SYSTEM NAME:
Information Technology and Control Records (March 03, 2008, 73 FR 11400)
SYSTEM LOCATION:
Headquarters United States Strategic Command (USSTRATCOM), Command Information Assurance (IA) Branch (J672), 901 SAC Boulevard, Offutt Air Force Base, NE 68113-6600.
CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
Military, civilian employees, contractor personnel, and individuals (to include foreign nationals) requiring access to Department of Defense information and information systems.
CATEGORIES OF RECORDS IN THE SYSTEM:
System contains documents relating to requests for, and grants access to Department of Defense information and information systems, authorizes individuals to perform duties as a privileged user and/or Information Assurance manager, and/or authorizes individuals to bring Portable Electronic Devices (PEDs) into the Command. Records may contain the individuals name; partial Social Security Number (last four-digits); electronic mail address; work telephone numbers; office symbol; contractor/employee status; computer logon address, user identification codes; types of access/permissions required; verification of need-to-know; dates of mandatory information assurance awareness training; types of duties performed; commercial certifications held; and/or security clearance data.
AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
5 U.S.C. 301, Departmental Regulations; 5 U.S.C. 302, Delegation of Authority; 10 U.S.C. 133, Under Secretary of Defense for Acquisition and Technology; 10 U.S.C. 2224, Defense Information Assurance Program; 18 U.S.C. 1029 and 1030, Fraud and Related Activity in Connection with Access Devices and Computers; 44 U.S.C. 3536, National Security Systems; E.O. 10450 Security Requirements for Government Employees, as amended; Department of Department Instruction (DODI)8500.2, Information Assurance (IA) Implementation, 6 February 2003; Chairman Joint Chiefs of Staff Manual (CJCSM) 6510.01, Defense-In-Depth: Information Assurance (IA) And Computer Network Defense (CND), 25 March 03; Department of Defense Directive (DODD) 8570.1, Information Assurance Training, Certification, and Workforce Management, 15 August 2004; and E.O. 9397 (SSN).
PURPOSE(S):
To control and track access to Department of Defense-controlled information and information systems and/or to authorize use of Portable Electronic Devices (PEDs) within the Command. Records may also be used by law enforcement officials to identify the occurrence of and assist in the prevention of computer misuse and/or crime. Statistical data, with all personal identifiers removed, may be used by management for system efficiency, workload calculations, or reporting purposes.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, these records, or information contained herein, may be specifically disclosed outside the Department of Defense as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
The Department of Defense `Blanket Routine Uses' published at the beginning of the Air Force's compilation of systems of records notices apply to this system.
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE:
Paper records in file folders and electronic storage media.
RETRIEVABILITY:
Individuals name, Social Security Number (SSN), assigned user identification (I.D.) code, and/or system identification designator.
SAFEGUARDS:
The Command Information Assurance Manager, Headquarters United States Strategic Command (USSTRATCOM/J672), has full access to the information system file. Records are stored and kept in an area cleared for open storage of classified material. Paper records (completed forms) are kept in file cabinets located in a secure area and building under armed guard control and patrols 24-hours per day. Electronic records are stored on computer systems employing software programs and a Computer Network Defense Service Provider that monitor network traffic to identify unauthorized attempts to upload or change information. Access to computer systems is password and/or Public Key Infrastructure controlled. The building is under armed guard control, video camera monitoring, and patrols 24-hours per day.
RETENTION AND DISPOSAL:
Records are retained as long as the individual has access to USSTRATCOM information systems, and/or no longer needed for administrative, legal, audit, or other operational purposes. Records relating to contractor access are destroyed 3 years after contract completion or deletion. Paper records are disposed of using a Government-approved shredder; computer records are sanitized in accordance with Department of Defense remanence security policies.
SYSTEM MANAGER(S) AND ADDRESS:
Chief, Information Assurance Branch, Headquarters United States Strategic Command (USSTRATCOM/J672), 901 SAC Blvd, Offutt AFB NE 68113-6600.
NOTIFICATION PROCEDURE:
Individuals seeking access to information about themselves contained in this system should address written inquiries to Chief, Information Assurance Branch, USSTRATCOM/J672, 901 SAC Blvd, Offutt AFB NE 68113-6600.
Inquiries should contain the individuals full name, mailing address, and bear the signature of the requester.
Individuals may visit the Information Assurance Branch (USSTRATCOM/J672), 901 SAC Blvd, Offutt AFB NE 68113-6600, to view their record(s). The system manager will assist these individuals.
RECORD ACCESS PROCEDURES:
An individual seeking to determine whether information about themselves is contained in this system should address written inquiries to Chief, Information Assurance Branch, USSTRATCOM/J672, 901 SAC Blvd, Offutt AFB NE 68113-6600.
Inquiries should contain the individuals full name, mailing address, and bear the signature of the requester.
Individuals may visit the Information Assurance Branch (USSTRATCOM/J672), 901 SAC Blvd, Offutt AFB NE 68113-6600, to view their record(s). The system manager will assist these individuals.
CONTESTING RECORD PROCEDURES:
The Air Force rules for accessing records, and for contesting contents and appealing initial agency determinations are published in Air Force Instruction 33-332, Privacy Act Program; 32 CFR Part 806b; or may be obtained from the system manager.
RECORD SOURCE CATEGORIES:
Contents of the records are obtained from the individual about whom the record pertains, from supervisors of personnel, the individuals Information Assurance Officer or Manager, and/or security manager.
EXEMPTIONS CLAIMED FOR THE SYSTEM:
Information specifically authorized to be classified under E.O. 12958, as implemented by DoD 5200.1-R, may be exempt pursuant to 5 U.S.C. 552a(k)(1).
Investigatory material compiled for law enforcement purposes may be exempt pursuant to 5 U.S.C. 552a(k)(2). However, if an individual is denied any right, privilege, or benefit for which he would otherwise be entitled by Federal law or for which he would otherwise be eligible, as a result of the maintenance of such information, the individual will be provided access to such information except to the extent that disclosure would reveal the identity of a confidential source.
An exemption rule for this system has been promulgated in accordance with requirements of 5 U.S.C. 553(b)(1), (2), and (3), (c) and (e) and published in 32 CFR part 701, subpart G. For additional information contact the system manager.
FEDERAL REGISTER HISTORY: