[Federal Register: October 30, 2006 (Volume 71, Number 209)]
[Notices]
[Page 63329-63332]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr30oc06-107]
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
[DHS-2006-0041]
Privacy Act of 1974; System of Records
AGENCY: Office of the Chief Human Capital Officer; Department of
Homeland Security.
ACTION: Notice of Privacy Act System of Records.
-----------------------------------------------------------------------
SUMMARY: Pursuant to the Privacy Act of 1974, the Department of
Homeland Security proposes to add a new system of records to the
Department's inventory, entitled ``the MaxHR e-Performance Management
System.'' This system is an employee performance management e-tool that
will standardize and automate related human resources functions that
will support a portion of the Department's MaxHR program. This program
will support the Department's ability to continue to attract, retain,
and reward a robust and highly qualified workforce by transforming DHS
human resources policies, processes, systems, streamlining business
processes, and consolidating several disparate systems currently in
operation. Implementation of the the MaxHR e-Performance Management
System will provide greater flexibility and accountability in the way
employees are paid, developed, and evaluated. Employees, through a
password protected portal, can access the system to initiate each step
in the performance cycle, including
[[Page 63330]]
performance planning, quarterly reviews, and performance appraisals.
Supervisors will utilize various features of the system to review
employees' performance, determine completion of goals, and complete
performance appraisals. Each step in the performance management cycle,
as reflected in the automated system, will serve as a catalyst for
increased communication between supervisor and employees to enhance
performance and ensure that work is accomplished in an efficient and
effective manner.
DATES: The new system of records will be effective November 29, 2006,
unless comments are received that result in a contrary determination.
ADDRESSES: You may submit comments, identified by docket number DHS-
2006-0041, by one of the following methods:
Federal e-Rulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
FAX: 202-357-8474 (Not a toll-free number).
Mail: John S. Allen, U.S. Department of Homeland Security,
Director of Human Capital Business Systems, Office of the Chief Human
Capital Officer, 245 Murray Lane, SW., Building 410, Washington, DC
20528; or E-mail: John.s.allen@dhs.gov.
FOR FURTHER INFORMATION CONTACT: John S. Allen, U.S. Department of
Homeland Security, Office of the Chief Human Capital Officer, Human
Capital Business Systems, 245 Murray Lane, SW., Building 410,
Washington, DC 20528; or Shila Ressler, U.S. Department of Homeland
Security, Executive Secretariat-Management, Washington, DC 20393. For
privacy issues please contact: Hugo Teufel III (571-227-3813), Chief
Privacy Officer, Privacy Office, U.S. Department of Homeland Security,
Washington, DC 20528.
SUPPLEMENTARY INFORMATION:
The Department of Homeland Security (DHS), Office of the Chief
Human Capital Officer (OCHCO), is publishing a Privacy Act System of
Records Notice to cover its collection, use, and maintenance of records
relating to its performance management responsibilities for the
Department. Until now, pursuant to the savings clause in the Homeland
Security Act of 2002, Public Law 107-296, sec. 1512, 116 Stat. 2310
(Nov. 25, 2002) (6 U.S.C. 552), the Department has been relying on
legacy Privacy Act systems for this purpose, including Office of
Personnel Management's (OPM) Government 2--Employee Performance File
System of Records.
The MaxHR Program was established by DHS to implement the human
capital provisions of the Homeland Security Act of 2002. The MaxHR
program is a collection of functions and systems centered on a core
enterprise entitled the Human Resource Management System. A primary
component of this overall system is an electronic performance
management program based on pay-for-performance principles. Each
employee's goals are cascaded down from the organization's goals. By
using this approach, each employee's individual work plan is linked to
the organization's goals.
DHS developed the MaxHR ePerformance Management System (``the
ePerformance System'') to facilitate the implementation and management
of this new automated pay-for-performance program. The ePerformance
System is designed to support the ongoing review and evaluation of
employees by their supervisors. This system collects personally
identifiable data from DHS employees, including their full name, Social
Security number, pay plan, grade, step, series, supervisory code,
organizational code, employee status, probationary dates, and duty
locations. The ePerformance tool will be used to set and communicate
performance expectations; monitor performance and provide feedback;
develop performance goals; complete the appraisal process; address poor
performance and reward good performance; and produce performance-
related reports. The new system will replace current performance
management systems that are largely paper-based and that do not
adequately support the new MaxHR program requirements for pay-for-
performance.
The Privacy Act embodies fair information principles in a statutory
framework governing the means by which the U.S. Government collects,
maintains, uses and disseminates personally identifiable information.
The Privacy Act applies to information that is maintained in a ``system
of records.'' A ``system of records'' is a group of any records under
the control of an agency from which information is retrieved by the
name of the individual or by some identifying number such as property
address, mailing address, symbol, or other identifying particular
assigned to the individual. The MaxHR Performance Management System is
such a system of records.
The Privacy Act requires each agency to publish in the Federal
Register a description denoting the type and character of each system
of records that the agency maintains, and the routine uses that are
contained in each system in order to make agency record keeping
practices transparent, to notify individuals regarding the uses to
which personally identifiable information is put, and to assist
individuals to more easily find such files within the agency. Below is
the description of the MaxHR e-Performance Management System.
In accordance with 5 U.S.C. 552a(r), DHS has provided a report of
this new system of records to the Office of Management and Budget and
to Congress.
DHS/OCHCO-001
System Name:
MAXHR ePerformance Management System.
Security Classification:
Unclassified but sensitive.
System Location:
The system is located at ServerVault, 1506 Moran Road, Dulles, VA
20166.
Categories of Individuals Covered by the System:
Department of Homeland Security managers, supervisors, and non-
bargaining unit employees.
Categories of Records in the System:
The following records are maintained in the ePerformance system:
personnel position information, such as position title, name, Social
Security number, occupational series, grade, organization, component
and duty location; information related to employee performance,
including performance goals and competencies, performance appraisals,
individual development plans, and notes regarding employee performance.
Authority for Maintenance of the System:
Homeland Security Act of 2002 at Section 841; 5 U.S.C. 9701(a); 5
CFR 9701; DHS Management Directive 3181.
Purpose(s):
The MaxHR ePerformance Management System will help DHS meet its
critical mission needs by transforming disparate paper-based and
automated performance management systems into one cohesive, unified
enterprise-wide electronic system. The ePerformance System will be used
to set and communicate performance expectations; monitor performance
and provide feedback; develop performance goals; complete the appraisal
process; address poor performance and reward good performance; and
produce performance-related reports. By leveraging technology to
transform a wide variety of processes and systems, the end result will
be greater flexibility and accountability in the way
[[Page 63331]]
employees are paid, developed, and evaluated.
Routine Uses of Records Maintained in the System, Including Categories
of Users and the Purposes of Such Uses:
In addition to those disclosures generally permitted under 5 U.S.C.
552a(b) of the Privacy Act, all or a portion of the records or
information contained in this system may be disclosed outside DHS as a
routine use as follows:
A. To the National Finance Center, United States Department of
Agriculture, to update employee personnel records and meet government
record keeping and reporting requirements.
B. When a record, either on its face on in conjunction with other
information, indicates a violation or potential violation of law,
whether criminal, civil or administrative, the relevant records may be
referred to an appropriate Federal, State, territorial, tribal, local,
international, or foreign law enforcement agency or other appropriate
authority charged with investigating or prosecuting such a violation or
enforcing or implementing such law.
C. To a Federal, state, tribal, local or foreign government agency
or professional licensing authority in response to its request, in
connection with the hiring or retention of an employee, the issuance of
a security clearance, the reporting of an investigation of an employee,
the letting of a contract, or the issuance or status of a license,
grant, or other benefit by the requesting entity, to the extent that
the information is relevant and necessary to the requesting entity's
decision on the matter.
D. To the news media and the public where there exists a legitimate
public interest in the disclosure of the information or when disclosure
is necessary to preserve confidence in the integrity of the Department
or is necessary to demonstrate the accountability of the Department's
officers, employees, or individuals covered by the system, except to
the extent it is determined that release of the specific information in
the context of a particular case would constitute an unwarranted
invasion of personal privacy.
E. To the National Archives and Records Administration or other
federal government agencies in records management inspections conducted
under the authority of 44 U.S.C. 2904 and 2906.
F. To contractors, grantees, experts, consultants, students, and
others performing or working on a contract, service, grant, cooperative
agreement, or other assignment for the Federal Government, when
necessary to accomplish an agency function related to this system of
records.
G. To the Department of Justice (DOJ) or other Federal agency
conducting litigation or in proceedings before any court, adjudicative
or administrative body, when: (a) DHS, or (b) any employee of DHS in
his/her official capacity, or (c) any employee of DHS in his/her
individual capacity where DOJ or DHS has agreed to represent the
employee, or (d) the United States or any agency thereof, is a party to
the litigation or has an interest in such litigation, and DHS
determines that disclosure is relevant and necessary to the litigation.
H. To a congressional office from the record of an individual in
response to an inquiry from that congressional office made at the
request of the individual to whom the record pertains.
I. To an agency, organization, or individual for the purposes of
performing audit or oversight operations as authorized by law.
J. To the Equal Employment Opportunity Commission, Merit Systems
Protection Board, Office of the Special Counsel, Federal Labor
Relations Authority, or Office of Personnel Management or to
arbitrators and other parties responsible for processing any personnel
actions or conducting administrative hearings or appeals, or if needed
in the performance of authorized duties.
Policies and Practices for Storing, Retrieving, Accessing, Retaining,
and Disposing of Records in the System:
Storage:
Data is stored in a commercial database management system,
(Microsoft SQL Server) located at ServerVault, 1506 Moran Road, Dulles,
VA 20166. The magnetic storage devices used to store the database are
located in a locked vault, accessed only by authorized personnel. The
storage media is further protected from loss or damage due to media
failure using redundant storage technology that simultaneously updates
a backup copy of the database.
Retrievability:
Data may be retrieved by the individual's name, Social Security
number, or other assigned personal identifier.
Safeguards:
Information in this system is safeguarded in accordance with
applicable laws, rules, and policies, including the DHS Information
Technology Security Program Handbook. All records are protected from
unauthorized access through appropriate administrative, physical, and
technical safeguards. These safeguards include restricting access to
authorized personnel who have a ``need-to-know,'' using locks and
password protection identification features. DHS file areas are locked
after normal duty hours and the facilities are protected from the
outside by security personnel.
Further system and data safeguards are outlined in detail in the
System Security Plan developed by DHS and Softscape (Automated Service
Provider makers of commercial off the shelf software) and ServerVault
(the hosting center). Additionally, DHS's Privacy Office is reissuing
the ePerformance Privacy Impact Assessment (PIA) with the issuance of
this notice. The PIA can be accessed at http://www.dhs.gov/privacy.
Retention and Disposal:
The General Records Schedule specifies that performance records for
non-Senior Executive Service employees should be destroyed when four
(4) years old or no longer needed; for Senior Executive Service
employees, when five (5) years old or no longer needed. OCHCO will
follow this and the NARA guidance on Employee Performance File System
Records.
System Manager(s) and Address:
John S. Allen, U.S. Department of Homeland Security, Chief Human
Capital Officer, Human Capital Business Systems, 1201 New York Avenue,
NW., Suite 1200, Washington, DC, 20005; or Shila Ressler, U.S.
Department of Homeland Security, Executive Secretariat--Management,
Washington, DC 20393.
Notification and Procedure:
To determine whether this system contains records relating to you,
write to the System Manager identified above.
Record Access Procedure:
A request for access to records in this system may be made by
writing to the System Manager, identified above, or to the Director for
Departmental Disclosure and FOIA in conformance with 6 CFR part 5,
subpart B, which provides the rules for requesting access to Privacy
Act records maintained by DHS.
Contesting Record Procedures:
See ``Notification Procedure'' above.
[[Page 63332]]
Record Source Categories:
Records are obtained from employees, supervisors, and the National
Finance Center.
Exemption Claimed for the System:
None.
Dated: October 17, 2006.
Hugo Teufel III,
Chief Privacy Officer.
[FR Doc. E6-17949 Filed 10-27-06; 8:45 am]
BILLING CODE 4410-10-P