[Code of Federal Regulations] [Title 28, Volume 1] [Revised as of July 1, 2008] From the U.S. Government Printing Office via GPO Access [CITE: 28CFR16.51] [Page 290] TITLE 28--JUDICIAL ADMINISTRATION CHAPTER I--DEPARTMENT OF JUSTICE PART 16_PRODUCTION OR DISCLOSURE OF MATERIAL OR INFORMATION--Table of Contents Subpart D_Protection of Privacy and Access to Individual Records Under the Privacy Act of 1974 Sec. 16.51 Security of systems of records. (a) Each component shall establish administrative and physical controls to prevent unauthorized access to its systems of records, to prevent unauthorized disclosure of records, and to prevent physical damage to or destruction of records. The stringency of these controls shall correspond to the sensitivity of the records that the controls protect. At a minimum, each component's administrative and physical controls shall ensure that: (1) Records are protected from public view; (2) The area in which records are kept is supervised during business hours to prevent unauthorized persons from having access to them; (3) Records are inaccessible to unauthorized persons outside of business hours; and (4) Records are not disclosed to unauthorized persons or under unauthorized circumstances in either oral or written form. (b) Each component shall have procedures that restrict access to records to only those individuals within the Department who must have access to those records in order to perform their duties and that prevent inadvertent disclosure of records. [Order No. 2156-98, 63 FR 29600, June 1, 1998; 63 FR 34965, June 26, 1998]