94-13279. DEPARTMENT OF DEFENSE  

  • [Federal Register Volume 59, Number 104 (Wednesday, June 1, 1994)]
    [Unknown Section]
    [Page 0]
    From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
    [FR Doc No: 94-13279]
    
    
    [[Page Unknown]]
    
    [Federal Register: June 1, 1994]
    
    
    =======================================================================
    -----------------------------------------------------------------------
    
    
    DEPARTMENT OF THE INTERIOR
     
    
    DEPARTMENT OF DEFENSE
    
    Department of the Navy
    
    32 CFR Part 701
    
    Privacy Act; Implementation
    
    AGENCY: Department of the Navy, DoD.
    ACTION: Proposed rule.
    
    -----------------------------------------------------------------------
    
    SUMMARY: The Department of the Navy has revised its Privacy Act 
    Instruction. This proposed rule re-establishes the Navy's Privacy 
    Program and incorporates the changes made to the revised Instruction.
    
    EFFECTIVE DATE: Comments must be received on or before August 1, 1994, 
    to be considered by this agency.
    
    ADDRESSES: Send comments to Mrs. Gwen Aitken, Office of the Chief of 
    Naval Operations (N09B30), 2000 Navy Pentagon, Washington, DC 20350-
    2000.
    
    FOR FURTHER INFORMATION CONTACT: Mrs. Gwen Aitken at (703) 697-1459 or 
    DSN 227-1459.
    
    SUPPLEMENTARY INFORMATION: Executive Order 12866. The Director, 
    Administration and Management, Office of the Secretary of Defense has 
    determined that this Privacy Act rule for the Department of Defense 
    does not constitute `significant regulatory action'. Analysis of the 
    rule indicates that it does not have an annual effect on the economy of 
    $100 million or more; does not create a serious inconsistency or 
    otherwise interfere with an action taken or planned by another agency; 
    does not materially alter the budgetary impact of entitlements, grants, 
    user fees, or loan programs or the rights and obligations of recipients 
    thereof; does not raise novel legal or policy issues arising out of 
    legal mandates, the President's priorities, or the principles set forth 
    in Executive Order 12866 (1993).
    
    Regulatory Flexibility Act of 1980. The Director, Administration and 
    Management, Office of the Secretary of Defense certifies that this 
    Privacy Act rule for the Department of Defense does not have 
    significant economic impact on a substantial number of small entities 
    because it is concerned only with the administration of Privacy Act 
    systems of records within the Department of Defense.
    
    Paperwork Reduction Act. The Director, Administration and Management, 
    Office of the Secretary of Defense certifies that this Privacy Act rule 
    for the Department of Defense imposes no information requirements 
    beyond the Department of Defense and that the information collected 
    within the Department of Defense is necessary and consistent with 5 
    U.S.C. 552a, known as the Privacy Act of 1974.
    
    List of Subjects in 32 CFR Part 701
    
        Privacy.
    
        Accordingly, 32 CFR part 701, subparts F and G are revised as 
    follows:
    
    PART 701 - AVAILABILITY OF DEPARTMENT OF THE NAVY RECORDS AND 
    PUBLICATION OF DEPARTMENT OF THE NAVY DOCUMENTS AFFECTING THE 
    PUBLIC
    
    
    Subpart F - Department of the Navy Privacy Act Program
    
    701.100 Purpose.
    701.101 Applicability.
    701.102 Definitions.
    701.103 Policy.
    701.104 Responsibility and authority.
    701.105 Systems of records.
    701.106 Safeguarding records in systems of records.
    701.107 Criteria for creating, altering, amending, and deleting 
    Privacy Act systems of records.
    701.108 Collecting information about individuals.
    701.109 Access to records.
    701.110 Amendment of records.
    701.111 Privacy Act appeals.
    701.112 Disclosure of records.
    701.113 Exemptions.
    701.114 Enforcement actions.
    701.115 Computer matching program.
    
    Subpart G - Privacy Act Exemptions
    
    701.116 Purpose.
    701.117 Exemption for classified records.
    701.118 Exemptions for specific Navy record systems.
    701.119 Exemptions for specific Marine Corps records systems.
    
        Authority:Pub. L. 93-579, 88 Stat 1896 (5 U.S.C. 552a).
    
    Subpart F-Department of the Navy Privacy Act Program
    
    
    Sec. 701.100  Purpose.
    
        This subpart F and subpart G of this part implement the Privacy Act 
    (5 U.S.C. 552a), and DoD Directive 5400.11\1\, and DoD 5400.11-R\2\, 
    (see 32 CFR part 310) and provides Department of the Navy policies and 
    procedures for:
    ---------------------------------------------------------------------------
    
        \1\Copies may be obtained, at cost, from the National Technical 
    Information Service, 5285 Port Royal Road, Springfield, VA 22161.
        \2\See footnote 1 to Sec. 701.100.
    ---------------------------------------------------------------------------
    
        (a) Governing the collection, safeguarding, maintenance, use, 
    access, amendment, and dissemination of personal information kept by 
    Department of the Navy in systems of records;
        (b) Notifying individuals if any systems of records contain a 
    record pertaining to them;
        (c) Verifying the identity of individuals who request their records 
    before the records are made available to them;
        (d) Notifying the public of the existence and character of each 
    system of records.
        (e) Exempting systems of records from certain requirements of the 
    Privacy Act; and
        (f) Governing the Privacy Act rules of conduct for Department of 
    the Navy personnel, who will be subject to criminal penalties for 
    noncompliance with 5 U.S.C. 552a, as amended by the Computer Matching 
    Act of 1988.
    
    
    Sec. 701.101  Applicability.
    
        This subpart and subpart G of this part apply throughout the 
    Department of the Navy. It is also applicable to contractors by 
    contract or other legally binding action, whenever a Department of the 
    Navy contract provides for the operation of a system of records or 
    portion of a system of records to accomplish a Department of the Navy 
    function. For the purposes of any criminal liabilities adjudged, any 
    contractor or any employee of such contractor is considered to be an 
    employee of Department of the Navy. In case of a conflict, this subpart 
    and subpart G of this part take precedence over any existing Department 
    of the Navy directive that deals with the personal privacy and rights 
    of individuals regarding their personal records, except for disclosure 
    of personal information required by 5 U.S.C. 552 (1988) as amended by 
    the Freedom of Information Reform Act and implemented by Secretary of 
    the Navy Instruction 5720.42E\3\, ``Department of the Navy Freedom of 
    Information Act Program.''
    ---------------------------------------------------------------------------
    
        \3\Copies available from Chief of Naval Operations (N09B30), 
    2000 Navy Pentagon, Washington, DC 20350-2000.
    ---------------------------------------------------------------------------
    
    
    Sec. 701.102  Definitions.
    
        For the purposes of this subpart and subpart G of this part, the 
    following meanings apply.
        (a) Access. The review or copying of a record or parts thereof 
    contained in a system of records by any individual.
        (b) Agency. For the purposes of disclosing records subject to the 
    Privacy Act between or among Department of Defense (DoD) components, 
    the Department of Defense is considered a single agency. For all other 
    purposes, Department of the Navy is considered an agency within the 
    meaning of Privacy Act.
        (c) Confidential source. A person or organization who has furnished 
    information to the Federal Government either under an express promise 
    that the person's or the organization's identity will be held in 
    confidence or under an implied promise of such confidentiality if this 
    implied promise was made before September 27, 1975.
        (d) Defense Data Integrity Board. Consists of members of the 
    Defense Privacy Board, as outlined in DoD Directive 5400.11 and, in 
    addition, the DoD Inspector General or the designee, when convened to 
    oversee, coordinate and approve or disapprove all DoD component 
    computer matching covered by the Privacy Act.
        (e) Disclosure. The transfer of any personal information from a 
    system of records by any means of communication (such as oral, written, 
    electronic, mechanical, or actual review), to any person, private 
    entity, or government agency, other than the subject of the record, the 
    subject's designated agent or the subject's legal guardian.
        (f) Federal personnel.  Officers and employees of the Government of 
    the United States, members of the uniformed services (including members 
    of the Reserve Components), individuals or survivors thereof, entitled 
    to receive immediate or deferred retirement benefits under any 
    retirement program of the Government of the United States (including 
    survivor benefits).
        (g) Individual. A living citizen of the United States or alien 
    lawfully admitted to the U.S. for permanent residence. The legal 
    guardian of an individual has the same rights as the individual and may 
    act on his or her behalf. No rights are vested in the representative of 
    a deceased person under this instruction and the term ``individual'' 
    does not embrace an individual acting in a non-personal capacity (for 
    example, sole proprietorship or partnership).
        (h) Individual access. Access to information pertaining to the 
    individual by the individual or his or her designated agent or legal 
    guardian.
        (i) Maintain. Includes maintain, collect, use, or disseminate.
        (j) Member of the public.  Any individual or party acting in a 
    private capacity.
        (k) Minor. Under this subpart and subpart G of this part, a minor 
    is an individual under 18 years of age, who is not a member of the U.S. 
    Navy or Marine Corps, nor married.
        (l) Official use. Under this subpart and subpart G of this part, 
    this term is used when Department of the Navy officials and employees 
    have a demonstrated need for the use of any record or the information 
    contained therein in the performance of their official duties.
        (m) Personal information. Information about an individual that is 
    intimate or private to the individual, as distinguished from 
    information related solely to the individual's official functions or 
    public life.
        (n) Privacy Act (PA) request. A request from an individual for 
    notification as to the existence of, access to, or amendment of records 
    pertaining to that individual. These records must be maintained in a 
    system of records.
        (o) Record. Any item, collection, or grouping of information about 
    an individual that is maintained by a naval activity including, but not 
    limited to, the individual's education, financial transactions, and 
    medical, criminal, or employment history, and that contains the 
    individual's name or other identifying particulars assigned to the 
    individual, such as a finger or voice print or a photograph.
        (p) Review authority. An official charged with the responsibility 
    to rule on administrative appeals of initial denials of requests for 
    notification, access, or amendment of records. The Secretary of the 
    Navy has delegated his review authority to the Assistant Secretary of 
    the Navy (Manpower and Reserve Affairs (ASN(M&RA)), the General Counsel 
    (OGC), and the Judge Advocate General (NJAG). Additionally, the Office 
    of Personnel Management (OPM) is the review authority for civilian 
    official personnel folders or records contained in any other OPM 
    record.
        (q) Risk assessment. An analysis which considers information 
    sensitivity, vulnerability, and cost to a computer facility or word 
    processing center in safeguarding personal information processed or 
    stored in the facility or center.
        (r) Routine use. Disclosure of a record outside the Department of 
    Defense for a purpose that is compatible with the purpose for which the 
    record was collected and maintained by the Department of Defense. The 
    routine use must have been included in the notice for the system of 
    records published in the Federal Register.
        (s) Statistical record. A record maintained only for statistical 
    research, or reporting purposes, and not used in whole or in part in 
    making any determination about a specific individual.
        (t) System manager. An official who has overall responsibility for 
    a system of records. He or she may serve at any level in Department of 
    the Navy. Systems managers are indicated in the published record 
    systems notices. If more than one official is indicated as a system 
    manager, initial responsibility resides with the manager at the 
    appropriate level (i.e., for local records, at the local activity).
        (u) System of records. A group of records under the control of a 
    Department of the Navy activity from which information is retrieved by 
    the individual's name or by some identifying number, symbol, or other 
    identifying particular assigned to the individual. System notices for 
    all Privacy Act systems of records must be published in the Federal 
    Register and are also published in periodic Chief of Naval Operations 
    Notes (OPNAVNOTEs) 5211\4\.
    ---------------------------------------------------------------------------
    
        \4\See footnote 3 to Sec. 701.101.
    ---------------------------------------------------------------------------
    
        (v) Word processing equipment. Any combination of electronic 
    hardware and computer software integrated in a variety of forms 
    (firmware, programmable software, hard wiring, or similar equipment) 
    that permits the processing of textual data. Generally, the equipment 
    contains a device to receive information, a computer-like processor 
    with various capabilities to manipulate the information, a storage 
    medium, and an output device.
        (w) Word processing system. A combination of equipment employing 
    automated technology, systematic procedures, and trained personnel for 
    the primary purpose of manipulating human thoughts and verbal or 
    written communications into a form suitable to the originator. The 
    results are written or graphic presentations intended to communicate 
    verbally or visually with another individual.
        (x) Working day. All days excluding Saturday, Sunday, and legal 
    holidays.
    
    
    Sec. 701.103  Policy.
    
        It is the policy of Department of the Navy to:
        (a) Ensure that all its personnel comply fully with 5 U.S.C. 552a, 
    DoD Directive 5400.11 and DoD 5400.11-R, to protect individuals from 
    unwarranted invasions of privacy. Individuals covered by this 
    protection are living citizens of the U.S. or aliens lawfully admitted 
    for permanent residence. A legal guardian of an individual or parent of 
    a minor when acting on the individual's or minor's behalf, has the same 
    rights as the individual or minor. (A member of the Armed Forces is not 
    a minor for the purposes of this subpart and subpart G of this part).
        (b) Collect, maintain, and use only that personal information 
    needed to support a Navy function or program as authorized by law or 
    E.O., and disclose this information only as authorized by 5 U.S.C. 552a 
    and this subpart and subpart G of this part. In assessing need, 
    consideration shall be given to alternatives, such as use of 
    information not individually identifiable or use of sampling of certain 
    data for certain individuals only. Additionally, consideration is to be 
    given to the length of time information is needed, and the cost of 
    maintaining the information compared to the risks and adverse 
    consequences of not maintaining the information.
        (c) Keep only personal information that is timely, accurate, 
    complete, and relevant to the purpose for which it was collected.
        (d) Let individuals have access to, and obtain copies of, all or 
    portions of their records, subject to exemption procedures authorized 
    by law and this subpart and subpart G of this part.
        (e) Let individuals request amendment of their records when 
    discrepancies proven to be erroneous, untimely, incomplete, or 
    irrelevant are noted.
        (f) Let individuals request an administrative review of decisions 
    that deny them access, or refuse to amend their records.
        (g) Ensure that adequate safeguards are enforced to prevent misuse, 
    unauthorized disclosure, alteration, or destruction of personal 
    information in records.
        (h) Maintain no records describing how an individual exercises his 
    or her rights guaranteed by the First Amendment (freedom of religion, 
    political beliefs, speech, and press; peaceful assemblage; and petition 
    for redress of grievances), unless they are:
        (1) Expressly authorized by statute;
        (2) Authorized by the individual;
        (3) Within the scope of an authorized law enforcement activity; or
        (4) For the maintenance of certain items of information relating to 
    religious affiliation for members of the naval service who are 
    chaplains. This should not be construed, however, as restricting or 
    excluding solicitation of information which the individual is willing 
    to have in his or her record concerning religious preference, 
    particularly that required in emergency situations.
        (5) Maintain only systems of records which have been published in 
    the Federal Register, in accordance with periodic Chief of Naval 
    Operations Notes (OPNAVNOTEs) 5211 and Sec. 701.105. These OPNAVNOTEs 
    5211 provide a listing of all Department of the Navy Privacy Act 
    systems of records and identify the Office of Personnel Management 
    (OPM) government-wide systems containing information on Department of 
    the Navy civilian employees, even though technically, Department of the 
    Navy does not have cognizance over them. A Privacy Act systems notice 
    outlines what kinds of information may be collected and maintained by 
    naval activities. When collecting/maintaining information in a Privacy 
    Act system of records, review the systems notice to ensure activity 
    compliance is within the scope of the system. If you determine the 
    systems notice does not meet your needs, contact the systems manager or 
    Chief of Naval Operations (N09B30) with your concerns so that amendment 
    of the system may be considered.
    
    
    Sec. 701.104  Responsibility and authority.
    
        (a) Chief of Naval Operations (CNO). CNO is designated as the 
    official responsible for administering and supervising the execution of 
    5 U.S.C. 552a, DoD Directive 5400.11, and DoD 5400.11-R. CNO has 
    designated the Assistant Vice Chief of Naval Operations (N09B30) as 
    principal Privacy Act Coordinator for the Department of the Navy to:
        (1) Set Department of the Navy policy on the provisions of the 
    Privacy Act.
        (2) Serve as principal advisor on all Privacy Act matters.
        (3) Oversee the administration of the Privacy Act program, which 
    includes preparing the Department of the Navy Privacy Act report for 
    submission to Congress.
        (4) Develop Navy-wide Privacy Act training program and serve as 
    training-oversight manager.
        (5) Conduct staff assistance visits within Department of the Navy 
    to review compliance with 5 U.S.C. 552a and this subpart and subpart G 
    of this part.
        (6) Coordinate and prepare responses for Privacy Act requests 
    received for Office of the Secretary of the Navy records.
        (b) Commandant of the Marine Corps (CMC). CMC is responsible for 
    administering and supervising the execution of this subpart and subpart 
    G of this part within the Marine Corps. The Commandant has designated 
    the Director, Manpower Management Information Systems Division (HQMC 
    (Code MI)) as the Privacy Act coordinator for Headquarters, U.S. Marine 
    Corps.
        (c) Privacy Act Coordinator. Each addressee is responsible for 
    implementing and administering a Privacy Act program under this subpart 
    and subpart G of this part. Each addressee shall designate a Privacy 
    Act Coordinator to:
        (1) Serve as principal point of contact on Privacy Act matters.
        (2) Provide training for activity/command personnel on the 
    provisions of 5 U.S.C. 552a and this subpart and subpart G of this 
    part.
        (3) Issue implementing instruction which designates the activity's 
    Privacy Act Coordinator, Privacy Act records disposition, Privacy Act 
    processing procedures, identification of Privacy Act systems of records 
    under their cognizance, and training aids for those personnel involved 
    with systems of records.
        (4) Review internal directives, practices, and procedures, 
    including those having Privacy Act implications and where Privacy Act 
    Statements (PASs) are needed.
        (5) Compile input and submit consolidated Privacy Act report to 
    Echelon 2 Privacy Act Coordinator, who, in turn, will provide 
    consolidated report to CNO (N09B30).
        (6) Maintain liaison with records management officials (i.e., 
    maintenance and disposal procedures and standards, forms, and reports), 
    as appropriate.
        (7) Provide guidance on handling Privacy Act requests and scope of 
    Privacy Act exemptions.
        (8) Conduct staff assistance visits within command and lower 
    echelon commands to ensure compliance with the Privacy Act.
        (9) Echelon 2 Privacy Act Coordinators shall provide CNO (N09B30) 
    with a complete listing of all Privacy Act Coordinators under their 
    jurisdiction. Such information should include activity name and 
    address, office code, name of Privacy Act Coordinator, commercial and 
    DSN telephone number, and FAX number, if applicable.
        (d) Release authority. Officials having cognizance over the 
    requested subject matter are authorized to respond to requests for 
    notification, access, and/or amendment of records. These officials 
    could also be systems managers (see Sec. 701.104(g)).
        (e) Denial authority. Within the Department of the Navy, the 
    following chief officials, their respective vice commanders, deputies, 
    principal assistants, and those officials specifically designated by 
    the chief official are authorized to deny requests, either in whole or 
    in part, for notification, access and amendment, made under this 
    subpart and subpart G of this part, when the records relate to matters 
    within their respective areas of responsibility or chain of command:
        (1) Department of the Navy: Civilian Executive Assistants; CNO; 
    CMC; Chief of Naval Personnel; Commanders of the Naval Systems 
    Commands, Office of Naval Intelligence, Naval Security Group Command, 
    Naval Imaging Command, and Naval Computer and Telecommunications 
    Command; Chief, Bureau of Medicine and Surgery; Auditor General of the 
    Navy; Naval Inspector General; Director, Office of Civilian Personnel 
    Management; Chief of Naval Education and Training; Commander, Naval 
    Reserve Force; Chief of Naval Research; Commander, Naval Oceanography 
    Command; heads of Department of the Navy Staff Offices, Boards, and 
    Councils; Flag Officers and General Officers. NJAG and his Deputy, and 
    OGC and his Deputies are excluded from this grant of authorization. 
    While NJAG and OGC are not denial authorities, they are authorized to 
    further delegate the authority conferred here to other senior officers/
    officials within NJAG and OGC.
        (2) For the shore establishment:
        (i) All officers authorized under Article 22, Uniform Code of 
    Military Justice (UCMJ) or designated in section 0120, Manual of the 
    Judge Advocate General (JAGINST 5800.7C)\5\, to convene general courts-
    martial.
    ---------------------------------------------------------------------------
    
        \5\Copies available from the Judge Advocate General, Navy 
    Department, 200 Stovall Street, Alexandria, VA 22332-2400.
    ---------------------------------------------------------------------------
    
        (ii) Commander, Naval Investigative Service Command.
        (iii) Deputy Commander, Naval Legal Service Command.
        (3) In the Operating Forces: All officers authorized by Article 22, 
    Uniform Code of Military Justice (UCMJ), or designated in section 0120, 
    Manual of the Judge Advocate General (JAGINST 5800.7C), to convene 
    general courts-martial.
        (f) Review authority. (1) The Assistant Secretary of the Navy 
    (Manpower and Reserve Affairs), is the Secretary's designee, and shall 
    act upon requests for administrative review of initial denials of 
    requests for amendment of records related to fitness reports and 
    performance evaluations of military personnel (see Sec. 701.111(c)(3)).
        (2) The Judge Advocate General and General Counsel, as the 
    Secretary's designees, shall act upon requests for administrative 
    review of initial denials of records for notification, access, or 
    amendment of records, as set forth in Sec. 701.111(c)(2) and (4).
        (3) The authority of the Secretary of the Navy (SECNAV), as the 
    head of an agency, to request records subject to the Privacy Act from 
    an agency external to the Department of Defense for civil or criminal 
    law enforcement purposes, under subsection (b)(7) of 5 U.S.C. 552a, is 
    delegated to the Commandant of the Marine Corps, the Director of Naval 
    Intelligence, the Judge Advocate General, and the General Counsel.
        (g) Systems manager. Systems managers, as designated in Department 
    of the Navy's compilation of systems notices (periodic Chief of Naval 
    Operations Notes (OPNAVNOTEs) 5211\6\, ``Current Privacy Act 
    Issuances'') shall:
    ---------------------------------------------------------------------------
    
        \6\See footnote 3 to Sec. 701.101.
    ---------------------------------------------------------------------------
    
        (1) Ensure the system has been published in the Federal Register 
    and that any additions or significant changes are submitted to CNO 
    (N09B30) for approval and publication. The systems of records should be 
    maintained in accordance with the systems notices as published in the 
    periodic Chief of Naval Operations Notes (OPNAVNOTEs) 5211, ``Current 
    Privacy Act Issuances.''
        (2) Maintain accountability records of disclosures.
        (h) Department of the Navy employees. Each employee of the 
    Department of the Navy has certain responsibilities for safeguarding 
    the rights of others. These include:
        (1) Not disclosing any information contained in a system of records 
    by any means of communication to any person or agency, except as 
    authorized by this subpart and subpart G of this part.
        (2) Not maintaining unpublished official files which would fall 
    under the provisions of 5 U.S.C. 552a.
        (3) Safeguarding the privacy of individuals and confidentiality of 
    personal information contained in a system of records.
    
    
    Sec. 701.105  Systems of records.
    
        To be subject to this subpart and subpart G of this part, a 
    ``system of records'' must consist of ``records'' that are retrieved by 
    the name, or some other personal identifier, of an individual and be 
    under the control of Department of the Navy.
        (a) Retrieval practices. (1) Records in a group of records that are 
    not retrieved by personal identifiers are not covered by this subpart 
    and subpart G of this part, even if the records contain information 
    about individuals and are under the control of Department of the Navy. 
    The records must be retrieved by personal identifiers to become a 
    system of records.
        (2) If records previously not retrieved by personal identifiers are 
    rearranged so they are retrieved by personal identifiers, a new system 
    notice must be submitted in accordance with Sec. 701.107.
        (3) If records in a system of records are rearranged so retrieval 
    is no longer by personal identifiers, the records are no longer subject 
    to this subpart and subpart G of this part and the records system 
    notice should be deleted in accordance with Sec. 701.107.
        (b) Recordkeeping standards. A record maintained in a system of 
    records subject to this subpart and subpart G of this part must meet 
    the following criteria:
        (1) Be accurate. All information in the record must be factually 
    correct.
        (2) Be relevant. All information contained in the record must be 
    related to the individual who is the record subject and also must be 
    related to a lawful purpose or mission of the Department of the Navy 
    activity maintaining the record.
        (3) Be timely. All information in the record must be reviewed 
    periodically to ensure that it has not changed due to time or later 
    events.
        (4) Be complete. It must be able to stand alone in accomplishing 
    the purpose for which it is maintained.
        (5) Be necessary. All information in the record must be needed to 
    accomplish a Department of the Navy mission or purpose established by 
    Federal Law or E.O. of the President.
        (c) Authority to establish systems of records. Identify the 
    specific Federal statute or E.O. of the President that authorizes 
    maintaining each system of records. When a naval activity uses its 
    ``internal housekeeping'' statute, i.e., 5 U.S.C. 301, Departmental 
    Regulations, the naval instruction that implements the statute should 
    also be identified. A statute or E.O. authorizing a system of records 
    does not negate the responsibility to ensure the information in the 
    system of records is relevant and necessary.
        (d) Exercise of First Amendment rights. (1) Do not maintain any 
    records describing how an individual exercises rights guaranteed by the 
    First Amendment of the U.S. Constitution unless expressly authorized by 
    Federal law; the individual; or pertinent to and within the scope of an 
    authorized law enforcement activity.
        (2) First amendment rights include, but are not limited to, freedom 
    of religion, freedom of political beliefs, freedom of speech, freedom 
    of the press, the right to assemble, and the right to petition.
        (e) System manager's evaluations and reviews. (1) Evaluate each new 
    system of records. Before establishing a system of records, evaluate 
    the information to be included and consider the following:
        (i) The relationship of each item of information to be collected 
    and retained to the purpose for which the system is maintained (all 
    information must be relevant to the purpose);
        (ii) The specific impact on the purpose or mission if each category 
    of information is not collected (all information must be necessary to 
    accomplish a lawful purpose or mission.);
        (iii) The ability to meet the informational needs without using 
    personal identifiers (will anonymous statistical records meet the 
    needs?);
        (iv) The length of time each item of information must be kept;
        (v) The methods of disposal;
        (vi) The cost of maintaining the information; and
        (vii) Whether a system already exists that serves the purpose of 
    the new system.
        (2) Evaluate and review all existing systems of records.
        (i) When an alteration or amendment of an existing system is 
    prepared pursuant to Sec. 701.107(b) and (c), do the evaluation 
    described in Sec. 701.105(e).
        (ii) Conduct the following reviews annually and be prepared to 
    report, in accordance with Sec. 701.104(c)(8), the results and 
    corrective actions taken to resolve problems uncovered.
        (A) Training practices to ensure all personnel are familiar with 
    the requirements of 5 U.S.C. 552a, and DoD Directive 5400.11, ``DoD 
    Privacy Program'', this subpart and subpart G of this part, and any 
    special needs their specific jobs entail.
        (B) Recordkeeping and disposal practices to ensure compliance with 
    this subpart and subpart G of this part.
        (C) Ongoing computer matching programs in which records from the 
    system have been matched with non-DoD records to ensure that the 
    requirements of Sec. 701.115 have been met.
        (D) Actions of Department of the Navy personnel that resulted in 
    either Department of the Navy being found civilly liable or a person 
    being found criminally liable under 5 U.S.C. 552a, to determine the 
    extent of the problem and find the most effective way of preventing the 
    problem from occurring in the future.
        (E) Each system of records notice to ensure it accurately describes 
    the system. Where major changes are needed, alter the system notice in 
    accordance with Sec. 701.107(b). If minor changes are needed, amend the 
    system notice pursuant to Sec. 701.107(c).
        (iii) Every even-numbered year, review a random sample of 
    Department of the Navy contracts that provide for the operation of a 
    system of records to accomplish a Department of the Navy function, to 
    ensure the wording of each contract complies with the provisions of 5 
    U.S.C. 552a and Sec. 701.105(h).
        (iv) Every three years, beginning in 1992, review the routine use 
    disclosures associated with each system of records to ensure the 
    recipient's use of the records continues to be compatible with the 
    purpose for which the information was originally collected.
        (v) Every three years, beginning in 1993, review each system of 
    records for which exemption rules have been established to determine 
    whether each exemption is still needed.
        (vi) When directed, send the reports through proper channels to the 
    CNO (N09B30).
        (f) Discontinued information requirements. (1) Immediately stop 
    collecting any category or item of information about individuals that 
    is no longer justified, and when feasible, remove the information from 
    existing records.
        (2) Do not destroy records that must be kept in accordance with 
    retention and disposal requirements established under SECNAVINST 
    5212.5\7\, ``Disposal of Navy and Marine Corps Records.''
    ---------------------------------------------------------------------------
    
        \7\Copies available from OPNAV/SECNAV Directives Control Office, 
    Washington Navy Yard, Building 200, Washington, DC 20350-2000.
    ---------------------------------------------------------------------------
    
        (g) Review records before disclosing outside the Federal 
    government. Before disclosing a record from a system of records to 
    anyone outside the Federal government, take reasonable steps to ensure 
    the record which is being disclosed is accurate, relevant, timely, and 
    complete for the purposes it is being maintained.
        (h) Federal government contractors--(1) Applicability to Federal 
    government contractors--(i) When a naval activity contracts for the 
    operation of a system of records to accomplish its function, the 
    activity must ensure compliance with this subpart and subpart G of this 
    part and 5 U.S.C. 552a. For the purposes of the criminal penalties 
    described in 5 U.S.C. 552a, the contractor and its employees shall be 
    considered employees of the agency during the performance of the 
    contract.
        (ii) Consistent with Parts 24 and 52 of the Federal Acquisition 
    Regulation (FAR), contracts for the operation of a system of records 
    shall identify specifically the record system and the work to be 
    performed, and shall include in the solicitations and resulting 
    contract the terms as prescribed by the FAR.
        (iii) If the contractor must use records that are subject to this 
    subpart and subpart G of this part to perform any part of a contract, 
    the contractor activities are subject to this subpart and subpart G of 
    this part.
        (iv) This subpart and subpart G of this part do not apply to 
    records of a contractor that are:
        (A) Established and maintained solely to assist the contractor in 
    making internal contractor management decisions, such as records 
    maintained by the contractor for use in managing the contract;
        (B) Maintained as internal contractor employee records, even when 
    used in conjunction with providing goods or services to the naval 
    activity;
        (C) Maintained as training records by an educational organization 
    contracted by a naval activity to provide training when the records of 
    the contract students are similar to and commingled with training 
    records of other students, such as admission forms, transcripts, and 
    academic counseling and similar records; or
        (D) Maintained by a consumer reporting agency to which records have 
    been disclosed under contract in accordance with 31 U.S.C. 952d.
        (v) For contracting that is subject to this subpart and subpart G 
    of this part, naval activities shall publish instructions that:
        (A) Furnish Privacy Act guidance to personnel who solicit, award, 
    or administer Government contracts;
        (B) Inform prospective contractors of their responsibilities under 
    this subpart and subpart G of this part and the Department of the Navy 
    Privacy Program;
        (C) Establish an internal system for reviewing contractor's 
    performance for compliance with the Privacy Act; and
        (D) Provide for the biennial review of a random sample of contracts 
    that are subject to this subpart and subpart G of this part.
        (2) Contracting procedures. The Defense Acquisition Regulatory 
    (DAR) Council, which oversees the implementation of the FAR within the 
    Department of Defense, is responsible for developing the specific 
    policies and procedures for soliciting, awarding, and administering 
    contracts that are subject to this subpart and subpart G of this part 
    and 5 U.S.C. 552a.
        (3) Contractor compliance. Naval activities shall establish 
    contract surveillance programs to ensure contractors comply with the 
    procedures established by the DAR Council under the preceding 
    subparagraph.
        (4) Disclosing records to contractors. Disclosing records to a 
    contractor for use in performing a contract let by a naval activity is 
    considered a disclosure within Department of the Navy. The contractor 
    is considered the agent of Department of the Navy when receiving and 
    maintaining the records for that activity.
    
    
    Sec. 701.106  Safeguarding records in systems of records.
    
        Establish appropriate administrative, technical, and physical 
    safeguards to ensure the records in every system of records are 
    protected from unauthorized alteration, destruction, or disclosure. 
    Protect the records from reasonably anticipated threats or hazards that 
    could result in substantial harm, embarrassment, inconvenience, or 
    unfairness to any individual on whom information is maintained.
        (a) Minimum standards. (1) Conduct risk analysis and management 
    planning for each system of records. Consider sensitivity and use of 
    the records, present and projected threats and vulnerabilities, and 
    present and projected cost-effectiveness of safeguards. The risk 
    analysis may vary from an informal review of a small, relatively 
    insensitive system to a formal, fully quantified risk analysis of a 
    large, complex, and highly sensitive system.
        (2) Train all personnel operating a system of records or using 
    records from a system of records in proper record security procedures.
        (3) Label information exempt from disclosure under this subpart and 
    subpart G of this part to reflect their sensitivity, such as ``FOR 
    OFFICIAL USE ONLY,'' ``PRIVACY ACT SENSITIVE: DISCLOSE ON A NEED-TO-
    KNOW BASIS ONLY,'' or some other statement that alerts individuals of 
    the sensitivity to the records.
        (4) Administer special administrative, physical, and technical 
    safeguards to protect records processed or stored in an automated data 
    processing or word processing system to protect them from threats 
    unique to those environments.
        (b) Records disposal. (1) Dispose of records from systems of 
    records so as to prevent inadvertent disclosure. Disposal methods are 
    considered adequate if the records are rendered unrecognizable or 
    beyond reconstruction (i.e., such as tearing, burning, melting, 
    chemical decomposition, burying, pulping, pulverizing, shredding, or 
    mutilation). Magnetic media may be cleared by completely erasing, 
    overwriting, or degaussing the tape.
        (2) The transfer of large volumes of records (e.g., printouts and 
    computer cards) in bulk to a disposal activity such as a Defense 
    Reutilization and Marketing Office for authorized disposal is not a 
    disclosure of records, if the volume of records, coding of the 
    information, or some other factor render it impossible to recognize any 
    personal information about a specific individual.
        (3) When disposing or destroying large quantities of records from a 
    system of records, care must be taken to ensure that the bulk of the 
    records is maintained to prevent easy identification of specific 
    records. If such bulk is maintained, no special procedures are 
    required. If bulk is not maintained, or if the form of the records 
    makes individually identifiable information easily discernable, dispose 
    of the records in accordance with Sec. 701.106(b)(1).
    
    
    Sec. 701.107  Criteria for creating, altering, amending and deleting 
    Privacy Act systems of records.
    
        (a) Criteria for a new system of records. A new system of records 
    is one for which no existing system notice has been published in the 
    Federal Register. If a notice for a system of records has been canceled 
    or deleted, and it is determined that it should be reinstated or 
    reused, a new system notice must be published in the Federal Register. 
    Advance public notice must be given before a naval activity may begin 
    to collect information for or use a new system of records. The 
    following procedures apply:
        (1) Describe in the record system notice the contents of the record 
    system and the purposes and routine uses for which the information will 
    be used and disclosed.
        (2) The public shall be given 30 days to comment on any proposed 
    routine uses before the routine uses are implemented.
        (3) The notice shall contain the date the system of records will 
    become effective.
        (b) Criteria for an alteration to a system of records notice. A 
    system is considered altered when any one of the following actions 
    occur or is proposed:
        (1) A significant increase or change in the number or types of 
    individuals about whom records are maintained. For example, a decision 
    to expand a system of records that originally covered personnel 
    assigned to only one naval activity to cover personnel at several 
    installations would constitute an altered system. An increase or 
    decrease in the number of individuals covered due to normal growth or 
    decrease is not an alteration.
        (2) A change that expands the types or categories of information 
    maintained. For example, a personnel file that has been expanded to 
    include medical records would be an alteration.
        (3) A change that alters the purpose for which the information is 
    used. In order to be an alteration, the change must be one that is not 
    reasonably inferred from any of the existing purposes.
        (4) A change to equipment configuration (either hardware or 
    software) that creates substantially greater use of records in the 
    system. For example, placing interactive computer terminals at regional 
    offices when the system was formerly used only at the headquarters 
    would be an alteration.
        (5) A change in the manner in which records are organized or in the 
    method by which records are retrieved.
        (6) Combining record systems due to a reorganization within 
    Department of the Navy.
        (7) Retrieving by Social Security Numbers (SSNs), records that 
    previously were retrieved only by names would be an alteration if the 
    present notice failed to indicate retrieval by SSNs. An altered system 
    of records must be published in the Federal Register. Submission for an 
    alteration must contain a narrative statement, the specific changes 
    altering the system, and the system of records notice.
        (c) Criteria for amending a systems of records notice. Minor 
    changes to published system of records notices are considered 
    amendments. All amendments should be forwarded to CNO (N09B30) for 
    publication in the Federal Register. When submitting an amendment to a 
    system of records notice, the naval activity must include a description 
    of the specific changes proposed and the system of records notice.
        (d) Criteria for deleting a system of records notice. When a system 
    of records is discontinued, incorporated into another system, or 
    determined to be no longer subject to this subpart and subpart G of 
    this part, a deletion notice must be published in the Federal Register. 
    The deletion notice shall include the system identification number, 
    system name, and the reason for deleting it. If a system is deleted 
    through incorporation into or merger with another system, identify the 
    successor system in the deletion notice.
    
    
    Sec. 701.108  Collecting information about individuals.
    
        (a) Collecting directly from the individual. To the greatest extent 
    practicable, collect information for systems of records directly from 
    the individual to whom the record pertains if the record may be used to 
    make an adverse determination about the individual's rights, benefits, 
    or privileges under the Federal programs.
        (b) Collecting information about individuals from third persons. It 
    might not always be practical to collect all information about an 
    individual directly from that person, such as verifying information 
    through other sources for security or employment suitability 
    determinations; seeking other opinions, such as a supervisor's comments 
    on past performance or other evaluations; obtaining the necessary 
    information directly from the individual would be exceptionally 
    difficult or would result in unreasonable costs or delays; or, the 
    individual requests or consents to contacting another person to obtain 
    the information.
        (c) Soliciting the social security number (SSN). (1) It is unlawful 
    for any Federal, State, or local government agency to deny an 
    individual a right, benefit, or privilege provided by law because the 
    individual refuses to provide his or her SSN. However, this prohibition 
    does not apply if a Federal law requires that the SSN be provided, or 
    the SSN is required by a law or regulation adopted before January 1, 
    1975, to verify the individual's identity for a system of records 
    established and in use before that date.
        (2) Before requesting an individual to provide the SSN, the 
    individual must be advised whether providing the SSN is mandatory or 
    voluntary; by what law or other authority the SSN is solicited; and 
    what uses will be made of the SSN.
        (3) The preceding advice relates only to the SSN. If other 
    information about the individual is solicited for a system of records, 
    a Privacy Act statement (PAS) also must be provided to him/her.
        (4) The notice published in the Federal Register for each system of 
    records containing SSNs solicited from individuals must indicate the 
    authority for soliciting the SSNs and whether it is mandatory for the 
    individuals to provide their SSNs. E.O. 9397 requires federal agencies 
    to use SSNs as numerical identifiers for individuals in most federal 
    records systems, however, it does not make it mandatory for individuals 
    to provide their SSNs.
        (5) When entering military service or civilian employment with the 
    Department of the Navy, individuals must provide their SSNs. This is 
    then the individual's numerical identifier and is used to establish 
    personnel, financial, medical, and other official records (as 
    authorized by E.O. 9397). The individuals must be given the 
    notification described above. Once the individual has provided his or 
    her SSN to establish the records, a notification is not required when 
    the SSN is requested only for identification or to locate the records.
        (6) The Federal Personnel Manual\8\ must be consulted when 
    soliciting SSNs for use in systems of records maintained by the Office 
    of Personnel Management.
    ---------------------------------------------------------------------------
    
        \8\Copies available from the Office of Personnel Management, 
    1900 E Street, Washington, DC 20415.
    ---------------------------------------------------------------------------
    
        (7) A Department of the Navy activity may request an individual's 
    SSN even though it is not required by Federal statute, or is not for a 
    system of records in existence and operating prior to January 1, 1975. 
    However, the separate Privacy Act Statement for the SSN, alone, or a 
    merged Privacy Act Statement covering both the SSN and other items of 
    personal information, must make clear that disclosure of the number is 
    voluntary. If the individual refuses to disclose his or her SSN, the 
    activity must be prepared to identify the individual by alternate 
    means.
        (d) Contents of Privacy Act Statement. (1) When an individual is 
    requested to furnish information about himself/herself for a system of 
    records, a Privacy Act Statement must be provided to the individual, 
    regardless of the method used to collect the information (i.e., forms, 
    personal or telephonic interview, etc). If the information requested 
    will not be included in a system of records, a Privacy Act Statement is 
    not required.
        (2) The Privacy Act Statement shall include the following:
        (i) The Federal law or E.O. that authorizes collecting the 
    information (i.e., E.O. 9397 authorizes collection of SSNs);
        (ii) Whether or not it is mandatory for the individual to provide 
    the requested information (It is only mandatory when a Federal law or 
    E.O. of the President specifically imposes a requirement to furnish the 
    information and provides a penalty for failure to do so. If furnishing 
    information is a condition for granting a benefit or privilege 
    voluntarily sought by the individual, it is voluntary for the 
    individual to give the information.);
        (iii) The principle purposes for collecting the information;
        (iv) The routine uses that will be made of the information (i.e., 
    to whom and why it will be disclosed outside the Department of 
    Defense); and
        (v) The possible effects on the individual if the requested 
    information is not provided.
        (3) The Privacy Act Statement must appear on the form used to 
    collect the information or on a separate form that can be retained by 
    the individual collecting the information. If the information is 
    collected by means other than a form completed by the individual, i.e., 
    solicited over the telephone, the Privacy Act Statement should be read 
    to the individual and if requested by the individual, a copy sent to 
    him/her. There is no requirement that the individual sign the Privacy 
    Act Statement.
        (e) Format for Privacy Act Statement. When forms are used to 
    collect information about individuals for a system of records, the 
    Privacy Act Statement shall appear as follows (listed in the order of 
    preference):
        (1) Immediately below the title of the form,
        (2) Elsewhere on the front page of the form (clearly indicating it 
    is the Privacy Act Statement),
        (3) On the back of the form with a notation of its location below 
    the title of the form, or
        (4) On a separate form which the individual may keep.
    
    
    Sec. 701.109  Access to records.
    
        (a) Individual access to records--(1) Right of access. Only 
    individuals who are subjects of records maintained in systems of 
    records and by whose personal identifiers the records are retrieved 
    have the right of individual access under this subpart and subpart G of 
    this part, unless they provide written authorization for their 
    representative to act on their behalf. Legal guardians or parents 
    acting on behalf of a minor child also have the right of individual 
    access under this subpart and subpart G of this part.
        (2) Notification of record's existence. Each naval activity shall 
    establish procedures for notifying an individual, in response to his or 
    her request, if a system of records identified by him/her contains a 
    record pertaining to the individual.
        (3) Individual request for access. Individuals shall address 
    requests for access to records in systems of records to the system 
    manager or the office designated in the Department of the Navy 
    compilation of system notices (periodic Chief of Naval Operations Notes 
    (OPNAVNOTEs) 5211, ``Current Privacy Act Issuances'').
        (4) Verifying identity. (i) An individual shall provide reasonable 
    verification of identity before obtaining access to records.
        (ii) When requesting records in writing, naval activities may not 
    insist that a requester submit a notarized signature. The courts have 
    ruled that an alternative method of verifying identity must be 
    established for individuals who do not have access to notary services. 
    This alternative permits requesters to provide an unsworn declaration 
    that states ``I declare under perjury or penalty under the laws of the 
    United States of American that the foregoing is true and correct.''
        (iii) When an individual seeks access in person, identification can 
    be verified by documents normally carried by the individual (i.e., 
    identification card, driver's license, or other license, permit or pass 
    normally used for identification purposes).
        (iv) When access is requested other than in writing, identity may 
    be verified by the individual's providing minimum identifying data such 
    as full name, date and place of birth, or other information necessary 
    to locate the record sought. If the information sought is sensitive, 
    additional identifying data may be required. Telephonic requests should 
    not be honored.
        (v) Allow an individual to be accompanied by a person of his or her 
    choice when viewing the record; however, require the individual to 
    provide written authorization to have the record discussed in front of 
    the other person.
        (vi) Do not deny access to an individual who is the subject of the 
    record solely for refusing to divulge his or her SSN, unless it is the 
    only means of retrieving the record or verifying identity.
        (vii) Do not require the individual to explain why he or she is 
    seeking access to a record under this subpart and subpart G of this 
    part.
        (viii) Only a designated denial authority may deny access. The 
    denial must be in writing and contain the information required by 
    Sec. 701.109(d).
        (5) Blanket requests not honored. Do not honor requests from 
    individuals for notification and/or access concerning all Department of 
    the Navy systems of records. In these instances, notify the individual 
    that requests for notification and/or access must be directed to the 
    appropriate system manager for the particular record system being 
    requested, as indicated in the periodic Chief of Naval Operations Notes 
    (OPNAVNOTEs) 5211, ``Current Privacy Act Issuances''; and the request 
    must either designate the particular system of records to be searched, 
    or provide sufficient information for the system manager to identify 
    the appropriate system. Also, provide the individual with any other 
    information needed for obtaining consideration of his or her request.
        (6) Granting individual access to records. (i) Grant the individual 
    access to the original record (or exact copy) without any changes or 
    deletions, other than those made in accordance with Sec. 701.113.
        (ii) Grant the individual's request for an exact copy of the 
    record, upon the signed authorization of the individual, and provide a 
    copy to anyone designated by the individual. In either case, the 
    copying fees may be assessed to the individual pursuant to 
    Sec. 701.109(b).
        (iii) If requested, explain any record or portion of a record that 
    is not understood, as well as any changes or deletions.
        (7) Illegible or incomplete records. Do not deny an individual 
    access solely because the physical condition or format of the record 
    does not make it readily available (i.e., when the record is in a 
    deteriorated state or on magnetic tape). Either prepare an extract or 
    recopy the document exactly.
        (8) Access by parents and legal guardians. (i) The parent of any 
    minor, or the legal guardian of any individual declared by a court of 
    competent jurisdiction to be incompetent due to physical or mental 
    incapacity or age, may obtain access to the record of the minor or 
    incompetent individual if the parent or legal guardian is acting on 
    behalf or for the benefit of the minor or incompetent. However, with 
    respect to access by parents and legal guardians to medical records and 
    medical determinations about minors, use the following procedures:
        (A) In the United States, the laws of the state where the records 
    are located might afford special protection to certain medical records 
    (i.e., drug and alcohol abuse treatment, and psychiatric records). The 
    state statutes might apply even if the records are maintained by a 
    naval medical facility.
        (B) For installations located outside the U.S., the parent or legal 
    guardian of a minor shall be denied access if all four of the following 
    conditions are met:
        (1) The minor at the time of the treatment or consultation was 15, 
    16, or 17 years old;
        (2) The treatment or consultation was within a program authorized 
    by law or regulation to provide confidentiality to the minor;
        (3) The minor indicated a desire that the treatment or consultation 
    record be handled in confidence and not disclosed to a parent or 
    guardian; and
        (4) The parent or legal guardian does not have the written 
    authorization of the minor or a valid court order granting access.
        (ii) A minor or incompetent has the same right of access as any 
    other individual under this subpart and subpart G of this part. The 
    right of access of the parent or legal guardian is in addition to that 
    of the minor or incompetent.
        (9) Access to information compiled in reasonable anticipation of a 
    civil proceeding. (i) An individual is not entitled under this subpart 
    and subpart G of this part to access information compiled in reasonable 
    anticipation of a civil action or proceeding.
        (ii) The term ``civil action or proceeding'' includes quasi-
    judicial and pre-trial judicial proceedings, as well as formal 
    litigation.
        (iii) Sec. 701.109(9)(i) and (ii) do not prohibit access to records 
    compiled or used for purposes other than litigation, nor prohibit 
    access to systems of records solely because they are frequently subject 
    to litigation. The information must have been compiled for the primary 
    purpose of litigation.
        (10) Personal notes or records not under the control of the 
    Department of the Navy. (i) Certain documents under the control of a 
    Department of the Navy employee and used to assist him/her in 
    performing official functions are not considered Department of the Navy 
    records within the meaning of this subpart and subpart G of this part. 
    These documents are not systems of records that are subject to this 
    subpart and subpart G of this part, if they are:
        (A) Maintained and discarded solely at the discretion of the 
    author;
        (B) Created only for the author's personal convenience;
        (C) Not the result of official direction or encouragement, whether 
    oral or written; and
        (D) Not shown to other persons for any reason or filed in agency 
    files.
        (11) Relationship between the Privacy Act and FOIA. In some 
    instances, individuals requesting access to records pertaining to 
    themselves may not know which Act to cite as the appropriate statutory 
    authority. The following guidelines are to ensure that the individuals 
    receive the greatest degree of access under both Acts:
        (i) Access requests that specifically state or reasonably imply 
    that they are made under 5 U.S.C. 552 (1988) as amended by the Freedom 
    of Information Reform Act of 1986, are processed under Secretary of the 
    Navy Instruction 5720.42E, ``Department of the Navy Freedom of 
    Information Act Program.''
        (ii) Access requests that specifically state or reasonably imply 
    that they are made under 5 U.S.C. 552a are processed under this subpart 
    and subpart G of this part.
        (iii) Access requests that cite both 5 U.S.C. 552a, as amended by 
    the Computer Matching Act of 1988 and 5 U.S.C. 552 (1988) as amended by 
    the Freedom of Information Reform Act are processed under the Act that 
    provides the greater degree of access. Inform the requester which 
    instruction was used in granting or denying access.
        (iv) Do not penalize the individual access to his or her records 
    otherwise releasable under 5 U.S.C. 552a and periodic Chief of Naval 
    Operations Notes (OPNAVNOTEs) 5211, ``Current Privacy Act Issuances'', 
    simply because he or she failed to cite the appropriate statute or 
    instruction.
        (12) Time limits. Acknowledge requests for access made under 
    Privacy Act or this subpart and subpart G of this part within 10 
    working days after receipt, and advise the requester of your decision 
    to grant/deny access within 30 working days.
        (b) Reproduction fees. Normally, only one copy of any record or 
    document will be provided. Checks or money orders for fees should be 
    made payable to the Treasurer of the United States and deposited to the 
    miscellaneous receipts of the treasury account maintained at the 
    finance office servicing the activity.
        (1) Fee schedules shall include only the direct cost of 
    reproduction and shall not include costs of:
        (i) Time or effort devoted to searching for or reviewing the record 
    by naval personnel;
        (ii) Fees not associated with the actual cost of reproduction;
        (iii) Producing a copy when it must be provided to the individual 
    without cost under another regulation, directive, or law;
        (iv) Normal postage;
        (v) Transportation of records or personnel; or
        (vi) Producing a copy when the individual has requested only to 
    review the record and has not requested a copy to keep, and the only 
    means of allowing review is to make a copy (e.g., the record is stored 
    in a computer and a copy must be printed to provide individual access, 
    or the naval activity does not wish to surrender temporarily the 
    original record for the individual to review).
        (2) Fee schedules.
        (i) Office copy (per page)............$.10
        (ii) Microfiche (per fiche)............$.25
        (3) Fee waivers. Waive fees automatically if the direct cost of 
    reproduction is less than $15, unless the individual is seeking an 
    obvious extension or duplication of a previous request for which he or 
    she was granted a waiver. Decisions to waive or reduce fees that exceed 
    $15 are made on a case-by-case basis.
        (c) Denying individual access. (1) Deny the record subject access 
    to requested record only if it was compiled in reasonable anticipation 
    of a civil action or proceeding or is in a system of records that has 
    been exempt from the access provisions of Sec. 701.113.
        (2) Deny the individual access only to those portions of the record 
    for which the denial will serve a legitimate government purpose. An 
    individual may be refused access for failure to comply with established 
    procedural requirements, but must be told the specific reason for the 
    refusal and the proper access procedures.
        (3) Deny the individual access to his or her medical and 
    psychological records if it is determined that access could have an 
    adverse affect on the mental or physical health of the individual. This 
    determination normally should be made in consultation with a medical 
    practitioner. If it is medically indicated that access could have an 
    adverse mental or physical effect on the individual, provide the record 
    to a medical practitioner named by the individual, along with an 
    explanation of why access without medical supervision could be harmful 
    to the individual. In any case, do not require the named medical 
    practitioner to request the record for the individual. If, however, the 
    individual refuses or fails to designate a medical practitioner, access 
    shall be refused. The refusal is not considered a denial for reporting 
    purposes under the Privacy Act.
        (d) Notifying the individual. Written denial of access must be 
    given to the individual. The denial letter shall include:
        (1) The name, title, and signature of a designated denial 
    authority;
        (2) The date of the denial;
        (3) The specific reason for the denial, citing the appropriate 
    subsections of 5 U.S.C. 552a or this subpart and subpart G of this part 
    authorizing the denial;
        (4) The individual's right to appeal the denial within 60 calendar 
    days of the date the notice is mailed; and
        (5) The title and address of the review authority.
    
    
    Sec. 701.110  Amendment of records.
    
        (a) Individual review and amendment. Encourage individuals to 
    review periodically, the information maintained about them in systems 
    of records, and to avail themselves of the amendment procedures 
    established by this subpart and subpart G of this part.
        (1) Right to amend. An individual may request to amend any record 
    retrieved by his or her personal identifier from a system of records, 
    unless the system has been exempt from the amendment procedures under 
    this subpart. Amendments under this subpart and subpart G of this part 
    are limited to correcting factual matters, not matters of opinion 
    (i.e., information contained in evaluations of promotion potential or 
    performance appraisals). When records sought to be amended are covered 
    by another issuance, the administrative procedures under that issuance 
    must be exhausted before using the Privacy Act. In other words, the 
    Privacy Act may not be used to avoid the administrative procedures 
    required by the issuance actually covering the records in question.
        (2) In writing. Amendment requests shall be in writing, except for 
    routine administrative changes, such as change of address.
        (3) Content of amendment request. An amendment request must include 
    a description of the information to be amended;the reason for the 
    amendment; the type of amendment action sought (i.e., deletion, 
    correction, or addition); and copies of available documentary evidence 
    supporting the request.
        (b) Burden of proof. The individual must provide adequate support 
    for the request.
        (c) Verifying identity. The individual may be required to provide 
    identification to prevent the inadvertent or intentional amendment of 
    another's record. Use the verification guidelines provided in 
    Sec. 701.109(a)(4).
        (d) Limits on amending judicial and quasi-judicial evidence and 
    findings. This subpart and subpart G of this part do not permit the 
    alteration of evidence presented in the course of judicial or quasi-
    judicial proceedings. Amendments to such records must be made in 
    accordance with procedures established for such proceedings. This 
    subpart and subpart G of this part do not permit a collateral attack on 
    a judicial or quasi-judicial finding; however, this subpart and subpart 
    G of this part may be used to challenge the accuracy of recording the 
    finding in a system of records.
        (e) Standards for amendment request determinations. The record 
    which the individual requests to be amended must meet the recordkeeping 
    standards established in Sec. 701.105. The record must be accurate, 
    relevant, timely, complete, and necessary. If the record in its present 
    state does not meet each of the criteria, grant the amendment request 
    to the extent necessary to meet them.
        (f) Time limits. Within 10 working days of receiving an amendment 
    request, the systems manager shall provide the individual a written 
    acknowledgement of the request. If action on the amendment request is 
    completed within the 10 working days and the individual is so informed, 
    no separate acknowledgment is necessary. The acknowledgment must 
    clearly identify the request and advise the individual when to expect 
    notification of the completed action. Only under exceptional 
    circumstances should more than 30 working days be required to complete 
    the action on an amendment request.
        (g) Granting an amendment request in whole or in part.--(1) Notify 
    the requester. To the extent the amendment request is granted, the 
    systems manager shall notify the individual and make the appropriate 
    amendment.
        (2)Notify previous recipients. Notify all previous recipients of 
    the information (as reflected in the disclosure accounting record) that 
    the amendment has been made and provide each a copy of the amended 
    record. Recipients who are known to be no longer retaining the record 
    need not be advised of the amendment. If it is known that other naval 
    activities, DoD components, or Federal agencies have been provided the 
    information that now requires amendment, or if the individual requests 
    that these agencies be notified, provide the notification of amendment 
    even if those activities or agencies are not listed on the disclosure 
    accounting form.
        (h) Denying an amendment request in whole or in part. If the 
    amendment request is denied in whole or in part, promptly notify the 
    individual in writing. Include in the notification to the individual 
    the following:
        (1) Those sections of 5 U.S.C. 552a or this subpart and subpart G 
    of this part upon which the denial is based;
        (2) His or her right to appeal to the head of the activity for an 
    independent review of the initial denial;
        (3) The procedures for requesting an appeal, including the title 
    and address of the official to whom the appeal should be sent; and
        (4) Where the individual can receive assistance in filing the 
    appeal.
        (i) Requests for amending OPM records. The records in an OPM 
    government-wide system of records are only temporarily in the custody 
    of naval activities. Requests for amendment of these records must be 
    processed in accordance with OPM Regulations and the Federal Personnel 
    Manual. The denial authority may deny a request, but all denials are 
    subject to review by the Assistant Director for Workforce Information, 
    Personnel Systems Oversight Group, Office of Personnel Management, 1900 
    E Street, NW, Washington, DC 20415.
        (j) Individual's statement of disagreement. (1) If the review 
    authority refuses to amend the record as requested, the individual may 
    submit a concise statement of disagreement listing the reasons for 
    disagreeing with the refusal to amend.
        (2) If possible, incorporate the statement of disagreement into the 
    record. If that is not possible, annotate the record to reflect that 
    the statement was filed and maintain the statement so that it can be 
    readily obtained when the disputed information is used or disclosed.
        (3) Furnish copies of the statement of disagreement to all 
    individuals listed on the disclosure accounting form (except those 
    known to be no longer retaining the record), as well as to all other 
    known holders of copies of the record.
        (4) Whenever the disputed information is disclosed for any purpose, 
    ensure that the statement of disagreement also is used or disclosed.
        (k) Department of the Navy statement of reasons. (1) If the 
    individual files a statement of disagreement, the naval activity may 
    file a statement of reasons containing a concise summary of the 
    activity's reasons for denying the amendment request.
        (2) The statement of reasons shall contain only those reasons given 
    to the individual by the appellate official and shall not contain any 
    comments on the individual's statement of disagreement.
        (3) At the discretion of the naval activity, the statement of 
    reasons may be disclosed to those individuals, activities, and agencies 
    that receive the statement of disagreement.
    
    
    Sec. 701.111  Privacy Act Appeals
    
        (a) How to file an appeal. The following guidelines shall be 
    followed by individuals wishing to appeal a denial of notification, 
    access, or amendment of records.
        (1) The appeal must be received by the cognizant review authority 
    (i.e., ASN (M&RA), NJAG, OGC, or OPM) within 60 calendar days of the 
    date of the response.
        (2) The appeal must be in writing and requesters should provide a 
    copy of the denial letter and a statement of their reasons for seeking 
    review.
        (b) Time of receipt. The time limits for responding to an appeal 
    commence when the appeal reaches the office of the review authority 
    having jurisdiction over the record. Misdirected appeals should be 
    referred expeditiously to the proper review authority.
        (c) Review authorities. ASN (M&RA), NJAG, and OGC are authorized to 
    adjudicate appeals made to SECNAV. NJAG and OGC are further authorized 
    to delegate this authority to a designated Assistant NJAG and the 
    Principal Deputy General or Deputy General Counsel, respectively, under 
    such terms and conditions as they deem appropriate.
        (1) If the record is from a civilian Official Personnel Folder or 
    is contained on any other OPM forms, send the appeal to the Assistant 
    Director for Workforce Information, Personnel Systems and Oversight 
    Group, Office of Personnel Management, 1900 E Street, NW, Washington, 
    DC 20415. Records in all systems of records maintained in accordance 
    with the OPM government-wide systems notices are only in the temporary 
    custody of the Department of the Navy.
        (2) If the record pertains to the employment of a present or former 
    Navy and Marine Corps civilian employee, such as Navy or Marine Corps 
    civilian personnel records or an employee's grievance or appeal file, 
    to the General Counsel, Navy Department, Washington, DC 20360-5110.
        (3) If the record pertains to a present or former military member's 
    fitness reports or performance evaluations to the Assistant Secretary 
    of the Navy (Manpower and Reserve Affairs), Navy Department, 
    Washington, DC 20350-1000.
        (4) All other records dealing with present or former military 
    members to the Judge Advocate General, Navy Department, 200 Stovall 
    Street, Alexandria, VA 22332-2400.
        (d) Appeal procedures. (1) If the appeal is granted, the review 
    authority shall advise the individual that his or her appeal has been 
    granted and provide access to the record being sought.
        (2) If the appeal is denied totally or in part, the appellate 
    authority shall advise the reason(s) for denying the appeal, citing the 
    appropriate subsections of 5 U.S.C. 552a or this subpart and subpart G 
    of this part that apply; the date of the appeal determination; the 
    name, title, and signature of the appellate authority; and a statement 
    informing the requester of his or her right to seek judicial relief in 
    the Federal District Court.
        (e) Final action, time limits and documentation. (1) The written 
    appeal notification granting or denying access is the final naval 
    activity action on the initial request for access.
        (2) All appeals shall be processed within 30 working days of 
    receipt, unless the appellate authority finds that an adequate review 
    cannot be completed within that period. If additional time is needed, 
    notify the applicant in writing, explaining the reason for the delay 
    and when the appeal will be completed.
        (f) Denial of appeal by activity's failure to act. An individual 
    may consider his or her appeal denied if the appellate authority fails 
    to:
        (1) Take final action on the appeal within 30 working days of 
    receipt when no extension of time notice was given; or
        (2) Take final action within the period established by the notice 
    to the appellate authority of the need for an extension of time to 
    complete action on the appeal.
    
    
    Sec. 701.112  Disclosure of records.
    
        (a) Conditions of disclosure. (1) 5 U.S.C. 552a prohibits an agency 
    from disclosing any record contained in a system of records to any 
    person or agency, except when the record subject gives written consent 
    for the disclosure or when one of the 12 conditions listed below in 
    this subsection applies.
        (2) Except for disclosures made under 5 U.S.C. 552 (1988) as 
    amended by the Freedom of Information Reform Act of 1986 and Secretary 
    of the Navy Instruction 5720.42E, ``Department of the Navy Freedom of 
    Information Act Program,'' before disclosing any record from a system 
    of records to any recipient other than a Federal agency, make 
    reasonable efforts to ensure the record is accurate, relevant, timely, 
    and complete for Department of the Navy purposes. Records discovered to 
    have been improperly filed in the system of records should be removed 
    before disclosure.
        (i) If validation cannot be obtained from the record itself, the 
    naval activity may contact the record subject (if reasonably available) 
    to verify the accuracy, timeliness, completeness, and relevancy of the 
    information.
        (ii) If validation cannot be obtained from the record and the 
    record subject is not reasonably available, advise the recipient that 
    the information is believed to be valid as of a specific date and 
    reveal any factors bearing on the validity of the information.
        (b) Nonconsensual disclosures. 5 U.S.C. 552a provides 12 instances 
    when a record in a system of records may be disclosed without the 
    written consent of the record subject:
        (1) Disclosures within the Department of Defense. For purposes of 
    disclosing records, the Department of Defense is considered a single 
    agency; hence, a record may be disclosed to any officer or employee in 
    the Department of Defense (including private contractor personnel who 
    are engaged to perform services needed in connection with the operation 
    of a system of records for a DoD component), who have a need for the 
    record in the performance of their duties, provided this use is 
    compatible with the purpose for which the record is maintained. This 
    provision is based on the ``need to know'' concept.
        (i) For example, this may include disclosure to personnel managers, 
    review boards, discipline officers, courts-martial personnel, medical 
    officers, investigating officers, and representatives of the Judge 
    Advocate General, Auditor General, Naval Inspector General, or the 
    Naval Investigative Service, who require the information in order to 
    discharge their official duties. Examples of personnel outside the 
    Department of the Navy who may be included are: personnel of the Joint 
    Staff, Armed Forces Entrance and Examining Stations, Defense 
    Investigative Service, or the other military departments, who require 
    the information in order to discharge an official duty.
        (ii) It may also include the transfer of records between naval 
    components and non-DoD agencies in connection with the Personnel 
    Exchange Program (PEP) and interagency support agreements. Disclosure 
    accountings are not required for intra-agency disclosure and 
    disclosures made in connection with interagency support agreements or 
    the PEP. Although some disclosures authorized by this paragraph might 
    also meet the criteria for disclosure under other exceptions specified 
    in the following paragraphs of this section, they should be treated 
    under this paragraph for disclosure accounting purposes.
        (2) Disclosures required by the FOIA. (i) A record must be 
    disclosed if required by 5 U.S.C. 552 (1988) as amended by the Freedom 
    of Information Reform Act of 1986, which is implemented by Secretary of 
    the Navy Instruction 5720.42E, ``Department of the Navy Freedom of 
    Information Act Program.''
        (ii) 5 U.S.C. 552 (1988) as amended by the Freedom of Information 
    Reform Act of 1986 and Secretary of the Navy Instruction 5720.42E, 
    ``Department of the Navy Freedom of Information Act Program'' require 
    that records be made available to any person requesting them in 
    writing, unless the record is exempt from disclosure under one of the 
    nine FOIA exemptions. Therefore, if a record is not exempt from 
    disclosure, it must be provided to the requester.
        (iii) Certain records, such as personnel, medical, and similar 
    files, are exempt from disclosure under exemption (b)(6) of 5 U.S.C. 
    552 (1988) as amended by the Freedom of Information Act Reform Act of 
    1986. Under that exemption, disclosure of information pertaining to an 
    individual can be denied only when the disclosure would be a clearly 
    unwarranted invasion of personal privacy. The first step is to 
    determine whether a viable personal privacy interest exists in these 
    records involving an identifiable living person. The second step is to 
    consider how disclosure would benefit the general public in light of 
    the content and context of the information in question. The third step 
    is to determine whether the identified public interests qualify for 
    consideration. The fourth step is to balance the personal privacy 
    interests against the qualifying public interest. Numerous factors must 
    be considered such as: the nature of the information to be disclosed 
    (i.e., Do individuals normally have an expectation of privacy in the 
    type of information to be disclosed?); importance of the public 
    interest served by the disclosure and probability of further disclosure 
    which may result in an unwarranted invasion of privacy; relationship of 
    the requester to the public interest being served; newsworthiness of 
    the individual to whom the information pertains (i.e., high ranking 
    officer, public figure); degree of sensitivity of the information from 
    the standpoint of the individual or the individual's family, and its 
    potential for being misused to the harm, embarrassment, or 
    inconvenience of the individual or the individual's family; the passage 
    of time since the event which is the topic of the record (i.e., to 
    disclose that an individual has been arrested and is being held for 
    trial by court-martial is normally permitted, while to disclose an 
    arrest which did not result in conviction might not be permitted after 
    the passage of time); and the degree to which the information is 
    already in the public domain or is already known by the particular 
    requester.
        (iv) Records or information from investigatory records, including 
    personnel security investigatory records, are exempt from disclosure 
    under the broader standard of ``an unwarranted invasion of personal 
    privacy'' found in exemption (b)(7)(C) of 5 U.S.C. 552. This broader 
    standard applies only to records or information compiled for law 
    enforcement purposes.
        (v) A disclosure under 5 U.S.C. 552 about military members must be 
    in accordance with Secretary of the Navy Instruction 5720.42E, 
    ``Department of the Navy Freedom of Information Act Program'', but the 
    following information normally may be disclosed from military personnel 
    records (except for those personnel assigned to sensitive or routinely 
    deployable units, or located in a foreign territory), without a clearly 
    unwarranted invasion of personal privacy: Full name, rank, date of 
    rank, base pay, past duty stations, present duty station and future 
    duty station (if finalized), unless the stations have been determined 
    by the Department of the Navy to be sensitive, routinely deployable, or 
    located in a foreign territory, office or duty telephone number, source 
    of commission, promotion sequence number, awards and decorations, 
    attendance at professional military schools, and duty status at any 
    given time.
        (vi) The following information normally may be disclosed from 
    civilian employee records about CONUS employees: Full name, present and 
    past position titles and occupational series, present and past grades, 
    present and past annual salary rates (including performance awards or 
    bonuses, incentive awards, merit pay amount, Meritorious and 
    Distinguished Executive Ranks, and allowances and differentials), past 
    duty stations, present duty station and future duty station (if 
    finalized), including room numbers, shop designations, or other 
    identifying information regarding buildings or places of employment, 
    unless the duty stations have been determined by the Department of the 
    Navy to be sensitive, routinely deployable, or located in a foreign 
    territory, position descriptions, identification of job elements, and 
    those performance standards (but not actual performance appraisals) 
    that the disclosure of which would not interfere with law enforcement 
    programs or severely inhibit Department of the Navy effectiveness.
        (viii) Disclosure of home addresses and home telephone numbers 
    normally is considered a clearly unwarranted invasion of personal 
    privacy and is prohibited. However, they may be disclosed if the 
    individual has consented to the disclosure; the disclosure is required 
    by the FOIA; the disclosure is required by another law, such as 42 
    U.S.C. 653, which provides assistance to states in locating parents who 
    have defaulted on child support payments, or the collection of alimony, 
    and to state and local tax authorities for the purpose of enforcing tax 
    laws. However, care must be taken prior to release to ensure that a 
    written record is prepared to document the reasons for the release 
    determination.
        (A) When compiling home addresses and telephone numbers, the 
    individual may be offered the option of authorizing disclosure of the 
    information without further consent for specific purposes, such as 
    locator services. In that case, the information may be disclosed for 
    the stated purpose without further consent. If the information is to be 
    disclosed for any other purpose, a signed consent permitting the 
    additional disclosure must be obtained from the individual.
        (B) Before listing home addresses and telephone numbers in 
    Department of the Navy telephone directories, give the individual the 
    opportunity to refuse such a listing. If the individual requests that 
    the home address or telephone number not be listed in the directory, do 
    not assess any additional fee associated with maintaining an unlisted 
    number for government-owned telephone services.
        (C) The sale or rental of lists of names and addresses is 
    prohibited unless such action is specifically authorized by Federal 
    law. This does not prohibit the disclosure of names and addresses made 
    under Secretary of the Navy Instruction 5720.42E, ``Department of the 
    Navy Freedom of Information Act Program.''
        (D) In response to FOIA requests, information concerning special 
    and general courts-martial results (e.g., records of trial) are 
    releasable. However, information regarding summary courts-martial and 
    non-judicial punishment are generally not releasable. The balancing of 
    interests must be done. It is possible that in a particular case, 
    information regarding non-judicial punishment should be disclosed 
    pursuant to a FOIA request (i.e., the facts leading to a nonjudicial 
    punishment are particularly newsworthy or the case involves a senior 
    official abusing the public trust through office-related misconduct, 
    such as embezzlement). Announcement of nonjudicial punishment 
    dispositions under JAGMAN, subsection 0107, is a proper exercise of 
    command authority and not a release of information under FOIA or this 
    subpart and subpart G of this part. Exceptions to this policy must be 
    coordinated with CNO (N09B30) or CMC (MI-3) prior to responding to 
    requesters, including all requests for this type of information from 
    members of Congress.
        (3) Disclosures for established routine uses. (i) Records may be 
    disclosed outside the Department of the Navy if the disclosure is for 
    an established routine use.
        (ii) A routine use shall:
        (A) Be compatible with and related to the purpose for which the 
    record was created;
        (B) Identify the persons or organizations to whom the record may be 
    disclosed;
        (C) Identify specifically the uses for which the information may be 
    employed by the receiving person or organization; and
        (D) Have been published previously in the Federal Register.
        (iii) A routine use shall be established for each user of the 
    information outside the Department of the Navy who needs the 
    information for an official purpose.
        (iv) Routine uses may be established, discontinued, or amended 
    without the consent of the individuals to whom the records pertain. 
    However, new and amended routine uses must be published in the Federal 
    Register at least 30 days before the information may be disclosed under 
    their provisions.
        (v) In addition to the routine uses established by the Department 
    of the Navy for each system of records, common ``Blanket Routine 
    Uses,'' applicable to all record systems maintained with the Department 
    of the Navy, have been established. These ``Blanket Routine Uses'' are 
    published at the beginning of the Department of the Navy's Federal 
    Register compilation of record systems notices rather than at each 
    system notice and are also reflected in periodic Chief of Naval 
    Operations Notes (OPNAVNOTEs) 5211, ``Current Privacy Act Issuances.'' 
    Unless a system notice specifically excludes a system of records from a 
    ``Blanket Routine Use,'' all ``Blanket Routine Uses'' apply to that 
    system.
        (vi) If the recipient has not been identified in the Federal 
    Register or if the recipient, though identified, intends to employ the 
    information for a purpose not published in the Federal Register, the 
    written consent of the individual is required before the disclosure can 
    be made.
        (4) Disclosures to the Bureau of the Census. Records may be 
    disclosed to the Bureau of the Census for purposes of planning or 
    carrying out a census, survey, or related activities authorized by 13 
    U.S.C. 8.
        (5) Disclosures for statistical research or reporting. Records may 
    be disclosed to a recipient for statistical research or reporting if:
        (i) Prior to the disclosure, the recipient has provided adequate 
    written assurance that the records shall be used solely for statistical 
    research or reporting; and
        (ii) The records are transferred in a form that does not identify 
    individuals.
        (6) Disclosures to the National Archives and Records 
    Administration. (i) Records may be disclosed to the National Archives 
    and Record Administration for evaluation to determine whether the 
    records have sufficient historical or other value to warrant 
    preservation by the Federal government. If preservation is warranted, 
    the records will be retained by the National Archives and Record 
    Administration, which becomes the official owner of the records.
        (ii) Records may be disclosed to the National Archives and Record 
    Administration to carry out records management inspections required by 
    Federal law.
        (iii) Records transferred to a Federal Records Center operated by 
    the National Archives and Record Administration for storage are not 
    within this category. Those records continue to be maintained and 
    controlled by the transferring naval activity. The Federal Records 
    Center is considered the agent of Department of the Navy and the 
    disclosure is made under Sec. 701.112(b)(1).
        (7) Disclosures when requested for law enforcement purposes. (i) A 
    record may be disclosed to another agency or an instrumentality of any 
    governmental jurisdiction within or under the control of the U.S. for a 
    civil or criminal law enforcement activity if:
        (A) The civil or criminal law enforcement activity is authorized by 
    law (federal, state or local); and
        (B) The head of the agency (or his or her designee) has made a 
    written request to the naval activity specifying the particular record 
    or portion desired and the law enforcement purpose for which it is 
    sought.
        (ii) Blanket requests for any and all records pertaining to an 
    individual shall not be honored. The requesting agency must specify 
    each record or portion desired and how each relates to the authorized 
    law enforcement activity.
        (iii) If a naval activity discloses a record outside the Department 
    of Defense for law enforcement purposes without the individual's 
    consent and without an adequate written request, the disclosure must be 
    under an established routine use, such as the ``Blanket Routine Use'' 
    for law enforcement.
        (iv) Disclosure to foreign law enforcement agencies is not governed 
    by the provisions of 5 U.S.C. 552a and this paragraph, but may be made 
    only under established ``Blanket Routine Uses,'' routine uses published 
    in the individual record system notice, or to other governing 
    authority.
        (8) Disclosure to protect the health or safety of an individual.  
    Disclosure may be made under emergency conditions involving 
    circumstances affecting the health and safety of an individual (i.e., 
    when the time required to obtain the consent of the individual to whom 
    the records pertain might result in a delay which could impair the 
    health or safety of a person) provided notification of the disclosure 
    is sent to the record subject. Sending the notification to the last 
    known address is sufficient. In instances where information is 
    requested by telephone, an attempt will be made to verify the 
    inquirer's and medical facility's identities and the caller's telephone 
    number. The requested information, if then considered appropriate and 
    of an emergency nature, may be provided by return call.
        (9) Disclosures to Congress. (i) A record may be disclosed to 
    either House of Congress at the request of either the Senate or House 
    of Representatives as a whole.
        (ii) A record also may be disclosed to any committee, subcommittee, 
    or joint committee of Congress if the disclosure pertains to a matter 
    within the legislative or investigative jurisdiction of the committee, 
    subcommittee, or joint committee.
        (iii) Disclosure may not be made to a Member of Congress requesting 
    in his or her individual capacity. However, for Members of Congress 
    making inquiries on behalf of individuals who are subjects of records, 
    a ``Blanket Routine Use'' has been established to permit disclosures to 
    individual Members of Congress.
        (A) When responding to a congressional inquiry made on behalf of a 
    constituent by whose identifier the record is retrieved, there is no 
    need to verify that the individual has authorized the disclosure to the 
    Member of Congress.
        (B) The oral or written statement of a Congressional staff member 
    is sufficient to establish that a request has been received from the 
    individual to whom the record pertains.
        (C) If the constituent inquiry is made on behalf of an individual 
    other than the record subject, provide the Member of Congress only that 
    information releasable under 5 U.S.C. 552. Advise the Member of 
    Congress that the written consent of the record subject is required 
    before additional information may be disclosed. Do not contact the 
    record subject to obtain consent for the disclosure to the Member of 
    Congress unless the Congressional office specifically requests it be 
    done.
        (10) Disclosures to the Comptroller General for the General 
    Accounting Office (GAO). Records may be disclosed to the Comptroller 
    General of the U.S., or authorized representative, in the course of the 
    performance of the duties of the GAO.
        (11) Disclosures under court orders. (i) Records may be disclosed 
    under the order of a court of competent jurisdiction.
        (ii) When a record is disclosed under this provision and the 
    compulsory legal process becomes a matter of public record, make 
    reasonable efforts to notify the individual to whom the record 
    pertains. Notification sent to the last known address of the individual 
    is sufficient. If the order has not yet become a matter of public 
    record, seek to be advised as to when it will become public. Neither 
    the identity or the party to whom the disclosure was made nor the 
    purpose of the disclosure shall be made available to the record subject 
    unless the court order has become a matter of public record.
        (iii) The court order must bear the signature of a federal, state, 
    or local judge. Orders signed by court clerks or attorneys are not 
    deemed to be orders of a court of competent jurisdiction. A photocopy 
    of the order, regular on its face, will be sufficient evidence of the 
    court's exercise of its authority of the minimal requirements of 
    SECNAVINST 5820.8A\9\, ``Release of Official Information for Litigation 
    Purposes and Testimony by Department of the Navy Personnel.''
    ---------------------------------------------------------------------------
    
        \9\Copies available from the Judge Advocate General, Navy 
    Department, (Code 34), 200 Stovall Street, Alexandria, VA 22332-
    2400.
    ---------------------------------------------------------------------------
    
        (12) Disclosures to consumer reporting agencies. Certain 
    information may be disclosed to consumer reporting agencies (i.e., 
    credit reference companies such as TRW and Equifax, etc.) as defined by 
    the Federal Claims Collection Act of 1966 (31 U.S.C. 952d). Under the 
    provisions of that Act, the following information may be disclosed to a 
    consumer reporting agency:
        (i) Name, address, taxpayer identification number (SSN), and other 
    information necessary to establish the identity of the individual;
        (ii) The amount, status, and history of the claim; and
        (iii) The agency or program under which the claim arose. 31 U.S.C. 
    952d specifically requires that the Federal Register notice for the 
    system of records from which the information will be disclosed indicate 
    that the information may be disclosed to a consumer reporting agency.
        (c) Disclosures to commercial enterprises. Records may be disclosed 
    to commercial enterprises only under the criteria established by 
    Secretary of the Navy Instruction 5720.42E and 42 U.S.C. 653, Parent 
    Locator Service for Enforcement of Child Support.
        (1) Any information required to be disclosed by Secretary of the 
    Navy Instruction 5720.42E and 42 U.S.C. 653, Parent Locator Service for 
    Enforcement of Child Support may be disclosed to a requesting 
    commercial enterprise.
        (2) Commercial enterprises may present a consent statement signed 
    by the individual indicating specific conditions for disclosing 
    information from a record. Statements such as the following, if signed 
    by the individual, are considered sufficient to authorize the 
    disclosure: I hereby authorize the Department of the Navy to verify my 
    SSN or other identifying information and to disclose my home address 
    and telephone number to authorized representatives of (name of 
    commercial enterprise) to be used in connection with my commercial 
    dealings with that enterprise. All information furnished will be used 
    in connection with my financial relationship with (name of commercial 
    enterprise).
        (3) When a consent statement as described in the preceding 
    subsection is presented, provide the information to the commercial 
    enterprise, unless the disclosure is prohibited by another regulation 
    or Federal law.
        (4) Blanket consent statements that do not identify the Department 
    of Defense or Department of the Navy, or that do not specify exactly 
    the information to be disclosed, may be honored if it is clear that the 
    individual, in signing the consent statement, was seeking a personal 
    benefit (i.e., loan for a house or automobile) and was aware of the 
    type of information necessary to obtain the benefit sought.
        (5) Do not honor requests from commercial enterprises for official 
    evaluations of personal characteristics such as personal financial 
    habits.
        (d) Disclosure of Health Care Records to the Public. This paragraph 
    applies to disclosure of information to the news media and the public 
    concerning individuals treated or hospitalized in Department of the 
    Navy medical facilities and, when the cost of care is paid by the 
    Department of the Navy, in non-Federal facilities.
        (1) Disclosures without the individual's consent. Normally, the 
    following information may be disclosed without the individual's 
    consent:
        (i) Information required to be released by Secretary of the Navy 
    Instruction 5720.42E and OPM Regulations and the Federal Personnel 
    Manual, as well as the information listed in Sec. 701.112(b)(2)(v) for 
    military personnel and in Sec. 701.112(b)(2).
        (ii) For civilian employees; and
        (iii) General information concerning medical conditions, i.e., date 
    of admission or disposition; present medical assessment of the 
    individual's condition if the medical practitioner has volunteered the 
    information, i.e., the individual's condition presently is (stable) 
    (good) (fair) (serious) (critical), and the patient is (conscious) 
    (semi-conscious) (unconscious).
        (2) Disclosures with the individual's consent. With the 
    individual's informed consent, any information about the individual may 
    be disclosed. If the individual is a minor or has been declared 
    incompetent by a court of competent jurisdiction, the parent of the 
    minor or appointed legal guardian of the incompetent may give consent 
    on behalf of the individual.
        (e) Disclosure of Personal Information on Group/Bulk Orders. Do not 
    use personal information including complete SSNs, home addresses and 
    phone numbers, dates of birth, etc., on group/bulk orders. This 
    personal information should not be posted on lists that everyone listed 
    on the orders sees. Such a disclosure of personal information violates 
    the Privacy Act and this subpart and subpart G of this part.
        (f) Disclosure Accounting. Keep an accurate record of all 
    disclosures made from a record (including those made with the consent 
    of the individual) except those made to DoD personnel for use in 
    performing their official duties; and those made under the FOIA. 
    Disclosure accounting is to permit the individual to determine what 
    agencies or persons have been provided information from the record, 
    enable Department of the Navy activities to advise prior recipients of 
    the record of any subsequent amendments or statements of dispute 
    concerning the record, and provide an audit trial of Department of the 
    Navy's compliance with 5 U.S.C. 552a.
        (1) Disclosure accountings shall contain the date of the 
    disclosure; a description of the information disclosed; the purpose of 
    the disclosure; and the name and address of the person or agency to 
    whom the disclosure was made.
        (2) The record subject has the right of access to the disclosure 
    accounting except when the disclosure was made at the request of a 
    civil or criminal law enforcement agency under Sec. 701.112(b)(7); or 
    when the system of records has been exempted from the requirement to 
    provide access to the disclosure accounting.
        (g) Methods of disclosure accounting. Since the characteristics of 
    various records maintained within the Department of the Navy vary 
    widely, no uniform method for keeping disclosure accountings is 
    prescribed. The primary criteria are that the selected method be one 
    which will:
        (1) Enable an individual to ascertain what persons or agencies have 
    received disclosures pertaining to him/her;
        (2) Provide a basis for informing recipients of subsequent 
    amendments or statements of dispute concerning the record; and
        (3) Provide a means to prove, if necessary that the activity has 
    complied with the requirements of 5 U.S.C. 552a and this subpart and 
    subpart G of this part.
        (h) Retention of Disclosure Accounting. Maintain a disclosure 
    accounting of the life of the record to which the disclosure pertains, 
    or 5 years after the date of the disclosure, whichever is longer. 
    Disclosure accounting records are normally maintained with the record, 
    as this will ensure compliance with Sec. 701.112(f).
    
    
    Sec. 701.113  Exemptions.
    
        (a) Using exemptions. No system of records is automatically exempt 
    from all provisions of 5 U.S.C. 552a. A system of records is exempt 
    from only those provisions of 5 U.S.C. 552a that are identified 
    specifically in the exemption rule for the system. Subpart G of this 
    part contains the systems designated as exempt, the types of exemptions 
    claimed, the authority and reasons for invoking the exemptions and the 
    provisions of 5 U.S.C. 552a from which each system has been exempt. 
    Exemptions are discretionary on the part of Department of the Navy and 
    are not effective until published as a final rule in the Federal 
    Register. The naval activity maintaining the system of records shall 
    make a determination that the system is one for which an exemption may 
    be established and then propose an exemption rule for the system. 
    Submit the proposal to CNO (N09B30) for approval and publication in the 
    Federal Register.
        (b) Types of exemptions. There are two types of exemptions 
    permitted by 5 U.S.C. 552a.
        (1) General exemptions. Those that authorize the exemption of a 
    system of records from all but specifically identified provisions of 5 
    U.S.C. 552a.
        (2) Specific exemptions. Those that allow a system of records to be 
    exempt from only a few designated provisions of 5 U.S.C. 552a.
        (c) Establishing exemptions. (1) 5 U.S.C. 552a authorizes the 
    Secretary of the Navy to adopt rules designating eligible systems of 
    records as exempt from certain requirements. The Secretary of the Navy 
    has delegated the CNO (N09B30) to make a determination that the system 
    is one for which an exemption may be established and then propose and 
    establish an exemption rule for the system. No system of records within 
    Department of the Navy shall be considered exempt until the CNO 
    (N09B30) has approved the exemption and an exemption rule has been 
    published as a final rule in the Federal Register. A system of records 
    is exempt from only those provisions of 5 U.S.C. 552a that are 
    identified specifically in the Department of the Navy exemption rule 
    for the system.
        (2) No exemption may be established for a system of records until 
    the system itself has been established by publishing a notice in the 
    Federal Register, at least 30 days prior to the effective date, 
    describing the system. This allows interested persons an opportunity to 
    comment. An exemption may not be used to deny an individual access to 
    information that he or she can obtain under Secretary of the Navy 
    Instruction 5720.42E, ``Department of the Navy Freedom of Information 
    Act Program.''
        (d) Exemption for classified material. All systems of records 
    maintained by the Department of the Navy shall be exempt under section 
    (k)(1) of 5 U.S.C. 552a, to the extent that the systems contains any 
    information properly classified under E.O. 12356 and that is required 
    by that E.O. to be kept secret in the interest of national defense or 
    foreign policy. This exemption is applicable to parts of all systems of 
    records including those not otherwise specifically designated for 
    exemptions herein which contain isolated items of properly classified 
    information.
        NOTE: Department of the Navy Privacy Act systems of records which 
    contain classified information automatically qualify for a (k)(1) 
    exemption, without establishing an exemption rule.
        (e) Exempt records in nonexempt systems. (1) An exemption rule 
    applies to the system of records for which it was established. If a 
    record from an exempt system is incorporated intentionally into a 
    system that has not been exempt, the published notice and rules for the 
    nonexempt system will apply to the record and it will not be exempt 
    from any provisions of 5 U.S.C. 552a.
        (2) A record from one component's (i.e., Department of the Navy) 
    exempted system that is temporarily in the possession of another 
    component (i.e., Army) remains subject to the published system notice 
    and rules of the originating component's (i.e., Department of the 
    Navy). However, if the non-originating component incorporates the 
    record into its own system of records, the published notice and rules 
    for the system into which it is incorporated shall apply. If that 
    system of records has not been exempted, the record shall not be exempt 
    from any provisions of 5 U.S.C. 552a.
        (3) A record accidentally misfiled into a system of records is 
    governed by the published notice and rules for the system of records in 
    which it actually should have been filed.
        (f) General exemptions--(1) Central Intelligence Agency (CIA). The 
    Department of the Navy is not authorized to establish an exemption for 
    records maintained by the CIA under subsection (j)(1) of 5 U.S.C. 552a.
        (2) Law enforcement. (i) The general exemption provided by 
    subsection (j)(2) of 5 U.S.C. 552a may be established to protect 
    criminal law enforcement records maintained by Department of the Navy.
        (ii) To be eligible for the (j)(2) exemption, the system of records 
    must be maintained by an element that performs, as one of its principal 
    functions, the enforcement of criminal laws. The Naval Investigative 
    Service, Naval Inspector General, and military police activities 
    qualify for this exemption.
        (iii) Criminal law enforcement includes police efforts to detect, 
    prevent, control, or reduce crime, or to apprehend criminals, and the 
    activities of prosecution, court, correctional, probation, pardon, or 
    parole authorities.
        (iv) Information that may be protected under the (j)(2) exemption 
    includes:
        (A) Information compiled for the purpose of identifying criminal 
    offenders and alleged criminal offenders consisting of only identifying 
    data and notations of arrests; the nature and disposition of criminal 
    charges; and sentencing, confinement, release, parole, and probation 
    status;
        (B) Information compiled for the purpose of a criminal 
    investigation, including reports of informants and investigators, and 
    associated with an identifiable individual; and
        (C) Reports identifiable to an individual, compiled at any stage of 
    the enforcement process, from arrest, apprehension, indictment, or 
    preferral of charges through final release from the supervision that 
    resulted from the commission of a crime.
        (v) The (j)(2) exemption does not apply to:
        (A) Investigative records maintained by a naval activity having no 
    criminal law enforcement duties as one of its principle functions, or
        (B) Investigative records compiled by any element concerning 
    individual's suitability, eligibility, or qualification for duty, 
    employment, or access to classified information, regardless of the 
    principle functions of the naval activity that compiled them.
        (vi) The (j)(2) exemption established for a system of records 
    maintained by a criminal law enforcement activity cannot protect law 
    enforcement records incorporated into a nonexempt system of records or 
    any system of records maintained by an activity not principally tasked 
    with enforcing criminal laws. All system managers, therefore, are 
    cautioned to comply strictly with Department of the Navy regulations or 
    instructions prohibiting or limiting the incorporation of criminal law 
    enforcement records into systems other than those maintained by 
    criminal law enforcement activities.
        (g) Specific exemptions. Specific exemptions permit certain 
    categories of records to be exempted from specific provisions of 5 
    U.S.C. 552a. Subsections (k)(1)-(7) of 5 U.S.C. 552a allow exemptions 
    for seven categories of records. To be eligible for a specific 
    exemption, the record must meet the corresponding criteria.
        NOTE: Department of the Navy Privacy Act systems of records which 
    contain classified information automatically qualify for a (k)(1) 
    exemption, without an established exemption rule.
        (1) (k)(1) exemption: Information properly classified under 
    Secretary of the Navy Instruction 5720.42E, ``Department of the Navy 
    Freedom of Information Act Program'' and E.O. 12356, in the interest of 
    national defense or foreign policy.
        (2) (k)(2) exemption: Investigatory information (other than that 
    information within the scope of Sec. 701.113(f)(2) compiled for law 
    enforcement purposes. If maintaining the information causes an 
    individual to be ineligible for or denied any right, benefit, or 
    privilege that he or she would otherwise be eligible for or entitled to 
    under Federal law, then he or she shall be given access to the 
    information, except for the information that would identify a 
    confidential source (see Sec.  701.113(h), ``confidential source''). 
    The (k)(2) exemption, when established, allows limited protection on 
    investigative records maintained for use in personnel and 
    administrative actions.
        (3) (k)(3) exemption: Records maintained in connection with 
    providing protective services to the President of the United States and 
    other individuals under 18 U.S.C. 3056.
        (4) (k)(4) exemption: Records required by Federal law to be 
    maintained and used solely as statistical records that are not used to 
    make any determination about an identifiable individual, except as 
    provided by 13 U.S.C. 8.
        (5) (k)(5) exemption: Investigatory material compiled solely for 
    the purpose of determining suitability, eligibility, or qualifications 
    for Federal civilian employment, military service, Federal contracts, 
    or access to classified information, but only to the extent such 
    material would reveal the identity of a confidential source. (See 
    Sec. 701.113(h), ``confidential source''). This exemption allows 
    protection of confidential sources in background investigations, 
    employment inquiries, and similar inquiries used in personnel screening 
    to determine suitability, eligibility, or qualifications.
        (6) (k)(6) exemption: Testing or examination material used solely 
    to determine individual qualifications for appointment or promotion in 
    the Federal or military service if the disclosure would compromise the 
    objectivity or fairness of the testing or examination process.
        (7) (k)(7) exemption: Evaluation material used to determine 
    potential for promotion in the military services, but only to the 
    extent that disclosure would reveal the identity of a confidential 
    source. (See Sec. 701.113(h), ``confidential source''.)
        (h) Confidential Source. Promises of confidentiality are to be 
    given on a limited basis and only when essential to obtain the 
    information sought. Establish appropriate procedures for granting 
    confidentiality and designate those categories of individuals 
    authorized to make such promises.
    
    
    Sec. 701.114  Enforcement actions.
    
        (a) Administrative remedies. An individual who alleges he or she 
    has been affected adversely by a naval activity's violation of 5 U.S.C. 
    552a or this subpart and subpart G of this part shall be permitted to 
    seek relief from SECNAV through proper administrative channels.
        (b) Civil court actions. After exhausting all administrative 
    remedies, an individual may file suit in Federal court against a naval 
    activity for any of the following acts:
        (1) Denial of an amendment request. The activity head, or his or 
    her designee wrongfully refuses the individual's request for review of 
    the initial denial of an amendment or, after review, wrongfully refuses 
    to amend the record;
        (2) Denial of access. The activity wrongfully refuses to allow the 
    individual to review the record or wrongfully denies his or her request 
    for a copy of the record;
        (3) Failure to meet recordkeeping standards. The activity fails to 
    maintain an individual's record with the accuracy, relevance, 
    timeliness, and completeness necessary to assure fairness in any 
    determination about the individual's rights, benefits, or privileges 
    and, in fact, makes an adverse determination based on the record; or
        (4) Failure to comply with Privacy Act. The activity fails to 
    comply with any other provision of 5 U.S.C. 552a or any rule or 
    regulation promulgated under 5 U.S.C. 552a and thereby causes the 
    individual to be adversely affected.
        (c) Criminal penalties. Subsection (i)(1) of 5 U.S.C. 552a 
    authorizes three criminal penalties against individuals for violations 
    of its provisions. All three are misdemeanors punishable by fines of 
    $5,000.
        (1) Wrongful disclosure. Any member or employee of Department of 
    the Navy who, by virtue of his or her employment or position, has 
    possession of or access to records and willfully makes a disclosure 
    knowing that disclosure is in violation of 5 U.S.C. 552a or this 
    subpart and subpart G of this part.
        (2) Maintaining unauthorized records. Any member or employee of 
    Department of the Navy who willfully maintains a system of records for 
    which a notice has not been published under periodic Chief of Naval 
    Operations Notes (OPNAVNOTEs) 5211, ``Current Privacy Act Issuances.''
        (3) Wrongful requesting or obtaining records. Any person who 
    knowingly and willfully requests or obtains information concerning an 
    individual under false pretenses.
    
    
    Sec. 701.115  Computer matching program.
    
        (a) General. 5 U.S.C. 552a and this subpart and subpart G of this 
    part are applicable to certain types of computer matching, i.e., the 
    computer comparison of automated systems of records. There are two 
    specific kinds of matching programs that are fully governed by 5 U.S.C. 
    552a and this subpart and subpart G of this part:
        (1) Matches using records from Federal personnel or payroll systems 
    of records;
        (2) Matches involving Federal benefit programs to accomplish one or 
    more of the following purposes:
        (i) To determine eligibility for a Federal benefit.
        (ii) To comply with benefit program requirements.
        (iii) To effect recovery of improper payments or delinquent debts 
    from current or former beneficiaries.
    
        The record comparison must be a computerized one. Manual 
    comparisons are not covered, involving records from two or more 
    automated systems of records (i.e., systems of records maintained by 
    Federal agencies that are subject to 5 U.S.C. 552a); or a Department of 
    the Navy automated systems of records and automated records maintained 
    by a non-Federal agency (i.e., State or local government or agent 
    thereof). A covered computer matching program entails not only the 
    actual computerized comparison, but also preparing and executing a 
    written agreement between the participants, securing approval of the 
    Defense Data Integrity Board, publishing a matching notice in the 
    Federal Register before the match begins, ensuring that investigation 
    and due process are completed, and taking ultimate action, if any.
    
    Subpart G-Privacy Act Exemptions
    
    
    Sec. 701.116  Purpose.
    
        Subparts F and G of this part contain rules promulgated by the 
    Secretary of the Navy, pursuant to 5 U.S.C. 552a (j) and (k), and 
    subpart F, Sec. 70l.113, to exempt certain systems of Department of the 
    Navy records from specified provisions of 5 U.S.C. 552a.
    
    
    Sec. 70l.117  Exemption for classified records.
    
        All systems of records maintained by the Department of the Navy 
    shall be exempt from the requirements of the access provision of the 
    Privacy Act (5 U.S.C. 552a(d)) under the (k)(1) exemption, to the 
    extent that the system contains information properly classified under 
    E.O. 12356 and that is required by that E.O. to be kept secret in the 
    interest of national defense or foreign policy. This exemption is 
    applicable to parts of all systems of records including those not 
    otherwise specifically designated for exemptions herein which contain 
    isolated items of properly classified information.
    
    
    Sec. 701.118  Exemptions for specific Navy record systems.
    
        (a) System Identifier and Name: N01070-9, White House Support 
    Program.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), (e)(4) 
    (G) through (I), and (f).
        Authority: 5 U.S.C. 552a(k) (1), (2), (3), and (5).
        Reasons: Exempted portions of this system contain information which 
    has been properly classified under E.O. 12356, and which is required to 
    be kept secret in the interest of national defense or foreign policy. 
    Exempted portions of this system may also contain information 
    considered relevant and necessary to make a determination as to 
    qualifications, eligibility, or suitability for access to classified 
    information, and which was obtained by providing an express or implied 
    promise to the source that his or her identity would not be revealed to 
    the subject of the record. Exempted portions of this system may also 
    contain information collected and maintained in connection with 
    providing protective services to the President and other individuals 
    protected pursuant to 18 U.S.C. 3056. Exempted portions of this system 
    may also contain investigative records compiled for law enforcement 
    purposes, the disclosure of which could reveal the identity of sources 
    who provide information under an express or implied promise of 
    confidentiality, compromise investigative techniques and procedures, 
    jeopardize the life or physical safety of law-enforcement personnel, or 
    otherwise interfere with enforcement proceedings or adjudications.
    
        (b) System Identifier and Name: N01131-1, Officer Selection and 
    Appointment System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), 
    (e)(4)(G) through (I), and (f).
        Authority: 5 U.S.C. 552a(k)(1), (5), (6), and (7).
        Reasons: Granting individuals access to portions of this system of 
    records could result in the disclosure of classified material, or the 
    identification of sources who provided information to the government 
    under an express or implied promise of confidentiality. Material will 
    be screened to permit access to unclassified material and to 
    information that does not disclose the identity of a confidential 
    source.
        (c) System Identifier and Name: N01133-2, Recruiting Enlisted 
    Selection System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), 
    (e)(4)(G) through (I), and (f).
        Authority: 5 U.S.C. 552a(k)(1), (5), (6), and (7).
        Reasons: Granting individuals access to portions of this system of 
    records could result in the disclosure of classified material, or the 
    identification of sources who provided information to the government 
    under an express or implied promise of confidentiality. Material will 
    be screened to permit access to unclassified material and to 
    information that does not disclose the identity of a confidential 
    source.
    
        (d) System Identifier and Name: N01640-1, Individual Correctional 
    Records.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (c)(4), (d), (e)(2), 
    (e)(3), (e)(4)(G) through (I), (e)(5), (e)(8), (f), and (g).
        Authority: 5 U.S.C. 552a(j)(2).
        Reason: Granting individuals access to portions of these records 
    pertaining to or consisting of, but not limited to, disciplinary 
    reports, criminal investigations, and related statements of witnesses, 
    and such other related matter in conjunction with the enforcement of 
    criminal laws, could interfere with the orderly investigations, with 
    the orderly administration of justice, and possibly enable suspects to 
    avoid detection or apprehension. Disclosure of this information could 
    result in the concealment, destruction, or fabrication of evidence, and 
    jeopardize the safety and well-being of informants, witnesses and their 
    families, and law enforcement personnel and their families. Disclosure 
    of this information could also reveal and render ineffectual 
    investigative techniques, sources, and methods used by these components 
    and could result in the invasion of the privacy of individuals only 
    incidentally related to an investigation. The exemption of the 
    individual's right of access to portions of these records, and the 
    reasons therefor, necessitate the exemption of this system of records 
    from the requirement of the other cited provisions.
    
        (e) System Identifier and Name: N01754-3, Navy Child Development 
    Services Program.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3) and (d).
        Authority: 5 U.S.C. 552a(k)(2).
        Reasons: Exemption is needed in order to encourage persons having 
    knowledge of abusive or neglectful acts toward children to report such 
    information, and to protect such sources from embarrassment or 
    recrimination, as well as to protect their right to privacy. It is 
    essential that the identities of all individuals who furnish 
    information under an express promise of confidentiality be protected. 
    Additionally, granting individuals access to information relating to 
    criminal and civil law enforcement, as well as the release of certain 
    disclosure accountings, could interfere with ongoing investigations and 
    the orderly administration of justice, in that it could result in the 
    concealment, alteration, destruction, or fabrication of information; 
    could hamper the identification of offenders and the disposition of 
    charges; and could jeopardize the safety and well being of parents and 
    their children.
    
        (f) System Identifier and Name: N03834-1, Special Intelligence 
    Personnel Access File.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), (e)(4) 
    (G) through (I), and (f).
        Authority: 5 U.S.C. 552a(k) (1) and (5).
        Reasons: Exempted portions of this system contain information that 
    has been properly classified under E.O. 12356, and that is required to 
    be kept secret in the interest of national defense or foreign policy. 
    Exempted portions of this system also contain information considered 
    relevant and necessary to make a determination as to qualifications, 
    eligibility, or suitability for access to classified information and 
    was obtained by providing an express or implied assurance to the source 
    that his or her identity would not be revealed to the subject of the 
    record.
    
        (g) System Identifier and Name: N04060-1, Navy and Marine Corps 
    Exchange Security Files.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(4) (G) 
    through (I), and (f).
        Authority: 5 U.S.C. 552a(k)(2).
        Reasons: Granting individuals access to information collected and 
    maintained by these activities relating to the enforcement of criminal 
    laws could interfere with orderly investigations, with orderly 
    administration of justice, and possibly enable suspects to avoid 
    detection or apprehension. Disclosure of this information could result 
    in the concealment, destruction, or fabrication of evidence, and could 
    also reveal and render ineffectual investigative techniques, sources, 
    and methods used by these activities.
        (h) System Identifier and Name: N04385-1, IG Investigatory System.
        Exemption: Portions of this system or records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (c)(4), (d), (e)(2), 
    (e)(3), (e)(4) (G) through (I), (e)(5), (e)(8), (f), and (g).
        Authority: 5 U.S.C. 552a(j) (2).
        Reasons: Granting individuals access to information collected and 
    maintained by these activities relating to the enforcement of criminal 
    laws could interfere with orderly investigations, the orderly 
    administration of justice, and might enable suspects to avoid detection 
    and apprehension. Disclosures of this information could result in the 
    concealment, destruction, or fabrication of evidence, and possibly 
    jeopardize the safety and well being of informants, witnesses and their 
    families. Such disclosures could also reveal and render ineffectual 
    investigatory techniques and methods and sources of information and 
    could result in the invasion of the personal privacy of individuals 
    only incidentally related to an investigation. The exemption of the 
    individual's right of access to his or her records, and the reasons 
    therefore, necessitate the exemption of this system of records from the 
    provisions of the other cited sections of 5 U.S.C. 552a.
    
        (i) System Identifier and Name: N04385-2, Hotline Program Case 
    Files.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), 
    (e)(4)(G), (H), (I), and (f).
        Authority: 5 U.S.C. 552a(k) (1), (2), (5), (6) and (7).
        Reasons: Exempted portions of this system consist of information 
    compiled for the purpose of investigations, including reports of 
    informants and investigators. Such investigations may be associated 
    with identifiable individuals. Disclosure of files in this system would 
    interfere with orderly investigations, and possibly result in the 
    concealment, destruction, or fabrication of evidence, and possibly 
    jeopardize the safety and well-being of informants, witnesses and their 
    families. Such disclosures could also reveal and render ineffectual 
    investigatory techniques and methods and sources of information and 
    could further result in the invasion of the personal privacy of 
    individuals only incidentally related to an investigation. Depending on 
    the nature of the complaint, records may contain information that: is 
    currently and properly classified pursuant to E.O. and must be kept 
    secret in the interest of national defense or foreign policy, is 
    confidentially provided information located in investigatory records 
    compiled for the purposed of enforcement of non-criminal law, relates 
    to qualifications, eligibility, or suitability for Federal employment, 
    is test or examination material used to determine qualifications for 
    appointment or promotion in the Federal service, is confidentially 
    provided information used to determine potential for promotion in the 
    armed services.
    
        (j) System Identifier and Name: N05300-3, Faculty Professional 
    Files.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(4) (G) and 
    (H), and (f).
        Authority: 5 U.S.C. 552a(k)(5).
        Reasons: Exempted portions of this system contain information 
    considered relevant and necessary to make a release determination as to 
    qualifications, eligibility, or suitability for Federal employment, and 
    was obtained by providing an express or implied promise to the source 
    that his or her identity would not be revealed to the subject of the 
    record.
    
        (k) System Identifier and Name: N05354-1, Equal Opportunity 
    Information Management System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(4)(G) 
    through (I), and (f).
        Authority: 5 U.S.C. 552a(k)(1) and (5).
        Reasons: Granting access to information in this system of records 
    could result in the disclosure of classified material, or reveal the 
    identity of a source who furnished information to the Government under 
    an express or implied promise of confidentiality. Material will be 
    screened to permit access to unclassified material and to information 
    that will not disclose the identity of a confidential source.
    
        (l) System Identifier and Name: N05520-1, Personnel Security 
    Eligibility Information System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(4)(G) and 
    (I), and (f).
        Authority: 5 U.S.C. 552a(k) (1), (2), (5), and (7).
        Reasons: Granting individuals access to information collected and 
    maintained in this system of records could interfere with orderly 
    investigations; result in the disclosure of classified material; 
    jeopardize the safety of informants, witnesses, and their families; 
    disclose investigative techniques; and result in the invasion of 
    privacy of individuals only incidentally related to an investigation. 
    Material will be screened to permit access to unclassified information 
    that will not disclose the identity of sources who provide the 
    information to the government under an express or implied promise of 
    confidentiality.
    
        (m)  System Identifier and Name: N05520-4, NIS Investigative Files 
    System.
        Exemption (1): Portions of this system of records are exempt from 
    the following subsections of the Privacy Act: (c)(3), (c)(4), (d), 
    (e)(2), (e)(3), (e)(4)(G) through (I), (e)(5), (e)(8), (f), and (g).
        Authority (1): 5 U.S.C. 552a(j)(2).
        Reason (1): Granting individuals access to information collected 
    and maintained by this activity relating to the enforcement of criminal 
    laws could interfere with the orderly investigations, with the orderly 
    administration of justice, and possibly enable suspects to avoid 
    detection or apprehension. Disclosure of this information could result 
    in the concealment, destruction, or fabrication of evidence, and 
    jeopardize the safety and well-being of informants, witnesses and their 
    families, and law enforcement personnel and their families. Disclosure 
    of this information could also reveal and render ineffectual 
    investigative techniques, sources, and methods used by these components 
    and could result in the invasion of the privacy of individuals only 
    incidentally related to an investigation. The exemption of the 
    individual's right of access to portions of these records, and the 
    reasons therefor, necessitate the exemption of this system of records 
    from the requirement of the other cited provisions.
        Exemption (2): Portions of this system of records are exempt from 
    the following subsections of the Privacy Act: (c)(3), (d), (e)(1), 
    (e)(4)(G) through (I), and (f).
        Authority (2): 5 U.S.C. 552a(k) (1), (3), (4), (5) and (6).
        Reason (2): The release of disclosure accountings would permit the 
    subject of an investigation to obtain valuable information concerning 
    the nature of that investigation, and the information contained, or the 
    identity of witnesses or informants, would therefor present a serious 
    impediment to law enforcement. In addition, disclosure of the 
    accounting would amount to notice to the individual of the existence of 
    a record. Access to the records contained in this system would inform 
    the subject of the existence of material compiled for law enforcement 
    purposes, the premature release of which could prevent the successful 
    completion of investigation, and lead to the improper influencing of 
    witnesses, the destruction of records, or the fabrication of testimony. 
    Exempt portions of this system also contain information that has been 
    properly classified under E.O. 12356, and that is required to be kept 
    secret in the interest of national defense or foreign policy.
        Exempt portions of this system also contain information considered 
    relevant and necessary to make a determination as to qualifications, 
    eligibility, or suitability for Federal civilian employment, military 
    service, Federal contracts, or access to classified information, and 
    was obtained by providing an express or implied assurance to the source 
    that his or her identity would not be revealed to the subject of the 
    record. The notice of this system of records published in the Federal 
    Register sets forth the basic statutory or related authority for 
    maintenance of the system.
        The categories of sources of records in this system have been 
    published in the Federal Register in broad generic terms. The identity 
    of specific sources, however, must be withheld in order to protect the 
    confidentiality of the source, of criminal and other law enforcement 
    information. This exemption is further necessary to protect the privacy 
    and physical safety of witnesses and informants.
        This system of records is exempted from procedures for notice to an 
    individual as to the existence of records pertaining to him/her dealing 
    with an actual or potential civil or regulatory investigation, because 
    such notice to an individual would be detrimental to the successful 
    conduct and/or completion of an investigation, pending or future. Mere 
    notice of the fact of an investigation could inform the subject or 
    others that their activities are under, or may become the subject of, 
    an investigation. This could enable the subjects to avoid detection, to 
    influence witnesses improperly, to destroy records, or to fabricate 
    testimony.
        Exempt portions of this system containing screening board reports. 
    Screening board reports set forth the results of oral examination of 
    applicants for a position as a special agent with the Naval 
    Investigation Service Command. Disclosure of these records would reveal 
    the areas pursued in the course of the examination and thus adversely 
    affect the result of the selection process. Equally important, the 
    records contain the candid views of the members composing the board. 
    Release of the records could affect the willingness of the members to 
    provide candid opinions and thus diminish the effectiveness of a 
    program which is essential to maintaining the high standard of the 
    Special Agent Corps., i.e., those records constituting examination 
    material used solely to determine individual qualifications for 
    appointment in the Federal service.
    
        (n) System Identifier and Name: N05520-5, Navy Joint Adjudication 
    and Clearance System (NJACS).
        Exemption: Portions of this system of records are exempt from the 
    following subsections of 5 U.S.C. 552a: (d)(1-5).
        Authority: 5 U.S.C. 552a(k)(1) and (k)(5).
        Reasons: Granting individuals access to information collected and 
    maintained in this system of records could result in the disclosure of 
    classified material; and jeopardize the safety of informants, and their 
    families. Further, the integrity of the system must be ensured so that 
    complete and accurate records of all adjudications are maintained. 
    Amendment could cause alteration of the record of adjudication.
    
        (o) System Identifier and Name: N05527-1, Security Incident System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (c)(4), (d), (e)(2), 
    and (e)(4)(G) through (I), (e)(5), (e)(8), (f) and (g).
        Authority: 5 U.S.C. 552a(j)(2).
        Reasons: Granting individuals access to information collected and 
    maintained by this component relating to the enforcement of criminal 
    laws could interfere with orderly administration of justice, and 
    possibly enable suspects to avoid detection or apprehension. Disclosure 
    of this information could result in concealment, destruction, or 
    fabrication of evidence, and jeopardize the safety and well being of 
    informants, witnesses and their families, and of law enforcement 
    personnel and their families. Disclosure of this information could also 
    reveal and render ineffectual investigative techniques, sources, and 
    methods used by this component, and could result in the invasion of 
    privacy of individuals only incidentally related to an 
    investigation.The exemption of the individual's right of access to his 
    or her records, and the reason therefore, necessitate the exemption of 
    this system of records from the requirements of other cited provisions.
    
        (p) System Identifier and Name: N05527-4, Naval Security Group 
    Personnel Security/Access Files.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), 
    (e)(4)(G) through (I), and (f).Authority: 5 U.S.C. 552a(k)(1) through 
    (k)(5).
        Reasons: Exempt portions of this system contain information that 
    has been properly classified under E.O. 12356, and that is required to 
    be kept secret in the interest of national defense or foreign policy. 
    Exempt portions of this system also contain information considered 
    relevant and necessary to make a determination as to qualification, 
    eligibility or suitability for access to classified special 
    intelligence information, and that was obtained by providing an express 
    or implied promise to the source that his or her identity would not be 
    revealed to the subject of the record.
    
        (q) System Identifier and Name: N05800-1, Legal Office Litigation/
    Correspondence Files.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (d), (e)(1), and (f)(2), (3), 
    and (4).
        Authority: 5 U.S.C. 552a(k)(1), (k)(2), (k)(5), (k)(6), and (k)(7).
        Reasons: Subsection (d) because granting individuals access to 
    information relating to the preparation and conduct of litigation would 
    impair the development and implementation of legal strategy. 
    Accordingly, such records are exempt under the attorney-client 
    privilege. Disclosure might also compromise on-going investigations and 
    reveal confidential informants. Additionally, granting access to the 
    record subject would seriously impair the Navy's ability to negotiate 
    settlements or pursue other civil remedies. Amendment is inappropriate 
    because the litigation files contain official records including 
    transcripts, court orders, investigatory materials, evidentiary 
    materials such as exhibits, decisional memorandum and other case-
    related papers. Administrative due process could not be achieved by the 
    ``exparte'' correction of such materials.
        Subsection (e)(1) because it is not possible in all instances to 
    determine relevancy or necessity of specific information in the early 
    stages of case development. What appeared relevant and necessary when 
    collected, ultimately may be deemed unnecessary upon assessment in the 
    context of devising legal strategy. Information collected during civil 
    litigation investigations which is not used during subject case is 
    often retained to provide leads in other cases or to establish patterns 
    of activity.
        Subsection (f)(2), (3), and (4) because this record system is 
    exempt from the individual access provisions of subsection (d).
    
        (r) System Identifier and Name: N05819-3, Naval Clemency and Parole 
    Board Files.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(4), (d), (e)(4)(G), and 
    (f).
        Authority: 5 U.S.C. 552a(j)(2).
        Reasons: Granting individuals access to records maintained by this 
    Board could interfere with internal processes by which Board personnel 
    are able to formulate decisions and policies with regard to clemency 
    and parole in cases involving naval prisoners and other persons under 
    the jurisdiction of the Board. Material will be screened to permit 
    access to all material except such records or documents as reflect 
    items of opinion, conclusion, or recommendation expressed by individual 
    board members or by the board as a whole.
        The exemption of the individual's right to access to portions of 
    these records, and the reasons therefore, necessitate the partial 
    exemption of this system of records from the requirements of the other 
    cited provisions.
    
        (s) System Identifier and Name: N06320-2, Family Advocacy Program 
    System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3) and (d).
        Authority: 5 U.S.C. 552a(k)(2) and (k)(5).
        Reasons: Exemption is needed in order to encourage persons having 
    knowledge of abusive or neglectful acts toward children to report such 
    information, and to protect such sources from embarrassment or 
    recriminations, as well as to protect their right to privacy. It is 
    essential that the identities of all individuals who furnish 
    information under an express promise of confidentiality be protected. 
    Additionally, granting individuals access to information relating to 
    criminal and civil law enforcement, as well as the release of certain 
    disclosure accounting, could interfere with ongoing investigations and 
    the orderly administration of justice, in that it could result in the 
    concealment, alteration, destruction, or fabrication of information; 
    could hamper the identification of offenders or alleged offenders and 
    the disposition of charges; and could jeopardize the safety and well 
    being of parents and their children.
        Exempted portions of this system also contain information 
    considered relevant and necessary to make a determination as to 
    qualifications, eligibility, or suitability for Federal employment and 
    Federal contracts, and that was obtained by providing an express or 
    implied promise to the source that his or her identity would not be 
    revealed to the subject of the record.
    
        (t) System Identifier and Name: N12930-1, Human Resources Group 
    Personnel Records.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (d), (e)(4)(G) and (H), and 
    (f).
        Authority: 5 U.S.C. 552a(k)(5) and (k)(6).
        Reasons: Exempted portions of this system contain information 
    considered relevant and necessary to make a determination as to 
    qualifications, eligibility, or suitability for Federal employment, and 
    was obtained by providing express or implied promise to the source that 
    his or her identity would not be revealed to the subject of the record. 
    Exempted portions of this system also contain test or examination 
    material used solely to determine individual qualifications for 
    appointment or promotion in the Federal service, the disclosure of 
    which would comprise the objectivity or fairness of the testing or 
    examination process.
    
    
    Sec. 701.119  Exemptions for Specific Marine Corps Record Systems.
    
        (a) System Identifier and Name: MMN00018, Base Security Incident 
    Reporting System.
        Exemption: Portions of this system of records are exempt from the 
    following subsections of the Privacy Act: (c)(3), (c)(4), (d), (e) (2) 
    and (3), (e)(4)(G) through (I), (e)(5), (e)(8), (f), and (g).
        Authority: 5 U.S.C. 552a(j)(2).
        Reasons: Granting individuals access to information collected and 
    maintained by these activities relating to the enforcement of criminal 
    laws could interfere with orderly investigations, with the orderly 
    administration of justice, and might enable suspects to avoid detection 
    or apprehension. Disclosure of this information could result in the 
    concealment, destruction, or fabrication of evidence, and jeopardize 
    the safety and well being of informants, witnesses and their families, 
    and law enforcement personnel and their families. Disclosure of this 
    information could also reveal and render ineffectual investigative 
    techniques, sources, and methods used by this component, and could 
    result in the invasion of the privacy of individuals only incidentally 
    related to an investigation. The exemption of the individual's right of 
    access to his or her records, and the reasons therefore, necessitate 
    the exemption of this system of records from the requirements of other 
    cited provisions.
    
        (b) System Identifier and Name: MIN00001, Personnel and Security 
    Eligibility and Access Information System.
        Exemption: Portions of this system of records are exempt for the 
    following subsections of the Privacy Act: (c)(3), (d), (e)(1), 
    (e)(4)(G) through (I), and (f).
        Authority: 5 U.S.C. 552a(k)(2), (k)(3), and (k)(5), as applicable.
        Reasons: Exempt portions of this system contain information that 
    has been properly classified under E.O. 12356, and that is required to 
    be kept secret in the interest of national defense or foreign policy.
        Exempt portions of this system also contain information considered 
    relevant and necessary to make a determination as to qualifications, 
    eligibility, or suitability for Federal civilian employment, military 
    service, Federal contracts, or access to classified, compartmented, or 
    otherwise sensitive information, and was obtained by providing an 
    expressed or implied assurance to the source that his or her identity 
    would not be revealed to the subject of the record.
        Exempt portions of this system further contain information that 
    identifies sources whose confidentiality must be protected to ensure 
    that the privacy and physical safety of these witnesses and informants 
    are protected.
    
        Dated: May 26, 1994.
    
    
    L. M. Bynum,
    Alternate OSD Federal Register Liaison Officer, Department of Defense.
    [FR Doc. 94-13279 Filed 05-31-94; 8:45 am]
    BILLING CODE 3810-01-F
    
    
    

Document Information

Published:
06/01/1994
Department:
Interior Department
Entry Type:
Uncategorized Document
Action:
Proposed rule.
Document Number:
94-13279
Dates:
Comments must be received on or before August 1, 1994, to be considered by this agency.
Pages:
0-0 (1 pages)
Docket Numbers:
Federal Register: June 1, 1994
CFR: (24)
32 CFR 701.109(a)(4)
32 CFR 701.109(b)
32 CFR 701.109(d)
32 CFR 701.113(h)
32 CFR 70l.117
More ...