In January 2013, the President signed the Improper Payments Elimination and Recovery Improvement Act of 2012 (IPERIA) into law, codifying ongoing efforts to develop and enhance steps taken by the Federal Government to prevent, waste, fraud, and abuse in Federal spending.
In August 2013, the Office of Management and Budget (OMB) released Memorandum M-13-20 to ensure that individual privacy is fully protected while reducing improper payments with the Do Not Pay (DNP) Initiative.
Additionally, DNP complies with the Privacy Act of 1974 and other laws pertaining to the use, maintenance, and disclosure of records.
System of Records Notices (SORNs)
A system of records is defined by the Privacy Act of 1974 as “a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual.”
Rules exempting systems of records from certain Privacy Act requirements are in 28 CFR Part 16, Subpart E. Below is a listing of systems of records maintained by DNP and original source agencies that are subject to the Privacy Act of 1974.
- Credit Alert System (CAIVRS)– CAIVRS is comprised of data from the following agencies:
- Department of Education (Education)
- Department of Housing and Urban Development (HUD)
- Department of Justice (DOJ) - Debt Collection Enforcement System, JUSTICE/DOJ-016
- Small Business Administration (SBA) - SBA 21 -- Loan System and SBA 20-Disaster Loan Case File
- U.S. Department of Agriculture (USDA)
- Veterans Affairs (VA) - VA's Privacy Act System of Records, Compensation, Pension, Education, and Rehabilitation Records--VA (58VA21/22/28)
Some agencies are currently in the process of confirming their applicable CAIVRS SORNs and routine uses that allow for disclosures to DNP. Links to those SORNs will be posted as they are identified.
- Treasury Offset Program (TOP) Debt Check of the Department of the Treasury - FMS .014 – Debt Collection Operations System
- SAM Entity Registration and Exclusion Records (referred to in IPERIA as Excluded Party List System) of the General Services Administration (GSA)
- List of Excluded Individuals & Entities of the Office of Inspector General of the Department of Health and Human Services (HHS) – Health Care Program Violations
- Treasury/Bureau of the Fiscal Service .023 – Do Not Pay Payment Verification Records
Variations between data source record retention schedules or other restrictions (e.g. routine uses) and the Treasury/Bureau of the Fiscal Service .023 SORN will be listed below.
On October 7, 2012, the Secretary of the Treasury issued Treasury Order 136–01, establishing within the Department of the Treasury the Bureau of the Fiscal Service (Fiscal Service). The new bureau consolidated the bureaus formerly known as the Financial Management Service (FMS) and the Bureau of the Public Debt (BPD). On October 2, 2013, Fiscal Service published a final rule that changed references in 31 CFR Part 202-391 from “FMS” or “BPD” to "Fiscal Service."
Computer Matching Agreements (CMAs)
A computer matching program is required by the Privacy Act for any computerized comparison of two or more automated systems of records, or a system of records with non-federal records, for the purpose of establishing or verifying eligibility or compliance as it relates to cash or in-kind assistance or payments under federal benefit programs.
Under to 5 U.S.C. § 552a(o), any record contained in a system of records may only be disclosed to a recipient agency or non-federal agency for use in a computer matching program pursuant to a CMA. DNP computer matching programs published in the Federal Register and other matching documentation are provided below:
- DNP CMA w/ HHS Centers for Medicare & Medicaid Services (CMS).
- DNP CMA w/ HUD
- Memorandum of Agreement for exempt matching within the Department of the Treasury’s Bureau of the Fiscal Service.
Data Correction Process
Improper Payments Elimination and Recovery Improvement Act of 2012 (IPERIA) requires that DNP describe the data correction process on its website.
Whenever an original source agency receives a request for correction of data, it may follow its existing process for handling such requests in accordance with applicable laws, regulations, or policies. The agency will promptly review the request and make a determination. If the agency determines that corrections are needed to data, the data will be corrected at both the original source agency and in the DNP portal to avoid discrepancies between two versions of the same dataset.
Please direct any requests to correct the original source agency's data to the corresponding original source agency. The data sources and corresponding agencies are listed below:
|Data Source||Contact Information for Data Correction Requests||Examples of Data Correction Request Triggers|
|Credit Alert System (CAIVRS) – DOJ||http://www.justice.gov/oip/submit-and-track-request-or-appeal
To submit a Privacy Act request to DOJ's Office of Information Policy (OIP), please submit your request by mail or fax using the information below:
Office of Information Policy
|If an individual is not a delinquent federal borrower.|
|Credit Alert System (CAIVRS) – HUD||If you are making a written request for data correction, letters should be addressed to:
Privacy Act Officer
|If an individual is not a delinquent federal borrower.|
|Credit Alert System (CAIVRS) – SBA||http://www.sba.gov/content/privacy-act-requests||If an individual is not a delinquent federal borrower.|
|Credit Alert System (CAIVRS) – VA||VA Privacy Service, 202-273-5070
|If an individual is not a delinquent federal borrower.|
|GSA’s System for Award Management (SAM) – Entity Registration Records and Exclusion Records||The agency taking the exclusion action and that agency’s designated Exclusions Point of Contact. SAM Customer Service: Federal Service Desk, 866-606-8220, www.fsd.gov||If an individual is listed as debarred and that is not the case.|
|HHS OIG List of Excluded Individuals & Entities (LEIE)||HHS OIG External Affairs Office, 202-691-2311 or firstname.lastname@example.org||If an entity should not be excluded from participating in federal health care programs.|
|SSA’s Death Master File (DMF)||The individual’s local social security office, which can be found at: https://secure.ssa.gov/ICON/main.jsp||If a payee is listed as deceased and that is not the case.|
|Treasury Offset Program (TOP) Debt Check||Creditor agencies or Treasury Offset Division (TOD) resulting from direct debtor communication.
TOP help desk: (800) 304-3107
|If an individual does not owe delinquent non-tax debts to the federal government (and participating States).|
Privacy Impact Assessments (PIAs)
Section 208 of the E-Government Act of 2002 requires agencies to conduct Privacy Impact Assessments (PIA) for information technology (IT) systems or projects that collect, maintain or disseminate personally identifiable information (PII) from or about members of the public. A PIA is required for new systems or projects, those systems undergoing modification or enhancement, and Paperwork Reduction Act electronic collections of information. OMB Memorandum M-03-22, (9/26/2003), contains guidance for conducting PIAs as well as procedures for processing and posting completed assessments. Below are links to individual PIAs relevant to DNP:
Designation Requests for New Data Sources
For OMB to consider adding a new government or commercial data source, Do Not Pay must submit to OMB a written assessment to document the suitability of the new data source. When considering additional data sources for designation, OMB will consider at a minimum:
- Statutory or other limitations on the use and sharing of specific data;
- Privacy restrictions and risks associated with specific data;
- Likelihood that the data will strengthen program integrity across programs and agencies;
- Benefits of streamlining access to the data through the central DNP Initiative;
- Costs associated with expanding or centralizing access, including modifications needed to system interfaces or other capabilities in order to make data accessible; and
- Other policy and stakeholder considerations, as appropriate.
Before designating additional data sources, OMB will publish a 30-day notice of the designation proposal in the Federal Register asking for public comment. At the conclusion of the 30-day comment period, if OMB decides to finalize the designation, OMB will publish a notice in the Federal Register to officially designate the data source for inclusion in the DNP Initiative. Those notices will be listed below.
Privacy and Security Introduction
The privacy and security of DNP portal customers are of utmost importance. You must be enrolled to use the DNP portal. Any personal information you may provide, as part of the DNP enrollment process, will be used only for authorized purposes. We will not collect personal information about you just because you visit this site.
Internet Security Policy
For site security purposes and to ensure that this service remains available to all users, this government computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable by law.
Information Collected and Stored Automatically
In order to improve the usefulness of this website, we automatically collect and maintain statistical information from our site's data logs that concern network traffic flow and volume. If you visit DNP, browse through the website or read pages, we will gather and store certain information about your visit automatically.
We use this information to help us make our site more useful -- to learn about the number of visitors to our site and how the DNP portal is used. In addition, we track this information for audit purposes and to ensure the privacy of the data is being maintained.
Privacy and Correspondence via E-mail
Individual users are discouraged from sending personal information (such as a Social Security Number) when sending us an email question or comment. We may use the information contained in the email to respond to your requests. We may forward your e-mail to others who are better able to answer your questions. The information you provide is not given to any private organizations or private persons. We do not collect or use information for commercial marketing.
Links to Other Sites
This website contains information that has been collected from various federal agencies pursuant to OMB, M-11-16 revising App. C of Circular A-123 (4/14/2011), (recommending that Federal agencies evaluate Federal databases to assess whether information exchange can help strengthen pre-and post-payment reviews), Presidential Memorandum, Enhancing Payment Accuracy Through a "Do Not Pay List" (6/18/2010), (requiring Federal agencies to review pre-payment and pre-award procedures and to review available databases to prevent improper payments, and E. O. 13520, Reducing Improper Payments and Eliminating Waste in Federal Programs (11/20/2009).
The Information Quality Act, 44 U.S.C. 3516 (note), also referred to as the Data Quality Act, ensures the quality, objectivity, utility, and integrity of information disseminated by federal agencies. As required by the Information Quality Act, OMB issued government-wide guidelines, (2/22/2002), to provide policy and procedural guidance to federal agencies. Federal agencies have issued their own implementing guidelines to ensure that disseminated information meets information quality standards. Agencies have worked to ensure that the information presented through the DNP portal meets the agency information quality standards. If you have concerns regarding the information presented on this website, please call 1-855-837-4391.