Code of Federal Regulations: Containing a Codification of Documents of ...

(iii) System location (see paragraph (d) of this section).

(iv) Categories of individuals covered by the system (see paragraph (e) of this section).

(v) Categories of records in the system (see paragraph (f) of this section).

(vi) Authority for maintenance of the system (see paragraph (g) of this section).

(vii) Purpose(s) (see paragraph (h) of this section).

(viii) Routine uses of records maintained in the system, including categories of users, uses, and purposes of such uses (see paragraph (i) of this section).

(ix) Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system (see paragraph (j) of this section).

(x) Systems manager(s) and address (see paragraph (k) of this section).

(xi) Notification procedure (see paragraph (1) of this section).

(xii) Record access procedures (see paragraph (m) of this section).

(xiii) Contesting records procedures (see paragraph (n) of this section.)

(xiv) Record source categories (see paragraph (0) of this section).

(xv) Systems exempted from certain provision of the Act (see paragraph (p) of this section).

(2) The captions listed in paragraph (a)(1) of this section have been mandated by the Office of Federal Register and must be used exactly as presented. (3) A sample system notice is shown in appendix E.

(b) System identification. The system identifier must appear on all system notices and is limited to 21 positions, including Component code, file number and symbols, punctuation, and spacing.

(c) System name. (1) The name of the system should reasonably identify the general purpose of the system and, if possible, the general categories of individuals involved.

(2) Use acronyms only parenthetically following the title or any portion thereof, such as, “Joint Uniform Military Pay System (JUMPS)." Do not use acronyms that are not commonly known unless they are preceded by an explanation.

(3) The system name may not exceed 55 character positions including punctuation and spacing.

(d) System location. (1) For systems maintained in a single location provide the exact office name, organizational identity, and address or routing symbol.

(2) For geographically or organizationally decentralized systems, specify each level of organization or element that maintains a segment of the system.

(3) For automated data systems with a central computer facility and input/ output terminals at several geographically separated locations, list each location by category.

(4) When multiple locations are identified by type of organization, the system location may indicate that official mailing addresses are contained in an address directory published as an appendix to the Component system notices in the FEDERAL REGISTER. Information concerning format requirements for preparation of an address directory may be obtained from the project officer, Air Force 1st Information Systems Group (AF/11SG/GNR), Washington, DC 20330-6345.

(5) If no address directory is used or the addresses in the directory are incomplete, the address of each location where a segment of the record system is maintained must appear under the "System Location" caption.

(6) Classified addresses are not listed, but the fact that they are classified is indicated.

(7) Use the standard U.S. Postal Service two letter state abbreviation symbols and zip codes for all domestic addresses.

(e) Categories of individuals covered by the system. (1) Set forth the specific categories of individuals to whom records in the system pertain in clear, easily understood, nontechnical terms.

(2) Avoid the use of broad over-general descriptions, such as "all Army personnel" or "all military personnel" unless this actually reflects the category of individuals involved.

(f) Categories of records in the system. (1) Describe in clear, nontechnical terms the types of records maintained in the system.

$310.62

(2) Only documents actually retained in the system of records shall be described, not source documents that are used only to collect data and then destroyed.

(g) Authority for maintenance of the system. (1) Cite the specific provision of the federal statute or Executive Order that authorizes the maintenance of the system.

(2) Include with citations for statutes the popular names, when appropriate (for example, Title 51, U.S. Code, section 2103, "Tea-Tasters Licensing Act"), and for Executive Orders, the official title (for example, Executive Order No. 9397, "Numbering System for Federal Accounts Relating to Individual Persons").

(3) Cite the statute or Executive Order establishing the Component for administrative housekeeping records.

(4) If the Component is chartered by a DoD Directive, cite that Directive as well as the Secretary of Defense authority to issue the Directive. For example, "Pursuant to the authority contained in the National Security Act of 1947, as amended (10 U.S.C. 133d), the Secretary of Defense has issued DoD Directive 5105.21, the charter of the Defense Intelligence Agency (DIA) as a separate Agency of the Department of Defense under his control. Therein, the Director, DIA, is charged with the responsibility of maintaining all necessary and appropriate records."

(h) Purpose or purposes. (1) List the specific purposes for maintaining the system of records by the Component.

(2) Include the uses made of the information within the Component and the Department of Defense (so-called "internal routine uses").

(i) Routine uses. (1) The blanket routine uses (appendix C) that appear at the beginning of each Component compilation apply to all systems notices unless the individual system notice specifically states that one or more of them do not apply to the system. List the blanket routine uses at the beginning of the Component listing of system notices (see paragraph (e)(5) of §310.41 of subpart E).

(2) For all other routine uses, when practical, list the specific activity to which the record may be released, to include any routine automated system

interface (for example, "to the Department of Justice, Civil Rights Compliance Division," "to the Veterans Administration, Office of Disability Benefits," or "to state and local health agencies").

(3) For each routine user identified, include a statement as to the purpose or purposes for which the record is to be released to that activity (see §310.41(e) of subpart E). The routine uses should be compatible with the purpose for which the record was collected or obtained (see §310.3(p), subpart A).

(4) Do not use general statements, such as, "to other federal agencies as required" or "to any other appropriate federal agency."

(j) Policies and practices for storing, retiring, accessing, retaining, and disposing of records. This caption is subdivided into four parts:

(1) Storage. Indicate the medium in which the records are maintained. (For example, a system may be "automated", maintained on magnetic tapes or disks, "manual", maintained in paper files, or "hybrid", maintained in a combination of paper and automated form.) Storage does not refer to the container or facility in which the records are kept.

(2) Retrievability. Specify how the records are retrieved (for example, name and SSN, name, SSN) and indicate whether a manual or computerized index is required to retrieve individual records.

(3) Safeguards. List the categories of Component personnel having immediate access and those responsible for safeguarding the records from unauthorized access. Generally identify the system safeguards (such as storage in safes, vaults, locked cabinets or rooms, use of guards, visitor registers, personnel screening, or computer "failsafe" systems software). Do not describe safeguards in such detail so as to compromise system security.

(4) Retention and disposal. Indicate how long the record is retained. When appropriate, also state the length of time the records are maintained by the Component, when they are transferred to a Federal Records Center, length of retention at the Record Center and

when they are transferred to the National Archivist or are destroyed. A reference to a Component regulation without further detailed information is insufficient.

(k) System manager(s) and address. (1) List the title and address of the official responsible for the management of the system.

(2) If the title of the specific official is unknown, such as for a local system, specify the local commander or office head as the systems manager.

(3) For geographically separated or organizationally decentralized activities for which individuals may deal directly with officials at each location in exercising their rights, list the position or duty title of each category of officials responsible for the system or a segment thereof.

(4) Do not include business or duty E addresses if they are listed in the Component address directory.

(1) Notification procedures. (1) If the record system has been exempted from subsection (e)(4)(G) of the Privacy Act (5 U.S.C. 552a) (see §310.50)(d), so indicate.

(2) For all nonexempt systems, describe how an individual may determine if there are records pertaining to him or her in the system. The procedural rules may be cited, but include a brief procedural description of the needed data. Provide sufficient information in the notice to allow an individual to exercise his or her rights without referral to the formal rules.

(3) As a minimum, the caption shall include:

(i) The official title (normally the system manager) and official address to which the request is to be directed;

(ii) The specific information required to determine if there is a record of the individual in the system.

(iii) Identification of the offices through which the individual may obtain access; and

(iv) A description of any proof of identity required (see § 310.30(c)(1)).

(4) When appropriate, the individual may be referred to a Component official who shall provide this data to him or her.

(m) Record access procedures. (1) If the record system has been exempted from subsection (e)(4)(H) of the Privacy Act

(5 U.S.C. 552a) (see §310.50(d)), so indicate.

(2) For all nonexempt records systems, describe the procedures under which individuals may obtain access to the records pertaining to them in the system.

(3) When appropriate, the individual may be referred to the system manager or Component official to obtain access procedures.

(4) Do not repeat the addresses listed in the Component address directory but refer the individual to that directory.

(n) Contesting record procedures. (1) If the record system has been exempted from subsection (e)(4)(H) of the Privacy Act (5 U.S.C. 552a) (see $310.50(d)), so indicate.

(2) For all nonexempt systems of records, state briefly how an individual may contest the content of a record pertaining to him or her in the system.

(3) The detailed procedures for contesting record accuracy, refusal of access or amendment, or initial review and appeal need not be included if they are readily available elsewhere and can be referred to by the public. (For example, "The Defense Mapping Agency rules for contesting contents and for appealing initial determinations are contained in DMA Instruction 5400.11 (32 CFR part 295c).")

(4) The individual may also be referred to the system manager to determine these procedures.

(0) Record source categories. (1) If the record system has been exempted from subsection (e)(4)(I) of the Privacy Act (5 U.S.C. 552a) (see $310.50(d), subpart F), so indicate.

(2) For all nonexempt systems of records, list the sources of the information in the system.

(3) Specific individuals or institutions need not be identified by name, particularly if these sources have been granted confidentiality (see §310.52(b), subpart F).

(p) System exempted from certain provisions of the Act. (1) If no exemption has been claimed for the system, indicate "None."

(2) If there is an exemption claimed indicate specifically under which subsection of the Privacy Act (5 U.S.C. 552a) it is claimed.

(3) Cite the regulation and CFR section containing the exemption rule for the system. (For example, "Parts of this record system may be exempt under Title 5 U.S. Code, 552a(k)(2) and (5), as applicable. See exemption rules contained in Army Regulation 340-21 (32 CFR part 505).")

(q) Maintaining the master DoD system notice registry. (1) The Defense Privacy Office, ODASD(A) maintains a master registry of all DoD record systems notices.

(2) Coordinate with the Defense Privacy Office, ODASD(A) to ensure that all new systems are added to the master registry and all amendments and alterations are incorporated into the master registry.

[51 FR 2364, Jan. 16, 1986. Redesignated at 56 FR 55631, Oct. 29, 1991, as amended at 56 FR 57800, Nov. 14, 1991]

§310.63 New and altered record systems.

(a) Criteria for a new record system. (1) A new system of records is one for which there has been no system notice published in the FEDERAL REGISTER.

(2) If a notice for a system of records has been canceled or deleted before reinstating or reusing the system, a new system notice must be published in the FEDERAL REGISTER.

(b) Criteria for an altered record system. A system is considered altered whenever one of the following actions occurs or is proposed:

(1) A significant increase or change in the number or type of individuals about whom records are maintained.

(i) Only changes that alter significantly the character and purpose of the record system are considered alterations.

(ii) Increases in numbers of individuals due to normal growth are not considered alterations unless they truly alter the character and purpose of the system;

(iii) Increases that change significantly the scope of population covered (for example, expansion of a system of records covering a single command's enlisted personnel to include all of the Component's enlisted personnel would be considered an alteration).

(iv) A reduction in the number of individuals covered is not an alteration,

but only an amendment (see paragraph (a) of § 310.64 of this subpart).

(v) All changes that add new categories of individuals to system coverage require a change to the "Categories of individuals covered by the system" caption of the notice (§310.62(e)) and may require changes to the "Purpose(s)" caption (§ 310.62(h)).

(2) An expansion in the types or categories of information maintained.

(i) The addition of any new category of records not described under the "Categories of Records in System" caption is considered an alteration.

(ii) Adding a new data element which is clearly within the scope of the categories of records described in the existing notice is an amendment (see §310.64(a) of this subpart).

(iii) All changes under this criterion require a change to the "Categories of Records in System" caption of the notice (see §310.62(f) of this subpart).

(3) An alteration in the manner in which the records are organized or the manner in which the records are indexed and retrieved.

(i) The change must alter the nature of use or scope of the records involved (for example, combining records systems in a reorganization).

(ii) Any change under this criteria requires a change in the "Retrievability" caption of the system notice (see §310.62(j)(2) of this subpart).

(iii) If the records are no longer retrieved by name or personal identifier cancel the system notice (see §310.10(a) of subpart B).

(4) A change in the purpose for which the information in the system is used. (i) The new purpose must not be compatible with the existing purposes for which the system is maintained or a use that would not reasonably be expected to be an alteration.

(ii) If the use is compatible and reasonably expected, there is no change in purpose and no alteration occurs.

(iii) Any change under this criterion requires a change in the “Purpose(s)" caption (see §310.62(h) of this subpart) and may require a change in the "Authority for maintenance of the system" caption (see §310.62(g) of this subpart).

(5) Changes that alter the computer environment (such as changes to equipment configuration, software, or procedures) so as to create the potential for greater or easier access.

(i) Increasing the number of offices with direct access is an alteration.

(ii) Software releases, such as operating systems and system utilities that provide for easier access are considered alterations.

(iii) The addition of an on-line capability to a previously batch-oriented system is an alteration.

(iv) The addition of peripheral devices such as tape devices, disk devices, card readers, printers, and similar devices to an existing ADP system constitute an amendment if system security is preserved (see paragraph (a) of §310.64 of this subpart).

(v) Changes to existing equipment configuration with on-line capability need not be considered alterations to the system if:

(A) The change does not alter the present security posture; or

(B) The addition of terminals does not extend the capacity of the current operating system and existing security is preserved;

(vi) The connecting of two or more formerly independent automated systems or networks together creating a potential for greater access is an alteration.

(vii) Any change under this caption requires a change to the "Storage” caption element of the systems notice (see § 310.62(j)(1) of this subpart).

(c) Reports of new and altered systems. (1) Submit a report of a new or altered system to the Defense Privacy Office before collecting information for or using a new system or altering an existing system (see appendix F and paragraph (d) of this section).

(2) The Defense Privacy Office, ODASD(A) coordinates all reports of new and altered systems with the Office of the Assistant Secretary of Defense (Legislative Affairs) and the Office of the General Counsel, Department of Defense.

(3) The Defense Privacy Office prepares for the DASD(A)'s approval and signature the transmittal letters sent to OMB and Congress (see paragraph (e) of this section).

(d) Time restrictions on the operation of a new or altered system. (1) All time periods begin from the date the DASD(A) signs the transmittal letters (see paragraph (c)(3) of this section). The specific time limits are:

(i) 60 days must elapse before data collection forms or formal instructions pertaining to the system may be issued.

(ii) 60 days must elapse before the system may become operational; (that is, collecting, maintaining, using, or disseminating records from the system) (see also § 310.60(f) of this subpart).

(iii) 60 days must elapse before any public issuance of a Request for Proposal or Invitation to Bid for a new ADP or telecommunication system.

NOTE: Requests for delegation of procurement authority may be submitted to the General Services Administration during the 60 days' waiting period, but these shall include language that the Privacy Act reporting criteria have been reviewed and that a system report is required for such procurement.

(iv) Normally 30 days must elapse before publication in the FEDERAL REGISTER of the notice of a new or altered system (see $310.60(f) of this subpart) and the preamble to the FEDERAL REGISTER notice must reflect the date the transmittal letters to OMB and Congress were signed by DASD(A).

(2) Do not operate a system of records until the waiting periods have expired (see §310.103 of subpart K).

(e) Outside review of new and altereḍ systems reports. If no objections are received within 30 days of a submission to the President of the Senate, Speaker of the House of Representatives, and the Director, OMB, of a new or altered system report it is presumed that the new or altered systems have been approved as submitted.

(f) Exemptions for new systems. See $310.60(e) of this subpart for the procedures to follow in submitting exemption rules for a new system of records.

(g) Waiver of time restrictions. (1) The OMB may authorize a federal agency to begin operation of a system of records before the expiration of time limits set forth in §310.63(d) of this subpart.

(2) When seeking such a waiver, include in the letter of transmittal to the Defense Privacy Office, ODASD(A) an explanation why a delay of 60 days in

« Previous Continue »

Books