Billing Code: 4184-79
DEPARTMENT OF HEALTH AND HUMAN SERVICES
Administration for Children and Families
Privacy Act of 1974; System of Records
AGENCY: Administration for Children and Families, Department of Health and Human
Services.
ACTION: Notice of a modified system of records.
SUMMARY: In accordance with the Privacy Act of 1974, the U.S. Department of
Health and Human Services (HHS) is modifying an existing system of records, system
number 09-80-0361, titled “OPRE Research and Evaluation Project Records,” that is
maintained by the Administration for Children and Families (ACF), Office of Planning,
Research & Evaluation (OPRE). The system of records covers any individually
identifiable records about individuals that are retrieved by a personal identifier to conduct
OPRE research, evaluation, and data projects that study how to improve the economic
and social well-being of children and families and/or increase the effectiveness and
efficiency of programs inside and outside ACF working towards that goal. Subject
individuals include individuals considered for inclusion or included in an OPRE Project;
individuals who provide information about those considered or selected for an OPRE
Project; and individuals whose information is in a pre-existing dataset evaluated or
analyzed as part of an OPRE Project.
DATES: The modified system of records is applicable [INSERT DATE 30 DAYS
AFTER PUBLICATION IN THE FEDERAL REGISTER], subject to a 30-day period in
which to comment on the new and revised routine uses. Submit any comments by
[INSERT DATE 30 DAYS FOLLOWING PUBLICATION IN THE FEDERAL
REGISTER].

ADDRESSES: The public should submit written comments by mail or email addressed
to: Anita Alford, Senior Official for Privacy, Administration for Children and Families,
330 C St. SW, Washington, DC 20201, or anita.alford@acf.hhs.gov.
FOR FURTHER INFORMATION, CONTACT: General questions about the modified
system of records may be submitted by email or telephone to Emily Schmitt at
Emily.Schmitt@acf.hhs.gov or (202) 401-5786.
SUPPLEMENTARY INFORMATION
I. Background on System of Records 09-80-0361, OPRE Research and Evaluation
Project Records
The system of records covers individually identifiable records about individuals that are
retrieved by a personal identifier to conduct OPRE research, evaluation, and data projects
that study how to improve the economic and social well-being of children and families
and/or increase the effectiveness and efficiency of programs inside and outside ACF
working towards that goal (OPRE Projects). While the results of these studies are
generally deidentified and made publicly available, the process of collecting and
analyzing the information may, in some instances, require retrieving identifiable records
about individuals by personal identifier (for example, to combine or de-duplicate data
about the same individual collected at different times or from different sources). The
majority of OPRE Projects are conducted without directly retrieving records by personal
identifier, so do not involve Privacy Act records.
II. Modifications Made to the System of Records
The updated System of Records Notice (SORN) published in this notice includes the
following modifications:

ï‚·

The SORN has been reformatted to comply with current format requirements in OMB
Circular A-108, issued December 23, 2016. The Circular changed the order and
headings of certain SORN sections and added a “SORN History” section.

ï‚·

The “System Location” and “System Manager(s)” sections have been updated with
current addresses, and the System Manager(s) section now includes an email address.

ï‚·

The “Authorities” section no longer cites 42 U.S.C. 7103 and 42 U.S.C. 9858 et seq.
and the Consolidated Appropriations Act of 2008, and now cites the following in
addition to the other previously cited authorities. Some of the newly cited statutes
specifically identify when ACF should provide a service or evaluate an activity. The
other statutes give ACF the authority to distribute funds; recipients must report
information about the individuals assisted via those funds to ACF, which is then used
in one or more OPRE Projects.
o 22 U.S.C. 7104 and 7105 (authorizes the HHS Secretary to provide grants
to help victims of human trafficking and educate individuals about human
trafficking).
o 34 U.S.C. 11243 (authorizes the HHS Secretary to carry out research,
evaluation, demonstration, and service projects to increase knowledge
concerning, and to improve services for, runaway youth and homeless
youth);
o 42 U.S.C. 5105 (authorizes the HHS Secretary to fund a continuous
program of research on how to better protect children from child abuse or
neglect and improve the well-being of victims of child abuse or neglect);
o 42 U.S.C. 9844 (authorizes the HHS Secretary, directly or through grants
or contracts, to carry out research, demonstrations, and evaluation
activities to improve Head Start programs);

o 42 U.S.C. 10404 (authorizes the HHS Secretary to coordinate
Departmental programs to prevent family violence, domestic violence, or
dating violence);
o 42 U.S.C. 1397 et seq. (discusses the administration of the Block Grants to
States for Social Services and research connected to those grants);
o 42 U.S.C. subchapter II-B (authorized Child Care and Development Block
Grants in fiscal years (FYs) 2015 through 2020 to fund state child care
programs; data funded in prior FYs still exists);
o

42 U.S.C. subchapter V (authorizes the HHS Secretary to support special
projects of regional and national significance and research regarding
maternal and child health); and

o

Executive Order (E.O.) 9397 as amended by E.O. 13478 (addresses use of
personal identifiers).

ï‚·

The “Purpose(s)” section has been revised to add a description of types of OPRE
Projects, which are listed as a. through g., and to omit an unnecessary statement that
the procedures for collecting information about research subjects in OPRE Projects
are reviewed, as appropriate, by Institutional Review Boards and are subject to HHS
regulations on research with human subjects, including requirements for informed
consent.

ï‚·

The “Categories of Individuals” section has been clarified and expanded. Instead of
stating that information is about research “participants” and may include information
about family members of program participants and service recipients, it encompasses
program clients, individuals (such as family members) who provide information
about program clients, and sole practitioners who provide services to program clients;
and it makes clear that information about them may be from a pre-existing dataset

used in an OPRE Project, not necessarily newly collected specifically for the OPRE
Project.
ï‚·

The “Categories of Records” section includes some revised and additional examples
of data elements that may be contained in the records; i.e.:
o

“Email address” has been added to the examples of contact information.

o

In the examples of sociodemographic information, “date of birth” has been
changed to “age”; “citizenship” has been removed; and the following have been
added: tribal affiliation, gender, sexuality, language preferences and
proficiencies, responses to assessments and collections (e.g., surveys and
interviews), photographs, voice and video recordings and transcripts, biospecimens, correspondences, and administrative records.

o

In examples of other information, “income” has been changed to “finances”;
“pre-school Head start participation” has been broadened to “other governmental
services”; and the following have been added: education; living situation, sexual
history, mental and physical health and well-being, criminal activities, risky
behaviors (e.g., illicit drug use), family dynamics (e.g., beliefs), and disabilities.

ï‚·

The “Record Source Categories” section has been reworded but not substantively
changed.

ï‚·

The “Routine Uses” section includes the following updates:
o The introduction omits this statement: “In addition, contractors may be restricted
by contract from making a disclosure allowed as a routine use or by law without
the consent of HHS, of the data subject, or both, unless the disclosure is required
by law.”
o

Three existing routine uses have been revised, as follows:



Routine use 2, which authorizes disclosures incident to requesting
information, has been revised to change “information” to “records” and to
change “research or evaluation” to “OPRE Project.”



Routine use 4, which authorizes disclosures to the Department of Justice or
in proceedings, has been revised to omit a statement about compatibility
with the original collection purpose, which is redundant because it repeats
part of the definition of a routine use.



Routine use 5, which previously authorized disclosures to HHS contractors,
has been revised to include HHS grantees and to add, as a condition of
disclosure, that the contractor or grantee must be required by the terms of the
contract or grant to comply with the Privacy Act.

o One routine use has been deleted (numbered as 6 in the existing SORN); it
authorized disclosures to claims examiners, investigators, arbitrators, etc., at
other agencies (including the Office of Personnel Management, Office of Special
Counsel, Merit System Protection Board, Federal Labor Relations Authority,
Equal Opportunity Commission, and Office of Government Ethics) in
administrative grievance, claim, complaint, and appeal cases filed by employees.
In the unlikely event that an employee’s work, with or responsibility for, records
in this system of records were to become an issue in such a case, it should not be
necessary to use identifiable records from this system of records for
investigation, discovery, evidentiary, settlement, or other purposes in the case.
o

Two new routine uses have been added (numbered as 9 and 10) authorizing
disclosures for research that will not impact the record subject and disclosures so
that an organization that serves an individual under a federal contract may access
information about its services to continue serving the individual.

ï‚·

A section headed “Disclosure to Consumer Reporting Agencies” has been removed as
unnecessary, because the section merely confirmed that such disclosures are not made
from this system of records.

ï‚·

The “Storage” section previously stated that, depending on the project, records “may
be stored on paper or other hard copy, computers, and networks,” and now states that
records “are stored in paper and electronic form.”

ï‚·

The “Retrieval” section has been reworded but not substantively changed.

ï‚·

The “Retention” section no longer states that identifiers are removed once the
analysis is complete. Instead, it now states that a disposition schedule is pending
approval by the National Archives and Records Administration (NARA), which
proposes that the records be cutoff upon completion of final report or termination of
evaluation and be destroyed 5 years after cutoff; and that ACF/OPRE will continue to
retain the records indefinitely until the schedule is approved by NARA.

ï‚·

The “Safeguards” section, which previously stated that contractors and other record
keepers are required to maintain “appropriate” administrative, technical, and physical
safeguards and that records are “secured in compliance with Federal requirements”
now describes particular administrative, technical, or physical safeguards that are
used to protect the records from unauthorized access.

ï‚·

The “Record Access Procedures,” “Contesting Record Procedures,” and “Notification
Procedures” sections have been revised to state that access, amendment, and
notification requests “must” (instead of “should”) be in writing and contain identity
verification information; to no longer require that requests include “Social Security
Number ” (SSN); and to specify how the requester’s identity may be verified (i.e., by
a notarized signature or a statement signed under penalty of perjury) instead of stating
that verification of identity would be “as described in the Department’s Privacy Act
regulations.”

Because some of these changes are significant, HHS provided advance notice of the
modified system of records to the Office of Management and Budget and Congress as
required by 5 U.S.C. 552a(r) and OMB Circular A-108.

Emily P. Dennis,
Acting Deputy Assistant Secretary for Planning,
Research, and Evaluation,
Administration for Children & Families.

SYSTEM NAME AND NUMBER:
OPRE Research and Evaluation Project Records, 09-80-0361.

SECURITY CLASSIFICATION:
Unclassified.

SYSTEM LOCATION:
OPRE, ACF, HHS, 330 C St., SW, Washington, DC 20201. A list of contractor sites
where system records are maintained is available upon request to the System Manager.

SYSTEM MANAGER(S):
Executive Officer, OPRE, ACF, HHS, 330 C St. SW, Washington, DC 20201,
dataq@acf.hhs.gov.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:
22 U.S.C. 7104 and 7105 (authorizes the Secretary to provide grants to help victims of

human trafficking and educate individuals about human trafficking); 34 U.S.C. 11243
(authorizes the HHS Secretary to carry out research, evaluation, demonstration, and
service projects to increase knowledge concerning, and to improve services for, runaway
youth and homeless youth); 42 U.S.C. 613 (authorizes the HHS Secretary to conduct
research on the effects of temporary assistance to needy families programs and related
programs); 42 U.S.C. 628b (authorizes the HHS Secretary to fund a national study about
child abuse and neglect); 42 U.S.C. 1310 (authorizes the HHS Secretary to fund research
and demonstration projects connected to Social Security Act funded programs); 42
U.S.C. 5105 (authorizes the HHS Secretary to fund a continuous program of research on
how to better protect children from child abuse or neglect and improve the well-being of
victims of child abuse or neglect); 42 U.S.C. 9836 (authorizes the HHS Secretary to
convene an expert panel to develop a Designation Renewal System for Head Start
agencies); 42 U.S.C. 9844 (authorizes the HHS Secretary, directly or through grants or
contracts, to carry out research, demonstrations, and evaluation activities to improve
Head Start programs); 42 U.S.C. 10404 (authorizes the HHS Secretary to coordinate
Departmental programs to prevent family violence, domestic violence, or dating
violence); 42 U.S.C. 1397 et seq. (discusses the administration of block grants to states
for social services and research connected to those grants); 42 U.S.C. subchapter II–B
(authorized child care and development block grants in fiscal years (FYs) 2015 through
2020 to fund state child care programs; data funded in prior FYs still exists); 42 U.S.C.
subchapter V (authorizes the HHS Secretary to support special projects of regional and
national significance and research regarding maternal and child health); 42 U.S.C. 1310
(authorizes the HHS Secretary to fund through grants and contracts the conduct of
research and demonstration projects regarding the prevention and reduction of welfare
dependency); and Executive Order 9397, as amended by Executive Order 13478
(addresses use of personal identifiers).

PURPOSE(S) OF THE SYSTEM:
The records in this system of records are used for the purpose of conducting OPRE
research, evaluation, and data projects that study how to improve the economic and social
well-being of children and families and/or increase the effectiveness and efficiency of
programs inside and outside ACF working towards that goal (OPRE Projects). Each
OPRE Project may involve:
(a) the analysis of data from various sources;
(b) the collection of data through surveys, focus groups, interviews, and other
methods;
(c) the provision of technical assistance to organizations;
(d) the evaluation of programs and services;
(e) the provision of services to populations and evaluating their outcomes;
(f) data and capacity building within ACF; and
(g) other research, evaluation, and data related activities.
This work may be supported or accomplished by federal staff or by contractors, vendors,
grantees, and other partners.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:
The system of records contains records about the following categories of individuals:
(a) Individuals who are considered for inclusion or are included in an OPRE Project
(e.g., service recipients, individuals providing services);
(b) Individuals who provide information about those considered or selected for an
OPRE Project (e.g., parents and other relatives, case managers, program
managers, alternate points of contact); and
(c) Individuals whose information is in a pre-existing dataset evaluated or analyzed

as part of an OPRE Project. This includes administrative datasets created while
operating programs such as Temporary Assistance for Needy Families or Head
Start.

CATEGORIES OF RECORDS IN THE SYSTEM:
The records maintained about a specific individual will depend on which OPRE Project
the individual was considered for or included in and the individual’s role in the project.
An OPRE Project may collect the individual’s identifying information and contact
information (name, address(es), telephone number(s), email address(es), SSN);
sociodemographic characteristics (e.g., age, race, ethnicity, tribal affiliation, gender,
sexuality); language preferences and proficiencies; responses to assessments and
collections (e.g., surveys and interviews); photographs; voice and video recordings and
transcripts; bio-specimens; correspondences; identifiers specific to the applicable project
or series of projects in which the individual was involved; and administrative records. It
may also collect records about an individual’s current and prior finances; education;
employment; living situation; sexual history; mental and physical health and well-being;
criminal activities; risky behaviors (e.g., illicit drug use); family dynamics (e.g.,
marriage, relationships, and beliefs); disabilities; service utilization; other characteristics;
experiences with child welfare and other governmental services; and experiences relevant
to ACF’s programs.

RECORD SOURCE CATEGORIES:
The sources of records in the system may include: the record subject; HHS; other
governmental agencies (federal, state, tribal, and local) and their agents; ACF contractors
and grantees; research institutions, foundations, and similar organizations; publicly

available documents; commercial sources; individuals who know the record subject (e.g.,
relatives, case managers, service providers, and neighbors); and other third parties.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING
CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:
These routine uses specify circumstances, in addition to those provided by statute in the
Privacy Act, under which ACF may release information from the system of records
without the record subject’s consent.

Each proposed disclosure under these routine uses will be evaluated to ensure it is legally
permissible and appropriate. If a OPRE Project received a certificate of confidentiality,
these routine uses will not authorize a disclosure barred by the terms of the certificate.

(1) Disclosure for Law Enforcement Purpose
Information may be disclosed to the appropriate federal, state, local, tribal, or foreign
agency responsible for investigating, prosecuting, enforcing, or implementing a statute,
rule, regulation, or order, if the information is relevant to a violation or potential violation
of civil or criminal law or regulation within the jurisdiction of the receiving entity.
However, because this is a research and evaluation system, no information will be
disclosed for use in any investigation, prosecution, or other action targeted against any
individual who is the subject of the record.

(2) Disclosure Incident to Requesting Records
Records may be disclosed (to the extent necessary to identify the individual, inform the
source of the purpose of the request, and identify the type of records requested), to any

source from which additional records are requested when necessary to obtain records
relevant to the OPRE Project being conducted.

(3) Disclosure to Congressional Office
Information may be disclosed to a congressional office from the record of an individual
in response to a written inquiry from the congressional office made at the request of the
individual.

(4) Disclosure to Department of Justice or in Proceedings
Information may be disclosed to the Department of Justice, or in a proceeding before a
court, adjudicative body, or other administrative body before HHS is authorized to
appear, when (a) HHS, or any component thereof; or (b) any employee of HHS in his or
her official capacity; or (c) any employee of HHS in his or her individual capacity where
the Department of Justice or HHS has agreed to represent the employee; or (d)the United
States, if HHS determines that litigation is likely to affect HHS or any of its components;
is a party to litigation or has an interest in such litigation, and the use of such records by
the Department of Justice or HHS is deemed by HHS to be relevant and necessary to the
litigation.

(5) Disclosure to Contractors and Grantees
Records may be disclosed to a contractor or grantee that (a) is performing or working on
a contract or grant for HHS, (b) needs to access the records in the performance of their
duties or activities for HHS, and (c) is required by the terms of the contract or grant to
comply with the Privacy Act.

(6) Disclosure in Connection with Litigation

Information may be disclosed in connection with litigation or settlement discussions
regarding claims by or against HHS, including public filing with a court, to the extent
that disclosure of the information is relevant and necessary to the litigation or discussions
and except where court orders are otherwise required under 5 U.S.C. 552a(b)(11).

(7) Disclosure in the Event of a Security Breach Experienced by HHS
To appropriate agencies, entities, and persons when (1) HHS suspects or has confirmed
that there has been a breach of the system of records; (2) HHS has determined that as a
result of the suspected or confirmed breach there is a risk of harm to individuals, HHS
(including its information systems, programs, and operations), the federal government, or
national security; and (3) the disclosure made to such agencies, entities, and persons is
reasonably necessary to assist in connection with HHS's efforts to respond to the
suspected or confirmed breach or to prevent, minimize, or remedy such harm.

(8) Disclosure in the Event of a Security Breach Experienced by Another Agency or
Entity
To another federal agency or federal entity, when HHS determines that information from
the system of records is reasonably necessary to assist the recipient agency or entity in (1)
responding to a suspected or confirmed breach or (2) preventing, minimizing, or
remedying the risk of harm to individuals, the recipient agency or entity (including its
information systems, programs, and operations), the federal government, or national
security, resulting from a suspected or confirmed breach.

(9) Disclosure for Research Purposes
Records may be disclosed for a research, evaluation, or data purpose if HHS:

(A) Determines that the use and disclosure does not violate the laws or policies under
which the record was collected;
(B) Determines that the purpose cannot be reasonably accomplished unless
individually identifiable information is provided;
(C) Determines that the purpose warrants any privacy risk to the individual caused by
the disclosure;
(D) Determines that the disclosure will not directly affect the rights, privileges, or
benefits of a particular individual.
(E) Requires the recipient to:
1. Establish reasonable administrative, technical, and physical safeguards to
prevent unauthorized use or disclosure of the record;
2. Destroy the individually identifiable information as soon as reasonable for that
project;
3.

Not reuse or redisclose the information except:
(a)

in an emergency circumstances affecting the health or safety of an
individual,

(b)

to another research, evaluation, or data project with written
authorization from HHS,

(c)

for an audit related to the project, if the individually identifiable
information is removed or destroyed at the earliest opportunity
consistent with the purpose of the audit, or

(e)
4.

when required by law; and

Provide HHS a written statement that they understand and will abide by
these requirements.

(10) Disclosure to Continue Services

Records about the services an individual received from a grantee as part of an OPRE
Project may be shared with that grantee, or successor organizations, to continue serving
that individual.

POLICIES AND PRACTICES FOR STORAGE OF RECORDS:
Records are stored in paper and electronic form.

POLICIES AND PRACTICES FOR RETRIEVAL OF RECORDS:
Records are retrieved by the subject individual’s name, SSN, or another personal
identifier contained in the records.

POLICIES AND PROCEDURES FOR RETENTION AND DISPOSAL OF
RECORDS:
A disposition schedule, DAA-0292-2020-0005, is pending approval by NARA, which
proposes at Item 1.3 that the records (background materials for creation of studies and
reports) be cut off at the end of the calendar year in which the report is published and
destroyed 5 years after cut-off. ACF/OPRE will continue to retain the records
indefinitely until the schedule is approved by NARA.

ADMINISTRATIVE, TECHNICAL, AND PHYSICAL SAFEGUARDS:
All record keepers are required to maintain appropriate administrative, technical, and
physical safeguards to protect the records from unauthorized access. Administrative
controls include training individuals who have access to the records how to handle them
appropriately, incident response plans, and limiting access to individuals who need to
know the information. Technical controls include the use of antivirus software,
vulnerability patching, multi-factor authentication when required, and storing electronic

records in encrypted form. Physical controls include storing hard copy records and
computer terminals used to access electronic records in physically locked locations when
not in use.

RECORD ACCESS PROCEDURES:
Individuals seeking access to records about them in this system of records must submit a
written access request to the System Manager identified in the “System Manager(s)”
section of this SORN, in accordance with the Department’s Privacy Act implementation
regulations in 45 CFR. The request must contain the requester’s full name, contact
information (i.e., telephone number and/or email address, and current mailing address),
and sufficient identifying particulars contained in the records to enable the System
Manager to distinguish between records on subject individuals with the same name. In
addition, to verify the requester’s identity, the request must be signed by the requester,
and the signature must be notarized or the request must include the requester’s written
certification that the requester is the person the requester claims to be and that he/she
understands that the knowing and willful request for or acquisition of a record pertaining
to an individual under false pretenses is a criminal offense subject to a fine of up to
$5,000.

CONTESTING RECORD PROCEDURES:
Individuals seeking to amend a record about them in this system of records must submit a
written amendment request to the System Manager identified in the “System Manager(s)”
section of this SORN, in accordance with the Department’s Privacy Act implementation
regulations in 45 CFR. An amendment request must include verification of the
requester’s identity in the same manner required for an access request and must
reasonably identify the record and specify the information being contested, the corrective

action sought, and the reasons for requesting the correction, along with supporting
information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

NOTIFICATION PROCEDURES:
Individuals seeking to determine whether this system of records contains records about
them must submit a written notification request to the System Manager identified in the
“System Manager(s)” section of this SORN, in accordance with the Department’s Privacy
Act implementation regulations in 45 CFR and verify their identity in the same manner
required for an access request.

EXEMPTIONS PROMULGATED FOR THE SYSTEM:
None.

HISTORY:
80 FR 17893 (April 2, 2015), 83 FR 6591 (Feb. 14, 2018).
[FR Doc. 2022-20139 Filed: 9/16/2022 8:45 am; Publication Date: 9/19/2022]