USAID-33 Phoenix Financial Management System

Speeches Shim

USAID-33

SYSTEM NAME:

Phoenix Financial Management System - (77 FR 73973).

SECURITY CLASSIFICATION:

Sensitive But Unclassified.

SYSTEM LOCATIONS:

(1) Beltsville Information Management Center (BIMC), 8101 O'Dell Rd., Beltsville, MD 20705—DRP Servers.

(2) Global Financial Service Center (GFSC—DoS), 1969 Dyess Ave., Building A, Computer Room 2A228, Charleston, SC 29405—Production Servers.

(3) Terremark, 50 Northeast 9th Street, Miami, FL 33132—Terremark Data Center Reporting, Development and Test Servers.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

This system contains records of current employees, contractors, personal service contractors (PSCs), consultants, partners, and those receiving foreign assistance funds.

CATEGORIES OF RECORDS COVERED BY THE SYSTEM:

This system contains USAID organizational information. Phoenix imports the following data elements from NFC Payroll files for Personnel Services Contractors (PSC) and direct hires: Name, social security number, details of payroll transactions and work phone numbers. Phoenix imports the following data elements from the E2 Travel system for each traveler: Name, date of travel (month/year) and destination.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:

Privacy Act of 1974 (Pub. L. 93-579), sec. 552a(c), (e), (f), and (p).

PURPOSE(S):

Records in this system will be used:

(1) The payroll information is used to associate PSC payroll-related payments with their contracts and track direct hire payroll payments in the system in order to produce 1099 files. If this information is not imported form NFC to Phoenix, then USAID cannot comply with IRS regulations to maintain and produce 1099s.

(2) The travel information is used to associate E2 travel records with Phoenix accounting information regarding travel authorization and funding.

ROUTINE USE OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:

USAID may disclose relevant system records in accordance with any current and future blanket routine uses established for its record systems. These may be for internal communications or with external partners.

DISCLOSURE TO CONSUMER REPORTING AGENCIES:

These records are not disclosed to consumer reporting agencies.

POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:

STORAGE:

Electronic records are maintained in user-authenticated, password-protected systems.

RETRIEVABILITY:

All records are accessed only by authorized personnel who have a need to access the records in the performance of their official duties. Information is retrieved by name or by a system specific ID (Vendor ID, Traveller ID, etc.). SSN is not employed as a key, but only present for tax reporting purposes.

SAFEGUARDS:

Administrative, managerial and technical controls are in place. Phoenix has a current Security Assessment and Authorization (A&A) in place. Phoenix is secured through access control provided to only those individuals with a need to know within the Agency. Further, access to the PII is limited to the staff within the CMP and CAR divisions. Phoenix is maintained by the U.S. government, not contractors.

RETENTION AND DISPOSAL:

Records are retained in accordance with approved National Archives and Records Administration Schedules.

SYSTEM MANAGER(S) AND ADDRESS:

David Ostermeyer, United States Agency for International Development, U.S. Department of State Annex 44, 455, 301 4th Street SW., Washington, DC 20547.

NOTIFICATION PROCEDURES:

Individuals requesting notification of the existence of records on them must send the request in writing to the Chief Privacy Officer, USAID, 2733 Crystal Drive, 11th Floor, Arlington, VA 22202. The request must include the requestor's full name, his/her current address and a return address for transmitting the information. The request shall be signed by either notarized signature or by signature under penalty of perjury and reasonably specify the record contents being sought.

RECORD ACCESS PROCEDURES:

Individuals wishing to request access to a record must submit the request in writing according to the “Notification Procedures” above. An individual wishing to request access to records in person must provide identity documents, such as government-issued photo identification, sufficient to satisfy the custodian of the records that the requester is entitled to access.

CONTESTING RECORD PROCEDURES:

An individual requesting amendment of a record maintained on himself or herself must identify the information to be changed and the corrective action sought. Requests must follow the “Notification Procedures” above.

RECORD SOURCE CATEGORIES:

The records contained in this system will be provided by and updated by the individual who is the subject of the record.

EXEMPTIONS CLAIMED FOR THE SYSTEM:

None.