DOL Modifies Eight Privacy Act Systems With Treasury Disclosure and Breach Routine Uses

Notice

Privacy Act of 1974; System of Records

A Notice by the Labor Department on 04/21/2026

• This document has a comment period that ends in 30 days.
  (05/21/2026) View Comment Instructions

• PDF

• Document Details

• Document Dates

- Table of Contents

• Public Comments
• Regulations.gov Data

- Sharing

• Print
• Other Formats
• Public Inspection Published Document: 2026-07740 (91 FR 21315) Document Headings ###### Department of Labor

( printed page 21315)

AGENCY:

Department of Labor.

ACTION:

Notice of modified systems of records.

SUMMARY:

The Privacy Act of 1974 and Office of Management and Budget (OMB) Circular No. A-108 require that each agency publish notice of a new or modified system of records that it maintains. In compliance with Executive Order 14249, Protecting America's Bank Account Against Fraud, Waste, and Abuse, and Office of Management and Budget Memorandum M-25-32, Preventing Improper Payments and Protecting Privacy Through Do Not Pay, the Department of Labor (DOL) is modifying eight Privacy Act systems of records by adding a new routine use to permit the disclosure of records to the Department of the Treasury. Additionally, in accordance with Office of Management and Budget Memorandum M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, DOL is adding two model routine uses to the eight systems of records to permit the disclosure of records in response to a breach.

DATES:

Comments must be received no later than May 21, 2026. This modified SORN is effective upon publication of this Notice. If no public comments are received, the new routine uses will be effective beginning May 21, 2026. If the DOL receives public comments, the DOL will review the comments to determine whether any changes to the notice are necessary.

ADDRESSES:

We invite you to submit comments on this notice. You may submit comments by the following method:

• Federal e-Rulemaking Portal: https://www.regulations.gov or https://www.federalregister.gov. Follow the instructions for submitting comments. All comments will be made public and will be posted without change to https://www.regulations.gov, including any personal information provided.

FOR FURTHER INFORMATION CONTACT:

To submit general questions about the system, contact Mara S. Blumenthal, DOL Privacy Program, by telephone at 202-693-3181, or by email at privacy@dol.gov.

SUPPLEMENTARY INFORMATION:

In accordance with the Privacy Act of 1974 and in compliance with Executive Order 14249, Protecting America's Bank Account Against Fraud, Waste, and Abuse (E.O. 14249), and Office of Management and Budget Memorandum M-25-32, Preventing Improper Payments and Protecting Privacy Through Do Not Pay, DOL is modifying eight Privacy Act systems of records by adding a new routine use to permit the disclosure of records to the U.S. Department of the Treasury to review payments through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping fraud and improper payments, to the extent permissible by law.

The systems of records include:

OCFO-2, New Core Financial Management System (NCFMS): The system uses these records to keep track of all commitments, obligations, and payments to individuals, exclusive of salaries and wages.

OMBUDSMAN-1, Office of the Ombudsman for the Energy Employees Occupational Illness Compensation Program Act (EEOICPA) File: This system fulfills the duties of the Ombudsman under the EEOICPA as specified by Congress. The EEOICPA establishes a program for compensating certain individuals for covered illnesses related to exposure to toxic substances.

OWCP-2, Office of Workers' Compensation, Black Lung Benefits Claim File: This system maintains records that are utilized to manage all aspects of claims for black lung benefits, specifically for pneumoconiosis, in accordance with the Black Lung Benefits Act and its amendments.

OWCP-3, Office of Workers' Compensation Programs, Longshore and Harbor Workers' Compensation Act (LHWCA) Case Files; This system maintains records of the actions taken by insurance carriers, employers, and injured workers concerning injuries reported under the LHWCA and related legislation. This is done to ensure that eligible claimants receive the benefits to which they are entitled under the Act.

OWCP-4, Office of Workers' Compensation Programs, Longshore and Harbor Workers' Compensation Act Special Fund System; This system provides a record of payments to claimants, their qualified dependents, or providers of services to claimants from the Special Fund established pursuant to Section 44 of the Act.

OWCP-5, Office of Workers' Compensation Programs, Longshore and Harbor Workers' Compensation Act Investigation (LHWCA) Files; This system maintain records for the purpose of assisting in determinations of possible violations of Federal law, whether civil or criminal, in connection with reported injuries under the LHWCA.

OWCP-9, Office of Workers' Compensation Programs, Black Lung Automated Support Package; This system maintains data on claimants, beneficiaries and their dependents; attorneys representing claimants; medical service providers; coal mine operators and insurance carriers.

OWCP-11—Office of Workers' Compensation Programs, Energy Employees Occupational Illness Compensation Program Act File: The system maintains records on individuals who file claims with the Department under EEOICPA, which establishes a program for compensating certain individuals for covered illnesses related to exposure to beryllium, radiation, silica, and other toxic substances. A “routine use” means, with respect to the disclosure of a Privacy Act record, the use of such record for a purpose which is compatible with the purpose for which it is collected. 5 U.S.C. 552a(a)(7). All agency systems of records must have a system of records notice (SORN) published in the Federal Register and the SORN must describe “each routine use of the records contained in the system, including the categories of users and the purposes of such use.” 5 U.S.C. 552a(e)(4)(D). The new routine use required by E.O. 14249 and OMB Memorandum M-25-32 is the following:

To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payment to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

DOL has reviewed its SORNs and determined, in accordance with the mandate in E.O. 14249 and the guidance in M-25-32, to modify eight of DOL's SORNs to include the required routine use:

DOL is also adding to all eight SORNs two model routine uses in OMB Memorandum M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, for Federal agencies to prepare for and respond to a breach of personally identifiable information (PII). One permits the disclosure of information related to breaches of an agency's own records, and the second permits the disclosure of agency records to assist other agencies in their efforts to respond to a breach. To date, DOL has been adding these routine uses to individual ( printed page 21316) SORNs when they otherwise require modification. The routine uses are:

To appropriate agencies, entities, and persons when (1) the Department suspects or has confirmed that there has been a breach of the system of records, (2) the Department has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, the Department (including its information systems, programs, and operations), the Federal Government, or national security; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

To another Federal agency or Federal entity, when the Department determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (1) responding to a suspected or confirmed breach or (2) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

OCFO-2

SYSTEM NAME AND NUMBER:

New Core Financial Management System (NCFMS), DOL/OCFO-2.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

The information is accessed from the following locations:

a. All Departmental component offices in Washington, DC;

b. All Departmental component offices in the Regions and the Areas.

SYSTEM MANAGER(S):

Associate Deputy CFO of Financial Systems, Office of the Chief Financial Officer, Department of Labor, 200 Constitution Avenue NW, Washington, DC 20210.

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * h. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

i. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

j. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OMBUDSMAN-1

SYSTEM NAME AND NUMBER:

Office of the Ombudsman for the Energy Employees Occupational Illness Compensation Program Act (EEOICPA) File, DOL/OMBUDSMAN-1.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

U.S. Department of Labor, Office of the Ombudsman for the Energy Employees Occupational Illness Compensation Program Act, Frances Perkins Building, 200 Constitution Avenue NW, Washington, DC 20210.

SYSTEM MANAGER(S):

Ombudsman, Energy Employees Occupational Illness Compensation Program Act, 200 Constitution Avenue NW, Suite N-2454, Washington, DC 20210.

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * c. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

d. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

e. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OWCP-2

SYSTEM NAME AND NUMBER:

Office of Workers' Compensation, Black Lung Benefits Claim File, DOL/OWCP-2.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Office of Workers' Compensation Programs, Division of Coal Mine Workers' Compensation, Department of Labor Building, 200 Constitution Avenue NW, Washington, DC 20210, ( printed page 21317) and district offices (see addresses in the Appendix to this document).

SYSTEM MANAGER(S):

Director, Division of Coal Mine Workers' Compensation, Department of Labor Building, Room C-3520, 200 Constitution Avenue NW, Washington, DC 20210, and district office directors.

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * l. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

m. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

n. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OWCP-3

SYSTEM NAME AND NUMBER:

Office of Workers' Compensation Programs, Longshore and Harbor Workers' Compensation Act Case Files, DOL/OWCP-3.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Division of Longshore and Harbor Workers' Compensation, Office of Workers' Compensation Programs, Washington, DC 20210, and district offices of the Office of Workers' Compensation Programs set forth in the Appendix to this document.

SYSTEM MANAGER(S):

Director for Longshore and Harbor Workers' Compensation, U.S. Department of Labor, 200 Constitution Avenue NW, Washington, DC 20210; and District Directors.

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * i. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

j. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

k. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OWCP-4

SYSTEM NAME AND NUMBER:

Office of Workers' Compensation Programs, Longshore and Harbor Workers' Compensation Act Special Fund System, DOL/OWCP-4.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Division of Longshore and Harbor Workers' Compensation, Office of Workers' Compensation Programs, 200 Constitution Avenue NW, Washington, DC 20210.

SYSTEM MANAGER(S):

Director for Longshore and Harbor Workers' Compensation, Office of Workers' Compensation Programs, 200 Constitution Avenue NW, Washington, DC 20210.

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * i. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

j. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm. ( printed page 21318)

k. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OWCP-5

SYSTEM NAME AND NUMBER:

Office of Workers' Compensation Programs, Longshore and Harbor Workers' Compensation Act Investigation Files, DOL/OWCP-5.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Division of Longshore and Harbor Workers' Compensation, Office of Workers' Compensation Programs, Washington, DC 20210, and district offices of the Office of Workers' Compensation Programs set forth in the Appendix to this document.

SYSTEM MANAGER(S):

Director for Longshore and Harbor Workers' Compensation, Office of Workers' Compensation Programs, 200 Constitution Avenue NW, Washington, DC 20210, and District Directors in the district offices of the Office of Workers' Compensation Programs.

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * b. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

c. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

d. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OWCP-9

SYSTEM NAME AND NUMBER:

Office of Workers' Compensation Programs, Black Lung Automated Support Package, DOL/OWCP-9.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

Office of Workers' Compensation Programs, Division of Coal Mine Workers' Compensation, U.S. Department of Labor Building, 200 Constitution Ave. NW, Washington, DC 20210, and district offices (see addresses in the Appendix to this document).

SYSTEM MANAGER(S):

Director, Division of Coal Mine Workers' Compensation, U.S. Department of Labor, Room C-3520, 200 Constitution Ave. NW, Washington, DC 20210, and district office director (see addresses in The Appendix to this document).

---

ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:

• * * * * l. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

m. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

n. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

OWCP-11

SYSTEM NAME AND NUMBER:

Office of Workers' Compensation Programs, Energy Employees Occupational Illness Compensation Program Act File, DOL/OWCP-11.

SECURITY CLASSIFICATION:

Unclassified.

SYSTEM LOCATION:

At component agency national, district, and contractor offices.

SYSTEM MANAGER(S):

Director for Energy Employees Occupational Illness Compensation, Office of Workers' Compensation Programs, 200 Constitution Avenue NW, Washington, DC 20210.

• • * * * ( printed page 21319) ### ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND PURPOSES OF SUCH USES:
• • * * * o. To the U.S. Department of the Treasury when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds disbursed by a state (meaning a state of the United States, the District of Columbia, a territory or possession of the United States, or a federally recognized Indian tribe) in a state-administered, federally funded program.

p. To appropriate agencies, entities, and persons when (a) DOL suspects or has confirmed that there has been a breach of the system of records; (b) DOL has determined that as a result of the suspected or confirmed breach there is a risk of harm to individuals, DOL (including its information systems, programs, and operations), the Federal Government, or national security; and (c) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with DOL's efforts to respond to the suspected or confirmed breach or to prevent, minimize, or remedy such harm.

q. To another Federal agency or Federal entity, when DOL determines that information from this system of records is reasonably necessary to assist the recipient agency or entity in (a) responding to a suspected or confirmed breach or (b) preventing, minimizing, or remedying the risk of harm to individuals, the recipient agency or entity (including its information systems, programs, and operations), the Federal Government, or national security, resulting from a suspected or confirmed breach.

HISTORY:

81 FR 25765 (April 29, 2016).

Braye Cloud,

Deputy Assistant Secretary for Operations, Department of Labor.

[FR Doc. 2026-07740 Filed 4-20-26; 8:45 am]

BILLING CODE 4510-04-P

Published Document: 2026-07740 (91 FR 21315)