Privacy Act of 1974; System of Records

Issuing agencies

Abstract

As required by the Privacy Act of 1974 and the Office of Management and Budget (OMB) Circulars A-108 and A-130, the Department of Energy (DOE or the Department) is publishing notice of a modification to an existing Privacy Act System of Records. DOE proposes to amend system of records DOE-41 Legal Files (Claims, Litigation, Criminal Violations, Patents, and Others). The system is used to settle claims, prepare for litigation, and resolve matters in which the agency is involved or has an interest in. This System of Records Notice (SORN) is being modified to align with new formatting requirements, published by OMB, and to ensure appropriate Privacy Act coverage of business processes and Privacy Act information.

Full Text

<html>
<head>
<title>Federal Register, Volume 91 Issue 69 (Friday, April 10, 2026)</title>
</head>
<body><pre>
[Federal Register Volume 91, Number 69 (Friday, April 10, 2026)]
[Notices]
[Pages 18449-18451]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2026-06994]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF ENERGY


Privacy Act of 1974; System of Records

AGENCY: U.S. Department of Energy.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: As required by the Privacy Act of 1974 and the Office of 
Management and Budget (OMB) Circulars A-108 and A-130, the Department 
of Energy (DOE or the Department) is publishing notice of a 
modification to an existing Privacy Act System of Records. DOE proposes 
to amend system of records DOE-41 Legal Files (Claims, Litigation, 
Criminal Violations, Patents, and Others). The system is used to settle 
claims, prepare for litigation, and resolve matters in which the agency 
is involved or has an interest in. This System of Records Notice (SORN) 
is being modified to align with new formatting requirements, published 
by OMB, and to ensure appropriate Privacy Act coverage of business 
processes and Privacy Act information.

DATES: This modified SORN will become applicable following the end of 
the public comment period on May 11, 2026 unless comments are received 
that result in a contrary determination.

ADDRESSES: Written comments should be sent to Nicole Sanchez, Chief 
Privacy Officer, U.S. Department of Energy, 1000 Independence Avenue 
SW, Rm. 8H-085, Washington, DC 20585, by facsimile at (202) 586-8151, 
or by email at <a href="/cdn-cgi/l/email-protection#51212338273032281139207f353e347f363e27"><span class="__cf_email__" data-cfemail="8ffffde6f9eeecf6cfe7fea1ebe0eaa1e8e0f9">[email&#160;protected]</span></a>.

FOR FURTHER INFORMATION CONTACT: Nicole Sanchez, Chief Privacy Officer, 
U.S. Department of Energy, 1000 Independence Avenue SW, Rm. 8H-085, 
Washington, DC 20585, by facsimile at (202) 586-8151, by email at 
<a href="/cdn-cgi/l/email-protection#8afaf8e3fcebe9f3cae2fba4eee5efa4ede5fc"><span class="__cf_email__" data-cfemail="38484a514e595b41785049165c575d165f574e">[email&#160;protected]</span></a>, or by telephone at (202) 586-0166.

SUPPLEMENTARY INFORMATION: On January 9, 2009, DOE published a 
Compilation of its Privacy Act systems of records, which included 
system of records DOE-41 Legal Files (Claims, Litigation, Criminal 
Violations, Patents, and Others). This notice proposes amendments to 
the system locations section of that system of records by removing the 
following system locations where DOE-41 is no longer applicable: Alaska 
Power Administration, Bartlesville Energy Technology Center, Grand 
Forks Energy Technology Center, Los Alamos Site Office, and the NNSA 
Nevada Site Office. In the ``Routine Uses'' section, this modified 
notice deletes a previous routine use concerning efforts responding to 
a suspected or confirmed loss of confidentiality of information as it 
appears in DOE's compilation of its Privacy Act systems of records 
(January 9, 2009) and replaces it with one to assist DOE with 
responding to a suspected or confirmed breach of its records of 
Personally Identifiable Information (PII), modeled with language from 
OMB's Memorandum M-17-12, ``Preparing for and Responding to a Breach of 
Personally Identifiable Information'' (January 3, 2017). Further, this 
notice adds one new routine use to ensure that DOE may assist another 
agency or entity in responding to the other agency's or entity's 
confirmed or suspected breach of PII, as appropriate, as aligned with 
OMB's Memorandum M-17-12. An administrative change required by the FOIA 
Improvement Act of 2016 extends the length of time a requestor is 
permitted to file an appeal under the Privacy Act from 30 to 90 days. 
Both the ``System Locations'' and ``Administrative, Technical and 
Physical Safeguards'' sections have been modified to reflect the 
Department's usage of cloud-based services for records storage. 
Language throughout the SORN has been updated to align with applicable 
Federal privacy laws, policies, procedures, and best practices.

SYSTEM NAME AND NUMBER:
    DOE-41 Legal Files (Claims, Litigation, Criminal Violations, 
Patents, and Others).

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    Systems leveraging this SORN may exist in multiple locations. All 
systems storing records in a cloud-based server are required to use 
government-approved cloud services and follow National Institute of 
Standards and Technology (NIST) security and privacy standards for 
access and data retention including NIST Special Publication (SP) 800-
53. Records maintained in a government-approved cloud server are 
accessed through secure data centers in the continental United States.
    U.S. Department of Energy Headquarters, 1000 Independence Avenue 
SW, Washington, DC 20585.
    U.S. Department of Energy, Bonneville Power Administration, P.O. 
Box 3621, Portland, OR 97208.
    U.S. Department of Energy, Environmental Management Consolidated 
Business Center (EMCBC), 550 Main Street, Rm 7-010, Cincinnati, OH 
45202.
    U.S. Department of Energy, Idaho Operations Office, 1955 Fremont 
Avenue, Idaho Falls, ID 83415.
    U.S. Department of Energy, Office of Science, Chicago Office, 
Consolidated Service Center, 9800 South Cass Avenue, Lemont, IL 60439.
    U.S. Department of Energy, Office of Science, Consolidated Service 
Center, P.O. Box 2001, Oak Ridge, TN 37831.
    U.S. Department of Energy, National Energy Technology Laboratory, 
(Pittsburgh) 626 Cochrans Mill Road, Pittsburgh, PA 15236.
    U.S. Department of Energy, National Energy Technology Laboratory 
(Morgantown), 3610 Collins Ferry Road, Morgantown, WV 26505.
    U.S. Department of Energy, National Energy Technology Laboratory, 
(Albany) 1450 Queen Avenue SW, Albany, OR 97321.
    U.S. Department of Energy, NNSA General Counsel, 1000 Independence 
Avenue SW, Washington, DC 20585.
    U.S. Department of Energy, NNSA General Counsel, John A. Gordon 
Albuquerque Complex, 24600 20th Street SE, Albuquerque, NM 87116.
    U.S. Department of Energy, Hanford Field Office, P.O. Box 550, 
Richland, WA 99352.
    U.S. Department of Energy, Savannah River Operations Office, P.O. 
Box A, Aiken, SC 29801.
    U.S. Department of Energy, Southeastern Power Administration, 1166 
Athens Tech Road, Elberton, GA 30635-6711.
    U.S. Department of Energy, Southwestern Power Administration, One 
West Third Street, Suite 1500, Tulsa OK 74103.
    U.S. Department of Energy, Strategic Petroleum Reserve Project 
Management Office, 900 Commerce Road East, New Orleans, LA 70123.
    U.S. Department of Energy, Western Area Power Administration, P.O. 
Box 281213, Lakewood, CO 80228-8213.

SYSTEM MANAGER(S):
    Headquarters: Deputy General Counsel, Office of the General 
Counsel, U.S. Department of Energy, 1000 Independence Avenue SW, 
Washington, DC 20585.
    Field Offices: The Chief Counsels of the ``System Locations'' 
listed

[[Page 18450]]

previously are the system managers for their respective portions of 
this system.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    42 U.S.C. 7101 et seq. and 50 U.S.C. 2401 et seq.

PURPOSE(S) OF THE SYSTEM:
    Records in this system are maintained and used by the Department to 
settle claims and prepare for litigation and resolve disputes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    All persons identified in files maintained by the Office of the 
General Counsel, which includes attorneys and legal support staff/
contractors at all DOE offices, including the National Nuclear Security 
Administration (NNSA), from which information is retrieved by name or 
other personal identifier, including: Litigants and other claimants 
against the Department and its contractors asserting matters including, 
but not limited to, personal injury, property damage or infringement 
(including intellectual property), contract violation and harms 
resulting from employer-employee relationships; persons who are the 
subjects of claims by the DOE, such as persons who may have violated 
criminal laws, DOE regulations and contracts with the DOE and persons 
against whom the DOE considered asserting such claims; DOE's 
contractors and potential contractors; persons holding copyrights and 
issued patents pertaining to the DOE's activities; DOE employees, 
subject to garnishment or assignments; and DOE employees and contractor 
employees who use Alternative Dispute Resolution (ADR).

CATEGORIES OF RECORDS IN THE SYSTEM:
    Records concerning legal matters that include, but are not limited 
to: (1) Litigation and all other claims against, and by, the DOE and 
its contractors, which have been assigned to the Office of General 
Counsel; (2) DOE agreements (including contracts, grants, cooperative 
agreements, other transactions, and related subagreements); (3) 
inventions (including licensing and records pertaining to U.S. 
manufacturing), invention utilization, issued patents, trademarks, and 
copyright matters; (4) records pertaining ADR. Litigation and claim 
records may, among others, include correspondence, pleadings such as 
complaints, answers, and motions; depositions, court orders and briefs. 
Records in this system also may include accident reports, inspection 
reports, investigation reports, audit reports, personnel files, 
contracts, consultant agreements, reports pertaining to criminal 
matters of interest to the DOE, Personnel Security Review Board 
documents, medical records, photographs, telephone records, patents and 
related documents, correspondence, and memoranda.

RECORD SOURCE CATEGORIES:
    Subject individuals, inspection reports, other agencies, Office of 
General Counsel attorneys, other agency officers and staff, 
contractors, investigators, and auditors.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES 
OF USERS AND PURPOSES OF SUCH USES:
    1. A record from this system may be disclosed as a routine use for 
the purpose of an investigation, settlement of claims, or the 
preparation and conduct of litigation to (1) persons representing the 
Department in the investigation, settlement or litigation, and to 
individuals assisting in such representation; (2) others involved in 
the investigation, settlement, and litigation, and their 
representatives and individuals assisting those representatives; (3) 
witnesses, potential witnesses, or their representatives and 
assistants; and (4) any other persons who possess information 
pertaining to the matter when it is relevant and necessary to obtain 
information or testimony relevant to the matter.
    2. A record from this system may be disclosed as a routine use in 
court or administrative proceedings to the tribunals, counsel, other 
parties, witnesses, and the public (in publicly available pleadings, 
filings or discussion in open court) when such disclosure: (1) is 
relevant to, and necessary for, the proceeding; (2) is compatible with 
the purpose for which the Department collected the records; and (3) the 
proceedings involve:
    a. The Department, its predecessor agencies, current or former 
contractor of the Department, or other United States Government 
agencies and their components, or
    b. A current or former employee of the Department and its 
predecessor agencies, current or former contractors of the Department, 
or other United States Government agencies and their components, who is 
acting in an official capacity or in any individual capacity where the 
Department or other United States Government agency has agreed to 
represent the employee.
    3. A record from this system may be disclosed as a routine use to a 
federal, state, tribal, or local agency to facilitate the requesting 
agency's decision concerning the hiring or retention of an employee, 
the issuance of a security clearance, the reporting of an investigation 
of an employee, the letting of a contract, or the issuance of a 
license, grant, or other benefit, to the extent that the information is 
relevant and necessary to the requesting agency's decision on the 
matter. The Department must deem such disclosure to be compatible with 
the purpose for which the Department collected the information.
    4. A record from this system may be disclosed as a routine use to 
the appropriate local, tribal, state, or federal agency when records, 
alone or in conjunction with other information, indicate a violation or 
potential violation of law whether civil, criminal, or regulatory in 
nature, and whether arising by general statute or particular program 
pursuant thereto.
    5. A record from this system may be disclosed as a routine use to a 
member of Congress submitting a request involving a constituent when 
the constituent has requested assistance from the member concerning the 
subject matter of the record. The member of Congress must provide a 
copy of the constituent's signed request for assistance.
    6. A record from this system may be disclosed to foreign 
governments or international organizations in accordance with treaties, 
international conventions, or executive agreements.
    7. A record from this system may be disclosed as a routine use to 
DOE contractors in performance of their contracts, and their officers 
and employees who have a need for the record in the performance of 
their duties. Those provided information under this routine use are 
subject to the same limitations applicable to Department officers and 
employees under the Privacy Act.
    8. A record from this system may be disclosed as a routine use to 
the personnel, contractors, grantees, and cooperative agreement holders 
of the Department of Labor, the Department of Health and Human 
Services, the Department of Justice, and other Federal agencies and 
their components, designated by the President to implement the Federal 
compensation program established by the Energy Employees Occupational 
Illness Compensation Program Act, for the purpose of assisting in the 
adjudication or processing of a claim under the Energy Employees 
Occupational Illness Compensation Program Act. Those provided 
information under this routine use are subject to the same limitations 
applicable to Department officers and employees under the Privacy Act.
    9. A record from this system may be disclosed as a routine use to 
appropriate

[[Page 18451]]

agencies, entities, and persons when (1) the Department suspects or has 
confirmed that there has been a breach of the system of records; (2) 
the Department has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, DOE (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and (3) the disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with the Department's efforts to respond to the suspected or 
confirmed breach or to prevent, minimize, or remedy such harm.
    10. A record from this system may be disclosed as a routine use to 
another Federal agency or Federal entity, when the Department 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs, and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Records may be stored as paper records and electronic media.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Records are retrieved by name, case name, claim name, or assigned 
identifying number.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    Records retention and disposal authorities are contained in the 
General Records Schedule and DOE record schedules that have been 
approved by the National Archives and Records Administration (NARA). 
Some records in this system are retained as permanent, while other 
records will be destroyed between 5-250 years.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    Electronic records may be secured and maintained on a cloud-based 
software server and operating system that resides in Federal Risk and 
Authorization Management Program (FedRAMP) and Federal Information 
Security Management Act (FISMA) hosting environment. Data located in 
the cloud-based server is firewalled and encrypted at rest and in 
transit. The security mechanisms for handling data at rest and in 
transit are in accordance with DOE encryption standards. Records are 
protected from unauthorized access through the following appropriate 
safeguards:
    <bullet> Administrative: Access to all records is limited to lawful 
government purposes only, with access to electronic records based on 
role and either two-factor authentication or password protection. The 
system requires passwords to be complex and to be changed frequently. 
Users accessing system records undergo frequent training in Privacy Act 
and information security requirements. Security and privacy controls 
are reviewed on an ongoing basis.
    <bullet> Technical: Computerized records systems are safeguarded on 
Departmental networks configured for role-based access based on job 
responsibilities and organizational affiliation. Privacy and security 
controls are in place for this system and are updated in accordance 
with applicable requirements as determined by the National Institute 
for Standards and Technology (NIST) and DOE directives and guidance.
    <bullet> Physical: Computer servers on which electronic records are 
stored are located in secured Department facilities, which are 
protected by security guards, identification badges, and cameras. Paper 
copies of all records are locked in file cabinets, file rooms, or 
offices and are under the control of authorized personnel. Access to 
these facilities is granted only to authorized personnel and each 
person granted access to the system must be an individual authorized to 
use or administer the system.

RECORD ACCESS PROCEDURES:
    The Department follows the procedures outlined in 10 CFR 1008.4. 
Valid identification of the individual making the request is required 
before information will be processed, given, access granted, or a 
correction considered, to ensure that information is processed, given, 
corrected, or records disclosed or corrected only at the request of the 
proper person.

CONTESTING RECORD PROCEDURES:
    Any individual may submit a request to the System Manager and 
request a copy of any records relating to them. In accordance with 10 
CFR 1008.11, any individual may appeal the denial of a request made by 
him or her for information about or for access to or correction or 
amendment of records. An appeal shall be filed within 90 calendar days 
after receipt of the denial. When an appeal is filed by mail, the 
postmark is conclusive as to timeliness. The appeal shall be in writing 
and must be signed by the individual. The words ``PRIVACY ACT APPEAL'' 
should appear in capital letters on the envelope and the letter. 
Appeals relating to DOE records shall be directed to the Director, 
Office of Hearings and Appeals (OHA), 1000 Independence Avenue SW, 
Washington, DC 20585.

NOTIFICATION PROCEDURES:
    In accordance with the DOE regulation implementing the Privacy Act, 
10 CFR part 1008, a request by an individual to determine if a system 
of records contains information about themselves should be directed to 
the U.S. Department of Energy, Headquarters, Privacy Act Officer. The 
request should include the requester's complete name and the time 
period for which records are sought.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    This system is exempt under subsection (k)(1), (k)(2), and (k)(5) 
of the Privacy Act, to the extent that information within the System 
meets the criteria of those subsections of the Privacy Act. Such 
information has been exempted from the provisions of subsections 
(c)(3), (d), and (e)(1) of the Privacy Act; see the DOE Privacy Act 
regulation at 10 CFR part 1008.

HISTORY:
    This SORN was last published in the Federal Register, 74 FR 1042-
1044, on January 9, 2009.

Signing Authority

    This document of the Department of Energy was signed on April 7, 
2026, by Dawn Zimmer, Senior Agency Official for Privacy, pursuant to 
delegated authority from the Secretary of Energy. That document with 
the original signature and date is maintained by DOE. For 
administrative purposes only, and in compliance with requirements of 
the Office of the Federal Register, the undersigned DOE Federal 
Register Liaison Officer has been authorized to sign and submit the 
document in electronic format for publication, as an official document 
of the Department of Energy. This administrative process in no way 
alters the legal effect of this document upon publication in the 
Federal Register.

    Signed in Washington, DC, on April 8, 2026.
Treena V. Garrett,
Federal Register Liaison Officer, U.S. Department of Energy.
[FR Doc. 2026-06994 Filed 4-9-26; 8:45 am]
BILLING CODE 6450-01-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>