OFFICE OF
ENVIRONMENTAL
INFORMATION
Privacy Act Manual
EPA 2190, December 2005
-------�
til*
Privacy Act Manual
Abstract
U.S. EPA Directive 2190 - Privacy Act Manual (Revised December 2005) establishes policy and
procedures for protecting the privacy of individuals who are identified in the Environmental Protection
Agency's information systems and informs Agency employees and officials of their rights and
responsibilities under the Privacy Act (5 U.S.C. 552a).
Quick Table of Contents
Chapter 1 - Policy and Responsibilities
Chapter 2 - Procedures for Creating, Altering, or Terminating a System of Records
Chapter 3 - Access and Amendment (Revised December 2005)
Chapter 4 - Physical Safeguards
Full Table of Contents
Chapter 1 - Policy and Responsibilities
1. Purpose
2. Policy
3. Scope
4. Definitions
5. Legal Authority and Administrative Guidelines
6. Basic Requirements of the Privacy Act
7. Responsibilities
8. Penalties
9. Existing Privacy Systems
10. Other Pertinent EPA Directives
Figures
1-1. Definitions Applicable to the Privacy Act
1-2. Exceptions to the Privacy Act Prohibition Against Disclosure
1-3. EPA Systems of Records
Chapter 2 - Procedures for Creating, Altering, or Terminating a System of Records
1. Purpose
2. Responsibility
3. New System of Records
4. Significant Alteration of a System of Records
5. Documentation of New System or Significant Alteration of Existing System
6. Requests for Waiver of OMB's Sixty Day Advance Notice Period
7. Minor Alterations to System of Records
8. Termination of System of Records
Figures
2-1. Documentation InstructionsNew System and Major Alterations
-------�
til*
2-2. Documentation InstructionsTermination of System
Chapter 3 - Access and Amendment (Revised December 2005)
1. Purpose
2. Processing Requests for Access
3. Processing Access Appeals
4. Processing Requests for Amendments
5. Establishing Privacy Act Case Files
Figures
3-1. Sample Privacy Act Request Letter
Chapter 4 - Physical Safeguards
1. Purpose
2. Policy
3. Protection of Privacy Act Records
4. Transfer/Destruction of Privacy Act Records
Chapter 1. Policy and Responsibilities
1. PURPOSE. This Manual establishes policy and procedures for protecting the privacy of
individuals who are identified in the Environmental Protection Agency's information systems
and informs Agency employees and officials of their rights and responsibilities under the Privacy
Act (5 U.S.C. 552a). It supplements the EPA regulations in Part 16, Title 40, Code of Federal
Regulations (CFR).
2. POLICY. The Agency will safeguard personal privacy in its collection, maintenance, use, and
dissemination of information about individuals and make such information available to the
individual in accordance with the requirements of the Privacy Act.
3. SCOPE. This Manual applies to any records under the control of the Agency from which
information on a subject individual is retrieved by a personal identifier assigned to the
individual. The identifier may be the name of the individual, a number, a symbol, or any other
specific retriever assigned to such individual. This Manual applies to such records maintained by
the Agency in-house or maintained by a contractor or grantee on behalf of the Agency to
accomplish an Agency function.
4. DEFINITIONS. Definitions applicable to this Manual are located at Figure 1-1, Definitions
Applicable to the Privacy Act.
5. LEGAL AUTHORITY AND ADMINISTRATIVE GUIDELINES. The provisions of this Manual
are based on these authorities:
a. The Privacy Act of 1974, 5 U.S.C. 552a, as amended.
b. OMB Circular No. A-108 (as amended), Responsibilities for the Maintenance of Records
About Individuals by Federal Agencies.
c. OMB's Privacy Act Implementing Guidelines published at 40 Federal Register 28948 and
at 49 Federal Register 12338.
d. EPA's Privacy Act Regulations published at 40 CFR Part 16.
6. BASIC REQUIREMENTS OF THE PRIVACY ACT. The basic requirements of the Privacy Act
are summarized below:
-------�
til*
a. At least sixty days prior to creation of a new System of Records or significant alteration
to an existing System, the Agency must submit documentation to OMB and the
Congress, and publish a notice of the System in the Federal Register. (See Chapter 2
for details.)
b. Each time the Agency creates a new System of Records or requests that an individual
provide his/her social security number, the System Manager must provide the
individual with a written "privacy act statement." The statement will inform the
individual of the legal authority for collecting the information; whether disclosure of
such information by the individual is mandatory or voluntary; the purpose for which the
information is being collected and the routine uses which may be made of the
information; and the effect on the individual if the individual does not provide the
information.
c. To the greatest extent practicable, information about an individual must be collected
directly from the individual if the information may be used to make decisions with
respect to the individual's rights, benefits, and privileges under Federal programs.
d. The information that the Agency collects and maintains about individuals must be
relevant and necessary to the accomplishment of the Agency's purpose as required by
statute or Executive order. The office concerned must establish the relevancy of and
need for the information, as well as the authority to collect it.
e. The information that is maintained in a System of Records must be kept as accurate,
relevant, current, and complete as is possible to assure fairness to the individual.
f. The Agency, upon request from a subject individual, must notify the individual that it is
maintaining a record on him/her and must grant the individual access to the record
unless the Agency has published a rule exempting the System of Records from this
requirement. In addition, the Agency must amend such record upon request, unless the
Agency has published a rule exempting the System from this requirement, whenever
the subject individual proves that the record is not accurate, relevant, current, or
complete. If the Agency does not grant access to or amend an individual's record upon
request, it must inform the individual of its refusal to grant access to or amend such
record and advise him/her of the appeal rights. (See Chapters 2 and 3 for details.)
g. The Agency must not disclose information from records maintained in a System of
Records to any person or agency, except with written consent of the individual to whom
the record pertains. There are, however, twelve exceptions which permit disclosures
without consent of the individual. They are listed in Figure 1-2. Any other disclosure of
the records (other than to the subject individual) is unauthorized.
h. Except for disclosures to EPA officials and employees with an official need to know and
disclosures required to be made under the Freedom of Information Act, an accounting
of the disclosures that are made from a System of Records must be maintained by the
System Manager. Each accounting must include the date, nature, and purpose of the
disclosure, and the name and address of the person or agency to whom the disclosure
was made. The accounting must be retained for the life of the record or for five years
after disclosure, whichever is longer.
i. Each year, at the call of OMB, the Information Management Branch, IMSD, must
prepare and submit a report of Agency activities under the Privacy Act.
7. RESPONSIBILITIES.
a. Assistant Administrators, Inspector General, General Counsel, Associate
Administrators, Regional Administrators, Laboratory Directors, and Staff Office
Directors. These officials are responsible for implementing the Privacy Act and the
requirements specified in this Manual within their respective areas. They are
responsible for designating an appropriate EPA employee to serve as System Manager
for an existing or proposed System of Records.
-------�
til*
b. Director, Information Management and Services Division, IMSD, Office of
Information Resources Management. This individual provides overall management
and policy guidance. The Chief, Information Management Branch, IMSD, is the Privacy
Policy Officer and is responsible for policy, procedures and oversight of the Act. He/she
administers activities related to establishment, alteration or termination of Systems.
c. General Counsel. The General Counsel is the EPA Privacy Appeals Officer and is
responsible for interpreting the Act, reviewing Privacy Act notices, regulations, policy
statements and related documents for legal form and substance and deciding all written
appeals of negative determinations.
d. Director, Personnel Management Division. The Director, Personnel Management
Division, is responsible for reviewing proposed or altered systems for personnel
management implications.
e. Managers and Supervisors. Managers and supervisors who maintain records subject
to the Privacy Act are responsible for implementing the provisions of this Manual within
their respective areas.
f. System Manager. The EPA employee responsible for the application of approved
Privacy Act policies and procedures relating to an existing or proposed System of
Records and, when appropriate, implementing additional practices and procedures to
cover special conditions or situations that may arise within the System of Records. In
addition, the System Manager is responsible for:
1. Preparing documentation required by the Privacy Act, including notices of new,
altered or terminated Systems of Records for publication in the Federal Register.
(See Chapter 2.)
2. Making initial decisions whether to grant an individual access to his/her records or
amend such records, and whether to extend the date of initial determination
concerning requests for access to or amendment of records under the Act.
3. Safeguarding the System under his/her jurisdiction. (See Chapter 4.)
4. Informing employees having official access to the System of the penalties under the
Privacy Act. (See par. 8.)
8. PENALTIES. The Privacy Act imposes criminal penalties directly on individuals if they violate
certain provisions of the Act. Any Federal employee, for instance, is subject to a misdemeanor
charge and a fine of not more than $5,000 whenever such employee:
a. Knowing that disclosure is prohibited, willfully discloses in any manner records in a
System of Records to any person or agency not entitled to access to such records.
b. Willfully maintains a System of records without publishing the prescribed public notice
on the System in the Federal Register.
c. Knowingly and willfully requests or obtains any record from any System of Records
under false pretenses. (The penalty for violation of this provision is not limited to
Federal Employees.)
(The System Manager is responsible for making employees working with a System of
Records fully aware of these provisions and the corresponding penalties.)
9. EXISTING PRIVACY SYSTEMS. Figure 1-3 lists existing EPA Systems of Records which have
been documented. (Notice published in the Federal Register.)
10. OTHER PERTINENT EPA DIRECTIVES. Additional guidance relevant to carrying out the
provisions of the Privacy Act is found in other EPA directives as follows:
a. Forms Management Manual, Chapter 1, for forms developed in connection with the
Privacy Act.
-------�
b. Federal Acquisition Regulation Subpart 24.1 and EPA Acquisition Regulation Subpart 15-
24.1 for contracts involving collection and maintenance of information on individuals.
c. Delegations Manual 1-33 for authority to make determinations on appeals from the
initial denial and to make determinations on correction or amendment.
d. Reports Management Manual, Chapter 4, for policy on collecting information from the
public.
e. Records Management Manual, Chapters 1 and 3, for management and disposal of
records.
f. EPA Order 1515.1C dated 8/23/78 for Freedom of Information Act procedures.
g. Federal Register Document Drafting Handbook for preparation of Federal Register
documents.
h. Facilities and Support Services Manual, Security Volume, Part III, Chapter 13, for
security requirements for Privacy Act data.
Figure 1-1: Definitions Applicable to the Privacy Act
The following definitions are applicable to this Manual:
1. "Access" means availability of a record to a subject individual.
2. "Agency" means the U.S. Environmental Protection Agency.
3. "Disclosure" means the availability or release of a record to anyone other than the subject
individual.
4. "Individual" means a citizen of the U.S. or an alien lawfully admitted for permanent residence.
It does not include businesses or corporations and, in certain circumstances, may not include
sole proprietorships, partnerships, or persons acting in a business capacity identified by the
name of one or more persons.
5. "Maintain" means to collect, use, or disseminate when used in connection with the term
"record"; and, to have control over or responsibility for a System of Records when used in
connection with the term "System of Records".
6. "Personal identifier" is any individual number, symbol, or other identifying designation assigned
to an individual but not a name, number, symbol, or other identifying designation that
identifies a product, establishment, or action.
7. "Record" means any collection or grouping of information about an individual that is maintained
by the Agency, including but not limited to the individual's education, financial transactions,
medical history, and criminal or employment history and that contains his/her name, or an
identifying number, symbol, or other identifying particular assigned to the individual, such as a
finger or voice print or photograph.
8. "Routine use" means, with respect to the disclosure of a record to a person or agency other
than EPA, the use of a record for a purpose which is compatible with the purpose for which the
record was collected. It includes disclosures required to be made by statute other than the
Freedom of Information Act, 5 U.S.C. 552. It does not include other disclosures which are
permitted to be made without the consent of the subject individual pursuant to Section 552a(b)
of the Privacy Act, such as disclosures to EPA employees who have official need for the record,
to the Bureau of the Census, to the General Accounting Office or to the Congress.
9. "Subject individual" is the individual to whom a record pertains.
10. "System Manager" is the EPA employee designated as the responsible manager of a System of
Records.
-------�
11. "System of Records" means any group of records under the control of the Agency from which
information is retrieved by personal identifier such as the name of the individual, or a number,
symbol, or other unique identifier assigned to the individual. Single Agency records or groups of
records which are not retrieved by a personal identifier are not part of a System of Records.
Uncirculated personal records maintained by individual employees of the Agency which are
prepared, maintained, or discarded at the discretion of the employee and which are not subject
to the Federal Records Act, 44 U.S.C. 3101, do not constitute a System of Records; provided
that such personal papers are not used by the employee or the Agency to make any
determination concerning the rights, benefits, or privileges of individuals, and are not
incorporated into an existing System of Records. A System of Records comes under the
provisions of the Privacy Act.
Figure 1-2: Exceptions to the Privacy Act Prohibition
against Disclosure
1. Internal Disclosures. The System Manager may make disclosures to officers and employees
of the Agency who have a need for the record in the performance of their duties as determined
by the System Manager. In some limited circumstances, disclosures to EPA contractors may be
considered internal disclosures. Employees should consult with the Office of General Counsel if
they have questions in this area.
2. Disclosures Under the Freedom of Information Act. Disclosures may be made when
required by the Freedom of Information Act if there is a written Freedom of Information Act
request. However, when the Freedom of Information Act does not require disclosure, but
merely permits disclosure at the Agency's discretion, the Privacy Act disclosure prohibition is
applicable.
3. Routine Use. Disclosures may be made for a routine use as described and published in the
Federal Register notice describing the System or Records.
4. Bureau of the Census. Disclosures may be made to the Bureau of the Census for the purpose
of planning or carrying out a census or survey or related activity.
5. Statistical Research/Reporting. Disclosures may be made to a recipient who has provided
the Agency with advanced adequate written assurance that the record will be used solely as a
statistical research or reporting record, and that the record is to be transferred in a form that is
not individually identifiable.
6. Preservation of Records. Disclosures may be made to the National Archives of the United
States of a record which has sufficient historical or other value to warrant its continued
preservation by the United States Government, or for evaluation by the National Archives and
Records Administration to determine whether the record has such value.
7. Civil or Criminal Law Enforcement. Disclosures may be made to another agency or to an
instrumentality of any governmental jurisdiction within or under the control of the United
States for a civil or criminal law enforcement activity if the activity is authorized by law, and if
the head of the agency or instrumentality has made a written request to the Agency specifying
the particular portion of a record desired and the law enforcement activity for which the record
is sought.
8. Health or Safety. Disclosures may be pursuant to a showing of compelling circumstances
affecting the health or safety of individuals if upon such disclosure notification is transmitted to
the last known address of such individual.
9. Congressional Disclosures. Disclosures may be made to either House of Congress, or to the
extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint
committee of Congress or subcommittee or any such joint committee. This exception does not
apply to disclosures to individual members of Congress without consent of the individual.
-------�
10. General Accounting Office. Disclosures may be made to the General Accounting Office for
the purpose of carrying out the duties of that office.
11. Court Order. Disclosures may be made pursuant to the order of a court of competent
jurisdiction.
12. Debt Collection. Disclosure may be made to a consumer reporting agency in accordance with
Section 3(d) of the Federal Claims Collection Act of 1966 (31 U.S.C. 3701(a)(3)).
Figure 1-3: EPA Systems of Records
Following is a list of EPA documented Systems of Records:
System No. and Name
EPA-1 - Payroll System
EPA-2 - Personnel Records
EPA-3 - Health Unit & Stress Lab Med Records
EPA-4 - Inspection Reports
EPA-5 - Personnel Security File
EPA-6 - Security Computer Program System
EPA-7 - Travel Voucher, Advance Cards &
Payee File System
EPA-8 - Confidential Statement of
Employment & Financial Interest
EPA-9 - Freedom of Information Act File
EPA-10 - Parking Control File
EPA-11 - Terminated
EPA-12 - Terminated
EPA-13 - Time Accounting Information
System
EPA-14 - Enforcement Case Support Expert
Resources Inventory System
Office
Payroll Accounts Office
Personnel Management Div.; Local Personnel
Officers
Personnel Management Div.
Office of Inspector General
Office of Inspector General
Office of Inspector General
Financial Management Div.
Office of General Counsel
Freedom of Information Offices; Grants, Contracts
and General Admin. Div., OGC
Facilities & Support Services Div.
Program Support Division, Office of Pesticide
Programs
Technical Support Branch, Off. of Waste Prog.
Enforcement
-------�
til*
Chapter 2. Procedures for Creating, Altering or
Terminating a System of Records
1. PURPOSE. This Chapter outlines procedures for the creation, alteration, or termination of a
System of Records that meets the requirements of the Privacy Act.
2. RESPONSIBILITY. Assistant Administrators, the Inspector General, the General Counsel,
Associate Administrators, Regional Administrators, Laboratory Directors, and Staff Office
Directors are responsible for designating System Managers to carry out procedures for creating,
altering, or terminating a System of Records.
3. NEW SYSTEM OF RECORDS. A new System of Records is one for which no public notice has
been published in the Federal Register. Specifically, a new System is created whenever any one
of the following criteria is met:
a. A program, authorized by either a new or an existing statute or Executive order,
requires for its successful accomplishment the creation and retrieval of individually
identifiable records.
b. There is a proposed new use of existing records that is incompatible with the purpose
for which the records were originally collected. In this case, all individuals covered by
the existing System of Records must be notified of the new purpose and routine uses
for the records in the System and must be provided with a new Privacy Act statement.
c. There is a new organization of records, resulting in consolidation of two or more
existing systems into one new ("umbrella") system, whenever the consolidation cannot
be classified under a current System notice.
d. It is discovered that records about individuals are being created and used, and that this
activity is not covered by a current, published System notice. (This is a "found
System.") OMB requires the temporary suspension of data collection and disclosure in
this case. (The period of suspension for a found System begins as soon as the System
is "found," and continues through the advance notice period required for a new
System.)
e. A new organization (configuration) of existing records about individuals which had not
previously been subject to the Privacy Act (i.e., had not been a System of Records)
results in the creation of a System of Records.
4. SIGNIFICANT ALTERATION OF A SYSTEM OF RECORDS. A significant alteration to an
existing System occurs as a result of a change in the manner in which records are organized or
the manner in which records are indexed or retrieved, or a change in the nature or scope of the
records. A System of Records is considered to be significantly altered when a change to the
System will:
a. Increase or change the number or type of individuals on whom records are maintained.
(Changes involving the number, rather than the type, of individuals about whom records
are kept need only be reported when the change significantly alters the character and
purpose of the System of Records.)
b. Expand the type or categories of information maintained. For example, if an employee file
is expanded to include data on education and training, this would be considered an
expansion of the "types or categories of information" maintained.
c. Alter the manner in which the records are organized or the manner in which the records
are indexed or retrieved so as to change the nature or scope of these records, such as
splitting an existing System into two or more different Systems such as might occur in a
centralization or a decentralization of organizational responsibilities.
d. Alter the purpose for which information in the System is used.
-------�
til*
e. Change the equipment configuration (that is, hardware or software on which the System
is operated so as to create the potential for either greater or easier access).
f. Change procedures associated with the System in a manner which affects an individual's
exercise of his/her rights.
5. DOCUMENTATION OF NEW SYSTEM OR SIGNIFICANT ALTERATION OF EXISTING
SYSTEM. Documentation in support of a new System or significant alteration to an existing
System must be sent to the Chief, Information Management Branch, IMSD, OIRM, and consist
of a draft of the following: (a) narrative report of the System (for OMB); (b) Privacy Act
Statement (for the individuals to whom the records pertain); and (c) System notice (Federal
Register notice). Documentation must reach the Information Management Branch, IMSD, in
sufficient time for Agency review, the sixty-day advance notice required by OMB prior to placing
a System in operation, and the thirty-day public comment period after Federal Register
publication. Documentation guidelines are contained in Figure 2-1.
6. REQUESTS FOR WAIVER OF OMB'S SIXTY DAY ADVANCE NOTICE PERIOD. A waiver
from OMB of the sixty day advance notice requirement can be requested by the Assistant
Administrator for Administration and Resource Management in compelling cases. Program
requests should be made part of the documentation sent to the Chief, Information Management
Branch, IMSD.
a. The waiver must demonstrate that a delay of sixty days in establishing a System of
Recordsor making significant alteration to an existing Systemwould not be in the
public interest by (1) showing how the public interest would be adversely affected if the
waiver were not granted, and explaining why the responsible EPA organization was
unable to provide earlier notice; or, (2) demonstrating that suspending operation of a
found System would adversely affect the public interest and failure to report it was due
to administrative oversight.
b. Compelling circumstances for which a waiver request would be in the public interest
include the following examples: (1) the health and safety of individuals are at serious
risk, (2) the statute or Executive order authorizing the program provides a specific date
for compliance, (3) there would be serious harm to a class of beneficiaries who are
proposed to be included in the System.
7. MINOR ALTERATIONS TO SYSTEM OF RECORDS. Alterations that do not meet the criteria
of par. 4 above for significantly altered System of Records require only the publication in the
Federal Register of a revised notice. The thirty-day public comment period and sixty-day
advance notice to OMB are not required. A draft notice is to be sent to the Chief, Information
Management Branch, IMSD.
8. TERMINATION OF SYSTEM OF RECORDS. A System of Records is considered to be
terminated whenever the information is no longer accessed by individuals' names or other
identifiers, or whenever it is consolidated with another System of Records. Terminating a
System may involve the physical destruction of records; it may involve purging the System of
individual identifiers and maintaining the data in another form, such as statistical data; and it
may involve altering the manner in which the records are accessed so that records are no
longer accessed by the name of the subject individuals or other personal identifiers. Because
records retired to a Federal Records Center (FRC) are still under the control of EPA, the act of
retiring an inactive System to the FRC does not in itself constitute termination of the System.
See Figure 2-2 for documentation guidelines.
-------�
til*
Figure 2-1: Documentation Instructions -- New Systems
and Major Alterations
Note: Complete documentation, consisting of both paper copy and floppy disk, must be sent to the
Chief, Information Management Branch (PM-211-D), Information Management and Services Division,
U.S. Environmental Protection Agency, Washington, D.C. 20460.
1. Federal Register Notice. The Federal Register notice must be prepared in accordance with
the Federal Register Document Drafting Handbook and include the signature element of the
Assistant Administrator for Administration and Resources Management. The following must be
included in the notice:
a. System Name. Provide the name of the System of Records.
b. Security Classification. Identify the security classification of the System of Records.
(Primarily for use by the Defense Department.) If there is no such classification, enter
"none."
c. System Location. Specify each address at which the System is maintained. Include
Headquarters and field locations and the address of contractors, if any, who may maintain
the System for EPA. If there are many locations, the list may be added as an appendix.
d. Categories of Individuals in System. Describe the categories of individuals on whom
records are maintained in sufficient detail to enable individuals to determine if there is
information on them in the System.
e. Categories of Records in System. Give a brief description of all of the types of
information in the System. For example, medical history, employment history.
f. Authority for Maintenance of System. Cite the specific statute(s) and/or Executive
order(s) which authorize EPA to maintain the System.
g. Purpose(s). State the reason(s) for creating the System and what the System is designed
to accomplish.
h. Routine Uses of Records Maintained in the System Including Categories of Users
and Purpose of Such Use. Describe each routine use which will be made of the records,
including the categories of users and the purpose of each use.
i. Policies and Practices for Storing, Retrieving, Accessing, Retaining, and Disposing
of Records in the System.
Storage. List all media in which records in the System are maintained (file folders,
magnetic tape, microform, etc.). Briefly describe how each medium is stored.
Retrievability. Describe how the records are indexed and retrieved.
Safeguards. Describe your security policies and the procedures taken to prevent
unauthorized disclosure of the records. Include the categories of EPA employees to
whom access will be limited.
Retention and Disposal. Indicate how long the EPA retains the records in identifiable
form. If the records are covered by a Records Control Schedule, so state.
j. System Manager and Address. Give the title and complete business address of the
person responsible for the records. A contractor, consultant, or anyone other than an EPA
employee may not be designated as a System Manager.
k. Notification Procedure. Provide the procedural information necessary for an individual to
find out whether or not there are records about him/her in the System. Provide the
complete address of the System Manager to which requests for notification may be
presented. Do not include telephone numbers.
I. Record Access Procedures. Provide the procedural information necessary for an
individual to gain access to records about him/herself. Give name and address of the
-------�
System Manager whom the individuals should contact if they want to gain access to any
record about themselves in the System.
m. Contesting Records Procedures. Provide procedures for an individual to contest the
accuracy, relevancy, completeness and timeliness of records about him/herself. Give name
and address of the System Manager to be contacted.
n. Record Source Categories. Describe the sources from which the information in the
System is obtained. Sources include, but are not limited to, the individual on whom the
records are maintained, previous and current employees, other agencies, etc.
o. Systems Exempted from Certain Provisions of the Act. Under limited circumstances,
the Privacy Act permits agencies to exempt a System of Records from compliance with
certain provisions of the Act. (See Chapter 3, par. 3 and Figure 3-1.) Identify the Privacy
Act exemption(s), by subsection of the Act, applicable to the System; the provisions of the
Act being exempted and a brief statement of the reason for invoking the exemption. Cite
the Federal Register issue and page number where the proposed rule creating the
exemption was published. If no exemptions are applicable, enter "none."
(NOTE: Attach a completed and signed Federal Register Typesetting Request, EPA Form
2340-15, to the Federal Register notice. This form is available through normal supply
channels).
2. Narrative Report for OMB. This report, normally not more than two pages, must:
a. Describe the purpose of the System Records.
b. Identify the authority under which the System of Records is to be maintained.
c. Describe briefly the steps the Agency has taken to minimize the risk of unauthorized access
to the System, and the higher or lower risk alternatives which the Agency considered.
3. Privacy Act Statement. This statement must be in writing and must inform the individual of the
authority for collecting the information, the purpose for which the information is being collected
on him/her and the routine uses which will be made of the information. The statement must also
state whether furnishing information is voluntary or mandatory and explain what the
consequences will be if an individual does not agree to furnish the information.
Sample Federal Register Notice -- New System
ENVIRONMENTAL PROTECTION AGENCY
[OA-FRL-2768-2]
Privacy Act of 1974; Proposed New System of Records
AGENCY: Environmental Protection Agency.
ACTION: Privacy Act of 1974, Proposed new system of records.
SUMMARY: As required by law (5 U.S.C.552a) the U.S. Environmental Protection Agency is publishing
for comment a new system of records that it is proposing to maintain. The proposed system is
"Enforcement Case Support Expert Resources Inventory System." Agency enforcement personnel will
use the records to aid in the identification and selection of individuals with appropriate expertise and
qualifications to serve either as expert consultants or as expert witnesses in connection with hazardous
waste enforcement cases and in maintaining a record of use of experts on enforcement cases.
EFFECTIVE DATE: This system shall become effective as proposed, without further notice thirty days
after publication unless comments are received which would result in contrary determination.
FOR FURTHER INFORMATION CONTACT: Mike Kosakowski, Chief, Technical Support Branch, Office
of Waste Programs Enforcement (WH-527), U.S. Environmental Protection Agency, 401 M Street, S.W.,
Washington, D.C. 20460. Telephone: 202-382-5611.
-------�
til*
Howard M. Messner,
Assistant Administrator for Administration and Resources Management.
EPA-15
SYSTEM NAME: Enforcement Case Support Expert Resources Inventory SystemEPA-14.
SECURITY CLASSIFICATION: None.
SYSTEM LOCATION: Office of Waste Programs Enforcement (WH- 527), U.S. Environmental
Protection Agency, 401 M Street, S.W., Washington, D.C. 20460.
CATEGORIES OF INDIVIDUALS IN SYSTEM: Individuals included in the system are experts in
scientific and technical fields who have appropriate expertise and qualifications to serve either as
consultants or expert witnesses in connection with hazardous waste enforcement cases and who have
agreed to be included in the system.
CATEGORIES OF RECORDS IN SYSTEM: Basic input to the system is selected information from a
professional resume and supporting documents supplied by the individual which contain such data as
name, contact points and telephone numbers, educational background, disciplines, specialty areas,
specific subject knowledge, research interests, specific chemical knowledge, membership in technical
societies and working groups, awards and honors, consulting experience, background in litigation,
professional history (with periods of employment, titles, names of employers, positions held,
descriptions of work), and similar information. Certain information is entered in summary form. Other
input into the system consists of records pertaining to U.S. EPA's proposed and actual use of the
individual as an expert consultant or an expert witness for enforcement cases.
AUTHORITY FOR MAINTENANCE OF SYSTEM: 42 U.S.C. 9604, 9606, 9607 (Enforcement authority
under Comprehensive Environmental Response, Compensation and Liability Act); 42 U.S.C. 9628, 9673
(Enforcement authority under Resource Conservation and Recovery Act).
PURPOSE(S): EPA enforcement personnel will use the records to aid in the identification and selection
of potential expert consultants and expert witnesses for hazardous waste enforcement cases and in
maintaining a record of use experts on cases.
ROUTINE USES OF RECORDS MAINTAINED IN THE SYSTEM INCLUDING CATEGORIES OF
USERS AND PURPOSES OF SUCH USE:
1. Records of individuals will be disclosed on a case-by-case basis to the U.S. Department of Justice
(U.S. DOJ) attorneys who are members of the negotiation/litigation team for the purpose of
enabling their participation in the case and permitting their assistance in the selection of expert
consultants and expert witnesses.
2. Records of individuals in the system will be disclosed on a case-by-case basis to other scientific
and technical experts used by the U.S. EPA to familiarize them with experts for use on the case
or to obtain their assistance in identifying possible expert consultants and expert witnesses.
3. Records in the system may be disclosed to OWPE enforcement contractors for the purpose of
subcontracting experts identified in the system and for the purpose of updating or otherwise
refining records in the system. By the terms of the contract, enforcement contractors are
required to maintain the information in confidence and in accordance with the requirements of
the Privacy Act.
4. Records in the system may be disclosed to the U.S. DOJ when related to litigation or anticipated
litigation involving the records or the subject matter of the records.
5. Also see Prefatory Statement of General Routine Uses 41 FR 39689 (September 15, 1976).
POLICIES AND PRACTICES FOR STORING, RETRIEVING, ACCESSING, RETAINING AND
DISPOSING OF RECORDS IN THE SYSTEM:
STORAGE: Various portions of the system are maintained on computer disks, word-processor disks,
anH in harH-i~r»nw filoc
and in hard-copy files.
-------�
RETRIEVABILITY: Information is retrieved from the computer database and word-processor format
by addressing selected data items in the system which cross-reference to an individual's name. The
name is used to manually access materials in alphabetized hard-copy files.
SAFEGUARDS: Only authorized individuals have access to the system and it is maintained under a
classification of "Enforcement Confidential." Records on the computer disks are protected from access
by a unique identification code. Hard-copy files and word-processor disks, when not in use or in the
possession of an authorized individual, are maintained in a locked cabinet. Both the computer and
cabinets are in rooms protected by door locks in a building with restricted access.
RETENTION AND DISPOSAL: Records are maintained and periodically updated until individuals
identified in the system request that their own record be deleted. Other reasons for deletion will be at
the discretion of the Expert Resources coordinator and the System Manager.
SYSTEM MANAGER(S) AND ADDRESS: Chief, Technical Support Branch, Office of Waste Programs
Enforcement (WH-527), U.S. Environmental Protection Agency, 401 M Street, S.W., Washington, D.C.
20460.
NOTIFICATION PROCEDURES: Inquiries should be addressed to the System Manager. Additional
information and requirements will be provided.
RECORD ACCESS PROCEDURES: Inquiries should be addressed to the System Manager. Additional
information and requirements will be provided.
CONTESTING RECORDS PROCEDURES: Inquiries should be addressed to the System Manager. The
record and the specific information being contested should be identified. The corrective action sought
and supporting justification for the correction should be provided by the individual. Additional
information and requirements will be provided as necessary.
RECORD SOURCE CATEGORIES:
1. Records furnished by individuals identified in the system. Information may be entered into the
system in interpretive and summary form.
2. Records developed by U.S. EPA personnel concerning the proposed and actual use of expert
consultants and expert witnesses.
SYSTEMS EXEMPTED FROM CERTAIN PROVISIONS OF THE ACT: None.
Figure 2-2: Documentation Instructions -- Termination of
System
Note: Documentation, consisting of both paper copy and floppy disk, must be sent the Chief,
Information Management Branch (PM-211-D), Information Management and Services Division, U.S.
Environmental Protection Agency, Washington, D.C. 20460.
Whenever one of the conditions in Chapter 2, par. 8, occurs, actual termination of a System of Records
is accomplished, and a Federal Register notice is required. A draft Federal Register notice must be sent
to the Chief, Information Management Branch, IMSD. The notice must describe the following:
1. System name.
2. Original Federal Register publication citation (volume, page number, and date of publication).
3. Reason for termination.
4. Disposition of records
-------�
Sample Federal Register Notice -- Termination
Privacy Act of 1974, Notification of Deletion of System of Records
SUMMARY: The Environmental Protection Agency is deleting a system of records, Statements of
Known Financial Interests (EPA-12), that is no longer in use.
DATE: Effective July 29, 1985
FOR FURTHER INFORMATION CONTACT: Mr. Donnell Nantkes, Grants, Contracts, and General Law
Division, Office of General Counsel (LE-132G), Washington, D.C. 20460, telephone (202) 382-4550.
SUPPLEMENTARY INFORMATION: On September 8, 1978, and pursuant to the provisions of the
Privacy Act of 1974, there was published in the Federal Register (43 FR 40057) a notice of the system
of records, Statements of Known Financial Interests (EPA-12) Section 207(c) of the Ethics in
Government Act (Pub. L. 95-521) superseded the requirement for this report. Accordingly, this notice
formally deletes this system of records.
Dated: July 22, 1985
Seymour D. Greenstone,
Acting Assistant Administrator for Administration and Resources Management.
Chapter 3. Access and Amendment
(Revised December 2005)
PURPOSE
The purpose of this Chapter is to describe procedures and responsibilities for responding to a request to
access or amend information in a System of Records. This Chapter has been revised to reflect changes
in the Agency's process for responding to these types of requests.
PROCESSING REQUESTS FOR ACCESS
3.1 Individual Access to Personal Information
The Privacy Act permits individuals to gain access to records about themselves that EPA maintains in its
systems of records, unless the records are covered by an exemption. Individuals also may request that
the Agency change or amend incorrect or incomplete information. System managers, or their
designees, make initial decisions to release, amend or correct individuals' records, and to extend the
date for mailing initial determinations under the Privacy Act.
3.2 Individual Requests for Access
Individuals will address requests for access or amendment to personal information in a Privacy Act
system of records to the EPA Privacy Act officer through EPA's Freedom of Information Act (FOIA)
Office according to instructions in the relevant Privacy Act notice. A requester who cannot determine
which system of records applies should write to the EPA Privacy Act officer. The FOIA Office will assign
the request a tracking number and send the individual a letter acknowledging receipt of the request by
the Agency
3.2.1 Time Limits
The Agency FOIA Office will acknowledge requests for access within 10 working days after receipt and
forward the request to the manager of the system of records to which the request pertains, who will
determine whether to grant access to the record. If the system manager cannot make a determination
within 30 working days, he or she will inform the requester of the reasons for the delay, and estimate
when he or she will make a decision.
-------�
3.3 Relationship Between the Privacy Act and the Freedom of Information Act (FOIA)
The Privacy Act provides seven specific exemptions to apply to systems of records. Individuals can use
FOIA to seek access to records that are exempt from disclosure under the Privacy Act. The EPA FOIA
Office will process Privacy Act requests under both statutes.
The EPA FOIA Office will:
Process requests by individuals for access to records pertaining to themselves made under
FOIA.
Process requests by individuals for access to records pertaining to themselves made under the
Privacy Act of 1974.
Process requests by individuals for access to records pertaining to themselves that cite both
FOIA and the Privacy Act except:
When FOIA access provisions provide a greater degree of access; or
When access to the information is controlled by another federal statute.
If the former applies, the FOIA staff will follow its access provisions.
If the latter applies, the FOIA staff will follow the access procedures
established under the controlling statute.
Process requests by individuals for access to records pertaining to themselves
in system of records that do not cite either FOIA or the Privacy Act under the
procedures established by FOIA and its implementing regulations.
The system manager must cite the specific provisions of the Privacy Act or FOIA when responding to
such requests. He or she may not deny individuals access to personal information concerning
themselves that would otherwise be released to them under either Act solely because they fail to cite
either Act or cite the wrong Act, regulation or instruction. Furthermore, the system manager must
explain to the requester which Act or procedure he or she used when granting or denying access.
3.4 Verification of Identity
All Privacy Act requests must include sufficient information to verify an individual's identity. According
to 40 CFR 16.3(0. an individual who cannot provide sufficient identification as listed in 40 CFR 16.4(b)
must submit a signed and notarized statement indicating that he or she is the individual to whom the
records pertain, and that he or she understands that it is a misdemeanor punishable by a fine up to
$5,000 to knowingly and willfully seek or obtain records about another individual under false pretenses.
See Figure 1 below for a sample Privacy Act request letter that the Privacy Act officer or system
manager can provide to individuals who need help preparing a request or have not provided sufficient
information.
Figure 1: Sample Privacy Act Request Letter
Privacy Act officer [or Freedom of Information officer]
U.S. Environmental Protection Agency
[Street address]
[City, state, zip code]
Re: Privacy Request for Access
Dear:
This is a request under the Privacy Act of 1974.
I request a copy of any records [or specifically named records] about me maintained at EPA. These
records are contained in a Privacy Act system of records titled [name of system].
[Optional] To assist with your search for these records, I am providing the following additional
information: [for example: full name, Social Security number, date and place of birth]. Also, I have the
-------�
following contacts with your Agency: [for example: job applications, periods of employment, loans or
Agency programs applied for, etc.].
[Optional] Please consider this request is also made under the Freedom of Information Act. Please
provide any additional information that may be available under the FOIA.
If you determine that any portions of these documents are exempt under either of these statutes, I will
expect you to release the non-exempt portions to me as the law requires. I reserve the right to appeal
any decision to withhold information.
[Optional] Enclosed is [a notarized signature or other identifying document] that will verify my
identity. I look forward to receiving your reply.
Thank you for your consideration.
Sincerely,
[Name]
[Address]
[City, state, zip code]
Acceptable identity verification for individuals seeking physical access to their records includes
employee and military identification cards, drivers' licenses, other licenses, permits or passes used for
routine identification purposes.
When an individual requests access by mail, the individual must provide his or her full name, date and
place of birth, or other personal information necessary to locate the record he or she seeks. Additional
identifying data and notarization may be required for sensitive information.
If an individual requests that he or she be accompanied by another person during a personal inspection
of records or to have the records released directly to another person, he or she must submit a written
statement authorizing disclosure in the presence of another person. Furthermore, the individual is not
required to explain or justify his or her need for access to any record under this guidance.
(The system manager must not use identification procedures to discourage legitimate requests or to
burden needlessly or delay the amendment process. He or she may not refuse access to an individual's
records solely because he or she refuses to divulge his or her Social Security number, unless that is the
only method by which he or she can retrieve the records.)
Only an EPA system manager may deny access. The denial must be in writing and contain the
individuals' rights in accordance with 40 CFR 16.6(a)(2).
3.5 Fees
According to 40 CFR 16.9. EPA charges no fees for providing a copy of the first 100 pages of a record
or any portion of a record to an individual to whom the record pertains. The fee schedule for
reproducing additional pages is the same as that for FOIA requests. Since Privacy Act requests are also
processed as FOIA requests, the fee schedule is governed by FOIA regulations. (See 40 CFR 2.107.^)
3.6 Granting Access to Records
The system manager should grant individuals access to the original record or an exact copy of the
original record pertaining to themselves without any changes or deletions, unless they have been made
according to the Privacy Act's exemption rules. An amended record is considered original for the
purpose of granting access. The system manager should clearly explain to the individual any
amendments and deletions to records or portions of records.
If the system manager grants access, he or she notifies the Headquarters FOIA office and the individual
of the decision. The individual is told:
Where the records may be inspected;
The earliest date (i.e., generally no more than 30 working days from the date the Agency
receives the request) the records may be inspected; and,
-------�
The times the records will remain open for inspection.
If the individual requests copies by mail, the system manager must notify him or her of the estimated
date - no more than 30 working days from the date the Agency receives the request - that the record
will be mailed.
3.6.1 Illegible, Incomplete or Partially Exempt Records
The system manager cannot deny an individual access to a record or a copy of a record solely because
the physical condition or format of the record does not make it readily available. He or she must recopy
or prepare an extract of the record within the stated time limits.
If a portion of a record contains information exempt from access, the system manager must provide an
extract or summary containing all of the releasable information in the record, including a clear, written
explanation to the individual of all deletions or changes to the records.
3.6.2 Access to Medical Records
Medical records maintained by EPA are not exempt from access provisions, although the Privacy Act
authorizes special provisions for them under 552a(f)(3). The system manager may deny an individual
direct access to medical or psychological records if he or she, in consultation with a medical doctor,
determines that direct disclosure would harm the individual's physical or mental health. In this case,
the system manager must offer to send the records to a physician the individual selects.
If the system manager denies direct access, he or she sends the record to the individual's physician,
explaining why access without proper professional supervision could be harmful to the individual,
unless it is obvious from the record. If the individual refuses or fails to designate a physician, the
system manager will not provide the record. Such refusal of access is not considered a denial for
Privacy Act reporting purposes.
3.6.3 Access to Information Compiled in Anticipation of Civil Action
The Privacy Act limits access to any information compiled in reasonable anticipation of a civil
proceeding under 5 U.S.C. 552a(dX5V The system manager is not required to disclose to an individual
any information compiled in reasonable anticipation of a civil action or proceeding, which includes
quasi-judicial and pretrial judicial proceedings. However, he or she is not required to implement this
exemption by regulation.
Attorney work products prepared in conjunction with quasi-judicial, pretrial and trial proceedings,
including those prepared to advise EPA officials of the possible legal consequences of a given course of
action are also protected.
3.6.4 Access to Investigatory Records
The system manager will process requests by individuals for access to investigatory records pertaining
to themselves and compiled for law enforcement purposes that have been incorporated into exempt
system of records under the Privacy Act or FOIA. depending on which regulation gives the requester
the greatest degree of access. The system manager may not deny an individual access to a record
solely because it is in the exempt system. The Agency Privacy Act officer and FOIA officer will
collaborate, when appropriate, to give the individual optimal access.
The system manager must refer individual requests for access to exempt investigatory records that are
temporarily in the possession of a non-investigatory element for settlement or personnel actions to the
originating investigating agency. He or she must inform the individual in writing of these referrals.
3.7 Denial of Access
The system manager may deny an individual access to a record pertaining to him or her for the
following reasons and for the reasons itemized under Section 3.7.1, "Other Reasons to Deny Access."
If the record:
Was compiled in reasonable anticipation of civil action;
-------�
til*
Is in a system of records that has been exempted from the access provisions of this guidance
under one of the permitted exemptions;
Contains classified information that has been exempted from the access provision of this
regulation under the blanket exemption for such material claimed for all EPA records systems;
or
Is contained in a system of records for which access may be denied under some other federal
statute.
The system manager may only deny access to portions of records if the denial serves a legitimate
purpose.
3.7.1 Other Reasons to Deny Access
The system manager may also deny access if:
The individual does not describe the record well enough for employees familiar with the file to
locate it with a reasonable amount of effort; or
The individual fails or refuses to comply with the established procedural requirements, such as
refusing to name a physician to receive medical records when required or refusing to pay fees.
The system manager must explain to the individual the specific reason he or she was refused access,
and how he or she may obtain it.
3.7.2 Notifying the Individual of Denial of Access
Denials of access must be in writing and include:
The name, title and signature of the designated denial authority;
The date of the denial;
The specific reason for the denial, including the specific citation from the Privacy Act or FOIA;
Notice to the individual of his or her right to appeal the denial within the 30-calendar-day time
limit; and
The title and address of the Agency Privacy Act officer.
PROCESSING ACCESS APPEALS
3.8 Access Appeal Procedures
The Agency must establish internal appeal procedures that provide for:
Review by OGC or DIG for systems of records maintained by them, of any appeal by an
individual from a denial of access to EPA records.
Formal written notification to the individual from the system manager that must include:
o The exact reason for denying the appeal, including specific citation to the provisions of
the Privacy Act or other statute;
o The date of the appeal determination;
o The name, title and signature of the appeal authority; and
o A statement informing the applicant of his or her right to seek judicial relief.
If OGC or DIG grants the appeal, it must notify the individual and provide access to the requested
records. The written appeal notification granting or denying access is the final Agency action regarding
access.
The individual must file any appeals from denial of access within 30 calendar days of receipt of
notification. The system manager must process all appeals within 30 days of receipt unless he or she
determines that he or she cannot make a fair and equitable review within that period. The system
manager must notify the appellant in writing if additional time is required for the appellate review. He
-------�
or she must also include the reasons for the delay and the date when the individual may expect an
answer to the appeal.
3.8.1 Denial of Appeals by Failure to Act
A requester may consider his or her appeal formally denied if the appeal authority fails:
To act on the appeal within 30 days;
To provide the requester with a notice of extension within 30 days; or
To act within the time limits established in the notice of extension.
PROCESSING REQUESTS FOR AMENDMENTS
3.9 Requests for Amendment
An individual may request the amendment of any record contained in a system of records pertaining to
him or her, unless the system of records has been exempted specifically from the amendment
procedures of this guidance. Normally, amendments under this guidance are limited to correcting
factual matters and not matters of official judgment, such as performance ratings, promotion potential
and job performance appraisals.
The individual's request for amendment must in writing and sent to the EPA Privacy Act Officer. The
Privacy Act Officer will assign the request a tracking number. The system manager must not use the
written requirement to discourage individuals from requesting valid amendments.
A request for amendment must include:
A description of the item or items to be amended;
The specific reason for the amendment;
The type of amendment action sought, i.e., deletion, correction or addition; and
Copies of available documentary evidence supporting the request.
3.9.1 Burden of Proof
Under 40 CFR 16.5. an individual must support his or her request for amendment adequately for the
system manager to approve an amendment request. The individual must submit the request in writing,
including his or her name, the name of the system of records, a detailed description of the information
they seek to correct or amend, the specific reasons for the correction or amendment and sufficient
documentation of identity.
3.9.2 Limits on Previously Submitted Judicial Evidence
Individuals may not use this amendment process to alter evidence presented in the course of judicial or
quasi-judicial proceedings. The system manager amends these records through specific procedures
established for the amendment of such records.
This process does not allow a system manager to amend information that has already been the subject
of a judicial or quasi-judicial determination. However, an individual may challenge the accuracy of the
official recording of that determination.
3.9.3 Sufficiency of a Request to Amend
The system manager must consider the following factors when evaluating the sufficiency of a request
to amend:
The accuracy of the information itself; and
The relevancy, timeliness, completeness and necessity of the recorded information for
accomplishing an assigned mission or purpose.
-------�
til*
3.9.4 Time Limits
The EPA Privacy Act officer must acknowledge a request to amend in writing within 10 working days of
its receipt. There is no need to acknowledge a request if the action is completed within 10 working days
and the individual is so informed.
The letter of acknowledgment will clearly identify the request and advise the individual when he or she
may expect a determination of amendment of his or her records. Only under the most exceptional
circumstances will more than 30 days be required to reach a decision on a request to amend. The
system manager must also document fully in the Privacy Act case file any such decision that takes
more than 30 days to resolve.
3.10 Agreement to Amendments
If the system manager decides to grant all or part of an amendment request, he or she will amend the
record accordingly and notify the requesting individual.
3.10.1 Notification of Previous Recipients
The system manager must notify all previous recipients of the information, as reflected in the Privacy
Act case file, of the specific nature and substance of the amendment. (See Section 3.13: Privacy Act
Case Files) The system manager must inform the individual of these notifications and honor his or her
requests to notify specific federal agencies of the amendment action.
3.11 Denying Amendments
If the system manager denies the request for amendment in whole or in part, he or she must promptly
notify the individual of the denial in writing, including:
The specific reason and authority for denying amendment;
Notification that the individual may request further review of the decision by OGC or DIG, as
appropriate, not later than 30 working days from the date on which he or she requests such
review (5 U.S.C. 552a(d)(3));
The procedures for appealing the decision, citing the position and address of the official to
whom he or she must address the appeal; and
Where he or she can receive assistance in filing the appeal.
3.12 Amendment Appeal Procedures
The Agency must establish procedures to ensure prompt, complete and independent review of each
amendment denial appealed by an individual. These procedures must ensure that the reviewing official,
i.e., OGC or DIG, receives the appeal, along with all supporting materials, including those sent to the
individual and those contained in Agency records. If OGC or DIG denies the appeal completely or in
part, it notifies the individual in writing that:
It has denied the amendment appeal and the specific reason and authority for the denial; and
If filed properly, it will include the statement of disagreement in the record.
The individual will also be informed that:
He or she may file a statement of disagreement with the EPA office in control of the record, and
the procedures for filing this statement; and
He or she may seek a judicial review of the decision not to amend.
If the record is amended, the system manager must ensure that:
He or she promptly notifies the individual of the decision;
He or she notifies all prior known recipients and retainers of the records of the decision and the
specific nature of the amendment; and
He or she notifies the individual which EPA offices and federal agencies have been told of the
amendment.
-------�
til*
OGC or DIG, as appropriate, must process all appeals within 30 days unless it determines that it cannot
make a fair review within this time limit. If OGC or DIG needs additional time, it must notify the
individual in writing of the delay, the reason for the delay and when the individual may expect a final
decision on the appeal. OGC or DIG must update the Privacy Act case file to document the reason for
the delay.
3.12.1 Statements of Disagreement
If OGC or DIG refuses to amend the record, the individual may submit a concise statement of
disagreement, setting forth his or her reasons for disagreeing with the decision not to amend. If the
individual files a statement of disagreement, the system manager must annotate the record accordingly
and furnish copies of the statement to all future recipients of the disputed information, and to all prior
recipients known to hold the disputed record in their systems of records.
OGC or DIG should incorporate the statement of disagreement into the record. If this is not possible, it
must ensure that it is apparent from the record that the individual filed a statement of disagreement.
The system manager must maintain the statement so that it can be obtained readily when the disputed
information is used or disclosed. He or she must annotate automated record systems that are not
programmed to accept statements of disagreement so that they clearly indicate that a statement of
disagreement is on file and identify the statement with the disputed information in the system. The
system manager also must provide a copy of the statement of disagreement whenever he or she
discloses the disputed information for any purpose.
3.12.2 EPA Summaries of Reasons for Refusing to Amend
OGC or DIG may, at its discretion, include a summary of reasons for refusing to amend any record for
which a requester filed a statement of disagreement. OGC or DIG should only include the reasons it
gave the individual for not amending the record, and not include comments on the statement of
disagreement itself. OGC or DIG must file the summary and statement of disagreement together.
When disclosing information for which an individual filed a summary, the system manager may include
a copy of the summary in the file.
ESTABLISHING PRIVACY ACT CASE FILES
3.13 Privacy Act Case Files
All Agency offices involved in the amendment or access process should establish Privacy Act case files
to retain the documentation they receive and generate for each unique record request.
The Privacy Act case file will contain:
The request for amendment or access;
Copies of the EPA office's reply granting or denying the request;
Any appeals from the individual;
Copies of the action regarding the appeal with supporting documentation not in the basic file;
and
Any other correspondence generated in processing the appeal, including coordination
documentation.
The system manager should include only the items listed below in the system of records challenged for
amendment or for which access is sought. He or she must not retain copies of unamended records in
the basic system of records if OGC or DIG grants a request for amendment.
The system manager must include these items relating to an amendment request in the disputed
record system:
Copies of the amended record;
The individual's statement of disagreement;
-------�
til*
Program office summaries; and
Documentation the individual submits.
The system manager may include the following items relating to an access request in the basic records
system:
Copies of the request;
Program office's action granting or denying total access;
Appeals filed; and
Replies to the appeal.
Chapter 4. Physical Safeguards
1. PURPOSE. This Chapter prescribes policy and procedures regarding the physical safeguards
of information within EPA which has been identified as being subject to the Privacy Act of
1974.
2. POLICY. It is EPA policy that all privacy information be safeguarded in accordance with the
requirements of the Privacy Act, the applicable Federal Register notice for the System, the
Security Volume, FSS Manual, Part III, Chapter 13, and the procedures outlined in this
Chapter.
3. PROTECTION OF PRIVACY ACT RECORDS.
a. Handling.
1. Only EPA employees who require access to Privacy Act records in the performance
of their official duties shall be permitted to review such documents.
2. Privacy Act records, while in use, shall be controlled at all times and never left in an
unattended office.
3. Internal distribution within the Agency shall be by hand-carrying or transmitted
within a sealed envelope and the intended recipient properly identified on the
envelope. In addition, the envelope should be annotated "To be opened by
addressee only," or a similar notation.
b. Storage. All Privacy Act records shall be stored as outlined in the current Federal
Register notice for that System of Records. Guidelines for storing existing and future
Systems are outlined below:
1. Within a keylocked cabinet within a keylocked room.
2. When the office configuration does not permit a keylocked room, the storage
cabinet should have a bar and a three positioned changeable combination padlock.
3. Within a security cabinet with a built-in three position changeable combination lock.
4. Any other manner authorized by the Chief, General Services Branch, Facilities and
Support Services Division.
4. TRANSFER/DESTRUCTION OF PRIVACY ACT RECORDS.
a. System Managers contemplating transfer to the Federal Records Center or destruction
of information in a System of Records should determine that such data is eligible for
transfer/destruction under authorized retention periods in the EPA Records Control
Schedules.
b. Destruction, when authorized by EPA Schedules, must be by shredding or pulping or
other method that makes the data unretrievable. (The Security and Records staffs are
available for assistance concerning the proper method of destruction.)
-------� |