTICE/OJP--020

SECURITY CLASSIFICATION:
    The system is unclassified.

SYSTEM LOCATION:
    Records in this system are maintained at the following locations: 
Office of Justice Programs (OJP); 999 North Capitol Street NE, 
Washington, DC 20002; and cloud service providers at AWS GovCloud; 1200 
12th Avenue; South Seattle, WA 98144. The cloud computing service 
providers and their location may change from time to time, and this 
document may not reflect the most current information available. To 
confirm information about the current cloud computing service provider, 
please contact OJP through the OJP service desk at email address 
<a href="/cdn-cgi/l/email-protection#347b7e641a7d60475146425d57515051475f745b5e441a4147505b5e1a535b42"><span class="__cf_email__" data-cfemail="0c43465c2245587f697e7a656f6968697f674c63667c22797f686366226b637a">[email&#160;protected]</span></a>.

SYSTEM MANAGER(S):
    Bryce Mitchell, Division Director, Enterprise Application 
Development Division, Office of the Chief Information Officer, Office 
of Justice Programs, 999 North Capitol Street NE, Washington, DC 20002, 
<a href="/cdn-cgi/l/email-protection#2260505b41470c6f4b56414a474e4e625751464d480c454d54"><span class="__cf_email__" data-cfemail="9ddfefe4fef8b3d0f4e9fef5f8f1f1dde8eef9f2f7b3faf2eb">[email&#160;protected]</span></a>, (202) 514-2412.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    28 U.S.C. 530C, Authority to use available funds; 34 U.S.C. 
10226(b), Personnel and Administrative Authority

PURPOSE(S) OF THE SYSTEM:
    The Peer Review Management System (PRMS) supports DOJ's overall 
grantmaking and research efforts toward fair, equitable, and objective 
funding decisions by providing a centralized directory for DOJ staff to 
obtain peer reviewers. DOJ peer reviewers consist of Federal Government 
staff or members of the public, who offer their expertise in merit 
reviewing and scoring OJP funding opportunities. The system achieves 
this purpose through its two main components, the Peer Reviewer 
Database (PRD) and the Peer Review Support System (PRSS).
    The PRD maintains and disseminates records of peer reviewers and 
potential peer reviewers, including their electronic enrollment 
information. This component collects records about potential peer 
reviewers who voluntarily complete a multi-step online application 
process to be assigned peer review as needed by DOJ. The PRD allows 
authorized DOJ users (DOJ program and contractor staff) to nominate and 
invite a potential peer reviewer for a peer review assignment. 
Authorized DOJ users can also review and evaluate work performed once a 
peer reviewer completes an assignment.
    The PRSS maintains details of the peer review process necessary for 
authorized DOJ users to manage the peer review process, including 
application review criteria from funding opportunities, application 
data, and peer reviewer assignments. The PRSS also converts raw peer 
review scores into normalized scores or tiers, which are uploaded into 
OJP's grants

[[Page 93657]]

management system for programmatic review.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Individuals applying to serve as peer reviewers and individuals 
selected by DOJ to serve as peer reviewers (including members of the 
public or Federal Government personnel); and DOJ personnel and DOJ 
contractors who have access to the system as permitted and authorized 
by the DOJ.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records in the PRMS include an individual's name, mailing address, 
personal email address, telephone number, work-related information 
(e.g., current occupation, job title, work address, email address, work 
address, and work history), areas of expertise, and information on any 
relevant lived justice-involved experience. In addition, information 
regarding potential peer reviewers' education level, race, cultural or 
ethnic identity, education, sex or gender identity, Tribal affiliation, 
and former incarceration (as self-reported by the potential peer 
reviewers) may be provided.

RECORD SOURCE CATEGORIES:
    The records in the system may obtained from, among other sources, 
individuals applying to serve as peer reviewers, individuals selected 
by DOJ to serve as peer reviewers, and OJP's grants management system, 
which provides grant application data.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND THE PURPOSES OF SUCH USES:
    In addition to those disclosures generally permitted under 5 U.S.C. 
552a(b), all or a portion of the records contained in this system of 
records may be disclosed as a routine use pursuant to 5 U.S.C. 
552a(b)(3) under the circumstances or for the purposes described below, 
to the extent such disclosures are compatible with the purposes for 
which the information was collected:
    1. Where a record, either alone or in conjunction with other 
information, may be relevant to investigating a violation or potential 
violation of law--criminal, civil, or regulatory in nature--the 
relevant records may be referred to the appropriate Federal, State, 
local, territorial, Tribal, or foreign law enforcement authority or 
other appropriate entity charged with the responsibility for 
investigating or prosecuting such violation or charged with enforcing 
or implementing such law.
    2. To appropriate officials and employees of a Federal agency or 
entity to the extent necessary for making decisions about peer review 
assignments, such as but not limited to knowledge and skills needed to 
evaluate DOJ funding opportunities.
    3. To any person or entity that the DOJ has reason to believe 
possesses knowledge regarding matters pertaining to DOJ programs and 
activities, to the extent deemed to be necessary by the DOJ to elicit 
information about the potential peer reviewer for use in conferring the 
DOJ peer reviewer assignments.
    4. To any person or entity that the DOJ has reason to believe 
possesses information regarding a matter within the jurisdiction of the 
DOJ, to the extent deemed to be necessary by the DOJ to elicit such 
information or cooperation from the recipient for use in the 
performance of an authorized activity.
    5. In an appropriate proceeding before a court, grand jury, or 
administrative or adjudicative body, when the DOJ determines that the 
records are arguably relevant to the proceeding; or in an appropriate 
proceeding before an administrative or adjudicative body when the 
adjudicator determines the records to be relevant to the proceeding.
    6. To the news media and the public, including but not limited to 
disclosures pursuant to 28 CFR 50.2, unless it is determined that 
release of the specific information in the context of a particular case 
or matter would constitute an unwarranted invasion of personal privacy. 
While disclosures under 28 CFR 50.2 are in connection with a civil or 
criminal proceeding, disclosures under this routine use may also 
pertain to administrative proceedings as well as investigations of 
Federal employee misconduct prejudicial to the interests of members of 
the public.
    7. To contractors, recipients, experts, consultants, students, and 
others performing or working on a contract, service, grant, cooperative 
agreement, or other assignment for the Federal Government, when 
necessary to accomplish an agency function related to this system of 
records.
    8. To a former employee of the DOJ for official purposes where the 
DOJ requires information and/or consultation assistance from the former 
employee regarding a matter within that person's former area of 
responsibility.
    9. To a Member of Congress or staff acting upon the Member's behalf 
when the Member or staff requests the information on behalf of, and at 
the request of, the individual who is the subject of the record.
    10. To the National Archives and Records Administration for 
purposes of records management inspections conducted under the 
authority of 44 U.S.C. 2904 and 2906.
    11. To appropriate agencies, entities, and persons when (1) the DOJ 
suspects or has confirmed that there has been a breach of the system of 
records; (2) the DOJ has determined that as a result of the suspected 
or confirmed breach there is a risk of harm to individuals, the DOJ 
(including its information systems, programs, and operations), the 
Federal Government, or national security; and (3) the disclosure made 
to such agencies, entities, and persons is reasonably necessary to 
assist in connection with the DOJ's efforts to respond to the suspected 
or confirmed breach or to prevent, minimize, or remedy such harm.
    12. To another Federal agency or Federal entity, when the DOJ 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach, or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    13. To any agency, organization, or individual for the purpose of 
performing authorized audit or oversight operations of DOJ and meeting 
related reporting requirements.
    14. To such recipients and under such circumstances and procedures 
as are mandated by Federal statute or treaty.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records in the PRMS are stored in electronic format in the OJP 
cloud platforms. Records are stored securely in accordance with 
applicable Federal laws, regulations, Department directives, and 
guidance.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records can be retrieved within PRMS by a peer reviewer's personal 
identifier to obtain profiles or other data matching the search 
criteria necessary for the merit review of DOJ funding opportunities.
    The records are retrievable by the peer reviewer's name, employee 
type (other Federal agency or other), education level, job category, 
race, cultural and ethnic identities, subject matter expertise, 
research expertise, business organization, organization unit, job 
title,

[[Page 93658]]

phone number (home and business), address (home and business), and 
gender and sexual identities. The records are searchable and 
retrievable using those identifiers for diversifying the pool of 
reviewers needed to meet the objectives conducive to a full and fair 
evaluation of the relevant OJP funding opportunities.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records in this system are stored in electronic format and retained 
as well as disposed of in accordance with the National Archives and 
Records Administration, General Records Schedule 1.2, which covers 
grant and cooperative agreement records.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    This system meets all DOJ requirements for authorization to operate 
per DOJ Order 0904, Cybersecurity Program. Specifically, information in 
this system is maintained in accordance with applicable laws, rules, 
and policies on protecting individual privacy.
    The system leverages cloud service providers that maintain an 
authority to operate in accordance with applicable laws, rules, and 
policies, including Federal Risk and Authorization Management Program 
(FedRAMP) requirements.
    Backup information is maintained in accordance with a government 
contract that requires adherence to applicable laws, rules, and 
policies. Internet connections are protected by multiple firewalls. 
Security personnel conduct periodic vulnerability scans using DOJ-
approved software to ensure security compliance and security logs are 
enabled for all computers to assist in troubleshooting and forensics 
analysis during incident investigations. Users of individual computers 
can only gain access to the data by a valid user's identification and 
authentication.

RECORD ACCESS PROCEDURES:
    All requests for access to records must be in writing and should be 
addressed to the relevant component:
    OJP FOIA Officer; Office of Justice Programs; Office of the General 
Counsel; 999 North Capitol Street NE, Washington, DC 20002.
    The envelope and letter should be clearly marked ``Privacy Act 
Access Request.'' The request must describe the records sought in 
sufficient detail to enable DOJ personnel to locate them with a 
reasonable amount of effort. The request must include a general 
description of the records sought and must include the requester's full 
name, current address, and date and place of birth. The request must be 
signed and either notarized or submitted under penalty of perjury. 
Although no specific form is required, you may obtain forms for this 
purpose from the FOIA/Privacy Act Mail Referral Unit, United States 
Department of Justice, 950 Pennsylvania Avenue NW, Washington, DC 
20530, or on the Department of Justice website at <a href="https://www.justice.gov/oip/oip-request.html">https://www.justice.gov/oip/oip-request.html</a>.
    More information regarding the DOJ's procedures for accessing 
records in accordance with the Privacy Act can be found at 28 CFR part 
16 Subpart D, ``Protection of Privacy and Access to Individual Records 
Under the Privacy Act of 1974.''

CONTESTING RECORD PROCEDURES:
    Individuals seeking to contest or amend records pertaining to them, 
maintained in this system of records, must direct their requests to the 
address indicated in the ``RECORD ACCESS PROCEDURES'' paragraph, above. 
All requests to contest or amend records must be in writing and the 
envelope and letter should be clearly marked ``Privacy Act Amendment 
Request.'' All requests must state clearly and concisely what record is 
being contested, the reasons for contesting it, and the proposed 
amendment to the record.
    More information regarding the DOJ's procedures for amending or 
contesting records in accordance with the Privacy Act can be found at 
28 CFR 16.46, ``Requests for Amendment or Correction of Records.''

NOTIFICATION PROCEDURES:
    Individuals may request to be notified if a record in this system 
of records pertains to them by utilizing the same procedures as those 
identified in the ``RECORD ACCESS PROCEDURES'' paragraph, above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    None.
[FR Doc. 2024-27570 Filed 11-26-24; 8:45 am]
BILLING CODE 4410-18-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>