Records Maintained on Individuals

Subject Area: Records Maintained on Individuals

Point of Contact:	MIRIAM BARTOS
Management System Owner:	KIMBERLY DONHAM
Secondary Management System Owner:	WENDY BRYANT

SCMS Home Page | Revision History | Subject Area Definitions

Issue Date: 08/28/2012
SCMS Revision: 2.3

1.0 Introduction

The U.S. Department of Energy (DOE) Office of Science (SC) maintains certain agency records on individuals that are subject to the Privacy Act in the Privacy Act Systems of Records. Additionally, SC maintains agency records on individuals that are not in Privacy Act Systems of Records (i.e., records about individuals that are not retrieved by name or personal identifier). See Procedure 1, Processing Requests from Current and Former U.S. Department of Energy (DOE) and Contractor Employees, for information on how requests for records are processed by SC. See the SC Chicago Office (SC-CH) link at http://doe.lib.uic.edu/privacy_act_request2.html for information on how to submit a Privacy Act request to SC-CH. See the SC Oak Ridge Office (SC-OR) link at http://www.oakridge.doe.gov/external/PublicActivities/FOIA/tabid/328/Default.aspx/ORO_FOIA.htm for information on how to submit a Privacy Act Request to SC-OR.

The SC Integrated Support Center (ISC) Privacy Act Officer (PAO) (i.e., the SC–CH PAO or the SC–OR PAO) and System Owners throughout the SC ISC perform other activities related to records maintained on individuals. These activities are in addition to receiving and processing Privacy Act and other requests from individuals for access to, or to correct or amend, records about themselves. See Procedure 2, Performing Other Activities Related to Records Maintained on Individuals, for process information on these activities. Also to note, related procedures relative to records maintained on individuals are contained in the SC Cyber Security Subject Area in Procedure 8, Privacy Impact Assessments, and Procedure 9, Response and Notification Procedures for Data Breaches Involving Personally Identifiable Information.

2.0 Contents

Procedures

Procedure Content

1. Processing Requests from Current and Former U.S. Department of Energy (DOE) and Contractor Employees

Documents and reviews the request to verify elements of a valid Privacy Act request.
As needed, contacts the requester for further information.
Identifies the appropriate System Manager and, as needed, provides guidance.
Tracks requests.
Prepare appropriate letters as needed.
Receives, reviews, and responds to the copy of responsive records.
Transmits the final response to the requester.
Assists with litigation involving the Privacy Act in which DOE is a party.
Tracks request activity in tracking system.
Maintains Privacy Act request files.

2. Performing Other Activities Related to Records Maintained on Individuals

Safeguards Personally Identifiable Information (PII).
Implements Departmental Element privacy requirements.
Incorporates privacy-related authorities in contracts, as required, and oversees contractor compliance with privacy requirements.
Implements DOE Headquarters (HQ) privacy-related direction/guidance at the SC Field Office level.
Tracks and facilitates compliance reporting.
Maintains Privacy Web site content.
Educates and trains staff on privacy matters.
Drafts Privacy Act statements, as needed.
Manages resolution of privacy complaints in the Field.
Drafts and/or revises Privacy Act System of Records Notices (SORNs), and coordinates with DOE HQ Privacy Program Office, in the DOE HQ Office of Information Resources (MA‑90), on publication of SORNs in the Federal Register.
Advises on privacy issues related to the preparation of Privacy Needs Assessments (PNAs) and conduct of Privacy Impact Assessments (PIAs).
Advises on privacy issues related to the response and notification procedures for data breaches involving PII.

3.0 Exhibits/Forms

None.

4.0 Related Information

Delegation of Authority Memorandum (Applicable to SC‑CH Only) from Roxanne E. Purucker, SC–CH Manager, to SC–CH Managers, titled Delegations of Authority to Release and Withhold Information and Act in Certain Capacities under the Freedom of Information Act (FOIA) and Designations to Carry Out Privacy Act (PA) Responsibilities, dated 10/29/2009
Delegation of Authority Memorandum (Applicable to SC–OR Only) from Gerald G. Boyd, ORO Manager, to Abel Lopez, Jr., Director, HQ FOIA/PA Group, titled, Delegation of Authority to Withhold Information under the Freedom of Information Act (FOIA), dated 01/26/2006
DEAR 970.5204-3, Access to and Ownership of Records
DOE Administrative Records Schedule 14, Informational Services Records
Federal Acquisition Regulation 52.224-1, Privacy Act Notification
Federal Acquisition Regulation 52.224-2, Privacy Act
OMB M-03-22, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002
OMB M-06-15, Safeguarding Personally Identifiable Information
OMB M-06-16, Protection of Sensitive Agency Information
OMB M-06-19, Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments
OMB M-07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information
Procedure 8, Privacy Impact Assessments, of the SC Cyber Security Subject Area
Procedure 9, Response and Notification Procedures for Data Breaches Involving Personally Identifiable Information, of the SC Cyber Security Subject Area
SC Chicago Office (SC-CH) Privacy Act Requests Web site
SC Oak Ridge Office (SC-OR) Privacy Act Requests Web site
Service Plan of the SC Integrated Support Center (ISC)

5.0 Requirements

Document	Title	Requirement Decision Record
10 CFR 1008	Records Maintained on Individuals (Privacy Act)	Completed
DOE O 206.1	Department of Energy Privacy Program	Completed
74 Federal Register 994-1090	Privacy Act of 1974; Publication of Proposed Compilation of Privacy Act Systems of Records	Completed
OMB M-06-19	Reporting Incidents Involving Personally Identifiable Information and Incorporating the Cost for Security in Agency Information Technology Investments	Completed
5 U.S.C., Section 552a	Records Maintained on Individuals (Privacy Act)	Completed

6.0 Definitions

Definitions.

This is not the online OFFICIAL SCMS COPY of this file. Before using this printed copy, verify that it is the most current version by checking the Last Major Revision and Last Minor Revision dates (at the bottom of each document) on the SCMS Web site.

This is the online OFFICIAL SCMS COPY of this file. Before using a printed copy, verify that it is the most current version by checking the Last Major Revision and Last Minor Revision dates (at the bottom of each document) on the SCMS Web site.

SCMS Home Page | Revision History | Subject Area Definitions

Send a question or comment to the SCMS Help Desk.
Disclaimer

Filename: /OrbitSearch/SubjArea/PA/PA_SA.cfm
Last Major SCMS Revision: 12/17/2009