Link to USGS Home Page

U.S. Geological Survey Manual

319-1-H

UNITED STATES

DEPARTMENT OF THE INTERIOR

U. S. GEOLOGICAL SURVEY

GUIDE FOR HANDLING

PRIVACY ACT RECORDS

Prepared by the Administrative Division


January 1991

FOREWORD

The guidelines and procedures in this Guide for Handling Privacy Act Records (319-1-H) supplement the USGS Privacy Act policy and responsibilities set forth in SM 319.1. The provisions of this Handbook are applicable to all organizational elements of the USGS involved in the maintenance, collection, use, or dissemination of records subject to the Privacy Act of 1974, as amended, (5 U.S.C. 552a).

The purpose of this Handbook is to provide personnel engaged in the collection and/or maintenance of records subject to the Privacy Act with a single source of reference for the instructions and procedures for the administration of these records.

Questions and/or suggestions regarding the content of the Handbook may be directed to the USGS Paperwork Management Officer, Administrative Division, Office of Facilities and Management Services, (Mail Stop 208), National Center, Reston, VA 22092, telephone (703) 648-7309 or FTS 959-7309.

This Handbook supersedes the March, 1986 edition.

DATE: January 1991

TABLE OF CONTENTS

CHAPTER 1 - GENERAL PAGE

  1. Introduction
  2. Definitions

CHAPTER 2 - PRIVACY ACT RECORDS

  1. Maintenance of Records
    1. Content of Records
    2. Standards of Accuracy
    3. Collection of Information
    4. Privacy Act Statements
    5. Records Concerning First Amendment Rights
  2. Privacy Act System Notices
    1. Notice Requirement
    2. Notice Contents
    3. Report to OMB and Congress on New or Altered Systems of Records
  3. Safeguarding of Records
  4. Statutory Requirements
  5. Records Maintained in Manual Form
  6. Records Maintained in Computerized Form
  7. Government Contracts
  8. Records Pertaining to Individuals in an Entrepreneurial Capacity

CHAPTER 3 - DISCLOSURE OF PRIVACY ACT RECORDS

  1. Disclosure of Records
    1. Prohibition of Disclosure
    2. General Exceptions
    3. Relationship between FOIA and Privacy Act
    4. Disclosures to Members of Congress
    5. Disclosure of Debt/Claim Information
    6. Combined FOIA/Privacy Act Requests
    7. Reviewing Records Prior to Disclosure
  2. Accounting for Disclosure
    1. Disclosure Accounting Requirements
    2. Access to Accountings
    3. Notification of Disclosure
    Figure 3-1 - Form 9-2061, Privacy Act Disclosure Authorization
    Figure 3-2 - Form 9-2057-A, Privacy Act Disclosure Record

CHAPTER 4 - NOTIFICATION OF THE EXISTENCE OF RECORDS

  1. Requests for Notification of the Existence of Records
    1. Submission of Request
    2. Form of Request
  2. Action on Requests for Notification
    1. Decisions on Request
    2. Authority to Deny Requests
    3. Form of Decision

CHAPTER 5 - ACCESS TO RECORDS

  1. Submission of Requests for Access to Records
    1. Submission of Requests
    2. Form of Requests
  2. Decisions on Requests for Access to Records
    1. Decisions on Requests
    2. Authority to Deny Requests
    3. Form of Decision
    4. Fees
  3. Special Situations Involving Requests for Access to Records
    1. Medical Records
    2. Inspection in Presence of Third Party

CHAPTER 6 - AMENDMENT OF RECORDS

  1. Submission of Petitions for Amendment

  2. A. Submission of Petitions
    B. Form of Petition
  3. Processing of Petitions for Amendment

  4. A. Decisions on Petitions
    B. Authority to Decide
    C. Acknowledgment of Receipt
    D. Inadequate Petitions
    E. Form of Decision
    F. Implementation of Initial Decision
  5. Time Limits for Processing Petitions for Amendment

  6. A. Acknowledgment of Receipt
    B. Decision on Petition
    C. Suspension of Time Limit
    D. Extension of Time
  7. Appeals Following Petitions for Amendment
    1. Right of Appeal
    2. Time of Appeal
    3. Form of Appeal
    4. Form of Decision
  8. Statements of Disagreements
    1. Filing of Statement
    2. Disclosure of Statements
    3. Maintenance of Statements

CHAPTER 7 - RECORDS DISPOSAL

CHAPTER 8 - GUIDELINES FOR USGS PRIVACY ACT SYSTEM MANAGERS

CHAPTER 9 - GUIDELINES FOR USGS EMPLOYEES HANDLING PRIVACY ACT RECORDS

  1. General
  2. Guidelines for Employees Processing Requests for Notification, Access or Amendment of Privacy Act Records
    1. Inquiries about the Existence of Records
    2. Requests to Inspect Records
    3. Requests for Amendment of Records

CHAPTER 10 - PRIVACY ACT SYSTEMS OF RECORDS INSPECTIONS

CHAPTER 11 - USE OF SOCIAL SECURITY NUMBERS

  1. Purpose
  2. Refusal to Disclose
  3. Notice to Individuals

CHAPTER 12 - COMPUTER MATCHING PROGRAMS

  1. Use of Privacy Act Records in Matching Programs
  2. Definitions
  3. Exclusions
  4. Procedures for Conducting Matching Programs
  5. Procedures for Disclosing Records for Matching Programs
  6. - Providing Due Process to Matching Subjects
    1. Verification of Adverse Information
    2. Notice and Opportunity to Contest
  7. - Changes to Existing Matching Programs
  8. Benefit/Cost Analysis
  9. Responsibilities of Non-Federal Agencies
  10. Use of Contractors
  11. Reports

  12. Figure 12-1 - Matching Agreements
    Figure 12-2 - Federal Register Notices for Matching Agreements

CHAPTER 13 - PRIVACY ACT BIENNIAL REPORT

1 - Biennial Report

2 - Report Contents

FIGURES

Figure 3-1 - Form 9-2061, Privacy Act Disclosure Authorization

Figure 3-2 - Form 9-2057-A, Privacy Act Disclosure Record

Figure 12-1 - Matching Agreements

Figure 12-2 - Federal Register Notices for Matching Agreements

APPENDIXES

A. Survey Manual Chapter 319.l, Privacy Act

B. Text of the Privacy Act of 1974 (5 U.S.C. 552a)

C. Format and Instructions for New or Revised System Notices

D. Report to the Office of Management and Budget and Congress for New Systems of Record

E. Privacy Act System of Records "Warning Notice" (for paper files)

Privacy Act System of Records "Warning Notice" (for automated systems)

F. Computer Security Guidelines for Implementing the Privacy Act of 1974,

FIPS PUB 41

G.Fee Schedule

H. Privacy Act Systems of Records Notices Covering USGS Records

I. Privacy Act System of Records Inspection Guide


CHAPTER 1. GENERAL

1. Introduction. This handbook is developed to supplement SM 319.1, Privacy Act (Appendix A), and to provide system guidelines and procedures applicable to USGS administration of the Privacy Act of 1974, as amended, (5 U.S.C. 552a). The purpose of the Privacy Act is to ensure that systems of records containing information about individuals are publicly identified; that only information which is legally authorized and necessary is collected; and that such information is maintained in a manner which precludes unwarranted intrusions upon individual privacy. The Act is applicable to all systems of records containing information about individuals from which information is retrieved by individual name or by an identifying number, symbol or other identifier assigned to the individual. The Act requires Federal agencies to:

A. Permit individuals to determine what records pertaining to them are maintained.

B. Generally permit individuals to gain access to their records, have copies made, and correct or amend such records.

C. Ensure that Federal agencies collect only such information about individuals as is relevant and necessary to accomplish their authorized functions and that information about individuals is used only for purposes authorized by law.

D. Ensure that information maintained on individuals is current and accurate, and that adequate safeguards are provided to prevent misuse of the information.

(The text of the Privacy Act is contained in Appendix B.)

2. Definitions.

A. System of Records. A system of records is a group of any records under the control of an agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifier assigned to the individual.

B. System Guidelines. System guidelines are a set of formal, written instructions to employees working with a system of records. They contain operating procedures to be followed in maintaining a specific records system and supplement the bureau directives pertaining to the Privacy Act.

C. System Notices. A system notice describes a system of records subject to the Privacy Act to include: the system name, location, categories of individuals covered by the system, categories of records in the system, statutory authority for maintenance of the system, routine uses of the records maintained, to whom disclosures can be made, and other identifying characteristics of the system. A new system notice must be published in the Federal Register prior to establishment of each proposed new system, or when revising an existing system which significantly alters the character of the system.

D. Notification, Access and Amendment. The Privacy Act gives individuals the right to know of the existence of records containing information about them (notification); to inspect the records to ensure their relevance, necessity, and accuracy (access); and to request changes in the records when the information is irrelevant, unnecessary, or inaccurate (amendment). (Records pertaining to criminal investigations, recruitment of new employees, or involving tests which could be compromised if shown to individuals, generally are exempt from the above.)

E. Privacy Act Disclosures. Disclosure means release of information contained in a system of records to any person (other than the person to whom the information pertains), including any employee of the Department of the Interior and employees of other Federal departments and agencies. The Act provides that records to which it applies may not be disclosed to any third party (including other Federal agencies) without the advance written consent of the person to whom the records pertain. However, there are twelve general exceptions which do not require written consent. These are covered in Chapter 3, paragraph 1B, of this Handbook.

F. Safeguarding of Records. This involves the administrative, technical, and physical safeguards in place to ensure the integrity of records subject to the Act, as well as providing guidance and establishing standards for employees relating to handling disclosures and altering records.

G. Privacy Act Biennial Report. A biennial report is prepared by the bureau Privacy Act Officer, providing statistics and other information on bureau activities relating to the Act during the prior two calendar years. The report is forwarded to the Department for subsequent transmittal to the Office of Management and Budget (OMB).

H. Record. A record is any item, collection, or grouping of information about an individual that contains his or her name, or an identifying number, symbol, or other identifier assigned to the individual.

I. Privacy Act Appeals. When an individual's request for access to his or her records held under the Act has been denied in whole or in part, for whatever reason, an appeal may be made to the Assistant Secretary--Policy, Management and Budget.

J. Routine Use. Use of a record for a purpose which is compatible with the purpose for which it was collected.

K. Computer Matching Program. A computer matching program is any computerized comparison of two or more automated Privacy Act systems of records either with Federal agency records or with non-Federal records. The purpose of conducting a computer matching program is to improve Government operations, reduce losses from fraud, abuse, error, or loan defaults, and assure the proper use of Government funds and property. If the need arises for any office in the USGS to conduct or to participate in a computer matching program, the office concerned must follow the guidelines in Chapter 12 of this Guide and contact the Privacy Act Officer at (703) 648-7309 or FTS 959-7309.

CHAPTER 2. PRIVACY ACT RECORDS

1. Maintenance of Records.

A. Content of Records. Records subject to the Privacy Act will contain only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by law or Executive Order of the President.

B. Standards of Accuracy. Records subject to the Act which are used in making any determination about any individual will be maintained with accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in making the determination.

C. Collection of Information.

(1) Information which may be used in making determinations about an individual's rights, benefits, and privileges under Federal programs shall, to the greatest extent practicable, be collected directly from that individual.

(2) Information may be collected from the individual to whom it pertains or from a third party. The following factors should be considered in determining the best source for providing the information:

(a) Whether the nature of the information sought is such that it can only be obtained from a third party.

(b) Whether the cost of collecting the information from the individual is unreasonable when compared with the cost of collecting it from a third party.

(c) Whether there is a risk that information collected from third parties, if inaccurate, could have an adverse impact on the individual concerned.

(d) Whether the information if supplied by the individual would have to be verified by a third party.

(e) Whether provisions can be made for verification by the individual of information collected from third parties.

D. Privacy Act Statements.

(1) Each individual who is asked to supply information about himself or herself which will be added to a system of records shall be informed of the basis for requesting the information, how it may be used, and what the consequences are, if any, of not supplying the information.

(2) At a minimum, the Privacy Act Statement to the individual must state:

(a) The authority (whether granted by statute or Executive Order of the President) which authorizes the collection of the information and whether disclosures of information are mandatory or voluntary.

(b) The principal purposes for which the information is intended to be used.

(c) The routine uses which may be made of the information.

(d) The effects on the individual, if any, of not providing all or any part of the requested information.

(3) When collecting information, the following must be provided:

(a) If collected on a form, the Privacy Act statement to the individual shall be printed on the form, on a tear-off sheet attached to the form, or on a separate sheet, whichever is most practical.

(b) If collected by an interviewer, the interviewer shall provide the individual with a written statement which the individual may retain. If the interview is conducted by telephone, the interviewer may summarize the statement for the individual and need not provide a copy to the individual unless the individual requests a copy.

(c) An individual may be asked to acknowledge, in writing, that the Privacy Act Statement has been provided.

E. Records Concerning First Amendment Rights. No record may be maintained describing how any individual exercises rights guaranteed by the First Amendment to the Constitution unless the maintenance of the records is:

(1) Expressly authorized by statute or by the individual about whom the record is maintained, or

(2) Pertinent to and within the scope of an authorized law enforcement activity.

2. Privacy Act System Notices.

A. Notice Requirement. The Privacy Act requires publication of a notice in the Federal Register describing each system of records subject to the Act (i.e., those from which information about an individual is retrieved by the use of the person's name or some other personal identifier such as a number or symbol). A notice will be published prior to the establishment of a new system or when changing an existing system of records. The publication requirements are intended to help individuals locate systems of records that are likely to contain information pertaining to them, and prevent the use of a system of records without first giving individuals an opportunity to review the purpose and routine uses of the information.

B. Notice Contents. Contents and format for new or revised system notices are described in Appendix C to this Handbook.

C. Report to the Office of Management and Budget (OMB) and Congress on New or Altered Systems of Records. This report is required whenever establishment of a new system of records is proposed or a change to an existing system is required which significantly alters the character of the system. The report must be submitted to OMB and Congress at least 60 days prior to establishment of a new system or the implementation of an altered system. The Department must receive this report at least 90 days before the proposed implementation date. In order for this requirement to be met, offices establishing a new system of records, or altering an existing system of records, must submit this report, together with the system notice, to the USGS Privacy Act Officer at least 100 calendar days in advance of the time that the new system or change is to be implemented. (Appendix D contains instructions for preparation of this report which is assigned the Departmental Reports Control Symbol CON-74-014.)

3. Safeguarding of Records.

A. Statutory Requirements. The Privacy Act requires that records subject to the Act be maintained with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained (5 U.S.C. 552a(e)(10)).

B. Records Maintained in Manual Form. When maintained in manual form, records subject to the Privacy Act shall be maintained in a manner commensurate with the sensitivity of the information contained in the system of records. The following minimum safeguards affording comparable protection, are applicable to Privacy Act systems of records containing sensitive information:

(1) Areas in which the records are maintained or regularly used shall be posted with an appropriate warning stating that access to the records is limited to authorized persons. The warning also shall state that the Privacy Act contains provisions for criminal penalty for the unauthorized disclosures of records to which it applies (see Appendix E).

(2) During working hours:

(a) The area in which the records are maintained or regularly used shall be occupied by authorized personnel, or

(b) Access to the records shall be restricted by their storage in locked metal file cabinets or a locked room (for manual records); and by the establishment of built-in access controls for automated records (see Appendix F, Section 5.2).

(3) During non-working hours, access to the records shall be restricted by storage in locked metal file cabinets or a locked room.

(4) Where a locked room is the method of security provided for a system of records, it shall be supplemented by:

(a) Providing lockable file cabinets or containers for the records, or

(b) Changing the lock or locks for the room so that they may not be opened with a master key.

C. Records Maintained in Computerized Form. When maintained in computerized form, records subject to the Privacy Act shall be maintained in accordance with safeguards based on those recommended in the National Institute of Standards and Technology's (formerly the National Bureau of Standards) publication, Computer Security Guidelines for Implementing the Privacy Act of 1974, FIPS PUB 41, (May 30, 1975). A copy of this publication is published in Appendix F. At a minimum, the following guidelines will be followed:

(1) Whenever possible, information subject to the Privacy Act should not be stored in a computer unless it is being processed. The information should be stored on media such as removable disks or magnetic tapes. During processing, only authorized personnel should be allowed in the area. The disks or tapes should be removed from the computer when not being used. They should be properly labeled to indicate that they contain information subject to the Privacy Act and that access to the information is limited to authorized personnel only. When not in use, this information should be stored in the same manner as the manual records covered in paragraph 3B of this chapter.

(2) If it is not possible to remove the Privacy Act information from the computer, all reasonable steps must be taken to assure the confidentiality and integrity of the information. This includes audit trails for recording changes; frequent backups for restoration after unintentional destruction; and safeguards to protect the information from disclosure. Protection from disclosure can easily be achieved through encryption of the information. Alternate safeguards include keyed locks on terminals or desktop computers, logical access controls including passwords and user ID's, and locked doors to the rooms where the computers are located. (See Appendix E for Privacy Act warning notice that should appear on the computer screen when working with automated records containing Privacy Act information.)

4. Government Contracts. When a contract provides for the operation of a system of records to accomplish a USGS function, the contractor is required to observe all the rules and abide by the provisions of the Privacy Act and the Department's regulations published in 43 CFR, Subpart D. A USGS employee will be designated as system manager for contracts issued. In entering into contracts pursuant to the Federal Acquisition Regulation (FAR), 48 CFR, the provisions of FAR Subpart 24.1 as supplemented by the Department of the Interior Acquisition Regulation (DIAR), 48 CFR, Subpart 1424.1, will be followed.

5. Records Pertaining to Individuals in an Entrepreneurial Capacity. Offices must determine if information in a system of records refers to an individual in his or her individual or entrepreneurial capacity.

A. Only the information in a system of records that refers to a citizen or resident alien in his or her individual capacity is subject to the protection of the provisions of the Privacy Act.

B. Information in a system of records that refers to an individual in an entrepreneurial capacity is not protected by the provisions of the Privacy Act and can be released without prior approval of the individual.

CHAPTER 3. DISCLOSURE OF PRIVACY ACT RECORDS

1. Disclosure of Records. A disclosure occurs when personal information in a system of records is revealed to a third party. The Act provides for criminal and civil penalties for improper disclosures.

A. Prohibition of Disclosure. No record contained in a system of records may be disclosed by any means of communication to any person, or to a Federal agency, without the prior written consent of the individual to whom the record pertains. Use Form 9-2061, Privacy Act Disclosure Authorization (Figure 3-1) for this purpose.

B. General Exceptions. The prohibitions contained in paragraph 1A above do not apply where disclosure of the record would be:

(1) To Department of the Interior employees who have a need for the record in the performance of their duties.

(2) Disclosures under the Freedom of Information Act, (5 U.S.C. 552). The Privacy Act's basic disclosure restrictions excepts those disclosures which are required by the Freedom of Information Act (FOIA), and disclosure must be made. When the FOIA does not require disclosure, however, the Privacy Act disclosure restriction is applicable and provides a further safeguard against disclosure.

(3) For a routine use which has been described in a system notice published in the Federal Register.

(4) To the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity.

(5) To a recipient who has provided the system manager responsible for the system in which the record is maintained with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable.

(6) To the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the Archivist's designee to determine whether the record has such value.

(7) To another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity, authorized by law, and if the head of the agency or instrumentality has made a written request to the Department specifying the particular portion desired and the law enforcement activity for which the record is sought.

(8) To a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if, upon such disclosure, notification is transmitted to the last known address of such individual.

(9) To either House of Congress, or, to the extent the matter is within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee.

(10) To the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the General Accounting Office.

(11) Pursuant to the order of a court of competent jurisdiction.

(12) To a consumer reporting agency in accordance with section 3(d) of the Federal Claims Collection Act of 1966, as amended (31 U.S.C. 3711(f)).

C. Relationship Between the Freedom of Information Act and the Privacy Act. The Freedom of Information Act (FOIA) and the Privacy Act both deal with the disclosure of information held by the Federal Government. The FOIA generally gives the public the right to inspect the Government's records, but has exemptions which permit the withholding of certain limited classes of records, including records which would cause a clearly unwarranted invasion of personal privacy if disclosed. As a general rule, the Privacy Act does not affect the public's right of access to records available under the FOIA. (See paragraph 1F of this chapter for handling combined FOIA/Privacy Act requests.)

(1) Handling of FOIA Requests. When a request is submitted under the FOIA, USGS employees should process that request under the procedures provided in SM 318.1, Freedom of Information Act.

(2) Primacy of the FOIA. If the records requested under the FOIA do not fall within any of the exemptions to the FOIA's disclosure requirements, the FOIA requires the disclosure of requested records, and the Privacy Act disclosure restriction is not applicable. In such cases, a written FOIA request must be in hand before making any disclosure from a Privacy Act system of records.

(3) Applicability of the Privacy Act. If records requested in a FOIA request are determined to fall within an exemption from the FOIA's disclosure requirements, then the Privacy Act comes into play. Unless another of the exceptions to the Privacy Act disclosure restriction applies or the individual gives permission to release the records, the records may not be disclosed.

Note that only one or more of the nine exemptions under the FOIA may be used to withhold records in responding to a FOIA request. The Privacy Act cannot be used as authority for making a denial in response to an FOIA request.

(4) Applicable FOIA Exemptions. Although several FOIA exemptions may apply to records in Privacy Act files, the exemptions most likely to be applicable are:

(a) 5 U.S.C. 552(b)(6) - personnel and medical files and similar files the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.

(b) 5 U.S.C. 552(b)(7) - records or information compiled for law enforcement purposes, but only to the extent that the production of such law enforcement records or information

(i) could reasonably be expected to interfere with enforcement proceedings,

(ii) would deprive a person of a right to fair trial or an impartial adjudication,

(iii) could reasonably be expected to constitute an unwarranted invasion of personal privacy,

(iv) could reasonably be expected to disclose the identity of a confidential source, including State, local, or foreign agency or authority or any private institution which furnished information on a confidential basis, and in the case of a record or information compiled by criminal law enforcement authority in the course of a criminal investigation or by an agency conducting a lawful national security intelligence investigation, information furnished by a confidential source,

(v) would disclose techniques and procedures for law enforcement investigations or prosecutions, or would disclose guidelines for law enforcement investigations or prosecutions if such disclosure could reasonably be expected to risk circumvention of the law, or

(vi) could reasonably be expected to endanger the life or physical safety of any individual.

(5) FOIA Guideline Determinations. To the extent practicable, system managers should determine which categories of records in the systems for which they are responsible are likely to be required to be disclosed under the FOIA and provide appropriate guidance to employees working with the records.

D. Disclosures to Members of Congress. The exception described in paragraph 1B(9) of this chapter does not extend to requests made by individual members of Congress. It was not the intent of Congress, however, to deny individuals the benefit of congressional assistance which they request. If a system of records may encounter such requests, the system manager should arrange for the following statement to be added to the routine use part of the system notice: "To a congressional office from the record of an individual in response to an inquiry the individual has made to the congressional office." Such requests can also be responded to if the information would be required to be disclosed under the Freedom of Information Act; if the member of Congress requests that the response go directly to the individual to whom the record pertains; or in compelling circumstances affecting the health or safety of an individual. Furthermore, consent can be inferred for any congressional inquiry indicating that the request is being made on the basis of a written request from the individual to whom the records pertain even if the constituent's letter is not provided.

E. Disclosure of Debt/Claim Information.

(1) The Debt Collection Act of 1982 (P.L. 97-365) provides for disclosure of information regarding overdue debts from Privacy Act systems of records to consumer reporting agencies (i.e., credit bureaus, etc.) under certain conditions. As indicated in paragraph 1B(12) above, a disclosure of debt/claim information to a consumer reporting agency is permitted without the advance written consent of the affected individual provided the following statutory criteria have been met:

(a) The published notice describing the system of records from which the disclosure is to be made contains a statement indicating that consumer reporting agencies may be furnished information on overdue debts. See Chapter 2, paragraph 2, of this Handbook for guidelines on preparation and publication of Privacy Act systems of records notices.

(b) A USGS official with properly delegated authority under the Federal Claims Collection Act of 1966, as amended, has reviewed the claim against the individual and determined the claim to be valid and overdue.

(c) The individual has been given at least 60 days advance written notice that payment of the claim is overdue and that the agency intends to disclose to a consumer reporting agency that the individual is responsible for the claim. This notice must have described the specific information to be disclosed to the consumer reporting agency and also the individual's rights to a full explanation of the claim to dispute information in USGS records concerning the claim and to administrative appeal or review of the claim. If the USGS does not have a current address for the individual, reasonable steps must have been taken to locate the individual.

(d) The individual has not repaid or signed an acceptable repayment plan, or filed for review of the claim.

(e) The USGS must have established procedures to assure that information previously provided to a consumer reporting agency is revised when the status or dollar amount of the claim changes, and to verify or correct information concerning the claim upon the request of the consumer reporting agency. The established procedures must require the USGS to obtain satisfactory assurances from the consumer reporting agency that the agency is in compliance with the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.) and any other Federal law governing the provision of consumer credit information.

(f) The information disclosed to the consumer reporting agency is limited to the name, address, taxpayer identification number, and other information necessary to establish the identity of the individual; the amount, status, and history of the claim; and the agency or program under which the claim arose.

(2) A consumer reporting agency to whom debt/claim information is disclosed is not considered a contractor under the Privacy Act. However, a USGS office that contracts with a person or organization for debt collection services must include as a provision of the contract that the contractor shall be subject to the requirements of the Privacy Act. It is not necessary to publish in the system of records notice a routine use disclosure of debt/claim information from a system of records to a contractor performing debt collection services for the USGS.

F. Combined FOIA/Privacy Act Requests. Individuals may seek access to their records by citing both the FOIA and Privacy Act. In such cases, the request must be handled so that the individuals are granted the greatest access to their records that either Act provides. Also, written requests from individuals for access to their records that cite neither the FOIA nor the Privacy Act should be handled as combined FOIA/Privacy Act requests if it is administratively decided to treat requests under either Act.

(1) In processing such combined requests, the fee provisions applicable to Privacy Act requests (see Appendix G) should be followed (i.e., the individual may only be charged for reproduction of the records and not for search or review time).

(2) The time limits applicable to FOIA requests (Appendix A of SM 318.1) should be followed in processing such dual requests.

G. Reviewing Records Prior to Disclosure. Prior to any disclosure of a record about an individual, unless disclosure is required by the Freedom of Information Act, reasonable efforts shall be made to assure that the records are accurate, complete, timely, and relevant for agency purposes.

Figure 3-1 is a copy of Form 9-2061, Privacy Act Disclosure Authorization.

2. Accounting for Disclosure.

A. Disclosure Accounting Requirements.

(1) Where a record is disclosed to any person, or to another agency, under any of the exceptions provided in paragraphs 1B(3)-(12) of this chapter, an accounting of the disclosure shall be made on Form 9-2057-A, Privacy Act Disclosure Record, (Figure 3-2). When ADP systems contain the information being disclosed, a computer printout or disk/tape record may be used in lieu of Form 9-2057-A, as long as the same information is recorded.

(2) The accounting shall record:

(a) The date, nature, and purpose of each disclosure of a record to any person or to another agency, and

(b) The name and address of the person or agency to whom the disclosure was made.

(3) Accountings of these disclosures shall be maintained in accordance with the USGS General Records Disposition Schedule, Item 501-06 (contained in 432-1-H), for at least 5 years or the life of the record, whichever is longer, after the disclosure for which the accounting is made.

B. Access to Accountings.

(1) Except for accountings of disclosures made under paragraph 1B(7) above, accountings of all disclosures of a record shall be made available to the individual to whom the record relates at the individual's request.

(2) An individual desiring access to an accounting of disclosures of a record pertaining to him or her shall submit a request by following the procedures of Chapter 5 of this Handbook.

C. Notification of Disclosure. When a record is disclosed as the result of the order of a court of competent jurisdiction, reasonable efforts shall be made to notify the individual to whom the record pertains as soon as the order becomes a matter of public record.

Figure 3-2 is a copy of Form 9-2057-A, Privacy Act Disclosure Record

CHAPTER 4. NOTIFICATION OF THE EXISTENCE OF RECORDS

1. Requests for Notification of the Existence of Records. Departmental requirements pertaining to requests for records are contained in 43 CFR 2.60, and are paraphrased in the following subparagraphs.

A. Submission of Request.

(1) Individuals desiring to determine under the Privacy Act whether a system of records contains records pertaining to them shall address inquiries to the system manager having responsibility for the system unless the system prescribes or permits submission to some other official or officials.

(2) If a system notice describing a system requires individuals to contact more than two officials concerning the existence of records in the system, individuals desiring to determine whether the system contains records pertaining to them may contact the system manager for assistance in determining which official is most likely to be in possession of records pertaining to these individuals.

(3) Individuals desiring to determine whether records pertaining to them are maintained in two or more systems shall make a separate inquiry concerning each system.

B. Form of Request.

(1) An inquiry to determine whether a system of records contains records pertaining to an individual shall be in writing.

(2) To insure expeditious handling, the request shall be prominently marked, both on the envelope and on the face of the request, with the legend "PRIVACY ACT INQUIRY."

(3) The request shall state that the individual is seeking information concerning records pertaining to him or her and shall supply such additional identifying information, if any, as is called for in the system notice describing the system.

(4) Individuals who have reason to believe that information pertaining to them may be filed under a name other than the name they are currently using (e.g., maiden name) shall include such information in the request.

2. Action on Requests for Notification.

A. Decisions on Request.

(1) Individuals inquiring whether a system of records contains records pertaining to them shall be promptly advised whether the system contains records pertaining to them unless:

(a) The records were compiled in reasonable anticipation of a civil action or proceeding, or

(b) The system of records is one which has been excepted from the notification provisions of the Privacy Act by rulemaking.

(2) If the records were compiled in reasonable anticipation of a civil action or proceeding or the system of records is one which has been excepted from the notification provisions of the Privacy Act by rulemaking, the individuals inquiring as to whether the system contains records pertaining to them will be promptly notified that they are not entitled to notification of whether the system contains records pertaining to them.

B. Authority to Deny Requests. A decision to deny a request for notification of the existence of records shall be made by the system manager responsible for the system of records concerning which inquiry has been made and shall be concurred in by the USGS Privacy Act Officer.

C. Form of Decision.

(1) No particular form is required for a decision informing individuals whether a system of records contains records pertaining to them.

(2) A decision declining to inform an individual whether or not a system of records contains records pertaining to him or her shall be in writing, shall state the basis for denial of the request, and shall advise the individual that an appeal of the declination may be made to the Assistant Secretary--Policy, Management and Budget by writing to the Privacy Act Officer, Office of Assistant Secretary--Policy, Management and Budget, U.S. Department of the Interior, Washington D.C. 20240, and that the appeal must be received by this official within twenty (20) days (Saturdays, Sundays and public legal holidays excepted) of the date of the decision.

(3) If the decision declining a request for notification of the existence of records involves Department employee records which fall under the jurisdiction of the Office of Personnel Management, the individual shall be informed in a written response which shall:

(a) State the reasons for the denial.

(b) Include the name, position title, and address of the official responsible for the denial.

(c) Advise the individual that an appeal of the declination may be made only to the Assistant Director for Workforce Information, Personnel Systems Oversight Group, Office of Personnel Management, 1900 E Street N.W., Washington, DC 20415.

(4) Copies of decisions declining a request for notification of the existence of records made pursuant to paragraphs above shall be provided to the Departmental and Bureau Privacy Act Officers.

CHAPTER 5. ACCESS TO RECORDS

The Privacy Act permits individuals, upon request, to gain access to their records or to any information pertaining to them which is contained in a system of records; to review the records; and to have a copy made of all or any portion thereof in a form comprehensible to them. A request for access shall be submitted in accordance with the following procedures:

1. Submission of Requests for Access to Records.

A. Submission of Requests.

(1) Requests for access to records shall be submitted to the system manager having responsibility for the system in which the records are maintained unless the notice describing the system prescribes or permits submission to some other official or officials.

(2) If a system notice describing a system requires individuals to contact more than two officials concerning access to records in the system, individuals desiring to request access to records pertaining to them may contact the system manager for assistance in determining which official is most likely to be in custody of records pertaining to that individual.

(3) Individuals desiring access to records maintained in two or more separate systems shall submit a separate request for access to the records in each system.

B. Form of Request.

(1) A request for access to records subject to the Privacy Act shall be in writing.

(2) To insure expeditious handling, the request must be prominently marked, both on the envelope and on the face of the request, with the legend "PRIVACY ACT REQUEST FOR ACCESS."

(3) Requesters shall specify whether they seek all of the records contained in the system which relate to them or only some portion of the records. The request shall reasonably describe the specific record(s) sought.

(4) If the requester seeks to have copies of the requested records made, the request shall state the maximum amount of fees the requester is willing to pay. A request which does not state the amount of fees the requester is willing to pay will be treated as a request to inspect the requested records. Requesters are further notified that the failure to state willingness to pay fees as high as are anticipated by the USGS will delay processing of a request.

(5) The request shall supply such identifying information, if any, as is called for in the system notice describing the system.

(6) A request failing to meet these requirements shall be returned to the requester with a written notice advising him or her of the deficiency in the request.

2. Decisions on Requests for Access to Records.

A. Decisions on Requests. A request made for access to a record shall be granted promptly unless:

(1) The record was compiled in reasonable anticipation of a civil action or proceeding, or

(2) The record is contained in a system of records which has been excepted from the access provisions of the Privacy Act by rulemaking.

B. Authority to Deny Requests. A decision to deny a request for access to a record(s) shall be made by the system manager responsible for the system of records in which the requested record is located and shall be concurred in by the USGS Privacy Act Officer.

C. Form of Decision.

(1) No particular form is required for a decision granting access to a record. The decision shall, however, advise the individual requesting the record as to where and when the record will be available for inspection or when copies will be available. If fees are due, the individual requesting the record shall be notified of the amount due or, if the exact amount has not been determined, the approximate amount due (see Appendix G).

(2) A decision denying a request for access, in whole or part, shall be in writing and shall state the basis for denial of the request. The decision shall also contain a statement that the denial may be appealed to the Assistant Secretary--Policy, Management and Budget by writing the Privacy Act Officer, Office of Assistant Secretary--Policy, Management and Budget, U.S. Department of the Interior, Washington, D.C. 20240, and that the appeal must be received by this official within twenty (20) days (Saturdays, Sundays and public legal holidays excepted) of the date of the decision.

(3) If the decision denying a request for access involves Department employee records which fall under the jurisdiction of the Office of Personnel Management, the individual shall be informed in a written response which shall:

(a) State the reasons for the denial.

(b) Include the name, position title, and address of the official responsible for the denial.

(c) Advise the individual that an appeal of the denial may be made only to the Assistant Director for Workforce Information, Personnel Systems and Oversight Group, Office of Personnel Management, 1900 E Street NW., Washington, D.C. 20415.

(4) Copies of decisions denying requests for access made pursuant to paragraphs above will be provided to the Departmental and Bureau Privacy Act Officers.

D. Fees.

(1) No fees may be charged for the cost of searching for or reviewing a record in response to a request.

(2) Fees for copying a record in response to a request shall be charged in accordance with the schedule of charges contained in Appendix G, unless the official responsible for processing the request determines that a reduction or waiver of fees is appropriate.

(3) Where it is anticipated that fees chargeable in connection with a request will exceed the amount the requester has indicated a willingness to pay, the official processing the request shall notify the requester that the request will not be processed until the requester has agreed, in writing, to pay appropriate fees.

3. Special Situations Involving Requests for Access to Records.

A. Medical Records.

(1) Medical records shall be disclosed to the individual to whom they pertain unless it is determined, in consultation with a medical doctor, that disclosure should be made to a medical doctor of the individual's choosing.

(2) If it is determined that disclosure of medical records directly to the individual to whom they pertain could have an adverse effect on that individual, the individual may designate a medical doctor to receive the records.

B. Inspection in the Presence of a Third Party.

(1) Individuals wishing to inspect records pertaining to them which have been opened for their inspection may, during the inspection, be accompanied by a person of their own choosing.

(2) When such a procedure is deemed appropriate, individuals to whom the records pertain may be required to furnish a written statement authorizing disclosure of their records in the accompanying person's presence. Form 9-2061, Privacy Act Disclosure Authorization (Figure 3-1), may be used for this purpose.

CHAPTER 6. AMENDMENT OF RECORDS

The Privacy Act permits individuals to request amendment of records pertaining to them if they believe the records are not accurate, relevant, timely or complete, 5 U.S.C. 552a(d)(2).

1. Submission of Petitions for Amendment.

A. Submission of Petitions.

(1) A request for amendment of a record shall be submitted to the system manager for the system of records containing the record unless the system notice describing the system prescribes or permits submission to a different official or officials. If an individual wishes to request amendment of records located in more than one system, petitions must be submitted to each system manager.

(2) A separate petition for amendment of a record may be submitted only if the individual submitting the petition has previously requested and been granted access to the record and has inspected or been given a copy of the record.

B. Form of Petitions.

(1) A petition for amendment shall be in writing and shall specifically identify the record for which amendment is sought.

(2) The petition shall state, in detail, the reasons why the petitioner believes the record, or the objectionable portion thereof, is not accurate, relevant, timely or complete. Copies of documents or evidence relied upon in support of these reasons shall be submitted with the petition.

(3) The petition shall state, specifically and in detail, the changes sought in the record. If the changes involve reprinting the record or portions thereof or involve adding new language to the record, the petition shall propose specific language to implement the changes.

2. Processing of Petitions for Amendment.

A. Decisions on Petitions. In reviewing a record in response to a petition for amendment, the accuracy, relevance, timeliness and completeness of the record shall be assessed against the criteria set out in Chapter 2, paragraph 1. In addition, personnel records shall be assessed against the criteria for determining record quality published in the Federal Personnel Manual.

B. Authority to Decide. An initial decision on a petition for amendment may be made only by the system manager responsible for the system of records containing the challenged record. If the system manager declines to amend the record as requested, the USGS Privacy Act Officer must concur in the decision in writing.

C. Acknowledgment of Receipt. Unless processing of a petition is completed within ten (10) working days, the receipt of the petition for amendment shall be acknowledged in writing by the system manager to whom it is directed.

D. Inadequate Petitions.

(1) If a petition does not meet the requirements of Chapter 6, paragraph 1, the petitioner shall be so advised and shall be informed of additional information which must be submitted to meet the requirements.

(2) If the petitioner fails to submit the additional information within a reasonable time, the petition may be rejected. The rejection shall be in writing and shall meet the requirements of Chapter 6, paragraph 2E below.

E. Form of Decision.

(1) A decision on a petition for amendment shall be in writing and shall state concisely the basis for the decision.

(2) If the petition for amendment is rejected, in whole or part, the decision shall advise the petitioner that the rejection may be appealed to the Assistant Secretary--Policy, Management and Budget by writing to the Privacy Act Officer, Office of the Assistant Secretary--Policy, Management and Budget, U.S. Department of the Interior, Washington, D.C. 20240, and that the appeal must be received by this official within twenty (20) working days of the date of the decision.

(3) If the petition for amendment involves Department employee records which fall under the jurisdiction of the Office of Personnel Management and is rejected, in whole or part, the petitioner shall be informed in a written response which shall:

(a) State concisely the basis for the decision.

(b) Advise the petitioner that an appeal of the rejection may be made pursuant to 5 CFR 297.306 only to the Assistant Director for Workforce Information, Personnel Systems and Oversight Group, Office of Personnel Management, 1900 E Street NW., Washington, D.C. 20415.

(4) Copies of rejections of petitions for amendment made pursuant to paragraphs above will be provided to the Departmental and Bureau Privacy Act Officers.

F. Implementation of the Initial Decision. If a petition for amendment is accepted, in whole or part, the system manager maintaining the record shall:

(1) Correct the records accordingly, and

(2) Where an accounting of disclosures has been made (see Chapter 3, paragraph 2), advise all previous recipients of the record that the correction was made and state the substance of the correction.

3. Time Limits for Processing Petitions for Amendment.

A. Acknowledgment of Receipt. The acknowledgment of receipt of a petition required by Chapter 6, paragraph 2C shall be dispatched not later than ten (10) days (Saturdays, Sundays and public legal holidays excepted) after receipt of the petition by the system manager responsible for the system containing the challenged record, unless a decision on that petition has been previously dispatched.

B. Decision on Petition. A petition for amendment shall be processed promptly. A determination whether to accept or reject the petition for amendment shall be made within thirty (30) working days after receipt of the petition by the system manager responsible for the system containing the challenged record.

C. Suspension of Time Limit. The thirty (30) day time limit for a decision on a petition shall be suspended if it is necessary to notify the petitioner, pursuant to Chapter 6, paragraph 2D, that additional information in support of the petition is required. Suspension of the time limit ends on receipt of the additional information by the system manager responsible for the system containing the challenged record.

D. Extension of Time.

(1) The thirty (30) day time limit for a decision on a petition may be extended if the official responsible for making a decision on the petition determines that an extension is necessary for one of the following reasons:

(a) A decision on the petition requires analysis of a voluminous record or records.

(b) Some or all of the challenged records must be collected from facilities other than the facility at which the official responsible for making the decision is located.

(c) Some or all of the challenged records are of concern to another agency of the Federal Government whose assistance and views are being sought in processing the request.

(2) If the official responsible for making a decision on the petition determines that an extension is necessary, the official shall promptly inform the petitioner of the extension and the date on which a decision is expected to be dispatched.

4. Appeals Following Petitions for Amendment.

A. Right of Appeal. Except for appeals pertaining to Office of Personnel Management records, where a petition for amendment has been rejected in whole or part, the individual submitting the petition may appeal the denial to the Assistant Secretary--Policy, Management and Budget.

B. Time of Appeal.

(1) An appeal must be received no later than twenty (20) working days after the date of the decision on a petition.

(2) The Assistant Secretary--Policy, Management and Budget may, for good cause shown, extend the time for submission of an appeal if a written request for additional time is received within twenty (20) days of the date of the decision on a petition.

C. Form of Appeal.

(1) An appeal shall be in writing and shall attach copies of the initial petition and the decision on that petition.

(2) The appeal shall contain a brief statement of the reasons why the appellant believes the decision on the petition to have been in error.

(3) The appeal shall be addressed to Privacy Act Officer, Office of the Assistant Secretary--Policy, Management and Budget, U.S. Department of the Interior, Washington, D.C. 20240.

D. Form of Decision. If the determination reverses, in whole or in part, the initial decision rejecting the petition for amendment, the system manager responsible for the system containing the challenged record shall be directed to:

(1) Amend the challenged record accordingly, and

(2) If an accounting of disclosures has been made, advise all previous recipients of the record of the amendment and its substance.

5. Statements of Disagreements.

A. Filing of Statement. If the determination of the Assistant Secretary--Policy, Management and Budget rejects, in whole or in part, a petition for amendment, the individual submitting the petition may file with the system manager for the system containing the challenged record a concise written statement setting forth the reasons for disagreement with the determination of the Department.

B. Disclosure of Statements. In any disclosure of a record containing information about which an individual has filed a statement of disagreement under this section which occurs after the filing of the statement, the disputed portion of the record will be clearly noted and the recipient shall be provided copies of the statement of disagreement. If appropriate, a concise statement of the Department's reasons for not making the requested amendments may also be provided to the recipient.

C. Maintenance of Statements. System managers will develop procedures to assure that statements of disagreement filed with them shall be maintained in such a way as to assure dissemination of the statements to recipients of the records to which the statements pertain.

CHAPTER 7. RECORDS DISPOSAL

All USGS Privacy Act records are to be disposed of in accordance with applicable records disposition instructions contained in the USGS General Records Schedule or the division-specific records disposition schedule. These schedules are available from the Division Records Liaison Officer at headquarters or from Division Records Liaison Coordinators for field offices.

Privacy Act records are disposed of as follows:

A. Records may be burned, shredded, or pulped within the organization.

B. Records may be pulped, macerated, or shredded by a wastepaper contractor; however, a Federal employee must witness the destruction.

C. Federal Records Center personnel will dispose of, and witness the destruction of records in their possession.

CHAPTER 8. GUIDELINES FOR USGS PRIVACY ACT SYSTEM MANAGERS

Under the Privacy Act of 1974, 5 U.S.C. 552a, a "system manager" is an official designated in a system notice who has administrative responsibility for a system of records. This individual is directly responsible for the following functions pertaining to that specific system of records and must:

1. Ensure that the information collected and maintained in the system is necessary and relevant to a function which the agency is authorized to perform. Ensure that no information is maintained relevant to how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained, or unless pertinent to and within the scope of an authorized law enforcement activity.

2. Prepare and publish a system notice in the Federal Register of the existence and characteristics of the system.

3. To the greatest extent possible, ensure that the information in the system is obtained from the individual to whom the information pertains.

4. Ensure that when persons are requested to supply information about themselves, they are made aware of the authority for collection of the information, whether disclosure of such information is mandatory or voluntary, the principal purposes, routine uses, and the effect on the individual, if any, of not providing all or any part of the requested information.

5. Ensure that no records in the system are disclosed by any means of communication to any person or to another agency without the written authorization of the individual to whom they pertain, unless disclosure is authorized under one of the exceptions listed in Chapter 3, paragraph 1B of this Handbook.

6. Establish and maintain appropriate administrative, technical and physical safeguards to ensure the security and confidentiality of records, making sure that the records are available to and disclosed only to those persons authorized to have access, and otherwise to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, or inconvenience to any individual on whom information is maintained.

7. Maintain a written accounting of each disclosure of information (except for disclosures to personnel within the Department who have an official need to know, or to the public under the Freedom of Information Act (FOIA)) for 5 years after the disclosure, or the life of the record, whichever is longer. Make the accounting available to the individual on whom the information is maintained.

8. Make reasonable efforts to notify an individual when his or her record(s) is made available to any person under a court order and becomes a matter of public record.

9. Notify an individual making a request if a system of records contains a record pertaining to him or her. Permit the individual to have access to the record and to have an opportunity to request that the record be amended, or to file a statement of disagreement. An initial decision on a petition for amendment may be made only by the system manager.

10. Assure that denials of requests for notification of existence of records are made only by the system manager and concurred in by the USGS Privacy Act Officer.

11. When an individual is denied access to his or her record, or a third party request for access is denied, assure that the USGS Privacy Act Officer concurs in the denial.

12. Inform prior recipients when a record is amended pursuant to the request of an individual; or when a statement of disagreement has been filed, advise any subsequent recipient that a record is disputed, and provide a copy of the statement of disagreement to both prior and subsequent recipients of the information.

13. Ensure, when the system is handled by a private contractor, that the same procedures and safeguards are used which apply for an in-house system. Records transmitted, stored, or processed at the facility of a contractor are considered to be maintained by the system manager.

14. Refrain from renting or selling lists of names and addresses unless specifically authorized by law.

15. Ensure adequate training and instruction to employees who operate the system so that all appropriate requirements are met. Employees handling records which are subject to the provisions of the Privacy Act should be aware of the criminal liabilities and penalties for improper use and disclosure of such records.

16. Prepare a revised system notice for any changes to the system which involve:

A. Exemption of the system of records from any provisions of the Privacy Act pursuant to 5 U.S.C. 552a (j) or (k).

B. Change to the number and types of individuals on whom records are maintained.

C. Expansion of the types or categories of information maintained.

D. Change in the manner in which the records are organized, indexed, or retrieved so as to change the nature or the scope of these records.

E. Changes in the purposes for which the information is used, or which can result in new routine disclosures outside the Department.

F. Changes to the equipment configuration (e.g., hardware and software) on which the system is operated which may create the potential for either greater or easier access.

17. Arrange for information to be collected and reported to the USGS Privacy Act Officer, on the administration of the system so that this information is available for the biennial Privacy Act Report requested by the Office of Management and Budget. This report is described in Chapter 13.

CHAPTER 9. GUIDELINES FOR USGS EMPLOYEES HANDLING

PRIVACY ACT RECORDS

1. General. These guidelines are applicable to all personnel who have access to systems of records subject to the Act, or who are engaged in the development of procedures or systems for handling such records (i.e., those engaged in personnel management, records/paperwork management, computer systems development and operations, communications, statistical data collection and analysis, and program evaluation).

Program officials and system managers are responsible for ensuring that no irrelevant or unnecessary personal information is collected. Officials shall ensure that no personal information of questionable relevancy or necessity is maintained that could, if disclosed, have adverse or embarrassing consequences for the individual to whom the information pertains or results in a nuisance to the individual. Employees working with a system of records shall make all reasonable efforts to maintain accurate and timely records.

Employees whose duties require handling of records subject to the Act shall protect the integrity, security, and confidentiality of these records.

Employees shall protect personal information contained in systems of records subject to the Act from disclosure for any purpose other than that for which the information was gathered, or under certain exceptions provided in the Act.

The Privacy Act basically prohibits the disclosure of information contained in systems of records subject to the Act without the written permission of the individual to whom the record pertains. There are twelve exceptions to this prohibition as described in Chapter 3, paragraph 1B of this Handbook. Not all records systems are subject to the Act, only those from which information about an individual is retrieved by the use of the person's name, or some other personal identifier such as a number or symbol. A listing of systems of records notices for Privacy Act records under USGS cognizance is at Appendix H.

A disclosure occurs when information in a system of records is revealed to a third person. The Act provides for criminal and civil penalties for improper disclosures. The system manager (listed in the system notice) is responsible for assuring that normal disclosures associated with a system of records are in conformance with the Act. He or she is also responsible for providing guidance when disclosures outside the normal activity are requested. Requests for disclosures not fitting regular activities or the guidelines provided in this Handbook should be referred to the system manager.

Under Office of Personnel Management regulations, the following basic information on most federal employees must routinely be made available to the public:

A. Present and past position titles.

B. Present and past grades.

C. Present and past salaries (prior to deductions only).

D. Present and past duty stations, including specific location details such as room number.

NOTE: The above information (Items A - D) is generally limited to Federal employment.

No employee may alter or destroy a record subject to the Act unless undertaken in the course of his or her regular duties, required by a decision under the Department's regulations (43 CFR Part 2, Subpart D, Section 2.70-2.75), or pursuant to a court decision.

Any employee who knowingly and willfully makes an unauthorized disclosure of records subject to the Act, or who willfully maintains a system of records without meeting the Act's notice requirements (5 U.S.C. 552a(i)(1)), could be found guilty of a misdemeanor and could be fined up to $5,000.

2. Guidelines for Employees Processing Requests for Notification, Access or Amendment of Privacy Act Records. These instructions are for employees processing formal requests for notification, access or amendment involving systems of records subject to the Privacy Act of 1974. The Act grants individuals, subject to certain exceptions, the right to know whether information is being kept on them, to see the information, and to petition for changes in the information. These rights apply to systems of records accessed by an individual's name, an identifying number, symbol or other identifier. The bureaus and offices of the Department have identified the record systems subject to the Act. These guidelines do not apply to OPM record systems.

To claim the rights afforded by the Privacy Act, an individual must follow the formal procedures established by the Department's regulations (43 CFR Part 2, Subpart D) synopsized in Chapters 4, 5, and 6 of this Handbook. The USGS, however, may honor requests for notification, access or amendment that do not meet the requirements of the regulations (i.e., an oral or telephone request). The system manager (the official responsible for the records you are handling) may issue instructions providing for responding to informal requests. This set of guidelines, though, assumes a formal request by the individual under the provisions of the Privacy Act.

In carrying out the instructions in these guidelines, keep in mind that individuals making requests under the Privacy Act are exercising rights granted by the Act. Responses, therefore, should be in keeping with these rights. Departmental policy is to facilitate exercise of Privacy Act rights. Inquiries from individuals shall be responded to as quickly and with as few procedural difficulties as possible.

A. Inquiries About the Existence of Records. The Privacy Act recognizes that individuals must be aware that certain systems of records exist before they can determine whether any of the systems contain data about them. Therefore, the Act requires publication of a notice describing each system of records containing information about individuals which is accessible by an individual's name, identifying number, symbol, or other identifier. A copy of the published notice for the records system with which you are working is available from the system manager or the USGS Privacy Act Officer. (A listing of USGS Privacy Act system notices is provided in Appendix H.)

The published system notice both describes the system and explains how individuals can determine whether the system contains personal information pertaining to themselves. Generally, an individual needs only to provide his or her name for such a check. In some cases, however, other information is needed for locating records (e.g., social security number). In these cases the system notice will specify the additional information necessary for access.

Departmental regulations (43 CFR 2.60) require that requests for notification invoking the Privacy Act be in writing. These requests should be marked "Privacy Act Inquiry" to ensure expeditious handling, should identify the system of records to which the inquiry pertains, and should comply with other requirements set forth in the system notice. Requests may be mailed or delivered personally to the location given in the system notice.

Upon receiving the request, you must determine if the request meets the above-noted requirements. If it does, then carry out the following steps:

(1) Determine whether records on that individual are maintained in the files.

(2) Determine if the records contain information gathered in reasonable anticipation of a civil action or proceeding, or if the system of records is exempt from notification requirements under a rule adopted by the Secretary. You should know whether an exemption has been claimed for the records. If you do not know, ask the system manager or read the system notice which has been published for the records system. If either of the foregoing conditions apply, notify the system manager through the channels established for the system of records. The system manager is responsible for promptly notifying the individual whether he or she is entitled to know if any records exist. UNDER NO CIRCUMSTANCES SHOULD AN EMPLOYEE CONVEY TO THE INQUIRING INDIVIDUAL THAT THE RECORDS EXIST OR THAT THERE IS A RESTRICTION ON NOTIFICATION.

(3) If you find records that are not subject to the exemptions noted in paragraph 2A(2) above, determine the types of records and prepare a response to the requester that identifies the records being maintained so the individual may choose the record(s) he or she wishes to inspect. (This does not mean that the individual has a right to inspect the records since access to them may be restricted for other reasons. However, the requester has a right to know that they exist.)

(4) Advise the individual if no records are found.

B. Requests to Inspect Records. This step may or may not have been preceded by the procedures described above. Often an individual knows that records exist on him or her in the system, and may directly request access to them. Like an inquiry concerning the existence of records, a request for access must be in writing. The request should be marked "Privacy Act Request for Access" and should contain the information required by the above referenced regulation and the system notice.

Upon receiving a Privacy Act request for access, you should take the following steps:

(l) Determine the individual's identity. Usually the signature on the letter or an identification card will suffice. The system manager or the system notice will inform you if additional identification is required.

(2) Determine whether the requested records are available for inspection by the individual. The Privacy Act requires that records be available for inspection unless compiled in reasonable anticipation of a civil action or proceeding or exempted by a rule adopted by the Secretary. Your system manager is responsible for giving guidance on how to handle records that are exempted from the access provisions of the Act. You should know whether an exemption has been claimed for the records you are working with. If you do not know, ask the system manager or read the system notice which has been published for the records system.

(3) If the records are available for inspection by the individual, retrieve the records and make them available to the individual in a suitable space.

NOTE: The Privacy Act gives the individual the right to see his or her records unless they are exempted. An access request must be acted on promptly. The agency may not plead cost or workload burden as a reason for not making the records available or for taking a long time to respond. The agency also may not charge the requester for any costs related to making the information and records available unless copies have been requested. In those cases only copying may be charged.

(a) If the individual is accompanied by a third party who wishes to see the records, a written, signed statement from the individual whose records are being examined is required stating that the other party may be present during the inspection.

(b) If the request to inspect the records specifies that copies of the record are to be sent to the individual, the request should also state the amount of money the individual is willing to pay for the copies.

(i) The system manager should provide a copy of the Department's schedule of charges for providing copies of the records (Appendix G of this Handbook). Determine the number of copies required and the amount to be charged. If the charge will equal or be less than the amount indicated in the request, make the requested copies of the record and send the copies to the requester along with a bill for collection (DI-1040).

(ii) If the cost will exceed the stipulated amount, advise the individual of the full anticipated cost and costs of portions (if appropriate) of the record. The requester must agree in writing to pay fees as high as are anticipated before the request is processed.

(iii) The system manager may specify that medical records in the system, including psychological records, are not to be shown to the individual. In such cases, copies of the medical records may be sent to a physician of the individual's choice upon the receipt of a letter from the physician requesting the file on behalf of the individual. The physician will then decide whether to reveal the contents of the medical record to the individual. There is no charge for the copies, even if the physician retains them.

C. Requests for Amendment of Records. The Privacy Act requires, among other things, that agencies collect, maintain, use or disseminate any records of identifiable personal information in a manner that assures that such action is for a necessary and lawful purpose. It also requires that the information be current and accurate for its intended use, and that adequate safeguards are provided to prevent misuse of the information. If, on inspection of the records, the individual believes that the records contain information inconsistent with the above requirements, he or she may request that the information be corrected or removed from the files.

The system manager is responsible for determining whether the information in the files is relevant, necessary, and accurate. Since these three conditions are not always clear-cut, individuals may disagree with what is in their records and want it removed or changed under one or more of the conditions of relevancy, necessity, or accuracy. The Privacy Act requires that requests for amendment be responded to or acknowledged within 10 days.

Departmental regulations (43 CFR 2.71) and Chapter 6, paragraph 1 of this Handbook require that a petition for amendment be submitted in writing, and that the request be submitted to the system manager.

In some cases, individuals personally inspecting their records may see routine information, such as an address or telephone number, that is incorrect. IF YOUR SYSTEM MANAGER HAS PROVIDED GUIDELINES AUTHORIZING SUCH CHANGES IN THE RECORDS, YOU MAY MAKE THEM IN ACCORDANCE WITH THE GUIDELINES.

CHAPTER 10. PRIVACY ACT SYSTEMS OF RECORDS INSPECTIONS

1. In accordance with 383 DM 3.14, the USGS Privacy Act Officer is required to conduct a periodic inspection of areas where records subject to the Privacy Act are maintained.

2. Inspections will encompass the proper safeguarding of records; maintenance of records on disclosures, access and amendment requests; and physical safeguards, including the posting of warning notices. (See Appendix E, Warning Notice.)

3. Privacy Act Systems of Records Managers will be notified in advance of each inspection so that a convenient time may be established for conduct of each inspection.

4. Appendix H to this Handbook lists all of the systems of records notices which cover USGS Privacy Act Systems of Records, and Appendix I contains a guide to typical items to be covered/examined during each inspection.

CHAPTER 11. USE OF SOCIAL SECURITY NUMBERS

1. Purpose. The Privacy Act of 1974 (5 U.S.C. 552a) contains specific provisions regarding agency requirements for individuals to disclose their social security numbers. These provisions apply to Federal agencies irrespective of whether the requested numbers are intended to be in a system of records subject to the Act.

2. Refusal to Disclose. No right, benefit, or privilege provided by law may be denied an individual because of the individual's refusal to disclose a social security number. This prohibition against penalizing an individual for refusing to disclose his or her number does not apply if:

A. The disclosure is specifically required by Federal statute, or

B. The disclosure is to an agency maintaining a system of records in existence and operating before January 1, 1975, if such disclosure was required by statute or regulation adopted before that date to verify the individual's identity.

3. Notice to Individuals. The Act requires that individuals who are asked to disclose their social security numbers be informed whether disclosure is mandatory or voluntary, by what authority the number is solicited, and what uses will be made of it. Whenever individuals are asked to provide their social security numbers, they must be advised of this information through an explanation on the data collection form, on an attached notice, or in an interview handout.

CHAPTER 12. COMPUTER MATCHING PROGRAMS

1. Use of Privacy Act Records in Matching Programs. This chapter provides guidelines and procedural requirements for the use of automated Privacy Act records by Federal, State, and local agencies for conducting, or participating in computer matching programs. These guidelines and procedural requirements are derived from the Departmental Manual, 383 DM 12 and 13, based on the provisions of the Computer Matching and Privacy Protection Act of 1988 (P.L. 100-503) which amended the Privacy Act of 1974, and related guidelines issued by the Office of Management and Budget (OMB).

A. Computer matching programs should be undertaken only if there is a potential for substantial financial benefit which outweighs the costs of conducting the match, and there are appropriate safeguards to protect an individual's right to privacy. Matching programs are to improve Government operations, reduce losses from fraud, abuse, error, or loan defaults, and assure the proper use of Government funds and property. Cooperation with other agencies (who are conducting such programs) is encouraged when the proposals are determined to be necessary, useful, and will not disrupt office operations and are in compliance with this chapter.

B. Public Law 100-503 applies only to automated matching programs that involve records subject to the Privacy Act that include:

(1) Applicants for, recipients or beneficiaries of, participants in, and providers of services that support Federal benefit programs.

(2) Federal personnel or payroll systems.

The Department, however, requires that the provisions of 383 DM 12 apply to all automated matching programs conducted by the Department or involve Departmental participation that will have an adverse effect on individuals (except where specifically exempted).

2. Definitions.

A. Matching Program. Any computerized comparison of two or more automated systems of records or a system of records with non-Federal records.

B. Recipient Agency. Any agency, or contractor thereof, receiving records from the Privacy Act systems of records of other Federal agencies or from State and local governments to be used in matching programs.

C. Non-Federal Agency. Any State or local government, or agency thereof, which receives automated records contained in a system of records from a Federal agency to be used in a matching program.

D. Source Agency. Any Federal agency which discloses automated records from a system of records to another Federal agency or to a State or local government to be used in a matching program, or any State or local government which discloses automated records to a Federal agency to be used in a matching program. (The Computer Matching Act does not cover matching between non-Federal agencies or private entities.)

E. Federal Benefit Program. Any program administered or funded by the Federal government, or by any agent or State on behalf of the Federal government, providing cash or in-kind assistance in the form of payments, grants, loans or loan guarantees to individuals.

F. Federal Personnel. Employees of the Government of the United States, members of the uniformed services, individuals entitled to receive immediate or deferred retirement benefits under any retirement program of the Government of the United States (including survivor benefits).

3. Exclusions. The following activities and procedures are not considered to be matching programs:

A. Matches performed to produce aggregate statistical data without any personal identifiers.

B. Matches performed to support any research or statistical project, the specific data of which may not be used to make decisions concerning the rights, benefits, or privileges of specific individuals.

C. Matches performed by an agency (or component thereof) which performs as its principal function any activity pertaining to the enforcement of criminal laws, subsequent to the initiation of a specific criminal or civil law enforcement investigation of a named person or persons for the purpose of gathering evidence against such person or persons.

D. Matches of tax information involving the disclosure of taxpayer return information to State tax officials; done for the purpose of tax administration as defined in Section 6103(b)(4) of the Internal Revenue Code; done pursuant to the Deficit Reduction Act of 1984 (DEFRA) where OMB finds the due process provisions of the statutes "substantially similar" to those of the DEFRA.

E. Routine administrative matches using records relating to Federal personnel only if the purpose of the match will not result in any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel.

F. Matches performed for foreign counterintelligence purposes or to produce background checks for security clearances of Federal personnel or Federal contractor personnel.

G. Internal agency matches using only records from the agency's system of records, only if the purpose of the match will not result in any adverse financial, personnel, disciplinary, or other adverse action against Federal personnel.

4. Procedures for Conducting Matching Programs. Any proposal to conduct an automated matching program, not specifically exempted, must address the following requirements before proceeding with data collection or matching procedures:

A. A benefit/cost analysis for the proposal must be prepared. (See paragraph 8 of this chapter for details.)

B. A written matching agreement between the bureau (recipient agency) and the source agency or non-Federal agency must be prepared and executed. (See Figure 12-1 for requirements.)

C. A notice announcing the establishment of the matching program must be prepared for publication in the Federal Register at least 30 days prior to conducting the match. (See Figure 12-2 for requirements.)

D. Forward the documents described above to the Privacy Act Officer of the USGS for transmittal to the Department's Data Integrity Board. The Board has been established to oversee and coordinate the Department's implementation of the Act, including:

(1) The review, approval, and maintenance of agreements for the receipt or disclosure by Departmental components of Privacy Act records for computer matching programs, including pilot matches, to ensure compliance with the Act's requirements and relevant statutes, regulations, and guidelines.

(2) The annual review for continued justification of all matching programs in which Departmental components have participated, as either a source or recipient agency, and participated in recordkeeping and disposal policies and practices.

(3) Compilation of an annual report to the Secretary and OMB on the Department's matching activities.

(4) Serving as a clearinghouse for receiving and providing information on accuracy, completeness, and reliability of Departmental records used in matching programs.

(5) Providing interpretation and guidance to Departmental components and personnel on computer matching programs, and reviewing related recordkeeping and disposal policies and practices.

Decisions of the Board are final for the Department. The Act, however, permits any party to a disapproved matching agreement to file an appeal with OMB. Any appeals by Departmental components will be filed by the Inspector General or the Secretary.

E. If the proposal is approved by the Data Integrity Board, notification will be in writing. After approval, the following actions must be taken:

(1) Forward the Federal Register notice for publication. The notice of the matching program may be placed in the Federal Register at the same time the notification is submitted to OMB and Congress, provided the notice plainly states that the matching program is subject to review by OMB and Congress and will not become effective until that review period (60 days) has elapsed.

(2) Forward (in duplicate) copies of the matching agreement and the Federal Register notice to the Senate Committee on Governmental Affairs, the House Committee on Government Operations, and OMB. The letters transmitting the materials should be addressed to the Chairmen of the Senate and House Committees, and to the Administrator, Office of Information and Regulatory Affairs, OMB, and should include the following information:

(a) What alternatives to matching have been considered and why a matching program was chosen.

(b) The date the match was approved by each participating Federal agency's Data Integrity Board.

(c) Whether a benefit-cost analysis was required and, if so, whether it projected a favorable ratio.

(d) If applicable, the reason for requesting a partial waiver of the 60-day OMB/Congress review period.

(e) If the proposal is disapproved, an appeal to OMB may be considered.

F. No matching agreement, program, or activity may be effective until 30 days following the publication in the Federal Register, and 60 days after the notifications to OMB and Congress. (A waiver of 30 of the 60 days required by OMB and Congress to review computer matching proposals may be requested. Such a request should be included in the transmittal letters described in paragraph 6E(2) above providing the reason for the waiver, and the adverse consequences of having to wait the entire 60 days.)

Note: When the 60-day review period has expired and no comment has been received from the reviewer (OMB and Congress), the office submitting a proposal for a matching program (either new or altered) may presume concurrence. Where a partial waiver has been requested, the office may make this presumption if 30 days have elapsed without comment.

G. The office conducting the matching program must maintain adequate documentation of the program's operations, costs, and accomplishments for reporting, audit, and renewal purposes.

5. Procedures for Disclosing Records for Matching Programs. Offices that receive requests from other agencies to provide records subject to the Privacy Act for matching programs must carry out the following responsibilities before taking action on such requests.

A. Execute a matching agreement with the recipient agency. If the recipient will be a non-Federal agency, then the office must prepare a matching agreement as described in Figure 12-1.

B. If the recipient is a non-Federal agency, prepare a Federal Register notice as described in Figure 12-2.

C. Obtain from the recipient agency a copy of the benefit/cost analysis for the matching program, and supplement the analysis with information on estimated costs that your office will incur to participate in the program.

D. Ensure that the disclosure provisions of the Privacy Act are met for the system of records from which the disclosures will be made.

E. Ensure that the "due process" provisions are properly addressed by the recipient agency.

F. Forward the proposal to the Privacy Act Officer of the USGS for forwarding to the Department's Data Integrity Board.

G. If the proposal is approved and the recipient organization is a non-Federal agency, forward the documents to the Office of the Federal Register, Congress, and OMB. If the recipient is another Federal agency, that organization is responsible for publication and reporting to OMB and Congress and should be notified of the approval.

H. No matching agreement may become effective, or disclosure of records be made to the recipient agency, until the publication and review periods have elapsed.

I. The office participating in such a matching program must obtain assurances from the recipient agency that adequate information will be developed, maintained, and made available for reporting, audit, and renewal purposes. Such assurances may be included in the terms of the matching agreement.

6. Providing Due Process to Matching Subjects. The law prescribes certain due process requirements that subjects of matching programs must be afforded when matches uncover adverse information about them.

A. Verification of Adverse Information. Agencies may not premise adverse action upon the raw results of a computer match. Any adverse information so developed must be subjected to investigation and verification before action is taken. In many cases, the individual record subject is the best source for determining a finding's validity, and the individual should be contacted. In other cases, the payer of a benefit will have the most accurate record relating to payment and should be contacted for verification. However, in some cases, contacting the subject initially may permit them to conceal data relevant to a decision; and, in those cases, the agency may elect to examine other sources. Absolute confirmation is not required, but a reasonable verification process that yields confirmatory data will provide the agency with a reasonable basis for taking action.

B. Notice and Opportunity to Contest. Agencies are required to notify matching subjects of adverse information uncovered and give them an opportunity to explain prior to making a final determination. Individuals may have at least 30 days to respond to a notice of adverse action. The period runs from the date of the notice until 30 calendar days later including transit time. (The notification period may be longer than 30 days if required by statute or regulation.)

(1) If an individual contacts the agency within the notice period and indicates acceptance of the validity of the adverse information, agencies may take immediate action to deny or terminate. Agencies may also take action if the period expires without contact.

(2) If the Federal program involved in the match has its own due process requirements, those requirements may suffice for the purposes of the Computer Matching Act, provided they are at least as strong as that Act's provisions.

(3) In any case, if an agency determines that there is likely to be a potentially significant effect on public health or safety, appropriate action may be taken, notwithstanding these due process provisions.

7. Changes to Existing Matching Programs. Proposals to substantially alter existing computer matching programs require the same review, approval, publication, and notification as initial proposals. The types of significant revisions which require approval are changes to:

A. The purpose for which the program was established.

B. The matching population, either by including new categories of records subjects or by greatly increasing the numbers of records matched.

C. The legal authority under which the match was being conducted.

D. The records that will be used in the match.

8. Benefit/Cost Analysis.

A. The Computer Matching Act requires that a benefit/cost analysis be a part of the decision to conduct or participate in a matching program. The requirement ensures that sound management practices are followed when using Privacy Act systems of records in matching programs.

B. The analysis should contain specific estimates of:

(1) The costs to the recipient and source agencies for conducting the matching program.

(2) The savings of other tangible or intangible benefits that will be achieved.

C. Consideration should be given to the following when preparing a benefit/cost analysis:

(1) The matching programs should be designed to ensure collection of data that will permit accurate assessments; reasonable estimates are acceptable.

(2) The GAO report, "Computer Matching, Assessing Its Costs and Benefits," GAO/PEMD-87-2, November, 1986, may be helpful as methodologies are developed to prepare a benefit/cost analysis.

(3) When preparing a benefit/cost analysis, this is an opportunity to reexamine programs and to weed out those that produce only marginal results.

NOTE: A benefit/cost analysis need not be done if a match is specifically

required by statute; however, if such a matching agreement is renegotiated,

then a benefit/cost analysis covering the preceding matches must be done.

9. Responsibilities of Non-Federal Agencies. The Act does not apply to or affect non-Federal agencies using their own records for matching purposes; however, the Act does require such agencies, when participating in computer matches to:

A. Execute matching agreements prepared by Federal agencies involved in the matching program.

B. Provide data to Federal agencies on the benefits and costs of matching programs.

C. Certify that they will not take adverse action against an individual as a result of any information developed in a matching program unless the information has been independently verified and until 30 days after the individual has been notified of the findings and given an opportunity to contest them. The notification period may be longer than 30 days if required by statute or regulation.

D. For renewals of matching programs, certify that the terms of the matching agreement have been followed.

10. Use of Contractors. Matching programs should, as far as practicable, be conducted "in house" using USGS personnel, rather than by contract. When contractors are used, the following requirements apply:

A. The matching agency should, consistent with subsection (m) of the Privacy Act, cause the requirements of that Act to be applied to the contractor's performance of the matching program. The solicitation and resulting contract should include the Privacy Act provisions required by FAR Subpart 24.1 as supplemented by DIAR Subpart 1424.1.

B. The terms of the contract should include appropriate privacy and security provisions consistent with policies, regulations, standards and guidelines issued by OMB, GSA, and the Department of Commerce.

C. The terms of the contract should preclude the contractor from using, disclosing, copying, or retaining records associated with the matching program for the contractor's own use.

D. Contractor personnel involved in the matching program should be made explicitly aware of their obligations under the Act, and any special safeguards in relation to each specific match performed.

E. Before any disclosures from the pertinent system of records are made to the contractor, the notice describing the system must meet the requirements of the Privacy Act disclosure restrictions; i.e., records may not be disclosed to any third party without the advance written consent of the person to whom the records pertain, unless disclosure falls under any of the twelve exceptions which permit disclosures without the consent of the individual of record.

11. Reports. Offices should be prepared to report on matching programs pursuant to the reporting requirements of either the Privacy Act of 1974 or the Computer Matching and Privacy Protection Act of 1988. Reports will be solicited by the Privacy Act Officer of USGS, at the direction of the Department and OMB, and will focus on both the protection of individual privacy and the Government's effective use of information technology. Reporting instructions will be disseminated to offices as part of the reports required by SM 431.7.

Figure 12-1

This figure describes the items to be addressed and included in inter- and intra-agency agreements to conduct computer matching programs. Agreements must contain the following:

1. Purpose and Legal Authority. Describe the general purpose and cite the legal authority for the matching program. Since the Computer Matching Act (P.L. 100-503) provides no independent authority for the operations of matching programs, agencies should cite a specific Federal or State authority or regulatory basis for undertaking such programs.

2. Justification and Expected Results. Provide an explanation of why computer matching as opposed to some other administrative activity is being proposed and what the expected results will be. A summary of the benefit/cost analysis prepared for the proposal should be provided, and a copy of the actual analysis included.

3. Records Description. Provide a description and identification of the systems of records or non-Federal records, the number of records, and what data elements will be included in the match. The Federal systems of records involved should be specifically identified by providing the system numbers, names, and citations to the last Federal Register publication of the system notices. Projected starting and completion dates for the program should also be provided.

4. Notice Procedures. Describe the procedures to notify individuals of the matching program. There are two ways in which record subjects can receive notice that their records may be matched:

A. By direct notice when there is some form of contact between the Government and the subject, e.g., information on the application form when they apply for a benefit, or in a notice that arrives with a benefit that they receive.

B. By constructive notice, e.g., publication of system notices, routine use disclosures, and matching programs in the Federal Register.

5. Due Process Procedures. Provide a description of the methods the agency will use to independently verify the information obtained through the matching program and to provide individuals proper notice and opportunity to contest findings.

6. Disposition of Matched Items. Include a statement that information generated through the match will be destroyed as soon as it has served the matching program's purpose, and any legal retention requirements the agency establishes in conjunction with the National Archives and Records Administration or other cognizant authority have been met.

7. Security Procedures. Provide a description of the administrative and technical safeguards to be used in protecting the information, commensurate with the level of sensitivity of the data.

8. Records Usage, Duplication and Redisclosure. Describe any specific restrictions imposed by either the source agency or by statute or regulation on collateral uses of the records used in the matching program. In general, recipient agencies should not subsequently disclose records obtained for a matching program and under the terms of a matching agreement for other purposes absent a specific statutory requirement, or where the disclosure is essential to the conduct of the matching program. The agreement should specify how long a recipient agency may keep records provided for a matching program, and when they will be returned to the source agency or destroyed.

9. Records Accuracy Assessments. Provide information relating to the quality of the records to be used in the matching program. Record accuracy is important from two standpoints. In the first case, the worse the quality of the data, the less likely a matching program will have a cost-beneficial result. In the second case, the Privacy Act requires Federal agencies to maintain information in systems of records to a standard of accuracy that will reasonably assure fairness in any determination made on the basis of the record. Thus, an agency receiving records from another Federal agency or from a non-Federal agency needs to know information about the accuracy of such records in order to comply with the law. The Privacy Act also requires agencies to take reasonable steps to ensure the accuracy of records that are disclosed to non-Federal recipients.

10. Comptroller General Access. Include a statement that the Comptroller General of the U.S. may have access to all records of a recipient agency or non-Federal agency necessary to monitor or verify compliance with the agreement. It should be understood that this requirement permits the Comptroller General to inspect any State or local government records used in the matching program covered by the agreement.

11. Action on Adverse Information. Include an appropriate statement indicating that the pertinent signatories to the agreement certify that no adverse action will be taken against an individual as a result of any information developed in a matching program unless the information has been independently verified, and until 30 days after the individual has been notified of the findings and given an opportunity to contest them.

12. Expiration Date. A matching agreement should remain in force for only so long as necessary to accomplish the specific matching purpose. However, by statute, a matching agreement automatically expires at the end of 18 months unless 3 months prior to the actual expiration date, the Date Integrity Board of the pertinent Federal Agency finds that the program will be conducted without change and each party certifies that the program has been conducted in compliance with the matching agreement. Under this finding, the Board may extend the agreement for not more than 1 additional year. Therefore, a statement regarding the term of the matching agreement should be included in this section.

13. Signatories. Show the name, title, organization and date signed for each of the signatories to the agreement. The Director, Associate Director, or the Assistant Director for Administration, should sign all agreements for the USGS.

Figure 12-2

FEDERAL REGISTER NOTICES

FOR

MATCHING AGREEMENTS

This figure describes the items to be addressed and included in Federal Register notices to publish the establishment or alteration of a computer matching program. Guidance on the preparation of Federal Register notices is provided in SM 431.8. Computer matching notices should contain the following:

1. Name of participating agency or agencies.

2. Purpose of the match.

3. Authority for conducting the matching program. (Note that the Computer Matching Act, P.L. 100-503, provides no independent authority for carrying out any matching activity).

4. Categories of records and individuals covered.

5. Inclusive dates of the matching program.

6. Address for receipt of public comments or inquiries.

Note: If the notice will be submitted to the Federal Register at the same time as the reports to OMB and Congress, the notice should state that the matching program is subject to review by OMB and Congress and will not become effective until that review period (60 days) has elapsed.

CHAPTER 13. PRIVACY ACT BIENNIAL REPORT

1. Biennial Report. The USGS Privacy Act Officer is required to prepare a biennial report to the Department on USGS activities relating to the Privacy Act. The report is prepared to reflect bureau activities during the previous two calendar years. The Department incorporates the information provided into its report to the Office of Management and Budget (OMB) as required by OMB Circular No. A-130. Departmental Report Control Symbol OMB-75-017 has been assigned to this reporting requirement. This information, in turn, is used to compile the President's Biennial Privacy Act Report to Congress as required by 5 U.S.C. 552a(f).

2. Report Contents. The contents of the report are prescribed by OMB. The report generally requires information on the number of access and amendment requests to Privacy Act records where the Privacy Act is formally cited.

A. In order to meet the above reporting requirement each USGS Privacy Act system manager must maintain a record of the following data for each system of records subject to the Act:

(1) Total number of access requests.

(2) Number of access requests wholly or partially granted.

(3) Number of access requests totally denied.

(4) Number of access requests for which no record was found.

(5) Total number of requests to amend records.

(6) Number of amendment requests wholly or partially granted.

(7) Number of amendment requests totally denied.

NOTE: Only formal access or amendment requests need to be reported (i.e., those requests where the individual formally cites or invokes the provisions of the Privacy Act in the request).

B. Other information generally required (and compiled by the USGS Privacy Act Officer) for the report is as follows:

(1) An analysis of Privacy Act operations during the past two years to indicate the degree of effort expended to comply with the objectives of the Act (e.g., trends in access/amendment requests; trends in maintenance of data; increases or decreases in the number of individuals on whom records are being maintained; efforts made to reduce the number of systems or numbers of individuals included in systems of records).

(2) Recommendations for change (i.e., administrative or legislative changes) which identify problem areas in the implementation of the Act and proposed solutions.

(3) Information on USGS participation in computer matching programs; i.e., a listing and description of any matching programs conducted as a matching agency during the two calendar years and information on matching programs in which the USGS, acting as a source agency, provided records to another agency for matching purposes.

(4) Information on the numbers of systems of records that have been newly automated, in whole or in part.

Appendices A through I are not available here. See printed handbook.


Return to Handbooks
Return to Survey Manual Home Page
U.S. Department of the Interior, U.S. Geological Survey, Reston, VA, USA
URL: http://www.usgs.gov/usgs-manual/handbook/hb/319-1-h.html
Contact: APS, Office of Policy and Analysis
Content Information Contact: jomargaret_hale@usgs.gov
Last modification: 11-Jan-2013@10:37 (kk)
Privacy Statement || Disclaimer || FOIA || Accessibility