Privacy Act of 1974; System of Records

Issuing agencies

Abstract

Pursuant to the provisions of the Privacy Act of 1974, as amended, the Department of the Housing and Urban Development (HUD), Office of the Chief Financial Officer (OCFO), is modifying a system of records titled, "Financial Data Mart." Financial Data Mart (FDM) is a warehouse of data extracted from various HUD systems and is supported by several query tools for improved financial and program data reporting. FDM facilitates viewing, understanding and reporting of financial data. FDM is the primary reporting tool used to generate internal ad-hoc reports, scheduled event-driven reports, and queries. This system of records is being revised to include modifications to existing routine uses and addition of three new routine uses. All SORN modifications are outlined in the SORN "Supplementary Information" section.

Full Text

<html>
<head>
<title>Federal Register, Volume 91 Issue 81 (Tuesday, April 28, 2026)</title>
</head>
<body><pre>
[Federal Register Volume 91, Number 81 (Tuesday, April 28, 2026)]
[Notices]
[Pages 22846-22848]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2026-08218]


-----------------------------------------------------------------------

DEPARTMENT OF HOUSING AND URBAN DEVELOPMENT

[Docket No. FR-7106-N-21]


Privacy Act of 1974; System of Records

AGENCY: Office of the Chief Financial Officer, HUD.

ACTION: Notice of a modified system of records.

-----------------------------------------------------------------------

SUMMARY: Pursuant to the provisions of the Privacy Act of 1974, as 
amended, the Department of the Housing and Urban Development (HUD), 
Office of the Chief Financial Officer (OCFO), is modifying a system of 
records titled, ``Financial Data Mart.'' Financial Data Mart (FDM) is a 
warehouse of data extracted from various HUD systems and is supported 
by several query tools for improved financial and program data 
reporting. FDM facilitates viewing, understanding and reporting of 
financial data. FDM is the primary reporting tool used to generate 
internal ad-hoc reports, scheduled event-driven reports, and queries. 
This system of records is being revised to include modifications to 
existing routine uses and addition of three new routine uses. All SORN 
modifications are outlined in the SORN ``Supplementary Information'' 
section.

DATES: Comments will be accepted on or before May 28, 2026. This 
proposed action will be effective on the date following the end of the 
comment period unless comments are received which result in a contrary 
determination.

ADDRESSES: You may submit comments, identified by the docket number or 
by one of the following methods:
    Federal e-Rulemaking Portal: <a href="http://www.regulations.gov">http://www.regulations.gov</a>. Follow the 
instructions provided on that site to submit comments electronically.
    Fax: 202-619-8365.
    Email: <a href="/cdn-cgi/l/email-protection#b4c4c6ddc2d5d7cdf4dcc1d09ad3dbc2"><span class="__cf_email__" data-cfemail="b4c4c6ddc2d5d7cdf4dcc1d09ad3dbc2">[email&#160;protected]</span></a>.
    Mail: Attention: Privacy Office; Kimberly Morton, Acting Chief 
Privacy Officer; The Office of Executive Secretariat; 451 7th Street 
SW, Room 10139; Washington, DC 20410-0001.
    Instructions: All submissions received must include the agency name 
and docket number for this rulemaking. All comments received will be 
posted without change to <a href="http://www.regulations.gov">http://www.regulations.gov</a> including any 
personal information provided.
    Docket: For access to the docket to read background documents or 
comments received go to <a href="http://www.regulations.gov">http://www.regulations.gov</a>.

FOR FURTHER INFORMATION CONTACT: Kimberly Morton, Acting Chief Privacy 
Officer, 451 7th Street SW, Room 10139, Washington, DC 20410-0001; 
telephone (804) 822-4801 (this is not a toll-free number). HUD welcomes 
and is prepared to receive calls from individuals who are deaf or hard 
of hearing, as well as individuals with speech or communication 
disabilities. To learn more about how to make an accessible telephone 
call, please visit <a href="https://www.fcc.gov/consumers/guides/telecommunications-relay-service-trs">https://www.fcc.gov/consumers/guides/telecommunications-relay-service-trs</a> .

SUPPLEMENTARY INFORMATION: HUD updates the system of records notice 
(SORN) for the Financial Data Mart (FDM) to reflect the following 
substantive changes:
    <bullet> Routine Uses: Updated and reordered existing routine uses 
to align with HUD standard language. No substantive changes were made 
to existing routine uses.
    <bullet> New Routine Uses: Added three new Routine Uses as follows:
    [cir] Routine Use (8) Authorizes disclosure to support statistical 
analysis and research with the purpose of the system.
    [cir] Routine Use (11) Authorizes disclosure to the Department of 
the Treasury pursuant to E.O. 14249 and OMB Memorandum M-25-32 for 
identifying, preventing, or recouping fraud and improper payments, as 
permitted by law.
    [cir] Routine Use (12) Authorizes disclosure necessary to support 
the disbursement of funds.
    <bullet> Policies and Practices for Retention and Disposal of 
Records Section: Updated this section to clarify language; no changes 
were made to the approved records schedule or retention periods.
SYSTEM NAME AND NUMBER:
    Financial Data Mart (FDM), HUD/OCFO-04.

SECURITY CLASSIFICATION:
    Unclassified.

SYSTEM LOCATION:
    HUD Headquarters, 451 7th Street SW, Washington, DC 20410-1000 and 
National Center for Critical Information Processing and Storage 
(NCCIPS), Stennis Space Center, MS 39529-6000. The backup data center 
is at Mid-Atlantic Data Center in Clarksville, VA 23927-3201.

SYSTEM MANAGER(S):
    Kate Darling, Assistant Chief Financial Officer for Systems, Office 
of the Chief Financial Officer, U.S. Department of Housing and Urban 
Development, 451 7th Street SW, Room

[[Page 22847]]

3100, Washington, DC 20410-0001; telephone (202) 402-3912.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
    31 U.S.C. 3511; The Chief Financial Officers Act of 1990 (31 U.S.C. 
901, et seq.); Executive Order 9397, as amended by Executive Order 
13478; Housing and Community Development Act of 1987, 42 U.S.C. 3543.

PURPOSES OF THE SYSTEM:
    Financial Data Mart (FDM) is a centralized repository of data 
extracted from a variety of HUD's financial systems, supported by query 
tools to enhance financial and program data reporting. FDM is designed 
to facilitate viewing, understanding, and reporting of financial data. 
FDM serves as the primary tool for generating internal ad-hoc reports, 
scheduled event-driven reports, and queries.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
    Members of the public, federal employees, contractors, third-party 
vendors, and recipients of grants, subsidies, or loans.

CATEGORIES OF RECORDS IN THE SYSTEM:
    Names, Social Security Numbers (SSNs), Taxpayer-IDs (which may 
include SSNs for sole-proprietors), Home/business addresses, Financial 
Information (e.g., bank account, and routing numbers), Email addresses, 
Salaries, and User IDs.

RECORD SOURCE CATEGORIES:
    FDM receives records from other HUD information systems such as HUD 
Central Accounting and Program Systems (HUDCAPS), Loan Accounting 
System (LAS), Line of Credit Control System (LOCCS), HUD Integrated 
Human Resources and Training System (HIHRTS), Geocoding Service Center 
(GSC), Office 365 Multi-Tenant Software, and non-Personally 
Identifiable Information (non-PII) from Integrated Real Estate 
Management System (IREMS). FDM also receives records from external 
sources, such as the General Services Administration, System for Award 
Management (SAM) and the Department of Treasury, Administrative 
Resource Center (ARC)'s Oracle Federal Financials.

ROUTINE USES MAINTINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND 
PURPOSEs OF SUCH USES:
    (1) To a congressional office from the record of an individual, in 
response to an inquiry from the congressional office made at the 
request of that individual.
    (2) To appropriate agencies, entities, and persons when: (1) HUD 
suspects or has confirmed that there has been a breach of the system of 
records; (2) HUD has determined that as a result of the suspected or 
confirmed breach there is a risk of harm to individuals, HUD (including 
its information systems, programs, and operations), the Federal 
Government, or national security; and (3) The disclosure made to such 
agencies, entities, and persons is reasonably necessary to assist in 
connection with HUD's efforts to respond to the suspected or confirmed 
breach or to prevent, minimize, or remedy such harm.
    (3) To another Federal agency or Federal entity, when HUD 
determines that information from this system of records is reasonably 
necessary to assist the recipient agency or entity in (1) responding to 
a suspected or confirmed breach or (2) preventing, minimizing, or 
remedying the risk of harm to individuals, the recipient agency or 
entity (including its information systems, programs and operations), 
the Federal Government, or national security, resulting from a 
suspected or confirmed breach.
    (4) To a court, magistrate, administrative tribunal, or arbitrator 
in the course of presenting evidence, including disclosures to opposing 
counsel or witnesses or jurors in the course of civil discovery, 
litigation, mediation, or settlement negotiations; or in connection 
with criminal law proceedings; when HUD determines that use of such 
records is relevant and necessary to the litigation and when any of the 
following is a party to the litigation or have an interest in such 
litigation: (1) HUD, or any component thereof; or (2) any HUD employee 
in his or her official capacity; or (3) any HUD employee in his or her 
individual capacity where HUD has agreed to represent the employee; or 
(4) the United States, or any agency thereof, where HUD determines that 
litigation is likely to affect HUD or any of its components.
    (5) To any component of the Department of Justice or other Federal 
agency conducting litigation or in proceedings before any court, 
adjudicative, or administrative body, when HUD determines that the use 
of such records is relevant and necessary to the litigation and when 
any of the following is a party to the litigation or have an interest 
in such litigation: (1) HUD, or any component thereof; or (2) any HUD 
employee in his or her official capacity; or (3) any HUD employee in 
his or her individual capacity where the Department of Justice or 
agency conducting the litigation has agreed to represent the employee; 
or (4) the United States, or any agency thereof, where HUD determines 
that litigation is likely to affect HUD or any of its components.
    (6) To appropriate Federal, State, local, tribal, or other 
governmental agencies or multilateral governmental organizations 
responsible for investigating or prosecuting the violations of, or for 
enforcing or implementing, a statute, rule, regulation, order, or 
license, where HUD determines that the information would assist in the 
enforcement of civil or criminal laws when such records, either alone 
or in conjunction with other information, indicate a violation or 
potential violation of law.
    (7) To Federal agencies, non-Federal entities, their employees, and 
agents (including contractors, their agents or employees; employees or 
contractors of the agents or designated agents); or contractors, their 
employees or agents with whom HUD has a contract, service agreement, 
grant, cooperative agreement, computer matching agreement, or other 
agreement for the purpose of: (I) Detection, prevention, and recovery 
of improper payments; (II) detection and prevention of fraud, waste, 
and abuse in major Federal programs administered by a Federal agency or 
non-Federal entity; (III) for the purpose of establishing or verifying 
the eligibility of, or continuing compliance with statutory and 
regulatory requirements by, applicants for, recipients or beneficiaries 
of, participants in, or providers of services with respect to, cash or 
in-kind assistance or payments under Federal benefits programs or 
recouping payments or delinquent debts under such Federal benefits 
programs; (IV) detection of fraud, waste, and abuse by individuals in 
their operations and programs. Records under this routine use may be 
disclosed only to the extent that the information shared is necessary 
and relevant to verify pre-award and prepayment requirements prior to 
the release of Federal funds or to prevent and recover improper 
payments for services rendered under programs of HUD or of those 
Federal agencies and non-Federal entities to which HUD provides 
information under this routine use.
    (8) To contractors, grantees, experts, consultants, Federal 
agencies, and non-Federal entities, including, but not limited to, 
State and local governments and other research institutions or their 
parties, and entities and their agents with whom HUD has a contract, 
service agreement, grant, cooperative agreement, or other agreement for 
the purposes of statistical analysis and

[[Page 22848]]

research in support of program operations, management, performance 
monitoring, evaluation, risk management, and policy development, or to 
otherwise support the Department's mission. Records under this routine 
use may not be used in whole or in part to make decisions that affect 
the rights, benefits, or privileges of specific individuals. The entity 
receiving information under this routine use may not further disclose 
the records in an identifiable form.
    (9) To contractors, grantees, experts, consultants and their 
agents, or others performing or working under a contract, service, 
grant, cooperative agreement, or other agreement with HUD, when 
necessary to accomplish an agency function related to a system of 
records. Disclosure requirements are limited to only those data 
elements considered relevant to accomplishing an agency function.
    (10) To the National Archives and Records Administration, Office of 
Government Information Services (OGIS), to the extent necessary to 
fulfill its responsibilities in 5 U.S.C. 552(h), to review 
administrative agency policies, procedures and compliance with the 
Freedom of Information Act (FOIA), and to facilitate OGIS' offering of 
mediation services to resolve disputes between persons making FOIA 
requests and administrative agencies.
    (11) To the U.S. Department of the Treasury when disclosure of the 
information is relevant to review payment and award eligibility through 
the Do Not Pay Working System for the purposes of identifying, 
preventing, or recouping improper payments to an applicant for,or 
recipient of, Federal funds, including funds disbursed by a state 
(meaning a state of the United States, the District of Columbia, a 
territory or possession of the United States, or a federally recognized 
Indian tribe) in a state-administered, federally funded program.
    (12) To the U.S. Treasury for transactions such as disbursements of 
funds and related adjustments.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
    Electronic only.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
    Name, Social Security Number, Taxpayer ID, Email Address, and User-
ID.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:
    General Records Schedule 1:1; Financial Management and Reporting 
Records. Destroy 6 years after final payment or cancellation, but 
longer retention is authorized if required for business use.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
    All HUD employees have undergone background investigations. HUD 
buildings are guarded and monitored by security personnel, cameras, ID 
checks, and other physical security measures. Access is restricted to 
authorized personnel or contractors whose responsibilities require 
access. System users must take the mandatory security awareness 
training annually as mandated by the Federal Information Security 
Management Act (FISMA). Users must also sign a Rules of Behavior form 
certifying that they agree to comply with the requirements before they 
are granted access to the system. FDM resides in the HUD Office of 
Chief Information Officer (OCIO) Local Area Network (LAN). The HUD OCIO 
Infrastructure and Operations Office (IOO) secure the Data Centers 
where the LAN resides. FDM sends and receives data through HUD SFTP 
(Security File Transfer Protocol), which encrypts the data in the 
database. All users authenticate to the HUD LAN with PIV cards before 
they can access FDM. OCFO limits access to records that contain PII 
data on a need-to-know basis, user recertification is performed, audit 
logs are reviewed, security assessments are performed, and background 
checks are performed prior to granting access to privileged roles. Not 
all employees and contractors have access to the vendor table that 
includes the PII. Supervisors determine and authorize FDM access for 
their employees, and OCFO checks their suitability. The majority of FDM 
users are read-only and cannot enter data into FDM. A system user 
recertification is conducted to ensure each FDM user requires access to 
the system.

RECORD ACCESS PROCEDURES:
    Individuals requesting records of themselves should address written 
inquiries to the Department of Housing Urban and Development 451 7th 
Street SW, Washington, DC 20410-0001. For verification, individuals 
should provide their full name, current address, and telephone number. 
In addition, the requester must provide either a notarized statement or 
an unsworn declaration made under 24 CFR 16.4.

CONTESTING RECORD PROCEDURES:
    The HUD rule for contesting the content of any record pertaining to 
the individual by the individual concerned is published in 24 CFR 16.8 
or may be obtained from the system manager.

NOTIFICATION PROCEDURES:
    Individuals requesting notification of records of themselves should 
address written inquiries to the Department of Housing Urban 
Development, 451 7th Street SW, Washington, DC 20410-0001. For 
verification purposes, individuals should provide their full name, 
office or organization where assigned, if applicable, and current 
address and telephone number. In addition, the requester must provide 
either a notarized statement or an unsworn declaration made under 24 
CFR 16.4.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
    None.

HISTORY:
    Docket No. FR-7104-N-08, 90 FR 36176, August 1, 2025.

Kimberly Morton,
Acting Chief Privacy Officer, Office of Administration.
[FR Doc. 2026-08218 Filed 4-27-26; 8:45 am]
BILLING CODE 4210-67-P


</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>