USDA/FNS - 12

SYSTEM NAME:   Food Stamp Program.Electronic Benefit Transfer (EBT) Data
Security classification: None.
  
SYSTEM LOCATION:  The Anti-Fraud Locator using EBT Retatiler Transactions (ALERT) system contains individual EBT transactions. Data provided by State Agency EBT processing contractors.  Retailer data at which the transaction occurs is identified by the Food and Nutrition Service  (FNS) Retailer Authorization Number and the recipient household by the Household  Number (HH#) provided by the State Agency.  In some states, the HH # is based on a recipient’s Social Security Number as part of application process.  The data regarding the retail firm is transmitted over a secured network connection from the Store Tracking and Redemption Subsystem (STARS) database. The ALERT system is housed at FNS headquarters, 3101 Park Center Drive, Alexandria, VA.

CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM:  The system contains the names of owners and officers of stores and other entities currently participating in the Food Stamp Program, as well as those owners and officers who have previously participated in the program copied from the Agency’s Store Tracking and Redemption Subsystem (STARS).  In addition, it contains the State Agency provided HH# and transaction information which includes transaction method, dollar amount and account balance. 

CATEGORIES OF RECORDS IN THE SYSTEM:   The data includes a HH# that is a random number in most states but is based on a recipient SSN in some states.  The transaction data contains no other data that references an individual.  There is the financial information involved with the transactions.   Additionally, there is financial data (i.e., food sales, gross sales, food stamp redemption data) relative to each entity currently authorized or previously authorized is in the STARS database.

AUTHORITY FOR MAINTENANCE OF THE SYSTEM:  Sections 9 and 16 of the Food Stamp Act of 1977, as amended, (7 U.S.C. 2018); section 1735 of the Food, Agriculture, Conservation, and Trade Act of 1990 (Pub. L. 101—624, 104 Stat. 3359); section 205(c) (2) (C) of the Social Security Act (42 U.S.C. 405(c) (2) (C)); and section 6109(f) of the Internal Revenue Code of 1986 (26 U.S.C. 6109(f)).

Purpose(s):  This information will be shared with other Federal and State entities to assist in the administration and enforcement of the Food Stamp Act, as well as other Federal and State laws. The SSNs that are part of a HH # will only be shared with Federal and State Agencies which maintain those numbers in their files. ALERT is used primarily for analyzing retailer and recipient transaction patterns indicative of fraudulent activity.

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES:  Limitations on Disclosure under the Following Routine Uses (1) through (11):  Information obtained from applicants under the authority of 7 U.S.C. 2018(c) may be used or disclosed only as specified in 7 U.S.C. 2018 (c) . With the exception of the SSNs obtained from applicants, 7 U.S.C. 2018(c) gives FNS the authority to disclose the contents of an initial application, or other information submitted by an applicant to other Federal and State law enforcement and investigative agencies for the purposes of administering or enforcing the Food Stamp Act or any other Federal or State law. 7 U.S.C. 2018(c) also limits the use of the information obtained by applicants. That is, the above mentioned entities may only use this information for purposes directly connected with the administration and enforcement of the Food Stamp Act or any other Federal or State law. Some of the information obtained from applicants is ownership information and sales and redemption data.

The use and disclosure of SSNs obtained by applicants is covered in the Social Security Act and the Internal Revenue Code.  In accordance with the Social Security Act and the Internal Revenue Code, applicant social security numbers and employer identification numbers may be disclosed only to other Federal agencies authorized to have access to social security numbers and employer identification numbers and maintain these numbers in their files, and only when the Secretary of Agriculture determines that disclosure would assist in verifying and matching such information against information maintained by such other agency. 42 U.S.C. 405(c) (2) (C) (iii); 26 U.S.C. 6109(f).

	(1) USDA/FNS may disclose information from this system of records to the Department of Justice (DOJ) , a court or other tribunal, or another party before such tribunal, when USDA, any component thereof, or any employee of the USDA in his or her official capacity, any USDA employee in his or her individual capacity where DOJ (or USDA where it is authorized to do so) has agreed to represent the employee, or the United States where USDA determines that the litigation is likely to affect directly the operations of USDA or any of its components, is a party to the litigation or has an interest in such litigation, and USDA determines that the use of such records by DOJ, the court or other tribunal, or the other party before such tribunal is relevant and necessary to the litigation; provided, however, that in each case, USDA determines that such disclosure is compatible with the purpose for which the records were collected.

	(2) In the event that material in this system indicates a violation of the Food Stamp Act or any other Federal or State law whether civil or criminal or regulatory in nature, and whether arising by general statute, or by regulation, rule or order issued pursuant thereto, USDA/FNS may disclose the relevant records to the appropriate agency, whether Federal or State, charged with the responsibility of investigating or prosecuting such violation or charged with enforcing or implementing the statute, or rule, regulation or order issued pursuant thereto.

	(3) USDA/FNS may disclose records from this system of records to a congressional office from the record of an individual provided that individual gave the congressional office permission to inquire on his or her behalf.

	(4) USDA/FNS may disclose information from this system of records
to other Federal and State agencies to respond to specific requests from such Federal and State agencies for the purpose of administering the Food Stamp Act as well as other Federal and State laws.

	(5) USDA/FNS may disclose information from this system of records to other Federal and State agencies to verify information reported by applicants and participating firms, and to assist in the administration and enforcement of the Food Stamp Act as well as other Federal and State laws.

	(6) USDA/FNS may disclose information from this system of records to other Federal and State agencies for the purpose of conducting computer matching programs.

	(7) USDA/FNS may disclose information from this system of records to private entities having contractual agreements with USDA for designing, developing, and operating the system, and for verification and computer matching purposes.

	(8) USDA/FNS will disclose information from this system of records to the Internal Revenue Service, for the purpose of reporting delinquent retailer and wholesaler monetary penalties of $600 or more for violations committed under the Food Stamp Program. USDA/FNS will report each delinquent debt to the Internal Revenue Service on Form 1099—C (Cancellation of Debt). USDA/FNS will report these debts to the Internal Revenue Service under the authority of the Income Tax Regulations (26 CFR parts 1 and 602) under section 6050P of the Internal Revenue Code.

    (9) USDA/FNS may disclose information from this system of records to State agencies that administer the Special Supplemental Nutrition Program for Women, Infants, and Children (WIC) authorized under section 17 of the Child Nutrition Act of 1966 for purposes of administering that Act and the regulations issued under that Act.
  
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM:
  
	Storage:  File folders, magnetic tapes, and computer disks.

	Retrievability:  Data is retrieved primarily through the use of the FNS Authorization Number and secondarily by the recipient welfare case HH#.

	Safeguards:  

	(1) Authorized Users: When designing, developing and/or operating a system of records on individuals, contractors are required to comply with all provisions of the Privacy Act. Contractors are required to maintain and protect the personal data and cannot release or share data without consulting with FNS. Access to records maintained within FNS is limited to those staff officials responsible for the subject system of records. Otherwise, access is limited to persons authorized and needing to use the records, including project directors, contract officers, programmers, analysts, statisticians, statistical clerks and key punch operators on the staff of the contractors or in the FNS.  

	(2) Physical Safeguards: Paper records are stored in locked safes, locked files, and locked offices when not in use. Computer terminals used to process personal identifiable data are located in secured areas and are accessible only to authorized users. Back up records which are stored off—site shall be used and stored under the same secure conditions.  

	(3) Procedural Safeguards: In order to access ALERT, each authorized individual is given a personal access ID and password.  

The individual’s password must be changed at least every 90 days or whenever the individual feels it might have been compromised.


Access to personal information contained in the ALERT database and to the paper record files is restricted to those individuals who have been authorized by FNS and who have a need to know such information in the performance of their official duties in administering the Food Stamp Act and other Federal and State laws.  

FNS personnel, project officers, and contract officers oversee compliance with these requirements. When appropriate, FNS personnel will review the site facilities to ensure that records have been maintained in accordance with the terms of this notice.

RETENTION AND DISPOSAL:  ALERT is an investigative system and raw data is archived on compact disks and permanently stored in locked areas with limited access.

SYSTEMS MANAGER(S) AND ADDRESS:  Director, Benefit Redemption Division, Food and Nutrition Service, United States Department of Agriculture, Room 404, 3101 Park Center Drive, Alexandria, Virginia 22302. 

NOTIFICATION PROCEDURE:  Any individual may request information regarding this system of records from the System Manager. The request must be in writing.
  
RECORD ACCESS PROCEDURES:  An individual who wishes to request access to records in the system which pertains to him or her may submit a written request to the System Manager. The envelope and the letter should be marked, “Privacy Act Request.” An individual may be required to reference the record by furnishing name, address, Social Security Number, and/ or other identifiers needed by FNS.

CONTESTING RECORD PROCEDURES:  Individuals desiring to contest or amend information maintained in the system should direct their request to the System Manager. The request should include, as appropriate, the reasons for contesting it, and the proposed amendment to the information with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.
  
RECORD SOURCE CATEGORIES:  Information in this system comes from the authorization and reauthorization applications of stores and other entities which are currently participating in the Food Stamp Program, as well as information on file for those entities which have previously participated in the program. Personal information in this system of records is also obtained from the owners and officers of such entities as reported on the authorization and reauthorization applications.
    
The STARS database also keeps a food stamp redemption history on such entities. The database maintains the dollar amount of food stamp benefits accepted by each entity currently authorized or previously authorized.

DISCLOSURE OF INFORMATION. Often, the information to be disclosed to such persons and 
entities is maintained by federal agencies and is subject to the Privacy Act (5 U.S.C. § 552a). 
The Privacy Act prohibits the disclosure of any record in a system of records by any means of 
communication to any person or agency absent the written consent of the subject individual, 
unless the disclosure falls within one of twelve statutory exceptions.31 In order to ensure an 
agency is in the best position to respond in a timely and effective manner, in accordance with 5 
U.S.C. § 552a(b)(3) of the Privacy Act, agencies should publish a routine use for appropriate 
systems specifically applying to the disclosure of information in connection with response and 
remedial efforts in the event of a data breach as follows: 

To appropriate agencies, entities, and persons when (1) [the agency] suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department’s efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS