Skip to content
LexBuild

Privacy Act of 1974; System of Records 

---
identifier: "/us/fr/2023-12022"
source: "fr"
legal_status: "authoritative_unofficial"
title: "Privacy Act of 1974; System of Records"
title_number: 0
title_name: "Federal Register"
section_number: "2023-12022"
section_name: "Privacy Act of 1974; System of Records"
positive_law: false
currency: "2023-06-06"
last_updated: "2023-06-06"
format_version: "1.1.0"
generator: "[email protected]"
agency: "State Department"
document_number: "2023-12022"
document_type: "notice"
publication_date: "2023-06-06"
agencies:
  - "State Department"
fr_citation: "88 FR 37119"
fr_volume: 88
docket_ids:
  - "Public Notice: 12089"
fr_action: "Notice of a modified system of records."
---

#  Privacy Act of 1974; System of Records

**AGENCY:**

Department of State.

**ACTION:**

Notice of a modified system of records.

**SUMMARY:**

The information collected and maintained in Human Resources Records is in keeping with the Department's mission to document all processes associated with individual employment histories and career progression; to ensure that all employees and potential employees have equal employment opportunities; and to make personnel management determinations about employees throughout their Federal careers.

**DATES:**

In accordance with 5 U.S.C. 552a(e)(4) and (11), this system of records notice (SORN) is effective upon publication, with the exception of the routine uses (Y), (Z), (AA), (BB), (CC), (DD), (EE), (FF), and (GG) that are subject to a 30-day period during which interested persons may submit comments to the Department. Please submit any comments by July 6, 2023.

**ADDRESSES:**

Questions can be submitted by mail, email, or by calling Eric F. Stein, the Senior Agency Official for Privacy on (202) 485-2051. If mail, please write to: U.S Department of State; Office of Global Information Systems, A/GIS; Room 4534, 2201 C St. NW; Washington, DC 20520. If email, please address the email to the Senior Agency Official for Privacy, Eric F. Stein, at *[email protected].* Please write “Human Resources Records, State-31” on the envelope or the subject line of your email.

**FOR FURTHER INFORMATION CONTACT:**

Eric F. Stein, Senior Agency Official for Privacy; U.S. Department of State; Office of Global Information Services, A/GIS; Room 4534, 2201 C St. NW; Washington, DC 20520 or by calling on (202) 485-2051.

**SUPPLEMENTARY INFORMATION:**

This notice is being modified to reflect the Department's move to cloud storage, new OMB guidance, additional authorities, and to incorporate data collection by additional Bureaus and overseas posts within the Department ( *e.g..,* Regional and Functional Bureaus). The modified system of records notice includes revisions and additions to the following sections: Authority for Maintenance of the System; Routine Uses of Records Maintained in the System; Categories of Individuals Covered by the System; Purpose(s) of the System; Administrative, Technical, and Physical Safeguards; and Record Access Procedures. In addition, the Department is taking this opportunity to make minor administrative updates to the notice in the following sections: Summary; Addresses; For Further Information Contact; Supplementary Information; System Location; System Manager; Record Source Categories; Policies and Practices for Retrieval of Records; Policies and Practices for Retention and Disposal of Records; Contesting Record Procedures; and Notification Procedures.

**SYSTEM NAME AND NUMBER:**

Human Resources Records, State-31.

**SECURITY CLASSIFICATION:**

Unclassified and Classified.

**SYSTEM LOCATION:**

Department of State, 2201 C Street NW, Washington, DC 20520; State Annex 01, 2401 E Street NW, Washington, DC 20037; State Annex 03, 2121 Virginia Avenue NW, Washington, DC 20037; State Annex 44, 301 4th Street SW, Washington, DC 20547; overseas at U.S. embassies, U.S. consulates general, and U.S. consulates; U.S. missions; and the National Personnel Records Center, 111 Winnebago Street, St. Louis, MO 63118; and the Florida Regional Center (FRC), 4000 North Andrews Ave, Oakland Park, FL 33309, and using a government approved commercial cloud service, implemented and overseen by State Department employees, or within a government cloud provided, implemented, and overseen by the Department's Enterprise Server Operations Center (ESOC), 2201 C Street NW, Washington, DC 20520.

**SYSTEM MANAGER(S):**

The Director General of the Foreign Service and Director of Global Talent Management, and Bureau of Information Resource Management—IRM, Department of State; 2201 C Street NW, Washington, DC 20520, phone: 202-647-4000.

**AUTHORITY FOR MAINTENANCE OF THE SYSTEM:**

22 U.S.C. 2581 (General Authority of Secretary of State); 22 U.S.C. 2651a (Organization of the Department of State); 22 U.S.C. 3901 *et seq.* (Foreign Service Act of 1980) [This SORN is not intended to conflict with, override, or create an exception to the restrictions and prohibitions in Sections 603 and 604 of the Foreign Service Act]; 22 U.S.C. 3921 (Management of the Foreign Service); 22 U.S.C. 4041 (Administration of the Foreign Service Retirement and Disability System); 5 U.S.C. 301-302 (Management of Executive Departments); 22 U.S.C 4081 (Travel and Related Expenses); 31 U.S.C. 901-902 (Agency Chief Financial Officer); E.O. 9397, as amended (Numbering System for Federal Accounts Relating to Individual Persons); E.O. 9830 (Amending the Civil Service Rules and Providing for Federal Personnel Administration); E.O. 12107 (Relating to the Civil Service Commission and Labor-Management in the Federal Service) and successor authorities; and 31 U.S.C. 7701(c)(2) (incorporating by reference 26 U.S.C. 6109) (Taxpayer Identification Number).

**PURPOSE(S) OF THE SYSTEM:**

The information collected and maintained in Human Resources Records is in keeping with the Department's mission to document all processes associated with individual employment histories and career progression; to ensure that all employees and potential employees have equal opportunities; and to make personnel management determinations about employees throughout their Federal careers.

**CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:**

All applicants for employment with the Department of State (including unsuccessful applicants); all current and former Civil Service (CS) and Foreign Service (FS) employees of the Department of State including members of the Senior Executive Service (SES), Senior Foreign Service (SFS), Presidential Appointees, employees under full-time, part-time, intermittent, temporary, and limited appointments; all current and former Locally Employed (LE) Staff, [as defined in 3 FAM 7120] or [defined as individuals hired under the local compensation plan at a U.S. mission abroad under Chief of Mission authority, or at an office of the American Institute in Taiwan, and employed on a Foreign Service National direct hire appointment, Department of State Personal Services Agreement (PSA) or Personal Services Contract (PSC), or an employing agency's specific direct hire, PSA, or PSC authority]; anyone serving in an advisory capacity (compensated and uncompensated); other agency employees on detail to the Department of State; former Foreign Service Reserve Officers; applicants for potential employment; student applicants for internships, Presidential Management Fellows, Foreign Affairs Fellowship Program Fellows, student interns and other student summer hires, Pathways student employees; and prospective alien spouses and cohabitants of Department of State employees.

**CATEGORIES OF RECORDS IN THE SYSTEM:**

Categories of records may include identifying information, such as, but not limited to, name, date of birth, home  address, mailing and email addresses, numeric identifier (such as employee identification number, SGID, or Social Security number/host country identification number) and telephone numbers. Types of files include documents relating to class action lawsuits, annuitants under the Foreign Service Retirement and Disability System and the Foreign Service Pension System as well as Civil Service and LE Staff annuitants, prospective alien spouses and cohabitants of Department employees, employees who apply for their spouses or children to be expeditiously naturalized, employees detailed or seconded to international organizations, Foreign Service personnel separated for cause; official personnel files; documents relating to merit promotions, recruitment and employment, employee relations, career development and counseling, performance, conduct, suitability, and discipline, Foreign Service promotion and Permanent Change of Station (PCS) travel. These records may contain any documents not otherwise stated relating to employment, to include, but not limited to, hiring, employment and separation from the Department.

**RECORD SOURCE CATEGORIES:**

These records contain information obtained directly from the individual who is the subject of these records, previous employers, supervisors, Foreign Service inspectors, any/all offices within the Bureau of Global Talent Management (counselors, placement officers, and personnel technicians), other bureaus (administrative/executive officers, personnel and payroll offices, security, medical, and legal), reports of the Board of Examiners of the Foreign Service, Foreign Service Employee Evaluation Reports and Selection Board findings, the Foreign Service Institute, colleges, universities, Armed Forces academic institutions, contractors responsible for administration of the Foreign Service written examination, and other authorized agencies administering pre-employment tests, Office of Personnel Management and other Federal agencies, officials of foreign governments, contractors and vendors responsible for administration of benefits/taxes for LE Staff under a post's local compensation plan, prospective alien spouses of Foreign Service employees; grievance staff and appeals boards, affidavits and testimony of witnesses, and from commercial recruitment and employment systems managed on behalf of the Department of State by private vendors.

**ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:**

Records may be disclosed:

A. To consulting services that provide information about available aids, devices and methods of accommodating employees with disabilities;

B. To the Office of Personnel Management for its government-wide personnel management functions such as pay, benefits, and retirement deductions or other relevant personnel processes;

C. To other Federal agencies, state governments, foreign governments and international organizations where employees are being considered for detail, assignment or secondment;

D. To academic institutions to which Department employees may be assigned for long-term training;

E. To any member of an agency's Performance Review Board or other panel when the member is not an official of the employing agency. Information would then be used for approving or recommending selection of candidates for executive development or Senior Executive Service (SES) candidate programs, issuing a performance rating of record, issuing performance awards, nominating for meritorious and distinguished executive ranks, removal, reduction in grade, and other personnel actions based on performance;

F. To attorneys, union representatives or other persons designated by employees in writing to represent them in complaints, grievance, appeal, or litigation cases;

G. To attorneys providing legal services to posts with respect to LE Staff personnel matters;

H. To requestors in determining a former spouse's entitlement to benefits and other inquiries related to retirement benefits;

I. To the President of the United States, the Executive Office of the President and legislative and appropriations committees of the U.S. Congress charged with consideration of legislation and appropriations for the Foreign Service, or representatives duly authorized by such committees;

J. To labor organization officials when such information is relevant to personnel policies affecting employment conditions and necessary for exclusive representation by the labor organization;

K. To officials of foreign governments and other U.S. government agencies for clearance before a Federal employee is assigned to that country as well as for the procurement of necessary services for American personnel assigned overseas, such as permits of free entry and identity cards;

L. To officials of foreign governments, for the administration of benefits, taxes, and other personnel matters for LE Staff and to respond to requests from the host government for the names and addresses of LE Staff, if the chief of mission has determined that this information should be released;

M. To the Department of Labor, Department of Veterans Affairs, Social Security Administration, Department of Defense, or any other Federal agencies that have special civilian employee retirement and disability programs; or to a national, state, county, municipal, or other publicly recognized income administration agency ( *e.g.* State unemployment compensation agencies), when necessary to adjudicate a claim under the retirement, insurance, unemployment or health benefits programs of the Department or an agency cited above, or to an agency to conduct an analytical study or audit of benefits being paid under such programs. For LE Staff this includes host country national, state, or local agencies, as applicable;

N. To the Office of Federal Employees Group Life Insurance, information necessary to verify election, declination, or waiver of regular and/or optional life insurance coverage, or eligibility for payment of a claim for life insurance;

O. To health insurance carriers contracting with the Federal government to provide a health benefits plan under the Federal Employees Health Benefits Program or, for LE Staff, under a post's local compensation plan, information necessary to identify enrollment in a plan, to verify eligibility for payment of a claim for health benefits, or to carry out the coordination or audit of benefit provisions of such contracts;

P. To any person who is responsible for the care of an individual to whom a record pertains who is mentally incompetent or under other legal disability. Information in the individual's record may be disclosed to said person to the extent necessary to assure payment of benefits to which the individual is entitled;

Q. To public and private organizations, including news media, which grant or publicize employee recognition to consider and select employees for incentive awards and other honors and to publicize awards and honors granted;

R. To the Department of Justice in connection with proceedings before a court, adjudicative body, or other administrative body when any of the following is a party to litigation or has  an interest in such litigation and the Department of State determines that the use of such records is arguably relevant and necessary to the litigation of (1) the Department of State or any component thereof, (2) any employee of the Department of State in his or her official capacity, (3) any employee of the Department of State in his or her individual capacity where the Department of Justice or the Department of State has agreed to represent the employee, or (4) the United States, when the Department of State determines that litigation is likely to affect the Department of State or any of its components;

S. To the parties when implementing court decisions and/or terms of settlement agreements reached by the parties;

T. To the courts when preparing reports to the courts in compliance with monitoring requirements;

U. In response to an order from a court or an administrative body directing the production of personnel records (including, but not limited to the Equal Employment Opportunity Commission, the Foreign Service Grievance Board and the Merit Systems Protection Board);

V. To other Government agencies and private organizations, institutions or individuals to verify employment, to process security clearances/security certifications and to request record or credit checks;

W. To provide an official of another Federal agency information needed in the performance of official duties in support of the functions for which the records were collected and maintained;

X. To disclose information to Equal Employment Opportunity (EEO) counselors and EEO investigators in connection with EEO complaints and to the Equal Employment Opportunity Commission when requested in connection with investigations of alleged or possible discrimination practices in the Federal sector, examination of Federal affirmative employment programs, compliance by Federal agencies with the Uniform Guidelines on Employee Selection Procedures, or other functions vested in the Commission;

Y. To the Department of Labor's Office of Workers' Compensation programs or officials of a foreign government relating to benefits under the Federal Employees Compensation Act or a host country workers' compensation program; and

Z. To the news media and the public when a matter involving the Department of State has become public knowledge; the Under Secretary for Management determines that in response to the matter in the public domain, disclosure is necessary to provide an accurate factual record on the matter; and the Under Secretary for Management determines that there is a legitimate public interest in the information disclosed.

AA. To appropriate agencies, entities, and persons when (1) the Department of State suspects or has confirmed that there has been a breach of the system of records; (2) the Department of State has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Department of State (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department of State efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

BB. To another Federal agency or Federal entity, when the Department of State determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

CC. To a contractor of the Department having need for the information in the performance of the contract, but not operating a system of records within the meaning of 5 U.S.C. 552a(m).

DD. To a vendor or third-party agent providing or administering benefits for LE Staff under a post's local compensation plan.

EE. To an agency, whether federal, state, local or foreign, where a record indicates a violation or potential violation of law, whether civil, criminal or regulatory in nature, and whether arising by general statute or particular program statute, or by regulation, rule or order issued pursuant thereto, so that the recipient agency can fulfill its responsibility to investigate or prosecute such violation or enforce or implement the statute, rule, regulation, or order.

FF. To the Federal Bureau of Investigation, the Department of Homeland Security, the National Counter-Terrorism Center (NCTC), the Terrorist Screening Center (TSC), or other appropriate federal agencies, for the integration and use of such information to protect against terrorism, if that record is about one or more individuals known, or suspected, to be or to have been involved in activities constituting, in preparation for, in aid of, or related to terrorism. Such information may be further disseminated by recipient agencies to Federal, State, local, territorial, tribal, and foreign government authorities, and to support private sector processes as contemplated in Homeland Security Presidential Directive/HSPD-6 and other relevant laws and directives, for terrorist screening, threat-protection, and other homeland security purposes.

GG. To a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.

HH. To a court, adjudicative body, or administrative body before which the Department is authorized to appear when (a) the Department; (b) any employee of the Department in his or her official capacity; (c) any employee of the Department in his or her individual capacity where the U.S. Department of Justice (“DOJ”) or the Department has agreed to represent the employee; or (d) the Government of the United States, when the Department determines that litigation is likely to affect the Department, is a party to litigation or has an interest in such litigation, and the use of such records by the Department is deemed to be relevant and necessary to the litigation or administrative proceeding.

II. To the Department of Justice (“DOJ”), including any counsel retained by DOJ for foreign litigation, for its use in providing legal advice to the Department or in representing the Department in a proceeding before a court, adjudicative body, or other administrative body before which the Department is authorized to appear, where the Department deems DOJ's use of such information relevant and necessary to the litigation, and such proceeding names as a party or interests:

○ The Department or any component of it;

○ Any employee of the Department in his or her official capacity;

○ Any employee of the Department in his or her individual capacity where DOJ has agreed to represent the employee; or

○ The Government of the United States, where the Department determines that litigation is likely to affect the Department or any of its components.

JJ. To the National Archives and Records Administration and the General Services Administration for records management inspections, surveys and  studies; following transfer to a Federal records center for storage; and to determine whether such records have sufficient historical or other value to warrant accessioning into the National Archives of the United States.

The Department of State periodically publishes in the *Federal Register* its standard routine uses that apply to all of its Privacy Act systems of records. These notices appear in the form of a Prefatory Statement (published in Volume 73, Number 136, Public Notice 6290, on July 15, 2008). All these standard routine uses apply to Human Resources Records, State-31.

**POLICIES AND PRACTICES FOR STORAGE OF RECORDS:**

Records are stored both in hard copy and on electronic media. A description of standard Department of State policies concerning storage of electronic records is found at *https://fam.state.gov/FAM/05FAM/05FAM0440.html.* All hard copies of records containing personal information are maintained in secured file cabinets in restricted areas, access to which is limited to authorized personnel only.

**POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:**

Records in Human Resources Records, State-31 are retrieved by an individual name and numeric identifier.

**POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS:**

Human resources records are retained from within 180 days of an appointment to permanently. Records are retired and destroyed in accordance with published Department of State Records Disposition Schedules as approved by the National Archives and Records Administration (NARA) and outlined at *https://foia.state.gov/Learn/RecordsDisposition.aspx.* More specific information may be obtained by writing to the following address: U.S. Department of State; Director, Office of Information Programs and Services; A/GIS/IPS; 2201 C Street NW; Room B-266; Washington, DC 20520.

**ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:**

All users are given cyber security awareness training which covers the procedures for handling Sensitive but Unclassified information, including personally identifiable information (PII). Annual refresher training is mandatory. In addition, all Department OpenNet network users are required to take the Foreign Service Institute distance learning course instructing employees on privacy and security requirements, including the rules of behavior for handling PII and the potential consequences if it is handled improperly. Before being granted access to Human Resources Records, a user must first be granted access to the Department of State computer network.

Department of State employees and contractors may remotely access this system of records using non-Department-owned information technology. Such access is subject to approval by the Department's mobile and remote access program and is limited to information maintained in unclassified information systems. Remote access to the Department's information systems is configured in compliance with OMB Circular A-130 multifactor authentication requirements and includes a time-out function. All Department of State employees and contractors with authorized access to records maintained in this system of records have undergone a thorough background security investigation. Access to the Department of State, its annexes, and posts abroad is controlled by security guards and admission is limited to those individuals possessing a valid identification card or individuals under proper escort. Access to computerized files is password-protected and under the direct supervision of the system manager. The system manager has the capability of printing audit trails of access from the computer media, thereby permitting regular and ad hoc monitoring of computer usage. When it is determined that a user no longer needs access, the user account is disabled.

The safeguards in the following paragraphs apply only to records that are maintained in government-certified cloud systems. All cloud systems that provide IT services and process Department of State information must be specifically authorized by the Department of State Authorizing Official and Senior Agency Official for Privacy.

Information that conforms with Department-specific definitions for Federal Information Security Modernization Act (FISMA) low, moderate, or high categorization are permissible for cloud usage and must specifically be authorized by the Department's Cloud Program Management Office and the Department of State Authorizing Official. Specific security measures and safeguards will depend on the FISMA categorization of the information in a given cloud system. In accordance with Department policy, systems that process more sensitive information will require more stringent controls and review by Department cybersecurity experts prior to approval. Prior to operation, all Cloud systems must comply with applicable security measures that are outlined in FISMA, FedRAMP, OMB regulations, National Institute of Standards and Technology's (NIST) Special Publications (SP) and Federal Information Processing Standards (FIPS) and Department of State policies and standards.

All data stored in cloud environments categorized above a low FISMA impact risk level must be encrypted at rest and in-transit using a federally-approved encryption mechanism. The encryption keys shall be generated, maintained, and controlled in a Department data center by the Department key management authority. Deviations from these encryption requirements must be approved in writing by the Department of State Authorizing Official. High FISMA impact risk level systems will additionally be subject to continual auditing and monitoring, multifactor authentication mechanism utilizing Public Key Infrastructure (PKI) and NIST 800 53 controls concerning virtualization, servers, storage and networking, as well as stringent measures to sanitize data from the cloud service once the contract is terminated.

**RECORD ACCESS PROCEDURES:**

Individuals who wish to gain access to or to amend records pertaining to themselves should write to U.S. Department of State; Director, Office of Information Programs and Services;A/GIS/IPS; 2201 C Street NW; Room B-266; Washington, DC 20520. The individual must specify that he or she wishes the Human Resources Records to be checked. At a minimum, the individual must include: full name (including maiden name, if appropriate) and any other names used; current mailing address and zip code; date and place of birth; notarized signature or statement under penalty of perjury; a brief description of the circumstances that caused the creation of the record (including the city and/or country and the approximate dates) which gives the individual cause to believe that the Human Resources Records include records pertaining to the individual. Detailed instructions on Department of State procedures for accessing and amending records can be found at the Department's FOIA website located at *https://foia.state.gov/Request/Guide.aspx.*

**CONTESTING RECORD PROCEDURES:**

Individuals who wish to contest record procedures should write to U.S. Department of State; Director, Office of Information Programs and Services; A/GIS/IPS; 2201 C Street NW; Room B-266; Washington, DC 20520.

**NOTIFICATION PROCEDURES:**

Individuals who have reason to believe that this system of records might have records pertaining to them may write to the U.S. Department of State; Director; Office of Information Programs and Services, A/GIS/IPS; 2201 C Street NW; Room B-266; Washington, DC 20520. The individual must specify that he or she wishes the Human Resources Records to be checked. At a minimum, the individuals must include: full name (including maiden name, if appropriate) and any other names used; current mailing address and zip code; date and place of birth; notarized signature or statement under penalty of perjury; a brief description of the circumstances that caused the creation of the record (including the city and/or country and the approximate dates) which gives the individual cause to believe that the Human Resources Records include records pertaining to the individual.

**EXEMPTIONS PROMULGATED FOR THE SYSTEM:**

Pursuant to 5 U.S.C. 552a(k)(1), subject to the provisions of section 552(b)(1), records are exempted from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f) to protect material required to be kept Secret. Pursuant to 5 U.S.C. 552a(k)(4), records contained within this system that are maintained solely for statistical purposes are also exempted from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f). Pursuant to 5 U.S.C. 552a(k)(5) and (k)(7), certain records contained within this system contain confidential source information and are exempted from 5 U.S.C. 552a (c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f). Pursuant to 5 U.S.C. 552a(k)(6), records that contain testing or examination material, the release of which may compromise testing or examination procedures, are also exempted from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f). See Department of State Rules published in 22 CFR 171.

**HISTORY:**

Human Resources Records, State-31, was previously published at 78 FR 43258.

Eric F. Stein,

Deputy Assistant Secretary, Global Information Services (A/GIS), Department of State.