Download  

Effective Date: 9/18/89

Series: Information Resources Management

Part 383: Public Access to Records

Chapter 12: Conduct of Computer Matching Programs

Originating Office: Office of Information Resources Management

12.1 Purpose. This chapter provides guidelines and procedural requirements for conducting automated matching programs in the Department, or providing records to other entities outside the Department for use in such matching programs. These requirements are based on the provisions of the computer Matching and Privacy Protection Act of 1988 (P.L. 100-503) which amended the Privacy Act of 1974, and guidelines issued by the Office of Management and Budget and published in the Federal Register on June 19, 1989 (54 FR 25818).

12.2 Scope. These guidelines apply to all bureaus and offices of the Department, and to all matching programs involving Privacy Act systems of records.

A. Which are performed within the Department, whether the individuals= records used in the match are Federal or non-Federal.

B. For which a Departmental bureau or office discloses any records on individuals for use in a matching program performed by any other Federal agency or any non-Federal organization.

12.3 Policy.

A. The conduct of matching programs in the Department is encouraged to improve Government operations, reduce losses from fraud, abuse, error, or loan defaults, and assure the proper use of Government funds and property. Departmental cooperation with other agencies who propose to conduct such programs is also encouraged when such proposals are determined to be necessary, useful, in compliance with the requirements of this chapter, and will not disrupt bureau/office operations.

B. Computer matching programs should be undertaken within the Department only if there is a potential for financial benefits which outweigh the costs of conducting the match, and there are appropriate safeguards to protect an individual=s right to privacy.

C. Strict adherence to the requirements of the Privacy Act of 1974, the Department=s implementing regulations (43 CFR, Part 2, Subpart D), the Computer Matching and Privacy Protection Act of 1988, and this Part (383 DM) is required in the conduct of matching programs.

D. No record which is contained in a Privacy Act system of records may be disclosed to a recipient agency or non-Federal agency for a matching program without a written agreement (see Appendix 1) between the source agency and the recipient agency or non-Federal agency.

E. No Departmental bureau or office may disclose any record which is contained in a Privacy Act system of records to a recipient agency or non-Federal agency for a matching program if the bureau or office has reason to believe that the due process requirements or other provisions of the matching agreement are not being met.

F. No Departmental bureau or office may renew a matching agreement unless the recipient agency has certified in writing that it has complied with the terms of the agreement, and the bureau or office has no reason to believe that the certification is inaccurate.

12.4 Applicability.

A. Public Law 100-503 is somewhat narrow in scope in that it applies only to automated matching programs that involve records subject to the Privacy Act that include:

(1) Applicants for, recipients or beneficiaries of, participants in, and providers of services that support Federal benefit programs.

(2) Federal personnel or payroll systems.

B. Notwithstanding the limitations of Public Law 100-503, the Department requires that the provisions of this chapter be applied to all automated matching programs that are conducted in the Department or involve Departmental participation that will have an adverse effect on individuals, except where specifically exempted herein.

12.5 Definitions. For the purposes of this chapter, the following definitions apply. Other pertinent definitions are provided in 383 DM 1.4.

A. Matching program means any computerized comparison of two or more automated systems of records or a system of records with non-Federal records.

B. Recipient agency means any agency, or contractor thereof, receiving records contained in a system of records from a source agency for use in a matching program.

C. Non-Federal agency means any State or local government, or agency thereof, which receives records contained in a system of records from a source agency for use in a matching program.

D. Source agency means any agency which discloses records contained in a system of records to be used in a matching program, or any State or local government, or agency thereof, which discloses records to be used in a matching program.

E. Federal benefit program means any program administered or funded by the Federal government, or by any agent or State on behalf of the Federal government, providing cash or in-kind assistance in the form of payments, grants, loans or loan guarantees to individuals.

F. Federal personnel means officers and employees of the Government of the United States, members of the uniformed services, individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States (including survivor benefits).

12.6 Exclusions. The following activities and procedures are not considered to be matching programs, and are excluded from the requirements of this chapter. Any questions on the interpretation or application of the following criteria should be directed to the Bureau or Departmental Privacy Act Officer.

A. Matches performed to produce aggregate statistical data without any personal identifiers.

B. Matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals.

C. Matches performed by an agency (or component thereof) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons. The use of the phrase Aperson or persons@ in this context broadens the exclusion to include subjects that are other than Aindividuals@ as defined by the Privacy Act.

D. Matches of tax information involving the disclosure of taxpayer return information to State tax officials; done for the purpose of tax administration as defined in Section 6103 (b)(4) of the Internal Revenue Code; done pursuant to the Deficit Reduction Act of 1984 (DEFRA) where OMB finds the due process provisions of the statutes Asubstantially similar@ to those of the DEFRA.

E. Routine administrative matches using records predominantly relating to Federal personnel only if the purpose of the match will not result in any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel.

F. Matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel.

G. Internal agency matches using only records from the agency=s system of records, only if the purpose of the match will not result in any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel.

12.7 Procedures for Conducting Matching Programs. Any bureau or office that proposes to conduct an automated matching program, or modify and existing program, not specifically exempted by 383 DM 12.6, must address the following requirements before proceeding with data collection or matching procedures.

A. A benefit/cost analysis for the proposal must be prepared. See 383 DM 12.13.

B. A written matching agreement between the Departmental bureau or office (recipient agency) and the source agency or non-Federal agency must be prepared and executed. Appendix 1 provides a description of the required contents of matching agreements. For matches conducted entirely within a bureau or office, a memorandum of understanding between the affected System Managers, and containing the applicable items described in Appendix 1 must be prepared and executed.

C. A notice announcing the establishment of the matching program must be prepared for publication in the Federal Register at least 30 days prior to conducting the match. The notice shall contain the information described in Appendix 2 and be prepared for the signature of the bureau or office head.

D. The documents described in 12.7A, B, and C above are forwarded to the Department=s Data Integrity Board for review and approval. The proposal should be forwarded by transmittal memorandum signed by the bureau or office head, and addressed to the Chairman of the Board. See 383 DM 13 for a description of the membership and functions of the Board.

E. If the proposal is approved by the Data Integrity Board, the originating bureau or office will be notified in writing. The bureau/office is then responsible for the following actions:

(1) Forwarding the Federal Register notice to the Office of the Federal Register for publication. The bureau of office may publish the notice of the matching program in the Federal Register at the same time the notification is submitted to OMB and Congress, provided the notice plainly states that the matching program is subject to review by OMB and Congress and will not become effective until that review period (60 days) has elapsed.

(2) Forwarding (in duplicate) copies of the matching agreement and the Federal Register notice to the Senate Committee on Governmental Affairs, the House Committee on Government Operations, and the Office of Management and Budget. The letters transmitting the materials should be addressed to the Chairman of the Senate and House Committees, and to the Administrator, Office of Information and Regulatory Affairs, OMB, and should include the following information:

(a) What alternatives to matching the agencies considered and why a matching program was chosen.

(b) The date the match was approved by each participating Federal agency=s Data Integrity Board.

(c) Whether a benefit-cost analysis was required and, if so, whether it projected a favorable ratio.

(d) If applicable, the reason(s) for requesting a partial waiver of the 60-day OMB/Congress review period (see 383 DM 12.12).

(3) If the proposal is disapproved, an appeal to OMB may be considered (see 383 DM 13.5).

F. No matching agreement, program, or activity may be commenced or become effective until 30 days have elapsed following Federal Register publication, and 60 days after the notifications to OMB and Congress have been made as described in 12.7E above. If a waiver of 30 of the 60 days required for OMB and Congressional review will be sought, see 383 DM 12.12.

G. The bureau or office conducting the matching program must maintain adequate documentation of the program=s operations, costs, and accomplishments for reporting, audit, and renewal purposes.

12.8 Procedures for Disclosing Records for Matching Programs. Bureaus and offices that receive requests to provide records subject to the Privacy Act to other agencies for matching programs must carry out the following responsibilities before taking action on such requests.

A. Execute a matching agreement with the recipient agency. If the recipient will be a non-Federal agency, then the bureau or office must prepare a matching agreement as described in Appendix 1.

B. If the recipient is a non-Federal agency, prepare a Federal Register notice as described in 383 DM 12.7C.

C. Obtain from the recipient agency a copy of the benefit/cost analysis for the matching program, and supplement the analysis with information on estimated costs that the bureau/office will incur to participate in the program.

D. Ensure that the disclosure provisions of the Privacy Act are met for the bureau/office system of records from which the disclosures will be made (see 383 DM 7.2).

E. Ensure that the Adue process@ and Aopportunity to contest@ provisions described in 383 DM 12.9 are properly addressed by the recipient agency.

F. Forward the proposal to the Department=s Data Integrity Board as described in 383 DM 12.7D.

G. If the proposal is approved and the recipient organization is a non-Federal agency, forward the documents to the Office of the Federal Register, Congress, and OMB as described in 383 DM 12.7E. If the recipient is another Federal agency, that organization is responsible for publication and reporting to OMB and Congress and should be notified of the approval.

H. No matching agreement may become effective, or disclosure of records to the recipient agency may occur until the publication and review periods described in 383 DM 12.7F have elapsed.

I. The bureau or office participating in such a matching program must obtain assurances from the recipient agency that adequate information will be developed, maintained, and made available for reporting, audit, and renewal purposes. Such assurances may be included in the terms of the matching agreement (see Appendix 1).

12.9 Providing Due Process to Matching Subjects. Public Law 100-503 prescribes certain due process requirements that subjects of matching programs must be afforded when matches uncover adverse information about them.

A. Verification of Adverse Information. Agencies may not premise adverse action upon the raw results of a computer match. Any adverse information so developed must be subjected to investigation and verification before action is taken. In many cases, the individual record subject is the best source for determining a finding=s validity, and he or she should be contacted where practicable. In other cases, the payer of a benefit will have the most accurate record relating to payment and should be contacted for verification. Note that in some cases, contacting the subject initially may permit him or her to conceal data relevant to the decision; and, in those cases, an agency may elect to examine other sources. Absolute confirmation is not required; a reasonable verification process that yields confirmatory data will provide the agency with a reasonable basis for taking action.

B. Notice and Opportunity to Contest. Agencies are required to notify matching subjects of adverse information uncovered and give them an opportunity to explain prior to making a final determination. Individuals may have at least 30 days to respond to a notice of adverse action. The period runs from the date of the notice until 30 calendar days later including transit time. (Note: the notification period may be longer than 30 days if required by statute or regulation.)

(1) If an individual contacts the agency within the notice period and indicates his or her acceptance of the validity of the adverse information, agencies may take immediate action to deny or terminate. Agencies may also take action if the period expires without contact.

(2) If the Federal program involved in the match has its own due process requirements, those requirements may suffice for the purposes of the Computer Matching Act, provided they are at least as strong as that Act=s provisions.

C. In any case, if an agency determines that there is likely to be a potentially significant effect on public health or safety, it may take appropriate action, notwithstanding these due process provisions.

12.10 Congressional/OMB Review of Matching Programs. The bureau or office submitting a proposal for a new or altered computer matching program to Congress and OMB may presume their concurrence if the 60-day review period has expired without comment from any reviewer. In situations where a partial waiver has been requested (see 383 DM 12.12), the bureau or office may make this presumption if 30 days have elapsed without comment.

12.11 Changes to Existing Matching Programs. Proposals to substantially alter existing computer matching programs require the same review, approval, publication, and notification actions as described in 383 DM 12.7. The types of significant revisions which require approval are changes to:

A. The purpose for which the program was established.

B. The matching population either by including new categories of records subjects, or by greatly increasing the numbers of records matched.

C. The legal authority under which the match was being conducted.

D. The records that will be used in the match.

12.12 Waiver Requests. A bureau or office may seek a waiver of 30 of the 60 days required by OMB and Congress to review computer matching proposals. Such requests should be included in the transmittal letters described in 383 DM 12.7E(2), by providing the reason(s) for the waiver request, and the adverse consequences of having to wait the entire 60 days.

12.13 Benefit/Cost Analyses.

A. Public Law 100-503 requires that a benefit/cost analysis be a part of an agency decision to conduct or participate in a matching program. The requirement ensures that sound management practices are followed when agencies use Privacy Act systems of records in matching programs. A document containing a benefit/cost analysis will be included as an attachment to matching agreements prepared in accordance with the 383 DM 12.7B and 12.8A.

B. The analysis should contain specific estimates of: (1) the costs to the recipient and source agencies for conducting the matching program; and (2) the savings or other tangible or intangible benefits that will be achieved. Appendix 3 provides a discussion of benefit/cost analyses considerations which has been excerpted from OMB=s guidelines for implementing P.L. 100-503.

C. A benefit/cost analysis is not required for a matching program that is specifically required by statute. However, when the matching agreement for such a program is renegotiated, a benefit/cost analysis covering the preceding matches must be performed. P.L. 100-503 does not require the showing of a favorable ratio for the match to be continued, only that an analysis be performed.

D. Public Law 100-503 permits the Department=s Data Integrity Board to waive the benefit/cost requirement if it determines in writing that such analysis is not required.

12.14 Responsibilities of Non-Federal Agencies. Although Public Law 100-503 does not apply to or affect non-Federal agencies using their own records for matching purposes, the Act does require such agencies, when participating in computer matches subject to this chapter, to:

A. Execute matching agreements prepared by a Federal agency or agencies involved in the matching program.

B. Provide data to Federal agencies on the costs and benefits of matching programs.

C. Certify that they will not take adverse action against an individual as a result of any information developed in a matching program unless the information has been independently verified and until 30 days after the individual has been notified of the findings and given an opportunity to contest them. The notification period may be longer than 30 days if required by statute or regulation.

D. For renewals of matching programs, certify that the terms of the matching agreement have been followed.

12.15 Use of Contractors. Matching programs should, as far as practicable, be conducted Ain house@ using Departmental personnel, rather than by contract. When contractors are used, however, the requirements listed below apply.

A. The matching agency should, consistent with subsection (m) of the Privacy Act, cause the requirements of that Act to be applied to the contractor=s performance of the matching program. The solicitation and resulting contract should include the Privacy Act provisions required by FAR Subpart 24.1 as supplemented by DIAR Subpart 1424.1.

B. The terms of the contract should include appropriate privacy and security provisions consistent with policies, regulations, standards and guidelines issued by OMB, GSA, and the Department of Commerce.

C. The terms of the contract should preclude the contractor from using, disclosing, copying, or retaining records associated with the matching program for the contractor=s own use.

D. Contractor personnel involved in the matching program should be made explicitly aware of their obligation under the Act, and of these guidelines, agency rules and any special safeguards in relation to each specific match performed.

E. Before any disclosures from the pertinent system of records are made to the contractor, the notice describing the system must meet the requirements of 383 DM 7.2.

12.16 Reports. Bureaus and offices should be prepared to report on matching programs pursuant to the reporting requirements of either the Privacy Act of 1974 or the Computer Matching and Privacy Protection Act of 1988. Reports will be solicited by the Office of Management and Budget and will focus on both the protection of individual privacy and the Government=s effective use of information technology. Reporting instructions will be disseminated to the bureaus and offices as part of the reports required by 383 DM 10. See 383 DM 10 for additional information.

----------------------------------------------------------------------------------------------------------------------

MATCHING AGREEMENTS

This appendix describes the items to be addressed and included in inter-and intra-agency agreements to conduct computer matching programs. Responsibility for the preparation of matching agreements are prescribed in 383 DM 12.7B and 12.8A. Agreements must contain the following:

1. Purpose and Legal Authority. Describe the general purpose and cite the legal authority for the matching program. Since the Computer Matching Act (P.L. 100-503) provides no independent authority for the operations of matching programs, agencies should cite a specific Federal or State authority or regulatory basis for undertaking such programs.

2. Justifications and Expected Results. Provide an explanation of why computer matching as opposed to some other administrative activity is being proposed and what the expected results will be. A summary of the benefit/cost analysis prepared for the proposal should be provided in this section, and a copy of the actual analysis incorporated as an enclosure to the agreement.

3. Records Description. Provide a description and identification of the systems of records or non-Federal records, the number of records, and what data elements will be included in the match. The Federal systems of records involved should be specifically identified by providing the system numbers, names, and citations to the last Federal Register publication of the system notices. Projected starting and completion dates for the program should also be provided.

4. Notice Procedures. Describe the procedures to notify individuals of the matching program. There are two ways in which record subjects can receive notice that their records may be matched:

a. By direct notice when there is some form of contact between the government and the subject, e.g., information on the application form when they apply for a benefit, or in a notice that arrives with a benefit that they receive.

b. By constructive notice, e.g., publication of system notices, routine use disclosures, and matching programs in the Federal Register.

5. Due Process Procedures. Provide a description of the methods the agency will use to independently verify the information obtained through the matching program and to provide individuals proper notice and opportunity to contest findings. The descriptions should adequately address the requirements prescribed in 383 DM 12.9.

6. Disposition of Matched Items. Include a statement that information generated through match will be destroyed as soon as it has served the matching program=s purpose, and any legal retention requirements the agency establishes in conjunction with the National Archives and Records Administration or other cognizant authority.

7. Security Procedures. Provide a description of the administrative and technical safeguards to be used in protecting the information. They should be commensurate with the level of sensitivity of the data.

8. Records Usage, Duplication and Redisclosure. Describe any specific restrictions imposed by either the source agency or by statute or regulation on collateral uses of the records used in the matching program. In general, recipient agencies should not subsequently disclose records obtained for a matching program and under the terms of a matching agreement for other purposes absent a specific statutory requirement, or where the disclosure is essential to the conduct of the matching program. The agreement should specify how long a recipient agency may keep records provided for a matching program, and when they will be returned to the source agency or destroyed.

9. Records Accuracy Assessments. Provide information relating to the quality of the records to be used in the matching program. Record accuracy is important from two standpoints. In the first case, the worse the quality of the data, the less likely a matching program will have a cost-beneficial result. In the second case, the Privacy Act requires Federal agencies to maintain information in systems of records to a standard of accuracy that will reasonably assure fairness in any determination made on the basis of the record. Thus an agency receiving records from another Federal agency or from a non-Federal agency need to know information about the accuracy of such records in order to comply with the law. Moreover, the Privacy Act also requires agencies to take reasonable steps to ensure the accuracy of records that are disclosed to non-Federal recipients.

10. Comptroller General Access. Include a statement that the Comptroller General of the U.S. may have access to all records of a recipient agency or non-Federal agency necessary to monitor or verify compliance with the agreement. It should be understood that this requirement permits the Comptroller General to inspect any State or local government records used in the matching program covered by the agreement.

11. Certification. Include an appropriate statement indicating that the pertinent signatories to the agreement certify that no adverse action will be taken against an individual as a result of any information developed in a matching program unless the information has been independently verified, and until 30 days after the individual has been notified of the findings and given an opportunity to contest them. (See note in 383 DM 12.9B.)

12. Expiration Date. A matching agreement should remain in force for only so long as necessary to accomplish the specific matching purpose. By statute, a matching agreement automatically expires at the end of 18 months unless 3 months prior to the actual expiation date, the Data Integrity Board of the pertinent Federal Agency finds that the program will be conducted without change and each party certifies that the program has been conducted in compliance with the matching agreement. Under this finding, the Board may extend the agreement for not more than 1 additional year. Therefore, a statement regarding the term of the matching agreement should be included in this section.

13. Signatories. Show the name, title, organization and date signed for each of the signatories to the agreement. Bureau and office internal directives may establish the signature level for executing matching agreements. However, the lowest level shall be the bureau or office director=s principal assistant or associate director responsible for Privacy Act implementation in the organization.

NOTE: As applicable, additional paragraphs may be added to the agreement addressing items such as: reimbursement of source agency costs; written assurances regarding the development and maintenance of information about the matching program (see 383 DM 12.8I), etc.

----------------------------------------------------------------------------------------------------------------------

FEDERAL REGISTER NOTICES

This appendix describes the items to be addressed and included in Federal Register notices to publish the establishment or alteration of a computer matching program. Responsibilities for the preparation of such notices are described in 383 DM 12.7C and 12.8B. Guidance on the preparation of Federal Register notices in general is provided in 318 DM 8. Computer matching notices should contain the following:

1. Name of participating agency or agencies.

2. Purpose of the match.

3. Authority for conducting the matching program. (Note that the Computer Matching Act, P.L. 100-503, provides no independent authority for carrying out any matching activity.)

4. Categories of records and individuals covered.

5. Inclusive dates of the matching program.

6. Address for receipt of public comments or inquiries.

NOTE: If the notice will be submitted to the Federal Register at the same time as the reports to OMB and Congress, the notice should plainly state that the matching program is subject to review by OMB and Congress and will not become effective until that review period (60 days) has elapsed. (See 383 DM 12.7F.)

----------------------------------------------------------------------------------------------------------------------

Benefit/Cost Analysis. The Computer Matching Act requires that a benefit/cost analysis be a part of an agency decision to conduct or participate in a matching program. The requirement occurs in two places: in matching agreements which must include a justification of the proposed match with a Aspecific estimate of any savings@; and, in the Data Integrity Board review process.

The intent of this requirement is not to create a presumption that when agencies balance individual rights and cost savings, the latter should inevitably prevail. Rather, it is to ensure that sound management practices are followed when agencies use records from Privacy Act systems of records in matching programs. Particularly in a time when competition for scarce resources is especially intense, it is not in the government=s interests to engage in matching activities that drain agency resources that could be better spent elsewhere. Agencies should use the benefit/cost requirement as an opportunity to reexamine programs and weed out those that produce only marginal results.

While the Act appears to require a favorable benefit/cost ratio as an element of approval of a matching program, agencies should be cautious about applying this interpretation in too literal a fashion. For example, the first year in which a matching program is conducted may show a dramatic benefit/cost ratio. However, after it has been conducted on a regular basis (with attendant publicity), its deterrent effect may result in much less favorable ratios. Elimination of such a program, however, may well result in a return to the prematch benefit/cost ratio. The agency should consider not only the actual savings attributable to such a program, but the consequences of abandoning it.

For proposed matches without an operational history, benefit/cost analyses will of necessity be speculative. While they should be based upon the best data available, reasonable estimates are acceptable at this stage. Nevertheless, agencies should design their programs so as to ensure the collection of data that will permit more accurate assessments to be made. As more and more data become available, it should be possible to make more informed assumptions about the benefits and cost of matching. One source of information about conducting benefit/cost analysis as it relates to matching programs is the GAO Report AComputer Matching, Assessing its Costs and Benefits,@ GAO/PEMD-87-2, November, 1986. Agencies may wish to consult this report as they develop methodologies for performing this analysis.

Because matching is done for a variety of reasons, not all matching programs are appropriate candidates for benefit/cost analysis. The Computer Matching Act tacitly recognizes this point by permitting Data Integrity Boards to waive the benefit/cost requirement if they determine in writing that such an analysis is not required. It should be noted, however, that the Congress expected that such waivers would be used sparingly. The Act itself supplies one such waiver: if a match is specifically required by statute, the initial review by the Board need not consider the benefits and costs of the match. Note that this exclusion does not extend to matches undertaken at the discretion of the agency. However, the Act goes on to require that when the matching agreement is renegotiated, a benefit/cost analysis covering the preceding matches must be done. Note that the Act does not require the showing of a favorable ratio for the match to be continued, only that an analysis be done. The intention is to provide Congress with information to help evaluate the effectiveness of statutory matching requirements with a view to revising or eliminating them where appropriate.

Other examples of matches in which the establishment of a favorable benefit/cost ratio would be inappropriate are:

- A match of a system of records containing information about nurses employed at VA hospitals with records maintained by State nurse licensing boards to identify VA nurses with Aimpaired licenses@, i.e., those who have had some disciplinary action taken against them.

- A match whose purpose is to identify and correct erroneous data e.g., Project Clean Data which was run to correct and eliminate erroneous Social Security Numbers.

- Selective Service System matching to identify 18-year-olds for draft registration purposes.

*

9/18/89 #3458

Replaces 9/18/89 #2871