It is the responsibility of all EEOC systems users to help ensure the security and integrity of the information contained in the Commission’s automated and manual records systems. The Office of Management and Budget (OMB) Circular A-130, the Privacy Act of 1974, and the Federal Information Security Management Act of 2002 all define such information, as well as the technology used to maintain it, as a vital Government asset. Those who control or use this information are responsible for its care, custody and protection. All EEOC system users, whether EEOC employees, contractors, contingent workers, and other users of EEOC information and information systems, are expected to be aware of certain legal rules and policies which must be followed for the purpose of safeguarding such information. Violation of these rules may be grounds for disciplinary action up to and including removal.
The confidentiality provisions of Title VII of the Civil Rights Act of 1964 and Title I of the Americans with Disabilities Act prohibit the Commission, its officers and employees from disclosing to the public, prior to the institution of a lawsuit, information involving: (a) any charges filed under those Acts, (b) anything said or done during informal efforts to resolve such charges, (c) any reports that employers are required to file with the Commission under those Acts, and (d) any information obtained by the Commission during the investigation of such charges. Violators can be fined not more than $1,000, imprisoned for not more than one year, or disciplined.
The Privacy Act of 1974 prohibits any disclosure by an agency officer or employee of information from any system of records about individual persons, unless the disclosure is consented to by the individual to whom the record pertains, is covered by an exception, or would be for a routine use, as defined by the Act. Violation is a criminal misdemeanor subject to a fine of not more than $5,000. The same penalty also applies to any agency officer or employee who maintains a system of records (manual or automated) about individual persons without complying with the Privacy Act notice requirements. The Act also makes it possible for individuals who believe that they are the victims of such illegal disclosures, or who believe that such information, even though properly disclosed, was inaccurate, to sue the agency responsible for such disclosures as well as for any harm, embarrassment or inconvenience which might have been caused by the existence of such inaccurate information.
For those working pursuant to the Procurement Integrity Act, the Act prohibits all disclosures not authorized by the head of the agency or the agency-contracting officer of all proprietary or source selection information during the conduct of a procurement action. The Act provides for civil and criminal penalties, as well as administrative discipline for violation.
The information resources, including computers and telecommunications equipment, acquired and used by the Agency, are Federal property and are subject to EEOC, OMB, General Services Administration, and Office of Government Ethics regulations on the management and use of Federal property [5 CFR Part 2635 Standards of Ethical Conduct for Employees of the Executive Branch; 41 CFR Ch. 101 - Federal Property Management Regulations]. EEOC has obtained its information technology (IT) equipment for the purpose of performing mission-related work. Any activity which interferes with that purpose violates Federal property regulations. Such activities include using IT equipment for non-governmental commercial business purposes, intentionally spreading computer viruses, the use of Federally funded Internet accounts and services for non-government business, etc. Employees who have not fulfilled their responsibilities under the provisions of these property regulations are subject to administrative disciplinary action.
Federal employees are permitted limited use of government office equipment for personal, non-commercial needs if the use does not interfere with official business and involves minimal additional expense to the Government. This limited personal use of government office equipment should take place during the employee’s non-work time. This privilege may be revoked or limited at any time by the employee’s supervisor or by other appropriate agency officials.
Agency employees, contractors, contingent workers, and other users of EEOC information and information systems are prohibited from making unauthorized use or duplication of software acquired by the Government for official business, or from the use of unlicensed software on government equipment which would violate the Federal Copyright statute, and expose EEOC to the possibility of lawsuits from software vendors. System users are to install on EEOC computers only commercial software that has been purchased through the government procurement process and has been determined by the Office of Information Technology (OIT) to be compatible with EEOC’s standard desktop configuration requirements. Employees are not allowed to install personally owned software on government computers, unless a specific, written exemption has been authorized by OIT. Detailed procedures for performing the foregoing responsibilities are contained in the March 2, 1999 memorandum entitled “EEOC Copyrighted Software Policy.”
EEOC system users must notify their EEOC supervisor or point of contact of every occurrence of fire, water damage, or other incident which results in damage to information assets. They should be knowledgeable about office fire procedures and where the nearest fire extinguisher is located.
EEOC system users are responsible for ensuring the security of sensitive information and protecting the technology and equipment which supports its information systems as specified in the following:
This will acknowledge that I have received and read a copy of:
_______________________________________ (PRINT YOUR NAME HERE) _______________________________________ SIGNATURE DATE
This page was last modified on April 24, 2007.