09-25-0036 SYSTEMS LISTING

SYSTEM NAME:

Extramural Awards and Chartered Advisory Committees (IMPAC 2), Contract Information (DCIS), and Cooperative Agreement Information, HHS/NIH.

SECURITY CLASSIFICATION:

None.

SYSTEM LOCATION:

Office of Policy for Extramural Research Administration, Office of Extramural Research, Office of the Director (OD), Rockledge II, Room 2172, 6701 Rockledge Drive, Bethesda, MD 20892.

Office of Federal Advisory Committee Policy, Office of the Director (OD), Building 31, Room 3B-59, 31 Center Drive, Bethesda, MD 20892.

Office of Acquisition Management and Policy, Office of the Director (OD), 6100 Executive Boulevard, Room 6D01, Bethesda, MD 20892.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

Principal investigators; program directors; program and projects staff and others named in the application; National Research Service Awards (NRSA) trainees and fellows; research career awardees; chartered advisory committee members; contractor personnel; subcontractor personnel; and consultants.

CATEGORIES OF RECORDS IN THE SYSTEM:

Funding applications, awards, associated records, trainee appointments, current and historical information pertaining to chartered advisory committees, and past performance information pertaining to contractors.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

5. U.S.C. 301; 42 U.S.C. 217a, 241, 282(b)(6), 284a, and 288. 48 CFR Subpart 15.3 and Subpart 42.15.

PURPOSE(S):

  1. To support centralized grant programs of the Public Health Service. Services are provided in the areas of grant application assignment and referral, initial review, council review, award processing and grant accounting. The database is used to provide complete, accurate, and up-to-date reports to all levels of management.
  2. To maintain communication with former fellows and trainees who have incurred a payback obligation through the National Research Service Award Program.
  3. To maintain current and historical information pertaining to the establishment of chartered advisory committees of the National Institutes of Health and the appointment or designation of their members.
  4. To maintain current and historical information pertaining to contracts awarded by the National Institutes of Health, and performance evaluations on NIH contracts and contracts awarded by other Federal agencies that participate in the NIH Contractor Performance System.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

  1. Disclosure may be made to the National Technical Information Service (NTIS), Department of Commerce, for dissemination of scientific and fiscal information on funded awards (abstract of research projects and relevant administrative and financial data).
  2. Disclosure may be made to the cognizant audit agency for auditing.
  3. Disclosure may be made to a congressional office from the record of an individual in response to an inquiry from the congressional office made at the request of that individual.
  4. Disclosure may be made to qualified experts not within the definition of Department employees as prescribed in Department regulations for opinions as a part of the application review process.
  5. Disclosure may be made to a Federal agency, in response to its request, in connection with the issuance of a license, grant or other benefit by the requesting agency, to the extent that the record is relevant and necessary to the requesting agency's decision in the matter.
  6. Disclosure of past performance information pertaining to contractors may be made to a Federal agency upon request. In addition, routine access to past performance information on contractors will be provided to Federal agencies that subscribe to the NIH Contractor Performance System.
  7. A record may be disclosed for a research purpose, when the Department: (A) has determined that the use or disclosure does not violate legal or policy limitations under which the record was provided, collected, or obtained; (B) has determined that the research purpose (1) cannot be reasonably accomplished unless the record is provided in individually identifiable form, and (2) justifies the risk to the privacy of the individual that additional exposure of the record might bring; (C) has required the recipient to (1) establish reasonable administrative, technical, and physical safeguards to prevent unauthorized use or disclosure of the record, (2) remove or destroy the information that identifies the individual at the earliest time at which removal or destruction can be accomplished consistent with the purpose of the research project, unless the recipient has presented adequate justification of a research or health nature for retaining that information, and (3) make no further use or disclosure of the record except (a) in emergency circumstances affecting the health or safety of any individual, (b) for use in another research project, under these same conditions, and with written authorization of the Department, (c) for disclosure to a properly identified person for the purpose of an audit related to the research project, if information that would enable research subjects to be identified is removed or destroyed at the earliest opportunity consistent with the purpose of the audit, or (d) when required by law; and (D) has secured a written statement attesting to the recipient's understanding of, and willingness to abide by these provisions.
  8. Disclosure may be made to a private contractor or Federal agency for the purpose of collating, analyzing, aggregating or otherwise refining records in this system. The contractor or Federal agency will be required to maintain Privacy Act safeguards with respect to these records.
  9. Disclosure may be made to a grantee or contract institution in connection with performance or administration under the conditions of the particular award or contract.
  10. Disclosure may be made to the Department of Justice, or to a court or other adjudicative body, from this system of records when (a) HHS, or any component thereof; or (b) any HHS officer or employee in his or her official capacity; or (c) any HHS officer or employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the officer or employee; or (d) the United States or any agency thereof where HHS determines that the proceeding is likely to affect HHS or any of its components, is a party to proceeding or has any interest in the proceeding, and HHS determines that the records are relevant and necessary to the proceeding and would help in the effective representation of the governmental party.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Records are stored by name, application, grant or contract ID number, and contractor tax ID number.

RETRIEVABILITY:

Records are retrieved by name, application, grant or contract ID number, and contractor tax ID number.

SAFEGUARDS:

  1. Authorized Users: Employees who maintain records in this system are instructed to grant regular access only to NIH extramural and advisory committee staff, NIH contract management staff, and Federal acquisition personnel. Other one-time and special access by other employees is granted on a need-to-know basis as specifically authorized by the System manager.
  2. Physical Safeguards: Physical access to Office of Extramural Research (OER) work areas is restricted to OER employees. Physical access to the Office of Acquisition and Policy (OAMP) work areas is restricted to OAMP employees. Physical access to Office of Federal Advisory Committee Policy (OFACP) work areas is restricted to OFACP employees. Access to the contractor performance files is restricted through the use of secure socket layer encryption and through an IBM password protection system. Only authorized government contracting personnel are permitted access. Access is monitored and controlled by OAMP.
  3. Procedural Safeguards: Access to source data files is strictly controlled by files staff. Records may be removed from files only at the request of the System manager or other authorized employee. Access to computer files is controlled by the use of registered accounts, registered initials, keywords, and similar limited access systems.

These practices are in compliance with the standards of Chapter 45-13 of the HHS General Administration Manual, "Safeguarding Records Contained in Systems of Records," supplementary Chapter PHS hf: 45-13, and the HHS Automated Information Systems Security Program Handbook.

RETENTION AND DISPOSAL:

Records are retained and disposed of under the authority of the NIH Records Control Schedule contained in NIH Manual Chapter 1743, Appendix 1 - "Keeping and Destroying Records" (HHS Records Management Manual, Appendix B-361), item 4000-A-2, which allows records to be destroyed when no longer needed for administrative purposes. Refer to the NIH Manual Chapter for specific disposition instructions.

SYSTEM MANAGER(S) AND ADDRESS(ES):

For Extramural Awards:

Director, Extramural Information Systems, Division of Grants Compliance and Oversight in the Office of Policy for Extramural Research Administration (OPERA), Office of Extramural Research, Office of the Director (OD), Rockledge II, Room 2172, 6701 Rockledge Drive, Bethesda, MD 20892.

For Chartered Federal Advisory Committees of the National Institutes of Health:

Director, Office of Federal Advisory Committee Policy, Office of the Director, Building 31, Room 3B-59, 31 Center Drive, Bethesda, MD 20892.

For Contracts:

Office of Acquisition Management and Policy, Office of the Director (OD), 6100 Executive Boulevard, Room 6D01, Bethesda, MD 20892.

NOTIFICATION PROCEDURE:

The requester must also verify his or her identity by providing either a notarization of the request or a written certification that the requester is who he or she claims to be and understands that the knowing and willful request for acquisition of a record pertaining to an individual under false pretenses is a criminal offense under the Privacy Act, subject to a five thousand dollar fine.

RECORD ACCESS PROCEDURE:

Same as Notification Procedures. Requesters should also reasonably specify the record contents being sought. Individuals may also request listings of accountable disclosures that have been made of their records, if any.

CONTESTING RECORD PROCEDURE:

Contact the official under Notification Procedures above, and reasonably identify the record and specify the information to be contested, and state the corrective action sought and the reasons for the correction, with supporting justification. The right to contest records is limited to information which is incomplete, irrelevant, incorrect, or untimely (obsolete).

RECORD SOURCE CATEGORIES:

Applicant institution, individual, individual's educational institution and references, and participating Federal acquisition personnel.

SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT:

None.