(i) Whether the nature of the information sought is such that it can only be obtained from a third party;

(ii) Whether the cost of collecting the information from the individual is unreasonable when compared with the cost of collecting it from a third party;

(iii) Whether there is a risk that information collected from third parties, if inaccurate, could result in an adverse determination to the individual concerned;

(iv) Whether the information, if supplied by the individual, would have to be verified by a third party; or

(v) Whether provisions can be made for verification, by the individual, of information collected from third parties.

(d) Advice to individuals concerning uses of information. (1) Each individual who is asked to supply information about him or herself which will be added to a system of records shall be informed of the basis for requesting the information, how it may be used, and what the consequences, if any, are of not supplying the information.

(2) At a minimum, the notice to the individual must state:

(i) The authority (whether granted by statute or Executive Order of the President) which authorizes the solicitation of the information and whether disclosure of such information is mandatory or voluntary;

(ii) The principal purpose or purposes for which the information is intended to be used;

(iii) The routine uses which may be made of the information; and

(iv) The effects on the individual, if any, of not providing all or any part of the requested information.

(3)(i) When information is collected on a standard form, the notice to the individual shall be provided on the form, on a tear-off sheet attached to the form, or on a separate sheet, whichever is most practical.

(ii) When information is collected by an interviewer, the interviewer shall privide the individual with a written notice which the individual may retain. If the interview is conducted by telephone, however, the interviewer may summarize the notice for the individual and need not provide a copy to

the individual unless the individual requests a copy.

(iii) An individual may be asked to acknowledge, in writing, that the notice required by this section has been provided.

(e) Records concerning activity protected by the First Amendment. No record may be maintained describing how any individual exercises rights guaranteed by the First Amendment to the Constitution unless the maintenance of the record is (1) expressly authorized by statute or by the individual about whom the record is maintained or (2) pertinent to and within the scope of an authorized law enforcement activity.

[40 FR 44505, Sept. 26, 1975, as amended at 48 FR 56583, Dec. 22, 1983]

$2.49 [Reserved]

§2.50 Federal Register notices describing systems of records.

(a) The Privacy Act requires publication of a notice in the FEDERAL REGISTER describing each system of records subject to the Act. Such notice will be published prior to the establishment or a revision of the system of records. 5 U.S.C. 552a(e)(4).

(b) Each bureau shall notify the Departmental Privacy Act Officer promptly of any modifications or amendments which are required in the then-current notice describing a system of records for which it is responsible.

(c) A bureau desiring to establish a new system of records or a new use for an existing system of records shall notify the Departmental Privacy Act Officer, no fewer than ninety (90) calendar days in advance.

[48 FR 56583, Dec. 22, 1983]

§2.51 Assuring integrity of records.

(a) Statutory requirement. The Privacy Act requires that records subject to the Act be maintained with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm,

190-167 D-00--2

embarassment, inconvenience, or unfairness to any individual on whom information is maintained, 5 U.S.C. 552a(e)(10).

(b) Records maintained in manual form. When maintained in manual form, records subject to the Privacy Act shall be maintained in a manner commensurate with the sensitivity of the information contained in the system of records. The following minimum safeguards, or safeguards affording comparable protection, are applicable to Privacy Act systems of records containing sensitive information:

(1) Areas in which the records are maintained or regularly used shall be posted with an appropriate warning stating that access to the records is limited to authorized persons. The warning also shall summarize the requirements of §2.52 and state that the Privacy Act contains a criminal penalty for the unauthorized disclosure of records to which it applies.

(2) During working hours, (i) the area in which the records are maintained or regularly used shall be occupied by authorized personnel or (ii) access to the records shall be restricted by their storage in locked metal file cabinets or a locked room.

(3) During non-working hours, access to the records shall be restricted by their storage in locked metal file cabinets or a locked room.

(4) Where a locked room is the method of security provided for a system, the bureau responsible for the system shall supplement that security by (i) providing lockable file cabinets or containers for the records or (ii) changing the lock or locks for the room so that they may not be opened with a master key. For the purposes of this paragraph, a master key is a key which may be used to open rooms other than the room containing records subject to the Privacy Act, unless those rooms are utilized by officials or employees authorized to have access to the records subject to the Privacy Act.

(c) Records maintained in computerized form. When maintained in computerized form, records subject to the Privacy Act shall be maintained, at a minimum, subject to safeguards based on those recommended in the National Bureau of Standard's booklet "Com

puter Security Guidelines for Implementing the Privacy Act of 1974" (May 30, 1975), and any supplements thereto. which are adequate and appropriate to assuring the integrity of records in the system.

(d) Office of Personnel Management personnel records. A system of records made up of Office of Personnel Management personnel records shall be maintained under the security requirements set out in 5 CFR 293.106 and 293.107.

(e) Bureau responsibility. (1) The bureau responsible for a system of records shall be responsible for assuring that specific procedures are developed to assure that the records in the system are maintained with security meeting the requirements of the Act and this sec

tion.

(2) These procedures shall be in writing and shall be posted or otherwise periodically brought to the attention of employees working with the records contained in the system.

[40 FR 44505, Sept. 26, 1975, as amended at 48 FR 56583, Dec. 22, 1983]

§2.52 Conduct of employees.

(a) Handling of records subject to the Act. Employees whose duties require handling of records subject to the Privacy Act shall, at all times, take care to protect the integrity, security and confidentiality of these records.

(b) Disclosure of records. No employee of the Department may disclose records subject to the Privacy Act unless disclosure is permitted under §2.56 or is to the individual to whom the record pertains.

(c) Alteration of records. No employee of the Department may alter or destroy a record subject to the Privacy Act unless (1) such alteration or destruction is properly undertaken in the course of the employee's regular duties or (2) such alteration or destruction is required by a decision under §§ 2.70 through 2.75 or the decision of a court of competent jurisdiction.

(d) Bureau responsibility. The bureau responsible for a system of records shall be responsible for assuring that employees with access to the system are made aware of the requirements of this section and of 5 U.S.C. 552a(i)(1), which imposes criminal penalties for knowingly and willfully disclosing a

record about an individual without the written request or consent of that individual unless disclosure is permitted under one of the exceptions listed in §2.56 (b) and (c).

§2.53 Government contracts.

(a) Required contract provisions. When a contract provides for the operation by or on behalf of the Department of a system of records to accomplish a Department function, the contract shall, consistent with the Department's authority, cause the requirements of 5 U.S.C. 552a and the regulations contained in this subpart to be applied to such system.

(b) System manager. The head of the bureau responsible for the contract shall designate a regular employee of the bureau to be the manager for a system of records operated by a contractor.

§§ 2.54-2.55 [Reserved]

§2.56 Disclosure of records.

(a) Prohibition of disclosure. No record contained in a system of records may be disclosed by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains.

(b) General exceptions. The prohibition contained in paragraph (a) does not apply where disclosure of the record would be:

(1) To those officers or employees of the Department who have a need for the record in the performance of their duties; or

(2) Required by the Freedom of Information Act, 5 U.S.C. 552.

(c) Specific exceptions. The prohibition contained in paragraph (a) of this section does not apply where disclosure of the record would be:

(1) For a routine use as defined in §2.46(j) which has been described in a system notice published in the FEDERAL REGISTER;

(2) To the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of Title 13, U.S. Code.

(3) To a recipient who has provided the system manager responsible for the system in which the record is maintained with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable;

(4) To the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the U.S. Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value;

(5) To another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the Department specifying the particular portion desired and the law enforcement activity for which the record is sought;

(6) To a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual;

(7) To either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee;

(8) To the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the General Accounting Office;

(9) Pursuant to the order of a court of competent jurisdiction; or

(10) To a consumer reporting agency in accordance with section 3(d) of the Federal Claims Collection Act of 1966, as amended (31 U.S.C. 3711(f)).

(d) Reviewing records prior to disclosure. (1) Prior to any disclosure of a record about an individual, unless disclosure is required by the Freedom of Information Act, reasonable efforts shall be made to assure that the

records are accurate, complete, timely and relevant for agency purposes.

(2) When a record is disclosed in connection with a Freedom of Information request made under subpart B of this part and it is appropriate and administratively feasible to do so, the requester shall be informed of any information known to the Department indicating that the record may not be fully accurate, complete, or timely.

[40 FR 44505, Sept. 26, 1975, as amended at 48 FR 56584, Dec. 22, 1983; 50 FR 45114, Oct. 30, 1985]

§2.57 Accounting for disclosures.

(a) Maintenance of an accounting. (1) Where a record is disclosed to any person, or to another agency, under any of the specific exceptions provided by §2.56 (c), an accounting shall be made.

(2) The accounting shall record (i) the date, nature, and purpose of each disclosure of a record to any person or to another agency and (ii) the name and address of the person or agency to whom the disclosure was made.

(3) Accountings prepared under this section shall be maintained for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made. (b) Access to accountings. (1) Except for accountings of disclosures made under §2.56(c)(5), accountings of all disclosures of a record shall be made available to the individual to whom the record relates at the individual's request.

(2) An individual desiring access to an accounting of disclosures of a record pertaining to the individual shall submit a request by following the procedures of §2.63.

(c) Notification of disclosure. When a record is disclosed pursuant to §2.56(c)(9) as the result of the order of a court of competent jurisdiction, reasonable efforts shall be made to notify the individual to whom the record pertains as soon as the order becomes a matter of public record.

[40 FR 44505, Sept. 26, 1975, as amended at 48 FR 56584, Dec. 22, 1983]

§§ 2.58-2.59 [Reserved]

$2.60 Request for notification of existence of records: Submission.

(a) Submission of requests. (1)(i) Individuals desiring to determine under the Privacy Act whether a system of records contains records pertaining to them shall address inquiries to the system manager having responsibility for the system unless the system notice describing the system prescribes or permits submission to some other official or officials.

(ii) If a system notice describing a system requires individuals to contact more than two officials concerning the existence of records in the system, individuals desiring to determine whether the system contains records pertaining to them may contact the system manager for assistance in determining which official is most likely to be in possession of records pertaining to those individuals.

(2) Individuals desiring to determine whether records pertaining to them are maintained in two or more systems shall make a separate inquiry concerning each system.

(b) Form of request. (1) An inquiry to determine whether a system of records contains records pertaining to an individual shall be in writing.

(2) To insure expeditious handling, the request shall be prominently marked, both on the envelope and on the face of the request, with the legend "PRIVACY ACT INQUIRY."

(3) The request shall state that the individual is seeking information concerning records pertaining to him or herself and shall supply such additional identifying information, if any, as is called for in the system notice describing the system.

(4) Individuals who have reason to believe that information pertaining to them may be filed under a name other than the name they are currently using (e.g., maiden name), shall include such information in the request.

[40 FR 44505, Sept. 26, 1975, as amended at 48 FR 56584, Dec. 22, 1983]

§ 2.61 Requests for notification of existence of records: Action on.

(a) Decisions on request. (1) Individuals inquiring to determine whether a system of records contains records pertaining to them shall be promptly advised whether the system contains records pertaining to them unless (i) the records were compiled in reasonable anticipation of a civil action or proceeding or (ii) the system of records is one which has been excepted from the notification provisions of the Privacy Act by rulemaking (§2.79).

(2) If the records were compiled in reasonable anticipation of a civil action or proceeding or the system of records is one which has been excepted from the notification provisions of the Privacy Act by rulemaking, the individuals will be promptly notified that they are not entitled to notification of whether the system contains records pertaining to them.

(b) Authority to deny requests. A decision to deny a request for notification of the existence of records shall be made by the system manager responsible for the system of records concerning which inquiry has been made and shall be concurred in by the bureau Privacy Act officer for the bureau which maintains the system, provided, however that the head of a bureau may, in writing, require (1) that the decision be made by the bureau Privacy Act officer and/or (2) that the bureau head's own concurrence in the decision be obtained.

(c) Form of decision. (1) No particular form is required for a decision informing individuals whether a system of records contains records pertaining to them.

(2) A decision declining to inform an individual whether or not a system of records contains records pertaining to him or her shall be in writing and shall:

(i) State the basis for denial of the request.

(ii) Advise the individual that an appeal of the declination may be made to the Assistant Secretary-Policy, Budget and Administration pursuant to §2.65 by writing to the Privacy Act Officer, Office of the Assistant Secretary-Policy, Budget and Adminis

tration, U.S. Department of the Interior, Washington, DC 20240.

(iii) State that the appeal must be received by the foregoing official within twenty (20) working days of the date of the decision.

(3) If the decision declining a request for notification of the existence of records involves Department employee records which fall under the jurisdiction of the Office of Personnel Management, the individual shall be informed in a written response which shall:

(i) State the reasons for the denial. (ii) Include the name, position title, and address of the official responsible for the denial.

(iii) Advise the individual that an appeal of the declination may be made only to the Assistant Director for Workforce Information, Personnel Systems Oversight Group, Office of Personnel Management, 1900 E Street NW., Washington, DC 20415.

(4) Copies of decisions declining a request for notification of the existence of records made pursuant to paragraphs (c)(2) and (c)(3) of this section shall be provided to the Departmental and Bureau Privacy Act Officers.

[48 FR 56584, Dec. 22, 1983, as amended at 53 FR 3749, Feb. 9, 1988]

§2.62 Requests for access to records.

The Privacy Act permits individuals, upon request, to gain access to their records or to any information pertaining to them which is contained in a system and to review the records and have a copy made of all or any portion thereof in a form comprehensive to them. 5 U.S.C. 552a(d)(1). A request for access shall be submitted in accordance with the procedures in this subpart.

[48 FR 56584, Dec. 22, 1983]

§2.63 Requests for access to records: Submission.

(a) Submission of requests. (1)(i) Requests for access to records shall be submitted to the system manager having responsibility for the system in which the records are maintained unless the system notice describing the system prescribes or permits submission to some other official or officials.