This section of the Code of Federal Regulations (CFR) is about the Privacy Act of 1974 and other responsibilities that Federal agencies must adhere to in order to protect individuals‘ privacy.
Subpart B—The Privacy Act § 401.30. Privacy Act and other responsibilities.
https://www.ssa.gov/OP_Home/cfr20/401/401-0030.htm
(a) The Privacy Act. The Privacy Act of 1974 (5 U.S.C. §§ 552a, et seq.) applies to all Federal agencies when they collect, maintain, use, or disseminate records about individuals that are retrieved by an individual‘s name or other personal identifier. The Privacy Act sets forth a number of requirements for Federal agencies, including requirements for:
- (1) Establishing and maintaining records in a manner that is accurate and up to date;
- (2) Providing individuals access to their records;
- (3) Establishing and maintaining appropriate administrative, technical, and physical safeguards to protect personal information;
- (4) Notifying individuals of the purpose and use of their records;
- (5) Refraining from disseminating records outside the agency unless authorized by law; and
- (6) Establishing procedures to ensure that all requests for access to records are properly processed.
(b) Other responsibilities. In addition to the Privacy Act, Federal agencies have other responsibilities to protect individuals‘ privacy. These include:
- (1) Establishing rules and procedures for protecting individuals‘ personal information;
- (2) Establishing policies for responding to requests