a. System name. Animal and Plant Health Inspection Service eFile (APHIS eFile) (APHIS-APHIS-10).
b. System Purpose/Routine Uses.
Routine uses of records maintained in the system, including categories of users and the purposes of such uses:
In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, records maintained in the system may be disclosed outside USDA as follows:
(1) To the Department of Homeland Security's Customs and Border Protection agency, which inspects shipments that arrive at United States ports for compliance with permit conditions;
(2) To cooperative Federal, State, and local government officials, employees, or contractors, and other parties engaged to assist in administering the program. Such contractors and other parties will be bound by the nondisclosure provisions of the Privacy Act. This routine use assists the agency in carrying out the program, and thus is compatible with the purpose for which the records are created and maintained;
(3) To State government regulatory officials in the State of destination for review and comment;
(4) To the appropriate agency, whether Federal, State, local, or foreign, charged with responsibility of investigating or prosecuting a violation of law or of enforcing, implementing, or complying with a statute, rule, regulation, or order issued pursuant thereto, of any record within this system when information available indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, and either arising by general statute or particular program statute, or by rule, regulation, or court order issued pursuant thereto;
(5) To the Department of Justice when the agency, or any component thereof, or any employee of the agency in his or her official capacity, or any employee of the agency in his or her individual capacity where the Department of Justice has agreed to represent the employee, or the United States, in litigation, where the agency determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in such litigation, and the use of such records by the Department of Justice is deemed by the agency to be relevant and necessary to the litigation; provided, however, that in each case, the agency determines that disclosure of the records to the Department of Justice is a use of the information contained in the records that is compatible with the purpose for which the records were collected;
(6) For use in a proceeding before a court or adjudicative body before which the agency is authorized to appear, when the agency, or any component thereof, or any employee of the agency in his or her official capacity, or any employee of the agency in his or her individual capacity where the agency has agreed to represent the employee, or the United States, where the agency determines that litigation is likely to affect the agency or any of its components, is a party to litigation or has an interest in such litigation, and the agency determines that use of such records is relevant and necessary to the litigation; provided, however, that in each case, the agency determines that disclosure of the records to the court is a use of the information contained in the records that is compatible with the purpose for which the records were collected;
(7) To appropriate agencies, entities, and persons when the agency suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; the agency has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, a risk of identity theft or fraud, or a risk of harm to the security or integrity of this system or other systems or programs (whether maintained by the agency or another agency or entity) that rely upon the compromised information; and the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the agency's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm;
(8) To USDA contractors, partner agency employees or contractors, or private industry employed to identify patterns, trends or anomalies indicative of fraud, waste, or abuse; and
(9) To the National Archives and Records Administration or to the General Services Administration for records management inspections conducted under 44 U.S.C. 2904 and 2906..
c. Authority. The Honeybee Act, 7 U.S.C. 281-286; the Plant Protection Act, 7 U.S.C. 7701-7772 and 7781-7786; and the Animal Health Protection Act, 7 U.S.C. 8301-8321.
d. Effect of system on individual privacy. The system will provide management of the permitting process. Information will be safeguarded according to established privacy rules and regulations.
e. Safeguards against unauthorized access. All users are required to complete USDA's registration process called eAuthentication, a system that enables individuals to obtain user-identification accounts that allow password protected access to certain USDA web-based applications and services through the Internet. The web-based service identifies and validates USDA customers before they can access the system.
Role-based security and access rights are implemented to protect the security of the information. Additionally, the APHIS eFile security plan includes management, operational, and technical controls to prevent misuse of data by system users.