Privacy Act; Systems of Records

Privacy Act of 1974; System of Records

DATES:

The public may submit comments on this notice by March 2, 2026. This system of records will be effective without further notice, with the exception of the new or modified routine uses, which will become effective March 2, 2026, unless CIGIE determines that changes are necessary due to public comment.

SUPPLEMENTARY INFORMATION:

One Big Beautiful Bill Act (OBBB) extended the PRAC's jurisdiction to include all funds provided in the OBBB, amended Section 15010(a)(6) of the CARES Act to include the OBBB under the definition of "covered funds," and extended PRAC's sunset date to September 30, 2034. An Act to Provide for Reconciliation Pursuant to title II of H. Con. Res. 14, Public Law 119-21, Section 90102 (July 4, 2025). This Modification will align the two CIGIE Systems of Records Notices with the PRAC's expanded jurisdiction. The modification to the two systems that were established in furtherance of the PRAC's statutory mandate will enable the PRAC to carry out its statutory mandate, including PRAC's expanded jurisdiction pursuant to the OBBB.

CIGIE proposes modifying the Purpose section of the existing SORNs and modifying the body of the existing SORNs by changing all references to "Coronavirus Funds" to "covered funds," including in Routine Uses. This modification of the two SORNs CIGIE established in furtherance of the PRAC's statutory mandate will bring both SORNs into alignment with the PRAC's jurisdiction, to include its expanded jurisdiction.

CIGIE proposes modifying the Categories of Individuals in the System in CIGIE-5 to include those receiving OBBB funds. Further, it proposes removing the caveat in CIGIE-5 concerning the applicability of the Privacy Act to records of individuals acting in their entrepreneurial/sole-proprietor capacity.

CIGIE proposes modifying the location of records to the new physical of CIGIE Headquarters, 1750 H St. NW, Suite 400, Washington, DC 20006.

CIGIE proposes changing the security classification marking for PDWS to Controlled Unclassified Information to reflect the security marking protocols established by NARA pursuant to Executive Order 13556.

CIGIE proposes adding Routine Uses to comply with Executive Order (E.O.) 14249, Protecting America's Bank Account Against Fraud, Waste, and Abuse, and Office of Management and Budget (OMB) Memorandum M-25-32, Preventing Improper Payments and Protecting Privacy Through Do Not Pay.

CIGIE proposes deleting the reference to "Officials of CIGIE" in the Routine Uses, as the Privacy Act permits disclosures to internal agency employees; therefore, such disclosures are not considered routine uses.

All other sections of the SORNs remain the same unless otherwise noted.

SYSTEM NAME AND NUMBER:

PRAC Data Warehouse System (PDWS)-CIGIE-5, and PRAC Accountability Data System (PADS)-CIGIE-6.

SECURITY CLASSIFICATION:

Controlled Unclassified Information.

SYSTEM LOCATION:

The location of paper records contained within the PWS and PADS is the headquarters of the Council of the Inspectors General on Integrity and Efficiency (CIGIE), 1750 H Street NW, Suite 400, Washington, DC 20006. Records maintained in electronic form are principally located in contractor-hosted data centers in the United States. Contact the System Manager identified below for additional information.

SYSTEM MANAGER(S):

Executive Director, Pandemic Response Accountability Committee, Council of the Inspectors General on Integrity and Efficiency, 1750 H St. NW, Suite 400, Washington, DC 20006, (202)292-2600, [email protected].

PURPOSE(S) OF THE SYSTEM:

To carry out the PRAC's responsibilities to support oversight of funds provided in the OBBB and promote transparency and conduct and support oversight of covered funds and the Coronavirus response to prevent and detect fraud, waste, abuse, and mismanagement; and mitigate major risks that cut across program and agency boundaries." The terms "covered funds" and "Coronavirus response" have the meaning defined in Section 10510(a)(6) and (a)(6), respectively, of the CARES Act, as amended.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:

The CIGIE-5 system contains records on individuals who relate to PRAC efforts undertaken in support of its mission to promote transparency and conduct and support oversight of covered funds and the Coronavirus response to prevent and detect fraud, waste, abuse, and mismanagement and mitigate major risks that cut across programs and agencies, and its statutory obligation in the OBBB to support oversight of the funds provided in the OBBB. Individuals include but are not limited to those who have applied for, sought, or received Federal funds.

The CIGIE-6 system contains records on individuals who relate to PRAC efforts undertaken in support of its efforts to promote transparency and conduct and support oversight of covered funds and the Coronavirus response to prevent and detect fraud, waste, abuse, and mismanagement and mitigate major risks that cut across programs and agencies, and to support oversight of the funds provided in the OBBB. Individuals include but are not limited to those who have applied for, sought, or received Federal funds. In addition, these individuals include:

(a) Individuals who are or have been the subject of investigations or other inquiries identified by or submitted to the PRAC;

(b) Individuals who are or have been witnesses, complainants, or informants in investigations or other inquiries identified by or submitted to the PRAC;

(c) Individuals who are or have been potential subjects or parties to an investigation or other inquiry identified by or submitted to the PRAC;

(d) Individuals who are or have been related to entities or individuals that are or have been a subject of, potential subject of, or party to an investigation or other inquiry identified by or submitted to the PRAC;

(e)Individuals who have or have had increased risk factors indicating they may have been involved with possible fraud, waste, abuse, mismanagement, or improper payments related to Federal funds; and

(f) Individuals who are or have been related to entities or individuals that have or have had increased risk factors indicating they may have been involved with possible fraud, waste, abuse, mismanagement, or improper payments related to Federal funds.

CATEGORIES OF RECORDS IN THE SYSTEM:

For CIGIE-5: The system maintains records that contribute to the transparency of covered funds and the Coronavirus response and effective oversight of fraud, waste, abuse, and mismanagement and mitigation of major risks that cut across programs and agencies related to covered funds and the Coronavirus response, and to support oversight of the funds provided in the OBBB.

These records may include, but are not limited to, records concerning: Covered Funds, funds provided in the OBBB, and other Federal funding; the Coronavirus Response; individuals in their personal capacity or individuals who are employees or representatives of businesses, corporations, tribal governments, not-for-profit organizations, or other organizations that have applied for, sought, or received covered funds or have been involved in any capacity in the Coronavirus Response. Such records may include, but are not limited to these individuals' home addresses, telephone numbers, Social Security numbers or tax identifications numbers, company business addresses, business financial information and records, bank account information, payroll records, personal contact information, business affiliations, and employment history.

For CIGIE-6: The system maintains records that contribute to the transparency of covered funds and the Coronavirus response and effective oversight of fraud, waste, abuse, and mismanagement and mitigation of major risks that cut across programs and agencies related to covered funds and the Coronavirus response, and to support oversight of the funds provided in the OBBB. These records may include, but are not limited to, records concerning: covered funds, funds provided in the OBBB, and other Federal funding; the Coronavirus Response; individuals in their personal capacity or individuals who are employees or representatives of businesses, corporations, tribal governments, not-for-profit organizations, or other organizations that have applied for, sought, or received covered funds or have been involved in any capacity in the Coronavirus Response. Such records may include, but are not limited to, these individuals' home addresses, telephone numbers, Social Security numbers or tax identifications numbers, company business addresses, business financial information and records, bank account information, payroll records, personal contact information, business affiliations, and employment history.

The records may further include:

(a) Letters, memoranda, and other documents describing complaints, derogatory information, or alleged criminal, civil, or administrative misconduct; and

(b) General intelligence and relevant data, leads for the PRAC or Offices of Inspector General (or other applicable oversight and law enforcement entities), reports of investigations and related exhibits, statements and affidavits, and records obtained or generated during an investigation or other inquiry, including but not limited to risk-based analytical research.

RECORD SOURCE CATEGORIES:

For CIGIE-5: Publicly and/or commercially available data sets and other source material; Federal agencies; and individuals and entities, including states and local jurisdictions, tribal governments, businesses, corporations, and other organizations, that have applied for, sought, or received covered funds or other Federal funds or have been involved in any capacity in the Coronavirus response, or funds provided in the OBBB.

For CIGIE-6: Publicly and/or commercially available data sets and other source material; Federal agencies; and individuals and entities, including states and local jurisdictions, tribal governments, businesses, corporations, and other organizations, that have applied for, sought, or received covered funds or other Federal funds or have been involved in any capacity in the Coronavirus response, or funds provided in the OBBB. The subjects of investigations and other inquiries; individuals and entities with which the subjects of investigations and other inquiries are associated; Federal, state, local, and foreign law enforcement and non-law enforcement agencies and entities; private citizens; witnesses; and informants.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b), all or portions of the records or information contained in this system may specifically be disclosed outside of CIGIE as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

A. To a Member of Congress in response to an inquiry from that Member made at the request of the individual. In such cases, however, the Member's right to a record is no greater than that of the individual.

B. If the disclosure of certain records to the Department of Justice (DOJ) is relevant and necessary to litigation, CIGIE may disclose those records to the DOJ. CIGIE may make such a disclosure if one of the following parties is involved in the litigation or has an interest in the litigation:

1. CIGIE or any component thereof; or

2. Any employee or former employee of CIGIE in his or her official capacity; or

3. Any employee or former employee of CIGIE in his or her individual capacity when the DOJ has agreed to represent the employee; or

4. The United States, if CIGIE determines that litigation is likely to affect CIGIE or any of its components.

C. If disclosure of certain records to a court, adjudicative body before which CIGIE is authorized to appear, individual or entity designated by CIGIE or otherwise empowered to resolve disputes, counsel or other representative, party, or potential witness is relevant and necessary to litigation, CIGIE may disclose those records to the court, adjudicative body, individual or entity, counsel or other representative, party, or potential witness. CIGIE may make such a disclosure if one of the following parties is involved in the litigation or has an interest in the litigation:

1. CIGIE or any component thereof; or

2. Any employee or former employee of CIGIE in his or her official capacity; or

3. Any employee or former employee of CIGIE in his or her individual capacity when the DOJ has agreed to represent the employee; or

4. The United States, if CIGIE determines that litigation is likely to affect CIGIE or any of its components.

D. To the appropriate Federal, state, local, tribal, or foreign agency responsible for investigating, prosecuting, enforcing, or implementing a statute, rule, regulation, or order, if the information is relevant to a violation or potential violation of civil or criminal law or regulation within the jurisdiction of the receiving entity.

E. To officials and employees of any Federal agency to the extent the record contains information that is relevant to that agency's decision concerning the hiring, appointment, or retention of an employee; issuance of a security clearance; execution of a security or suitability investigation; or classification of a job.

F. To the National Archives and Records Administration (NARA) pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906.

G. To contractors, grantees, consultants, volunteers, or other individuals performing or working on a contract, interagency agreement, service, grant, cooperative agreement, job, or other activity for CIGIE and who have a need to access the information in the performance of their duties or activities for CIGIE.

H. To appropriate agencies, entities, and persons when: CIGIE suspects or has confirmed that there has been a breach of the system of records; CIGIE has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, CIGIE (including its information systems, programs, and operations), the Federal Government, or national security; and the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with CIGIE's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

I. To another Federal agency or Federal entity, when: CIGIE determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in responding to a suspected or confirmed breach; or preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

J. To Federal agencies and independent certified public accounting firms that have a need for the information in order to audit the financial statements of CIGIE.

K. To an organization or an individual in the public or private sector if there is reason to believe the recipient is or could become the target of a particular criminal activity or conspiracy, or to the extent the information is relevant to the protection or life or property.

L. To CIGIE members and their employees who have need of the information in the performance of their duties.

M. To the Office of Personnel Management (OPM) in accordance with OPM's responsibility for evaluation and oversight of Federal personnel management.

N. To appropriate agencies, entities, and persons, to the extent necessary to respond to or refer correspondence.

O. To the news media and the public, unless it is determined that release of the specific information would constitute an unwarranted invasion of personal privacy.

P. To populate public-facing government websites to promote transparency of covered funds and the Coronavirus Response, unless it is determined that release of the specific information would constitute an unwarranted invasion of personal privacy.

Q. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

HISTORY:

CIGIE is modifying two SORNS, the PRAC Data Warehouse System (PDWS), CIGIE-5, 86 FR 7280 (Jan. 27, 2021), and the PRAC Accountability Data System (PADS), CIGIE-6, 86 FR 26704 (May 17, 2021).

[FR Doc. 2026-01843 Filed 1-29-26; 8:45 am]

BILLING CODE P