[Title 32 CFR 505.1]
[Code of Federal Regulations (annual edition) - July 1, 2002 Edition]
[Title 32 - NATIONAL DEFENSE]
[Chapter V - DEPARTMENT OF THE ARMY]
[Subchapter A - AID OF CIVIL AUTHORITIES AND PUBLIC RELATIONS]
[Part 505 - THE ARMY PRIVACY PROGRAM]
[Sec. 505.1 - General information.]
[From the U.S. Government Printing Office]
32NATIONAL DEFENSE32002-07-012002-07-01falseGeneral information.505.1Sec. 505.1NATIONAL DEFENSEDEPARTMENT OF THE ARMYAID OF CIVIL AUTHORITIES AND PUBLIC RELATIONSTHE ARMY PRIVACY PROGRAM
Sec. 505.1 General information.
(a) Purpose. This regulation sets forth policies and procedures that
govern personal information kept by the Department of the Army in
systems of records.
(b) References--(1) Required publications. (i) AR 195-2, Criminal
Investigation Activities. (Cited in Sec. 505.2(j))
[[Page 27]]
(ii) AR 340-17, Release of Information and Records from Army Files.
(Cited in Secs. 505.2(h) and 505.4(d))
(iii) AR 430-21-8, The Army Privacy Program; System Notices and
Exemption Rules for Civilian Personnel Functions. (Cited in
Sec. 505.2(i))
(iv) AR 380-380, Automated System Security. (Cited in Sec. 505.4(d)
and (f))
(2) Related publications. (A related publication is merely a source
of additional information. The user does not have to read it to
understand this regulation.)
(i) DOD Directive 5400.11, DOD Privacy Program.
(ii) DOD Regulation 5400.11-R, DOD Privacy Program.
(iii) Treasury Fiscal Requirements Manual. This publication can be
obtained from The Treasury Department, 15th and Pennsylvania Ave., NW,
Washington, DC 20220
(c) Explanation of abbreviations and terms. Abbreviations and
special terms used in this regulation are explained in the glossary.
(d) Responsibilities. (1) The Director of Information Systems for
Command, Control, Communications, and Computers (DISC4) is responsible
for issuing policy and guidance for the Army Privacy Program in
consultation with the Army General Counsel.
(2) The Commander, U.S. Army Information Systems Command is
responsible for developing policy for and executing the Privacy Act
Program under the policy and guidance of the DISC4.
(3) Heads of Joint Service agencies or commands for which the Army
is the Executive Agent, or otherwise has responsibility for providing
fiscal, logistical, or administrative support, will adhere to the
policies and procedures in this regulation.
(4) Commander, Army and Air Force Exchange Service (AAFES), is
responsible for the supervision and execution of the privacy program
within that command pursuant to this regulation.
(e) Policy. Army Policy concerning the privacy rights of individuals
and the Army's responsibilities for compliance with operational
requirements established by the Privacy Act are as follows:
(1) Protect, as required by the Privacy Act of 1974 (5 U.S.C. 552a),
as amended, the privacy of individuals from unwarranted intrusion.
Individuals covered by this protection are living citizens of the United
States and aliens lawfully admitted for permanent residence.
(2) Collect only the personal information about an individual that
is legally authorized and necessary to support Army operations. Disclose
this information only as authorized by the Privacy Act and this
regulation.
(3) Keep only personal information that is timely, accurate,
complete, and relevant to the purpose for which it was collected.
(4) Safeguard personal information to prevent unauthorized use,
access, disclosure, alteration, or destruction.
(5) Let individuals know what records the Army keeps on them and let
them review or get copies of these records, subject to exemptions
authorized by law and approved by the Secretary of the Army. (See
Sec. 505.5.)
(6) Permit individuals to amend records about themselves contained
in Army systems of records, which they can prove are factually in error,
not up-to-date, not complete, or not relevant.
(7) Allow individuals to ask for an administrative review or
decisions that deny them access to or the right to amend their records.
(8) Maintain only information about an individual that is relevant
and necessary for Army purposes required to be accomplished by statute
or Executive Order.
(9) Act on all requests promptly, accurately, and fairly.
(f) Authority. The Privacy Act of 1974 (5 U.S.C. 552a), as amended,
is the statutory basis for the Army Privacy Program. With in the
Department of Defense, the Act is implemented by DOD Directive 5400.11
and DOD 5400.11-R. The Act Assigns--
(1) Overall Government-wide responsibilities for implementation to
the Office of Management and Budget.
(2) Specific responsibilities to the Office of Personnel Management
and the General Services Administration.
(g) Access and Amendment Refusal Authority (AARA). Each Access and
Amendment Refusal Authority (AARA) is responsible for action on requests
for
[[Page 28]]
access to, or amendment of, records referred to them under this part.
The officials listed below are the only AARA for records in their
authority. Authority may be delegated to an officer or subordinate
commander. All delegations must be in writing. If an AARA's delegate
denies access or amendment, the delegate must clearly state that he or
she is acting on behalf of the AARA and identify the AARA by name and
position in the written response to the requester. Denial of access or
amendment by an AARA's delegate must have appropriate legal review.
Delegations will not be made below the colonel (06) or GS/GM-15 level.
Such delegations must not slow Privacy actions. AARAs will send the
names, offices, telephone numbers of heir delegates to the Director of
Information Systems for Command, Control, Communications and Computers,
Headquarters, Department of the Army, ATTN: SAIS-IDP, Washington, DC
20310-0107; and the Department of the Army Privacy Review Board, Crystal
Square 1, Suite 201, 1725 Jefferson Davis Highway, Arlington, VA 22202.
(1) The Administrative Assistant to the Secretary of the Army (AASA)
for records of the Secretariat and its serviced activities, to include
the personnel records maintained by the General Officer Management
Office, personnel records pertaining to Senior Executive Service
personnel serviced by the Office of the Secretary of the Army (OSA), and
Equal Employment Opportunity (EEO) records from offices serviced by the
OSA. The AASA will also serve as AARA for those records requiring the
personal attention of the Secretary of the Army.
(2) The Inspector General (TIG) for TIG investigative records.
(3) The president or executive secretary of boards, councils, and
similar bodies established by the Department of the Army to consider
personnel matters, including the Army Board of Correction of Military
Appeals, for records under their purview.
(4) The Deputy Chief of Staff for Personnel (DCSPER) for records of
active and former non-appropriated fund employees (except those in the
Army and Air Force Exchange Service), alcohol and drug abuse treatment
records, behavioral science records, recruiting, Armed Services
Vocational Aptitude Battery (ASVAB), equal opportunity, Junior Reserve
Officers' Training Corps (ROTC), Senior ROTC Instructor, military
academy cadet, selection, promotion, and reduction boards; special
review boards; professional staff informational records; and entrance
processing records (when records pertain to those not entering active
duty).
(5) The Deputy Chief of Staff for Operations and Plans (DCSOPS) for
military police records and reports and prisoner confinement and
correctional records.
(6) Chief of Engineers (COE) for records pertaining to civil work
(including litigation), military construction, engineer procurement,
other engineering matters not under the purview of another AARA,
ecology, and contractor qualifications.
(7) The Surgeon General (TSG) for medical records, except properly
part of the Official Personnel Folder (OPM/GOVT-1 system of records).
(8) Chief of Chaplains (CCH) for ecclesiastical records.
(9) The Judge Advocate General (TJAG) for legal records under TJAG
responsibility.
(10) Chief, National Guard Bureau (NGB) for personnel records of the
Army National Guard.
(11) Chief, Army Reserve (CAR) for personnel records of Army
retired, separated and reserve military personnel members.
(12) Commander, United States Army Material Command (USAMC) for
records of Army contractor personnel of the Army Material Command.
(13) Commander, United States Army Criminal Investigation Command
(USACIDC) for criminal investigation reports and military police reports
included therein.
(14) Commander, United States Total Army Personnel Command (PERSCOM)
for personnel and personnel related records of Army members on active
duty and current Federal appropriated fund civilian employees. (Requests
from former civilian employees to amend a record in any OPM system of
records such as the Official Personnel Folder should be sent to the
Office of
[[Page 29]]
Personnel Management, Assistant Director for Workforce Information,
Compliance and Investigations Group, 1900 E Street, NW., Washington, DC
20415-0001.
(15) Commander, U.S. Army Community and Family Support Center
(USACFSC) for records relating to morale, welfare and recreation
activities; community life programs; family action programs, retired
activities, club management, Army emergency relief, consumer protection,
retiree survival benefits, and records dealing with Department of the
Army relationships and social security veteran's affairs, United Service
Organizations, U.S. Soldiers' and Airmen's home and American Red Cross.
(16) Commander, U.S. Army Intelligence and Security Command (INSCOM)
for intelligence, investigative and security records; foreign scientific
and technological information; intelligence training, mapping and
geodesy information; ground surveillance records; intelligence threat
assessments; and missile intelligence data relating to tactical land
warfare systems.
(17) Commander, Army and Air Force Exchange Service (AAFES) for
records pertaining to employees, patrons, and other matters which are
the responsibility of the Exchange Service.
(18) Commander, Military Traffic Management Command (MTMC) for
transportation records.
(19) Director of Army Safety for safety records.
(20) Commander, U.S. Army Information Systems Command (USAISC) for
records which do not fall within the functional area of another AARA.
(h) Department of the Army Privacy Review Board. The Department of
the Army Privacy Review Board acts on behalf of the Secretary of the
Army in deciding appeals from refusal of the appropriate AARAs to amend
records. Board membership is comprised of the AASA, the Commander,
USAISC, Pentagon, and TJAG, or their representatives. The AARA may serve
as a nonvoting member when the Board considers matters in the AARA's
area of functional specialization. The Commander, USAISC, Pentagon,
chairs the Board and provides the recording secretary.
(i) Privacy Official. (1) Heads of Army Staff agencies and
commanders of major Army commands and subordinate commands and
activities will designate a privacy official who will serve as a staff
adviser on privacy matters. This function will not be assigned below
battalion level.
(2) The privacy official will ensure that (i) requests are processed
promptly and responsively, (ii) records subject to the Privacy Act in
his/her command/agency are described properly by a published system
notice, (iii) privacy statements are included on forms and
questionnaires that seek personnel information from an individual, and
(iv) procedures are in place to meet reporting requirements.
[50 FR 42164, Oct. 18, 1985, as amended at 58 FR 51012, Sept. 30, 1993]