Text

.c.,

M95

'o UNITED STATES

~g NUCLEAR REGULATORY COMMISSION 9Db o

r, wAssinaron. o. c. rosss

\\*****/

APR 28 198-0 Mr. Robert P. Bedell, Deputy Administrator Office of Infonnation and Regulatory Affairs s

NE0B Room 3235 1

The Office of Management and Budget Wcshington, DC 20503 i

Dear Mr. Bedell:

This is in response to your memorandum dated January 16, 1986, regarding the submission of data for the President's Annual Privacy Act Report to Congress.

Please find enclosed the original r.rd three copies of Section I pertaining to the Nuclear Regulatory Cornission's administration of the Privacy Act of 1974, including infonnation regarding the NRC Systems of Records and the processing of Privacy Act requests during 1985, and Section II which contains this agency's responses to the series of questions relating to specific implementa-tion activities, if your staff has any questions concerning this matter, please telephone Mrs. Connie Pappas at 492-8992.

Sincerely, h

~

klk

$81c Norry, Dire or Office of Administration

Enclosures:

As stated 8804130423 860423 PDR ORG EUS

i

&b) 2 Section I.

Report information l'or calendar year 1985.

Aggregate data at the agency level; do not report components separately.

A.

Privacy Points of Cbutacts Provide the names, titles, telephone numbers and mailing addresses of the agency individuals who are responsible for implementing the Privacy Act in your agency:

1.

Senior Agency Official:

Name Mr-nnnnin n crimeiey Director Address Division of Rules and Records Office of Administration U.S. Nuclear Regulatory Comission Washington, DC 20555 Telephone (301)492-7211 2.

Privacy Officer Name Ms. Linda L. Robinson, Chief Address Freedom of Information and Privacy Acts Branch Division of Rules and Records Office of Administration U.S. Nuclear Regulatory Comission Washington, DC 20555 Telephone (301)492-8133 3

Legal counsel:

Name:

Mr. Edward C.Shomaker, Senior Attorney Address Office of the Executive legal Director U.S. Nuclear Regulatory Comission Washington, D.C. 20555 s

3 Telephone (301)492-8653 B.

Publication Data:

Provide the following information as of December 31, 1985:

1.

Total number of active systems:

23 15 nonexempt exempt 2.

Number of new systems published during 1985:

0 0

nonexempt exempt 3

Number of systems deleted during 1985:

0 0

nonexempt exempt 4.

Number of systems automated, either in whole or part, during 1985:

2 2

nonexempt exempt 5

Number of existing systems for which new routine uses were established, during 1985:

0 0

s n.onexempt exempt 6.

Number.of existing systems for which new exemptions were claimed.

0 7.

Number of existing systems from which exemptions were deleted.

0 8.

Number of public comments received on agency publication of rules or notices:

0 9.

Briefly discuss any comments received and any action taken based on comments received, including N/A those received from OMB or the Congress.

Attach continuation sheet if necessary.

Attach copies of

4 any Congressional correspondence.

C.

Individuals' Exercise of Rights of Access & Amendment:

(Note, access and amendment requests are defined as requests from record subjects for access to agency records that are (1) about themselves; (2) located in systems of records; and (3) which cite the Privacy Act of 1974 as the basis for the request).

1.

Total number of requests for access:

22 2.

Number of requests wholly or partially granted:

14 3

Number of requests totally denied:

1 4.

Number of requests for which no record was found:

7*

• 5 requests were referred to Office of Personnel Management and to the Federal Bureau of Investigation i

5.

Number of appeals of denials of access:

0 6.

Number of appeals in which denial was upheld:

O' 7.

Number of appeils in which denial was overturned either in wholt or part:

0 8.

Number of requests to amend records in system:

0 l

9.

Number of amendment requests wholly or partially granted:

0 1

10.

Number of amendment requests totally denied:

0 1

l l

4 5

11.

Number of appeals of denials of amendment requests:

0 12.

Number of appeals in which denial was upheld:

0 13 Number in which denial was overturned either in whole or in part:

0 14.

If your agency denied any access requests on a basis other than the provisions of sections (d)(5), (J ), or (k) of the Privacy Act, explain the rationale for your denial.

N/A 15.

Number of instances in which individuals litigated the results of appeals of access or amendment n

16.

The results of such litigation.

N/A D.

Matching Programs:

(See the definition of a matching program in OMB's revised Matching Guidelines, 47 FR_1656, May 19,1982):

1.

How many matching programs did your ager.cy participate in as a matching agency during 19857 n

2.

How many as a source agency?

N/A 3

On what date(s) were any matching reports required by the Guidelines published in the Federal Register and provided to OMB and the Congress?

E.

Agency Analysis of Activities:

Submit a brief analysis of the data provided above.

Tne analysis should show how the data supports the agency's efforts to comply with the objectives of the Act.

The analysis should also consider the relationship of these data to data furnished for L

9 6

earlier reports.- Agencies should also identify significant ongoing or completed activities designed to improve administration of the Act, e.g.,

review of routine uses, publication of revised rules, review of application of exemption provisions, improvements in public access to records, etc.

This information is due to OMB no later than April 30, 1986.

B h

9 e

1 Section I 1985 AhNUAL REPORT OF THE NUCLEAR REGULATORY COMMISSION ON THE ADMINISTRATION OF THE PRIVACY ACT OF 1974 Agency Analysis of Data Provided At the end of 1985, the Nuclear Regulatory Comission (NRC) maintained 38 personal data systems subject to the Privacy Act of 1974. These systems contain records on approximately 380,000 individuals. A majority of these are individuals who at some time have been subject to radiation exposure in the course of their duties in the nuclear industry. The other individuals represent the staff of licensees or applicants for licenses, persons who have corresponded with the NRC, NRC employees or applicants for employment, and the individuals who are on the NRC mailing lists.

j NRC System of Records are periodically screened to remove obsolete information,

)

in accordance with approved record disposal schedules, j

No new NRC System of Records were established during 1985, i

The NRC received 22 privacy Act requests in 1985, 12 of which were submitted i

under both the Privacy Act and Freedom of Information Act. All of the requests sought access to records. One request was denied in part using Exemption (k)(2) of the Privacy Act and Exemption (7)(A) of the Freedom of Information Act.

One request was denied in whole using Exemption (k)(2) of the Privacy Act and another was denied in part using Exemption (k)(5) of the Privacy Act.

One request was a referral from another agency.

Five requests were referred to other agencies.

The NRC has had no major problems with the implementation of the Privacy Act and has no recomendation for change.

1 i

i 1

l; 1

SECTION 11 1985 ANNUAL REPORT OF THE NUCLEAR REGULATORY COMMISSION Responses to Questions Relating to Specific Implementation Activities on the Administration of the Privacy Act PUBLIC NOTICE The NRC maintains a Rules and Regulations loose leaf handbook which contains a section for systems of records. The NRC provides a toll free number in which an individual may call for assistance.

NRC also provides a copy of the systems of records to a Freedom of Information Act requester when the individual inquires about records that may be maintained on the individual.

Enclosed is a copy of the Systems of Records, which is identified on the enclosed appendix.

MICR0 COMPUTER POLICY Six systems of records are contained in stand-alone micro computers.

As identified on the appendix, enclosed are copies of records regarding policies for security and disposal of records stored in electronic fonn.

AUTOMATION Fifty-five percent of NRC's systems of records are automated, either in whole or part. The NRC employees are covered by numerous systems, such as payroll, personnel, travel and training, some of which are automated. Therefore, about ninety percent of the individuals are contained in automated systems.

These statistics are based on the notices of NRC's systems of records which were published in 1982 since NRC's 1986 review of the notices has not '/a t been completed.

1 F01A/PA RELATIONSHIPS The NRC's responses to requests are made in accordance with the guidance provided in OMB's May 1985 Privacy Act Guidance update. The NRC Manual Chapter on the Privacy'Ae', identified on the enclosed appendix, describes the processing of requests.

MATCHING PROGRAMS Not Applicable Privacy Act Training a.

The NRC provides Privacy Act training to employees who have responsi-bilities related to systems of records upon request.

The NRC provides periodic F01A training to NRC staff which includes coverage of certain Privacy Act requirements, l

b.

Less than one percent of NRC employees received fonnal Privacy Act i

Training in 1985. This training was provided by the USDA Graduate School, Department of Justice, and the American Society for Access Professionals.

i

Executive level - None Legal staff - 1 Clerical / administrative - 7 ADP staff - None c.

NRC conducts internal FOIA and Privacy Act training programs. The Director and/or Branch Chief in the Division of Rules and Records and a Senior Attorney in the Office of the Executive Legal Director conduct such training upon requests from staff offices and on their initiative as appropriate.

i The breakdown of the number of employees in three offices who were provided training in CY85 is noted below. No record was maintained on the breakdown of training for other staff offices.

Executive level 2

Managers 4

Auditors 12 Investigators 4

Legal 4

Clerical / Administrative 13 d.

Formal training outside the agency is noted under b above.

The NRC has no suggestions for Privacy Act training.

e.

q l

1 l

i

SECTION 11 Appendix 1.

U.S. Nuclear Regulatory Commission Rules and Regulations Title 10 Chapter 1 Code of Federal Regulations - Energy - Commission Notices - Systems of Records 2.

NRC Appendix 2301 - Part II Security of Automated Information Systems 3.

Bulletin 0231-31 Creation, Maintenance, and Disposition of Agency Records in Electronic Form dated January 28, 1986 4.

Memorandum regarding use of NRC Accessible Timesharing Facilities by Contractors, dated 4/1/86 5.

Security Reminder Handout provided by the NRC ITS Training Center, "Personal Computer Systems" 6.

NRC Manual Chapter NRC-0904, Planning and Control of Automatic Data Processing (ADP) Resources 7.

Draf t Bulletin 0904-5, NRC Computer Software Policy 8.

NRC Manual Chapter NRC-0204-Privacy Act 1

4