Sorn

CMOS SORN Modification Narrative - 2019-08-01 - Official submission.docx

Cargo Movement Operations System

SORN

OMB: 0701-0165

Document [docx]
Download: docx | pdf



DEPARTMENT OF DEFENSE

Department of the Air Force

Narrative Statement on a Modified System of Records

Under the Privacy Act of 1974


1. System identifier and name: F024 AF AFMC A, entitled “Cargo Movement Operations System”


2. Nature of proposed modifications for the system: The Department of the Air Force has modified the system of records, Cargo Movement Operations System Records (CMOS) to discontinue the collection and use of SSN as a form of user identification. CMOS will only collect SSNs in the rare situation of retirees flying on a Space A CAT VI basis who do not have a current passport number and still have an old-style military retiree ID which lists their SSN.


3. Specific authority under which the system of records is maintained: 10 U.S.C. 9013, Secretary of the Air Force; DoD 4500.9-R, Defense Transportation Regulation Part 1, Passenger Movement; Air Force Program Management Directive #5272(2)/38610F, Cargo Movement Operations System, and E.O. 9397 (SSN) as amended.


4. Evaluation of the probable or potential effects on the privacy of individuals: In updating this SORN, the Department of the Air Force reviewed the safeguards established for the system to ensure they are compliant with DoD requirements and are appropriate to the sensitivity of the information stored within the system.


5. Routine use compatibility: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, as amended, these records contained therein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:


a. To the appropriate Federal, State, local, territorial, tribal, foreign, or international law enforcement authority or other appropriate entity where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether criminal, civil, or regulatory in nature.


b. To any component of the Department of Justice for the purpose of representing the DoD, or its components, officers, employees, or members in pending or potential litigation to which the record is pertinent.


c. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when the DoD or other Agency representing the DoD determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.


d. To the National Archives and Records Administration for the purpose of records management inspections conducted under the authority of 44 U.S.C. §§ 2904 and 2906.


e. To a Member of Congress or staff acting upon the Member’s behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.


f. To appropriate agencies, entities, and persons when (1) the DoD suspects or has confirmed that there has been a breach of the system of records; (2) the DoD has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the DoD (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the DoD’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.


g. To another Federal agency or Federal entity, when the DoD determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.


6. OMB public information collection requirements:

OMB collection required: Yes

OMB Control Number: TBD…

Title of collection if different: N/A

Date Approved or Submitted to OMB: TBD…

Expiration Date (if approved) or Date Submitted to OMB: TBD…

If collecting on members of the public and no OMB approval is required, state the applicable exception(s): N/A


7. Name of IT System (state NONE if paper records only): CMOS, DITPR ID # 451


8. Is the system, in whole or in part, being maintained, collected, used or disseminated by a contractor? Yes.

DEPARTMENT OF DEFENSE BILLING CODE:

Office of the Secretary

[Docket ID: DoD-2019-OS-XXXX]

Privacy Act of 1974; System of Records

AGENCY: Department of the Air Force.

ACTION: Notice of a Modified System of Records.

SUMMARY: The Department of the Air Force proposes to modify a system of records notice, F024 AF AFMC A, “Cargo Movement Operations System”.


To establish a system that will provide the capability to effectively plan, document, and manage outbound and inbound cargo and to plan, schedule, and monitor the execution of transportation activities in support of deployment and reception of forces. The system will accumulate and aggregate shipment data, track the completion of transportation actions, prepare and print movement documentation, prepare and transmit advance shipment notification to all involved activities, and prepare and transmit system reports. As a management tool, the records will determine passenger movement trends and prepare aircraft manifests.


DATES: Comments will be accepted on or before [INSERT 30 DAYS FROM DATE OF PUBLICATION IN THE FEDERAL REGISTER]. This proposed action will be effective the date following the end of the comment period unless comments are received which result in a contrary determination.


ADDRESSES: You may submit comments, identified by docket number and title, by any of the following methods:


* Federal Rulemaking Portal: http://www.regulations.gov

Follow the instructions for submitting comments.


* Mail: Department of Defense, Office of the Deputy Chief Management Officer, Directorate of Oversight and Compliance, Regulatory and Audit Matters Office, 9010 Defense Pentagon, Washington, DC 20301-9010.


Instructions: All submissions received must include the agency name and docket number for this Federal Register document. The general policy for comments and other submissions from members of the public is to make these submissions available for public viewing on the Internet at http://www.regulations.gov as they are received without change, including any personal identifiers or contact information.


FOR FURTHER INFORMATION CONTACT: Mr. LaDonne L. White, Department of the Air Force, Air Force Privacy Office, Office of Warfighting Integration and Chief Information Officer, ATTN: SAF/CNZA, 1800 Air Force Pentagon, Washington, DC 20330-1800, or by phone at (571) 256-2515.


SUPPLEMENTARY INFORMATION: The primary purpose of this modification is to reflect diminished visibility and usage of Social Security Numbers in the CMOS system. SSNs are no longer used for system user identification, but in special cases may be collected for retirees flying on a Space A CAT VI basis when they lack a valid passport number and they are still using an old-style retiree ID that uses their SSN rather than a DoDID. This modification also includes updated references to the appropriate authorizations for use and maintenance of the system, and minor administrative updates.


The Department of the Air Force's notices for systems of records subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended, have been published in the Federal Register and are available from the address in the “FOR FURTHER INFORMATION CONTACT” or from the Defense Privacy and Civil Liberties Division website at http://dpcld.defense.gov/


The proposed systems reports, as required by 5 U.S.C. 552a(r) of the Privacy Act of 1974, as amended, were submitted on [NSERT DATE] to the House Committee on Oversight and Government Reform, the Senate Committee on Homeland Security and Governmental Affairs, and the Office of Management and Budget (OMB) pursuant to paragraph 4c of Appendix I to OMB Circular No. A-130, “Federal Agency Responsibilities for Maintaining Records About Individuals,” dated February 8, 1996, (February 20, 1996, 61 FR 6427).


Dated:




Aaron Siegel

Alternate, OSD Federal Register Liaison Officer, Department of Defense


SYSTEM NAME AND NUMBER: Cargo Movement Operations System (CMOS), F024 AF AFMC A


SYSTEM LOCATION: Defense Information Systems Agency (DISA) Defense Enterprise Computing Center (DECC) Montgomery, Bldg. 857, 401 East Moore Drive, Maxwell AFB-Gunter Annex, AL 36114-3004.


SYSTEM MANAGER(S): Division Chief AFLCMC/HIA, Enterprise Logistic System Division, Air Force Material Command, 200 East Moore Drive, Maxwell AFB Gunter Annex, AL 36114-3004. Organization workflow mailbox is AFLCMC.HIA@us.af.mil.


AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 10 U.S.C. 8013, Secretary of the Air Force; DoD 4500.9-R, Defense Transportation Regulation Part 1, Passenger Movement; Air Force Program Management Directive #5272(2)/38610F, Cargo Movement Operations System, and E.O. 9397 (SSN) as amended.


PURPOSE(S) OF THE SYSTEM: To establish a system that will provides the capability to effectively plan, document, and manage outbound and inbound cargo and to plan, schedule, and monitor the execution of transportation activities in support of deployment and reception of forces. The system will accumulate and aggregate shipment data, track the completion of transportation actions, prepare and print movement documentation, prepare and transmit advance shipment notification to all involved activities, and prepare and transmit system reports. As a management tool, the records will determine passenger movement trends and prepare aircraft manifests.


CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: DoD military personnel (Air Force, Army, Marinees, Navy, Coast Guard, including active, guard, reserves), military retirees, and military family members who are passengers on military or civilian contracted aircraft.


CATEGORIES OF RECORDS IN THE SYSTEM: For military personnel and family members: Name, DoDID number, grade, travel order, transportation authorizations, seats required; origin; destination; requested travel dates, routing indicator (identifies the activity/installation requesting the reservation); flight number; departure date and reporting time, and administrative coding (such as a Leave Form number) as appropriate.


For retirees and family members flying as “Space A CAT VI” passengers: Name, DoDID (preferred) or passport number (or SSN for retirees without a passport or DoDID), home address, and emergency contact information.


RECORD SOURCE CATEGORIES: There are three categories of record sources. 1) Primarily via electronic data import via a systems interface with Deliberate Crisis Action Planning and Execution Segments (DCAPES). DCAPES relies on SSN data, therefore SSN data is transferred into CMOS via that systems interface. 2) Import of records from a properly formatted Excel spreadsheet directly into CMOS. 3) Far less often, via direct keyboard entry into CMOS.


ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, as amended, these records contained therein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:


a. To the appropriate Federal, State, local, territorial, tribal, foreign, or international law enforcement authority or other appropriate entity where a record, either alone or in conjunction with other information, indicates a violation or potential violation of law, whether criminal, civil, or regulatory in nature.


b. To any component of the Department of Justice for the purpose of representing the DoD, or its components, officers, employees, or members in pending or potential litigation to which the record is pertinent.


c. In an appropriate proceeding before a court, grand jury, or administrative or adjudicative body or official, when the DoD or other Agency representing the DoD determines that the records are relevant and necessary to the proceeding; or in an appropriate proceeding before an administrative or adjudicative body when the adjudicator determines the records to be relevant to the proceeding.


d. To the National Archives and Records Administration for the purpose of records management inspections conducted under the authority of 44 U.S.C. §§ 2904 and 2906.


e. To a Member of Congress or staff acting upon the Member’s behalf when the Member or staff requests the information on behalf of, and at the request of, the individual who is the subject of the record.


f. To appropriate agencies, entities, and persons when (1) the DoD suspects or has confirmed that there has been a breach of the system of records; (2) the DoD has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the DoD (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the DoD’s efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.


g. To another Federal agency or Federal entity, when the DoD determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.



POLICIES AND PRACTICES FOR STORING OF RECORDS: All CMOS records are stored electronically within the Air Force Institution of Technology Data storage.


POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS: These records are retrived by CMOS users. Based on their roles and system permissions, they can perform queries to retrieve data. There is no access to these records to non-CMOS users.


POLICIES AND PRACTICES FOR RETENTION AND DISPOSAL OF RECORDS: Records are retained IAW Air Force Records Information Management System (AFRIMS) Records Disposition Schedules:


a. T 24 - 01 R 03.00 Control for Movement of Goods or Personnel, Commercial Movement of Goods or Personnel “Nonroutine”, records are cutoff at the end of the fiscal year. Destroy 10 years after cutoff.


b. T 24 - 01 R 04.00 Commercial Movement of Goods or Personnel Case Files “Routine”, records are cutoff at the end of the fiscal year. Destroy 6 years after cutoff.


c. T 24 - 01 R 09.00 Movement of Goods or Personnel by Government (non-Air Force) Transportation Facilities – records are cutoff upon completion of ship. Destroy 3 years after completion of shipment.


d. T 24 - 01 R 10.00 Customs Clearance and Personal Property Inspection and Clearance Records. Records are cutoff upon clearing customs or settlement of irregularities. Destroy 3 years after clearing customs or settlement of irregularities. Records supporting any unresolved enforcement actions regarding a regulated activity are retained for 3 years after the action has reached resolution.


e. T 24 - 02 R 01.00 Manifest Registers, AMC 68, Surface Cargo/Mail, Mil Airlift Docs, MILAIR Reports and Other Records. Records are cutoff at end of FY. Records are placed in inactive file for 1 year, then destroyed.


Records are maintained in the system until destroyed.


ADMINISTRATIVE, PHYSICAL, AND TECHNICAL SAFEGUARDS: Records are accessed on a need-to-know basis by properly screen persons responsible for servicing the record system in performance of their official duties.


Electronic records are restricted based least privilege principles. Periodic security audits are accomplished. Users require a DoD Common Access Card (CAC) to access CMOS, and DoD PKI certificates are used. Physical access to the servers, server room, building, and surrounding area are controlled by locked terminals and rooms, personnel screening, and visitor registers. Physical records are stored in locked rooms and cabinets.


RECORDS ACCESS PROCEDURES: Individuals seeking access to information about themselves contained in this system of records should address written inquiries to Division Chief AFLCMC/HIA, Enterprise Logistic System Division, Air Force Material Command, 200 East Moore Drive, Maxwell AFB Gunter Annex, AL 36114-3004.


For verification purposes, individual should provide their full name, any details which may assist in locating records, and their signature.


In addition, the requester must provide a notarized statement or an unsworn declaration made in accordance with 28 U.S.C., 1746, in the following format:


If executed outside the United States: ‘I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature)’.


If executed within the United States, its territories, possessions, or commonwealths: ‘I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature)’.


CONTESTING RECORD PROCEDURES: The Air Force rules for accessing records, and for contesting contents and appealing initial agency determinations are published in Air Force Instruction 37-132; 32 CFR parts 806b; or may be obtained from the system manager.


NOTIFICATION PROCEDURES: Individuals seeking to determine whether information about themselves is contained in this system of records should address written inquiries to Division Chief AFLCMC/HIA, Enterprise Logistic System Division, Air Force Material Command, 200 East Moore Drive, Maxwell AFB Gunter Annex, AL 36114-3004.


For verification purposes, individual should provide their full name and any details which may assist in locating records, and their signature.


In addition, the requester must provide a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:


If executed outside the United States: ‘I declare (or certify, verify, or state) under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed on (date). (Signature)’.


If executed within the United States, its territories, possessions, or commonwealths: ‘I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature)’.


EXEMPTIONS CLAIMED FOR THE SYSTEM: None.


HISTORY: December 04, 2008, 73 FR 73926


File Typeapplication/vnd.openxmlformats-officedocument.wordprocessingml.document
AuthorSheree M Coon
File Modified0000-00-00
File Created2021-01-14

© 2024 OMB.report | Privacy Policy