Home > 1997 Privacy Act Documents > Privacy Act: [ Table of Contents]...Privacy Act: [ Table of Contents]...
<DOC>
[2001 Privacy Act]
[From the U.S. Government Printing Office via GPO Access]
Agency for Toxic Substances and Disease Registry
#.. 09-19-0001
#....System name: Records of Persons Exposed or Potentially Exposed
to Toxic or Hazardous Substances, HHS/ATSDR/OHA.
System location:
Division of Health Studies, Agency for Toxic Substances and
Disease Registry, Executive Park, Bldg. 4, 1600 Clifton Road,
Atlanta, GA 30333.
Division of Health Assessment and Consultation, Agency for Toxic
Substances and Disease Registry, Executive Park, Bldg. 31, 1600
Clifton Road, Atlanta, GA 30333.
Federal Records Center, 1557 St. Joseph Avenue, East Point, GA
30333.
Data are also located at contractor sites. A list of contractor
sites where individually identified data are currently located is
available upon request to the System Manager.
Categories of individuals covered by the system:
Individuals exposed or potentially exposed to toxic or hazardous
substances may include the following: (1) Selected persons living or
having lived near a hazardous waste site, including facilities owned
or operated by the United States; (2) Persons exposed or potentially
exposed to environmental hazards resulting from ingestion of
contaminated drinking water, persons exposed to contaminated soil,
persons living on mining wastes, persons inhaling toxic substances
(all of which may or may not be the result of contamination by a
specified waste site); (3) Participants in health outcome studies
(including exposure studies, symptom and disease prevalence studies,
cluster investigations), and epidemiologic studies to determine the
public health threat of exposure to hazardous or toxic substances;
(4) Registry participants with exposures associated with specific
chemicals, (5) Participants from site of emergency activities, and
other sites that are the subject of a citizen's petition; (6) Persons
working or having worked in response actions at hazardous waste sites
or other occupational settings where exposure to hazardous substances
occurred. The first five categories of persons above may include
children as well as adults.
Categories of records in the system:
Name, address, (including length of time at current address),
telephone number, date of birth, Social Security number, sex, current
and past occupations, dates, pathways and routes of toxic or
hazardous substance exposure or potential exposure, smoking history,
results of medical and laboratory tests, records on biological
specimens (e.g. blood, urine, etc.), and related documents such as
questionnaire responses. The specific type of records collected and
maintained is determined by the needs of the individual registry or
study.
Purpose(s):
Records in this system are used to carry out the legislated
environmental public health mandates of the Agency for Toxic
Substances and Disease Registry (ATSDR). Specifically this
information is used to: (1) Identify the public health threat caused
by exposure to toxic and hazardous substances utilizing health
outcome studies, epidemiologic studies, and other health effects
studies; and (2) establish and maintain national registries of
persons exposed to toxic substances and persons with serious diseases
and illnesses associated or potentially associated with exposure to
toxic substances. Registries will have the additional purposes of
tracking exposed individuals, keeping them informed of health effects
of exposure, preventive measures and possible breakthroughs in
treatment, along with serving as a centralized location for research
data on these exposed individuals.
Records may be disclosed to the National Center for Environmental
Health, Centers for Disease Control and Prevention, for laboratory
analysis of samples and for collaborative efforts (i.e., providing
staff, performing statistical analysis, etc.) in coordinating
investigations.
Records (i.e., name, Social Security number, date of birth) may
be disclosed to the National Center for Health Statistics to obtain a
determination of vital status. Death certificates with the cause of
death will then be obtained from Federal, State, or local agencies to
enable ATSDR (1) to determine whether excess mortality is occurring
among individuals exposed to toxic or hazardous substances, and (2)
to notify similarly exposed persons. Records may also be disclosed to
the Social Security Administration for additional sources of locating
information.
Authority for maintenance of the system:
Comprehensive Environmental Response, Compensation, and Liability
Act of 1980 as amended by Superfund Amendments and Reauthorization
Act of 1986 (42 U.S.C. 9601, 9604); and the Resource Conservation and
Recovery Act of 1976 as amended in 1984 (42 U.S.C. 6901).
Routine uses of records maintained in the system, including
categories of users and the purposes of such uses:
1. Records may be disclosed to Department of Health and Human
Services contractors to locate individuals exposed or potentially
exposed to toxic or hazardous substances (e.g., in the establishment
of the National Exposure Registry), conduct interviews, perform
medical examinations, collect and analyze biological specimens,
evaluate and interpret data, and perform followup health
investigations so that the research purposes for which the records
are collected may be accomplished. The contractor must comply with
the requirements of the Privacy Act with respect to such records.
2. Records may be disclosed to Federal agencies such as the
Environmental Protection Agency (EPA), State and local health
departments, and other public health or cooperating medical
authorities in connection with program activities and related
collaborative efforts to deal more effectively with exposures to
hazardous or toxic substances, and to satisfy mandatory reporting
requirements when applicable.
3. Records (i.e., name, Social Security number) may be disclosed
to other Federal agencies and to missing person location agencies to
obtain information to aid in locating individuals involved in these
studies.
4. Records may be disclosed for a research purpose, when the
Department: (A) Has determined that the use or disclosure does not
violate legal or policy limitations under which the record was
provided, collected, or obtained; (B) has determined that the
research purpose (1) cannot be reasonably accomplished unless the
record is provided in individually identified form, and (2) warrants
the risk to the privacy of the individual that additional exposure of
the record might bring; (C) has required the recipient to (1)
establish reasonable administrative, technical, and physical
safeguards to prevent unauthorized use or disclosure of the record,
(2) remove or destroy the information that identifies the individual
at the earliest time at which removal or destruction can be
accomplished consistent with the purpose of the research project,
unless the recipient has presented adequate justification of a
research or health nature for retaining such information, and (3)
make no further use or disclosure of the record except (a) in
emergency circumstances affecting the health or safety of any
individual, (b) for use in another research project, under these same
conditions, and with written authorization of the Department, (c) for
disclosure to a properly identified person for the purpose of an
audit related to the research project, if information that would
enable research subjects to be identified is removed or destroyed at
the earliest opportunity consistent with the purpose of the audit, or
(d) when required by law; (D) has secured a written statement
attesting to the recipient's understanding of, and willingness to
abide by these provisions.
5. Disclosures may be made to a congressional office from the
records of an individual, in response to a verified inquiry from the
congressional office made at the written request of that individual.
6. In the event of litigation initiated by EPA in collaboration
with ATSDR, ATSDR may disclose such records as it deems desirable or
necessary to the Department of Justice to enable the Department to
effectively represent ATSDR. The types of litigative proceedings that
ATSDR may request include the recovery of expenses incurred in
cleanup operations at Superfund or Resource Conservation and Recovery
Act sites, including program and staff costs.
7. In the event of litigation where the defendant is (a) the
Department, any component of the Department, or any employee of the
Department in his or her official capacity; (b) the United States
where the Department determines that the claim, if successful, is
likely to directly affect the operations of the Department or any of
its components; or (c) any Department employee in his or her
individual capacity where the Justice Department has agreed to
represent such employee, for example, in defending a claim against
the Public Health Service based upon an individual's mental or
physical condition and alleged to have arisen because of activities
of the Public Health Service in connection with such individual,
disclosure may be made to the Department of Justice to enable that
Department to present an effective defense, provided that such
disclosure is compatible with the purpose for which the records were
collected.
Policies and practices for storing, retrieving, accessing,
retaining, and disposing of records in the system:
Storage:
File folders, computer tapes and disks (hard and floppy).
Retrievability:
By name or Social Security number.
Safeguards:
The following special safeguards are provided to protect the
records from inadvertent disclosure:
1. Authorized Users: Access is granted to only a limited number
of physicians, scientists, statisticians, and designated support
staff of ATSDR or its contractors, as authorized by the system
manager to accomplish the stated purposes for which the data in this
system have been collected. A list of authorized users will be
maintained by the system manager.
2. Physical Safeguards. Questionnaires, log books, and other
source data are maintained in locked cabinets in locked rooms, 24-
hour guard service in buildings, personnel screening of visitors,
electronic anti-intrusion devices in operation at the Federal Records
Center (FRC), fire extinguishers, overhead sprinkler system, and
card-access control equipment in the mainframe computer room (Clifton
Road facility), computer terminals, lockable personal computers, and
automated records located in secured areas.
3. Procedural Safeguards: Protection for computerized records
includes programmed verification of valid user identification code,
account code and password prior to acceptance of a terminal session
or job submission, computer software to control access, frequently
changed passwords, and Fault Management System.
Knowledge of individual tape passwords is required to access
tapes, and acces to systems is limited to users obtaining prior
supervisory approval. When Privacy Act tapes are scratched, a special
``certified'' process is performed in which tapes are completely
written over to avoid inadvertent data disclosure. When possible, a
backup copy of data is stored at an offsite location and a log kept
of all changes to each file and all persons reviewing the file.
Selected safeguards will be applicable to specific elements of the
system, as appropriate. Additional safeguards may also be built into
the program by the system analyst as warranted by the sensitivity of
the specific data set.
ATSDR and contractor employees who maintain records are
instructed in specific procedures to protect the security of records,
and are to check with the system manager prior to making disclosures
of data. When individually identified data are being used in a room,
admittance at either ATSDR or contractor sites is restricted to
specifically authorized personnel.
Appropriate Privacy Act provisions are included in contracts and
the ATSDR Project Director, contract officers, and project officers
oversee compliance with these requirements. Upon completion of the
contract, all data will be either returned to ATSDR or destroyed, as
specified by the contract.
4. Implementation Guidelines: The safeguards outlined above are
developed in accordance with Chapter 45-13, ``Safeguarding Records
Contained in Systems of Records,'' of the HHS General Administration
Manual, supplementary Chapter PHS.hf: 45-13; Part 66, ``Automated
Information Systems Security,'' of the HHS Information Resources
Management Manual; the National Bureau of Standards Federal
information Processing Standards (FIPS Pub. 41 and FIPS Pub. 31). FRC
safeguards are in compliance with GSA Federal Property Management
Regulations, Subchapter B-Archives and Records.
Retention and disposal:
A Comprehensive Records Control Schedule has been approved for
ATSDR which designates the procedures which allow the system managers
to retain records for their designated life. Registry records will be
actively maintained as long as funding is provided for by
legislation. Contractors will retain the records only as long as
necessary to complete data collection and verify ATSDR's receipt of
the data in usable form. Record copy of study reports is maintained
in the agency from two to three years in accordance with retention
schedules. Source documents for computer tapes or disks are disposed
of when no longer needed in the study as specified by the records
control schedule.
Records may be transferred to a Federal Records Center for
storage when no longer needed for evaluation or analysis. Disposal
methods include the paper recycling process, burning or shredding
hard copy records, and erasing computer tapes and disks.
System manager(s) and address:
Director, Division of Health Studies, Agency for Toxic Substances
and Disease Registry, Executive Park, Bldg. 4, 1600 Clifton Road,
Atlanta, GA 30333.
Director, Division of Health Assessment and Consultation, Agency
for Toxic Substances and Disease Registry, Executive Park, Bldg. 31,
1600 Clifton Road, Atlanta, GA 30333.
Policy coordination is provided by: Deputy Assistant
Administrator, Agency for Toxic Substances and Disease Registry,
Executive Park, Bldg. 37, 1600 Clifton Road, Atlanta, GA 30333.
Notification procedure:
An individual may learn if a record exists about himself/herself
by contacting the appropriate system manager at the address above.
Persons who knowingly and willfully request or acquire a record
pertaining to an individual under false pretenses are subject to
criminal prosecution. Requesters in person must provide photo
identification (such as driver's license) or other positive
identification that would authenticate the identity of the individual
making the request. Individuals who do not appear in person must
submit a request which has been notarized to verify their identity. A
parent or guardian who requests notification of, or access to, a
minor's medical record must provide a birth certificate (or notarized
copy), court order, or other competent evidence of guardianship. An
individual who requests notification of, or access to, a medical
record shall at the time the request is made, designate in writing a
responsible representative (who may be a physician, other health
professional, or other responsible individual) who will be willing to
review the record and inform the subject individual of its contents
at the representative's discretion.
In addition, the following information should be provided when
requesting notification: (1) Full name and Social Security number;
(2) nature of the study, or probable exposure or disease subregistry
which might include the requester.
Record access procedures:
Same as notification procedures. Requesters should also
reasonably specify the record contents being sought. An accounting of
disclosures that have been made of the record, if any, may also be
requested.
Contesting record procedures:
Contact the system manager at the address specified above,
reasonably identify the record and specify the information being
contested, the corrective action sought, and the reasons for
requesting the correction, along with supporting information to show
how the record is inaccurate, incomplete, untimely, or irrelevant.
Record source categories:
Subject individuals, families of deceased individuals, concerned
citizens associated with a particular site, State and local health
departments, physican records, hospital records, Social Security
Administration, Environmental Protection Agency and other agencies
responsible for environmental public health.
Systems exempted from certain provisions of the act:
None.
Pages: 1 Other Popular 1997 Privacy Act Documents Documents:
|
| GovRecords.org presents information on various agencies of the United States Government. Even though all information is believed to be credible and accurate, no guarantees are made on the complete accuracy of our government records archive. Care should be taken to verify the information presented by responsible parties. Please see our reference page for congressional, presidential, and judicial branch contact information. GovRecords.org values visitor privacy. Please see the privacy page for more information. |
 |