Notices. Notice of a new system of records (SOR)

19,462 words·~88 min read·/register/2006/11/02/06-9026

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

BILLING CODE 4160-90-M DEPARTMENT OF HEALTH AND HUMAN SERVICES Centers for Medicare & Medicaid Services Privacy Act of 1974; Report of a New System of Records AGENCY: Department of Health and Human Services (HHS), Center for Medicare & Medicaid Services (CMS). ACTION: Notice of a new system of records (SOR). SUMMARY: In accordance with the requirements of the Privacy Act of 1974, we are proposing to establish a new system titled, “Evaluation of Drug Usage Under the Staff Time and Resource Intensity Verification Study (STRIVE), System No. 09-70-0595.

” Section 1888(e)(G) of the Social Security Act (the Act) authorizes the Secretary of HHS to provide for payment adjustments to the skilled nursing facility

(SNF)prospective payment system

(PPS)through a resident classification system established by the Secretary that accounts for the relative resource utilization of different patient types. The case mix adjustment shall be based on resident assessment data and other data the Secretary considers appropriate. To accomplish this task, CMS is currently undertaking a national nursing home time study known as STRIVE, of which this data will be a part. The purpose of this system is to collect and maintain during the STRIVE time study individually identifiable information on selected beneficiaries' medication utilization while in a nursing home, skilled nursing facility or swing bed hospital. Information retrieved from this system may be disclosed to:

(1)Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, grantee, or consultant. We have provided background information about the new system in the SUPPLEMENTARY INFORMATION section below. Although the Privacy Act requires only that CMS provide an opportunity for interested persons to comment on the proposed routine uses, CMS invites comments on all portions of this notice. See *Effective Date* section for comment period. DATES: *Effective Date:* CMS filed a new SOR report with the Chair of the House Committee on Government Reform and Oversight, the Chair of the Senate Committee on Homeland Security & Governmental Affairs, and the Administrator, Office of Information and Regulatory Affairs, Office of Management and Budget

(OMB)on October 27, 2006. To ensure that all parties have adequate time in which to comment, the new system will become effective 30 days from the publication of the notice, or 40 days from the date it was submitted to OMB and the Congress, whichever is later. We may defer implementation of this system or one or more of the routine use statements listed below if we receive comments that persuade us to defer implementation. ADDRESSES: The public should address comment to the CMS Privacy Officer, Division of Privacy Compliance, Enterprise Architecture and Strategy Group, Office of Information Services, Mail-stop N2-04-27, 7500 Security Boulevard, Baltimore, Maryland 21244-1850. Comments received will be available for review at this location by appointment during regular business hours, Monday through Friday from 9 a.m.-3 p.m., eastern time. FOR FURTHER INFORMATION CONTACT: Julie Stankivic, Division of Institutional Post Acute Care, Chronic Care Policy Group, Center for Medicare Management, Mail Stop C5-06-27, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, MD 21244-1849. She can be reached by telephone at 410-786-5725, or via e-mail at *Julie.Stankivic@cms.hhs.gov.* SUPPLEMENTARY INFORMATION: Section 4008(k) of the Omnibus Reconciliation Act of 1990 (Public Law (Pub. L.) 101-508) required the Secretary to develop a proposal either to modify the then-current system under which SNFs received payment for extended care services under Part A of the Medicare program or to replace such a system with a system under which such payment would be made on the basis of a prospectively determined rate. In developing a proposal for the new system, the Secretary was required to “provide for adjustments to prospectively determined rates to account for changes in a facility's case mix, volume of cases, and the development of new technologies and standards for medical practice.” Section 4432 of the Balanced Budget Act of 1997 (Pub. L. 105-33) mandated a PPS for all SNFs for cost reporting periods beginning on or after July 1, 1998. Resident drug data may enable CMS to recalibrate the weights associated with the provision of non-therapy ancillary services to residents in SNFs and swing bed hospitals subject to the SNF PPS. In order to adjust the rates to account for changes in a facility's case mix, volume of cases and development of new technologies and standards of medical practice, CMS must recalibrate the weights associated with the amount of time that nursing home staff spend caring for residents, as well as other elements of resident care. To do this, CMS has contracted with the Iowa Foundation for Medicare Care to conduct a study of staff time commonly referred to as STRIVE. This is the first national nursing home time study undertaken in the U.S. since 1997. As part of this process, CMS believes that collecting data on medication utilization in nursing homes is critical to analyzing the impact of the provision of non-therapy ancillary services to residents in SNFs and swing bed hospitals subject to the PPS. I. Description of the Proposed System of Records A. Statutory and Regulatory Basis for SOR The statutory authority for this system is given under Section 1888(e)(G) of the Social Security Act. B. Collection and Maintenance of Data in the System This system will collect and maintain individually identifiable and other data collected by CMS and its contractors on Medicare participants and providers of service who are participating in STRIVE, in order to analyze relevant data to create adjustments based upon a resident classification system established by the Secretary that accounts for the relative resource utilization of different patient types. The collected information will include, but is not limited to: Facility name, Federal provider identification number, facility national provider identifier, beneficiary name, social security number, health insurance claim number, gender, date of birth, NDC Code, drug name, drug strength, dosage form (drops (gtts), gram (gm), *etc.* ), quantity dispensed or returned, date drug dispensed or returned, dose and frequency, routine or PRN, compound code, and cost data if available. II. Agency Policies, Procedures, and Restrictions on the Routine Use A. The Privacy Act permits us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such disclosure of data is known as a “routine use.” The Government will only release STRIVE information that can be associated with an individual as provided for under “Section III. Proposed Routine Use Disclosures of Data in the System.” Both identifiable and non-identifiable data may be disclosed under a routine use. We will only collect the minimum personal data necessary to achieve the purpose of STRIVE. CMS has the following policies and procedures concerning disclosures of information that will be maintained in the system. Disclosure of information from the system will be approved only to the extent necessary to accomplish the purpose of the disclosure and only after CMS: 1. Determines that the use or disclosure is consistent with the reason that the data is being collected; *e.g.* , to collect and maintain individually identifiable information on selected beneficiaries' medication utilization while in a nursing home, skilled nursing facility, or swing bed hospital. 2. Determines that: a. The purpose for which the disclosure is to be made can only be accomplished if the record is provided in individually identifiable form; b. The purpose for which the disclosure is to be made is of sufficient importance to warrant the effect and/or risk on the privacy of the individual that additional exposure of the record might bring; and c. There is a strong probability that the proposed use of the data would in fact accomplish the stated purpose(s). 3. Requires the information recipient to: a. Establish administrative, technical, and physical safeguards to prevent unauthorized use of disclosure of the record; b. Remove or destroy, at the earliest time, all patient-identifiable information; and c. Agree to not use or disclose the information for any purpose other than the stated purpose under which the information was disclosed. 4. Determines that the data are valid and reliable. III. Proposed Routine Use Disclosures of Data in the System A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a “routine use.” The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system: 5. To agency contractors, consultants or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity. We contemplate disclosing information under this routine use only in situations in which CMS may enter into a contractual or similar agreement with a third party to assist in accomplishing CMS function relating to purposes for this system. CMS believes that the disclosure of medication utilization data may enable CMS to better account for the relative resource utilization of different patient types for the purpose of updating SNF PPS. CMS occasionally contracts out certain of its functions when doing so would contribute to effective and efficient operations. CMS must be able to give a contractor, consultant or grantee whatever information is necessary for the contractor or consultant to fulfill its duties. In these situations, safeguards are provided in the contract prohibiting the contractor, consultant or grantee from using or disclosing the information for any purpose other than that described in the contract and requires the contractor, consultant or grantee to return or destroy all information at the completion of the contract. B. Additional Provisions Affecting Routine Use Disclosures To the extent this system contains Protected Health Information

(PHI)as defined by HHS regulation “Standards for Privacy of Individually Identifiable Health Information” (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00), disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the “Standards for Privacy of Individually Identifiable Health Information.” ( *See* 45 CFR 164.512(a) (1)). In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that an individual could, because of the small size, use this information to deduce the identity of the beneficiary). IV. Safeguards CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access. This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: the Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook. V. Effects of the Proposed System of Records on Individual Rights CMS proposes to establish this system in accordance with the principles and requirements of the Privacy Act and will collect, use, and disseminate information only as prescribed therein. Data in this system will be subject to the authorized releases in accordance with the routine uses identified in this system of records. CMS will take precautionary measures to minimize the risks of unauthorized access to the records and the potential harm to individual privacy or other personal or property rights of patients whose data are maintained in this system. CMS will collect only that information necessary to perform the system's functions. In addition, CMS will make disclosure from the proposed system only with consent of the subject individual, or his/her legal representative, or in accordance with an applicable exception provision of the Privacy Act. CMS, therefore, does not anticipate an unfavorable effect on individual privacy as a result of information relating to individuals. Dated: October 24, 2006. John R. Dyer, Chief Operating Officer, Centers for Medicare & Medicaid Services. SYSTEM NO. 09-70-0595 SYSTEM NAME: “Evaluation of Drug Usage Under the Staff Time and Resource Intensity Verification Study (STRIVE),” HHS/CMS/CMM. SECURITY CLASSIFICATION: Level Three Privacy Act Sensitive Data. SYSTEM LOCATION: Centers for Medicare & Medicaid Services

(CMS)Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850 and at various co-locations of CMS agents. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: This system will collect and maintain individually identifiable and other data collected by CMS and its contractors on Medicare participants and providers of service who are participating in STRIVE, in order to analyze relevant data to create adjustments based upon a resident classification system established by the Secretary that accounts for the relative resource utilization of different patient types. CATEGORIES OF RECORDS IN THE SYSTEM: The collected information will include, but is not limited to: Facility name, Federal provider identification number, facility national provider identifier, beneficiary name, social security number, health insurance claim number, gender, date of birth, NDC Code, drug name, drug strength, dosage form (drops (gtts), gram (gm), *etc.* ), quantity dispensed or returned, date drug dispensed or returned, dose and frequency, routine or PRN, compound code, and cost data if available. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: The statutory authority for this system is given under Section 1888(e)(G) of the Social Security Act. PURPOSE(S) OF THE SYSTEM: The purpose of this system is to collect and maintain during the STRIVE time study individually identifiable information on selected beneficiaries' medication utilization while in a nursing home, skilled nursing facility or swing bed hospital. Information retrieved from this system may be disclosed to:

(1)support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, grantee, or consultant. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OR USERS AND THE PURPOSES OF SUCH USES: A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a “routine use.” The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system: 1. To agency contractors, consultants or grantees, who have been engaged by the agency to assist in the performance of a service related to this collection and who need to have access to the records in order to perform the activity. B. Additional Provisions Affecting Routine Use Disclosures To the extent this system contains Protected Health Information

(PHI)as defined by HHS regulation “Standards for Privacy of Individually Identifiable Health Information” (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00), disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the “Standards for Privacy of Individually Identifiable Health Information.” ( *See* 45 CFR 164.512(a) (1)). In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that an individual could, because of the small size, use this information to deduce the identity of the beneficiary). POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: All records will be stored electronically and on hard copy. RETRIEVABILITY: The collected data are retrieved by an individual identifier; *e.g.* , beneficiary name or HICN. SAFEGUARDS: CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access. This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook. RETENTION AND DISPOSAL: CMS will retain information for a total period not to exceed 5 years after the final report is released. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ. SYSTEM MANAGER AND ADDRESS: Director Division of Institutional Post Acute Care, Chronic Care Policy Group, Center for Medicare Management, Mail Stop C5-06-27, Centers for Medicare & Medicaid Services, 7500 Security Boulevard, Baltimore, MD 21244-1849. NOTIFICATION PROCEDURE: For purpose of access, the subject individual should write to the system manager who will require the system name, employee identification number, tax identification number, national provider number, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), HICN, and/or SSN (furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay). RECORD ACCESS PROCEDURE: For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also reasonably specify the record contents being sought. (These procedures are in accordance with Department regulation 45 CFR 5b.5

(a)(2)). CONTESTING RECORD PROCEDURES: The subject individual should contact the system manager named above, and reasonably identify the record and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These procedures are in accordance with Department regulation 45 CFR 5b.7). RECORDS SOURCE CATEGORIES: Data will be collected from OmniCare, pharmacies, nursing homes, and Long Term Care Minimum Data Set, System No. 09-70-1517. SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT: None. [FR Doc. E6-18452 Filed 11-1-06; 8:45 am] BILLING CODE 4120-03-P DEPARTMENT OF HEALTH AND HUMAN SERVICES Centers for Medicare & Medicaid Services Privacy Act of 1974; Report of New System of Records AGENCY: Department of Health and Human Services (HHS), Centers for Medicare & Medicaid Services (CMS). ACTION: Notice of a new system of records. SUMMARY: In accordance with the requirements of the Privacy Act of 1974, CMS is proposing to establish a new system of records

(SOR)titled “One Program Integrity Data Repository (ODR),” System No. 09-70-0568. Section 1893 of the Social Security Act (the Act) established the “Medicare Integrity Program” that requires CMS to contract with eligible entities to “review activities of providers of services or other individuals and entities furnishing items and services for which payment may be made under this title” by utilizing equipment and software technologies. Likewise, section 1893 of the Act requires CMS to establish the Medicare Medicaid Data Match Program (Medi-Medi) in which data from both the Medicare and Medicaid programs are analyzed together to better detect fraud, waste, and abuse existent in these programs. In order to comply with these requirements and enhance our ability to detect fraud, waste, and abuse in Medicare and Medicaid, CMS is proposing to construct the ODR. CMS maintains numerous systems housing Medicare beneficiary Parts A, B, C, and D entitlement, enrollment, and utilization information. Additionally, CMS maintains data on physicians, providers, employer plans, Medicaid recipients and Medicare secondary payers. There are a large number of data sources, extraction tools, and access mechanisms. Users of the data often experience inconsistent, untimely, or duplicated information. The ODR will be an enterprise resource that will provide an integrated view of the data to all of CMS and its partners providing a single authoritative source of information and providing quality and timely data. The ODR will provide an organized structure for reaching the data through a consistent application of access policies, processes and procedures, common services, governance, and framework. The ODR will integrate and load data from various CMS systems consisting of Medicare Parts A, B, C, and D, Medicaid and Retiree Drug Subsidy entitlement, enrollment and utilization data. The ODR will also contain demographic information on Medicaid beneficiaries, Medicare providers and physicians, and employer plans that are receiving a subsidy from CMS for providing creditable drug coverage to their retirees. It is through the integration of this Medicare data with other data; *e.g.* , historic data, Part A and Part B data, and Medicaid data sets provided by state agencies that CMS fraud, waste, and abuse, quality improvement, research, and other analytic activities are maximized. The data collected and maintained in this system are retrieved from the following databases: Medicare Drug Data Processing System, System No. 09-70-0553 (70 FR 58436 (October 6, 2005)); Medicare Beneficiary Database, System No. 09-70-0536 (66 FR 63392 (December 6, 2001)); Medicare Advantage Prescription Drug System, System No. 09-70-4001 (70 FR 60530 (October 18, 2005)); Medicaid Statistical Information System, System No. 09-70-6001 (67 FR 48906 (July 26, 2002)); Retiree Drug Subsidy Program, System No. 09-70-0550 (70 FR 41035 (July 15, 2005)); Common Working File, System No. 09-70-0526 (67 FR 3210 (January 23, 2002)); National Claims History, System No. 09-70-0005 (67 FR 57015 (September 6, 2002)); Enrollment Database, System No. 09-70-0502 (67 FR 3203 (January 23, 2002)); Carrier Medicare Claims Record, System No. 09-70-0501 (67 FR 54428 (August 22, 2002)); Intermediary Medicare Claims Record, System No. 09-70-0503 (67 FR 65982 (October 29, 2002)); Unique Physician/Provider Identification Number, System No. 09-70-0525, (69 FR 75316 (December 16, 2004)); Medicare Supplier Identification File, System No. 09-70-0530 (67 FR 48184 (July 23, 2002)); and the Medicaid data sets provided by participating state agencies. The primary purpose of this system is to establish an enterprise resource that will provide a single source of information for all CMS fraud, waste, and abuse activities. Information retrieved from this system of records will also be disclosed to:

(1)Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or grantee;

(2)assist another Federal or State agency, agency of a state government, an agency established by state law, or its fiscal agent;

(3)support Quality Improvement Organizations (QIO);

(4)assist other insurers for processing individual insurance claims;

(5)facilitate research on the quality and effectiveness of care provided, as well as payment related projects;

(6)support litigation involving the agency; and

(7)combat fraud, waste, and abuse in certain health benefits programs. We have provided background information about the new system in the SUPPLEMENTARY INFORMATION section below. Although the Privacy Act requires only that CMS provide an opportunity for interested persons to comment on the routine uses, CMS invites comments on all portions of this notice. *See Effective Date* section for comment period. DATES: *Effective Date:* CMS filed a new SOR report with the Chair of the House Committee on Government Reform and Oversight, the Chair of the Senate Committee on Homeland Security & Governmental Affairs, and the Administrator, Office of Information and Regulatory Affairs, Office of Management and Budget

(PI)Group. While the IDR will initially focus on fee-for-service and some prescription drug data, the ODR will initially focus on supplementary data to support the new Medicare Prescription Drug program along with Medicaid data to support the Medi-Medi contractors. CMS has contracted with Medicare Drug Integrity Contractors (MEDICs). The MEDICs are required to perform a myriad of functions including: fraud, waste, and abuse detection; coordination with law enforcement; data analysis to identify fraud, waste, and abuse; fraud, waste, and abuse audits; other audits as required; anti-fraud Part D education and outreach; and the development of a Part D error rate. Due to the complexity of Part D data, to perform the above-mentioned functions, it is imperative that MEDICs have access to a wide variety of CMS data, including Parts A, B, C, D and Medicaid data. The Office of Financial Management, Program Integrity Group serves as the point of contact for program integrity issues related to Medicare benefits. Major Program Integrity Group program initiatives include the Program Safeguard Contractor Program, Medical Review, Provider and Supplier Enrollment, MMA Integrity, and cross cutting issues between Medicare and Medicaid including the ‘Medi-Medi' program. As part of its program integrity work, the Program Integrity Group works closely with law enforcement ( *e.g.* , Federal Bureau of Investigation, Department of Justice, Office of Inspector General). For example, the Program Integrity Group, and its contractors, refer potential fraud cases and fulfill law enforcement's requests for data. All of these functions can be better served through a comprehensive set of common data structures and modern tools that encourage collaboration and innovation. I. Description of the Proposed System of Records A. Statutory and Regulatory Basis for System Authority for maintenance of this system is given under section 1893 of the Social Security Act. B. Collection and Maintenance of Data in the System This system will maintain information on Medicare beneficiaries Parts A, B, C, and D and physicians, providers, employer plans, Medicaid recipients and Medicare secondary payers. Information maintained in the system include, but are not limited to: standard data for identification such as health insurance claim number, social security number, gender, race/ethnicity, date of birth, geographic location, Medicare enrollment, entitlement, and utilization information, Medicaid enrollment, entitlement, and utilization information, MSP data necessary for appropriate Medicare claim payment, hospice election, MA plan elections and enrollment, End Stage Renal Disease

(ESRD)entitlement, historic and current listing of residences, and Medicare eligibility and Managed Care institutional status. II. Agency Policies, Procedures, and Restrictions on the Routine Use A. The Privacy Act permits us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such disclosure of data is known as a “routine use.” The government will only release ODR information that can be associated with an individual as provided for under “Section III. Proposed Routine Use Disclosures of Data in the System.” Both identifiable and non-identifiable data may be disclosed under a routine use. We will only disclose the minimum personal data necessary to achieve the purpose of ODR. CMS has the following policies and procedures concerning disclosures of information that will be maintained in the system. In general, disclosure of information from the system will be approved only for the minimum information necessary to accomplish the purpose of the disclosure and only after CMS: 1. Determines that the use or disclosure is consistent with the reason that the data is being collected, *e.g.* , to establish an enterprise resource that will provide a single source of information for all CMS fraud, waste, and abuse activities. 2. Determines that: a. The purpose for which the disclosure is to be made can only be accomplished if the record is provided in individually identifiable form; b. The purpose for which the disclosure is to be made is of sufficient importance to warrant the effect and/or risk on the privacy of the individual that additional exposure of the record might bring; and c. There is a strong probability that the proposed use of the data would in fact accomplish the stated purpose(s). 3. Requires the information recipient to: a. Establish administrative, technical, and physical safeguards to prevent unauthorized use of disclosure of the record; b. Remove or destroy at the earliest time all individually-identifiable information; and c. Agree to not use or disclose the information for any purpose other than the stated purpose under which the information was disclosed. 4. Determines that the data are valid and reliable. III. Proposed Routine Use Disclosures of Data in the System A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a “routine use.” The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system: 1. To agency contractors, consultants or grantees who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity. We contemplate disclosing information under this routine use only in situations in which CMS may enter into a contractual or similar agreement with a third party to assist in accomplishing CMS function relating to purposes for this system. CMS occasionally contracts out certain of its functions when doing so would contribute to effective and efficient operations. CMS must be able to give a contractor, consultant or grantee whatever information is necessary for the contractors, consultants or grantees to fulfill its duties. In these situations, safeguards are provided in the contract prohibiting the contractor, consultant or grantee from using or disclosing the information for any purpose other than that described in the contract and requires the contractor, consultant or grantee to return or destroy all information at the completion of the contract. 2. To another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent to: a. Contribute to the accuracy of CMS' proper payment of Medicare and Medicaid benefits, b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or c. Assist Federal/state Medicaid programs within the State. Other Federal or State agencies in their administration of a Federal health program may require ODR information in order to support evaluations and monitoring of Medicare and Medicaid claims information of beneficiaries, including proper reimbursement for services provided. In addition, other state agencies in their administration of a Federal health program may require ODR information for the purpose of determining, evaluating and/or assessing cost effectiveness, and/or the quality of health care services provided in the State. Disclosure under this routine use shall be used by state Medicaid agencies pursuant to agreements with HHS for determining Medicaid and Medicare eligibility, for quality control studies, for determining eligibility of recipients of assistance under Titles IV, XVIII, and XIX of the Act, and for the administration of the Medicaid program. Data will be released to the state only on those individuals who are patients under the services of a Medicaid program within the state who are residents of that State. 3. To Quality Improvement Organizations

(QIO)in connection with review of claims, or in connection with studies or other review activities conducted pursuant to Part B of Title XI of the Act, and in performing affirmative outreach activities to individuals for the purpose of establishing and maintaining their entitlement to Medicare benefits or health insurance plans. As established by the Part D Program, QIOs will conduct reviews of prescription drug events data, or in connection with studies or other review activities conducted pursuant to Part D of Title XVIII of the Act. QIOs will work to implement quality improvement programs, provide consultation to CMS, MA-PD, PDPs, and state agencies, to assist CMS in prescription drug event assessments, and prepare summary information for release to CMS. QIOs will work to implement quality improvement programs, provide consultation to CMS, its contractors, and to State agencies. QIOs will assist State agencies in related monitoring and enforcement efforts, assist CMS and intermediaries in program integrity assessment, and prepare summary information for release to CMS. 4. To insurance companies, underwriters, third party administrators (TPA), employers, self-insurers, group health plans, health maintenance organizations (HMO), health and welfare benefit funds, managed care organizations, other supplemental insurers, non-coordinating insurers, multiple employer trusts, other groups providing protection against medical expenses of their enrollees without the beneficiary's authorization, and any entity having knowledge of the occurrence of any event affecting:

(a)An individual's right to any such benefit or payment, or

(b)the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer

(MSP)provision at 42 U.S.C. 1395y (b). Information to be disclosed shall be limited to Medicare utilization data necessary to perform that specific function. In order to receive the information, they must agree to: a. Certify that the individual about whom the information is being provided is one of its insured or employees, or is insured and/or employed by another entity for whom they serve as a TPA; b. Utilize the information solely for the purpose of processing the individual's insurance claims; and c. Safeguard the confidentiality of the data and prevent unauthorized access. Other insurers, HMO, and Health Care Prepayment Plans may require ODR information in order to support evaluations and monitoring of Medicare claims information of beneficiaries, including proper reimbursement for services provided. CMS, using its coordination of benefits contractor, allows this to happen by having payers that will be secondary to part D submit their enrollment data in exchange for enrollment data. The data shared is mainly enrollment information (date of enrollment). 5. To an individual or organization for a research project or in support of an evaluation project related to the prevention of disease or disability, the restoration or maintenance of health, or payment related projects. The ODR data will provide for research or in support of evaluation projects, a broader, longitudinal, national perspective of the status of Medicare and Medicaid beneficiaries. CMS anticipates that many researchers will have legitimate requests to use this data in projects that could ultimately improve the care provided to Medicare and Medicaid beneficiaries and the policy that governs the care. 6. To the Department of Justice (DOJ), court or adjudicatory body when: a. The agency or any component thereof, or b. any employee of the agency in his or her official capacity, or c. any employee of the agency in his or her individual capacity where the DOJ has agreed to represent the employee, or d. the United States Government is a party to litigation or has an interest in such litigation, and by careful review, CMS determines that the records are both relevant and necessary to the litigation and that the use of such records by the DOJ, court or adjudicatory body is compatible with the purpose for which the agency collected the records. Whenever CMS is involved in litigation, and occasionally when another party is involved in litigation and CMS' policies or operations could be affected by the outcome of the litigation, CMS would be able to disclose information to the DOJ, court or adjudicatory body involved. 7. To a CMS contractor (including, but not necessarily limited to fiscal intermediaries and carriers) that assists in the administration of a CMS-administered health benefits program, or to a grantee of a CMS-administered grant program, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such program. We contemplate disclosing information under this routine use only in situations in which CMS may enter into a contractual relationship or grant with a third party to assist in accomplishing CMS functions relating to the purpose of combating fraud, waste, and abuse. CMS occasionally contracts out certain of its functions and makes grants when doing so would contribute to effective and efficient operations. CMS must be able to give a contractor or grantee whatever information is necessary for the contractor or grantee to fulfill its duties. In these situations, safeguards are provided in the contract prohibiting the contractor or grantee from using or disclosing the information for any purpose other than that described in the contract and requiring the contractor or grantee to return or destroy all information. 8. To another Federal agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States (including any State or local governmental agency), that administers, or that has the authority to investigate potential fraud, waste, or abuse in, a health benefits program funded in whole or in part by Federal funds, when disclosure is deemed reasonably necessary by CMS to prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud, waste, or abuse in such programs. Other agencies may require ODR information for the purpose of combating fraud, waste, and abuse in such Federally-funded programs. B. Additional Provisions Affecting Routine Use Disclosures To the extent this system contains Protected Health Information

(PHI)as defined by HHS regulation “Standards for Privacy of Individually Identifiable Health Information” (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the “Standards for Privacy of Individually Identifiable Health Information.” ( *See* 45 CFR 164-512(a)(1)). In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary). IV. Safeguards CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access. This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook. V. Effects of the System of Records on Individual Rights CMS proposes to establish this system in accordance with the principles and requirements of the Privacy Act and will collect, use, and disseminate information only as prescribed therein. Data in this system will be subject to the authorized releases in accordance with the routine uses identified in this system of records. CMS will take precautionary measures to minimize the risks of unauthorized access to the records and the potential harm to individual privacy or other personal or property rights of patients whose data are maintained in the system. CMS will collect only that information necessary to perform the system's functions. In addition, CMS will make disclosure from the proposed system only with consent of the subject individual, or his/her legal representative, or in accordance with an applicable exception provision of the Privacy Act. CMS, therefore, does not anticipate an unfavorable effect on individual privacy as a result of information relating to individuals. Dated: October 24, 2006. John R. Dyer, Chief Operating Officer, Centers for Medicare & Medicaid Services. System No. 09-70-0568 SYSTEM NAME: “One Program Integrity Data Repository (ODR), HHS/CMS/OFM”. SECURITY CLASSIFICATION: Level Three Privacy Act Sensitive Data. SYSTEM LOCATION: The Centers for Medicare & Medicaid Services

(CMS)Data Center, 7500 Security Boulevard, North Building, First Floor, Baltimore, Maryland 21244-1850. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: This system will maintain information on Medicare beneficiaries Parts A, B, C, and D and physicians, providers, employer plans, Medicaid recipients and Medicare secondary payers. CATEGORIES OF RECORDS IN THE SYSTEM: Information maintained in the system include, but are not limited to: Standard data for identification such as health insurance claim number, social security number, gender, race/ethnicity, date of birth, geographic location, Medicare enrollment, entitlement, and utilization information, Medicaid enrollment, entitlement, and utilization information, MSP data necessary for appropriate Medicare claim payment, hospice election, MA plan elections and enrollment, End Stage Renal Disease

(ESRD)entitlement, historic and current listing of residences, and Medicare eligibility and Managed Care institutional status. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: Authority for maintenance of this system is given under section 1893 of the Social Security Act. PURPOSE(S) OF THE SYSTEM: The primary purpose of this system is to establish an enterprise resource that will provide a single source of information for all CMS fraud and abuse activities. Information retrieved from this system of records will also be disclosed to:

(1)Support regulatory, reimbursement, and policy functions performed within the agency or by a contractor, consultant or grantee;

(2)assist another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent;

(3)support Quality Improvement Organizations (QIO);

(4)assist other insurers for processing individual insurance claims;

(5)facilitate research on the quality and effectiveness of care provided, as well as payment related projects;

(6)support litigation involving the agency; and

(7)combat fraud, waste, and abuse in certain health benefits programs. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OR USERS AND THE PURPOSES OF SUCH USES: A. The Privacy Act allows us to disclose information without an individual's consent if the information is to be used for a purpose that is compatible with the purpose(s) for which the information was collected. Any such compatible use of data is known as a “routine use.” The proposed routine uses in this system meet the compatibility requirement of the Privacy Act. We are proposing to establish the following routine use disclosures of information maintained in the system: 1. To agency contractors, consultants or grantees who have been engaged by the agency to assist in the performance of a service related to this system and who need to have access to the records in order to perform the activity. 2. To another Federal or State agency, agency of a State government, an agency established by State law, or its fiscal agent to: a. Contribute to the accuracy of CMS' proper payment of Medicare and Medicaid benefits, b. Enable such agency to administer a Federal health benefits program, or as necessary to enable such agency to fulfill a requirement of a Federal statute or regulation that implements a health benefits program funded in whole or in part with Federal funds, and/or c. Assist Federal/State Medicaid programs within the State. 3. To Quality Improvement Organizations

(a)An individual's right to any such benefit or payment, or

(b)the initial right to any such benefit or payment, for the purpose of coordination of benefits with the Medicare program and implementation of the Medicare Secondary Payer

(PHI)as defined by HHS regulation “Standards for Privacy of Individually Identifiable Health Information” (45 CFR parts 160 and 164, subparts A and E) 65 FR 82462 (12-28-00). Disclosures of such PHI that are otherwise authorized by these routine uses may only be made if, and as, permitted or required by the “Standards for Privacy of Individually Identifiable Health Information.” ( *See* 45 CFR 164-512(a)(1)). In addition, our policy will be to prohibit release even of data not directly identifiable, except pursuant to one of the routine uses or if required by law, if we determine there is a possibility that an individual can be identified through implicit deduction based on small cell sizes (instances where the patient population is so small that individuals could, because of the small size, use this information to deduce the identity of the beneficiary). POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: All records are stored electronically. RETRIEVABILITY: All records are accessible by HICN, SSN, and unique provider identification number. SAFEGUARDS: CMS has safeguards in place for authorized users and monitors such users to ensure against excessive or unauthorized use. Personnel having access to the system have been trained in the Privacy Act and information security requirements. Employees who maintain records in this system are instructed not to release data until the intended recipient agrees to implement appropriate management, operational and technical safeguards sufficient to protect the confidentiality, integrity and availability of the information and information systems and to prevent unauthorized access. This system will conform to all applicable Federal laws and regulations and Federal, HHS, and CMS policies and standards as they relate to information security and data privacy. These laws and regulations may apply but are not limited to: The Privacy Act of 1974; the Federal Information Security Management Act of 2002; the Computer Fraud and Abuse Act of 1986; the Health Insurance Portability and Accountability Act of 1996; the E-Government Act of 2002, the Clinger-Cohen Act of 1996; the Medicare Modernization Act of 2003, and the corresponding implementing regulations. OMB Circular A-130, Management of Federal Resources, Appendix III, Security of Federal Automated Information Resources also applies. Federal, HHS, and CMS policies and standards include but are not limited to: All pertinent National Institute of Standards and Technology publications; the HHS Information Systems Program Handbook and the CMS Information Security Handbook. RETENTION AND DISPOSAL: Records will be retained until an approved disposition authority is obtained from the National Archives and Records Administration. All claims-related records are encompassed by the document preservation order and will be retained until notification is received from DOJ. SYSTEM MANAGER AND ADDRESS: Director, Division of MMA Integrity, Program Integrity Group, Office of Financial Management, CMS, Mailstop: C3-02-16, 7500 Security Boulevard, Baltimore, Maryland 21244-1850. NOTIFICATION PROCEDURE: For purpose of access, the subject individual should write to the system manager who will require the system name, HICN, address, date of birth, and gender, and for verification purposes, the subject individual's name (woman's maiden name, if applicable), and SSN. Furnishing the SSN is voluntary, but it may make searching for a record easier and prevent delay. RECORD ACCESS PROCEDURE: For purpose of access, use the same procedures outlined in Notification Procedures above. Requestors should also specify the record contents being sought. (These procedures are in accordance with department regulation 45 CFR 5b.5(a)(2)). CONTESTING RECORDS PROCEDURES: The subject individual should contact the system manager named above, and reasonably identify the records and specify the information to be contested. State the corrective action sought and the reasons for the correction with supporting justification. (These Procedures are in accordance with Department regulation 45 CFR 5b.7). RECORDS SOURCE CATEGORIES: The data contained in this system of records are extracted from other CMS systems of records: Medicare Drug Data Processing System; Medicare Beneficiary Database; Medicare Advantage Prescription Drug System; State Medicaid Records; Medicaid Statistical Information System; Retiree Drug Subsidy Program; Common Working File; National Claims History; Enrollment Database; Carrier Medicare Claims Record; Intermediary Medicare Claims Record; Unique Physician/Provider Identification Number; Provider Enrollment Chain & Ownership System (PECOS); and Medicare Supplier Identification File. Information will also be provided from the participating state Medicaid agencies. SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT: None. [FR Doc. E6-18454 Filed 11-1-06; 8:45 am] BILLING CODE 4120-03-P DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration [Docket No. 2006N-0431] Agency Information Collection Activities; Proposed Collection; Comment Request; Substantial Evidence of Effectiveness of New Animal Drugs AGENCY: Food and Drug Administration, HHS. ACTION: Notice. SUMMARY: The Food and Drug Administration

(FDA)is announcing an opportunity for public comment on the proposed collection of certain information by the agency. Under the Paperwork Reduction Act of 1995 (the PRA), Federal agencies are required to publish notice in the **Federal Register** concerning each proposed collection of information, including each proposed extension of an existing collection of information, and to allow 60 days for public comment in response to the notice. This notice solicits comments on an information collection to meet specified requirements for submitting adequate and well-controlled studies to provide substantial evidence of effectiveness for a new animal drug. DATES: Submit written or electronic comments on the collection of information by January 2, 2007. ADDRESSES: Submit electronic comments on the collection of information to: *http://www.fda.gov/dockets/ecomments* . Submit written comments on the collection of information to the Division of Dockets Management (HFA-305), Food and Drug Administration, 5630 Fishers Lane, rm. 1061, Rockville, MD 20852. All comments should be identified with the docket number found in brackets in the heading of this document. FOR FURTHER INFORMATION CONTACT: Denver Presley, Office of the Chief Information Officer (HFA-250), Food and Drug Administration, 5600 Fishers Lane, Rockville, MD 20857, 301-827-1472. SUPPLEMENTARY INFORMATION: Under the PRA (44 U.S.C. 3501-3520), Federal agencies must obtain approval from the Office of Management and Budget

(OMB)for each collection of information they conduct or sponsor. “Collection of information” is defined in 44 U.S.C. 3502(3) and 5 CFR 1320.3(c) and includes agency requests or requirements that members of the public submit reports, keep records, or provide information to a third party. Section 3506(c)(2)(A) of the PRA (44 U.S.C. 3506(c)(2)(A)) requires Federal agencies to provide a 60-day notice in the **Federal Register** concerning each proposed collection of information, including each proposed extension of an existing collection of information, before submitting the collection to OMB for approval. To comply with this requirement, FDA is publishing notice of the proposed collection of information set forth in this document. With respect to the following collection of information, FDA invites comments on these topics:

(1)Whether the proposed collection of information is necessary for the proper performance of FDA's functions, including whether the information will have practical utility;

(2)the accuracy of FDA's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;

(3)ways to enhance the quality, utility, and clarity of the information to be collected; and

(4)ways to minimize the burden of the collection of information on respondents, including through the use of automated collection techniques, when appropriate, and other forms of information technology. Substantial Evidence of Effectiveness of New Animal Drug—21 CFR 514.4(a) (OMB Control Number 0910-0356)—Extension Section 512(d)(1)(E) of the Federal Food Drug and Cosmetic Act (the act) (21 U.S.C. 360b(d)(1)(E)) requires FDA to issue an order refusing to approve a New Animal Drug Application (NADA), if there is a lack of substantial evidence that a new animal drug will have the effect it is purported or represented to have under the conditions of use prescribed in the proposed labeling. Therefore, substantial evidence must be submitted to us as part of the NADA to establish effectiveness of a drug. Section 514.4(a) specifies requirements for submitting adequate and well-controlled studies to provide substantial evidence of effectiveness for a new animal drug. This information collection requirement provides for submissions of substantial evidence of effectiveness information via electronic submissions to the Center for Veterinary Medicine. We are continuously seeking ways through advances in information technology to reduce the burden on the government and sponsors. We are continuing to look at what information can be submitted electronically and will permit electronic submission of data to NADA files as technology and resources permit. FDA estimates the burden of this collection of information as follows: **Table 1.—Estimated Annual Reporting Burden** 1 21 CFR Section No. of Respondents Annual Frequency per Response Total Annual Responses Hours per Respondent Total Hours 514.4(a) 190 4,546 860 632.6 544,036 1 There are no capital costs or operating and maintenance costs associated with this collection of information. The estimate for the annual reporting burden for this collection of information was derived from discussion with industry and agency records. Dated: October 27, 2006. Jeffrey Shuren, Assistant Commissioner for Policy. [FR Doc. E6-18432 Filed 11-1-06; 8:45 am] BILLING CODE 4160-01-S DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration [Docket No. 2006N-0430] Agency Information Collection Activities; Proposed Collection; Comment Request; General Licensing Provisions: Biologics License Application, Changes to an Approved Application, Labeling, Revocation and Suspension, Postmarketing Studies Status Reports, and Forms FDA 356h and 2567 AGENCY: Food and Drug Administration, HHS. ACTION: Notice. SUMMARY: The Food and Drug Administration

(FDA)is announcing an opportunity for public comment on the proposed collection of certain information by the agency. Under the Paperwork Reduction Act of 1995 (the PRA), Federal agencies are required to publish notice in the **Federal Register** concerning each proposed collection of information, including each proposed extension of an existing collection of information, and to allow 60 days for public comment in response to the notice. This notice solicits comments on the information collection related to general licensing provisions for biologics license applications (BLAs), changes to an approved application, labeling, revocation and suspension, postmarketing studies status reports, and Forms FDA 356h and 2567. DATES: Submit written or electronic comments on the collection of information by January 2, 2007. ADDRESSES: Submit electronic comments on the collection of information to: *http://www.fda.gov/dockets/ecomments* . Submit written comments on the collection of information to the Division of Dockets Management (HFA-305), Food and Drug Administration, 5630 Fishers Lane, rm. 1061, Rockville, MD 20852. All comments should be identified with the docket number found in brackets in the heading of this document. FOR FURTHER INFORMATION CONTACT: Jonna Capezzuto, Office of the Chief Information Officer (HFA-250), Food and Drug Administration, 5600 Fishers Lane, Rockville, MD 20857, 301-827-4659. SUPPLEMENTARY INFORMATION: Under the PRA (44 U.S.C. 3501-3520), Federal agencies must obtain approval from the Office of Management and Budget

(1)Whether the proposed collection of information is necessary for the proper performance of FDA's functions, including whether the information will have practical utility;

(2)the accuracy of FDA's estimate of the burden of the proposed collection of information, including the validity of the methodology and assumptions used;

(3)ways to enhance the quality, utility, and clarity of the information to be collected; and

(4)ways to minimize the burden of the collection of information on respondents, including through the use of automated collection techniques, when appropriate, and other forms of information technology. General Licensing Provisions: Biologics License Application, Changes to an Approved Application, Labeling, Revocation and Suspension, Postmarketing Studies Status Reports, and Forms FDA 356h and 2567 (OMB Control Number 0910-0338)—Extension Under section 351 of the Public Health Service Act (the PHS Act) (42 U.S.C. 262), manufacturers of biological products must submit a license application for FDA review and approval before marketing a biological product in interstate commerce. Licenses may be issued only upon showing that the establishment and the products for which a license is desired meets standards prescribed in regulations designed to ensure the continued safety, purity, and potency of such products. All such licenses are issued, suspended, and revoked as prescribed by regulations in part 601 (21 CFR part 601). Section 130(a) of the Food and Drug Administration Modernization Act (Public Law 105-115) amended the Federal Food, Drug, and Cosmetic Act (the act) by adding a new provision (section 506B of the act (21 U.S.C. 356b)) requiring reports of postmarketing studies for approved human drugs and licensed biological products. Section 506B of the act provides FDA with additional authority to monitor the progress of postmarketing studies that applicants have made a commitment to conduct and requires the agency to make publicly available information that pertains to the status of these studies. Under section 506B(a) of the act, applicants that have committed to conducting a postmarketing study for an approved human drug or licensed biological product must submit to FDA a status report of the progress of the study or the reasons for the failure of the applicant to conduct the study. This report must be submitted within 1 year after the U.S. approval of the application and then annually until the study is completed or terminated. Section 601.2(a) requires a manufacturer of a biological product to submit an application with accompanying information, including labeling information, to FDA for approval to market a product in interstate commerce. The container and package labeling requirements are provided under §§ 610.60, 610.61, and 610.62. The estimate for these regulations is included in the estimate under § 601.2(a) in table 1 of this document.Section 601.5(a) requires a licensee to submit to FDA notice of its intention to discontinue manufacture of a product or all products. Section 601.6(a) requires the licensee to notify selling agents and distributors upon suspension of its license, and provide FDA of such notification. Section 601.12(a)(2) requires, generally, that the holder of an approved BLA must assess the effects of a manufacturing change before distributing a biological product made with the change. Section 601.12(a)(4) requires, generally, that the applicant must promptly review all promotional labeling and advertising to make it consistent with any labeling changes implemented. Section 601.12(a)(5) requires the applicant to include a list of all changes contained in the supplement or annual report; for supplements, this list must be provided in the cover letter. The burden estimates for § 601.12(a)(2) are included in the estimates for supplements (§ 601.12(b) and (c)) and annual reports (§ 601.12(d)). The burden estimates for § 601.12(a)(4) are included in the estimates under 601.12(f)(4) (Form FDA 2567) in table 1 of this document or OMB control number 0910-0001 (expires May 31, 2008) since the required information can also be submitted with Form FDA 2253. Section 601.12(b)(1) and (b)(3), (c)(1) and (c)(3), (c)(5), and (d)(1) and (d)(3) require applicants to follow specific procedures to inform FDA of each change, in the product, production process, quality controls, equipment, facilities, responsible personnel or labeling established in an approved license application. The appropriate procedure depends on the potential for the change to have a substantial, moderate, or minimal adverse effect on the identity, strength, quality, purity, or potency of the products as they may relate to the safety or effectiveness of the product. Under § 601.12(b)(4), an applicant may ask FDA to expedite its review of a supplement for public health reasons or if a delay in making the change described in it would impose an extraordinary hardship of the applicant. The burden estimate for § 601.12(b)(4) is minimal and included in the estimate under § 601.12(b)(1) and (b)(3) in table 1 of this document. Section 601.12(e) requires applicants to submit a protocol, or change to a protocol, as a supplement requiring FDA approval before distributing the product. Section 601.12(f)(1), (f)(2), and (f)(3) requires applicants to follow specific procedures to report labeling changes to FDA. Section 601.12(f)(4) requires applicants to report to FDA advertising and promotional labeling and any changes. Under § 601.14, the content of labeling required in § 201.100(d)(3) must be in electronic format and in a form that FDA can process, review, and archive. This requirement is in addition to the provisions of §§ 601.2(a) and 601.12(f). The burden estimate for § 601.14 is minimal and included in the estimate under § 601.2(a)

(BLAs)and 601.12(f)(1), (f)(2), and (f)(3) (supplements and annual reports) in table 1 of this document. Section 601.45 requires applicants of biological products for serious or life-threatening illnesses to submit to the agency for consideration, during the pre-approval review period, copies of all promotional materials, including promotional labeling as well as advertisements. In addition to §§ 601.2 and 601.12, there are other regulations in parts 640, 660, and 680 (21 CFR parts 640, 660, and 680) that relate to information to be submitted in a license application or supplement for certain blood or allergenic products: §§ 640.6, 640.17, 640.21(c), 640.22(c), 640.25(c), 640.56(c), 640.64(c), 640.74(a) and (b)(2), 660.51(a)(4), 680.1(b)(2)(iii), and 680.1(d). In table 1 of this document, the burden associated with the information collection requirements in these regulations is included in the burden estimate for § 601.2 and/or § 601.12. A regulation may be listed under more than one section of § 601.12 due to the type of category under which a change to an approved application may be submitted. There are also additional container and/or package labeling requirements for certain licensed biological products: § 640.70(a) for Source Plasma; § 640.74(b)(3) and (b)(4) for Source Plasma Liquid; § 640.84(a) and

(c)for Albumin; § 640.94(a) for Plasma Protein Fraction; § 660.2(c) for Antibody to Hepatitis B Surface Antigen; § 660.28(a) and

(b)for Blood Grouping Reagent; § 660.35(a), (c through g), and (i through m) for Reagent Red Blood Cells; § 660.45 for Hepatitis B Surface Antigen; and § 660.55(a) and

(b)for Anti-Human Globulin. The burden associated with the additional labeling requirements for submission of a license application for these certain biological products is minimal because the majority of the burden is associated with the requirements under § 610.60 through § 610.62 or § 809.10. Therefore, the burden estimates for these regulations are included in the estimate under § 610.60 through § 610.62 in table 1 of this document. The burden estimates associated with § 809.10 are approved under OMB control number 0910-0485 (expires June 30, 2008). Section 601.25(b) requests interested persons to submit, for review and evaluation by an advisory review panel, published and unpublished data and information pertinent to a designated category of biological products that have been licensed prior to July 1, 1972. Section 601.26(f) requests that licensees submit to FDA a written statement intended to show that studies adequate and appropriate to resolve questions raised about a biological product have been undertaken for a product if designated as requiring further study under the reclassification procedures. Under § 601.25(b)(3), FDA estimates no burden for this regulation since all requested data and information had been submitted by 1974. Under § 601.26(f), FDA estimates no burden for this regulation since there are no products designated to require further study and none are predicted in the future. However, based on the possible reclassification of a product, the labeling for the product may need to be revised, or a manufacturer, on its own initiative, may deem it necessary for further study. As a result, any changes to product labeling would be reported under § 601.12. Section 601.27(a) requires that applications for new biological products contain data that are adequate to assess the safety and effectiveness of the biological product for the claimed indications in pediatric subpopulations, and to support dosing and administration information. Section 601.27(b) provides that an applicant may request a deferred submission of some or all assessments of safety and effectiveness required under § 601.27(a). Section 601.27(c) provides that an applicant may request a full or partial waiver of the requirements under § 601.27(a). The burden estimates for § 601.27(a) are included in the burden estimate under § 601.2(a) in table 1 of this document, since these regulations deal with information to be provided in an application. Section 601.28 requires sponsors of licensed biological products to submit the information in § 601.28(a), (b), and

(c)to the Center for Biologics Evaluation and Research

(CBER)or the Center for Drug Evaluation and Research

(CDER)each year, within 60 days of the anniversary date of approval of the license. Section 601.28(a) requires sponsors to submit to FDA a brief summary stating whether labeling supplements for pediatric use have been submitted and whether new studies in the pediatric population to support appropriate labeling for the pediatric population have been initiated. Section 601.28(b) requires sponsors to submit to FDA an analysis of available safety and efficacy data in the pediatric population and changes proposed in the labeling based on this information. Section 601.28(c) requires sponsors to submit to FDA a statement on the current status of any postmarketing studies in the pediatric population performed by, or on behalf of, the applicant. If the postmarketing studies were required or agreed to, the status of these studies is to be reported under § 601.70, rather then under this section. Sections 601.33 through 601.35 clarify the information to be submitted in an application to FDA to evaluate the safety and effectiveness of in vivo radiopharmaceuticals. The burden estimates for §§ 601.33 through 601.35 are included in the burden estimate under § 601.2(a) in table 1 of this document, since these regulations deal with information to be provided in an application. Section 601.70(b) requires each applicant of a licensed biological product to submit annually a report to FDA on the status of postmarketing studies for each approved product application. Each annual postmarketing status report must be accompanied by a completed transmittal Form FDA 2252 (approved under OMB control number 0910-0001). Under § 601.70(d), two copies of the annual report shall be submitted to FDA. Section 601.91(b)(3) requires applicants to prepare and provide labeling with relevant information to patient or potential patient for biological products approved under the subpart when human efficacy studies are not ethical or feasible (or based on evidence of effectiveness from studies in animals). Section 601.93 provides that biological products approved under this subpart are subject to the postmarketing recordkeeping and safety reporting applicable to all approved biological products. Section 601.94 requires applicants under this subpart to submit to the agency for consideration during preapproval review period copies of all promotional materials including promotional labeling as well as advertisements. Under § 601.93, any potential postmarketing reports and/or recordkeeping burdens would be included under the adverse experience reporting

(AER)requirements under 21 CFR part 600 (OMB control number 0910-0308; expires May 31, 2005). Therefore, any burdens associated with these requirements would be reported under the AER information collection requirements (OMB control number 0910-0308). Section 610.11(g)(2) (21 CFR 610.11(g)(2)) provides that a manufacturer of certain biological products may request an exemption from the general safety test

(GST)requirements contained in this subpart. Under § 610.11(g)(2), FDA requires only those manufacturers of biological products requesting an exemption from the GST to submit additional information as part of a license application or supplement to an approved license application. Therefore, the burden estimate for § 610.11(g)(2) is included in the estimate under §§ 601.2(a) and 601.12(b) in table 1 of this document. Section 610.67 requires certain biological products to comply with the bar code requirements at § 201.25 (21 CFR 201.25). Section 201.25 is approved under OMB control number 0910-0537 (expires February 28, 2007). Section 680.1(c) requires manufacturers to update annually their license file with the list of source materials and the suppliers of the materials. Sections 600.15(b) and 610.53(d) require the submission of a request for an exemption or modification regarding the temperature requirements during shipment and from dating periods, respectively, for certain biological products. Section 606.110(b) requires the submission of a request for approval to perform plasmapheresis of donors who do not meet certain donor requirements for the collection of plasma containing rare antibodies. Under §§ 600.15(b), 610.53(d), and 606.110(b), a request for an exemption or modification to the requirements would be submitted as a supplement. Therefore, the burden hours for any submissions under §§ 600.15(b), 610.53(d), and 606.110(b) are included in the estimates under § 601.12(b) in table 1 of this document. In July 1997, FDA revised Form FDA 356h “Application to Market a New Drug, Biologic, or an Antibiotic Drug for Human Use” to harmonize application procedures between CBER and CDER. The application form serves primarily as a checklist for firms to gather and submit certain information to FDA. The checklist helps to ensure that the application is complete and contains all the necessary information, so that delays due to lack of information may be eliminated. The form provides key information to FDA for efficient handling and distribution to the appropriate staff for review. The estimated burden hours for submissions to CDER using Form FDA 356h are reported under OMB control number 0910-0001. Form FDA 2567 “Transmittal of Labels and Circulars” is used by manufacturers of licensed biological products to submit labeling (e.g., circulars, package labels, container labels, etc.) and labeling changes for FDA review and approval. The labeling information is submitted with the form for license applications, supplements, or as part of an annual report. Form FDA 2567 is also used for the transmission of advertisements and promotional labeling. Form FDA 2567 serves as an easy guide to assure that the manufacturer has provided the information required for expeditious handling of their labeling by CBER. For advertisements and promotional labeling, manufacturers of licensed biological products may submit to CBER either Form FDA 2567 or 2253. Form FDA 2253 was previously used only by drug manufacturers regulated by CDER. In August 1998, FDA revised and harmonized Form FDA 2253 so the form may be used to transmit specimens of promotional labeling and advertisements for biological products as well as for prescription drugs and antibiotics. The revised, harmonized form updates the information about the types of promotional materials and the codes that are used to clarify the type of advertisement or labeling submitted; clarifies the intended audience for the advertisements or promotional labeling (e.g., consumers, professionals, news services); and helps ensure that the submission is complete. Under table 1 of this document, the number of respondents is based on the estimated annual number of manufacturers that submitted the required information to FDA or the number of submissions FDA received. Based on information obtained from FDA's database systems, there are an estimated 306 licensed biologics manufacturers. However, not all manufacturers will have any submissions in a given year and some may have multiple submissions. The total annual responses are based on the estimated number of submissions (i.e., license applications, labeling and other supplements, protocols, advertising and promotional labeling, notifications) for a particular product received annually by FDA. Based on previous estimates, the rate of submissions is not expected to change significantly in the next few years. The hours per response are based on information provided by industry and past FDA experience with the various submissions or notifications. The hours per response include the time estimated to prepare the various submissions or notifications to FDA, and, as applicable, the time required to fill out the appropriate form and collate the documentation. Additional information regarding these estimates is provided below as necessary. Under §§ 601.2 and 601.12, the estimated hours per response are based on the average number of hours to submit the various submissions. The estimated average number of hours is based on the range of hours to complete a very basic application or supplement and a complex application or supplement. Under § 601.6(a), the total annual responses are based on FDA estimates that establishments may notify an average of 20 selling agents and distributors of such suspension, and provide FDA of such notification. The number of respondents is based on the estimated annual number of suspensions of a biologic license. Under §§ 601.12(f)(4) and 601.45, manufacturers of biological products may use either Form FDA 2567 or Form FDA 2253 to submit advertising and promotional labeling. Based on information obtained from FDA's database system, there were an estimated 3,600 submissions of advertising and promotional labeling in fiscal year 2004. FDA estimates that approximately 15 percent of those submissions were received with Form FDA 2567 resulting in an estimated 540 submissions. The burden hours for the remaining submissions received using Form FDA 2253 are reported under OMB control number 0910-0001. Under § 601.70(b), FDA estimates that it takes an applicant approximately 24 hours (8 hours per study x 3) annually to gather, complete, and submit the appropriate information for each postmarketing status report (approximately two to four studies per report) and the accompanied transmittal Form FDA 2252. Included in these 24 hours is the time necessary to prepare and submit two copies of the annual progress report of postmarketing studies to FDA under § 601.70(d). Under §§ 601.91 through 601.94, FDA expects to receive very few applications of this nature; however, for calculation purposes, FDA is estimating the annual submission of one application. Under §§ 601.93(b)(3) and 601.94, FDA estimates 240 hours for a manufacturer of a new biological product to develop patient labeling, and to submit the appropriate information and promotional labeling to FDA. The majority of the burden for developing the patient labeling is included under the reporting requirements for § 601.94, therefore minimal burden is calculated for providing the guide to patients under § 601.91(b)(3). There were also 3,540 amendments to an unapproved application or supplement and 23 resubmissions (total of 3,563 submissions) submitted using Form FDA 356h. FDA estimates the burden of this collection of information as follows: ** Table 1.—Estimated Annual Reporting Burden 1 ** 21 CFR Section Form FDA No. No. of Respondents Annual Frequency per Response Total Annual Responses Hours per Response Total Hours 601.2(a), 2 610.60, 610.61, and 610.62 3 2567/356h 14 2 28 860 24,080 601.5(a) NA 16 3.13 50 .33 17 601.6(a) NA 1 21 21 .33 7 601.12(a)(5) NA 190 15.7 2,983 1 2,983 601.12(b)(1)/(b)(3) 4 356h 2 190 4.75 903 80 72,240 601.12(c)(1)/(c)(3 5 356h 2 98 2.60 255 50 12,750 601.12(c)(5) 356h 2 34 1.38 47 50 2,350 601.12(d)(1)/(d)(3) 356h 2 166 1.37 227 22.5 5,107.5 601.12(e) 356h 2 14 1.43 20 120 2,400 601.12(f)(1) 6 2567 12 1 12 40 480 601.12(f)(2) 6 2567 10 1 10 20 200 601.12(f)(3) 7 2567 70 1.43 100 10 1,000 601.12(f)(4)/601.45 2567 15 36 540 10 5,400 601.25(b)(3) NA 0 0 0 0 0 601.26(f) NA 0 0 0 0 0 601.27(b) NA 3 1 3 24 72 601.27(c) NA 7 1 7 8 56 601.28(a), (b), and

(c)NA 44 3.27 144 33.5 4,824 601.70(b) and

(d)2252 19 1.58 30 24 720 601.91(b)(3), 601.94 NA 1 1 1 240 240 610.67 NA 174 31 5,400 24 129,600 680.1(c) NA 10 1 10 2 20 Amendments/Resubmissions 356h 306 11.6 3,563 20 71,260 Total 335,806.5 1 There are no capital costs or operating and maintenance costs associated with this collection of information. 2 The reporting requirements under §§ 601.14, 601.27(a), 601.33, 601.34, 601.35, 610.11(g)(2), 640.17, 640.25(c), 640.56(c), 640.74(b)(2), 660.51(a)(4), and 680.1(b)(2)(iii) are included in the estimate under § 601.2(a). 3 The reporting requirements under §§ 640.70(a), 640.74(b)(3), and (b)(4), 640.84(a) and (c), 640.94(a), 660.2(c), 660.28(a) and (b), 660.35(a), (c through g), and (i through m), 660.45, and 660.55(a) and

(b)are included under § 610.60 through 610.62. 4 The reporting requirements under §§ 600.15(b), 610.11(g)(2), 610.53(d), 606.110(b), 640.6, 640.17, 640.21(c), 640.22(c), 640.25(c), 640.56(c), 640.64(c), 640.74(a) and (b)(2), and 680.1(d) are included in the estimate under § 601.12(b). 5 The reporting requirements under §§ 640.17, 640.25(c), 640.56(c), and 640.74(b)(2) are included in the estimate under § 601.12(c). 6 The reporting requirement under § 601.14 is included in the estimate under § 601.12(f)(1) and (f)(2). 7 The reporting requirement under § 601.14 is included in the estimate under § 601.12(f)(3). Under table 2, the estimated recordkeeping burden of 1 hour is based on previous estimates for the recordkeeping requirements associated with the AER system. ** Table 2.—Estimated Annual Recordkeeping Burden 1 ** 21 CFR Section No. of Recordkeepers Annual Frequency per Recordkeeping Total Annual Records Hours per Record Total Hours 601.91(b)(2)(iii) 1 1 1 1 1 1 There are no capital costs or operating and maintenance costs associated with this collection of information. Dated: October 25, 2006. Jeffrey Shuren, Assistant Commissioner for Policy. [FR Doc. E6-18445 Filed 11-1-06; 8:45 am] BILLING CODE 4160-01-S DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration Cellular, Tissue and Gene Therapies Advisory Committee; Notice of Meeting AGENCY: Food and Drug Administration, HHS. ACTION: Notice. This notice announces a forthcoming meeting of a public advisory committee of the Food and Drug Administration (FDA). At least one portion of the meeting will be closed to the public. *Name of Committee* : Cellular, Tissue and Gene Therapies Advisory Committee. *General Function of the Committee* : To provide advice and recommendations to the agency on FDA's regulatory issues. *Date and Time* : The meeting will be held by teleconference on November 20, 2006, from 2:15 p.m. to approximately 5 p.m. *Location* : National Institutes of Health (NIH), Bldg. 29, rm. 121, 9000 Rockville Pike, MD. This meeting will be held by teleconference. The public is welcome to attend the meeting at the specified location. A speakerphone will be provided at the specified location for public participation in the meeting. Important information about transportation, directions to the NIH campus, parking, and security procedures is available on the Internet at *http://www.nih.gov/about/visitor/index.htm* . Visitors must show two forms of identification, one of which must be a Government-issued photo identification such as a Federal employee badge, driver's license, passport, green card, etc. If you are planning to drive to and park on the NIH campus, you must enter at the South Dr. entrance of the campus which is located on Wisconsin Ave. (the Medical Center Metro entrance), and allow extra time for vehicle inspection. Detailed information about security procedures is located at *http://www.nih.gov/about/visitorsecurity.htm* . Due to the limited available parking, visitors are encouraged to use public transportation. (FDA has verified the Web site addresses, but FDA is not responsible for any subsequent changes to the Web sites after this document publishes in the **Federal Register** .) *Contact Person* : Gail Dapolito or Rosanna Harvey, Center for Biologics Evaluation and Research, (HFM-71), Food and Drug Administration, 1401 Rockville Pike, Rockville, MD, 20852, 301-827-0314, or FDA Advisory Committee Information Line, 1-800-741-8138 (301-443-0572 in the Washington, DC area), code 3014512389. Please call the Information Line for up-to-date information on this meeting. *Agenda* : On November 20, 2006, the committee will meet in open session to hear updates of research programs in the Laboratory of Immunobiology and the Laboratory of Immunology, Office of Biotechnology Products, Center for Drug Evaluation and Research. *Procedure* : On November 20, 2006, from 2:15 p.m. to approximately 4:30 p.m., the meeting is open to the public. Interested persons may present data, information, or views, orally or in writing, on issues pending before the committee. Written submissions may be made to the contact person on or before November 13, 2006. Oral presentations from the public will be scheduled between approximately 3:30 p.m. and 4:30 p.m. Time allotted for each presentation may be limited. Those desiring to make formal oral presentations should notify the contact person and submit a brief statement of the general nature of the evidence or arguments they wish to present, the names and addresses of proposed participants, and an indication of the approximate time requested to make their presentation on or before November 13, 2006. *Closed Committee Deliberations* : On November 20, 2006, from approximately 4:30 p.m. to 5 p.m., the meeting will be closed to permit discussion where disclosure would constitute a clearly unwarranted invasion of personal privacy (5 U.S.C. 552b(c)(6)). The committee will discuss a report of intramural research programs. Persons attending FDA's advisory committee meetings are advised that the agency is not responsible for providing access to electrical outlets. FDA welcomes the attendance of the public at its advisory committee meetings and will make every effort to accommodate persons with physical disabilities or special needs. If you require special accommodations due to a disability, please contact Gail Dapolito at least 7 days in advance of the meeting. Notice of this meeting is given under the Federal Advisory Committee Act (5 U.S.C. app. 2). Dated: October 27, 2006. Randall W. Lutter, Associate Commissioner for Policy and Planning [FR Doc. E6-18472 Filed 11-1-06; 8:45 am] BILLING CODE 4160-01-S DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration Pediatric Oncology Subcommittee of the Oncologic Drugs Advisory Committee; Notice of Meeting AGENCY: Food and Drug Administration, HHS. ACTION: Notice. This notice announces a forthcoming meeting of a public advisory committee of the Food and Drug Administration (FDA). The meeting will be open to the public. *Name of Committee* : Pediatric Oncology Subcommittee of the Oncologic Drugs Advisory Committee. *General Function of the Committee* : To provide advice and recommendations to the agency on FDA's regulatory issues. *Date and Time* : The meeting will be held on December 6, 2006, from 8:30 a.m. to 5 p.m. *Location* : Food and Drug Administration, Center for Drug Evaluation and Research Advisory Committee Conference Room, rm. 1066, 5630 Fishers Lane, Rockville, MD. *Contact Person* : Johanna M. Clifford, Center for Drug Evaluation and Research (HFD-21), Food and Drug Administration, 5600 Fishers Lane, (for express delivery, 5630 Fishers Lane, rm. 1093) Rockville, MD 20857, 301-827-7001, FAX: 301-827-6776, e-mail: *cliffordj@cder.fda.gov* , or FDA Advisory Committee Information Line, 1-800-741-8138 (301-443-0572 in the Washington, DC area), code 3014512542. Please call the Information Line for up-to-date information on this meeting. *Agenda* : The subcommittee will consider endpoints for trials intended to support the approval of new drugs to treat pediatric brain tumors. The background material will become available no later than the day before the meeting and will be posted on FDA's Website at *http://www.fda.gov/ohrms/dockets/ac/acmenu.htm* . under the heading “Oncologic Drugs Advisory Committee.” (Click on the year 2006 and scroll down to the previously named committee meeting). *Procedure* : Interested persons may present data, information, or views, orally or in writing, on issues pending before the subcommittee. Written submissions may be made to the contact person on or before November 21, 2006. Oral presentations from the public will be scheduled between approximately 11 a.m. to 12 noon. Time allotted for each presentation may be limited. Those desiring to make formal oral presentations should notify the contact person and submit a brief statement of the general nature of the evidence or arguments they wish to present, the names and addresses of proposed participants, and an indication of the approximate time requested to make their presentation on or before November 21, 2006. Persons attending FDA's advisory committee meetings are advised that the agency is not responsible for providing access to electrical outlets. FDA welcomes the attendance of the public at its advisory committee meetings and will make every effort to accommodate persons with physical disabilities or special needs. If you require special accommodations due to a disability, please contact Johanna Clifford at least 7 days in advance of the meeting. Notice of this meeting is given under the Federal Advisory Committee Act (5 U.S.C. app. 2). Dated: October 26, 2006. Randall W. Lutter, Associate Commissioner for Policy and Planning. [FR Doc. E6-18442 Filed 11-1-06; 8:45 am] BILLING CODE 4160-01-S DEPARTMENT OF HEALTH AND HUMAN SERVICES Food and Drug Administration [Docket No. 2005D-0490] Guidance for Industry: Questions and Answers Regarding Food Allergens, Including the Food Allergen Labeling and Consumer Protection Act of 2004 (Edition 4); Availability AGENCY: Food and Drug Administration, HHS. ACTION: Notice of availability of guidance. SUMMARY: The Food and Drug Administration

(FDA)is announcing the availability of a revised guidance document entitled “Guidance for Industry: Questions and Answers Regarding Food Allergens, including the Food Allergen Labeling and Consumer Protection Act of 2004 (Edition 4).” The guidance explains, using a question and answer format, FDA's current thinking on a number of issues related to the regulation of food allergens, including implementation of the Food Allergen Labeling and Consumer Protection Act of 2004 (FALCPA). DATES: Submit written or electronic comments on the agency guidance at any time. ADDRESSES: Submit written comments on the guidance to the Division of Dockets Management (HFA-305), Food and Drug Administration, 5630 Fishers Lane, rm. 1061, Rockville, MD 20852. Submit electronic comments to *http://www.fda.gov/dockets/ecomments* . See the SUPPLEMENTARY INFORMATION section for electronic access to the guidance document. FOR FURTHER INFORMATION CONTACT: Rhonda R. Kane, Center for Food Safety and Applied Nutrition (HFS-820), Food and Drug Administration, 5100 Paint Branch Pkwy., College Park, MD 20740, 301-436-2371, or by e-mail: *rhonda.kane@fda.hhs.gov* . SUPPLEMENTARY INFORMATION: I. Background The FALCPA (Public Law 108-282) amends the Federal Food, Drug, and Cosmetic Act (the act) and requires that the label of a food product that is, or that contains, an ingredient that bears or contains a “major food allergen” declare the presence of the allergen as specified by FALCPA. FALCPA defines a “major food allergen” as one of eight foods or food groups or a food ingredient that contains protein derived from one of those foods or food groups. A food ingredient may be exempt from FALCPA's labeling requirements if it does not cause an allergic response that poses a risk to human health or if it does not contain allergenic protein. FALPCA's labeling requirements apply to products labeled on or after January 1, 2006. II. Discussion FDA has received numerous questions about the application of FALCPA's requirements to food products. To explain FALCPA's requirements as well as FDA's current thinking on several issues relating to the regulation of food allergens, on October 5, 2005, FDA posted on the agency's Web site the first edition of a guidance entitled “Guidance for Industry: Questions and Answers Regarding Food Allergens, including the Food Allergen Labeling and Consumer Protection Act of 2004” ( *http://www.cfsan.fda.gov/~dms/alrguid.html* ). This guidance was subsequently updated in December 2005 (Edition 2) and April 2006 (Edition 3). The guidance that is the subject of this document “Guidance for Industry: Questions and Answers Regarding Food Allergens, including the Food Allergen Labeling and Consumer Protection Act of 2004 (Edition 4),” responds to additional questions about FALCPA and food allergens. The revised guidance is intended to share FDA's current thinking on the additional questions presented in the guidance. Given the nature of the revisions to the guidance, FDA is issuing the guidance as a level 1 guidance. Consistent with FDA's good guidance practices regulation (§ 10.115 (21 CFR 10.115)), the agency will accept comments, but it is implementing the guidance document immediately, in accordance with § 10.115(g)(2), because the agency has determined that prior public participation is not feasible or appropriate. As noted, FALPCA's labeling requirements apply to products labeled on or after January 1, 2006. Clarifying FDA's current thinking on the additional issues presented by FALCPA's implementation will help facilitate the food industry's compliance with FALCPA's requirements. FDA expects to continue to receive questions regarding the implementation of FALCPA and the regulation of food allergens generally. The agency intends to respond to these inquires under § 10.115 as promptly as possible, using a question-and-answer format. The agency believes that, at the present time, it is reasonable to maintain all responses to questions concerning food allergens and FALCPA in a single document that is periodically updated as the agency receives and responds to additional questions. The following four indicators will be employed to help users of the guidance identify revisions:

(1)The guidance will be identified as a revision of a previously issued document,

(2)the revision date of the guidance will appear on its cover,

(3)the edition number of the guidance will be included in its title, and

(4)questions and answers that have been added to the original guidance will be identified as such in the body of the guidance. This guidance represents the agency's current thinking on issues related to FALCPA and food allergens generally that are presented in the guidance. The guidance does not create or confer any rights for or on any person and does not operate to bind FDA or the public. An alternative approach may be used if such approach satisfies the requirements of the applicable statutes and regulations. III. Comments Interested persons may submit to the Division of Dockets Management (see ADDRESSES ) written or electronic comments regarding this guidance at any time. Submit a single copy of electronic comments or two paper copies of any mailed comments, except that individuals may submit one paper copy. Comments are to be identified with the docket number found in brackets in the heading of this document. Received comments and the guidance may be seen in the Division of Dockets Management between 9 a.m. and 4 p.m., Monday through Friday. IV. Electronic Access Persons with access to the Internet may obtain the guidance document at *http://www.cfsan.fda.gov/guidance.html* or *http://www.fda.gov/ohrms/dockets/default.htm* . Dated: October 26, 2006. Jeffrey Shuren, Assistant Commissioner for Policy. [FR Doc. E6-18443 Filed 11-1-06; 8:45 am] BILLING CODE 4160-01-S DEPARTMENT OF HOMELAND SECURITY Office of the Secretary [DHS-2006-0060] Privacy Act of 1974; System of Records AGENCY: Privacy Office, Department of Homeland Security. ACTION: Notice of Privacy Act system of records. SUMMARY: To provide expanded notice and transparency to the public, the Department of Homeland Security, U.S. Customs and Border Protection gives notice regarding the Automated Targeting System, which is the enforcement screening module associated with the Treasury Enforcement Communications System and was previously covered by the Treasury Enforcement Communications System “System of Records Notice.” This system of records is subject to the Privacy Act of 1974, as amended (5 U.S.C. 552a). The Treasury Enforcement Communications System is established as an overarching law enforcement information collection, targeting, and sharing environment. This environment is comprised of several modules designed to collect, maintain, and screen data, conduct targeting, and share information. Among these modules, the Automated Targeting System performs screening of both inbound and outbound cargo, travelers, and conveyances. As part of this screening function, the Automated Targeting System compares information obtained from the public with a set series of queries designed to permit targeting of conveyances, goods, cargo, or persons to facilitate DHS's border enforcement mission. The risk assessment and links to information upon which the assessment is based, which are stored in the Automated Targeting System, are created from existing information in a number of sources, including, but not limited to: the trade community through the Automated Commercial System or its successor; the Automated Commercial Environment system; the traveling public through information submitted by their carrier to the Advance Passenger Information System; persons crossing the United States land border by automobile or on foot; the Treasury Enforcement Communications System, or its successor; or law enforcement information maintained in other parts of the Treasury Enforcement Communications System that pertain to persons, goods, or conveyances. As part of the information it accesses for screening, Passenger Name Record

(PNR)information, which is currently collected pursuant to an existing CBP regulation (19 CFR 122.49d) from both inbound and outbound travelers through the carrier upon which travel occurs, is stored in the Automated Targeting System. PNR is comprised of data which carriers collect as a matter of their usual business practice in negotiating and arranging the travel transaction. As noted above, this system of records notice does not identify or create any new collection of information, rather DHS is providing additional notice and transparency of the functionality of these systems. DATES: The new system of records will be effective December 4, 2006, unless comments are received that result in a contrary determination. ADDRESSES: You may submit comments, identified by *docket number* , by *one* of the following methods: • *Federal eRulemaking Portal: http://www.regulations.gov.* Follow the instructions for submitting comments via docket number DH6-2006-0060. • *Fax:* 202-572-8727. • *Mail:* Comments by mail are to be addressed to the Border Security Regulations Branch, Office of Regulations and Rulings, Bureau of Customs and Border Protection, 1300 Pennsylvania Avenue, NW. (Mint Annex), Washington, DC 20229. Comments by mail may also be submitted to Hugo Teufel III, Chief Privacy Officer, Department of Homeland Security, 601 S. 12th Street, Arlington, VA 22202-4220. • *Instructions:* All submissions received must include the agency name and docket number for this rulemaking. All comments received will be posted without change to *http://www.regulations.gov* , including any personal information provided. • *Docket:* For access to the docket to read background documents or comments received go to *http://www.regulations.gov* . Submitted comments may also be inspected during regular business days between the hours of 9 a.m. and 4:30 p.m. at the Regulations Branch, Office of Regulations and Rulings, Bureau of Customs and Border Protection, 799 9th Street, NW., 5th Floor, Washington, DC. Arrangements to inspect submitted comments should be made in advance by calling Mr. Joseph Clark at

(202)572-8768. FOR FURTHER INFORMATION CONTACT: For general questions please contact: Laurence E. Castelli (202-572-8790), Chief, Privacy Act Policy and Procedures Branch, Bureau of Customs and Border Protection, Office of Regulations & Rulings, Mint Annex, 1300 Pennsylvania Ave., NW., Washington, DC 20229. For privacy issues please contact: Hugo Teufel III (571-227-3813), Chief Privacy Officer, Privacy Office, U.S. Department of Homeland Security, Washington, DC 20528. SUPPLEMENTARY INFORMATION: Bureau of Customs and Border Protection (CBP), Department of Homeland Security (DHS), has traditionally relied on computerized cargo screening processes to aid the CBP inspection workforce in the cargo release process. Separately, CBP has used the advance submission of traveler information to aid in screening travelers to facilitate its border enforcement mission. The Automated Targeting System

(ATS)associates information obtained from CBP's cargo, travelers, and border enforcement systems with a level of risk posed by each item and person as determined through the rule based query of the cargo or personal information accessed by ATS. The Privacy Act embodies fair information principles in a statutory framework governing the means by which the United States Government collects, maintains, uses, and disseminates personally identifiable information. The Privacy Act applies to information that is maintained in a “system of records.” A “system of records” is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. In the Privacy Act, an individual is defined to encompass United States citizens and legal permanent residents. ATS involves the collection and creation of information that is maintained in a system of records. Previously, this information was covered by the Treasury Enforcement Communications System

(TECS)system of records notice, as ATS is a functional module associated with the environment of TECS. ATS is employed as an analytical tool to enhance CBP screening and targeting capabilities by permitting query-based comparisons of different data modules associated with the TECS system, as well as comparisons with data sets from sources outside of TECS. As part of DHS's updating of its system of records notices and in an effort to provide more detailed information to the traveling public and trade community, CBP has determined that ATS should be noticed as a separate system of records, giving greater visibility into its targeting and screening efforts. The Privacy Act requires each agency to publish in the **Federal Register** a description denoting the type and character of each system of records that the agency maintains, and the routine uses that are contained in each system in order to make agency recordkeeping practices transparent, to notify individuals regarding the uses to which personally identifiable information is put, and to assist the individual to more easily find such files within the agency. DHS is hereby publishing a description of the system of records referred to as the Automated Targeting System. In accordance with 5 U.S.C. 552a(r), a report concerning this record system has been sent to the Office of Management and Budget and to the Congress. DHS/CBP-006 SYSTEM NAME: Automated Targeting System (ATS)—DHS/CBP. SYSTEM LOCATION: This computer database is located at the Bureau of Customs and Border Protection

(CBP)National Data Center in Washington, DC. Computer terminals are located at customhouses, border ports of entry, airport inspection facilities under the jurisdiction of the Department of Homeland Security

(DHS)and other locations at which DHS authorized personnel may be posted to facilitate DHS's mission. CATEGORIES OF INDIVIDUALS COVERED BY THE SYSTEM: A. Persons seeking to enter or exit the United States; B. Persons who engage in any form of trade or other commercial transaction related to the importation or exportation of merchandise; C. Persons who are employed in any capacity related to the transit of merchandise intended to cross the United States border; and D. Persons who serve as operators, crew, or passengers on any vessel, vehicle, aircraft, or train who enters or exits the United States. CATEGORIES OF RECORDS IN THE SYSTEM: ATS builds a risk assessment for cargo, conveyances, and travelers based on criteria and rules developed by CBP. ATS maintains the resulting assessment together with a record of which rules were used to develop the assessment. With the exception of PNR information, discussed below, ATS maintains a pointer or reference to the underlying records from other systems that resulted in a particular assessment. This assessment and related rules history associated with developing a risk assessment for an individual are maintained for up to forty years to support ongoing targeting requirements. ATS—P (Automated Targeting System—Passenger), a component of ATS, maintains the PNR information obtained from commercial carriers for purposes of assessing the risk of international travelers. PNR *may* include such items as: • PNR record locator code, • Date of reservation, • Date(s) of intended travel, • Name, • Other names on PNR, • Number of travelers on PNR, • Seat information, • Address, • All forms of payment information, • Billing address, • Contact telephone numbers, • All travel itinerary for specific PNR, • Frequent flyer information, • Travel agency, • Travel agent, • Code share PNR information, • Travel status of passenger, • Split/Divided PNR information, • Identifiers for free tickets, • One-way tickets, • E-mail address, • Ticketing field information, • Automated Ticketing Fare Quote

(ATFQ)fields, • General remarks, • Ticket number, • Seat number, • Date of ticket issuance, • Any collected APIS information, • No show history, • Number of bags, • Bag tag numbers, • Go show information, • Number of bags on each segment, • Other Supplementary information (OSI), • Special Services information (SSI), • Special Services Request (SSR), • Voluntary/involuntary upgrades, • Received from information, and • All historical changes to the PNR Not all carriers maintain the same sets of information for PNR. AUTHORITY FOR MAINTENANCE OF THE SYSTEM: 19 U.S.C. 482, 1461, 1496, and 1581-1582, 8 U.S.C. 1357, Title VII of Public Law 104-208, and 49 U.S.C. 44909. Purpose(s):

(a)To perform targeting of individuals, including passengers and crew, focusing CBP resources by identifying persons who may pose a risk to border security, may be a terrorist or suspected terrorist, or may otherwise be engaged in activity in violation of U.S. law;

(b)To perform targeting of conveyances and cargo to focus CBP's resources for inspection and examination and enhance CBP's ability to identify potential violations of U.S. law, possible terrorist threats, and other threats to border security; and

(c)To assist in the enforcement of the laws enforced or administered by DHS, including those related to counterterrorism. ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM, INCLUDING CATEGORIES OF USERS AND THE PURPOSES OF SUCH USES: In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows: A. To appropriate Federal, state, local, tribal, or foreign governmental agencies or multilateral governmental organizations responsible for investigating or prosecuting the violations of, or for enforcing or implementing, a statute, rule, regulation, order, or license, where CBP believes the information would assist enforcement of civil or criminal laws; B. To appropriate Federal, state, local, tribal, or foreign governmental agencies maintaining civil, criminal, or other relevant enforcement information or other pertinent information, which has requested information relevant or necessary to the requesting agency's hiring or retention of an individual, or issuance of a security clearance, license, contract, grant, or other benefit and disclosure is appropriate to the proper performance of the official duties of the person making the disclosure; C. To a court, magistrate, or administrative tribunal in the course of presenting evidence, including disclosures to opposing counsel or witnesses in the course of civil discovery, litigation, or settlement negotiations, or in response to a subpoena, or in connection with criminal law proceedings; D. To third parties during the course of a law enforcement investigation to the extent necessary to obtain information pertinent to the investigation, provided disclosure is appropriate to the proper performance of the official duties of the officer making the disclosure; E. To an agency, organization, or individual for the purposes of performing audit or oversight operations as authorized by law; F. To a Congressional office, for the record of an individual in response to an inquiry from that Congressional office made at the request of the individual to whom the record pertains; G. To contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for the Federal government, when necessary to accomplish an agency function related to this system of records, in compliance with the Privacy Act of 1974, as amended; H. To an organization or individual in either the public or private sector, either foreign or domestic, where there is a reason to believe that the recipient is or could become the target of a particular terrorist activity or conspiracy, to the extent the information is relevant to the protection of life or property and disclosure is appropriate to the proper performance of the official duties of the person making the disclosure; I. To the United States Department of Justice (including United States Attorney offices) or other Federal agency conducting litigation or in proceedings before any court, adjudicative or administrative body, when it is necessary to the litigation and one of the following is a party to the litigation or has an interest in such litigation:

(a)DHS, or

(b)any employee of DHS in his/her official capacity, or

(c)any employee of DHS in his/her individual capacity where DOJ or DHS has agreed to represent said employee, or

(d)the United States or any agency thereof; J. To the National Archives and Records Administration or other Federal government agencies pursuant to records management inspections being conducted under the authority of 44 U.S.C. 2904 and 2906; K. To appropriate Federal, state, local, tribal, or foreign governmental agencies, if necessary to obtain information relevant to a DHS decision concerning the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant or other benefit and disclosure is appropriate to the proper performance of the official duties of the individual making the disclosure; L. To appropriate Federal, State, local, tribal, or foreign governmental agencies or multilateral governmental organizations, for purposes of assisting such agencies or organizations in preventing exposure to or transmission of a communicable or quarantinable disease or for combatting other significant public health threats; M. To Federal and foreign government intelligence or counterterrorism agencies or components where CBP becomes aware of an indication of a threat or potential threat to national or international security, or where such use is to assist in anti-terrorism efforts and disclosure is appropriate to the proper performance of the official duties of the person making the disclosure; N. To appropriate Federal, State, local, tribal, or foreign governmental agencies or multilateral governmental organizations where CBP is aware of a need to utilize relevant data for purposes of testing new technology and systems designed to enhance border security or identify other violations of law; O. To appropriate agencies, entities, and persons when

(1)it is suspected or confirmed that the security or confidentiality of information in the system of records has been compromised;

(2)CBP has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by CBP or another agency or entity) that rely upon the compromised information; and

(3)the disclosure is made to such agencies, entities, and persons when reasonably necessary to assist in connection with the CBP's efforts to respond to the suspected or confirmed compromise and prevent, minimize, or remedy such harm. POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING, AND DISPOSING OF RECORDS IN THE SYSTEM: STORAGE: The data is stored electronically at the National Data Center for current data and offsite at an alternative data storage facility for historical logs and system backups. RETRIEVABILITY: The data is retrievable by name or personal identifier from an electronic database. SAFEGUARDS: All records are protected from unauthorized access through appropriate administrative, physical, and technical safeguards. These safeguards include all of the following: restricting access to those with a “need to know”; using locks, alarm devices, and passwords; compartmentalizing databases; auditing software; and encrypting data communications. ATS also monitors source systems for changes to the source data. The system manager, in addition, has the capability to maintain system back-ups for the purpose of supporting continuity of operations and the discrete need to isolate and copy specific data access transactions for the purpose of conducting security incident investigations. ATS information is secured in full compliance with the requirements of the DHS IT Security Program Handbook. This handbook establishes a comprehensive information security program. Access to the risk assessment results and related rules is restricted to a limited number of authorized government personnel who have gone through extensive training on the appropriate use of this information and CBP policies, including for security and privacy. These individuals are trained to review the risk assessments and background information to identify individuals who may likely pose a risk. To ensure that ATS is being accessed and used appropriately, audit logs are created and reviewed routinely by CBP's Office of Internal Affairs. RETENTION AND DISPOSAL: The information initially collected in ATS is used for entry screening purposes. Records in this system will be retained and disposed of in accordance with a records schedule to be approved by the National Archives and Records Administration. ATS both collects information directly, and derives other information from various systems. To the extent information is collected from other systems, data is retained in accordance with the record retention requirements of those systems. The retention period for data specifically maintained in ATS will not exceed forty years at which time it will be deleted from ATS. Up to forty years of data retention may be required to cover the potentially active lifespan of individuals associated with terrorism or other criminal activities. The touchstone for data retention, however, is its relevance and utility. Accordingly, CBP will regularly review the data maintained in ATS to ensure its continued relevance and usefulness. If no longer relevant and useful, CBP will delete the information. All risk assessments need to be maintained because the risk assessment for individuals who are deemed low risk will be relevant if their risk profile changes in the future, for example, if terrorist associations are identified. Additionally, certain data collected directly by ATS may be subject to shorter retention limitations pursuant to separate arrangements. The adoption of shorter retention periods may not be publicly disclosed if DHS concludes that disclosure would affect operational security, for example by giving terrorism suspects the certainty that their past travel patterns would no longer be known to U.S. authorities. SYSTEM MANAGER(S) AND ADDRESS: Executive Director, National Targeting and Security, Office of Field Operations, U.S. Customs and Border Protection, Ronald Reagan Building and Director, Targeting and Analysis, Systems Program Office, Office of Information Technology, U.S. Customs and Border Protection. NOTIFICATION PROCEDURE: Generally, this system of records may not be accessed for purposes of determining if the system is a record pertaining to a particular individual. (See 5 U.S.C. 552a(e)(4)(G) and (f)(1)). General inquiries regarding ATS may be directed to the Customer Satisfaction Unit, Office of Field Operations, U.S. Customs and Border Protection, Room 5.5-C, 1300 Pennsylvania Avenue, NW., Washington, DC 20229 (phone:

(202)344-1850 and fax:

(202)344-2791). RECORD ACCESS PROCEDURES: Generally, this system of records may not be accessed under the Privacy Act for the purpose of inspection. The majority of this system is exempted from this requirement pursuant to 5 U.S.C. 552a(j)(2) and (k)(2). General inquiries regarding ATS may be directed to the Customer Satisfaction Unit, Office of Field Operations, U.S. Customs and Border Protection, Room 5.5-C, 1300 Pennsylvania Avenue, NW., Washington, DC 20229. Requests should conform to the requirements of 6 CFR Part 5, Subpart B, which provides the rules for requesting access to Privacy Act records maintained by DHS. The envelope and letter should be clearly marked “Privacy Act Access Request.” The request should include a general description of the records sought and must include the requester's full name, current address, and date and place of birth. The request must be signed and either notarized or submitted under penalty of perjury. CONTESTING RECORD PROCEDURES: Since this system of records may not be accessed, generally, for purposes of determining if the system contains a record pertaining to a particular individual and those records, if any, cannot be inspected, the system may not be accessed under the Privacy Act for the purpose of contesting the content of the record. RECORD SOURCE CATEGORIES: The system contains information derived from other law enforcement systems operated by DHS and other government agencies, which collected the underlying data from individuals and public entities directly. In addition, the system contains information collected from carriers that operate vessels, vehicles, aircraft, and/or trains that enter or exit the United States. EXEMPTIONS CLAIMED FOR THE SYSTEM: Pursuant to 31 CFR 1.36 pertaining to the Treasury Enforcement Communications System, the Automated Targeting System, which was previously covered by the Treasury Enforcement Communications System

(TECS)system of records notice and associated with the below exemptions, records and information in this system are exempt from 5 U.S.C. 552a(c)(3), (d)(1), (d)(2), (d)(3), (d)(4), (e)(1), (e)(4)(G), (H), and (I), and

(f)of the Privacy Act pursuant to 5 U.S.C. 552a(j)(2) and (k)(2). DHS intends to review these exemptions and, if warranted, issue a new set of exemptions specific to ATS within ninety

(90)days of the publication of this notice. Dated: October 27, 2006. Hugo Teufel III, Chief Privacy Officer. [FR Doc. 06-9026 Filed 10-30-06; 3:31 pm]

Connectionstraces to 16

Traces to 16 documents

U.S. Code