[Federal Register Volume 69, Number 4 (Wednesday, January 7, 2004)]
[Rules and Regulations]
[Pages 954-973]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 04-23]



[[Page 953]]

-----------------------------------------------------------------------

Part II





Department of Defense





-----------------------------------------------------------------------



Department of the Air Force



-----------------------------------------------------------------------



32 CFR Part 806b



Privacy Act Program; Implementation; Final Rule

  Federal Register / Vol. 69, No. 4 / Wednesday, January 7, 2004 / 
Rules and Regulations  

[[Page 954]]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Department of the Air Force

32 CFR Part 806b

[Air Force Instruction 33-332]


Privacy Act Program; Implementation

AGENCY: Department of the Air Force, DoD.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Department of the Air Force is revising its Privacy Act 
Program Instruction. The revision moves responsibility for the Air 
Force Privacy Program to Air Force Chief Information Officer; 
prescribes Air Force Visual Aid 33-276, Privacy Act Label as optional; 
adds the E-Government Act of 2002 requirement for a Privacy Impact 
Assessment for all information technology systems that collect, 
maintain, or disseminate information in identifiable form from or about 
members of the public; changes appeal processing from Air Force 
Communications and Information Center to Air Force Legal Services 
Agency; adds Privacy Act warning language to use on information systems 
subject to the Privacy Act, includes guidance on sending personal 
information via e-mail; adds procedures on complaints; and provides 
guidance on recall rosters; social rosters; consent statements, systems 
of records operated by a contractor, and placing information on shared 
drives.

EFFECTIVE DATE: November 28 2003.

FOR FURTHER INFORMATION CONTACT: Mrs. Anne Rollins at (703) 601-4043.

SUPPLEMENTARY INFORMATION: The proposed rule was published on September 
25, 2003, at 68 FR 55337. One public comment was received regarding 
administrative clarifications needed for Sec.  806b.15, Fees, and Sec.  
806b.17, Special Provisions for Certain Medical Records. We added a 
paragraph on fee waivers to address concerns for those cases where the 
total copies are slightly over the 100 free copy threshold. We moved 
the last sentence in Sec.  806b.15(b) which states, ``The Privacy Act 
requires that we ultimately insure that the subject receives the 
records.'' to a separate paragraph under Sec.  806b.17 to clearly show 
that the individual is entitled to their medical records under the 
Privacy Act.

Executive Order 12866, ``Regulatory Planning and Review''

    It has been determined that Privacy Act rules for the Department of 
Defense are not significant rules. The rules do not (1) Have an annual 
effect on the economy of $100 million or more or adversely affect in a 
material way the economy; a sector of the economy; productivity; 
competition; jobs; the environment; public health or safety; or State, 
local, or tribal governments or communities; (2) Create a serious 
inconsistency or otherwise interfere with an action taken or planned by 
another Agency; (3) Materially alter the budgetary impact of 
entitlements, grants, user fees, or loan programs, or the rights and 
obligations of recipients thereof; or (4) Raise novel legal or policy 
issues arising out of legal mandates, the President's priorities, or 
the principles set forth in this Executive order.

Public Law 96-354, ``Regulatory Flexibility Act'' (5 U.S.C. Chapter 6)

    It has been determined that Privacy Act rules for the Department of 
Defense do not have significant economic impact on a substantial number 
of small entities because they are concerned only with the 
administration of Privacy Act systems of records within the Department 
of Defense.

Public Law 96-511, ``Paperwork Reduction Act'' (44 U.S.C. Chapter 35)

    It has been determined that Privacy Act rules for the Department of 
Defense impose no information requirements beyond the Department of 
Defense and that the information collected within the Department of 
Defense is necessary and consistent with 5 U.S.C. 552a, known as the 
Privacy Act of 1974.

Section 202, Public Law 104-4, ``Unfunded Mandates Reform Act''

    It has been determined that the Privacy Act rulemaking for the 
Department of Defense does not involve a Federal mandate that may 
result in the expenditure by State, local and tribal governments, in 
the aggregate, or by the private sector, of $100 million or more and 
that such rulemaking will not significantly or uniquely affect small 
governments.

Executive Order 13132, ``Federalism''

    It has been determined that the Privacy Act rules for the 
Department of Defense do not have federalism implications. The rules do 
not have substantial direct effects on the States, on the relationship 
between the National Government and the States, or on the distribution 
of power and responsibilities among the various levels of government.

List of Subjects in 32 CFR Part 806b

    Privacy.


0
For the reasons set forth in the preamble, the Department of the Air 
Force is revising 32 CFR part 806b to read as follows:

PART 806b--PRIVACY ACT PROGRAM

Subpart A--Overview of the Privacy Act Program
Sec.
806b.1 Summary of revisions.
806b.2 Basic guidelines.
806b.3 Violation penalties.
806b.4 Privacy Act complaints.
806b.5 Personal notes.
806b.6 Systems of records operated by a contractor.
806b.7 Responsibilities.
Subpart B--Obtaining Law Enforcement Records and Confidentiality 
Promises
806b.8 Obtaining law enforcement records.
806b.9 Confidentiality promises.
Subpart C--Collecting Personal Information
806b.10 How to collect personal information.
806b.11 When To Give Privacy Act Statements (PAS).
806b.12 Requesting the Social Security Number.
Subpart D--Giving Access to Privacy Act Records
806b.13 Making a request for access.
806b.14 Processing a request for access.
806b.15 Fees.
806b.16 Denying or limiting access.
806b.17 Special provision for certain medical records.
806b.18 Third party information in a Privacy Act System of records.
806b.19 Information compiled in anticipation of civil action.
806b.20 Denial authorities.
Subpart E--Amending the Record
806b.21 Amendment reasons.
806b.22 Responding to amendment requests.
806b.23 Approving or denying a record amendment.
806b.24 Seeking review of unfavorable Agency determinations.
806b.25 Contents of Privacy Act case files.
Subpart F--Appeals
806b.26 Appeal procedures.
Subpart G--Privacy Act Notifications
806b.27 When to include a Privacy Act warning statement in 
publications.
806b.28 Warning banners.
806b.29 Sending personal information over electronic mail.
Subpart H--Privacy Impact Assessments
806b.30 Evaluating information systems for Privacy Act compliance.
Subpart I--Preparing and Publishing System Notices for the Federal 
Register
806b.31 Publishing System notices.
806b.32 Submitting notices for publication in the Federal Register.
806b.33 Reviewing notices.

[[Page 955]]

Subpart J--Protecting and Disposing of Records
806b.34 Protecting records.
806b.35 Balancing protection.
806b.36 Disposing of records.
Subpart K--Privacy Act Exemptions
806b.37 Exemption types.
806b.38 Authorizing exemptions.
806b.39 Requesting an exemption.
806b.40 Exemptions.
Subpart L--Disclosing Records to Third Parties
806b.41 Disclosure considerations.
806b.42 Social rosters.
806b.43 Placing personal information on shared drives.
806b.44 Personal information that requires protection.
806b.45 Releasable information.
806b.46 Disclosing other information.
806b.47 Rules for releasing Privacy Act information without the 
consent of the subject.
806b.48 Disclosing the medical records of minors.
806b.49 Disclosure accountings.
806b.50 Computer matching.
806b.51 Privacy and the Web.
Subpart M--Training
806b.52 Who needs training?
806b.53 Training tools.
806b.54 Information collections, records, and forms or Information 
Management Tools (IMT).
Appendix A to Part 806b--Definitions
Appendix B to Part 806b--Preparing a System Notice
Appendix C to Part 806b--DoD ``Blanket Routine Uses''
Appendix D to Part 806b--General and Specific Exemptions
Appendix E to Part 806b--Privacy Impact Assessment

    Authority: Pub. L. 93-579, 88 Stat. 1896 (5 U.S.C. 552a).

Subpart A--Overview of the Privacy Act Program


Sec.  806b.1  Summary of revisions.

    This part moves responsibility for the Air Force Privacy Program 
from Air Force Communications and Information Center to the Air Force 
Chief Information Officer; prescribes Air Force Visual Aid 33-276, 
Privacy Act Label as optional; adds the E-Gov Act of 2002 requirement 
for a Privacy Impact Assessment for all information systems that are 
new or have major changes; changes appeal processing from Air Force 
Communications and Information Center to Air Force Legal Services 
Agency; adds Privacy Act warning language to use on information systems 
subject to the Privacy Act, includes guidance on sending personal 
information via e-mail; adds procedures on complaints; and provides 
guidance on recall rosters; social rosters; consent statements, systems 
of records operated by a contractor, and placing information on shared 
drives.


Sec.  806b.2  Basic guidelines.

    This part implements the Privacy Act of 1974 \1\ and applies to 
records on living U.S. citizens and permanent resident aliens that are 
retrieved by name or personal identifier. This part also provides 
guidance on collecting and disseminating personal information in 
general.
---------------------------------------------------------------------------

    \1\ http://www.usdoj.gov/04foia/privstat.htm.
---------------------------------------------------------------------------

    (a) Records that are retrieved by name or personal identifier are 
subject to Privacy Act requirements and are referred to as Privacy Act 
systems of records. The Air Force must publish notices in the Federal 
Register, describing the collection of information for new, changed or 
deleted systems to inform the public and give them an opportunity to 
comment before implementing or changing the system. (see Appendix B to 
this part).
    (b) An official system of records is:
    (1) Authorized by law or Executive Order.
    (2) Needed to carry out an Air Force mission or function.
    (3) Published in the Federal Register.
    (c) The Air Force will not:
    (1) Keep records on how a person exercises First Amendment rights. 
Exceptions are when: The Air Force has the permission of that 
individual or is authorized by Federal statute; or the information 
pertains to, and is within the scope of, an authorized law enforcement 
activity. First Amendment rights include, but are not limited to, 
freedom of religion, freedom of political beliefs, freedom of speech, 
freedom of the press, the right to assemble, and the right to petition.
    (2) Penalize or harass an individual for exercising rights 
guaranteed under the Privacy Act. We must reasonably help individuals 
exercise their rights under the Privacy Act.
    (d) Air Force members will:
    (1) Keep paper and electronic records that are retrieved by name or 
personal identifier only in approved Privacy Act systems published in 
the Federal Register.
    (2) Collect, maintain, and use information in such systems, for 
purposes described in the published notice, to support programs 
authorized by law or Executive Order.
    (3) Safeguard the records in the system and keep them the minimum 
time required.
    (4) Ensure records are timely, accurate, complete, and relevant.
    (5) Amend and correct records on request.
    (6) Allow individuals to review and receive copies of their own 
records unless the Secretary of the Air Force approved an exemption for 
the system; or the Air Force created the records in anticipation of a 
civil action or proceeding (5 U.S.C. 552a(d)(5)).
    (7) Provide a review of decisions that deny individuals access to 
or amendment of their records through appellate procedures.


Sec.  806b.3  Violation penalties.

    An individual may file a civil law suit against the Air Force for 
failing to comply with the Privacy Act. The courts may find an 
individual offender guilty of a misdemeanor and fine that individual 
offender not more than $5,000 for:
    (a) Willfully maintaining a system of records that doesn't meet the 
public notice requirements.
    (b) Disclosing information from a system of records to someone not 
entitled to the information.
    (c) Obtaining someone else's records under false pretenses.


Sec.  806b.4  Privacy Act complaints.

    (a) Process Privacy Act complaints or allegations of Privacy Act 
violations through the appropriate base or Major Command Privacy Act 
office, to the local systems manager. The base or Major Command Privacy 
Act officer directs the process and provides guidance to the system 
manager. The local systems manager will investigate complaints, or 
allegations of Privacy Act violations; will establish and review the 
facts when possible; interview individuals as needed; determine 
validity of the complaint; take appropriate corrective action; and 
ensure a response is sent to the complainant through the Privacy Act 
Officer. In cases where no system manager can be identified, the local 
Privacy Act officer will assume these duties. Issues that cannot be 
resolved at the local level will be elevated to the Major Command 
Privacy Office. When appropriate, local system managers will also: 
refer cases for more formal investigation, refer cases for command 
disciplinary action, and consult the servicing Staff Judge Advocate. In 
combatant commands, process component unique system complaints through 
the respective component chain of command.
    (b) For Privacy Act complaints filed in a U.S. District Court 
against the Air Force, an Air Force activity, or any Air Force 
employee, Air Force Legal Services Agency, General Litigation Division 
(JACL) will provide Air Force Chief Information Officer/P a litigation

[[Page 956]]

summary to include: The case number, requester name, the nature of the 
case (denial of access, refusal to amend, incorrect records, or specify 
the particular violation of the Privacy Act), date complaint filed, 
court, defendants, and any appropriate remarks, as well as updates 
during the litigation process. When the court renders a formal opinion 
or judgment, Air Force Legal Services Agency, General Litigation 
Division (JACL) sends Air Force Chief Information Officer/P a copy of 
the judgment and opinion.


Sec.  806b.5  Personal notes.

    The Privacy Act does not apply to personal notes on individuals 
used as memory aids. Personal notes may become Privacy Act records if 
they are retrieved by name or other personal identifier and at least 
one of the following three conditions apply: Keeping or destroying the 
records is not at the sole discretion of the author; the notes are 
required by oral or written directive, regulation, or command policy; 
or they are shown to other agency personnel.


Sec.  806b.6  Systems of records operated by a contractor.

    Contractors who are required to operate or maintain a Privacy Act 
system of records by contract must follow this part for collecting, 
safeguarding, maintaining, using, accessing, amending and disseminating 
personal information. The record system affected is considered to be 
maintained by the Air Force and is subject to this part. Systems 
managers for offices who have contractors operating or maintaining such 
record systems must ensure the contract contains the proper Privacy Act 
clauses, and identify the record system number, as required by the 
Defense Acquisition Regulation and this part.
    (a) Contracts for systems of records operated or maintained by a 
contractor will be reviewed annually by the appropriate Major Command 
Privacy Officer to ensure compliance with this part.
    (b) Disclosure of personal records to a contractor for use in the 
performance of an Air Force contract is considered a disclosure within 
the agency under exception (b)(1) of the Privacy Act (see Sec.  
806b.47(a)).


Sec.  806b.7  Responsibilities.

    (a) The Air Force Chief Information Officer is the senior Air Force 
Privacy Official with overall responsibility for the Air Force Privacy 
Act Program.
    (b) The Office of the General Counsel to the Secretary of the Air 
Force, Fiscal and Administrative Law Division (GCA) makes final 
decisions on appeals.
    (c) The General Litigation Division, Air Force Legal Services 
Agency (JACL), receives Privacy Act appeals and provides 
recommendations to the appellate authority. Service unique appeals, 
from combatant commands, should go through the respective chain of 
command.
    (d) The Plans and Policy Directorate, Office of the Chief 
Information Officer manages the program through the Air Force Privacy 
Act Officer who:
    (1) Administers procedures outlined in this part.
    (2) Reviews publications and forms for compliance with this part.
    (3) Reviews and approves proposed new, altered, and amended systems 
of records; and submits system notices and required reports to the 
Defense Privacy Office.
    (4) Serves as the Air Force member on the Defense Privacy Board and 
the Defense Data Integrity Board.
    (5) Provides guidance and assistance to Major Commands, field 
operating agencies, direct reporting units and combatant commands for 
which AF is executive agent in their implementation and execution of 
the Air Force Privacy Program. Ensures availability of training and 
training tools for a variety of audiences.
    (6) Provides advice and support to those commands to ensure that 
information requirements developed to collect or maintain personal data 
conform to Privacy Act standards; and that appropriate procedures and 
safeguards are developed, implemented, and maintained to protect the 
information.
    (e) Major Command commanders, and Deputy Chiefs of Staff and 
comparable officials at Secretary of the Air Force and Headquarters 
United States Air Force offices implement this part.
    (f) 11th Communications Squadron will provide Privacy Act training 
and submit Privacy Act reports for Headquarters United States Air Force 
and Secretary of the Air Force offices.
    (g) Major Command Commanders: Appoint a command Privacy Act 
officer, and send the name, office symbol, phone number, and e-mail 
address to Air Force Chief Information Officer/P.
    (h) Major Command and Headquarters Air Force Functional Chief 
Information Officers:
    (1) Review and provide final approval on Privacy Impact Assessments 
(see Appendix E of this part).
    (2) Send a copy of approved Privacy Impact Assessments to Air Force 
Chief Information Officer/P.
    (i) Major Command Privacy Act Officers:
    (1) Train base Privacy Act officers. May authorize appointment of 
unit Privacy Act monitors to assist with implementation of the program.
    (2) Promote Privacy Act awareness throughout the organization.
    (3) Review publications and forms for compliance with this part (do 
forms require a Privacy Act Statement; is Privacy Act Statement 
correct?).
    (4) Submit reports as required.
    (5) Review system notices to validate currency.
    (6) Evaluate the health of the program at regular intervals using 
this part as guidance.
    (7) Review and provide recommendations on completed Privacy Impact 
Assessments for information systems.
    (8) Resolve complaints or allegations of Privacy Act violations.
    (9) Review and process denial recommendations.
    (10) Provide guidance as needed to functionals on implementing the 
Privacy Act.
    (j) Base Privacy Act Officers:
    (1) Provide guidance and training to base personnel.
    (2) Submit reports as required.
    (3) Review publications and forms for compliance with this part.
    (4) Review system notices to validate currency.
    (5) Direct investigations of complaints/violations.
    (6) Evaluate the health of the program at regular intervals using 
this part as guidance.
    (k) System Managers:
    (1) Manage and safeguard the system.
    (2) Train users on Privacy Act requirements.
    (3) Protect records from unauthorized disclosure, alteration, or 
destruction.
    (4) Prepare system notices and reports.
    (5) Answer Privacy Act requests.
    (6) Records of disclosures.
    (7) Validate system notices annually.
    (8) Investigate Privacy Act complaints.
    (l) System owners and developers:
    (1) Decide the need for, and content of systems.
    (2) Evaluate Privacy Act requirements of information systems in 
early stages of development.
    (3) Complete a Privacy Impact Assessment and submit to the Privacy 
Act Officer.

[[Page 957]]

Subpart B--Obtaining Law Enforcement Records and Confidentiality 
Promises


Sec.  806b.8  Obtaining law enforcement records.

    The Commander, Air Force Office of Special Investigation; the 
Commander, Air Force Security Forces Center; Major Command, Field 
Operating Agency, and base chiefs of security forces; Air Force Office 
of Special Investigations detachment commanders; and designees of those 
offices may ask another agency for records for law enforcement under 5 
U.S.C. 552a(b)(7). The requesting office must indicate in writing the 
specific part of the record desired and identify the law enforcement 
activity asking for the record.


Sec.  806b.9  Confidentiality promises.

    Promises of confidentiality must be prominently annotated in the 
record to protect from disclosure any ``confidential'' information 
under 5 United States Code 552a(k)(2), (k)(5), or (k)(7) of the Privacy 
Act.

Subpart C--Collecting Personal Information


Sec.  806b.10  How to collect personal information.

    Collect personal information directly from the subject of the 
record whenever possible. Only ask third parties when:
    (a) You must verify information.
    (b) You want opinions or evaluations.
    (c) You can't contact the subject.
    (d) You are doing so at the request of the subject individual.


Sec.  806b.11  When to give Privacy Act Statements (PAS).

    (a) Give a PAS orally or in writing to the subject of the record 
when you are collecting information from them that will go in a system 
of records. Note: Do this regardless of how you collect or record the 
answers. You may display a sign in areas where people routinely furnish 
this kind of information. Give a copy of the Privacy Act Statement if 
asked. Do not ask the person to sign the Privacy Act Statement.
    (b) A Privacy Act Statement must include four items:
    (1) Authority: The legal authority, that is, the U.S.C. or 
Executive Order authorizing the program the system supports.
    (2) Purpose: The reason you are collecting the information and what 
you intend to do with it.
    (3) Routine Uses: A list of where and why the information will be 
disclosed outside DoD.
    (4) Disclosure: Voluntary or Mandatory. (Use Mandatory only when 
disclosure is required by law and the individual will be penalized for 
not providing information.) Include any consequences of nondisclosure 
in non-threatening language.


Sec.  806b.12  Requesting the Social Security Number.

    When asking an individual for his or her Social Security Number, 
always give a Privacy Act Statement that tells the person: The legal 
authority for requesting it; the uses that will be made of the Social 
Security Number; and whether providing the Social Security Number is 
voluntary or mandatory. Do not deny anyone a legal right, benefit, or 
privilege for refusing to give their Social Security Number unless the 
law requires disclosure, or a law or regulation adopted before January 
1, 1975 required the Social Security Number and the Air Force uses it 
to verify a person's identity in a system of records established before 
that date.
    (a) The Air Force requests an individual's Social Security Number 
and provides the individual information required by law when anyone 
enters military service or becomes an Air Force civilian employee. The 
Air Force uses the Social Security Number as a service or employment 
number to reference the individual's official records. When you ask 
someone for a Social Security Number as identification to retrieve an 
existing record, you do not have to restate this information.
    (b) Executive Order 9397, Numbering System for Federal Accounts 
Relating to Individual Persons \2\, authorizes using the Social 
Security Number as a personal identifier. This order is not adequate 
authority to collect a Social Security Number to create a record. When 
law does not require disclosing the Social Security Number or when the 
system of records was created after January 1, 1975, you may ask for 
the Social Security Number, but the individual does not have to 
disclose it. If the individual refuses to respond, use alternative 
means of identifying records. (c) Social Security Numbers are personal 
and unique to each individual. Protect them as for official use only 
(FOUO).
---------------------------------------------------------------------------

    \2\ http://resource.lawlinks.com/content/legal_research/Executive_Orders/1940-1960/executive_order_9397.htm.
---------------------------------------------------------------------------

    Within DoD, do not disclose them to anyone without an official need 
to know. Outside DoD, they are not releasable without the person's 
consent, or unless authorized under one of the 12 exceptions to the 
Privacy Act (see Sec.  806b.47).

Subpart D--Giving Access to Privacy Act Records


Sec.  806b.13  Making a Request for Access.

    Persons or their designated representatives may ask for a copy of 
their records in a system of records. Requesters need not state why 
they want access to their records. Verify the identity of the requester 
to avoid unauthorized disclosures. How you verify identity will depend 
on the sensitivity of the requested records. Persons may use a notary 
or an unsworn declaration in the following format: ``I declare under 
penalty of perjury (if outside the United States, add ``under the laws 
of the United States of America'') that the foregoing is true and 
correct. Executed on (date). (Signature).''


Sec.  806b.14  Processing a Request for Access.

    Consider a request from an individual for his or her own records in 
a system of records under both the Freedom of Information Act and the 
Privacy Act regardless of the Act cited. The requester does not need to 
cite either Act if the records they want are contained in a system of 
records. Process the request under whichever Act gives the most 
information. When necessary, tell the requester which Act you used and 
why.
    (a) Requesters should describe the records they want. They do not 
have to name a system of records number, but they should at least name 
a type of record or functional area. For requests that ask for ``all 
records about me,'' ask for more information and tell the person how to 
review the Air Force systems of records published in the Federal 
Register or at http://www.defenselink.mil/privacy/notices/usaf.
    (b) Requesters should not use government equipment, supplies, 
stationery, postage, telephones, or official mail channels for making 
Privacy Act requests. System managers will process such requests and 
tell requesters that using government resources to make Privacy Act 
requests is not authorized.
    (c) Tell the requester if a record exists and how to review the 
record. If possible, respond to requests within 10 workdays of receipt. 
If you cannot answer the request in 10 workdays, send a letter 
explaining why and give an approximate completion date no more than 20 
workdays after the first office received the request.
    (d) Show or give a copy of the record to the requester within 30 
workdays of receiving the request unless the system

[[Page 958]]

is exempt and the Air Force lists the exemption in Appendix D to this 
part; or it is published in this section; or published as a final rule 
in the Federal Register. Give information in a form the requester can 
understand. If the system is exempt under the Privacy Act, provide any 
parts releasable under the Freedom of Information Act, with appeal 
rights (See subpart F of this part), citing appropriate exemptions from 
the Privacy Act and the Freedom of Information Act, if applicable.
    (e) If the requester wants another person present during the record 
review, the system manager may ask for written consent to authorize 
discussing the record with another person present.


Sec.  806b.15  Fees.

    Give the first 100 pages free, and charge only reproduction costs 
for the remainder. Copies cost $.15 per page; microfiche costs $.25 per 
fiche. Charge fees for all pages for subsequent requests for the same 
records. Do not charge fees:
    (a) When the requester can get the record without charge under 
another publication (for example, medical records).
    (b) For search.
    (c) For reproducing a document for the convenience of the Air 
Force.
    (d) For reproducing a record so the requester can review it.
    Fee waivers. Waive fees automatically if the direct cost of 
reproduction is less than $15, unless the individual is seeking an 
obvious extension or duplication of a previous request for which he or 
she was granted a waiver. Decisions to waive or reduce fees that exceed 
$15 are made on a case-by-case basis.


Sec.  806b.16  Denying or limiting access.

    System managers process access denials within 5 workdays after you 
receive a request for access. When you may not release a record, send a 
copy of the request, the record, and why you recommend denying access 
(include the applicable exemption) to the denial authority through the 
legal office and the Privacy Act office. Judge Advocate offices will 
include a written legal opinion. The Privacy Act officer reviews the 
file, and makes a recommendation to the denial authority. The denial 
authority sends the requester a letter with the decision. If the denial 
authority grants access, release the record. If the denial authority 
refuses access, tell the requester why and explain pertinent appeal 
rights (see subpart F of this part). Before you deny a request for 
access to a record, make sure that:
    (a) The system has an exemption rule published in the Federal 
Register as a final rule.
    (b) The exemption covers each document. (All parts of a system are 
not automatically exempt.)
    (c) Nonexempt parts are segregated.


Sec.  806b.17  Special provision for certain medical records.

    If a physician believes that disclosing requested medical records 
could harm the person's mental or physical health, you should:
    (a) Ask the requester to get a letter from a physician to whom you 
can send the records. Include a letter explaining to the physician that 
giving the records directly to the individual could be harmful.
    (b) Offer the services of a military physician other than one who 
provided treatment if naming the physician poses a hardship on the 
individual.
    (c) The Privacy Act requires that we ultimately insure that the 
subject receives the records.


Sec.  806b.18  Third party information in a Privacy Act System of 
Record.

    Ordinarily a person is entitled to their entire record under the 
Privacy Act. However, the law is not uniform regarding whether a 
subject is entitled to information that is not ``about'' him or her 
(for example, the home address of a third party contained in the 
subject's records). Consult your servicing Staff Judge Advocate before 
disclosing third party information. Generally, if the requester will be 
denied a right, privilege or benefit, the requester must be given 
access to relevant portions of the file.


Sec.  806b.19  Information compiled in anticipation of civil action.

    Withhold records compiled in connection with a civil action or 
other proceeding including any action where the Air Force expects 
judicial or administrative adjudicatory proceedings. This exemption 
does not cover criminal actions. Do not release attorney work products 
prepared before, during, or after the action or proceeding.


Sec.  806b.20  Denial authorities.

    These officials or a designee may deny access or amendment of 
records as authorized by the Privacy Act. Send a letter to Air Force 
Chief Information Officer/P with the position titles of designees. 
Authorities are:
    (a) Deputy Chief of Staffs and chiefs of comparable offices or 
higher level at Secretary of the Air Force or Headquarters United 
States Air Force or designees.
    (b) Major Command, Field Operating Agency, or direct reporting unit 
commanders or designees.
    (c) Director, Personnel Force Management, 1040 Air Force Pentagon, 
Washington, DC 20330-1040 (for civilian personnel records).
    (d) Commander, Air Force Office of Special Investigations, 
Washington, DC 20332-6001 (for Air Force Office of Special 
Investigations records).
    (e) Unified Commanders or designees.

Subpart E--Amending the Record


Sec.  806b.21  Amendment reasons.

    Individuals may ask to have their records amended to make them 
accurate, timely, relevant, or complete. System managers will routinely 
correct a record if the requester can show that it is factually wrong 
(e.g., date of birth is wrong).


Sec.  806b.22  Responding to amendment requests.

    (a) Anyone may request minor corrections orally. Requests for more 
serious modifications should be in writing.
    (b) After verifying the identity of the requester, make the change, 
notify all known recipients of the record, and inform the individual.
    (c) Acknowledge requests within 10 workdays of receipt. Give an 
expected completion date unless you complete the change within that 
time. Final decisions must take no longer than 30 workdays.


Sec.  806b.23  Approving or denying a record amendment.

    The Air Force does not usually amend a record when the change is 
based on opinion, interpretation, or subjective official judgment. 
Determinations not to amend such records constitutes a denial, and 
requesters may appeal (see Subpart F of this part).
    (a) If the system manager decides not to amend the record, send a 
copy of the request, the record, and the recommended denial reasons to 
the denial authority through the legal office and the Privacy Act 
office. Legal offices will include a written legal opinion. The Privacy 
Act officer reviews the proposed denial and legal opinion and makes a 
recommendation to the denial authority.
    (b) The denial authority sends the requester a letter with the 
decision. If the denial authority approves the request, amend the 
record and notify all previous recipients that it has been changed. If 
the authority denies the request, give the requester the statutory 
authority, reason, and pertinent appeal rights (see subpart F of this 
part).

[[Page 959]]

Sec.  806b.24  Seeking review of unfavorable Agency determinations.

    Requesters should pursue record corrections of subjective matters 
and opinions through proper channels to the Civilian Personnel Office 
using grievance procedures or the Air Force Board for Correction of 
Military Records. Record correction requests denied by the Air Force 
Board for Correction of Military Records are not subject to further 
consideration under this part. Military personnel, other than U.S. Air 
Force personnel, should pursue service-unique record corrections 
through their component chain of command.


Sec.  806b.25  Contents of Privacy Act case files.

    Do not keep copies of disputed records in this file. File disputed 
records in their appropriate series. Use the file solely for statistics 
and to process requests. Do not use the case files to make any kind of 
determination about an individual. Document reasons for untimely 
responses. These files include:
    (a) Requests from and replies to individuals on whether a system 
has records about them.
    (b) Requests for access or amendment.
    (c) Approvals, denials, appeals, and final review actions.
    (d) Coordination actions and related papers.

Subpart F--Appeals


Sec.  806b.26  Appeal procedures.

    Individuals who receive a denial to their access or amendment 
request may request a denial review by writing to the Secretary of the 
Air Force, through the denial authority, within 60 calendar days after 
receiving a denial letter. The denial authority promptly sends a 
complete appeal package to Air Force Legal Services Agency, General 
Litigation Division (JACL). The package must include:
    (1) The original appeal letter;
    (2) The initial request;
    (3) The initial denial;
    (4) A copy of the record;
    (5) Any internal records or coordination actions relating to the 
denial;
    (6) The denial authority's comments on the appellant's arguments; 
and
    (7) The legal reviews.
    (a) If the denial authority reverses an earlier denial and grants 
access or amendment, notify the requester immediately.
    (b) Air Force Legal Services Agency, General Litigation Division 
(JACL) reviews the denial and provides a final recommendation to 
Secretary of the Air Force, Fiscal and Administrative Law Division 
(GCA). Secretary of the Air Force, Fiscal and Administrative Law 
Division (GCA) tells the requester the final Air Force decision and 
explains judicial review rights.
    (c) The requester may file a concise statement of disagreement with 
the system manager if Secretary of the Air Force, Fiscal and 
Administrative Law Division (GCA) denies the request to amend the 
record. Secretary of the Air Force, Fiscal and Administrative Law 
Division (GCA) explains the requester's rights when they issue the 
final appeal decision.
    (d) The records should clearly show that a statement of 
disagreement is filed with the record or separately.
    (e) The disputed part of the record must show that the requester 
filed a statement of disagreement.
    (f) Give copies of the statement of disagreement to the record's 
previous recipients. Inform subsequent record users about the dispute 
and give them a copy of the statement with the record.
    (g) The system manager may include a brief summary of the reasons 
for not amending the record. Limit the summary to the reasons Secretary 
of the Air Force, Fiscal and Administrative Law Division (GCA) gave to 
the individual. The summary is part of the individual's record, but it 
is not subject to amendment procedures.

Subpart G--Privacy Act Notifications


Sec.  806b.27  When to include a Privacy Act warning statement in 
publications.

    Include a Privacy Act Warning Statement in each Air Force 
publication that requires collecting or keeping information in a system 
of records. Also include the Warning Statement when publications direct 
collection of the Social Security Number, or any part of the Social 
Security Number, from the individual. The warning statement will cite 
legal authority and when part of a record system, the Privacy Act 
system of records number and title. You can use the following warning 
statement: ``This instruction requires collecting and maintaining 
information protected by the Privacy Act of 1974 authorized by (U.S.C. 
citation and or Executive Order number). System of records notice 
(number and title) applies.''


Sec.  806b.28.  Warning banners.

    Information systems that contain information on individuals that is 
retrieved by name or personal identifier are subject to the Privacy 
Act. The Privacy Act requires these systems to have a Privacy Act 
system notice published in the Federal Register that covers the 
information collection before collection begins. In addition, all 
information systems subject to the Privacy Act will have warning 
banners displayed on the first screen (at a minimum) to assist in 
safeguarding the information. Use the following language for the 
banner: ``PRIVACY ACT INFORMATION--The information accessed through 
this system is FOR OFFICIAL USE ONLY and must be protected in 
accordance with the Privacy Act and Air Force Instruction 33-332.''


Sec.  806b.29  Sending personal information over electronic mail.

    (a) Exercise caution before transmitting personal information over 
e-mail to ensure it is adequately safeguarded. Some information may be 
so sensitive and personal that e-mail may not be the proper way to 
transmit it. When sending personal information over e-mail within DoD, 
ensure: There is an official need; all addressee(s) (including ``cc'' 
addressees) are authorized to receive it under the Privacy Act; and it 
is protected from unauthorized disclosure, loss, or alteration. 
Protection methods may include encryption or password protecting the 
information in a separate Word document. When transmitting personal 
information over e-mail, add ``FOUO'' to the beginning of the subject 
line, followed by the subject, and apply the following statement at the 
beginning of the e-mail:

    ``This e-mail contains For Official Use Only (FOUO) information 
which must be protected under the Privacy Act and Air Force 
Instruction 33-332.''

    (b) Do not indiscriminately apply this statement to e-mails. Use it 
only in situations when you are actually transmitting personal 
information. DoD Regulation 5400.7/Air Force Supp, Chapter 4\3\, 
provides additional guidance regarding For Official Use Only 
information.
---------------------------------------------------------------------------

    \3\ http://www.dtic.mil/whs/directives/corres/pdf/54007r_0998/p54007r.pdf.
---------------------------------------------------------------------------

    (c) Do not disclose personal information to anyone outside DoD 
unless specifically authorized by the Privacy Act (see Sec.  806b.47).
    (d) Do not send Privacy Act information to distribution lists or 
group e-mail addresses unless each member has an official need to know 
the personal information. When in doubt, send only to individual 
accounts.
    (e) Before forwarding e-mails you have received that contain 
personal information, verify that your intended recipients are 
authorized to receive the

[[Page 960]]

information under the Privacy Act (see Sec.  806b.47).

Subpart H--Privacy Impact Assessments


Sec.  806b.30  Evaluating information systems for Privacy Act 
compliance.

    Information system owners and developers must address Privacy Act 
requirements in the development stage of the system and integrate 
privacy protections into the development life cycle of the information 
system. This is accomplished with a Privacy Impact Assessment.
    (a) The Privacy Impact Assessment addresses what information is to 
be collected; why the information is being collected; the intended use 
of the information; with whom the information will be shared; what 
notice or opportunities for the individual to decline or consent to 
providing the information collected, and how that information is 
shared; secured; and whether a system of records is being created, or 
an existing system is being amended. The E-Government Act of 2002 \4\ 
requires Privacy Impact Assessments to be conducted before:
---------------------------------------------------------------------------

    \4\ http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107 --cong--public--laws&docid=f:publ347.107.pdf.
---------------------------------------------------------------------------

    (1) Developing or procuring information technology systems or 
projects that collect, maintain, or disseminate information in 
identifiable form from or about members of the public.
    (2) Initiating a new electronic collection of information in 
identifiable form for 10 or more persons excluding agencies, 
instrumentalities, or employees of the Federal Government.
    (b) In general, Privacy Impact Assessments are required to be 
performed and updated as necessary where a system change creates new 
privacy risks.
    (c) No Privacy Impact Assessment is required where information 
relates to internal government operations, has been previously assessed 
under an evaluation similar to a Privacy Impact Assessment, or where 
privacy issues are unchanged.
    (d) The depth and content of the Privacy Impact Assessment should 
be appropriate for the nature of the information to be collected and 
the size and complexity of the information technology system.
    (e) The system owner will conduct a Privacy Impact Assessment as 
outlined in appendix E to this part and send it to their Major Command 
Privacy Act office for review and final approval by the Major Command 
or Headquarters Air Force Functional Chief Information Officer. The 
Major Command or Headquarters Air Force Functional Chief Information 
Officer will send a copy of approved Privacy Impact Assessments to Air 
Force Chief Information Officer/P, 1155 Air Force Pentagon, Washington 
DC 20330-1155; or e-mail [email protected].
    (f) Whenever practicable, approved Privacy Impact Assessments will 
be posted to the Freedom of Information Act/Privacy Act Web site for 
public access at http://www.foia.af.mil (this requirement will be 
waived for security reasons, or to protect classified, sensitive, or 
private information contained in an assessment).

Subpart I--Preparing and Publishing System Notices for the Federal 
Register


Sec.  806b.31  Publishing system notices.

    The Air Force must publish notices in the Federal Register of new, 
changed, and deleted systems to inform the public of what records the 
Air Force keeps and give them an opportunity to comment before the 
system is implemented or changed. The Privacy Act also requires 
submission of new or significantly changed systems to the Office of 
Management and Budget and both houses of Congress before publication in 
the Federal Register. This includes:
    (a) Starting a new system.
    (b) Instituting significant changes to an existing system.
    (c) Sending out data collection forms or instructions.
    (d) Issuing a request for proposal or invitation for bid to support 
a new system.


Sec.  806b.32  Submitting notices for publication in the Federal 
Register.

    At least 120 days before implementing a new system, or a major 
change to an existing system, subject to this part, system managers 
must send a proposed notice, through the Major Command Privacy Office, 
to Air Force Chief Information Officer/P. Send notices electronically 
to [email protected] using Microsoft Word, using the Track 
Changes tool in Word to indicate additions/changes to existing notices. 
Follow the format outlined in Appendix B to this part. For new systems, 
system managers must include a statement that a risk assessment was 
accomplished and is available should the Office of Management and 
Budget request it.


Sec.  806b.33  Reviewing notices.

    System managers will review and validate their Privacy Act system 
notices annually and submit changes to Air Force Chief Information 
Officer/P through the Major Command Privacy Office.

Subpart J--Protecting and Disposing of Records


Sec.  806b.34  Protecting records.

    Maintaining information privacy is the responsibility of every 
federal employee, military member, and contractor who comes into 
contact with information in identifiable form. Protect information 
according to its sensitivity level. Consider the personal sensitivity 
of the information and the risk of disclosure, loss or alteration. Most 
information in systems of records is FOUO. Refer to DoD 5400.7-R/Air 
Force Supp, DoD Freedom of Information Act Program, for protection 
methods.


Sec.  806b.35  Balancing protection.

    Balance additional protection against sensitivity, risk and cost. 
In some situations, a password may be enough protection for an 
automated system with a log-on protocol. Others may require more 
sophisticated security protection based on the sensitivity of the 
information. Classified computer systems or those with established 
audit and password systems are obviously less vulnerable than 
unprotected files. Follow Air Force Instruction 33-202, Computer 
Security,\5\ for procedures on safeguarding personal information in 
automated records.
---------------------------------------------------------------------------

    \5\ http://www.e-publishing.af.mil/pubfiles/af/33/afi33-202/afi33-202.pdf.
---------------------------------------------------------------------------

    (a) AF Form 3227, Privacy Act Cover Sheet,\6\ is optional and 
available for use with Privacy Act material. Use it to cover and 
protect personal information that you are using in office environments 
that are widely unprotected and accessible to many individuals. After 
use, such information should be protected as outlined in DoD 5400.7-R/
Air Force Supp.
---------------------------------------------------------------------------

    \6\ http://www.e-publishing.af.mil/formfiles/af/af3227/af3227.xfd.
---------------------------------------------------------------------------

    (b) Privacy Act Labels. Use of Air Force Visual Aid 33-276, Privacy 
Act Label, is optional to assist in protecting Privacy Act information 
on compact disks, diskettes, and tapes.


Sec.  806b.36  Disposing of records.

    You may use the following methods to dispose of records protected 
by the Privacy Act and authorized for destruction according to records 
retention schedules:
    (a) Destroy by any method that prevents compromise, such as 
tearing, burning, or shredding, so long as the personal data is not 
recognizable and beyond reconstruction.

[[Page 961]]

    (b) Degauss or overwrite magnetic tapes or other magnetic medium.
    (c) Dispose of paper products through the Defense Reutilization and 
Marketing Office or through activities that manage a base-wide 
recycling program. The recycling sales contract must contain a clause 
requiring the contractor to safeguard privacy material until its 
destruction and to pulp, macerate, shred, or otherwise completely 
destroy the records. Originators must safeguard Privacy Act material 
until it is transferred to the recycling contractor. A Federal employee 
or, if authorized, a contractor employee must witness the destruction. 
This transfer does not require a disclosure accounting.

Subpart K--Privacy Act Exemptions


Sec.  806b.37  Exemption types.

    There are two types of exemptions permitted by 5 U.S.C. 552a:
    (a) A General exemption authorizes the exemption of a system of 
records from most parts of the Privacy Act.
    (b) A Specific exemption authorizes the exemption of a system of 
records from only a few parts.


Sec.  806b.38  Authorizing exemptions.

    Denial authorities may withhold records using Privacy Act 
exemptions only when an exemption for the system of records has been 
published in the Federal Register as a final rule. Appendix D lists the 
systems of records that have published exemptions with rationale.


Sec.  806b.39  Requesting an exemption.

    A system manager who believes that a system needs an exemption from 
some or all of the requirements of the Privacy Act will send a request 
to Air Force Chief Information Officer/P through the Major Command or 
Field Operating Agency Privacy Act Officer. The request will detail the 
reasons for the exemption, the section of the Act that allows the 
exemption, and the specific subsections of the Privacy Act from which 
the system is to be exempted, with justification for each subsection.


Sec.  806b.40  Exemptions.

    Exemptions permissible under 5 U.S.C. 552a (subject to Sec.  
806b.38 of this part):
    (a) The (j)(2) exemption. Applies to investigative records created 
and maintained by law-enforcement activities whose principal function 
is criminal law enforcement.
    (b) The (k)(1) exemption. Applies to information specifically 
authorized to be classified under the DoD Information Security Program 
Regulation, 32 CFR part 159.
    (c) The (k)(2) exemption. Applies to investigatory information 
compiled for law-enforcement purposes by nonlaw enforcement activities 
and which is not within the scope of Sec. 806b.40(a) of this part. 
However, the Air Force must allow an individual access to any record 
that is used to deny rights, privileges or benefits to which he or she 
would otherwise be entitled by Federal law or for which he or she would 
otherwise be eligible as a result of the maintenance of the information 
(unless doing so would reveal a confidential source).
    (d) The (k)(3) exemption. Applies to records maintained in 
connection with providing protective services to the President and 
other individuals under 18 U.S.C. 3506.
    (e) The (k)(4) exemption. Applies to records maintained solely for 
statistical research or program evaluation purposes and which are not 
used to make decisions on the rights, benefits, or entitlement of an 
individual except for census records which may be disclosed under 13 
U.S.C. 8.
    (f) The (k)(5) exemption. Applies to investigatory material 
compiled solely for the purpose of determining suitability, 
eligibility, or qualifications for federal civilian employment, 
military service, federal contracts, or access to classified 
information, but only to the extent such material would reveal the 
identity of a confidential source. This provision allows protection of 
confidential sources used in background investigations, employment 
inquiries, and similar inquiries that are for personnel screening to 
determine suitability, eligibility, or qualifications.
    (g) The (k)(6) exemption. Applies to testing or examination 
material used solely to determine individual qualifications for 
appointment or promotion in the Federal or military service, if the 
disclosure would compromise the objectivity or fairness of the test or 
examination process.
    (h) The (k)(7) exemption. Applies to evaluation material used to 
determine potential for promotion in the Military Services, but only to 
the extent that the disclosure of such material would reveal the 
identity of a confidential source.

Subpart L--Disclosing Records to Third Parties


Sec.  806b.41  Disclosure considerations.

    The Privacy Act requires the written consent of the subject before 
releasing personal information to third parties, unless one of the 12 
exceptions of the Privacy Act applies (see Sec.  806b.47). Use this 
checklist before releasing personal information to third parties: Make 
sure it is authorized under the Privacy Act; consider the consequences; 
and check the accuracy of the information. You can release personal 
information to third parties when the subject agrees in writing. Air 
Force members consent to releasing their home telephone number and 
address when they sign and check the ``Do Consent'' block on the AF 
Form 624, Base/Unit Locator and Postal Service Center Directory \7\ 
(see Air Force Instruction 33-329, Base and Unit Personnel Locators 
\8\).
---------------------------------------------------------------------------

    \7\ http://www.e-publishing.af.mil/formfiles/af/af624/af624.xfd.

    \8\ http://www.e-publishing.af.mil/pubfiles/af/33/afi33-329/afi33-329.pdf.

Sec.  806b.42  Social rosters.

    Before including personal information such as spouses names, home 
addresses, home phones, and similar information on social rosters or 
directories that are shared with groups of individuals, ask for signed 
consent statements. Otherwise, do not include the information. Consent 
statements must give the individual a choice to consent or not consent, 
and clearly tell the individual what information is being solicited, 
the purpose, to whom you plan to disclose the information, and that 
consent is voluntary. Maintain the signed statements until no longer 
needed.


Sec.  806b.43  Placing personal information on shared drives.

    Personal information should never be placed on shared drives for 
access by groups of individuals unless each person has an official need 
to know the information to perform their job. Add appropriate access 
controls to ensure access by only authorized individuals. Recall 
rosters are FOUO because they contain personal information and should 
be shared with small groups at the lowest levels for official purposes 
to reduce the number of people with access to such personal 
information. Commanders and supervisors should give consideration to 
those individuals with unlisted phone numbers, who do not want their 
number included on the office recall roster. In those instances, 
disclosure to the Commander or immediate supervisor, or deputy, should 
normally be sufficient.


Sec.  806b.44  Personal information that requires protection.

    Following are some examples of information that is not releasable 
without the written consent of the subject. This list is not all-
inclusive.
    (a) Marital status (single, divorced, widowed, separated).
    (b) Number, name, and sex of dependents.

[[Page 962]]

    (c) Civilian educational degrees and major areas of study (unless 
the request for the information relates to the professional 
qualifications for Federal employment).
    (d) School and year of graduation.
    (e) Home of record.
    (f) Home address and phone.
    (g) Age and date of birth (year).
    (h) Present or future assignments for overseas or for routinely 
deployable or sensitive units.
    (i) Office and unit address and duty phone for overseas or for 
routinely deployable or sensitive units.
    (j) Race/ethnic origin.
    (k) Educational level (unless the request for the information 
relates to the professional qualifications for Federal employment).
    (l) Social Security Number.


Sec.  806b.45.  Releasable information.

    Following are examples of information normally releasable to the 
public without the written consent of the subject. This list is not 
all-inclusive.
    (a) Name.
    (b) Rank.
    (c) Grade.
    (d) Air Force specialty code.
    (e) Pay (including base pay, special pay, all allowances except 
Basic Allowance for Quarters and Variable Housing Allowance).
    (f) Gross salary for civilians.
    (g) Past duty assignments, unless sensitive or classified.
    (h) Present and future approved and announced stateside 
assignments.
    (i) Position title.
    (j) Office, unit address, and duty phone number (Continental United 
States (CONUS) only).
    (k) Date of rank.
    (l) Entered on active duty date.
    (m) Pay date.
    (n) Source of commission.
    (o) Professional military education.
    (p) Promotion sequence number.
    (q) Military awards and decorations.
    (r) Duty status of active, retired, or reserve.
    (s) Active duty official attendance at technical, scientific, or 
professional meetings.
    (t) Biographies and photos of key personnel.
    (u) Date of retirement, separation.


Sec.  806b.46  Disclosing other information.

    Use these guidelines to decide whether to release information:
    (a) Would the subject have a reasonable expectation of privacy in 
the information requested?
    (b) Would disclosing the information benefit the general public? 
The Air Force considers information as meeting the public interest 
standard if it reveals anything regarding the operations or activities 
of the agency, or performance of its statutory duties.
    (c) Balance the public interest against the individual's probable 
loss of privacy. Do not consider the requester's purpose, 
circumstances, or proposed use.


Sec.  806b.47  Rules for releasing Privacy Act information without 
consent of the subject.

    The Privacy Act prohibits disclosing personal information to anyone 
other than the subject of the record without his or her written 
consent. There are twelve exceptions to the ``no disclosure without 
consent'' rule. Those exceptions permit release of personal information 
without the individual's consent only in the following instances:
    (a) Exception 1. DoD employees who have a need to know the 
information in the performance of their official duties.
    (b) Exception 2. In response to a Freedom of Information Act 
request for information contained in a system of records about an 
individual and the Freedom of Information Act requires release of the 
information.
    (c) Exception 3. To agencies outside DoD only for a Routine Use 
published in the Federal Register. The purpose of the disclosure must 
be compatible with the intended purpose of collecting and maintaining 
the record. When initially collecting the information from the subject, 
the Routine Uses block in the Privacy Act Statement must name the 
agencies and reason.


    Note to paragraph (c): In addition to the Routine Uses 
established by the Department of the Air Force within each system of 
records, the DoD has established ``Blanket Routine Uses'' that apply 
to all record systems maintained by the Department of the Air Force. 
These ``Blanket Routine Uses'' have been published only once at the 
beginning of the Department of the Air Force's Federal Register 
compilation of record systems notices in the interest of simplicity, 
economy and to avoid redundancy. Unless a system notice specifically 
excludes a system of records from a ``Blanket Routine Use,'' all 
``Blanket Routine Uses'' apply to that system (see Appendix C to 
this part).


    (d) Exception 4. The Bureau of the Census to plan or carry out a 
census or survey under Title 13, U.S.C. Section 8.
    (e) Exception 5. A recipient for statistical research or reporting. 
The recipient must give advanced written assurance that the information 
is for statistical purposes only. Note: No one may use any part of the 
record to decide on individuals' rights, benefits, or entitlements. You 
must release records in a format that makes it impossible to identify 
the real subjects.
    (f) Exception 6. The National Archives and Records Administration 
to evaluate records for permanent retention. Records stored in Federal 
Records Centers remain under Air Force control.
    (g) Exception 7. A Federal, State, or local agency (other than DoD) 
for civil or criminal law enforcement. The head of the agency or a 
designee must send a written request to the system manager specifying 
the record or part needed and the law enforcement purpose. In addition, 
the `blanket routine use'' for law enforcement allows the system 
manager to disclose a record to a law enforcement agency if the agency 
suspects a criminal violation.
    (h) Exception 8. An individual or agency that needs the information 
for compelling health or safety reasons. The affected individual need 
not be the record subject.
    (i) Exception 9. Either House of Congress, a congressional 
committee, or a subcommittee, for matters within their jurisdictions. 
The request must come from the committee chairman or ranking minority 
member (see Air Force Instruction 90-401, Air Force Relations With 
Congress).\9\
---------------------------------------------------------------------------

    \9\ http://www.e-publishing.af.mil/pubfiles/af/90/afi90-401/afi90-401.pdf.
---------------------------------------------------------------------------

    (1) Requests from a Congressional member acting on behalf of the 
record subject are evaluated under the routine use of the applicable 
system notice. If the material for release is sensitive, get a release 
statement.
    (2) Requests from a Congressional member not on behalf of a 
committee or the record subject are properly analyzed under the Freedom 
of Information Act, and not under the Privacy Act.
    (j) Exception 10. The Comptroller General or an authorized 
representative of the General Accounting Office (GAO) to conduct 
official GAO business.
    (k) Exception 11. A court of competent jurisdiction, with a court 
order signed by a judge.
    (l) Exception 12. A consumer reporting agency in accordance with 31 
U.S.C. 3711(e). Ensure category element is represented within the 
system of records notice.


Sec.  806b.48.  Disclosing the medical records of minors.

    Air Force personnel may disclose the medical records of minors to 
their parents or legal guardians in conjunction with applicable Federal 
laws and guidelines. The laws of each state define the age of majority.
    (a) The Air Force must obey state laws protecting medical records 
of drug or alcohol abuse treatment, abortion, and birth control. If you 
manage medical

[[Page 963]]

records, learn the local laws and coordinate proposed local policies 
with the servicing Staff Judge Advocate.
    (b) Outside the United States (overseas), the age of majority is 
18. Unless parents or guardians have a court order granting access or 
the minor's written consent, they will not have access to minor's 
medical records overseas when the minor sought or consented to 
treatment between the ages of 15 and 17 in a program where regulation 
or statute provides confidentiality of records and he or she asked for 
confidentiality.


Sec.  806b.49.  Disclosure accountings.

    System managers must keep an accurate record of all disclosures 
made from any system of records except disclosures to DoD personnel for 
official use or disclosures under the Freedom of Information Act. 
System managers may use Air Force Form 771\10\, Accounting of 
Disclosures. Retain disclosure accountings for 5 years after the 
disclosure, or for the life of the record, whichever is longer.
---------------------------------------------------------------------------

    \10\ http://www.e-publishing.af.mil/formfiles/af/af771/af771.xfd.
---------------------------------------------------------------------------

    (a) System managers may file the accounting record any way they 
want as long as they give it to the subject on request, send corrected 
or disputed information to previous record recipients, explain any 
disclosures, and provide an audit trail for reviews. Include in each 
accounting:
    (1) Release date.
    (2) Description of information.
    (3) Reason for release.
    (4) Name and address of recipient.
    (5) Some exempt systems let you withhold the accounting record from 
the subject.
    (b) You may withhold information about disclosure accountings for 
law enforcement purposes at the law enforcement agency's request.


Sec.  806b.50.  Computer matching.

    Computer matching programs electronically compare records from two 
or more automated systems that may include DoD, another Federal agency, 
or a state or other local government. A system manager proposing a 
match that could result in an adverse action against a Federal employee 
must meet these requirements of the Privacy Act:
    (1) Prepare a written agreement between participants;
    (2) Secure approval of the Defense Data Integrity Board;
    (3) Publish a matching notice in the Federal Register before 
matching begins;
    (4) Ensure full investigation and due process; and
    (5) Act on the information, as necessary.
    (a) The Privacy Act applies to matching programs that use records 
from: Federal personnel or payroll systems and Federal benefit programs 
where matching:
    (1) Determines Federal benefit eligibility;
    (2) Checks on compliance with benefit program requirements;
    (3) Recovers improper payments or delinquent debts from current or 
former beneficiaries.
    (b) Matches used for statistics, pilot programs, law enforcement, 
tax administration, routine administration, background checks and 
foreign counterintelligence, and internal matching that won't cause any 
adverse action are exempt from Privacy Act matching requirements.
    (c) Any activity that expects to participate in a matching program 
must contact Air Force Chief Information Officer/P immediately. System 
managers must prepare a notice for publication in the Federal Register 
with a Routine Use that allows disclosing the information for use in a 
matching program. Send the proposed system notice to Air Force Chief 
Information Officer/P. Allow 180 days for processing requests for a new 
matching program.
    (d) Record subjects must receive prior notice of a match. The best 
way to do this is to include notice in the Privacy Act Statement on 
forms used in applying for benefits. Coordinate computer matching 
statements on forms with Air Force Chief Information Officer/P through 
the Major Command Privacy Act Officer.


Sec.  806b.51.  Privacy and the Web.

    Do not post personal information on publicly accessible DoD web 
sites unless clearly authorized by law and implementing regulation and 
policy. Additionally, do not post personal information on .mil private 
web sites unless authorized by the local commander, for official 
purposes, and an appropriate risk assessment is performed. See Air 
Force Instruction 33-129 Transmission of Information Via the 
Internet.\11\
---------------------------------------------------------------------------

    \11\ http://www.e-publishing.af.mil/pubfiles/af/33/afi33-129/afi33-129.pdf.
---------------------------------------------------------------------------

    (a) Ensure public Web sites comply with privacy policies regarding 
restrictions on persistent and third party cookies, and add appropriate 
privacy and security notices at major web site entry points and Privacy 
Act statements or Privacy Advisories when collecting personal 
information. Notices must clearly explain where the collection or 
sharing of certain information is voluntary, and notify users how to 
provide consent.
    (b) Include a Privacy Act Statement on the web page if it collects 
information directly from an individual that we maintain and retrieve 
by his or her name or personal identifier (i.e., Social Security 
Number). We may only maintain such information in approved Privacy Act 
systems of records that are published in the Federal Register. Inform 
the visitor when the information is maintained and retrieved by name or 
personal identifier in a system of records; that the Privacy Act gives 
them certain rights with respect to the government's maintenance and 
use of information collected about them, and provide a link to the Air 
Force Privacy Act policy and system notices at http://www.foia.af.mil.
    (c) Anytime a web site solicits personally-identifying information, 
even when not maintained in a Privacy Act system of records, it 
requires a Privacy Advisory. The Privacy Advisory informs the 
individual why the information is solicited and how it will be used. 
Post the Privacy Advisory to the web page where the information is 
being solicited, or through a well-marked hyperlink ``Privacy 
Advisory--Please refer to the Privacy and Security Notice that 
describes why this information is collected and how it will be used.''

Subpart M--Training


Sec.  806b.52.  Who needs training.

    The Privacy Act requires training for all persons involved in the 
design, development, operation and maintenance of any system of 
records. More specialized training is needed for personnel who may be 
expected to deal with the news media or the public, personnel 
specialists, finance officers, information managers, supervisors, and 
individuals working with medical and security records. Commanders will 
ensure that above personnel are trained annually in the principles and 
requirements of the Privacy Act.


Sec.  806b.53.  Training tools.

    Helpful resources include:
    (a) The Air Force Freedom of Information Act Web page which 
includes a Privacy Overview, Privacy Act training slides, the Air Force 
systems of records notices, and links to the Defense Privacy Board 
Advisory Opinions, the DoD and Department of Justice Privacy web pages. 
Go to http://www.foia.af.mil. Click on ``Resources.''
    (b) ``The Privacy Act of 1974,'' a 32-minute film developed by the 
Defense

[[Page 964]]

Privacy Office. Contact the Joint Visual Information Activity at DSN 
795-6543/7283 or commercial (717) 895-6543/7283, and ask for 
504432 ``The Privacy Act of 1974.''
    (c) A Manager's Overview, What You Need to Know About the Privacy 
Act. This overview gives you Privacy Act 101 and is available on-line 
at http://www.foia.af.mil.
    (d) Training slides for use by the Major Command and base Privacy 
Act officers, available from the Freedom of Information Act web page at 
http://www.foia.af.mil, under ``Resources.''


    Note: Formal school training groups that develop or modify 
blocks of instruction must send the material to Air Force Chief 
Information Officer/P for coordination.

Sec.  806b.54  Information collections, records, and forms or 
information management tools (IMT).

    (a) Information Collections. No information collections are 
required by this publication.
    (b) Records. Retain and dispose of Privacy Act records according to 
Air Force Manual 37-139, Records Disposition Schedule.\12\
---------------------------------------------------------------------------

    \12\ http://www.e-publishing.af.mil/pubfiles/af/37/afman37-139/afman37-139.pdf.
---------------------------------------------------------------------------

    (c) Forms or Information Management Tools (Adopted and Prescribed).
    (1) Adopted Forms or Information Management Tools. Air Force Form 
624, Base/Unit Locator and PSC Directory, and AF Form 847, 
Recommendation for Change of Publication.
    (2) Prescribed Forms or Information Management Tools. AF Form 3227, 
Privacy Act Cover Sheet, Air Force Form 771, Accounting of Disclosures, 
and Air Force Visual Aid 33-276.

Appendix A to Part 806b--Definitions

    Access: Allowing individuals to review or receive copies of 
their records.
    Amendment: The process of adding, deleting, or changing 
information in a system of records to make the data accurate, 
relevant, timely, or complete.
    Computer matching: A computerized comparison of two or more 
automated systems of records or a system of records with non-Federal 
records to establish or verify eligibility for payments under 
Federal benefit programs or to recover delinquent debts for these 
programs.
    Confidential source: A person or organization giving information 
under an express or implied promise of confidentiality made before 
September 27, 1975.
    Confidentiality: An expressed and recorded promise to withhold 
the identity of a source or the information provided by a source. 
The Air Force promises confidentiality only when the information 
goes into a system with an approved exemption for protecting the 
identity of confidential sources.
    Cookie: Data created by a Web server that is stored on a user's 
computer either temporarily for that session only or permanently on 
the hard disk (persistent cookie). It provides a way for the Web 
site to identify users and keep track of their preferences. It is 
commonly used to ``maintain the state'' of the session. A third-
party cookie either originates on or is sent to a Web site different 
from the one you are currently viewing.
    Defense Data Integrity Board: Composed of representatives from 
DoD components and the services who oversee, coordinate, and approve 
all DoD computer matching programs covered by the Act.
    Denial Authority: The individuals with authority to deny 
requests for access or amendment of records under the Privacy Act.
    Disclosure: Giving information from a system, by any means, to 
anyone other than the record subject.
    Federal benefit program: A Federally funded or administered 
program for individuals that provides cash or in-kind assistance 
(payments, grants, loans, or loan guarantees).
    Individual: A living U.S. citizen or a permanent resident alien.
    Minor: Anyone under the age of majority according to local state 
law. If there is no applicable state law, a minor is anyone under 
age 18. Military members and married persons are not minors, no 
matter what their chronological age.
    Personal identifier: A name, number, or symbol that is unique to 
an individual, usually the person's name or Social Security Number.
    Personal information: Information about an individual other than 
items of public record.
    Privacy Act request: An oral or written request by an individual 
about his or her records in a system of records.
    Privacy advisory: A statement required when soliciting 
personally-identifying information by an Air Force web site and the 
information is not maintained in a system of records. The Privacy 
Advisory informs the individual why the information is being 
solicited and how it will be used.
    Privacy Impact Assessment: A written assessment of an 
information system that addresses the information to be collected, 
the purpose and intended use; with whom the information will be 
shared; notice or opportunities for consent to individuals; how the 
information will be secured; and whether a new system of records is 
being created under the Privacy Act.
    Record: Any information about an individual.
    Routine use: A disclosure of records to individuals or agencies 
outside DoD for a use that is compatible with the purpose for which 
the Air Force created the records.
    System manager: The official who is responsible for managing a 
system of records, including policies and procedures to operate and 
safeguard it. Local system managers operate record systems or are 
responsible for part of a decentralized system.
    System of records: A group of records retrieved by the 
individual's name, personal identifier; or individual identifier 
through a cross-reference system.
    System notice: The official public notice published in the 
Federal Register of the existence and content of the system of 
records.

Appendix B to Part 806b--Preparing a System Notice

    The following elements comprise a system of records notice for 
publication in the Federal Register:
    System identifier: Air Force Chief Information Officer/P assigns 
the notice number, for example, F033 AF PC A, where ``F'' indicates 
``Air Force,'' the next number represents the publication series 
number related to the subject matter, and the final letter group 
shows the system manager's command or Deputy Chief of Staff. The 
last character ``A'' indicates that this is the first notice for 
this series and system manager.
    System name: Use a short, specific, plain-language title that 
identifies the system's general purpose (limited to 55 characters).
    System location: Specify the address of the primary system and 
any decentralized elements, including automated data systems with a 
central computer facility and input or output terminals at separate 
locations. Use street address, 2-letter state abbreviations and 9-
digit ZIP Codes. Spell out office names. Do not use office symbols.
    Categories of individuals covered by the system: Use 
nontechnical, specific categories of individuals about whom the Air 
Force keeps records. Do not use categories like ``all Air Force 
personnel'' unless they are actually true.
    Categories of records in the system: Describe in clear, plain 
language, all categories of records in the system. List only 
documents actually kept in the system. Do not show source documents 
that are used to collect data and then destroyed. Do not list form 
numbers.
    Authority for maintenance of the system: Cite the specific law 
or Executive Order that authorizes the program the records support. 
Cite the DoD directive/instruction or Air Force instruction(s) that 
authorizes the system of records. Always include titles with the 
citations.

    Note: Executive Order 9397 authorizes using the Social Security 
Number as a personal identifier. Include this authority whenever the 
Social Security Number is used to retrieve records.

    Purpose: Describe briefly and specifically what the Air Force 
does with the information collected.
    Routine uses of records maintained in the system including 
categories of users and the purpose of such uses: List each specific 
agency or activity outside DoD to whom the records may be released 
and the purpose for such release.
    The DoD `Blanket Routine Uses' published in the Air Force 
Directory of System Notices apply to all system notices unless you 
indicate otherwise.
    Polices and practices for storing, retrieving, accessing, 
retaining, and disposing of records in the system:
    Storage: State the medium in which the Air Force keeps the 
records; for example, in file folders, card files, microfiche, 
computer, or a

[[Page 965]]

combination of those methods. Storage does not refer to the storage 
container.
    Retrievability: State how the Air Force retrieves the records; 
for example, by name, Social Security Number, or personal 
characteristics (such as fingerprints or voiceprints).
    Safeguards: List the kinds of officials who have immediate 
access to the system. List those responsible for safeguarding the 
records. Identify the system safeguards; for example, storage in 
safes, vaults, locked cabinets or rooms, use of guards, visitor 
controls, personnel screening, computer systems software, and so on. 
Describe safeguards fully without compromising system security.
    Retention and disposal: State how long Air Force Manual 37-139 
requires the activity to maintain the record. Indicate when or if 
the records may be transferred to a Federal Records Center and how 
long the record stays there. Specify when the Records Center sends 
the record to the National Archives or destroys it. Indicate how the 
records may be destroyed.
    System manager(s) and address: List the position title and duty 
address of the system manager. For decentralized systems, show the 
locations and the position or duty title of each category of 
officials responsible for any segment of the system.
    Notification procedure: List the title and duty address of the 
official authorized to tell requesters if their records are in the 
system. Specify the information a requester must submit; for 
example, full name, military status, Social Security Number, date of 
birth, or proof of identity, and so on.
    Record access procedures: Explain how individuals may arrange to 
access their records. Include the titles or categories of officials 
who may assist; for example, the system manager.
    Contesting records procedures: Air Force Chief Information 
Officer/P provides this standard caption.
    Record source categories: Show categories of individuals or 
other information sources for the system.
    Exemptions claimed for the system: When a system has no approved 
exemption, write ``none'' under this heading. Specifically list any 
approved exemption including the subsection in the Act.

Appendix C to Part 806b--DoD `Blanket Routine Uses'

    Certain DoD ``blanket routine uses'' have been established that 
are applicable to every record system maintained by the Department 
of the Air Force, unless specifically stated otherwise within the 
particular record system notice. These additional routine uses of 
the records are published only once in the Air Force's Preamble to 
its compilation of records systems in the interest of simplicity, 
economy and to avoid redundancy.

a. Law Enforcement Routine Use

    If a system of records maintained by a DoD Component to carry 
out its functions indicates a violation or potential violation of 
law, whether civil, criminal, or regulatory in nature, and whether 
arising by general statute or by regulation, rule, or order issued 
pursuant thereto, the relevant records in the system of records may 
be referred, as a routine use, to the agency concerned, whether 
federal, state, local, or foreign, charged with the responsibility 
of investigating or prosecuting such violation or charged with 
enforcing or implementing the statute, rule, regulation, or order 
issued pursuant thereto.

b. Disclosure when Requesting Information Routine Use

    A record from a system of records maintained by a Component may 
be disclosed as a routine use to a federal, state, or local agency 
maintaining civil, criminal, or other relevant enforcement 
information or other pertinent information, such as current 
licenses, if necessary to obtain information relevant to a Component 
decision concerning the hiring or retention of an employee, the 
issuance of a security clearance, the letting of a contract, or the 
issuance of a license, grant, or other benefit.

c. Disclosure of Requested Information Routine Use

    A record from a system of records maintained by a Component may 
be disclosed to a federal agency, in response to its request, in 
connection with the hiring or retention of an employee, the issuance 
of a security clearance, the reporting of an investigation of an 
employee, the letting of a contract, or the issuance of a license, 
grant, or other benefit by the requesting agency, to the extent that 
the information is relevant and necessary to the requesting agency's 
decision on the matter.

d. Congressional Inquiries Routine Use

    Disclosure from a system of records maintained by a Component 
may be made to a congressional office from the record of an 
individual in response to an inquiry from the congressional office 
made at the request of that individual.

e. Private Relief Legislation Routine Use

    Relevant information contained in all systems of records of the 
Department of Defense published on or before August 22, 1975, will 
be disclosed to the Office of Management and Budget in connection 
with the review of private relief legislation as set forth in Office 
of Management and Budget Circular A-19 (reference (u)) at any stage 
of the legislative coordination and clearance process as set forth 
in that Circular.

f. Disclosures Required by International Agreements Routine Use

    A record from a system of records maintained by a Component may 
be disclosed to foreign law enforcement, security, investigatory, or 
administrative authorities to comply with requirements imposed by, 
or to claim rights conferred in, international agreements and 
arrangements including those regulating the stationing and status in 
foreign countries of DoD military and civilian personnel.

g. Disclosure to State and Local Taxing Authorities Routine Use

    Any information normally contained in Internal Revenue Service 
(IRS) Form W-2 which is maintained in a record from a system of 
records maintained by a Component may be disclosed to state and 
local taxing authorities with which the Secretary of the Treasury 
has entered into agreements under 5 U.S.C., sections 5516, 5517, and 
5520 (reference (v)) and only to those state and local taxing 
authorities for which an employee or military member is or was 
subject to tax regardless of whether tax is or was withheld. This 
routine use is in accordance with Treasury Fiscal Requirements 
Manual Bulletin No. 76-07.

h. Disclosure to the Office of Personnel Management Routine Use

    A record from a system of records subject to the Privacy Act and 
maintained by a Component may be disclosed to the Office of 
Personnel Management (OPM) concerning information on pay and leave, 
benefits, retirement deduction, and any other information necessary 
for the OPM to carry out its legally authorized government-wide 
personnel management functions and studies.

i. Disclosure to the Department of Justice for Litigation Routine 
Use

    A record from a system of records maintained by this component 
may be disclosed as a routine use to any component of the Department 
of Justice for the purpose of representing the Department of 
Defense, or any officer, employee or member of the Department in 
pending or potential litigation to which the record is pertinent.

j. Disclosure to Military Banking Facilities Overseas Routine Use

    Information as to current military addresses and assignments may 
be provided to military banking facilities who provide banking 
services overseas and who are reimbursed by the Government for 
certain checking and loan losses. For personnel separated, 
discharged, or retired from the Armed Forces, information as to last 
known residential or home of record address may be provided to the 
military banking facility upon certification by a banking facility 
officer that the facility has a returned or dishonored check 
negotiated by the individual or the individual has defaulted on a 
loan and that if restitution is not made by the individual, the U.S. 
Government will be liable for the losses the facility may incur.

k. Disclosure of Information to the General Services Administration 
(GSA) Routine Use

    A record from a system of records maintained by this component 
may be disclosed as a routine use to the General Services 
Administration (GSA) for the purpose of records management 
inspections conducted under authority of 44 U.S.C. 2904 and 2906.

l. Disclosure of Information to the National Archives and Records 
Administration (NARA) Routine Use

    A record from a system of records maintained by this component 
may be disclosed as a routine use to the National Archives and 
Records Administration (NARA) for the purpose of records

[[Page 966]]

management inspections conducted under authority of 44 U.S.C. 2904 
and 2906.

m. Disclosure to the Merit Systems Protection Board Routine Use

    A record from a system of records maintained by this component 
may be disclosed as a routine use to the Merit Systems Protection 
Board, including the Office of the Special Counsel for the purpose 
of litigation, including administrative proceedings, appeals, 
special studies of the civil service and other merit systems, review 
of OPM or component rules and regulations, investigation of alleged 
or possible prohibited personnel practices; including administrative 
proceedings involving any individual subject of a DoD investigation, 
and such other functions, promulgated in 5 U.S.C. 1205 and 1206, or 
as may be authorized by law.

n. Counterintelligence Purpose Routine Use

    A record from a system of records maintained by this component 
may be disclosed as a routine use outside the DoD or the U.S. 
Government for the purpose of counterintelligence activities 
authorized by U.S. Law or Executive Order or for the purpose of 
enforcing laws, which protect the national security of the United 
States.

Appendix D to Part 806b--General and Specific Exemptions

    (a) All systems of records maintained by the Department of the 
Air Force shall be exempt from the requirements of 5 U.S.C. 552a(d) 
pursuant to 5 U.S.C. 552a(k)(1) to the extent that the system 
contains any information properly classified under Executive Order 
12958 and that is required by Executive Order to be kept classified 
in the interest of national defense or foreign policy. This 
exemption is applicable to parts of all systems of records including 
those not otherwise specifically designated for exemptions herein, 
which contain isolated items of properly classified information.
    (b) An individual is not entitled to have access to any 
information compiled in reasonable anticipation of a civil action or 
proceeding (5 U.S.C. 552a(d)(5)).
    (c) No system of records within Department of the Air Force 
shall be considered exempt under subsection (j) or (k) of the 
Privacy Act until the exemption rule for the system of records has 
been published as a final rule in the Federal Register.
    (d) Consistent with the legislative purpose of the Privacy Act 
of 1974, the Department of the Air Force will grant access to non-
exempt material in the records being maintained. Disclosure will be 
governed by the Department of the Air Force's Privacy Instruction, 
but will be limited to the extent that identity of confidential 
sources will not be compromised; subjects of an investigation of an 
actual or potential violation will not be alerted to the 
investigation; the physical safety of witnesses, informants and law 
enforcement personnel will not be endangered, the privacy of third 
parties will not be violated; and that the disclosure would not 
otherwise impede effective law enforcement. Whenever possible, 
information of the above nature will be deleted from the requested 
documents and the balance made available. The controlling principle 
behind this limited access is to allow disclosures except those 
indicated above. The decisions to release information from these 
systems will be made on a case-by-case basis.
    (e) General Exemptions. The following systems of records claim 
an exemption under 5 U.S.C. 552a(j)(2), with the exception of F090 
AF IG B, Inspector General Records and F051 AF JA F, Courts-Martial 
and Article 15 Records. They claim both the (j)(2) and (k)(2) 
exemption, and are listed under this part:
    (1) System identifier and name: F071 AF OSI A, Counter 
Intelligence Operations and Collection Records.
    (2) System identifier and name: F071 AF OSI C, Criminal Records.
    (3) System identifier and name: F071 AF OSI D, Investigative 
Support Records.
    (4) System identifier and name: F031 AF SP E, Security Forces 
Management Information System (SFMIS).
    (i) Exemption: Parts of this system may be exempt pursuant to 5 
U.S.C. 552a(j)(2) if information is compiled and maintained by a 
component of the agency which performs as its principle function any 
activity pertaining to the enforcement of criminal laws. Therefore, 
portions of this system of records may be exempt pursuant to 5 
U.S.C. 552a(j)(2) from the following subsections of 5 U.S.C. 
552a(c)(3), (c)(4), (d), (e)(1), (e)(2), (e)(3), (e)(4)(G), and (I), 
(e)(5), (e)(8), (f), and (g).
    (ii) Authority: 5 U.S.C. 552a(j)(2).
    (iii) Reasons: (A) To protect ongoing investigations and to 
protect from access criminal investigation information contained in 
this record system, so as not to jeopardize any subsequent judicial 
or administrative process taken as a result of information contained 
in the file.
    (B) From subsection (c)(3) because the release of the disclosure 
accounting, for disclosures pursuant to the routine uses published 
for this system, would permit the subject criminal investigation or 
matter under investigation to obtain valuable information concerning 
the nature of that investigation which will present a serious 
impediment to law enforcement.
    (C) From subsection (c)(4) because an exemption is being claimed 
for subsection this subsection will not be applicable.
    (D) From subsection (d) because access the records contained in 
this system would inform the subject of an investigation of 
existence of that investigation, provide subject of the 
investigation with information that might enable him to avoid 
detection, and would present a serious impediment to law 
enforcement.
    (E) From subsection (e)(4)(H) because system of records is 
exempt from individual access pursuant to subsection (j) of the 
Privacy Act of 1974.
    (F) From subsection (f) because this system of records has been 
exempted from access provisions of subsection (d).
    (5) System identifier and name: F031 AF SF A, Correction and 
Rehabilitation Records.
    (i) Exemption: Parts of this system may be exempt pursuant to 5 
U.S.C. 552a(j)(2) if information is compiled and maintained by a 
component of the agency which performs as its principle function any 
activity pertaining to the enforcement of criminal laws. Portions of 
this system of records may be exempt pursuant to 5 U.S.C. 552a(j)(2) 
from the following subsections of 5 U.S.C. 552a(c)(3), (c)(4), (d), 
(e)(3), (e)(4)(G), (H) and (I), (e)(5), (e)(8), (f), and (g).
    (ii) Authority: 5 U.S.C. 552a(j)(2).
    (iii) Reasons: (A) From subsection (c)(3) because the release of 
the disclosure accounting, for disclosures pursuant to the routine 
uses published for this system, would permit the subject of a 
criminal investigation or matter under investigation to obtain 
valuable information concerning the nature of that investigation 
which will present a serious impediment to law enforcement.
    (B) From subsection (c)(4) because an exemption is being claimed 
for subsection (d), this subsection will not be applicable.
    (C) From subsection (d) because access to the records contained 
in this system would inform the subject of a criminal investigation 
of the existence of that investigation, provide the subject of the 
investigation with information that might enable him to avoid 
detection or apprehension, and would present a serious impediment to 
law enforcement.
    (D) From subsection (e)(3) would constitute a serious impediment 
to law enforcement in that it could compromise the existence of a 
confidential investigation, reveal the identity of confidential 
sources of information and endanger the life and physical safety of 
confidential informants.
    (E) From subsections (e)(4)(G) and (H) because this system of 
records is exempt from individual access pursuant to subsections 
(j)(2) of the Privacy Act of 1974.
    (F) From subsection (e)(4)(I) because the identity of specific 
sources must be withheld in order to protect the confidentiality of 
the sources of criminal and other law enforcement information. This 
exemption is further necessary to protect the privacy and physical 
safety of witnesses and informants.
    (G) From subsection (e)(5) because in the collection of 
information for law enforcement purposes it is impossible to 
determine in advance what information is accurate, relevant, timely, 
and complete. With the passage of time, seemingly irrelevant or 
untimely information may acquire new significance as further 
investigation brings new details to light and the accuracy of such 
information can only be determined in a court of law. The 
restrictions of subsection (e)(5) would restrict the ability of 
trained investigators and intelligence analysts to exercise their 
judgment reporting on investigations and impede the development of 
intelligence necessary for effective law enforcement.
    (H) From subsection (e)(8) because the individual notice 
requirements of subsection (e)(8) could present a serious impediment 
to law enforcement as this could interfere with the ability to issue 
search authorizations and could reveal investigative techniques and 
procedures.
    (I) From subsection (f) because this system of records has been 
exempted from the access provisions of subsection (d).
    (J) From subsection (g) because this system of records compiled 
for law enforcement

[[Page 967]]

purposes and has been exempted from the access provisions of 
subsections (d) and (f).
    (6) System identifier and name: F090 AF IG B, Inspector General 
Records.
    (i) Exemption: (A) Parts of this system of records may be exempt 
pursuant to 5 U.S.C. 552a(j)(2) if the information is compiled and 
maintained by a component of the agency which performs as its 
principle function any activity pertaining to the enforcement of 
criminal laws. Therefore, portions of this system of records may be 
exempt pursuant to 5 U.S.C. 552a(j)(2) from the following 
subsections of 5 U.S.C. 552a(c)(3), (c)(4), (d), (e)(1), (e)(2), 
(e)(3), (e)(4)(G), (H), and (I), (e)(5), (e)(8), (f), and (g).
    (B) Investigative material compiled for law enforcement 
purposes, other than material within the scope of subsection 5 
U.S.C. 552a(j)(2), may be exempt pursuant to 5 U.S.C. 552a(k)(2). 
However, if an individual is denied any right, privilege, or benefit 
for which he would otherwise be entitled by Federal law or for which 
he would otherwise be eligible, as a result of the maintenance of 
the information, the individual will be provided access to the 
information exempt to the extent that disclosure would reveal the 
identity of a confidential source. Note: When claimed, this 
exemption allows limited protection of investigative reports 
maintained in a system of records used in personnel or 
administrative actions. Therefore, portions of this system of 
records may be exempt pursuant to 5 U.S.C. 552a(k)(2) from the 
following subsections of 5 U.S.C. 552a(c)(3), (d), (e)(1), 
(e)(4)(G), (H) and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(j)(2) and (k)(2).
    (iii) Reasons: (A) From subsection (c)(3) because the release of 
accounting of disclosure would inform a subject that he or she is 
under investigation. This information would provide considerable 
advantage to the subject in providing him or her with knowledge 
concerning the nature of the investigation and the coordinated 
investigative efforts and techniques employed by the cooperating 
agencies. This would greatly impede the Air Force IG's criminal law 
enforcement.
    (B) From subsection (c)(4) and (d), because notification would 
alert a subject to the fact that an open investigation on that 
individual is taking place, and might weaken the ongoing 
investigation, reveal investigative techniques, and place 
confidential informants in jeopardy.
    (C) From subsection (e)(1) because the nature of the criminal 
and/or civil investigative function creates unique problems in 
prescribing a specific parameter in a particular case with respect 
to what information is relevant or necessary. Also, information may 
be received which may relate to a case under the investigative 
jurisdiction of another agency. The maintenance of this information 
may be necessary to provide leads for appropriate law enforcement 
purposes and to establish patterns of activity that may relate to 
the jurisdiction of other cooperating agencies.
    (D) From subsection (e)(2) because collecting information to the 
fullest extent possible directly from the subject individual may or 
may not be practical in a criminal and/or civil investigation.
    (E) From subsection (e)(3) because supplying an individual with 
a form containing a Privacy Act Statement would tend to inhibit 
cooperation by many individuals involved in a criminal and/or civil 
investigation. The effect would be somewhat adverse to established 
investigative methods and techniques.
    (F) From subsections (e)(4)(G), (H), and (I) because this system 
of records is exempt from the access provisions of subsection (d) 
and (f).
    (G) From subsection (e)(5) because the requirement that records 
be maintained with attention to accuracy, relevance, timeliness, and 
completeness would unfairly hamper the investigative process. It is 
the nature of law enforcement for investigations to uncover the 
commission of illegal acts at diverse stages. It is frequently 
impossible to determine initially what information is accurate, 
relevant, timely, and least of all complete. With the passage of 
time, seemingly irrelevant or untimely information may acquire new 
significance as further investigation brings new details to light.
    (H) From subsection (e)(8) because the notice requirements of 
this provision could present a serious impediment to law enforcement 
by revealing investigative techniques, procedures, and existence of 
confidential investigations.
    (I) From subsection (f) because the agency's rules are 
inapplicable to those portions of the system that are exempt and 
would place the burden on the agency of either confirming or denying 
the existence of a record pertaining to a requesting individual 
might in itself provide an answer to that individual relating to an 
ongoing investigation. The conduct of a successful investigation 
leading to the indictment of a criminal offender precludes the 
applicability of established agency rules relating to verification 
of record, disclosure of the record to that individual, and record 
amendment procedures for this record system.
    (J) From subsection (g) because this system of records should be 
exempt to the extent that the civil remedies relate to provisions of 
5 U.S.C. 552a from which this rule exempts the system.
    (7) System identifier and name: F051 AF JA F, Courts-Martial and 
Article 15 Records.
    (i) Exemptions: (A) Parts of this system may be exempt pursuant 
to 5 U.S.C. 552a(j)(2) if the information is compiled and maintained 
by a component of the agency which performs as its principle 
function any activity pertaining to the enforcement of criminal 
laws. Therefore, portions of this system of records may be exempt 
pursuant to 5 U.S.C. 552a(j)(2) from the following subsection of 5 
U.S.C. 552a(c)(3), (c)(4), (d), (e)(1), (e)(2), (e)(3), (e)(4)(G), 
(H) and (I), (e)(5), (e)(8), (f), and (g).
    (B) Investigatory material compiled for law enforcement 
purposes, other than material within the scope of subsection 5 
U.S.C. 552a(j)(2), may be exempt pursuant to 5 U.S.C. 552a(k)(2). 
However, if an individual is denied any right, privilege, or benefit 
for which he would otherwise be entitled by Federal law or for which 
he would otherwise be eligible, as a result of the maintenance of 
the information, the individual will be provided access to the 
information exempt to the extent that disclosure would reveal the 
identity of a confidential source. NOTE: When claimed, this 
exemption allows limited protection of investigative reports 
maintained in a system of records used in personnel or 
administrative actions. Therefore, portions of this system of 
records may be exempt pursuant to 5 U.S.C. 552a(k)(2) from the 
following subsections of 5 U.S.C. 552a(c)(3), (d), (e)(1), 
(e)(4)(G), (H) and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(j)(2) and (k)(2).
    (iii) Reason: (A) From subsection (c)(3) because the release of 
the disclosure accounting, for disclosures pursuant to the routine 
uses published for this system, would permit the subject of a 
criminal investigation or matter under investigation to obtain 
valuable information concerning the nature of that investigation 
which will present a serious impediment to law enforcement.
    (B) From subsection (c)(4) because an exemption is being claimed 
for subsection (d), his subsection will not be applicable.
    (C) From subsection (d) because access to the records contained 
in this system would inform the subject of a criminal investigation 
of the existence of that investigation, provide the subject of the 
investigation with information that might enable him to avoid 
detection or apprehension, and would present a serious impediment to 
law enforcement.
    (D) From subsection (e)(1) because in the course of criminal 
investigations information is often obtained concerning the 
violation of laws or civil obligations of others not relating to an 
active case or matter. In the interests of effective law 
enforcement, it is necessary that this information be retained since 
it can aid in establishing patterns of activity and provide valuable 
leads for other agencies and future cases that may be brought.
    (E) From subsection (e)(2) because in a criminal investigation 
the requirement that information be collected to the greatest extent 
possible from the subject individual would present a serious 
impediment to law enforcement in that the subject of the 
investigation would be placed on notice of the existence of the 
investigation and would therefore be able to avoid detection.
    (F) From subsection (e)(3) because the requirement that 
individuals supplying information be provided with a form stating 
the requirements of subsection (e)(3) would constitute a serious 
impediment to law enforcement in that it could compromise the 
existence of a confidential investigation, reveal the identity of 
confidential sources of information and endanger the life and 
physical safety of confidential informants.
    (G) From subsections (e)(4)(G) and (H) because this system of 
records is exempt from individual access pursuant to subsections (j) 
and (k) of the Privacy Act of 1974.
    (H) From subsection (e)(4)(I) because the identity of specific 
sources must be withheld in order to protect the confidentiality of 
the sources of criminal and other law enforcement information. This 
exemption is further necessary to protect the privacy and physical 
safety of witnesses and informants.
    (I) From subsection (e)(5) because in the collection of 
information for law enforcement

[[Page 968]]

purposes it is impossible to determine in advance what information 
is accurate, relevant, timely, and complete. With the passage of 
time, seemingly irrelevant or untimely information may acquire new 
significance as further investigation brings new details to light 
and the accuracy of such information can only be determined in a 
court of law. The restrictions of subsection (e)(5) would restrict 
the ability of trained investigators and intelligence analysts to 
exercise their judgment in reporting on investigations and impede 
the development of intelligence necessary for effective law 
enforcement.
    (J) From subsection (e)(8) because the individual notice 
requirements of subsection (e)(8) could present a serious impediment 
to law enforcement as this could interfere with the ability to issue 
search authorizations and could reveal investigative techniques and 
procedures.
    (K) From subsection (f) because this system of records has been 
exempted from the access provisions of subsection (d).
    (L) From subsection (g) because this system of records is 
compiled for law enforcement purposes and has been exempted from the 
access provisions of subsections (d) and (f).
    (f) Specific Exemptions. The following systems of records are 
subject to the specific exemptions shown:
    (1) System identifier and name: F036 USAFA K, Admissions 
Records.
    (i) Exemption: Evaluation material used to determine potential 
for promotion in the Military Services may be exempt pursuant to 5 
U.S.C. 552a(k)(7), but only to the extent that the disclosure of 
such material would reveal the identify of a confidential source. 
Therefore, portions of this system of records (Liaison Officer 
Evaluation and Selection Panel Candidate Evaluation) may be exempt 
pursuant to 5 U.S.C. 552a(k)(7) from the following subsections of 5 
U.S.C. 552a(d), (e)(4)(H), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(7).
    (iii) Reasons: To ensure the frankness of information used to 
determine whether cadets are qualified for graduation and 
commissioning as officers in the Air Force.
    (2) System identifier and name: F036 AFPC N, Air Force Personnel 
Test 851, Test Answer Sheets.
    (i) Exemption: Testing or examination material used solely to 
determine individual qualifications for appointment or promotion in 
the federal or military service may be exempt pursuant to 5 U.S.C. 
552a(k)(6), if the disclosure would compromise the objectivity or 
fairness of the test or examination process. Therefore, portions of 
this system of records may be exempt pursuant to 5 U.S.C. 552a(k)(6) 
from the following subsections of 5 U.S.C. 552a(c)(3); (d); 
(e)(4)(G), (H), and (I); and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(6).
    (iii) Reasons: To protect the objectivity of the promotion 
testing system by keeping the test questions and answers in 
confidence.
    (3) System identifier and name: F036 USAFA A, Cadet Personnel 
Management System.
    (i) Exemption: Evaluation material used to determine potential 
for promotion in the Military Services may be exempt pursuant to 5 
U.S.C. 552a(k)(7), but only to the extent that the disclosure of 
such material would reveal the identify of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(7) from the following subsections of 5 U.S.C. 
552a(d), (e)(4)(H), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(7).
    (iii) Reasons: To maintain the candor and integrity of comments 
needed to evaluate an Air Force Academy cadet for commissioning in 
the Air Force.
    (4) System identifier and name: F036 AETC I, Cadet Records.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) (Detachment Professional Officer Course 
Selection Rating Sheets; Air Force Reserve Officer Training Corps 
Form 0-24--Disenrollment Review; Memoranda for Record and Staff 
Papers with Staff Advice, Opinions, or Suggestions) may be exempt 
from the following subsections of 5 U.S.C. 552a(c)(3), (d), 
(e)(4)(G) and (H), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: To protect the identity of a confidential source 
who furnishes information necessary to make determinations about the 
qualifications, eligibility, and suitability of cadets for 
graduation and commissioning in the Air Force.
    (5) System identifier and name: F044 AF SG Q, Family Advocacy 
Program Records.
    (i) Exemption: (A) Investigative material compiled for law 
enforcement purposes, other than material within the scope of 
subsection 5 U.S.C. 552a(j)(2), may be exempt pursuant to 5 U.S.C. 
552a(k)(2). However, if an individual is denied any right, 
privilege, or benefit for which he would otherwise be entitled by 
Federal law or for which he would otherwise be eligible, as a result 
of the maintenance of the information, the individual will be 
provided access to the information exempt to the extent that 
disclosure would reveal the identity of a confidential source. Note: 
When claimed, this exemption allows limited protection of 
investigative reports maintained in a system of records used in 
personnel or administrative actions.
    (B) Investigative material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for federal 
civilian employment, military service, federal contracts, or access 
to classified information may be exempt pursuant to 5 U.S.C. 
552a(k)(5), but only to the extent that such material would reveal 
the identity of a confidential source.
    (C) Therefore, portions of this system of records may be exempt 
pursuant to 5 U.S.C. 552a(k)(2) and (k)(5) from the following 
subsections of 5 U.S.C. 552a(c)(3) and (d).
    (ii) Authority: 5 U.S.C. 552a(k)(2) and (k)(5).
    (iii) Reasons: From subsections (c)(3) and (d) because the 
exemption is needed to encourage those who know of exceptional 
medical or educational conditions or family maltreatments to come 
forward by protecting their identities and to protect such sources 
from embarrassment or recriminations, as well as to protect their 
right to privacy. It is essential that the identities of all 
individuals who furnish information under an express promise of 
confidentiality be protected. Granting individuals access to 
information relating to criminal and civil law enforcement, as well 
as the release of certain disclosure accounting, could interfere 
with ongoing investigations and the orderly administration of 
justice, in that it could result in the concealment, alteration, 
destruction, or fabrication of information; could hamper the 
identification of offenders or alleged offenders and the disposition 
of charges; and could jeopardize the safety and well being of 
parents and their children. Exempted portions of this system also 
contain information considered relevant and necessary to make a 
determination as to qualifications, eligibility, or suitability for 
Federal employment and Federal contracts, and that was obtained by 
providing an express or implied promise to the source that his or 
her identity would not be revealed to the subject of the record.
    (6) System identifier and name: F036 AF PC A, Effectiveness/
Performance Reporting System.
    (i) Exemption: Evaluation material used to determine potential 
for promotion in the Military Services (Brigadier General Selectee 
Effectiveness Reports and Colonel and Lieutenant Colonel Promotion 
Recommendations with close out dates on or before January 31, 1991) 
may be exempt pursuant to 5 U.S.C. 552a(k)(7), but only to the 
extent that the disclosure of such material would reveal the 
identity of a confidential source. Therefore, portions of this 
system of records may be exempt pursuant to 5 U.S.C. 552a(k)(7) from 
the following subsections of 5 U.S.C. 552a(c)(3), (d), (e)(4)(H), 
and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(7).
    (iii) Reasons: (A) From subsection (c)(3) because making the 
disclosure accounting available to the individual may compromise 
express promises of confidentiality by revealing details about the 
report and identify other record sources, which may result in 
circumvention of the access exemption.
    (B) From subsection (d) because individual disclosure 
compromises express promises of confidentiality conferred to protect 
the integrity of the promotion rating system.
    (C) From subsection (e)(4)(H) because of and to the extent that 
portions of this record system are exempt from the individual access 
provisions of subsection (d).
    (D) From subsection (f) because of and to the extent that 
portions of this record system are exempt from the individual access 
provisions of subsection (d).
    (7) System identifier and name: F036 AFDP A, Files on General 
Officers and Colonels Assigned to General Officer Positions.
    (i) Exemption: Evaluation material used to determine potential 
for promotion in the Military Services may be exempt pursuant to

[[Page 969]]

5 U.S.C. 552a(k)(7), but only to the extent that the disclosure of 
such material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(7) from the following subsections of 5 U.S.C. 
552a(c)(3), (d), (e)(4)(G), (H), and (I); and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(7).
    (iii) Reasons: To protect the integrity of information used in 
the Reserve Initial Brigadier General Screening Board, the release 
of which would compromise the selection process.
    (8) System identification and name: F036 AF PC O, General 
Officer Personnel Data System.
    (i) Exemption: Evaluation material used to determine potential 
for promotion in the Military Services may be exempt pursuant to 5 
U.S.C. 552a(k)(7), but only to the extent that the disclosure of 
such material would reveal the identity of a confidential source. 
Therefore, portions of this system of records (Air Force General 
Officer Promotion and Effectiveness Reports with close out dates on 
or before January 31, 1991) may be exempt pursuant to 5 U.S.C. 
552a(k)(7) may be exempt from following subsections of 5 U.S.C. 
552a(c)(3), (d), (e)(4)(H), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(7).
    (iii) Reason: (A) From subsection (c)(3) because making the 
disclosure accounting available to the individual may compromise 
express promises of confidentiality by revealing details about the 
report and identify other record sources, which may result in 
circumvention of the access exemption.
    (B) From subsection (d) because individual disclosure 
compromises express promises of confidentiality conferred to protect 
the integrity of the promotion rating system.
    (C) From subsection (e)(4)(H) because of and to the extent that 
portions of this record system are exempt from the individual access 
provisions of subsection (d).
    (D) From subsection (f) because of and to the extent that 
portions of this record system are exempt from the individual access 
provisions of subsection (d).
    (9) System identifier and name: F036 AFPC K, Historical Airman 
Promotion Master Test File.
    (i) Exemption: Testing or examination material used solely to 
determine individual qualifications for appointment or promotion in 
the federal or military service, if the disclosure would compromise 
the objectivity or fairness of the test or examination process may 
be exempt pursuant to 5 U.S.C. 552a(k)(6), if the disclosure would 
compromise the objectivity or fairness of the test or examination 
process. Therefore, portions of this system of records may be exempt 
pursuant to 5 U.S.C. 552a(k)(6) from the following subsections of 5 
U.S.C. 552a(c)(3), (d), (e)(4)(G), (H), and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(6).
    (iii) Reasons: To protect the integrity, objectivity, and equity 
of the promotion testing system by keeping test questions and 
answers in confidence. Reserved.
    (10) System identifier and name: F071 AF OSI F, Investigative 
Applicant Processing Records.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) from the following subsections of 5 U.S.C. 
552a(c)(3), (d), (e)(4)(G), (H), and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: To protect those who gave information in 
confidence during Air Force Office of Special Investigations 
applicant inquiries. Fear of harassment could cause sources not to 
make frank and open responses about applicant qualifications. This 
could compromise the integrity of the Air Force Office of Special 
Investigations personnel program that relies on selecting only 
qualified people.
    (11) System identifier and name: F036 USAFA B, Master Cadet 
Personnel Record (Active/Historical).
    (i) Exemptions: Evaluation material used to determine potential 
for promotion in the Military Services may be exempt pursuant to 5 
U.S.C. 552a(k)(7), but only to the extent that the disclosure of 
such material would reveal the identify of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(7) from the following subsections of 5 U.S.C. 
552a(d), (e)(4)(H), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(7).
    (iii) Reasons: To maintain the candor and integrity of comments 
needed to evaluate a cadet for commissioning in the Air Force.
    (12) System identifier and name: F031 497IG A, Sensitive 
Compartmented Information Personnel Records.
    (i) Exemption: (A) Investigatory material compiled for law 
enforcement purposes, other than material within the scope of 
subsection 5 U.S.C. 552a(j)(2), may be exempt pursuant to 5 U.S.C. 
552a(k)(2). However, if an individual is denied any right, 
privilege, or benefit for which he would otherwise be entitled by 
Federal law or for which he would otherwise be eligible, as a result 
of the maintenance of the information, the individual will be 
provided access to the information exempt to the extent that 
disclosure would reveal the identify of a confidential source. Note: 
When claimed, this exemption allows limited protection of 
investigative reports maintained in a system of records used in 
personnel or administrative actions.
    (B) Investigatory material compiled solely for the purpose of 
determining suitability, eligibility, or qualifications for federal 
civilian employment, military service, federal contracts, or access 
to classified information may be exempt pursuant to 5 U.S.C. 
552a(k)(5), but only to the extent that such material would reveal 
the identity of a confidential source.
    (C) Therefore, portions of this system of records may be exempt 
pursuant to 5 U.S.C. 552a(k)(2) and (k)(5) from the following 
subsections of 5 U.S.C. 552a(c)(3), (d), (e)(4)(G), (H), and (I), 
and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(2) and (k)(5).
    (iii) Reasons: To protect the identity of sources to which 
proper promises of confidentiality have been made during 
investigations. Without these promises, sources will often be 
unwilling to provide information essential in adjudicating access in 
a fair and impartial manner.
    (13) System identifier and name: F071 AF OSI B, Security and 
Related Investigative Records.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) from the following subsections of 5 U.S.C. 
552a(c)(3), (d), (e)(4)(G), (H), and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: To protect the identity of those who give 
information in confidence for personnel security and related 
investigations. Fear of harassment could cause sources to refuse to 
give this information in the frank and open way needed to pinpoint 
those areas in an investigation that should be expanded to resolve 
charges of questionable conduct.
    (14) System identifier and name: F031 497IG B, Special Security 
Case Files.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) from the following subsections of 5 U.S.C. 
552a(c)(3), (d), (e)(4)(G), (H), and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: To protect the identity of those who give 
information in confidence for personnel security and related 
investigations. Fear of harassment could cause sources to refuse to 
give this information in the frank and open way needed to pinpoint 
those areas in an investigation that should be expanded to resolve 
charges of questionable conduct.
    (15) System identifier and name: F031 AF SP N, Special Security 
Files.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) from the following subsections of 5 U.S.C. 
552a(c)(3), (d), (e)(4)(G), (H), and (I), and (f).

[[Page 970]]

    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: To protect the identity of those who give 
information in confidence for personnel security and related 
investigations. Fear of harassment could cause them to refuse to 
give this information in the frank and open way needed to pinpoint 
areas in an investigation that should be expanded to resolve charges 
of questionable conduct.
    (16) System identifier and name: F036 AF PC P, Applications for 
Appointment and Extended Active Duty Files.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) from the following subsection of 5 U.S.C. 
552a(d).
    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: To protect the identity of confidential sources 
who furnish information necessary to make determinations about the 
qualifications, eligibility, and suitability of health care 
professionals who apply for Reserve of the Air Force appointment or 
interservice transfer to the Air Force.
    (17) System identifier and name: F036 AF DPG, Military Equal 
Opportunity and Treatment.
    (i) Exemption: Investigative material compiled for law 
enforcement purposes, other than material within the scope of 
subsection 5 U.S.C. 552a(j)(2), may be exempt pursuant to 5 U.S.C. 
552a(k)(2). However, if an individual is denied any right, 
privilege, or benefit for which he would otherwise be entitled by 
Federal law or for which he would otherwise be eligible, as a result 
of the maintenance of the information, the individual will be 
provided access to the information exempt to the extent that 
disclosure would reveal the identity of a confidential source. Note: 
When claimed, this exemption allows limited protection of 
investigative reports maintained in a system of records used in 
personnel or administrative actions. Therefore, portions of this 
system of records may be exempt pursuant to 5 U.S.C. 522a(k)(2) from 
the following subsections of 5 U.S.C. 552a(d), (e)(4)(H), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(2).
    (iii) Reasons: (A) From subsection (d) because access to the 
records contained in this system would inform the subject of an 
investigation of the existence of that investigation, provide the 
subject of the investigation with information that might enable him 
to avoid detection, and would present a serious impediment to law 
enforcement. In addition, granting individuals access to information 
collected while an Equal Opportunity and Treatment clarification/
investigation is in progress conflicts with the just, thorough, and 
timely completion of the complaint, and could possibly enable 
individuals to interfere, obstruct, or mislead those clarifying/
investigating the complaint.
    (B) From subsection (e)(4)(H) because this system of records is 
exempt from individual access pursuant to subsection (k) of the 
Privacy Act of 1974.
    (C) From subsection (f) because this system of records has been 
exempted from the access provisions of subsection (d).
    (18) System identifier and name: F051 AF JA I, Commander 
Directed Inquiries.
    (i) Exemption: Investigatory material compiled for law 
enforcement purposes, other than material within the scope of 
subsection 5 U.S.C. 552a(j)(2), may be exempt pursuant to 5 U.S.C. 
552a(k)(2). However, if an individual is denied any right, 
privilege, or benefit for which he would otherwise be entitled by 
Federal law or for which he would otherwise be eligible, as a result 
of the maintenance of the information, the individual will be 
provided access to the information except to the extent that 
disclosure would reveal the identity of a confidential source. Note: 
When claimed, this exemption allows limited protection of 
investigative reports maintained in a system of records used in 
personnel or administrative actions. Any portion of this system of 
records which falls within the provisions of 5 U.S.C. 552a(k)(2) may 
be exempt from the following subsections of 5 U.S.C. 552a(c)(3), 
(d), (e)(1), (e)(4)(G), (H), and (I), and (f).
    (ii) Authority: 5 U.S.C. 552a(k)(2).
    (iii) Reasons: (A) From subsection (c)(3) because to grant 
access to the accounting for each disclosure as required by the 
Privacy Act, including the date, nature, and purpose of each 
disclosure and the identity of the recipient, could alert the 
subject to the existence of the investigation. This could seriously 
compromise case preparation by prematurely revealing its existence 
and nature; compromise or interfere with witnesses or make witnesses 
reluctant to cooperate; and lead to suppression, alteration, or 
destruction of evidence.
    (B) From subsections (d) and (f) because providing access to 
investigative records and the right to contest the contents of those 
records and force changes to be made to the information contained 
therein would seriously interfere with and thwart the orderly and 
unbiased conduct of the investigation and impede case preparation. 
Providing access rights normally afforded under the Privacy Act 
would provide the subject with valuable information that would allow 
interference with or compromise of witnesses or render witnesses 
reluctant to cooperate; lead to suppression, alteration, or 
destruction of evidence; enable individuals to conceal their 
wrongdoing or mislead the course of the investigation; and result in 
the secreting of or other disposition of assets that would make them 
difficult or impossible to reach in order to satisfy any Government 
claim growing out of the investigation or proceeding.
    (C) From subsection (e)(1) because it is not always possible to 
detect the relevance or necessity of each piece of information in 
the early stages of an investigation. In some cases, it is only 
after the information is evaluated in light of other evidence that 
its relevance and necessity will be clear.
    (D) From subsections (e)(4)(G) and (H) because this system of 
records is compiled for investigative purposes and is exempt from 
the access provisions of subsections (d) and (f).
    (E) From subsection (e)(4)(I) because to the extent that this 
provision is construed to require more detailed disclosure than the 
broad, generic information currently published in the system notice, 
an exemption from this provision is necessary to protect the 
confidentiality of sources of information and to protect privacy and 
physical safety of witnesses and informants.
    (19) System identifier and name: F031 DoD A, Joint Personnel 
Adjudication System.
    (i) Exemption: Investigatory material compiled solely for the 
purpose of determining suitability, eligibility, or qualifications 
for federal civilian employment, military service, federal 
contracts, or access to classified information may be exempt 
pursuant to 5 U.S.C. 552a(k)(5), but only to the extent that such 
material would reveal the identity of a confidential source. 
Therefore, portions of this system of records may be exempt pursuant 
to 5 U.S.C. 552a(k)(5) from the following subsections of 5 U.S.C. 
552a(c)(3), (d), and (e)(1).
    (ii) Authority: 5 U.S.C. 552a(k)(5).
    (iii) Reasons: (A) From subsection (c)(3) and (d) when access to 
accounting disclosures and access to or amendment of records would 
cause the identity of a confidential source to be revealed. 
Disclosure of the source's identity not only will result in the 
Department breaching the promise of confidentiality made to the 
source but it will impair the Department's future ability to compile 
investigatory material for the purpose of determining suitability, 
eligibility, or qualifications for Federal civilian employment, 
Federal contracts, or access to classified information. Unless 
sources can be assured that a promise of confidentiality will be 
honored, they will be less likely to provide information considered 
essential to the Department in making the required determinations.
    (B) From subsection (e)(1) because in the collection of 
information for investigatory purposes, it is not always possible to 
determine the relevance and necessity of particular information in 
the early stages of the investigation. In some cases, it is only 
after the information is evaluated in light of other information 
that its relevance and necessity becomes clear. Such information 
permits more informed decision-making by the Department when making 
required suitability, eligibility, and qualification determinations.
    (20) System identifier and name: F033 AF A, Information 
Requests-Freedom of Information Act.
    (i) Exemption: During the processing of a Freedom of Information 
Act request, exempt materials from `other' systems of records may in 
turn become part of the case record in this system. To the extent 
that copies of exempt records from those other systems of records 
are entered into this system, the Department of the Air Force hereby 
claims the same exemptions for the records from those `other' 
systems that are entered into this system, as claimed for the 
original primary system of which they are a part.

[[Page 971]]

    (ii) Authority: 5 U.S.C. 552a(j)(2), (k)(1), (k)(2), (k)(3), 
(k)(4), (k)(5), (k)(6), and (k)(7).
    (iii) Reasons: Records are only exempt from pertinent provisions 
of 5 U.S.C. 552a to the extent such provisions have been identified 
and an exemption claimed for the original record, and the purposes 
underlying the exemption for the original record still pertain to 
the record which is now contained in this system of records. In 
general, the exemptions were claimed in order to protect properly 
classified information relating to national defense and foreign 
policy, to avoid interference during the conduct of criminal, civil, 
or administrative actions or investigations, to ensure protective 
services provided the President and others are not compromised, to 
protect the identity of confidential sources incident to Federal 
employment, military service, contract, and security clearance 
determinations, and to preserve the confidentiality and integrity of 
Federal evaluation materials. The exemption rule for the original 
records will identify the specific reasons why the records are 
exempt from specific provisions of 5 U.S.C. 552a.
    (21) System identifier and name: F033 AF B, Privacy Act Request 
Files.
    (i) Exemption: During the processing of a Privacy Act request, 
exempt materials from other systems of records may in turn become 
part of the case record in this system. To the extent that copies of 
exempt records from those `other' systems of records are entered 
into this system, the Department of the Air Force hereby claims the 
same exemptions for the records from those `other' systems that are 
entered into this system, as claimed for the original primary system 
of which they are a part.
    (ii) Authority: 5 U.S.C. 552a(j)(2), (k)(1), (k)(2), (k)(3), 
(k)(4), (k)(5), (k)(6), and (k)(7).
    (iii) Reason: Records are only exempt from pertinent provisions 
of 5 U.S.C. 552a to the extent such provisions have been identified 
and an exemption claimed for the original record, and the purposes 
underlying the exemption for the original record still pertain to 
the record which is now contained in this system of records. In 
general, the exemptions were claimed in order to protect properly 
classified information relating to national defense and foreign 
policy, to avoid interference during the conduct of criminal, civil, 
or administrative actions or investigations, to ensure protective 
services provided the President and others are not compromised, to 
protect the identity of confidential sources incident to Federal 
employment, military service, contract, and security clearance 
determinations, and to preserve the confidentiality and integrity of 
Federal evaluation materials. The exemption rule for the original 
records will identify the specific reasons why the records are 
exempt from specific provisions of 5 U.S.C. 552a.

Appendix E to Part 806b--Privacy Impact Assessment

Section A--Introduction and Overview

    The Privacy Act Assessment. The Air Force recognizes the 
importance of protecting the privacy of individuals, to ensure 
sufficient protections for the privacy of personal information as we 
implement citizen-centered e-Government. Privacy issues must be 
addressed when systems are being developed, and privacy protections 
must be integrated into the development life cycle of these 
automated systems. The vehicle for addressing privacy issues in a 
system under development is the Privacy Impact Assessment. The 
Privacy Impact Assessment process also provides a means to assure 
compliance with applicable laws and regulations governing individual 
privacy.
    (a) Purpose. The purpose of this document is to:
    (1) Establish the requirements for addressing privacy during the 
systems development process.
    (2) Describe the steps required to complete a Privacy Impact 
Assessment.
    (3) Define the privacy issues you will address in the Privacy 
Impact Assessment.
    (b) Background. The Air Force is responsible for ensuring the 
privacy, confidentiality, integrity, and availability of personal 
information. The Air Force recognizes that privacy protection is 
both a personal and fundamental right. Among the most basic of 
individuals' rights is an expectation that the Air Force will 
protect the confidentiality of personal, financial, and employment 
information. Individuals also have the right to expect that the Air 
Force will collect, maintain, use, and disseminate identifiable 
personal information and data only as authorized by law and as 
necessary to carry out agency responsibilities. Personal information 
is protected by the following:
    (1) Title 5, U.S.C. 552a, The Privacy Act of 1974, as amended, 
which affords individuals the right to privacy in records maintained 
and used by Federal agencies. Note: 5 U.S.C. 552a includes Public 
Law 100-503, The Computer Matching and Privacy Act of 1988.\13\
---------------------------------------------------------------------------

    \13\ http://www.defenselink.mil/privacy/1975OMB_PAGuide/jun1989.pdf.
---------------------------------------------------------------------------

    (2) Public Law 100-235, The Computer Security Act of 1987,\14\ 
which establishes minimum security practices for Federal computer 
systems.
---------------------------------------------------------------------------

    \14\ http://csrc.nist.gov/secplcy/csa_87.txt.
---------------------------------------------------------------------------

    (3) OMB Circular A-130, Management of Federal Information 
Resources,\15\ which provides instructions to Federal agencies on 
how to comply with the fair information practices and security 
requirements for operating automated information systems.
---------------------------------------------------------------------------

    \15\ http://www.whitehouse.gov/omb/circulars/a130/a130trans4.html.
---------------------------------------------------------------------------

    (4) Public Law 107-347, Section 208, E-Gov Act of 2002, which 
aims to ensure privacy in the conduct of federal information 
activities.
    (5) Title 5, U.S.C. 552, The Freedom of Information Act, as 
amended, which provides for the disclosure of information maintained 
by Federal agencies to the public while allowing limited protections 
for privacy.
    (6) DoD Directive 5400.11, Department of Defense Privacy 
Program,\16\ December 13, 1999.
---------------------------------------------------------------------------

    \16\ http://www.dtic.mil/whs/directives/corres/html/540011.htm.
---------------------------------------------------------------------------

    (7) DoD 5400.11-R, Department of Defense Privacy Program,\17\ 
August 1983.
---------------------------------------------------------------------------

    \17\ http://www.dtic.mil/whs/directives/corres/html/540011r.htm.
---------------------------------------------------------------------------

    (8) Air Force Instruction 33-332, Air Force Privacy Act Program.
    (c) The Air Force Privacy Office is in the Office of the Air 
Force Chief Information Officer, Directorate of Plans and Policy, 
and is responsible for overseeing Air Force implementation of the 
Privacy Act.

Section B--Privacy and Systems Development

    System Privacy. Rapid advancements in computer technology make 
it possible to store and retrieve vast amounts of data of all kinds 
quickly and efficiently. These advancements have raised concerns 
about the impact of large computerized information systems on the 
privacy of data subjects. Public concerns about highly integrated 
information systems operated by the government make it imperative to 
commit to a positive and aggressive approach to protecting 
individual privacy. Air Force Chief Information Officer is requiring 
the use of this Privacy Impact Assessment in order to ensure that 
the systems the Air Force develops protect individuals' privacy. The 
Privacy Impact Assessment incorporates privacy into the development 
life cycle so that all system development initiatives can 
appropriately consider privacy issues from the earliest stages of 
design.
    (a) What is a Privacy Impact Assessment? The Privacy Impact 
Assessment is a process used to evaluate privacy in information 
systems. The process is designed to guide system owners and 
developers in assessing privacy through the early stages of 
development. The process consists of privacy training, gathering 
data from a project on privacy issues, and identifying and resolving 
the privacy risks. The Privacy Impact Assessment process is 
described in detail in Section C, Completing a Privacy Impact 
Assessment.
    (b) When is a Privacy Impact Assessment Done? The Privacy Impact 
Assessment is initiated in the early stages of the development of a 
system and completed as part of the required system life cycle 
reviews. Privacy must be considered when requirements are being 
analyzed and decisions are being made about data usage and system 
design. This applies to all of the development methodologies and 
system life cycles used in the Air Force.
    (c) Who completes the Privacy Impact Assessment? Both the system 
owner and system developers must work together to complete the 
Privacy Impact Assessment. System owners must address what data is 
to be used, how the data is to be used, and who will use the data. 
The system developers must address whether the implementation of the 
owner's requirements presents any threats to privacy.
    (d) What systems have to complete a Privacy Impact Assessment? 
Accomplish Privacy Impact Assessments when:
    (1) Developing or procuring information technology that 
collects, maintains, or disseminates information in identifiable 
form from or about members of the public.
    (2) Initiating a new collection of information, using 
information technology, that collects, maintains, or disseminates 
information in identifiable form for 10 or

[[Page 972]]

more persons excluding agencies, instrumentalities, or employees of 
the Federal Government.
    (3) Systems as described above that are undergoing major 
modifications.
    (e) The Air Force or Major Command Privacy Act Officer reserves 
the right to request that a Privacy Impact Assessment be completed 
on any system that may have privacy risks.

Section C--Completing a Privacy Impact Assessment

    The Privacy Impact Assessment. This section describes the steps 
required to complete a Privacy Impact Assessment. These steps are 
summarized in Table A4.1, Outline of Steps for Completing a Privacy 
Impact Assessment.
    Training. Training on the Privacy Impact Assessment will be 
available, on request, from the Major Command Privacy Act Officer. 
The training consists of describing the Privacy Impact Assessment 
process and provides detail about the privacy issues and privacy 
questions to be answered to complete the Privacy Impact Assessment. 
Major Command Privacy Act Officers may use Appendix E, Sections A, 
B, D, and E for this purpose. The intended audience is the personnel 
responsible for writing the Privacy Impact Assessment document.
    The Privacy Impact Assessment Document. Preparing the Privacy 
Impact Assessment document requires the system owner and developer 
to answer the privacy questions in Section E. A brief explanation 
should be written for each question. Issues that do not apply to a 
system should be noted as ``Not Applicable.'' During the development 
of the Privacy Impact Assessment document, the Major Command Privacy 
Act Officer will be available to answer questions related to the 
Privacy Impact Assessment process and other concerns that may arise 
with respect to privacy.
    Review of the Privacy Impact Assessment Document. Submit the 
completed Privacy Impact Assessment document to the Major Command 
Privacy Act Office for review. The purpose of the review is to 
identify privacy risks in the system.
    Approval of the Privacy Impact Assessment. The system life cycle 
review process (Command, Control, Communications, Computers, and 
Intelligence Support Plan) will be used to validate the 
incorporation of the design requirements to resolve the privacy 
risks. Major Command and Headquarters Air Force Functional CIOs will 
issue final approval of the Privacy Impact Assessment.

Table A4.1.--Outline of Steps for Completing a Privacy Impact Assessment
------------------------------------------------------------------------
            Step                      Who                 Procedure
------------------------------------------------------------------------
1..........................  System Owner, and      Request and complete
                              Developer.             Privacy Impact
                                                     Assessment
                                                     Training.
2..........................  System Owner, and      Answer the questions
                              Developer.             in Section E,
                                                     Privacy Questions.
                                                     For assistance
                                                     contact your Major
                                                     Command Privacy Act
                                                     Officer.
3..........................  System Owner, and      Submit the Privacy
                              Developer.             Impact Assessment
                                                     document to the
                                                     Major Command
                                                     Privacy Act
                                                     Officer.
4..........................  Major Command Privacy  Review the Privacy
                              Act Officer.           Impact Assessment
                                                     document to
                                                     identify privacy
                                                     risks from the
                                                     information
                                                     provided. The Major
                                                     Command Privacy Act
                                                     Officer will get
                                                     clarification from
                                                     the owner and
                                                     developer as
                                                     needed.
5..........................  System Owner and       The System Owner,
                              Developer, Major       Developer and the
                              Command Privacy Act    Major Command
                              Officer.               Privacy Act Officer
                                                     should reach
                                                     agreement on design
                                                     requirements to
                                                     resolve all
                                                     identified risks.
6..........................  System Owner,          Participate in the
                              Developer, and Major   required system
                              Command Privacy Act    life cycle reviews
                              Officer.               to ensure
                                                     satisfactory
                                                     resolution of
                                                     identified privacy
                                                     risks to obtain
                                                     formal approval
                                                     from the Major
                                                     Command or
                                                     Headquarters Air
                                                     Force Functional
                                                     CIO.
7..........................  Major Command or       Issue final approval
                              Headquarters Air       of Privacy Impact
                              Force Functional CIO.  Assessment, and
                                                     send a copy to Air
                                                     Force Chief
                                                     Information Officer/
                                                     P.
8..........................  Air Force Chief        When feasible,
                              Information Officer/   publish Privacy
                              P.                     Impact Assessment
                                                     on Freedom of
                                                     Information Act Web
                                                     page (http://www.foia.af.mil).
------------------------------------------------------------------------

Section D--Privacy Issues in Information Systems

Privacy Act of 1974, 5 U.S.C. 552a as Amended

    Title 5, U.S.C., 552a, The Privacy Act of 1974, as amended, 
requires Federal Agencies to protect personally identifiable 
information. It states specifically:
    Each agency that maintains a system of records shall:
    Maintain in its records only such information about an 
individual as is relevant and necessary to accomplish a purpose of 
the agency required to be accomplished by statute or by executive 
order of the President;
    Collect information to the greatest extent practicable directly 
from the subject individual when the information may result in 
adverse determinations about an individual's rights, benefits, and 
privileges under Federal programs;
    Maintain all records used by the agency in making any 
determination about any individual with such accuracy, relevance, 
timeliness, and completeness as is reasonably necessary to assure 
fairness to the individual in the determination;
    Establish appropriate administrative, technical and physical 
safeguards to ensure the security and confidentiality of records and 
to protect against any anticipated threats or hazards to their 
security or integrity which could result in substantial harm, 
embarrassment, inconvenience, or unfairness to any individual on 
whom information is maintained.

Definitions

    Accuracy--within sufficient tolerance for error to assure the 
quality of the record in terms of its use in making a determination.
    Completeness--all elements necessary for making a determination 
are present before such determination is made.
    Determination--any decision affecting an individual which, in 
whole or in part, is based on information contained in the record 
and which is made by any person or agency.
    Necessary--a threshold of need for an element of information 
greater than mere relevance and utility.
    Record--any item, collection or grouping of information about an 
individual and identifiable to that individual that is maintained by 
an agency.
    Relevance--limitation to only those elements of information that 
clearly bear on the determination(s) for which the records are 
intended.
    Routine Use--with respect to the disclosure of a record, the use 
of such record outside DoD for a purpose that is compatible with the 
purpose for which it was collected.
    System of Records--a group of any records under the control of 
any agency from which information is retrieved by the name of the 
individual or by some identifying number, symbol, or other 
identifying particular assigned to the individual.
    Timeliness--sufficiently current to ensure that any 
determination based on the record will be accurate and fair.

Information and Privacy

    To fulfill the commitment of the Air Force to protect personal 
information, several issues must be addressed with respect to 
privacy.

[[Page 973]]

    The use of information must be controlled.
    Information may be used only for a necessary and lawful purpose.
    Individuals must be informed in writing of the principal purpose 
and routine uses of the information being collected from them.
    Information collected for a particular purpose should not be 
used for another purpose without the data subject's consent unless 
such other uses are specifically authorized or mandated by law.
    Any information used must be sufficiently accurate, relevant, 
timely and complete to assure fair treatment of the individual.
    Given the availability of vast amounts of stored information and 
the expanded capabilities of information systems to process the 
information, it is foreseeable that there will be increased requests 
to share that information. With the potential expanded uses of data 
in automated systems it is important to remember that information 
can only be used for the purpose for which it was collected unless 
other uses are specifically authorized or mandated by law. If the 
data is to be used for other purposes, then the public must be 
provided notice of those other uses. These procedures do not in 
themselves create any legal rights, but are intended to express the 
full and sincere commitment of the Air Force to protect individual 
privacy rights and which provide redress for violations of those 
rights.

Data in the System

    The sources of the information in the system are an important 
privacy consideration if the data is gathered from other than Air 
Force records. Information collected from non-Air Force sources 
should be verified, to the extent practicable, for accuracy, that 
the information is current, and complete. This is especially 
important if the information will be used to make determinations 
about individuals.

Access to the Data

    Who has access to the data in a system must be defined and 
documented. Users of the data can be individuals, other systems, and 
other agencies. Individuals who have access to the data can be 
system users, system administrators, system owners, managers, and 
developers. When individuals are granted access to a system, their 
access should be limited, where possible, to only that data needed 
to perform their assigned duties. If individuals are granted access 
to all of the data in a system, procedures need to be in place to 
deter and detect browsing and unauthorized access. Other systems are 
any programs or projects that interface with the system and have 
access to the data. Other agencies can be International, Federal, 
state, or local entities that have access to Air Force data.

Attributes of the Data

    When requirements for the data to be used in the system are 
being determined, those requirements must include the privacy 
attributes of the data. The privacy attributes are derived from the 
legal requirements imposed by The Privacy Act of 1974. First, the 
data must be relevant and necessary to accomplish the purpose of the 
system. Second, the data must be complete, accurate, and timely. It 
is important to ensure the data has these privacy attributes in 
order to assure fairness to the individual in making decisions based 
on the data.

Maintenance of Administrative Controls

    Automation of systems can lead to the consolidation of 
processes, data, and the controls in place to protect the data. When 
administrative controls are consolidated, they should be evaluated 
so that all necessary controls remain in place to the degree 
necessary to continue to control access to and use of the data. 
Document record retention and disposal procedures and coordinate 
them with the Major Command Records Manager.

Section E--Privacy Questions

Data in the System

    1. Generally describe the information to be used in System the 
system.
    2. What are the sources of the information in the system?
    a. What Air Force files and databases are used?
    b. What Federal Agencies are providing data for use in the 
system?
    c. What State and local agencies are providing data for use in 
the system?
    d. What other third party sources will data be collected from?
    e. What information will be collected from the employee?
    3. Is data accurate and complete?
    a. How will data collected from sources other than Air Force 
records and the subject be verified for accuracy?
    b. How will data be checked for completeness?
    c. Is the data current? How do you know?
    4. Are the data elements described in detail and documented? If 
yes, what is the name of the document?

Access to the Data

    1. Who will have access to the data in the system Data (Users, 
Managers, System Administrators, Developers, Other)?
    2. How is access to the data by a user determined? Are criteria, 
procedures, controls, and responsibilities regarding access 
documented?
    3. Will users have access to all data on the system or will the 
user's access be restricted? Explain.
    4. What controls are in place to prevent the misuse (e.g., 
browsing) of data by those having access?
    5. Does the system share data with another system?
    a. Do other systems share data or have access to data in this 
system? If yes, explain.
    b. Who will be responsible for protecting the privacy rights of 
the employees affected by the interface?
    6. Will other agencies have access to the data in the system?
    a. Will other agencies share data or have access to data in this 
system (International, Federal, State, Local, Other)?
    b. How will the data be used by the agency?
    c. Who is responsible for assuring proper use of the data?
    d. How will the system ensure that agencies only get the 
information they are entitled to under applicable laws?

Attributes of the Data

    1. Is the use of the data both relevant and necessary Data to 
the purpose for which the system is being designed?
    2. Will the system create new data about an individual?
    a. Will the system derive new data or create previously 
unavailable data about an individual through aggregation from the 
information collected?
    b. Will the new data be placed in the individual's record?
    c. Can the system make determinations about the record subject 
that would not be possible without the new data?
    d. How will the new data be verified for relevance and accuracy?
    3. Is data being consolidated?
    a. If data is being consolidated, what controls are in place to 
protect the data from unauthorized access or use?
    b. If processes are being consolidated, are the proper controls 
remaining in place to protect the data and prevent unauthorized 
access? Explain.
    4. How will the data be retrieved? Is it retrieved by a personal 
identifier? If yes, explain.

Maintenance of Administrative Controls

    (1) a. Explain how the system and its use will ensure 
Administrative equitable treatment of record subjects.
    b. If the system is operated at more than one location, how will 
consistent use of the system and data be maintained?
    c. Explain any possibility of disparate treatment of individuals 
or groups.
    (2) a. Coordinate proposed maintenance and disposition of the 
records with the Major Command Records Manager.
    b. While the data is retained in the system, what are the 
requirements for determining if the data is still sufficiently 
accurate, relevant, timely, and complete to ensure fairness in 
making determinations?
    (3) a. Is the system using technologies in ways that the Air 
Force has not previously employed?
    b. How does the use of this technology affect personal privacy?
    (4) a. Will this system provide the capability to identify, 
locate, and monitor individuals? If yes, explain.
    b. Will this system provide the capability to identify, locate, 
and monitor groups of people? If yes, explain.
    c. What controls will be used to prevent unauthorized 
monitoring?
    (5) a. Under which Systems of Record notice does the system 
operate? Provide number and name.
    b. If the system is being modified, will the system of record 
require amendment or revision? Explain.

    Dated: December 24, 2003.
L.M. Bynum,
Alternate OSD Federal Register Liaison Officer, Department of Defense.

[FR Doc. 04-23 Filed 1-6-04; 8:45 am]
BILLING CODE 5001-06-P