Privacy Act System Notice 09-20-0162
This page contains several links to PDF files which may require a browser plug-in to view correctly. If you do not have the most recent version of Adobe Acrobat Reader, or are having difficulty viewing the PDF, download the plug-in here.
System name: Records of Subjects in Agent Orange, Vietnam Experience, and Selected Cancers Studies. HHS/CDC/NCEH.
National Center for Environmental Health, Coordinating Center for Environmental Health and Injury Prevention, Century Center, Bldg. 1825, Rm. 4063, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333 .
Federal Records Center, 4712 Southpark Blvd., Ellenwood, GA 30294.
Categories of individuals covered by the system: Selected male U.S. Army veterans at grade E-5 or below who enlisted or were drafted for one tour of duty in Vietnam or other countries during 1966-1972; males with birthdates 1929-1953 who have cases of selected cancers (specifically, lymphomas, soft tissue sarcomas, nasal and nasopharyngeal, and primary liver) diagnosed between December 1, 1984 to November 30, 1988; also included are control group participants. Included are individuals who participated in the studies from the time data collection began in 1985 until the final report was published in September 1990.
Categories of records in the system: Information identifying the participants (such as name, address, Social Security number, military service number, telephone number, date of birth), interview questionnaire responses, medical, laboratory, and psychological test result data, and records on biological specimens (e.g. blood, tumor, urine, etc.).
Authority for maintenance of the system: Public Law 97-72, "Veterans' Health Care, Training, and Small Business Loan Act of 1981" (38 U.S.C. 219 note); and the Public Health Service Act, Sections 304, 306, and 308(d), which discuss authority to maintain data and to provide assurances of confidentiality for health research and related activities (42 U.S.C. 242 b, k, and m(d)).
Purpose(s): Records in this system are used to support studies to assess the health of Vietnam veterans relative to the health of other men of similar age. Specifically this information should enable the Centers for Disease Control and Prevention (CDC) to:
- Evaluate the relationship of documented exposure to herbicides used in Vietnam (primarily Agent Orange) to possible adverse health consequences. Such possible effects to be evaluated include dermatologic, neurological, psychological, immunological, carcinogenic, reproductive, gastrointestinal, and others.
- Assess the health effects of service in Vietnam (including factors other than herbicide exposure) as opposed to the experiences of veterans who served in other countries.
- Evaluate the risk of selected cancers among Vietnam veterans in contrast to men of similar age who did not serve in Vietnam.
Portions of records (i.e., name, Social Security number or military service number, date of birth) may be disclosed to the National Center for Health Statistics, CDC for obtaining a determination of vital status. Death certificates stating the cause of death will then be obtained from the appropriate Federal, State, or local agency to enable CDC to evaluate whether excess mortality is occurring among Vietnam veterans.
Routine uses of records maintained in the system, including categories of users and the purposes of such uses: Records have been disclosed to Department of Health and Human Services contractors to locate veterans, cancer cases and controls, conduct interviews, perform medical examinations, analyze pathology specimens, and similar medical services, so that the research purposes for which the records were collected could be accomplished. The contractor was required to comply with the Privacy Act and to follow Section 308(d) of the Public Health Service Act with respect to such records.
Portions of records (i.e., name, Social Security number or military service number) have been disclosed to other Federal agencies such as the Veterans Administration, Internal Revenue Service, and Social Security Administration only to obtain information to aid in locating veterans involved in the study. These disclosures would have been made to update locating information provided by the Army and Joint Services Environmental Support Group.
Safeguards: Records in this system are collected under an assurance of confidentiality authorized by Section 308(d) of the Public Health Service Act. To comply with this assurance, the following special safeguards are necessary:
- Authorized Users: A database security package is implemented on CDC's mainframe computer to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Access is granted to only a limited number of physicians, scientists, statisticians, and designated support staff of the Centers for Disease Control and Prevention (CDC), as authorized by the system manager to accomplish the stated purpose for which the data in this system have been collected.
- Physical Safeguards: Access to the CDC Clifton Road facility where the mainframe computer is located is controlled by a cardkey system. Access to the computer room is controlled by a cardkey and security code (numeric keypad) system. The local fire department is located directly next door to the Clifton Road facility. The computer room is protected by an automatic sprinkler system, numerous automatic sensors (e.g., water, heat, smoke, etc.) are installed, and a proper mix of portable fire extinguishers is located throughout the computer room. Hard copy records are kept in locked cabinets in locked rooms. Security guard service in buildings provides personnel screening of visitors.
- Procedural Safeguards: Protection for computerized records on the mainframe includes programmed verification of valid user identification code and password prior to logging on to the system, mandatory password changes, limited log-ins, virus protection, and user rights/file attribute restrictions. Password protection imposes user name and password log-in requirements to prevent unauthorized access. Each user name is assigned limited access rights to files and directories at varying levels to control file sharing. There are routine daily backup procedures and secure off-site storage is available for backup tapes. To avoid inadvertent data disclosure, when erasing computer tapes and/or other magnetic media, an additional procedure is performed to ensure that all Privacy Act data are removed. Additional safeguards may be built into the program by the system analyst as warranted by the sensitivity of the data.
Access to highly sensitive systems is limited to users obtaining prior supervisory approval. Names and other details necessary to identify individuals are not included in data files used for analysis. These files are indexed by code numbers which are linked with complete identifiers only if there is a specific need. Keys which link identification numbers to names are stored separately with access limited to CDC project officers and authorized staff.
CDC employees who process the records are instructed in specific rules of conduct to protect the security and confidentiality of records in accordance with Section 308(d) of the Public Health Service Act.
- Implementation Guidelines: The safeguards outlined above are in accordance with the HHS Information Security Program Policy and FIPS Pub 200, “Minimum Security Requirements for Federal Information and Information Systems.” Data maintained on CDC’s Mainframe are in compliance with OMB Circular A-130, Appendix III. Security is provided for information collection, processing, transmission, storage, and dissemination in general support systems and major applications.
Retention and disposal: Records are retained and disposed of in accordance with the CDC Records Control Schedule, which allows the system manager to maintain the records for 20 years unless needed for future reference. Because five-year mortality updates are planned until the study population expires, and health information from the questionnaire will be correlated with the mortality data, the computerized records to which questionnaire data were converted may be kept as long as research needs dictate. Records have been transferred to the Federal Records Center for storage and will be retained there subject to statutory confidentiality requirements.
System manager(s) and address: Director, National Center for Environmental Health, Coordinating Center for Environmental Health and Injury Prevention, Century Center, Bldg. 1825, Rm. 4063, MS E28, Centers for Disease Control and Prevention, 1600 Clifton Road, NE, Atlanta, GA 30333.
Notification procedure: An individual may learn if a record exists about himself or herself by contacting the system manager at the above address. Persons who knowingly and willfully request or acquire a record pertaining to an individual under false pretenses are subject to a $5,000 fine for this criminal offense. Requesters in person must provide photo identification (such as driver's license) or other positive identification (i.e., place of birth, etc.) that would authenticate the identity of the individual making the request. Individuals who do not appear in person must submit a notarized request to verify their identity. A guardian who requests notification of, or access to, a mentally incompetent or severely physically impaired person's record must provide a birth certificate (or notarized copy), court order, or other appropriate evidence of guardianship. An individual who requests notification of, or access to, a medical record shall at the time the request is made, designate in writing a responsible representative (who may be a physician, other health professional, or other responsible individual) who will be willing to review the record and inform the subject individual of its contents at the representative's discretion.
In addition, the following information must be provided when requesting notification: (1) full name and Social Security or military service number; and; (2) nature of the study in which the requester participated.
Record access procedures: Same as notification procedures. Requesters should also reasonably specify the record contents being sought. An accounting of disclosures that have been made of the record, if any, may be requested.
Contesting record procedures: Contact the official at the address specified under System Manager above, reasonably identify the record and specify the information being contested, the corrective action sought, and the reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.
Record source categories: Subject individuals, Department of Defense (Army and Joint Services Environmental Support Group), Surveillance, Epidemiology, and End Support Group), Surveillance, Epidemiology, and End Results Centers (cancer registries). Records are derived from U.S. Army system of records: A0708.02ADAPC, "Official Military Personnel File."
- Page last updated: April 11, 2012