(a) Authority. This part is issued by the Board of Governors of the Federal Reserve System (the Board) pursuant to the Privacy Act of 1974 (5 U.S.C. 552a).

(b) Purpose and scope. This part implements the provisions of the Privacy Act of 1974 with regard to the maintenance, protection, disclosure, and amendment of records contained within systems of records maintained by the Board. It sets forth the procedures for requests for access to, or amendment of, records concerning individuals that are contained in systems of records maintained by the Board.

For the purposes of this part, the following definitions apply:

(a) Business day means any day except Saturday, Sunday, or a legal Federal holiday.

(b) Guardian means the parent of a minor, or the legal guardian of any individual who has been declared to be incompetent due to physical or mental incapacity or age by a court of competent jurisdiction.

(c) Individual means a natural person who is either a citizen of the United States or an alien lawfully admitted for permanent residence.

(d) Maintain includes maintain, collect, use, or disseminate.

(e) Record means any item, collection, or grouping of information about an individual maintained by the Board that contains the individual's name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a fingerprint, voice print, or photograph.

(f) Routine use means, with respect to disclosure of a record, the use of such record for a purpose that is compatible with the purpose for which it was collected or created.

(g) System of records means a group of any records under the control of the Board from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual.

(h) You means an individual making a request under the Privacy Act.

(i) We means the Board.

(a) Custodian of records. The Secretary of the Board is the official custodian of all Board records.

(b) Delegated authority of Secretary. The Secretary of the Board is authorized to—

(1) Respond to requests for access to, accounting of, or amendment of records contained in a system of records, except for such requests regarding systems of records maintained by the Board's Office of the Inspector General (OIG);

(2) Approve the publication of new systems of records and amend existing systems of records, except systems of records exempted pursuant to § 261a.13(b), (c) and (d); and

(3) File any necessary reports related to the Privacy Act.

(c) Delegated authority of designee. Any action or determination required or permitted by this part to be done by the Secretary of the Board may be done by a Deputy or Associate Secretary or other responsible employee of the Board who has been duly designated for this purpose by the Secretary.

(d) Delegated authority of Inspector General. The Inspector General is authorized to respond to requests for access or amendment for systems of records maintained by the OIG.

(a) Copies of records. We will provide you with copies of records you request under § 261a.5 of this part at the same cost we charge for duplication of records and/or production of computer output under the Board's Rules Regarding Availability of Information, 12 CFR part 261.

(b) No fee. We will not charge you a fee if—

(1) Your total charges are less than $5, or

(2) You are a Board employee or former employee, or an applicant for employment with the Board, and you request records pertaining to you.

(a) Procedures for making request. (1) Except as provided in paragraph (a)(2) of this section, if you (or your guardian) want to learn of the existence of, or to gain access to, your record in a system of records, you may submit a request in Start Printed Page 25596writing to the Secretary of the Board, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551.

(2) If you want to request information contained in a system of records maintained by the Board's OIG, you may submit the request in writing to the Inspector General, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551.

(b) Contents of request. Your request must include—

(1) A statement that the request is made pursuant to the Privacy Act of 1974;

(2) The name of the system of records you believe contains the record you request, or a concise description of that system of records;

(3) Information necessary to verify your identity pursuant to paragraph (c) of this section; and

(4) Any other information that may assist us in identifying the record you seek (e.g., maiden name, dates of employment, etc.).

(c) Verification of identity. We will require proof of your identity, and we reserve the right to determine whether the proof you submit is adequate. In general, we will consider the following to be adequate proof of identity:

(1) If you are a current Board employee, your Board identification card; or

(2) If you are not a current Board employee, either—

(i) Two forms of identification, including one photo identification, or

(ii) A notarized statement attesting to your identity.

(d) Verification of identity not required. We will not require verification of identity when the records you seek are available to any person under the Freedom of Information Act (5 U.S.C. 552).

(e) Request for accounting of previous disclosures. You may request an accounting of previous disclosures of records pertaining to you in a system of records as provided in 5 U.S.C. 552a(c).

(a) Compliance with Freedom of Information Act. We will handle every request made pursuant to § 261a.5 of this part as a request for information pursuant to the Freedom of Information Act, except that the time limits set forth in paragraph (b) of this section and the fees specified in § 261a.4 of this part will apply to such requests.

(b) Time for response. We will acknowledge every request made pursuant to § 261a.5 of this part within 20 business days from receipt of the request and will, where practicable, respond to each request within that 20-day period. When a full response is not practicable within the 20-day period, we will respond as promptly as possible.

(c) Disclosure. (1) When we disclose information in response to your request, except for information maintained by the Board's OIG, you may inspect or copy it during regular business hours at the Board's Freedom of Information Office, or you may request that we mail it to you.

(2) When the information to be disclosed is maintained by the Board's OIG, the OIG will make the information available for inspection and copying or will mail it to you on request.

(3) You may bring with you anyone you choose to see the requested material.

(d) Denial of request. If we deny a request made pursuant to § 261a.5 of this part, we will tell you the reason(s) for denial and the procedures for appealing the denial.

If you request medical or psychological records pursuant to § 261a.5, we will disclose them directly to you unless the Chief Privacy Officer, in consultation with the Board's physician or Employee Assistance Program counselor, determines that such disclosure could have an adverse effect on you. If the Chief Privacy Officer makes that determination, we will provide the information to a licensed physician or other appropriate representative you name, who may disclose those records to you in a manner he or she deems appropriate.

(a) Procedures for making request.

(1) If you wish to amend a record that pertains to you in a system of records, you may submit a request in writing to the Secretary of the Board (or to the Inspector General for records in a system of records maintained by the OIG) in an envelope clearly marked “Privacy Act Amendment Request.”

(2) Your request for amendment of a record must—

(i) Identify the system of records containing the record for which amendment is requested;

(ii) Specify the portion of that record requested to be amended; and

(iii) Describe the nature of and reasons for each requested amendment.

(3) We will require you to verify your identity under the procedures set forth in § 261a.5(c) of this part, unless you have already done so in a related request for access or amendment.

(b) Burden of proof. Your request for amendment of a record must tell us why you believe the record is not accurate, relevant, timely, or complete. You have the burden of proof for demonstrating the appropriateness of the requested amendment, and you must provide relevant and convincing evidence in support of your request.

(a) Time limits. We will acknowledge your request for amendment of your record within 10 business days after we receive your request. In the acknowledgment, we may request additional information necessary for a determination on the request for amendment. We will make a determination on a request to amend a record promptly.

(b) Contents of response to request for amendment. When we respond to a request for amendment, we will tell you whether your request is granted or denied. If we deny the request, in whole or in part, we will tell you—

(1) Why we denied the request (or portion of the request);

(2) That you have a right to appeal; and

(3) How to file an appeal.

(a) Appeal. You may appeal a denial of a request made pursuant to § 261a.5 or § 261a.8 of this part within 10 business days after we notify you that we denied your request. Your appeal must—

(1) Be made in writing to the Secretary of the Board, with the words “PRIVACY ACT APPEAL” written prominently on the first page;

(2) Specify the background of the request; and

(3) Provide reasons why you believe the initial denial is in error.

(b) Determination. We will make a determination on your appeal within 30 business days from the day we receive it, unless we extend the time for good cause.

(1) If we grant your appeal regarding a request for amendment, we will take the necessary steps to amend your record, and, when appropriate and possible, notify prior recipients of the record of our action.

(2) If we deny your appeal, we will inform you of such determination, tell you our reasons for the denial, and tell you about your right to file a statement of disagreement and your right to have a court review our decision. Start Printed Page 25597

(c) Statement of disagreement. (1) If we deny your appeal regarding a request for amendment, you may file a concise statement of disagreement with the denial. We will maintain your statement with the record you sought to amend, and any disclosure of the record will include a copy of your statement of disagreement.

(2) When practicable and appropriate, we will provide a copy of the statement of disagreement to any prior recipients of the record.

We will not disclose any record about you contained in a system of records to any person or agency without your prior written consent unless the disclosure is authorized by 5 U.S.C. 552a(b).

(a) Information compiled for civil action. This regulation does not permit you to have access to any information compiled in reasonable anticipation of a civil action or proceeding.

(b) Law enforcement information. Pursuant to 5 U.S.C. 552a(k)(2), we have determined that it is necessary to exempt the systems of records listed below from the requirements of the Privacy Act concerning access to records, accountings of disclosures of records, maintenance of only relevant and necessary information in files, and certain publication provisions, respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f), and §§ 261a.5, 261a.7, and 261a.8 of this part. The exemption applies only to the extent that a system of records contains investigatory materials compiled for law enforcement purposes.

(1) BGFRS-1 Recruiting and Placement Records.

(2) BGFRS 2 Personnel Security Systems.

(3) BGFRS 4 General Personnel Records.

(4) BGFRS 5 EEO Discrimination Complaint File.

(5) BGFRS 18 Consumer Complaint Information.

(6) BGFRS 21 Supervisory Enforcement Actions and Special Examinations Tracking System.

(7) BGFRS 31 Protective Information System.

(8) BGFRS 32 Visitor Registration System.

(9) BGFRS 36 Federal Reserve Application Name Check System.

(10) BGFRS/OIG 1 OIG Investigative Records.

(c) Confidential references. Pursuant to 5 U.S.C. 552a(k)(5), we have determined that it is necessary to exempt the systems of records listed below from the requirements of the Privacy Act concerning access to records, accountings of disclosures of records, maintenance of only relevant and necessary information in files, and certain publication provisions, respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f), and §§ 261a.5, 261a.7, and 261a.8 of this part. The exemption applies only to the extent that a system of records contains investigatory material compiled to determine an individual's suitability, eligibility, and qualifications for Board employment or access to classified information, and the disclosure of such material would reveal the identity of a source who furnished information to the Board under a promise of confidentiality.

(1) BGFRS-1 Recruiting and Placement Records.

(2) BGFRS-2 Personnel Security Systems.

(3) BGFRS-4 General Personnel Records.

(4) BGFRS-10 General Files on Board Members.

(5) BGFRS-11 Official General Files.

(6) BGFRS-13 Federal Reserve System Bank Supervision Staff Qualifications.

(7) BGFRS-14 General File on Federal Reserve Bank and Branch Directors.

(8) BGFRS-25 Multi-Rater Feedback Records.

(9) BGFRS/OIG-1 OIG Investigative Records.

(10) BGFRS/OIG-2 OIG Personnel Records.

(d) Criminal law enforcement information. Pursuant to 5 saU.S.C. 552a(j)(2), we have determined that the OIG Investigative Records (BGFRS/OIG-1) are exempt from the Privacy Act, except the provisions regarding disclosure, the requirement to keep an accounting, certain publication requirements, certain requirements regarding the proper maintenance of systems of records, and the criminal penalties for violation of the Privacy Act, respectively, 5 U.S.C. 552a(b), (c)(1), and (2), (e)(4)(A) through (F), (e)(6), (e)(7), (e)(9), (e)(10), (e)(11) and (i).