record may be maintained describing how any individual exercises rights guaranteed by the First Amendment to the Constitution unless (1) expressly authorized by statute or by the individual about whom the record is maintained or (2) pertinent to and within the scope of an authorized law enforcement activity.

§ 2.49 [Reserved]

§ 2.50 Federal Register notices describing systems of records.

(a) The Privacy Act requires annual publication of a notice in the FEDERAL REGISTER describing each system of records subject to the Act. 5 U.S.C. 552a(e) (4).

(b) Each bureau shall notify the Departmental Privacy Act Officer, no later than August 1 of each year, of any modifications or amendments which are required in the then-current notice describing the system for which he is responsible.

(c) A bureau desiring to establish a new system of records or a new use for an existing system of records shall notify the Departmental Privacy Act Officer, no fewer than seventy-five (75) calendar days in advance.

§ 2.51 Assuring integrity of records.

(a) Statutory requirement. The Privacy Act requires that records subject to the Act be maintained with appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarassment, inconvenience, or unfairness to any individual on whom information is maintained, 5 U.S.C. 552a(e)(10).

(b) Records maintained in manual form. When maintained in manual form, records subject to the Privacy Act shall be maintained, at a minimum, subject to the following safeguards, or safeguards affording comparable protection:

(1) Areas in which the records are maintained or regularly used shall be posted with an appropriate warning stating that access to the records is limited to authorized persons. The

warning shall also summarize the requirements of § 2.52 and state that the Privacy Act contains a criminal penalty for the unauthorized disclosure of records to which it applies.

(2) During working hours, (i) the area in which the records are maintained or regularly used shall be occupied by authorized personnel or (ii) access to the records shall be restricted by their storage in locked metal file cabinets or a locked room.

hours,

(3) During non-working access to the records shall be restricted by their storage in locked metal file cabinets or a locked room.

(4) Where a locked room is the method of security provided for a system, the bureau responsible for the system shall, no later than December 31, 1976, supplement that security by (i) providing lockable file cabinets or containers for the records or (ii) changing the lock or locks for the room so that they may not be opened with a master key. For the purposes of this paragraph, a master key is a key which may be used to open rooms other than the room containing records subject to the Privacy Act, unless those rooms are utilized by officials or employees authorized to have access to the records subject to the Privacy Act.

(c) Records maintained in computerized form. When maintained in computerized form, records subject to the Privacy Act shall be maintained, at a minimum, subject to safeguards based on those recommended in the National Bureau of Standard's booklet "Computer Security Guidelines for Implementing the Privacy Act of 1974" (May 30, 1975), and any supplements thereto, which are adequate and appropriate to assuring the integrity of records in the system.

(d) Civil Service Commission personnel records. A system of records made up of Civil Service Commission personnel records shall be maintained under the security requirements set out in 5 CFR 293.108.1

(e) Bureau responsibility. (1) The bureau responsible for a system of rec

'Text of 5 CFR 293.108 will be set out when that section is finalized by the Civil Service Commission.

ords shall be responsible for assuring that specific procedures are developed to assure that the records in the system for which it is responsible are maintained with security meeting the requirements of the Act and this sec

tion.

(2) These procedures shall be in writing and shall be posted or otherwise periodically brought to the attention of employees working with the records contained in the system.

§ 2.52 Conduct of employees.

(a) Handling of records subject to the Act. Employees whose duties require handling of records subject to the Privacy Act shall, at all times, take care to protect the integrity, security and confidentiality of these records.

(b) Disclosure of records. No employ. ee of the Department may disclose records subject to the Privacy Act unless disclosure is permitted under § 2.5€ or is to the individual to whom the record pertains.

(c) Alteration of records. No employee of the Department may alter or destroy a record subject to the Privacy Act unless (1) such alteration or destruction is properly undertaken in the course of the employee's regular duties or (2) such alteration or destruction is required by a decision under §§ 2.70-2.75 or the decision of a court of competent jurisdiction.

(d) Bureau responsibility. The bureau responsible for a system of records shall be responsible for assuring that employees with access to the system are made aware of the requirements of this section and of 5 U.S.C. 552a(i)(1), which imposes criminal penalties for knowingly and willfully disclosing a record about an individual without the written request or consent of that individual unless disclosure is permitted under one of the exceptions listed in § 2.56 (b) and (c).

tions contained in this subpart to be applied to such system.

(b) System manager. The head of the bureau responsible for the contract shall designate a regular employee of the bureau to be the manager for a system of records operated by a contractor.

§§ 2.54-2.55 [Reserved]

§ 2.56 Disclosure of Records.

(a) Prohibition of disclosure. No record contained in a system of records may be disclosed by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains.

(b) General exceptions. The prohibition contained in paragraph (a) does not apply where disclosure of the record would be:

(1) To those officers or employees of the Department who have a need for the record in the performance of their duties; or

(2) Required by the Freedom of Information Act, 5 U.S.C. 552.

(c) Specific exceptions. The prohibition contained in paragraph (a) does not apply where disclosure of the record would be:

(1) For a routine use as defined in § 2.46(j) which has been described in a systems notice published in the FEDERAL REGISTER;

(2) To the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of Title 13, United States Code.

(3) To a recipient who has provided the System Manager responsible for the system in which the record is maintained with advance adequate written assurance that the record will be used solely as a statistical research or reporting record, and the record is to be transferred in a form that is not individually identifiable;

(4) To the National Archives of the United States as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Administrator of General Services or his designee to de

termine whether the record has such value;

(5) To another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the Department specifying the particular portion desired and the law enforcement activity for which the record is sought;

(6) To a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual if upon such disclosure notification is transmitted to the last known address of such individual;

(7) To either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee of Congress or subcommittee of any such joint committee;

(8) To the Comptroller General, or any of his authorized representatives, in the course of the performance of the duties of the General Accounting Office; or

(9) Pursuant to the order of a court of competent jurisdiction.

(d) Reviewing records prior to disclosure. (1) Prior to any disclosure of a record about an individual, unless disclosure is required by the Freedom of Information Act, reasonable efforts shall be made to assure that the records are accurate, complete, timely and relevant for agency purposes.

(2) When a record is disclosed in connection with a Freedom of Information request made under Subpart B of this part and it is appropriate and administratively feasible to do so, the requester shall be informed of any information known to the Department indicating that the record may not be fully accurate, complete, or timely.

§ 2.57 Accounting for disclosures.

(a) Maintenance of an accounting. (1) Where a record is disclosed to any person, or to another agency, under any of the specific exceptions provided by § 2.56 (c), an accounting shall be made.

(2) The accounting shall record (i) the date, nature, and purpose of each disclosure of a record to any person or to another agency and (ii) the name and address of the person or agency to whom the disclosure was made.

(3) Accountings prepared under this section shall be maintained for at least five years or the life of the record, whichever is longer, after the disclosure for which the accounting is made.

(b) Access to accountings. (1) Except for accountings of disclosures made under § 2.56(c)(5), accountings of all disclosures of a record shall be made available to the individual to whom the record relates at his request.

(2) An individual desiring access to accountings of disclosures of a record pertaining to him shall submit his request by following the procedures of § 2.63.

§ 2.60 Request for notification of existence of records: Submission.

(a) Submission of requests. (1)(i) An individual desiring to determine under the Privacy Act whether a system of records contains records pertaining to him shall address his inquiry to the system manager having responsibility for the system unless the system notice describing the system prescribes or permits submission to some other official or officials.

(ii) If a system notice describing a system requires that an individual contact more than two officials concerning the existence of records in the system, an individual desiring to determine whether the system contains records pertaining to him may contact the system manager for assistance in determining which official is most likely to be in possession of records pertaining to that individual.

(2) If an individual desires to determine whether records pertaining to him are maintained in two or more

80-147 0-81--3

systems, he shall make a separate inquiry concerning each system.

(b) Form of request. (1) An inquiry to determine whether a system of records contains records pertaining to an individual shall be in writing.

(2) To insure expeditious handling, the request shall be prominently marked, both on the envelope and on the face of the request, with the legend "PRIVACY ACT INQUIRY."

(3) The request shall state that the individual is seeking information concerning records pertaining to himself and shall supply such additional identifying information, if any, as is called for in the system notice describing the system.

(4) If an individual has reason to believe that information pertaining to him or her may be filed under a name other than the name he or she is currently using (e.g., a maiden name), he or she shall include this information in the request.

§ 2.61 Requests for notification of existence of records: Action on.

(a) Decisions on Request. (1) An individual inquiring to determine whether a system of records contains records pertaining to him shall be promptly advised whether or not the system does contain records pertaining to him unless (i) the records were compiled in reasonable anticipation of a civil action or proceeding or (ii) the system of records is one which has been excepted from the notification provisions of the Privacy Act by rulemaking.

a

(2) If the records were compiled in reasonable anticipation of civil action or proceeding or the system of records is one which has been excepted from the notification provisions of the Privacy Act by rulemaking, the individual will be promptly notified that he is not entitled to notification of whether the system contains records pertaining to him.

(b) Authority to deny requests. A decision to deny a request for notification of the existence of records shall be made by the system manager responsible for the system of records concerning which inquiry has been made and shall be concurred in by the bureau Privacy Act officer for the

bureau which maintains the system, provided, however that the head of a bureau may, in writing, require (1) that the decision be made by the bureau Privacy Act officer and/or (2) that his (the bureau head's) own concurrence in the decision be obtained.

(c) Form of decision. (1) No particular form is required for a decision informing an individual whether or not a system of records contains records pertaining to him.

(2) A decision declining to inform an individual whether or not a system of records contains records pertaining to him shall be in writing and shall state the basis for denial of the request and shall advise the individual that he may appeal the declination to the Assistant Secretary-Management pursuant to § 2.65 by writing to the Privacy Act Officer, Office of the Assistant Secretary-Management, U.S. Department of the Interior, Washington, D.C. 20240, and that the appeal must be received by this official within twenty (20) days (Saturdays, Sundays and public legal holidays excepted) of the date of the decision.

§ 2.62 Requests for access to records.

The Privacy Act permits an individual, upon his request, to gain access to his record or to any information pertaining to him which is contained in a system and to review the record and have a copy made of all or any portion thereof in a form comprehensive to him. 5 U.S.C. 552a(d)(1). A request for access shall be submitted in accordance with the procedures in this subpart.

§ 2.63 Requests for access to records: Submission.

(a) Submission of requests. (1) (i) Requests for access to records shall be submitted to the system manager having responsibility for the system in which the records are maintained unless the system notice describing the system prescribes or permits submission to some other official or officials.

(ii) If a system notice describing a system requires that an individual contact more than two officials concerning access to records in the system, an

individual desiring to request access to records pertaining to him may contact the system manager for assistance in determining which official is most likely to be in custody of records pertaining to that individual.

(2) If an individual desires access to records maintained in two or more separate systems, he shall submit a separate request for access to the records in each system.

(b) Form of request. (1) A request for access to records subject to the Privacy Act shall be in writing.

(2) To insure expeditious handling, the request shall be prominently marked, both on the envelope and on the face of the request, with the legend "PRIVACY ACT REQUEST FOR ACCESS."

(3) The request shall specify whether the requester seeks all of the records contained in the system which relate to him or only some portion thereof. If the requester seeks only a portion of the records which relate to him, the request shall reasonably describe the specific record or records sought.

(4) If the requester seeks to have copies of the requested records made, the request shall state the maximum amount of copying fees which the requester is willing to pay. A request which does not state the amount of fees the requester is willing to pay will be treated as a request to inspect the requested records. Requesters are further notified that under § 2.64(d) the failure to state willingness to pay fees as high as are anticipated by the Department will delay processing of a request.

(5) The request shall supply such identifying information, if any, as is called for in the system notice describing the system.

(6) Requests failing to meet the requirements of this paragraph shall be returned to the requester with a written notice advising the requester of the deficiency in the request.

§ 2.64 Requests for access to records: Initial decision.

(a) Decisions on requests. A request made under this subpart for access to a record shall be granted promptly unless (1) the record was compiled in

reasonable anticipation of a civil action or proceeding or (2) the record is contained in a system of records which has been excepted from the access provisions of the Privacy Act by rulemaking.

(b) Authority to deny requests. A decision to deny a request for access under this subpart shall be made by the system manager responsible for the system of records in which the requested record is located and shall be concurred in by the bureau Privacy Act officer for the bureau which maintains the system, provided, however, that the head of a bureau may, in writing, require (1) that the decision be made by the bureau Privacy Act officer and/or (2) that his (the bureau head's) own concurrence in the decision be obtained.

(c) Form of decision. (1) No particular form is required for a decision granting access to a record. The decision shall, however, advise the individual requesting the record as to where and when the record is available for inspection or, as the case may be, where and when copies will be available. If fees are due under § 2.64(d), the individual requesting the record shall also be notified of the amount of fees due or, if the exact amount has not been determined, the approximate amount of fees due.

(2) A decision denying a request for access, in whole or part, shall be in writing and shall state the basis for denial of the request. The decision shall also contain a statement that the denial may be appealed to Assistant Secretary-Management pursuant to § 2.65 by writing to Privacy Act Officer, Office of Assistant Secretary-Management, U.S. Department of the Interior, Washington, D.C. 20240, and that the appeal must be received by this official within twenty (20) days (Saturdays, Sundays and public legal holidays excepted) of the date of the decision.

(d) Fees. (1) No fees may be charged for the cost of searching for or reviewing a record in response to a request made under § 2.63.

(2) Fees for copying a record in response to a request made under § 2.63 shall be charged in accordance with the schedule of charges contained in