Privacy Act of 1974; System of Records

AGENCY:

Office of the Secretary, Department of Defense (DoD) .

ACTION:

Notice of a modified system of records.

SUMMARY:

In accordance with the Privacy Act of 1974, the DoD is modifying and reissuing a current system of records titled, “Defense Manpower Data Base,” DMDC 01. This system of records was originally established by the Defense Manpower Data Center (DMDC) to collect and maintain records for the purpose of providing a single central facility within the DoD to assess manpower trends, support personnel and readiness functions, to perform longitudinal statistical analyses, identify current and former DoD civilian and Armed Forces personnel for purposes of detecting fraud and abuse of pay and benefit programs, to register current and former DoD civilian and Armed Forces personnel and their authorized dependents for purposes of obtaining medical examination, treatment or other benefits to which they are qualified. It is also used to collect debts owed to the United States Government and state and local governments. The DMDC manages a series of files within this system of records for the purposes of serving as the central DoD repository for various personnel and manpower assessments. This system of records notice (SORN) is being updated to make various changes, including expanding the individuals covered, updating a routine use relating to computer matching programs, and adding DoD's standard routine uses.

DATES:

This system of records is effective upon publication; however, comments on the Routine Uses will be accepted on or before June 27, 2022. The Routine Uses are effective at the close of the comment period.

ADDRESSES:

You may submit comments, identified by docket number and title, by any of the following methods:

* Federal Rulemaking Portal: https://www.regulations.gov. Follow the instructions for submitting comments.

* Mail: Department of Defense, Office of the Assistant to the Secretary of Defense for Privacy, Civil Liberties, and Transparency, Regulatory Directorate, 4800 Mark Center Drive, Attn: Mailbox 24, Suite 08D09, Alexandria, VA 22350-1700.

Instructions: All submissions received must include the agency name and docket number for this Federal Register document. The general policy for comments and other submissions from members of the public is to make these submissions available for public viewing on the internet at https://www.regulations.gov as they are received without change, including any personal identifiers or contact information.

FOR FURTHER INFORMATION CONTACT:

Mr. Sam Peterson, DMDC Privacy Officer, DMDC Privacy Office, DoD Center, 400 Gigling Road, Monterey, CA 93955; dodhra.dodc-mb.dmdc.mbx.webmaster@mail.mil; (831) 583-2400.

SUPPLEMENTARY INFORMATION:

I. Background

The Defense Manpower Data Base system of records is used to collect and maintain records for the purpose of providing a single central facility within the DoD to assess manpower trends, support personnel and readiness functions, to perform longitudinal statistical analyses, identify current and former DoD civilian and Armed Forces personnel for purposes of detecting fraud and abuse of pay and benefit programs, to register current and former DoD civilian and Armed Forces personnel and their authorized dependents for purposes of obtaining medical examination, treatment or other benefits for which they are qualified. Subject to public comment, the DoD is updating this SORN to add the standard DoD routine uses (routine uses A through J) and to allow for a change to an existing disclosure outside DoD related to the purpose of this system of records. Additionally, the following sections of this SORN are being modified as follows: (1) To the Authority for Maintenance of the System section to add additional authorities; (2) to the Categories of Individuals Covered by the System, to expand the individuals covered with the addition of Space Force and deployed contract personnel, and to the Categories of Records to clarify how the records relate to the revised Categories of Individuals; (3) to the Administrative, Technical, and Physical Safeguards to update the individual safeguards protecting the personal information; (4) to the Record Access Procedures section to reflect the need for individuals to identify the appropriate DoD office or component to which their request should be directed; (5) to the Contesting Records Procedures section to update the appropriate citation for contesting records; and (6) to the System Manager and System Location sections to update the addresses and office names. Furthermore, this notice includes non-substantive changes to simplify the formatting and text of the previously published notice.

DoD SORNs have been published in the Federal Register and are available from the address in FOR FURTHER INFORMATION CONTACT or at the Defense Privacy, Civil Liberties, and Freedom of Information Directorate website at https://dpcld.defense.gov.

II. Privacy Act

Under the Privacy Act, a “system of records” is a group of records under the control of an agency from which information is retrieved by the name of an individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined as a U.S. citizen or lawful permanent resident.

In accordance with 5 U.S.C. 552a(r) and Office of Management and Budget (OMB) Circular No. A-108, the DoD has provided a report of this system of records to the OMB and to Congress.

SYSTEM NAME AND NUMBER:

Defense Manpower Data Center Data Base, DMDC 01.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Department of Defense (Department or DoD), located at 1000 Defense Pentagon, Washington, DC 20301-1000, and other Department installations, offices, or mission locations. Information may also be stored within a government-certified cloud, implemented and overseen by the Department's Chief Information Officer (CIO), 6000 Defense Pentagon, Washington, DC 20301-6000.

SYSTEM MANAGER(S):

The system manager is Program Manager, Defense Manpower Data Center, DoD Center Monterey Bay, 400 Gigling Road, Seaside, CA 93955-6771; Email: dodhra.dodc-mb.dmdc.mbx.webmaster@mail.mil.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5 U.S.C. App. (Pub. L. 95-452, as amended (Inspector General Act of 1978)); 10 U.S.C. 136, Under Secretary of Defense for Personnel and Readiness; 10 U.S.C. 1562, Database on Domestic Violence Incidents; 20 U.S.C. 1001 et seq., Higher Education Opportunity Act; Public Law 106-265, Federal Long-Term Care Insurance; 10 U.S.C. 2358, Research and Development Projects; DoD Instruction 6490.03, Deployment Health; and E.O. 9397 (SSN), as amended.

PURPOSE(S) OF THE SYSTEM:

The purpose of the system of records is to provide a single central facility within the Department of Defense (DoD) to assess manpower trends, support personnel and readiness functions, to perform longitudinal statistical analyses, to identify current and former DoD civilian and Armed Forces personnel for purposes of detecting fraud and abuse of pay and benefit programs, to register current and former DoD civilian and Armed Forces personnel and their authorized dependents for purposes of obtaining medical examination, treatment or other benefits for which they are qualified. In addition, the system of records may be used as follows:

A. To collect debts owed to the United States Government and state and local governments.

B. In the preparation of studies and policy as related to the health and well- being of current and past Armed Forces and DoD-affiliated civilian and contractor personnel;

C. To respond to Congressional and Executive branch inquiries;

D. To provide data or documentation relevant to the testing or exposure of individuals to chemical, biological, or other substances affecting health;

E. To conduct longitudinal, statistical, and analytical studies and compute demographic reports, with respect to Armed Forces drug testing records. No personal identifiers will be included in the demographic data reports. All requests for Service specific drug testing demographic data will be approved by the Service designated drug testing program office. All requests for DoD wide drug testing demographic data will be approved by the DoD Coordinator for Drug Enforcement Policy and Support, 1510 Defense Pentagon, Washington, DC 20301-1510.

F. DMDC web usage data will be used to validate continued need for user access to DMDC computer systems and databases, to address problems associated with web access, and to ensure access is only for official purposes.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

A. All Army, Navy, Air Force, Marine Corps, Space Force and Coast Guard officer and enlisted (hereafter the “Armed Forces”) personnel serving on active duty from July 1, 1968 and after or were a member of a reserve component since July 1975;

B. Retired Armed Forces personnel;

C. Active and retired members of the commissioned corps of the National Oceanic and Atmospheric Administration (NOAA) and the Public Health Service (PHS) (with Armed Forces above, hereafter referred to as the “Uniformed Services”);

D. Deployed contract personnel;

E. All individuals examined to determine eligibility for military service at an Armed Forces Entrance and Examining Station from July 1, 1970, and later;

F. Current and former DoD civilian employees since January 1, 1972;

G. Veterans using the Veterans Education Assistance Program (VEAP) from January 1977 through June 1985;

H. Participants in the Department of Health and Human Services National Longitudinal Survey;

I. Survivors of retired Armed Forces personnel eligible for or currently receiving disability payments or disability income compensation from the Department of Veterans Affairs;

J. Surviving spouses of active or retired deceased Armed Forces personnel;

K. 100% disabled veterans and their survivors;

L. Survivors of retired officers of NOAA and PHS eligible for, or currently receiving, Federal payments due to the death of the retiree;

M. Individuals receiving disability compensation from the Department of Veterans Affairs or who are covered by a Department of Veterans Affairs' insurance or benefit program;

N. Dependents of active and retired members of the Uniformed Services;

O. Selective service registrants;

P. All Federal civilian retirees with a DoD affiliation;

Q. DoD non-appropriated fund personnel;

R. Individuals who were or may have been the subject of tests involving chemical or biological human subject testing; and individuals inquiring or providing information to the DoD concerning such testing;

S. Individuals with authorized web access to DMDC computer systems and databases.

CATEGORIES OF RECORDS IN THE SYSTEM:

A. Computerized personnel/employment/pay records: Name, Service Number, Selective Service Number, Social Security Number (SSN), DoD Identification Number, citizenship data, compensation data, demographic information such as home town, age, sex, race, and educational level; civilian occupational information; performance ratings of DoD civilian employees and military members; reasons given for leaving military service or DoD civilian service; civilian and military acquisition work force warrant location; training and job specialty information; military personnel information such as rank, assignment/deployment, casualty information, length of service, military occupation, aptitude scores, post-service education, training, and employment information for veterans; participation in various in-service education and training programs; date of award of certification of military experience and training; military hospitalization and medical treatment, immunization, and pharmaceutical dosage records; home and work addresses;

B. Identities of individuals involved in incidents of child and domestic abuse and information about the nature of the abuse and services provided;

C. CHAMPUS claim records containing enrollee, patient and health care facility, provided data such as cause of treatment, amount of payment, name and SSN or tax identification number of providers or potential providers of care;

D. Selective Service System registration data;

E. Primary and secondary fingerprints of Military Entrance Processing Command (MEPCOM) applicants;

F. Department of Veterans Affairs disability payment records.

G. Credit or financial data as required for security background investigations;

H. Criminal history information on individuals who subsequently enter the military;

I. Extracts from Office of Personnel Management (OPM); OPM/CENTRAL-1, Civil Service Retirement and Insurance Records, including postal workers covered by Civil Service Retirement, containing Civil Service Claim number, date of birth, name, provision of law retired under, gross annuity, length of service, annuity commencing date, former employing agency and home address.;

J. Non-appropriated fund employment/personnel records consist of SSN, name, and work address;

K. Military drug test records containing the SSN, date of specimen collection, date test results reported, reason for test, test results, base/area code, unit, service, status (active/reserve), and location code of testing laboratory;

L. Names of individuals, as well as DMDC assigned identification numbers, and other user-identifying data, such as organization, SSN, email address, phone number, of those having web access to DMDC computer systems and databases, to include dates and times of access.

RECORD SOURCE CATEGORIES:

Records and information stored in this system of records are obtained from: The Uniformed Services, the Department of Veterans Affairs, the OPM, Environmental Protection Agency, the Department of Health and Human Services, the Department of Energy, the Executive Office of the President, and the Selective Service System.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, these records may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

A. To contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for the federal government when necessary to accomplish an agency function related to this system of records.

B. To the appropriate Federal, State, local, territorial, tribal, foreign, or international law enforcement authority or other appropriate entity where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether criminal, civil, or regulatory in nature.

C. To any component of the Department of Justice for the purpose of representing the DoD, or its components, officers, employees, or members in pending or potential litigation to which the record is pertinent.

D. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when the DoD or other Agency representing the DoD determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.

E. To the National Archives and Records Administration for the purpose of records management inspections conducted under the authority of 44 U.S.C. 2904 and 2906.

F. To a Member of Congress or staff acting upon the Member's behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.

G. To appropriate agencies, entities, and persons when (1) the DoD suspects or confirms a breach of the system of records; (2) the DoD determines as a result of the suspected or confirmed breach there is a risk of harm to individuals, the DoD (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the DoD's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

H. To another Federal agency or Federal entity, when the DoD determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

I. To another Federal, State or local agency for the purpose of comparing to the agency's system of records or to non-Federal records, in coordination with an Office of Inspector General in conducting an audit, investigation, inspection, evaluation, or some other review as authorized by the Inspector General Act.

J. To such recipients and under such circumstances and procedures as are mandated by Federal statute or treaty.

K. To Federal and State agencies, as well as their contractors and grantees, for purposes of providing military wage, training, and educational information so that Federal-reporting requirements, as mandated by statute, such as the Workforce Investment Act (29 U.S.C. 2801, et seq .) and the Carl D. Perkins Vocational and Applied Technology Act (20 U.S.C. 2301, et seq .) can be satisfied.

L. To the Department of Veterans Affairs (DVA):

(1) To provide Uniformed Service personnel and pay data for present and former Uniformed Service personnel for the purpose of evaluating use of veterans' benefits, validating benefit eligibility and maintaining the health and well-being of veterans and their family members;

(2) To provide identifying Armed Service personnel data to the DVA and its insurance program contractor for the purpose of notifying separating eligible Reservists of their right to apply for Veteran's Group Life Insurance coverage under the Veterans Benefits Improvement Act of 1996 (38 U.S.C. 1968);

(3) To register eligible veterans and their dependents for DVA programs.

(4) Providing identification of former Uniformed Service personnel and survivor's financial benefit data to DVA for the purpose of identifying military retired pay and survivor benefit payments for use in the administration of the DVA's Compensation and Pension program (38 U.S.C. 5106). The information is to be used to process all DVA award actions more efficiently, reduce subsequent overpayment collection actions, and minimize erroneous payments;

(5) To conduct computer matching programs regulated by the Privacy Act of 1974, as amended (5 U.S.C. 552a) for the purpose of: (a) Providing identification of active duty Uniformed Services personnel, including full time National Guard/Reserve support personnel, for use in the administration of DVA's Compensation and Pension benefit program. The information is used to determine continued eligibility for DVA disability compensation for recipients who return to active duty so benefits can be adjusted or terminated and DVA can collect overpayments as appropriate (38 U.S.C. 5304(c)); (b) Providing identification of Uniformed Services personnel receiving reserve duty pay, including full time National Guard/Reserve Armed Forces support personnel, for the purpose of deducting payments for reserve time served from DVA disability compensation paid. The law (10 U.S.C. 12316) prohibits receipt of both reserve pay and DVA compensation for the same time period, but permits waiver of DVA compensation to draw reserve pay;

(6) To provide identifying Uniformed Service personnel data to the DVA for the purpose of notifying such personnel of information relating to educational assistance as required by the Veterans Programs Enhancement Act of 1998 (38 U.S.C. 3011 and 3034).

M. To the OPM:

(1) Consisting of personnel/employment/financial data for the purpose of carrying out OPM's management functions. Records disclosed concern pay, benefits, retirement deductions and any other information necessary for those management functions required by law (Pub. L. 83-598, 84-356, 86-724, 94-455 and 5 U.S.C. 1302, 2951, 3301, 3372, 4118, 8347).

(2) Matching for administrative purposes to include updated employer addresses of Federal civil service employees who are reservists and demographic data on civil service employees who are reservists.

N. To the Internal Revenue Service (IRS) for the purpose of obtaining home addresses to contact Reserve component members for mobilization purposes and for tax administration. For the purpose of conducting aggregate statistical analyses on the impact of Armed Forces personnel of actual changes in the tax laws and to conduct aggregate statistical analyses to life stream earnings of current and former military personnel to be used in studying the comparability of civilian and military pay benefits. To aid in administration of Federal Income Tax laws and regulations, to identify non-compliance and delinquent filers.

O. To the Department of Health and Human Services (DHHS):

(1) Office of the Inspector General, DHHS for the purpose of identification and investigation of DoD civilian employees and Armed Forces members who may be improperly receiving funds under the Temporary Assistance for Needy Families (TANF);

(2) Office of Child Support Enforcement, Federal Parent Locator Service, DHHS, pursuant to 42 U.S.C. 653 and 653a; to assist in locating individuals for the purpose of establishing parentage; establishing, setting the amount of, modifying, or enforcing child support obligations; or enforcing child custody or visitation orders; and as authorized by E.O. 12953 to facilitate the enforcement of child support owed by delinquent obligors within the entire civilian Federal government and the Uniformed Services (active and retired). Identifying delinquent obligors will allow State Child Support Enforcement agencies to commence wage withholding or other enforcement actions against the obligors.

Note 1: Information requested by DHHS is not disclosed when it would contravene U.S. national policy or security interests (42 U.S.C. 653(e)).

Note 2: Quarterly wage information is not disclosed for those individuals performing intelligence or counter intelligence functions and a determination is made that disclosure could endanger the safety of the individual or compromise an ongoing investigation or intelligence mission (42 U.S.C. 653(n));

(3) Health Care Financing Administration (HCFA), DHHS for the purpose of monitoring HCFA reimbursement to civilian hospitals for Medicare patient treatment. The data will ensure no DoD physicians, interns, or residents are counted for HCFA reimbursement to hospitals;

(4) Centers for Disease Control and the National Institutes of Mental Health, DHHS, for the purpose of conducting studies concerned with the health and well-being of Uniformed Services personnel or veterans, to include family members;

(5) To conduct computer matching programs regulated by the Privacy Act of 1974, as amended (5 U.S.C. 552a), for the Public Assistance Reporting Information System (PARIS) for the purpose of determining continued eligibility and help eliminate fraud and abuse in benefit programs by identifying individuals who are receiving Federal compensation or pension payments and also are receiving payments pursuant to Federal benefit programs being administered by the States.

P. To State public assistance agencies administering Federal benefit programs, including those States agencies participating in PARIS or a successor system facilitated by the DHHS or its components, to conduct matching programs for the purpose of determining or verifying eligibility to receive public assistance benefits and, if ineligible, to take such action as may be authorized by law and regulation.

Q. To the Social Security Administration (SSA) components, including the:

(1) Office of Research and Statistics for the purpose of: (a) Conducting statistical analyses of impact of military service and use of GI Bill benefits on long-term earnings; or (b) Obtaining current earnings data on individuals voluntarily leaving military service or DoD civil employment so analytical personnel studies regarding pay, retention and benefits may be conducted.

Note 3: Earnings data obtained from the SSA and used by DoD does not contain any information identifying the individual about whom the earnings data pertains;

(2) Bureau of Supplemental Security Income, to conduct computer matching programs regulated by the Privacy Act of 1974, as amended (5 U.S.C. 552a) for the purpose of verifying information provided to the SSA by applicants and recipients/beneficiaries, who are retired members of the Uniformed Services or their survivors, for Supplemental Security Income (SSI) or Special Veterans' Benefits (SVB). By law (42 U.S.C. 1006 and 1383), the SSA is required to verify eligibility factors and other relevant information provided by the SSI or SVB applicant from independent or collateral sources and obtain additional information as necessary before making SSI or SVB determinations of eligibility, payment, entitlement, or benefit amounts, or adjustments thereto;

(3) Client Identification Branch for the purpose of validating the assigned SSN for individuals in DoD personnel and pay files, using the SSA Enumeration Verification System (EVS); and

(4) The Office of Disability and Insurance Security Programs, for the purpose of expediting disability processing of wounded military service members and veterans.

R. To the Selective Service System (SSS) for the purpose of facilitating compliance of members and former members of the Armed Forces, both active and reserve, with the provisions of the Selective Service registration regulations (50 U.S.C. App. 451 and E.O. 11623).

S. To the Department of Labor (DOL) to reconcile the accuracy of unemployment compensation payments made to former DoD civilian employees and members of the Uniformed Services by the states. To the DOL to survey Armed Forces separations to determine the effectiveness of programs assisting veterans to obtain employment.

T. To Federal and Quasi Federal agencies, territorial, state, and local governments to support personnel functions requiring data on prior Armed Forces service credit for their employees or for job applicants. Information released includes name, SSN, and military or civilian address of individuals. To detect fraud, waste and abuse pursuant to the authority contained in the Inspector General Act of 1978, as amended (Pub. L. 95-452) for the purpose of determining eligibility for, and/or continued compliance with, any Federal benefit program requirements.

U. To state and local law enforcement investigative agencies to obtain military history information for the purpose of ongoing investigations.

V. To Federal and Quasi Federal agencies, territorial, state and local governments, and contractors and grantees for the purpose of supporting research studies concerned with the health and well-being of Uniformed Service and retired personnel or veterans, to include family members. DMDC will disclose information from this system of records for research purposes when DMDC; (1) Determines the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (2) Determines the research purpose cannot be reasonably accomplished unless the record is provided in individually identifiable form, and warrants the risk to the privacy of the individual that additional exposure of the record might bring; (3) requires the recipient to establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, and remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining such information, and makes no further use or disclosure of the record except (A) in emergency circumstances affecting the health or safety of any individual, (B) for use in another research project, under these same conditions, and with written authorization of the Department, (C) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information enabling research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (D) when required by law; (4) secures a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.

W. To Federal and State agencies for purposes of obtaining socioeconomic information on Armed Forces personnel so analytical studies can be conducted with a view to assessing the present needs and future requirements of such personnel.

X. To Federal and state agencies for purposes of validating demographic data ( e.g., Social Security Number, citizenship status, date and place of birth, etc.) for individuals in Uniformed Service personnel and pay files so accurate information is available in support of Uniformed Service requirements.

Y. To the Bureau of Citizenship and Immigration Services, Department of Homeland Security, for purposes of facilitating the verification of individuals possibly eligible for expedited naturalization (Pub. L. 108-136, Section 1701, and E.O. 13269, Expedited Naturalization).

Z. To the Department of Education, to conduct computer matching programs regulated by the Privacy Act of 1974, as amended (5 U.S.C. 552a), for the purpose of: (1) Identifying dependent children of those Armed Forces members who died as a result of performing military service in Iraq or Afghanistan after September 11, 2001, and therefore, may be eligible for increased amounts of Federal student assistance under the Higher Education Act of 1965, as amended (HEA), including sections 473(b) and 420R of the HEA; possible benefits; or (2) identifying service members deployed to areas that qualify them for imminent danger pay (IDP) or hostile fire pay (HFP) for benefit eligibility determinations and related notifications concerning no-interest accrual benefits on qualifying student loans made under Title IV of the HEA. for the period of time they received IDP or HFP pay; and (3) eligibility determinations for service members to receive any educational benefits consistent with the Higher Education Act of 1965, as amended, including, but not limited to, military loan deferment (20 U.S.C. 1087a et seq. ), and forgiveness under the Public Service Loan Forgiveness Program (20 U.S.C. 1087e et seq. ).

AA. To other Federal Agencies or non-Federal agencies for the purpose of conducting computer matching programs regulated by the Privacy Act of 1974, as amended (5 U.S.C. 552a for the purpose of establishing or verifying the eligibility of, or continuing compliance with statutory and regulatory requirements by, applicants for, recipients or beneficiaries of, participants in, or providers of services with respect to, cash or in-kind assistance or payments under Federal benefit programs, or recouping payments or delinquent debts under such Federal benefit programs.

Note 4: Military drug test information involving individuals participating in a drug abuse rehabilitation program shall be confidential and disclosed only for the purposes and under the circumstances expressly authorized in 42 U.S.C. 290dd-2. This statute takes precedence over the Privacy Act of 1974, in regard to accessibility of such records except to the individual to whom the record pertains.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:

Records may be stored electronically. The records may be stored on magnetic disc, tape, or digital media; in agency-owned cloud environments; or in vendor Cloud Service Offerings certified under the Federal Risk and Authorization Management Program (FedRAMP).

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:

Records may be retrieved by name, SSN, DoD ID number, occupation, or any other data element contained in system.

POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:

Records are retained as follows: (1) Input/source records are deleted or destroyed after data have been entered into the master file or when no longer needed for operational purposes, whichever is later. Exception: Apply NARA-approved disposition instructions to the data files residing in other DMDC data bases; (2) The Master File is retained permanently. At the end of the fiscal year, a snapshot is taken and transferred to the National Archives in accordance with 36 CFR part 1228.270 and 36 CFR part 1234; (3) Output records (electronic or paper summary reports) are deleted or destroyed when no longer needed for operational purposes. Note: This disposition instruction applies only to record keeping copies of the reports retained by DMDC. The DoD office requiring creation of the report should maintain its record keeping copy in accordance with NARA approved disposition instructions for such reports; (4) System documentation (codebooks, record layouts, and other system documentation) are retained permanently and transferred to the National Archives along with the master file in accordance with 36 CFR part 1228.270 and 36 CFR part 1234.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:

The DoD safeguards records in this system of records according to applicable rules, policies, and procedures, including all applicable DoD automated systems security and access policies. DoD policies require the use of controls to minimize the risk of compromise of personally identifiable information (PII) in paper and electronic form and to enforce access by those with a need to know and with appropriate clearances. Additionally, the DoD established security audit and accountability policies and procedures which support the safeguarding of PII and detection of potential PII incidents. The DoD routinely employs safeguards such as the following to information systems and paper recordkeeping systems: Multifactor log-in authentication including Common Access Card (CAC) authentication and password; Secret internet Protocol Router ((SIPR) token as required); physical and technological access controls governing access to data; network encryption to protect data transmitted over the network; disk encryption securing disks storing data; key management services to safeguard encryption keys; masking of sensitive data as practicable; mandatory information assurance and privacy training for individuals who will have access; identification, marking, and safeguarding of PII; physical access safeguards including multifactor identification physical access controls, detection and electronic alert systems for access to servers and other network infrastructure; and electronic intrusion detection systems in DoD facilities.

With respect to Armed Forces drug testing records: No personal identifiers will be included in the demographic data reports. All requests for Service-specific drug testing demographic data will be approved by the Service-designated drug testing program office. All requests for DoD-wide drug testing demographic data will be approved by the DoD Coordinator for Drug Enforcement Policy and Support, 1510 Defense Pentagon, Washington, DC 20301-1510.

RECORD ACCESS PROCEDURES:

Individuals seeking access to their records should address written inquiries to the Office of the Secretary of Defense/Joint Staff Freedom of Information Act Requester Service Center, 1155 Defense Pentagon, Washington, DC 20301-1155; Requester Service Center website: https://www.esd.whs.mil/FOID. Signed written requests should contain the name and number of this system of records notice along with full name, SSN, date of birth, current address, and telephone number of the individual and be signed. In addition, the requester must provide either a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the appropriate format:

If executed outside the United States: “I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature).”

If executed within the United States, its territories, possessions, or commonwealths: “I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature).”

Attorneys or other persons acting on behalf of an individual must provide written authorization from the individual for their representative to act on their behalf.

CONTESTING RECORD PROCEDURES:

The DoD rules for accessing records, contesting contents and appealing initial Component determinations are contained in 32 CFR part 310; or may be obtained from the system manager.

NOTIFICATION PROCEDURES:

Individuals seeking to determine whether information about themselves is contained in this system of records should follow the instructions for Record Access Procedures above.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:

None.

HISTORY:

November 23, 2011, 76 FR 72391; February 27, 2019, 84 FR 6383; March 11, 2019, 84 FR 8698.