| Home > 1995 Privacy Act Documents > Privacy Act: [DEFENSE DEPARTMENT]...
Privacy Act: [DEFENSE DEPARTMENT]...
<DOC> PRIVACY ACT RULES DEFENSE DEPARTMENT Title 32-National Defense Subtitle A-Department of Defense Chapter I-Office of the Secretary of Defense PART 310--DOD PRIVACY PROGRAM Subpart A--General provisions Sec. 310.1 Reissuance and purpose. 310.2 Applicability and scope. 310.3 Definitions. 310.4 Policy. 310.5 Organization. 310.6 Responsibilities Subpart B--Systems of Records. 310.10 General. 310.11 Standards of accuracy. 310.12 Government contractors. 310.13 Safeguarding personal information. Subpart C--Collecting Personal Information 310.20 General considerations. 310.21 Forms. Subpart D--Access by Individuals 310.30 Individual access to personal information. 310.31 Denial of individual access. 310.32 Amendment of records. 310.33 Reproduction fees. Supart E--Disclosure of Personal Information to Other Agencies and Third Parties 310.40 Conditions of disclosure. 310.41 Nonconsensual disclosures. 310.42 Disclosures to commercial enterprises. 310.43 Disclosures to the public health care records. 310.44 Disclosure accounting. Subpart F--Exemptions 310.50 Use and establishment of exemptions. 310.51 General exemptions. 310.52 Specific exemptions. Subpart G--Publication Requirements 310.60 Federal Register publication. 310.61 Exemption rules. 310.62 System notices. 310.63 New and altered record systems. 310.64 Amendment and deletion of systems notices. Subpart H--Training Requirements 310.70 Statutory training requirements. 310.71 OMB training guidelines. 310.72 DoD training programs. 310.73 Training methodology and procedures. 310.74 Funding for training. Subpart I--Reports 310.80 Requirement for reports. 310.81 Suspense for submission of reports. 310.82 Reports control symbol. Subpart J--Inspections 310.90 Privacy Act inspections. 310.91 Inspection reporting. Subpart K--Privacy Act Enforcement Actions 310.100 Administrative remedies. 310.101 Civil actions. 310.102 Civil remedies. 310.103 Criminal penalties. 310.104 Litigation status sheet. Subpart L--Matching Program Procedures 310.110 OMB Matching guidelines. 310.111 Requesting matching programs. 310.112 Time limits for submitting matching reports. 310.113 Matching programs among DoD Components. 310.114 Annual review of systems of records. Appendix A--Special Considerations for Safeguarding Personal Information in ADP Systems Appendix B--Special Considerations for Safeguarding Personal Information During Word Processing Appendix C--DoD Blanket Routine Uses Appendix D--Provisions of the Privacy Act from which a General or Specific Exemption May be Claimed Appendix E--Sample of New or Altered System of Record Notice in Federal Register Format Appendix F--Format for New or Altered System Report Appendix G--Sample Deletions and Amendments to Systems Notices in Federal Register Format Appendix H--Litigation Status Sheet Appendix I--Office of Management and Budget (OMB) Matching Guidelines. Authority:Pub. L. 93-579, 88 Stat. 1896 (5 U.S.C. 552a). Source:51 FR 2364, Jan. 16, 1986. Redesignated from part 286a at 56 FR 55631, Oct. 29, 2991. Subpart A--General Provisions Sec. 310.1 Reissuance and purpose. (a) This part is reissued to consolidate into a single document (32 CFR part 310) Department of Defense (DoD) policies and procedures for implementing the Privacy Act of 1974, as amended (5 U.S.C. 522a,) by authorizing the development, publication and maintenance of the DoD Privacy Program set forth by DoD Directive 5400.11, June 9, 1982, and 5400.11-R, August 31, 1983, both entitled: ``Department of the Defense Privacy Program.'' (b) Its purpose is to delegate authorities and assign responsibilities for the administration of the DoD Privacy Program and to prescribe uniform procedures for DoD Components consistent with DoD 5025.1-M, ``Directives Systems Procedures,'' April 1981. [51 FR 1364, Jan. 16, 1986. Redesignated at 56 FR 55631, Oct. 29, 1991 and amended at 56 FR 57800, Nov. 14, 1991] Sec. 310.2 Applicability and scope. (a) The provisions of this part apply to the Office of the Secretary of Defense, the Military Departments, the Organization of the Joint Chiefs of Staff, the Unified and Specified Commands, and the Defense Agencies (hereafter referred to collectively as ``DoD Components''). This part is mandatory for use by all DoD Components. Heads of DoD Components may issue supplementary instructions only when necessary to provide for unique requirements within their Components. Such instructions will not conflict with the provisions of this part. (b) The DoD Privacy Program is applicable, but not limited, to the following DoD Components: (1) Office of the Secretary of Defense and its field activities; (2) Department of the Army; (3) Department of the Navy; (4) Department of the Air Force; (5) U.S. Marine Corps; (6) Organization of the Joint Chiefs of Staff; (7) Unified and Specified Commands; (8) Office of the Inspector General, DoD; (9) Defense Advanced Research Projects Agency; (10) Defense Communications Agency; (11) Defense Contract Audit Agency; (12) Defense Intelligence Agency; (13) Defense Investigative Service; (14) Defense Logistics Agency; (15) Defense Mapping Agency; (16) Defense Nuclear Agency; (17) Defense Security Assistance Agency; (18) National Security Agency/Central Security Service; (19) Uniformed Services University of the Health Sciences. (c) The provisions of this part shall be made applicable by contract or other legally binding action to U.S. Government contractors whenever a DoD contract is let for the operation of a system of records. For purposes of liability under the Privacy Act of 1974 (5 U.S.C. 552a) the employees of the contractor are considered employees of the contracting DoD Component. See also Sec. 310.12. (d) This part does not apply to: (1) Requests for information from records maintained by the National Security Agency pursuant to Pub. L. 86-36, ``National Security Information Exemption,'' May 29, 1959, and Pub. L. 88-290, ``Personnel Security Procedures in the National Security Agency,'' March 26, 1964. All other systems of records maintained by the Agency are subject to the provisions of this part. (2) Requests for information from systems of records controlled by the Office of Personnel Management (OPM), although maintained by a DoD Component. These are processed under the applicable parts of the OPM's Federal Personnel Manual (5 CFR part 297). (3) Requests for personal information from the General Accounting Office (GAO). These are processed in accordance with DoD Directive 7650.1, ``General Accounting Office Access to Records,'' August 26, 1982. (4) Requests for personal information from Congress. These are processed in accordance with DoD Directive 5400.4, ``Provisions of Information to Congress,'' January 30, 1978, except for those specific provisions in Subpart E--Disclosure of Personal Information to Other Agencies and Third Parties. (5) Requests for information made under the Freedom of Information Act (5 U.S.C. 552). These are processed in accordance with ``DoD Freedom of Information Act Program'' (32 CFR part 286). [51 FR 1364, Jan. 16, 1986. Redesignated at 56 FR 55631, Oct. 29, 1991 and amended at 56 FR 57800, Nov. 14, 1991] Sec. 310.3 Definitions. Access. The review of a record or a copy of a record or parts thereof in a system of records by any individual (see also paragraph (h) of this section). Agency. For the purposes of disclosing records subject to the Privacy Act among DoD Components, the Department of Defense is considered a single agency. For all other purposes to include applications for access and amendment, denial of access or amendment, appeals from denials, and record keeping as regards release to non-DoD agencies; each DoD Component is considered an agency within the meaning of the Privacy Act. Confidential source. A person or organization who has furnished information to the federal government under an express promise that the person's or the organization's identity will be held in confidence or under an implied promise of such confidentialness if this implied promise was made before September 27, 1975. Disclosure. The transfer of any personal information from a system of records by any means of communication (such as oral, written, electronic, mechanical, or actual review) to any person, private entity, or government agency, other than the subject of the record, the subject's designated agent or the subject's legal guardian. Individual. A living citizen of the United States or an alien lawfully admitted to the United States for permanent residence. The legal guardian of an individual has the same rights as the individual and may act on his or her behalf. All members of U.S. Armed Forces are considered individuals for Privacy Act purposes. No rights are vested in the representative of a dead person under this part and the term ``individual'' does not embrace an individual acting in an interpersonal capacity, for example, sole proprietorship or partnership. Individual access. Access to information pertaining to the individual by the individual or his designated agent or legal guardian. Law Enforcement Activity. Any activity engaged in the enforcement of criminal laws, including efforts to prevent, control, or reduce crime or to apprehend criminals, and the activities of prosecutors, courts, correctional, probation, pardon, or parole authorities. Maintain. Includes maintain, collect, use or disseminate. Official use. Within the context of this part, this term is used when officials and employees of a DoD Component have a demonstrated need for the use of any record or the information contained therein in the performance of their official duties, subject to the ``DoD Information Security Program Regulation'': (32 CFR part 159). Personal information. Information about an individual that is intimate or private to the individual, as distinguished from information related solely to the individual's official functions or public life. Privacy Act. The Privacy Act of 1974, as amended (5 U.S.C. 552a). Privacy Act request. A request from an individual for notification as to the existence of, access to, or amendment of records pertaining to that individual. These records must be maintained in a system of records. Member of the public. Any individual or party acting in a private capacity to include federal employees or military personnel. Record. Any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, the individual's education, financial transactions, medical history, and criminal or employment history and that contains the individual's name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph. Risk assessment. An analysis considering information sensitivity, vulnerabilities, and the cost to a computer facility or word processing activity in safeguarding personal information processed or stored in the facility or activity. Routine use. The disclosure of a record outside the Department of Defense for a use that is compatible with the purpose for which the information was collected and maintained by the Department of Defense. The routine use must be included in the published system notice for the system of records involved. Statistical record. A record maintained only for statistical research or reporting purposes and not used in whole or in part in making determinations about specific individuals. System of records. A group of records under the control of a DoD Component from which information is retrieved by the individual's name or by some identifying number, symbol, or other identifying particular assigned to the individual. System notices for all Privacy Act systems of records must be published in the Federal Register. Word processing system. A combination of equipment employing automated technology, systematic procedures, and trained personnel for the primary purpose of manipulating human thoughts and verbal or written or graphic presentations intended to communicate verbally or visually with another individual. Word processing equipment. Any combination of electronic hardware and computer software integrated in a variety of forms (firmware, programmable software, handwiring, or similar equipment) that permits the processing of textual data. Generally, the equipment contains a device to receive information, a computer-like processor with various capabilities to manipulate the information, a storage medium, and an output device. Sec. 310.4 Policy. (a) General Policy. It is the policy of the Department of Defense to safeguard personal information contained in any system of records maintained by DoD Components and to make that information available to the individual to whom it pertains to the maximum extent practicable.
Other Popular 1995 Privacy Act Documents Documents:
|GovRecords.org presents information on various agencies of the United States Government. Even though all information is believed to be credible and accurate, no guarantees are made on the complete accuracy of our government records archive. Care should be taken to verify the information presented by responsible parties. Please see our reference page for congressional, presidential, and judicial branch contact information. GovRecords.org values visitor privacy. Please see the privacy page for more information.|
Supreme Court Decisions
104th Congressional Documents
105th Congressional Documents
106th Congressional Documents
107th Congressional Documents
108th Congressional Documents
1994 Presidential Documents