[Federal Register Volume 59, Number 25 (Monday, February 7, 1994)]
[Unknown Section]
[Page 0]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 94-2667]
[[Page Unknown]]
[Federal Register: February 7, 1994]
-----------------------------------------------------------------------
FEDERAL RESERVE SYSTEM
12 CFR Part 261a
[Docket No. R-0826]
Rules Regarding Access to Personal Information Under the Privacy
Act
AGENCY: Board of Governors of the Federal Reserve System.
ACTION: Proposed rule.
-----------------------------------------------------------------------
SUMMARY: As part of its regulatory review and improvement process, the
Board of Governors of the Federal Reserve System (Board) is proposing
to revise and update its Rules Regarding Access to Personal Information
Under the Privacy Act (Access Rules).
DATES: Comments should be received by March 9, 1994.
ADDRESSES: Comments, which should refer to Docket No. R-0826, may be
mailed to Mr.William W. Wiles, Secretary, Board of Governors of the
Federal Reserve System, 20th Street and Constitution Avenue, NW.,
Washington, DC 20551. Comments may also be delivered to the guard
station in the Eccles Building courtyard entrance on 20th Street, NW.
(between Constitution Avenue and C Street, NW.) between 8:45 a.m. and
5:15 p.m. weekdays. Except as provided in the Board's Rules Regarding
Availability of Information (12 CFR 261.8), comments received at the
above address will be available for inspection and copying by any
member of the public in the Freedom of Information Office, Room MP-500,
between 9 a.m. and 5 p.m. weekdays.
FOR FURTHER INFORMATION CONTACT: Elaine M. Boutilier, Senior Attorney
(202/452-2418), Legal Division, Board of Governors of the Federal
Reserve System. For the hearing impaired only, Telecommunication Device
for the Deaf (TDD), Dorothea Thompson (202/452-3544), Board of
Governors of the Federal Reserve System, 20th Street and Constitution
Avenue, NW., Washington, DC 20551.
SUPPLEMENTARY INFORMATION: The Board's Access Rules implement the
Privacy Act of 1974 (5 U.S.C. 552a). This proposed revision of the
Board's Access Rules is a part of the Board's ongoing program to review
and update its existing regulations. There have been no substantive
changes to the Privacy Act recently, accordingly, there is no need for
substantive changes to the Board's Privacy Act Rules. The most
significant change proposed to the Board's Privacy Act Rules is the
establishment of special procedures for requesting access or amendment
to records maintained by the Board's Office of the Inspector General,
which was established in 1989.
Most other proposed changes are procedural or administrative in
nature. The proposed regulation clarifies that the Secretary of the
Board is the official custodian of records with the delegated authority
to respond to requests for access or amendment, except for requests for
records maintained by the Office of the Inspector General. The
duplication fees to be charged for documents produced in response to a
request for access under the Privacy Act are proposed to be the same as
those charged for documents produced in response to a request under the
Freedom of Information Act (FOIA), because requests under the Privacy
Act are likely to be processed also under FOIA. (No fees for search or
review are proposed, because such fees are not authorized under the
Privacy Act.)
The Board proposes to change the special procedures for release of
medical records to clarify that release of medical records through a
licensed physician does not permit the licensed physician to withhold
the medical records from the requester. Rather, the licensed physician
is expected to provide access to the medical records while explaining
sensitive or complex information contained in the medical records.
Finally, the proposed rule specifically lists the Board's systems
of records that are exempt from certain provisions of the Privacy Act
to the extent they contain either law enforcement information or
reference information provided in confidence. Following adoption of
this proposed rule in final (after receipt and review of comments), the
Board intends to review and update the Board's systems of records.
As required by Regulatory Flexibility Act (5 U.S.C. 603(b)), a
``description of the reasons why action by the agency is being
considered'' and a ``succinct statement of the objectives or, and legal
basis for, the proposed rule'' are found elsewhere in this preamble.
The Board proposes that the provisions in this rule be applicable to
all persons submitting requests for access to information under the
Privacy Act of 1974 (5U.S.C. 552a). An exemption for small entities is
not appropriate because the Privacy Act protects the privacy of
individuals from unauthorized access by any entity. This proposed rule
is not expected to have any significant impact on small entities.
List of Subjects in 12 CFR Part 261a
Privacy.
For the reasons set forth in the preamble, 12 CFR part 261a is
proposed to be revised to read as follows:
PART 261a--RULES REGARDING ACCESS TO PERSONAL INFORMATION UNDER THE
PRIVACY ACT OF 1974
Subpart A--General Provisions
Sec.
261a.1 Authority and purpose.
261a.2 Definitions.
261a.3 Custodian of records; delegations of authority.
261a.4 Fees.
Subpart B--Procedures for Requests by Individual to Whom Record
Pertains
Sec.
261a.5 Request for access to record.
261a.6 Board procedures for responding to request for access.
261a.7 Special procedures for medical records.
261a.8 Request for amendment to record.
261a.9 Agency review of request for amendment of record.
261a.10 Appeal of adverse determination of request for access or
amendment.
Subpart C--Disclosure to Person Other than Individual to Whom Record
Pertains
Sec.
261a.11 Restrictions on disclosure.
261a.12 Exceptions.
Subpart D--Exempt Records
Sec.
261a.13 Exemptions.
Authority: 5 U.S.C. 552a.
Subpart A--General Provisions
Sec. 261a.1 Authority and purpose.
(a) Authority. This part is issued by the Board of Governors of the
Federal Reserve System (the Board) pursuant to the Privacy Act of 1974
(5 U.S.C. 552a).
(b) Purpose. The purpose of this part is to implement the
provisions of the Privacy Act of 1974 (5 U.S.C. 552a) with regard to
the maintenance, protection, disclosure, and amendment of records
contained within systems of records maintained by the Board.
Sec. 261a.2 Definitions.
For the purposes of this part, the following definitions apply:
(a) Business day means any day except a Saturday, a Sunday or a
legal Federal holiday.
(b) Designated system of records means a system of records
maintained by the Board that has been listed in the Federal Register
pursuant to the requirements of 5 U.S.C. 552a(e).
(c) Guardian means the parent of a minor, or the legal guardian of
any individual who has been declared to be incompetent due to physical
or mental incapacity or age by a court of competent jurisdiction.
(d) Individual means a natural person who is either a citizen of
the United States or an alien lawfully admitted for permanent
residence.
(e) Maintain includes maintain, collect, use, disseminate, or
control.
(f) Record means any item, collection, or grouping of information
about an individual maintained by the Board that contains the
individual's name, or the identifying number, symbol, or other
identifying particular assigned to the individual, such as a
fingerprint, voice print, or photograph.
(g) Routine use means, with respect to disclosure of a record, the
use of such record for a purpose that is compatible with the purpose
for which it was collected or created.
(h) System of records means a group of any records under the
control of the Board from which information is retrieved by the name of
the individual or by some identifying number, symbol, or other
identifying particular assigned to the individual.
Sec. 261a.3 Custodian of records; delegations of authority.
(a) Custodian of records. The Secretary of the Board is the
official custodian of all records of the Board in the possession or
control of the Board.
(b) Delegated authority of Secretary. With regard to this
regulation, the Secretary of the Board is delegated the authority to:
(1) Respond to requests for access or amendment, except for such
requests regarding systems of records maintained by the Board's Office
of the Inspector General;
(2) Approve the publication of new systems of records and to amend
existing systems of records;
(3) File the biennial reports required by the Privacy Act.
(c) Delegated authority of designee. Any action or determination
required or permitted by this part to be done by the Secretary of the
Board may be done by an Associate Secretary or other responsible
employee of the Board who has been duly designated for this purpose by
the Secretary.
(d) Delegated authority of Inspector General. With regard to
systems of records maintained by the Office of the Inspector General
(OIG), the Inspector General is delegated the authority to respond to
requests for access or amendment.
Sec. 261a.4 Fees.
(a) Copies of records. Copies of records requested pursuant to
Sec. 261a.5 of this part shall be provided at the same cost charged
for duplication of records and/or production of computer output under
Sec. 261.10 of this chapter.
(b) No fee. Documents may be furnished without charge where total
charges are less than $5.
(c) Waiver of fees. In connection with any request by an employee,
former employee, or applicant for employment, for records for use in
prosecuting a grievance or complaint of discrimination against the
Board, fees shall be waived where the total charges (including charges
for information provided under the Freedom of Information Act) are $50
or less; but the Secretary may waive fees in excess of that amount.
Subpart B--Procedures for Requests by Individual to Whom Record
Pertains
Sec. 261a.5 Request for access to record.
(a) Procedures for making request.
(1) Any individual (or guardian of an individual) other than a
current Board employee desiring to learn of the existence of, or to
gain access to, his or her record in a designated system of records
shall submit a request in writing to the Secretary of the Board, Board
of Governors of the Federal Reserve System, 20th Street and
Constitution Avenue, NW., Washington, DC 20551.
(2) A request by a current Board employee for that employee's own
personnel records may be made in person during regular business hours
at the Division of Human Resources, Board of Governors of the Federal
Reserve System, 20th Street and Constitution Avenue, NW., Washington,
DC 20551.
(3) A request a by current Board employee for information other
than personnel information may be made in person during regular
business hours at the Freedom of Information Office, Board of Governors
of the Federal Reserve System, 20th Street and Constitution Avenue,
NW., Washington, DC 20551.
(4) Requests for information contained in a system of records
maintained by the Board's OIG shall be submitted in writing to the
Inspector General, Board of Governors of the Federal Reserve System,
20th Street and Constitution Avenue, NW., Washington, DC 20551.
(b) Contents of request. A request made pursuant to paragraph (a)
of this section shall include the following:
(1) A statement that it is made pursuant to the Privacy Act of
1974;
(2) The name of the system of records expected to contain the
record requested or a concise description of such system of records;
(3) Necessary information to verify the identity of the requester
pursuant to paragraph (c) of this section; and
(4) Any other information that may assist in the rapid
identification of the record for which access is being requested (e.g.,
maiden name, dates of employment, etc.).
(c) Verification of identity. The Board shall require proof of
identity from a requester and reserves the right to determine the
adequacy of such proof. In general, the following shall be considered
adequate proof of identity:
(1) For a current Board employee, his or her Board identification
card; or
(2) For an individual other than a current Board employee, either:
(i) Two forms of identification, one of which must have a picture
of the individual requesting access; or
(ii) A notarized statement attesting to the identity of the
requester.
(d) Verification of identity not required. No verification of
identity shall be required of individuals seeking access to records
that are otherwise available to any person under 5 U.S.C. 552, Freedom
of Information Act.
(e) Request for accounting of previous disclosures. An individual
making a request pursuant to paragraph (a) of this section may also
include a request for an accounting (pursuant to 5 U.S.C. 552a(c)) of
previous disclosures of records pertaining to such individual in a
designated system of records.
Sec. 261a.6 Board procedures for responding to request for access.
(a) Compliance with Freedom of Information Act. Every request made
pursuant to Sec. 261a.5 of this part shall also be handled by the
Board as a request for information pursuant to the Freedom of
Information Act (5 U.S.C. 552), except that the time limits set forth
in paragraph (b) of this section and the fees specified in Sec. 261a.4
of this part shall apply to such requests.
(b) Time limits. Every request made pursuant to Sec. 261a.5 of
this part shall be acknowledged or, where practicable, substantially
responded to within 10 business days from receipt of the request.
(c) Disclosure. (1) Information to be disclosed pursuant to this
part and the Privacy Act, except for information maintained by the
Board's OIG, shall be made available for inspection and copying during
regular business hours at the Board's Freedom of Information Office.
(2) Information to be disclosed that is maintained by the Board's
OIG shall be made available for inspection and copying at the OIG.
(3) When the requested record cannot reasonably be put into a form
for individual inspection (e.g., computer tapes), or when the requester
asks that the information be forwarded, copies of such information
shall be mailed to the requester.
(4) Access to or copies of requested information shall be promptly
provided after the acknowledgement as provided in paragraph (b) of this
section, unless good cause for delay is communicated to the requester.
(d) Other authorized presence. The requester of information may be
accompanied in the inspection of that information by a person of the
requester's own choosing upon the requester's submission of a written
and signed statement authorizing the presence of such person.
(e) Denial of request. A denial of a request made pursuant to Sec.
261a.5 of this part shall include a statement of the reason(s) for
denial and the procedures for appealing such denial.
Sec. 261a.7 Special procedures for medical records.
Medical or psychological records requested pursuant to Sec. 261a.5
of this part shall be disclosed directly to the requester unless such
disclosure could, in the judgment of the Privacy Officer, in
consultation with the Board's physician, have an adverse effect upon
the requester. Upon such determination, the information shall be
transmitted to a licensed physician named by the requester, who will
disclose those records to the requester in a manner the physician deems
appropriate.
Sec. 261a.8 Request for amendment to record.
(a) Procedures for making request.
(1) An individual desiring to amend a record in a designated system
of records that pertains to him or her shall submit a request in
writing to the Secretary of the Board (or to the Inspector General for
records in a system of records maintained by the OIG) in an envelope
clearly marked ``Privacy Act Amendment Request.''
(2) Each request for amendment of a record shall:
(i) Identify the system of records containing the record for which
amendment is requested;
(ii) Specify the portion of that record requested to be amended;
and
(iii) Describe the nature of and reasons for each requested
amendment.
(3) Each request for amendment shall be subject to verification of
identity under the procedures set forth in Sec. 261a.5(c) of this
part, unless such verification has already been made in a related
request for access or amendment.
(b) Burden of proof. The request for amendment shall set forth the
reasons the individual believes the record is not accurate, relevant,
timely, or complete. The burden of proof for demonstrating the
appropriateness of the requested amendment rests with the requester,
and the requester shall provide relevant and convincing evidence in
support of the request.
Sec. 261a.9 Board review of request for amendment of record.
(a) Time limits. The Board shall acknowledge a request for
amendment within 10 business days of receipt of the request. Such
acknowledgement may request additional information necessary for a
determination on the request for amendment. To the extent possible, a
determination upon a request to amend a record shall be made within 10
business days after receipt of the request.
(b) Contents of response to request for amendment. The response to
a request for amendment shall include the following:
(1) The decision to grant or deny, in whole or in part, the request
for amendment; and
(2) If the request is denied:
(i) The reasons for denial of any portion of the request for
amendment;
(ii) The requester's right to appeal any denial; and
(iii) The procedures for appealing the denial to the appropriate
official.
Sec. 261a.10 Appeal of adverse determination of request for access or
amendment.
(a) Appeal. A requester may appeal a denial of a request made
pursuant to Sec. 261a.5 or Sec. 261a.8 of this part to the Board, or
any official designated by the chairman of the Board, within 10
business days of issuance of notification of denial. The appeal shall:
(1) Be made in writing to the Secretary of the Board, with the
words ``PRIVACY ACT APPEAL'' written prominently on the first page;
(2) Specify the previous background of the request; and
(3) Provide reasons why the initial denial is believed to be in
error.
(b) Determination. The Board or an official designated by the
Chairman of the Board shall make a determination with respect to such
appeal not later than 30 business days from its receipt, unless the
time is extended for good cause shown.
(1) If the Board or designated official grants an appeal regarding
a request for amendment, the Board shall take the necessary steps to
amend the record, and, when appropriate and possible, notify prior
recipients of the record of the Board's action.
(2) If the Board or designated official denies an appeal, the Board
shall inform the requester of such determination, give a statement of
the reasons therefore, and inform the requester of the right of
judicial review of the determination.
(c) Statement of disagreement. (1) Upon receipt of a denial of an
appeal regarding a request for amendment, the requester may file a
concise statement of disagreement with the denial. Such statement shall
be maintained with the record the requester sought to amend, and any
disclosure of the record shall include a copy of the statement of
disagreement.
(2) When practicable and appropriate, the Board shall provide a
copy of the statement of disagreement to any person or other agency to
whom the record was previously disclosed.
Subpart C--Disclosure to Person Other than Individual to Whom
Record Pertains
Sec. 261a.11 Restrictions on disclosure.
No record contained in a designated system of records shall be
disclosed to any person or agency without the prior written consent of
the individual to whom the record pertains unless the disclosure is
authorized by Sec. 261a.12 of this part.
Sec. 261a.12 Exceptions.
The restrictions on disclosure in Sec. 261a.11 of this part do not
apply to any disclosure:
(a) To those officers and employees of the Board who have a need
for the record in the performance of their duties;
(b) That is required under the Freedom of Information Act (5 U.S.C.
552);
(c) For a routine use listed with respect to a designated system of
records;
(d) To the Bureau of the Census for purposes of planning or
carrying out a census or survey or related activity pursuant to the
provisions of title 13 of the United States Code;
(e) To a recipient who has provided the Board with advance adequate
written assurance that the record will be used solely as a statistical
research or reporting record, and the record is to be transferred in a
form that is not individually identifiable;
(f) To the National Archives of the United States as a record that
has sufficient historical or other value to warrant its continued
preservation by the United States government, or for evaluation by the
administrator of General Services or his designee to determine whether
the record has such value;
(g) To another agency or to an instrumentality of any governmental
jurisdiction within or under the control of the United States for a
civil or criminal law enforcement activity if the activity is
authorized by law, and if the head of the agency or instrumentality has
made a written request to the Board specifying the particular portion
desired and the law enforcement activity for which the record is
sought;
(h) To a person pursuant to a showing of compelling circumstances
affecting the health or safety of an individual if upon such disclosure
notification is transmitted to the last known address of such
individual;
(i) To either House of Congress, or, to the extent of matter within
its jurisdiction, any committee or subcommittee thereof, any joint
committee of Congress or subcommittee of any such joint committee;
(j) To the Comptroller General, or any of his authorized
representatives, in the course of the performance of the duties of the
General Accounting Office;
(k) Pursuant to the order of a court of competent jurisdiction; or
(l) To a consumer reporting agency in accordance with 31 U.S.C.
3711(f).
Subpart D--Exempt Records
Sec. 261a.13 Exemptions.
(a) Information compiled for civil action. Nothing in this
regulation shall allow an individual access to any information compiled
in reasonable anticipation of a civil action or proceeding.
(b) Law enforcement information. Pursuant to section (k)(2) of the
Privacy Act of 1974 (5 U.S.C. 552a(k)(2)), the Board has deemed it
necessary to exempt certain designated systems of records maintained by
the Board from the requirements of the Privacy Act concerning access to
accountings of disclosures and to records, maintenance of only relevant
and necessary information in files, and certain publication provisions,
respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I),
and (f), and Secs. 261a.5, 261a.7 and 261a.8 of this part.
Accordingly, the following designated systems of records are exempt
from these provisions, but only to the extent that they contain
investigatory materials compiled for law enforcement purposes:
(1) BGFRS-1 Recruiting and Placement Records.
(2) BGFRS-2 Personnel Background Investigation Reports.
(3) BGFRS-4 General Personnel Records.
(4) BGFRS-5 EEO Discrimination Complaint File.
(5) BGFRS-9 Consultant and Staff Associate File.
(6) BGFRS-16 Regulation G Reports.
(7) BGFRS-18 Consumer Complaint Information System.
(8) BGFRS-21 Supervisory Tracking and Reference System.
(9) BGFRS/OIG-1 OIG Investigatory Records.
(c) Confidential references. Pursuant to section (k)(5) of the
Privacy Act of 1974 (5U.S.C. 552a(k)(5)), the Board has deemed it
necessary to exempt certain designated systems of records maintained by
the Board from the requirements of the Privacy Act concerning access to
accountings of disclosures and to records, maintenance of only relevant
and necessary information in files, and certain publication provisions,
respectively 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I),
and (f), and Secs. 261a.5, 261a.7 and 261a.8 of this part.
Accordingly, the following systems of records are exempt from these
provisions, but only to the extent that they contain investigatory
material compiled to determine an individual's suitability,
eligibility, and qualifications for Board employment or access to
classified information, and the disclosure of such material would
reveal the identity of a source who furnished information to the Board
under a promise of confidentiality.
(1) BGFRS-1 Recruiting and Placement Records.
(2) BGFRS-2 Personnel Background Investigation Reports.
(3) BGFRS-4 General Personnel Records.
(4) BGFRS-9 Consultant and Staff Associate File.
(5) BGFRS-10 General File on Board Members.
(6) BGFRS-11 Official General Files.
(7) BGFRS-13 General File of Examiners and Assistant Examiners at
Federal Reserve Banks.
(8) BGFRS-14 General File of Federal Reserve Bank and Branch
Directors.
(9) BGFRS-15 General Files of Federal Reserve Agents, Alternates
and Representatives at Federal Reserve Banks.
(10) BGFRS/OIG-2 OIG Personnel Records.
(d) Criminal law enforcement information. Pursuant to 5 U.S.C.
552a(j)(2), the Board has determined that portions of the OIG
Investigatory Records (BGFRS/OIG-1) shall be exempt from any part of
the Privacy Act (5 U.S.C. 552a), except the provisions regarding
disclosure, the requirement to keep an accounting, certain publication
requirements, certain requirements regarding the proper maintenance of
systems of records, and the criminal penalties for violation of the
Privacy Act, respectively, 5 U.S.C. 552a(b), (c)(1), and (2), (e)(4)(A)
through (F), (e)(6), (e)(7), (e)(9), (e)(10), (e)(11) and (i). This
designated system of records is maintained by the OIG, a Board
component that performs as its principal function an activity
pertaining to the enforcement of criminal laws, and the exempt portions
of the records consist of:
(1) Information compiled for the purpose of identifying individual
criminal offenders and alleged offenders;
(2) Information compiled for the purpose of a criminal
investigation, including reports of informants and investigators, and
associated with an identifiable individual; or
(3) Reports identifiable to an individual compiled at any stage of
the process of enforcement of the criminal laws from arrest or
indictment through release from supervision.
Board of Governors of the Federal Reserve System, February 1,
1994.
William W. Wiles,
Secretary of the Board.
[FR Doc. 94-2667 Filed 2-4-94; 8:45 am]
BILLING CODE 6210-01-F
