31 C.F.R. Subpart D—Safeguarding
Title 31 - Money and Finance: Treasury
Information classified pursuant to this Order or predecessor Orders shall be afforded a level of protection against unauthorized disclosure commensurate with its level of classification. (a) Determination of Need-To-Know. Classified information shall be made available to a person only when the possessor of the classified information establishes in each instance, except as provided in section 4.3 of the Order, that access is essential to the accomplishment of official United States Government duties or contractual obligations. (b) Determination of Trustworthiness. A person is eligible for access to classified information only after a showing of trustworthiness as determined by the Secretary of the Treasury based upon appropriate investigations in accordance with applicable standards and criteria. (c) Classified Information Nondisclosure Agreement. Standard Form 312 (Classified Information Nondisclosure Agreement) or the prior SF 189, bearing the same title, are nondisclosure agreements between the United States and an individual. The execution of either the SF 312 or SF 189 agreement by an individual is necessary before the United States Government may grant the individual access to classified information. Bureaus and the Departmental Offices must retain executed copies of the SF 312 or prior SF 189 in file systems from which the agreements can be expeditiously retrieved in the event the United States must seek their enforcement. Copies or legally enforceable facsimiles of the SF 312 or SF 189 must be retained for 50 years following their date of execution. The national stock number for the SF 312 is 7540–01–280–5499. (a) Access to classified information may be granted only as is essential to the accomplishment of authorized and lawful United States Government purposes. This requirement may be waived, however, for persons who: (1) Are engaged in historical research projects, or (2) Previously have occupied policymaking positions to which they were appointed by the President. (b) Access to classified information may be granted to historical researchers and to former Presidential appointees upon a determination of trustworthiness; a written determination that such access is consistent with the interests of national security; the requestor's written agreement to safeguard classified information; and the requestor's written consent to have his or her notes and manuscripts reviewed to ensure that no classified information is contained therein. The conferring of historial researcher status does not include authorization to release foreign government information or other agencies' classified information per §2.24 of this part. By the terms of section 4.3(b)(3) of the Order, former Presidential appointees not engaged in historical research may only be granted access to classified documents which they “originated, reviewed, signed or received while serving as a Presidential appointee.” Coordination shall be made with the Departmental Director of Security with respect to the required written agreements to be signed by the Department and such historical researchers or former Presidential appointees, as a condition of such access and to ensure the safeguarding of classified information. (c) If the access requested by historical researchers and former Presidential appointees requires the rendering of services for which fair and equitable fees may be charged pursuant to 31 U.S.C. 9701, the requestor shall be so notified and the fees may be imposed. Treasury's fee schedule identified in §2.18(b)(1)(x), applicable to mandatory declassification review, shall also apply to fees charged for services provided to historical researchers and former Presidential appointees for search and/or review and copying. Except as otherwise provided by section 102 of the National Security Act of 1947, 61 Stat. 495, 50 U.S.C. 403, classified information originating in another agency may not be disseminated outside the Department without the consent of the originating agency. The Administrator of General Services issues (in coordination with agencies originating classified information), establishes and publishes uniform standards, specifications, and supply schedules for security equipment designed to provide for secure storage and to destroy classified information. Treasury bureaus and the Departmental Offices may establish more stringent standards for their own use. Whenever new security equipment is procured, it shall be in conformance with the standards and specifications referred to above and shall, to the maximum extent practicable, be of the type available through the Federal Supply System. (a) Top Secret Control Officers. Each Treasury bureau and the Departmental Offices shall designate a primary and alternate Top Secret Control Officer. Within the Departmental Offices, the Top Secret Control Officer function will be established in the Office of the Executive Secretary for collateral Top Secret information and in the Office of the Special Assistant to the Secretary (National Security) with respect to sensitive compartmented information. The term “collateral” refers to national security information classified Confidential, Secret, or Top Secret under the provisions of Executive Order 12356 or prior Orders, for which special intelligence community systems of compartmentation (such as sensitive compartmented information) or special access programs are not formally established. Top Secret Control Officers so designated must have a Top Secret security clearance and shall: (1) Initially receive all Top Secret information entering their respective bureau, including the Departmental Offices. Any Top Secret information received by a Treasury bureau or Departmental Offices employee shall be immediately hand carried to the designated Top Secret Control Officer for proper accountability. (2) Maintain current accountability records of Top Secret information received within their bureau or office. (3) Ensure that Top Secret information is properly stored and that Top Secret information under their control is personally destroyed, when required. Top Secret information must be destroyed in the presence of an appropriately cleared official who shall actually witness such destruction. Accordingly, the use of burnbags to store Top Secret information, pending final destruction at a later date, is not authorized. (4) Ensure that prohibitions against reproduction of Top Secret information are strictly followed. (5) Conduct annual physical inventories of Top Secret information. An inventory shall be conducted in the presence of an individual with an appropriate security clearance. The inventory shall be completed annually and signed by the Top Secret Control Officer and the witnessing individual. (6) Ensure that Top Secret documents are downgraded, declassified, retired or destroyed as required by regulations or other markings. (7) Attach a TD F 71–01.7 (Top Secret Document Record) to the first page or cover of each copy of Top Secret information. The Top Secret Document Record shall be completed by the Top Secret Control Officer and shall serve as a permanent record. (8) Ensure that all persons having access to Top Secret information sign the Top Secret Document Record. This also includes persons to whom oral disclosure of the contents is made. (9) Maintain receipts concerning the transfer and destruction of Top Secret information. Record all such actions on the Top Secret Document Record which shall be retained for a minimum of three years. (10) As received, number in sequence each Top Secret document in a calendar year series (e.g. TS 89–001). This number shall be posted on the face of the document and on all forms required for control of Top Secret information. (11) Attach a properly executed TD F 71–01.5 (Classified Document Record of Transmittal) when a Top Secret document is transmitted internally or externally. (12) Verify, prior to releasing Top Secret information, that the recipient has both a security clearance and is authorized access to such information. (13) Report, in writing, all Top Secret documents unaccounted for to the Assistant Secretary (Management) who shall take appropriate action in conjunction with the Departmental Director of Security. (14) Assure that no individual within his or her office or bureau transmits Top Secret information to another individual or office without the knowledge and consent of the Top Secret Control Officer. (15) Ensure upon receipt that a Standard Form 703 (Top Secret Cover Sheet) is affixed to such information. (16) Notify office and/or bureau employees annually in writing of the designated control point for all incoming and outgoing Top Secret information. (17) Be notified as to the transmission, per §2.28(b), whenever Top Secret information is sent outside of a Treasury bureau or office within the Departmental Offices. (b) Top Secret Control Officer Listings. In order for the Departmental Director of Security to maintain a current listing of Top Secret Control Officers within the Department, each Treasury bureau and the Departmental Offices shall annually report each October 15th in writing to the Departmental Office of Security, the identities of the office(s) and names of the officials designated as their primary and alternate Top Secret Control Officers. Any changes in these designations shall be reported to the Departmental Director of Security within thirty days. (c) Top Secret Document Record. Upon receipt in the Department a green, color coded, TD F 71–01.7 (Top Secret Document Record) shall be attached by the Top Secret Control Officer to the first page or cover of the original and each copy of Top Secret information. The Top Secret Document Record shall remain attached to the Top Secret information until it is either transferred to another United States Government agency, downgraded, declassified or destroyed. The Top Secret Document Record, which shall initially be completed by the Top Secret Control Officer, shall identify the Top Secret information attached, and shall serve as a permanent record of the information. All persons, including stenographic and clerical personnel, having access to the information attached to the Top Secret Document Record must list their name and the date on the TD F 71–01.7 prior to accepting responsibility for its custody. The TD F 71–01.7 shall also indicate those individuals to whom only oral disclosure of the contents is made. Whenever any Top Secret information is transferred to another United States Government agency, downgraded, declassified or destroyed, the Top Secret Control Officer shall record the action on the Top Secret Document Record and retain it for a minimum or three years after which time it may be destroyed. In order to maintain the integrity of the color coding process the photocopying and use of non-color coded Top Secret Document Record forms is prohibited. (d) Classified Document Record of Transmittal. TD F 71–01.5 (Classified Document Record of Transmittal) shall be the exclusive classified document accountability record for use within the Department of the Treasury. No other logs or records shall be required except for the use of TD F 71–01.7 which is applicable to Top Secret information. TD F 71–01.5 shall be used for single or multiple document receipting and for internal and external routing. The inclusion of classified information on TD F 71–01.5 is to be avoided. In the event the subject title is classified, a recognizable short title shall be used, e.g., first letter of each word in the subject title. Several items may be transmitted to the same addressee with one TD F 71–01.5. TD F's 71–01.5 shall be maintained for a three year period after which the form may be destroyed. No record of the actual destruction of the TD F 71–01.5 is necessary. (1) Top Secret Information. Top Secret information shall be subject to a continuous receipt system regardless of how brief the period of custody. TD F 71–01.5 shall be used for this purpose. Top Secret accountability records shall be maintained by Top Secret Control Officers separately from the accountability records of other classified information. (2) Secret Information. Receipt on TD F 71–01.5 shall be required for transmission of Secret information between bureaus, offices and separate agencies. Responsible office heads shall determine administrative procedures required for the internal control within their respective offices. The volume of classified information handled and personnel resources available must be considered in determining the level of adequate security measures while at the same time maintaining operational efficiency. (3) Confidential and Limited Official Use Information. Receipts for Confidential and Limited Official Use information shall not be required unless the originator indicates that receipting is necessary. [55 FR 1644, Jan. 17, 1990; 55 FR 13134, Apr. 9, 1990] Classified information shall be stored only in facilities or under conditions designed to prevent unauthorized persons from gaining access to it. (a) Minimum Requirements for Physical Barriers—(1) Top Secret. Top Secret information shall be stored in a GSA-approved security container with an approved, built-in, three-position, dial-type, changeable, combination lock; in a vault protected by an alarm system and response force; or in other types of storage facilities that meet the standards for Top Secret information established under the provisions of §2.25. Top Secret information stored outside the United States must be in a facility afforded diplomatic status. One or more of the following supplementary controls is required: (i) The area that houses the security container or vault shall be subject to the continuous protection of U.S. guard or duty personnel; (ii) U.S. Guard or duty personnel shall inspect the security container or vault at least once every two hours; or (iii) The security container or vault shall be controlled by an alarm system to which a force will respond in person within 15 minutes. Within the United States, the designated security officer in each Treasury bureau and the Department Offices shall prescribe those supplementary controls deemed necessary to restrict unauthorized access to areas in which such information is stored. Any vault used for the storage of sensitive compartmented information shall be configured to the specifications of the Director of Central Intelligence. Prior to an office or bureau operating such a vault, formal written certification for its use must first be obtained from the Special Assistant to the Secretary (National Security) as the senior Treasury official of the Intelligence Community. (2) Secret and Confidential. Secret and Confidential information shall be stored in a manner and under the conditions prescribed for Top Secret information, or in a container, vault, or alarmed area that meets the standards for Secret or Confidential information established under the provisions of §2.25. Secret and Confidential information may also be stored in a safe-type filing cabinet having a built-in, three-position, dial-type, changeable, combination lock, and may continue to be stored in a steel filing cabinet equipped with a steel lock-bar secured by a GSA-approved three-position, dial-type, changeable, combination padlock. The modification, however, of steel filing cabinets to barlock-type as storage equipment for classified information and material is prohibited and efforts are to be made to selectively phase out the use of such barlock cabinets for storage of Secret information. Exceptions may be authorized only by the Departmental Director of Security upon written request from the designated bureau security officer. The designated security officer in each Treasury bureau and the Departmental Offices shall prescribe those supplementary controls deemed necessary to restrict unauthorized access to areas in which such information is stored. Access to bulky Secret and Confidential material in weapons storage areas, strong rooms, evidence vaults, closed areas or similar facilities shall be controlled in accordance with requirements approved by the Department. At a minimum, such requirements shall prescribe the use of GSA-approved, key-operated, high-security padlocks. For Secret and Confidential information stored outside the United States, it shall be stored in the manner authorized for Top Secret, in a GSA-approved safe file, or in a barlick cabinet equipped with a security-approved combination padlock if the cabinet is located in a security-approved vault and/or in a restricted area to which access is controlled by United States citizen personnel on a 24-hour basis. (b) Combinations—(1) Equipment in Service. Combinations to dial-type, changeable, combination locks shall be changed only by persons having an appropriate security clearance, and shall be changed, (i) Whenever such equipment is placed in use; (ii) Whenever a person knowing the combination no longer requires access to it; (iii) Whenever a combination has been subjected to possible compromise; (iv) Whenever the equipment is taken out of service: or (v) At least once each year. Knowledge of combinations shall be limited to the minimum number of persons necessary for operating purposes. Records of combinations shall be classified no lower than the highest level of classified information that is protected by the combination lock. When securing a combination lock, the dial must be turned at least four (4) complete times in the same direction after closing. Defects in or malfunctioning of storage equipment protecting classified national security or officially limited information must be reported immediately to the designated office or bureau security official for appropriate action. (2) Equipment Out of Service. When security equipment, used for the storage of classified national security or officially limited information, is taken out of service, it shall be physically inspected to ensure that no classified information or officialy limited information remains therein. Built-in, three-position, dial-type, changeable, combination locks shall be reset to the standard combination 50–25–50 and combination padlocks shall be reset to the standard combination 10–20–30. The designated security officer in each Treasury bureau and the Departmental Offices shall prescribe such supplementary controls deemed necessary to fulfill their individual needs to be consistent with §2.27. (3) Security Container Check Sheet. Each piece of security equipment used for the storage of classified information will have attached conspicuously to the outside a Standard Form 702 (Security Container Check Sheet) on which an authorized person will record the date and actual time each business day that they initially unlock and finally lock the security equipment, followed by their initials. Users of this form are to avoid citations which reflect the opening, locking and checking of the security equipment at standardized (non-actual) times, e.g., opened at 8:00 a.m. and closed/checked at 4:00 p.m. Bureaus and the Departmental Offices may continue to use Optional Form 62 (Safe or Cabinet Security Record) in lieu of the SF 702 until September 30, 1990, or such time as their supplies of Optional Form 62 are exhausted. The reprinting or photostatic reproduction and use of Optional Form 62 is not authorized. On each normal workday, regardless of whether the security equipment was opened on that particular day, the security equipment shall be checked by authorized personnel to assure that no surreptitious attempt has been made to penetrate the security equipment. Such examinations normally consist of a quick or casual visual check to note either any obvious marks or gashes, or defects or malfunction of the security equipment which are different from their prior observations or experience in operating the equipment concerned. Any such discrepancies in the appearance of or functioning of the security equipment, based upon this visual check, should be reported to appropriate security officials. The “Checked By” column of the SF 702 or Optional Form 62 shall be annotated to reflect the date and time of this action followed by that person's initials. Security equipment used for the storage of classified information that has been opened on a particular day shall not be left unattended at the end of that day until it has been locked by an authorized person and checked by a second person. In the event a second person is not available within the office, the individual who locked the equipment shall also annotate the “Checked By” column of the SF 702 or Optional Form 62. Reversible “OPEN-CLOSED” or “LOCKED-UNLOCKED” signs, available through normal supply channels, shall also be used on such security equipment. The respective side of the sign shall be displayed to indicate when the container is open or closed. Except for the SF 702 or Optional Form 62, the top surface area of security equipment is not to be used for storage and must be kept free of extraneous material. SF 702 and/or Optional Form 62 shall be utilized on all security equipment used for storing information bearing the control legend “Limited Official Use”. The designated security officer in each Treasury bureau and the Department Offices may, as warranted, prescribe supplementary use of the SF 702 or Optional Form 62 to apply to other authorized legends approved by the Department for officially limited information. (4) Safe Combination Records. Combinations to security equipment containing classified information shall be recorded on Standard Form 700 (Security Container Information), national stock number 7540–01–214–5372. Bureaus and the Departmental Offices may continue to use Treasury Form 4032 (Security Container Information) in lieu of the SF 700 until September 30, 1990, or such time as their supplies of Treasury Form 4032 are exhausted. The reprinting of Treasury Form 4032 is not authorized. Each part of the SF 700 shall be completed in its entirety. The names, addresses and home telephone numbers of personnel responsible for the combination, and the classified information stored therein, must be indicated on part 1 of the SF 700. The completed part 1 shall be posted in the front interior of the top, control or locking drawer of the security equipment concerned. Part 2 shall be inserted in the envelop (part 2A) provided, and forwarded via appropriate secure means to the designated bureau or Departmental Offices central repository for security combinations. Part 2 shall have the highest level of classified information, stored in the security equipment concerned, annotated in both the top and bottom border areas of the completed SF 700. Part 2A shall have the highest level of classified information, stored in the security equipment concerned, annotated in the blank space immediately above the word, “WARNING” which appears on the SF 700. The completion of the SF 700 or Treasury Form 4032 does not constitute a classification action but serves as an administrative requirement to ensure the protection of classified information stored in such security equipment. SF 700 shall be utilized on all security equipment used for storing information bearing the control legend “Limited Official Use”. The designated security officer in each Treasury bureau and the Departmental Offices may prescribe supplementary use of the SF 700 to apply to other authorized legends approved by the Department for officially limited information, as warranted. (c) Keys. The designated security officer in each Treasury bureau and the Departmental Offices shall establish administrative procedures for the control and accountability of keys and locks whenever key-operated, high-security padlocks are utilized. The level of protection provided such keys shall be equivalent to that afforded the information being protected by the padlock. (d) Classified Document Cover Sheets. Classified document cover sheets alert personnel that documents or folders are classified and require protection from unauthorized scrutiny. Individuals who prepare or package classified documents are responsible for affixing the appropriate document cover sheet. Orange Standard Form 703 (Top Secret Cover Sheet), red SF 704 (Secret Cover Sheet) and blue SF 706 (Confidential Cover Sheet) are the only authorized cover sheets for collateral classified information. The national stock numbers of these cover sheets are as follows: SF 703, 7540–01–213–7901; SF 704, 7540–01–213–7902; and SF 705, 7540–01–213–7903. In order to maintain the integrity of the color coding process the photocopying and use of non-color coded classified document cover sheets is prohibited. Bureaus and offices shall maintain a supply of classified document cover sheets appropriate for their needs. Classified document cover sheets are designed to be reused and will be removed before classified information is filed to conserve filing space and prior to the destruction of classified information. Document cover sheets are to be used to shield classified documents while in use and particularly when the transmission is made internally within a headquarters by courier, messenger or by personal contact. File folders containing classified information should be otherwise marked, e.g., at the top and bottom of the front and back covers, to indicate the overall classification of the contents rather than permanently affixing the respective classified document cover sheet. Treasury Directive 71–02 provides for the use of a green cover sheet, TD F 71–01.6 (Limited Official Use Document Cover Sheet) for information bearing the control legend “Limited Official Use”. Bureaus or offices electing to create and use other cover sheets for officially limited information must obtain prior written approval from the Departmental Director of Security. (e) Activity Security Checklist. Standard Form 701 (Activity Security Checklist) provides a systematic means to make a thorough end-of-day security inspection for a particular work area and to allow for employee accountability in the event that irregularities are discovered. Bureaus and the Departmental Offices may include additional information on the SF 701 to suit their unique needs. The SF 701, available through normal supply channels has a national stock number of 7540–01–213–7900. It shall be the only form used in situations that call for use of an activity security checklist. Completion, storage and disposition of SF 701 will be determined by each bureau and the Departmental Offices. (a) Preparation. Classified information to be transmitted outside of a Treasury facility shall be enclosed in opaque inner and outer covers. The inner cover shall be a sealed wrapper or envelope plainly marked with the assigned security classification and addresses of both sender and addressee. The outer cover shall be sealed and addressed with no identification of the classification of its contents. Whenever classified material is to be transmitted and the size of the material is not suitable for use of envelopes or similar wrappings, it shall be enclosed in two opaque sealed containers, such as boxes or heavy wrappings. Material used for packaging such bulk classified information shall be of sufficient strength and durability as to provide security protection while in transit, to prevent items from breaking out of the container, and to facilitate detection of any tampering therewith. (b) Receipting. A receipt, Treasury Department Form 71–01.5 (Classified Document Record of Transmittal), shall be enclosed in the inner cover, except that Confidential and Limited Official Use information shall require a receipt only if the sender deems it necessary. The receipt shall identify the sender, addressee and describe the document, but shall contain no classified information. It shall be immediately signed by the recipient and returned to the sender. Within a Treasury facility, such information may be transmitted between offices by direct contact of the officials concerned in a single sealed opaque envelope with no security classification category being shown on the outside of the envelope. Classified information shall never be delivered to unoccupied offices or rooms. Senders of classified information should maintain appropriate records of outstanding receipts for which return of the original signed copy is still pending. TD F's 71–01.5 shall be maintained for a three year period after which they may be destroyed. No record of the actual destruction of the TD F 71–01.5 is required. (c) Transmittal of Top Secret. The transmittal of Top Secret information outside of a Treasury facility shall be by specifically designated personnel, by State Department diplomatic pouch, by a messenger-courier system authorized for that purpose, e.g., Defense Courier Service, or over authorized secure communications circuits. Top Secret information may not be sent via registered mail. (d) Transmittal of Secret. The transmittal of Secret information shall be effected in the following manner: (1) The 50 States, District of Columbia and Puerto Rico. Secret information may be transmitted within and between the 50 States, the District of Columbia, and the Commonwealth of Puerto Rico by one of the means authorized for Top Secret information, by the United States Postal Service registered mail or express mail service; or by protective services provided by United States air or surface commercial carriers under such conditions as may be prescribed by the Departmental Director of Security. United States Postal Service express mail service shall be used only when it is the most effective means to accomplish a mission within security, time, cost and accountability constraints. To ensure direct delivery to the addressee, the “Waiver of Signature and Indemnity” block on the United States Postal Service Express Mail Label 11–B may not be executed under any circumstances. All Secret express mail shipments are to be processed through mail distribution centers or delivered directly to a United States Postal Service facility or representative. The use of external (street side) express mail collection boxes is prohibited. Only the express mail services of the United States Postal Service are authorized. (2) Other Areas. Secret information may be transmitted from, to, or within areas other than those specified in §2.28(d)(1) by one of the means established for Top Secret information, or by United States registered mail through Military Postal Service facilities provided that the information does not at any time pass out of United States citizen control and does not pass through a foreign postal system. Transmittal outside such areas may also be accomplished under escort of appropriately cleared personnel aboard United States Government owned and United States Government contract vehicles or aircraft, ships of the United States Navy, civil service manned United States Naval ships, and ships of United States Registry. Operators of vehicles, captains or masters of vessels, and pilots of aircraft who are United States citizens, and who are appropriately cleared, may be designated as escorts. Secret information may not be sent via certified mail. (e) Transmittal of Confidential and Limited Official Use Information. Confidential and Limited Official Use information shall be transmitted within and between the 50 States, the District of Columbia, the Commonwealth of Puerto Rico, and United States territories or possessions by one of the means established for higher classifications, or by the United States Postal Service registered mail. Outside these areas, confidential and Limited Official Use information shall be transmitted only as is authorized for higher classifications. Confidential and Limited Official Use information may not be sent via certified mail. (f) Hand Carrying of Classified Information in Travel Status—(1) General Provisions. Personnel in travel status shall physically transport classified information across international boundaries only when absolutely essential. Whenever possible, and when time permits, the most desirable way to transmit classified information to the location being visited is by other authorized means identified in §2.28 (c), (d) and (e). The physical transportation of classified information on non-United States flag aircraft should be avoided if possible. Treaury Directive 71–03, “Screening of Airline Passengers Carrying Classified Information or Material” provides specifics on the requirements for transporting classified information. (2) Specific Safeguards. If it is determined that the transportation of classified information by an individual in travel status is in the best interest of the United States Government, the following specific safeguards shall be fulfilled: (i) Classified information shall be in the physical possession of the individual and shall have adequate safeguards at all times if proper storage at a United States Government facility is not available. Under no circumstances shall classified information be stored in a hotel safe or room, locked in automobiles, private residences, train compartments, or any vehicular detachable storage compartments. (ii) An inventory of all Top Secret classified information, including teletype messages, shall be made prior to departure and a copy of same shall be retained by the traveller's office until the traveller's return at which time all Top Secret classified information shall be accounted for. These same procedures are recommended for information classified Secret, Confidential or Limited Official Use. (iii) Classified information shall never be displayed or used in any manner in public conveyances or rooms. First class or business travel is not authorized when the justification for commercially available transportation is based on the need for reviewing classified materials while enroute. Travelers are responsible for reviewing and familiarizing themselves with required classified materials, under appropriately secure circumstances, in advance of their travel and not during such travel. (iv) In order to avoid unnecessary delays in the screening process prior to boarding commercial air carriers, the traveler shall have in his or her possession written authorization, on Treasury or bureau letterhead, to transport classified information and either an identification card or credential bearing both a photograph and descriptive data. Courier authorizations shall be signed by an appropriate security representative authorized to direct official travel. This courier authorization, along with official travel orders, shall, in most instances, permit the individual to exempt the classified information from inspection. If difficulty is encountered, the traveler should tactfully refuse to exhibit or disclose the classified information to inspection and should insist on the assistance of the local United States diplomatic representative at the port of entry or departure. (v) Upon completion of the visit, the traveler shall have the information returned to his or her office by approved means. All Top Secret and Secret classified information, including teletype messages transported for the purpose of the visit shall be accounted for. It is highly recommended that Confidential and Limited Official Use information also be accounted for. If any Top Secret or Secret classified items are left with the office being visited for its retention and use, the individual shall obtain a receipt. [55 FR 1644, Jan. 17, 1990, as amended at 55 FR 50321, Dec. 6, 1990] Classified information shall not be communicated by telecommunications or computer transmissions except as may be authorized with respect to the transmission of classified information over authorized secure communications circuits or systems. Only the Secretary of the Treasury may create or continue a special access program if: (a) Normal management and safeguarding procedures do not limit access sufficiently; and (b) The number of persons with access is limited to the minimum necessary to meet the objective of providing extra protection for the information. (a) Top Secret documents, except for the controlled initial distribution of information processed or received electronically, shall not be reproduced without the consent of the originator. (b) Unless restricted by the originating agency, Secret, Confidential and Limited Official Use documents may be reproduced to the extent required by operational needs. (c) Reproductions of classified documents shall be subject to the same accountability and controls as the original documents. (d) Paragraphs (a) and (b) of this section shall not restrict the reproduction of documents to facilitate review for possible declassification. (a) Report of Loss or Possible Compromise. Any Treasury employee who has knowledge of the loss or possible compromise or classified information shall immediately report the circumstances to their designated office or bureau security officer who shall take appropriate action to assess the degree of damage. In turn, the Departmental Director of Security shall be immediately notified by the affected office or bureau security officer of such reported loss or possible compromise. The Departmental Director of Security shall also notify the department or agency which originated the information and any other interested department or agency so that a damage assessment may be conducted and appropriate measures taken to negate or minimize any adverse effect of the loss or possible compromise. Compromises may occur through espionage, unauthorized disclosures to the press or other members of the public, publication of books and treatises, the known loss of classified information or equipment to foreign powers, or through various other circumstances. (b) Inquiry. The Departmental Director of Security shall notify the Assistant Secretary (Management) who shall then direct an immediate inquiry to be conducted for the purpose of taking corrective measures and assessing damages. Based on the results of this inquiry, it may be deemed appropriate to notify the Inspector General who shall determine whether the Office of the Inspector General or a Treasury bureau will conduct any additional investigation. Upon completion of the investigation by the Inspector General, the Inspector General shall recommend to the Assistant Secretary (Management) and concurrently to the Departmental Director of Security, the appropriate administrative, disciplinary, or legal action to be taken based upon jurisdictional authority of the Treasury components involved. (c) Content of Damage Assessments. At a minimum, damage assessments shall be in writing and contain the following: (1) Identification of the source, date and circumstances of the compromise. (2) Classification and description of the specific information which has been lost. (3) An analysis and statement of the known or probable damage to the national security that has resulted or may result. (4) An assessment of the possible advantage to foreign powers resulting from the compromise. (5) An assessment of whether, (i) The classification of the information involved should be continued without change; (ii) The specific information, or parts thereof, shall be modified to minimize or nullify the effects of the reported compromise and the classification retained; (iii) Downgrading, declassification, or upgrading is warranted, and if so, confirmation of prompt notification to holders of any change, and (6) An assessment of whether countermeasures are appropriate and feasible to negate or minimize the effect of the compromise. (d) System for Control of Damage Assessments. Each Treasury bureau and the Departmental Offices shall establish a system of control and internal procedures to ensure that damage assessments are performed in all cases described in §2.32(a) and that records are maintained in a manner that facilitates their retrieval and use within the Department. (e) Cases Involving More Than One Agency. (1) Whenever a compromise involves the classified information or interests of more than one agency, the Departmental Director of Security shall advise the other affected agencies of the circumstances and findings that affect their information or interests. Whenever a damage assessment, incorporating the product of two or more agencies is needed, the affected agencies shall agree upon the assignment of responsibility for the assessment and Treasury components will provide all data pertinent to the compromise to the agency responsible for conducting the assessment. (2) Whenever a compromise of United States classified information is the result of actions taken by foreign nationals, by foreign government officials, or by United States nationals in the employ of international organizations, the agency performing the damage assessment shall endeavor to ensure through appropriate intergovernmental liaison channels, that information pertinent to the assessment is obtained. Whenever more than one agency is responsible for the assessment, those agencies shall coordinate the request prior to transmittal through appropriate channels. (3) Whenever an action is contemplated against any person believed responsible for the loss or compromise of classified information, damage assessments shall be coordinated with appropriate legal counsel. Whenever a violation of criminal law appears to have occured and a criminal prosecution is contemplated, coordination shall be made with the Department of Justice. (4) The designated representative of the Director of Central Intelligence, or other appropriate officials with responsibility for the information involved, will be consulted whenever a compromise of sensitive compartmented information has occurred. Any person having access to and possession of classified information is responsible for protecting it from persons not authorized access, i.e., persons who do not possess an appropriate security clearance, and who do not possess the required need-to-know. This includes keeping classified documents under constant observation and turned face-down or covered when not in use and securing such information in approved security equipment or facilities whenever it is not under the direct supervision of authorized persons. In all instances, such protective means must meet accountability requirements prescribed by the Department. Individuals charged with the custody of classified information shall conduct the necessary inspections within their areas to ensure adherence to procedural safeguards prescribed to protect classified information. Security officers shall ensure that periodic inspections are made to determine whether procedural safeguards prescribed by this regulation and any bureau implementing regulation are in effect at all times. At a minimum such checks shall ensure that all classified information is stored in approved security containers, including removable storage media, e.g., floppy disks used by word processors that contain classified information; burn bags, if utilized, are either stored in approved security containers or destroyed; and classified shorthand notes, carbon paper, carbon and plastic typewriter ribbons, rough drafts and similar papers have been properly stored or destroyed. Any individual, at any level of employment, determined to have been responsible for the unauthorized release or disclosure or potential release or disclosure of classified national security information, whether it be knowingly, willfully or through negligence, shall be notified on TD F 71–21.1 (Record of Security Violation) that his or her action is in violation of this regulation, the Order, the Directive, and Executive Order 10450, as amended. Treasury Directive 71–04, entitled, “Administration of Security Violations” sets forth provisions concerning security violations which shall apply to each Treasury employee and persons under contract or subcontract to the Department authorized access to Treasury classified national security information. (a) Repeated abuse of the classification process, either by unnecessary or over-classification, or repeated failure, neglect or disregard of established requirements for safeguarding classified information by any employee shall be grounds for appropriate adverse or disciplinary action. Such actions may include, but are not necessarily limited to, a letter of warning, a letter of reprimand, suspension without pay, or dismissal, as appropriate in the particular case, under applicable personnel rules, regulations and procedures. Where a violation of criminal statutes may be involved, any such case shall be promptly referred to the Department of Justice. (b) After an affirmative adjudication of a security violation, and as the occasion demands, reports of accountable security violations shall be placed in the employee's personnel security file, and as appropriate, in the employee's official personnel folder. The security official of the office or bureau concerned shall recommend to the respective management official or bureau head that disciplinary action be taken when such action is indicated. Classified information no longer needed in current working files or for reference or record purposes shall be processed for appropriate disposition in accordance with the provisions of Title 44, United States Code, Chapters 21 and 33, which govern disposition of Federal records. Classified information approved for destruction shall be destroyed by either burning, melting, chemical decomposition, pulping, mulching, pulverizing, cross-cut shredding or other mutilation in the presence of appropriately cleared and authorized persons. The method of destruction must preclude recognition or reconstruction of the classified information. The residue from cross-cut shredding of Top Secret, Secret, and Confidential classified, non-Communications Security (COMSEC), information contained in paper media may not exceed (a) Diskettes or Floppy Disks. Diskettes or floppy disks containing information or data classified up to and including Top Secret may be destroyed by the use of an approved degausser, burning, pulverizing, and chemical decomposition, or by first reformatting or reinitializing the diskette then physically removing the magnetic disk from its protective sleeve and using an approved cross-cut shredder to destroy the magnetic media. Care must be exercised to ensure that the destruction of magnetic disks does not damage the cross-cut shredder. The residue from such destruction, however, may not exceed (b) Hard Disks. Hard disks, including removable hard disks, disk packs, drums or single disk platters that contain classified information must first be degaussed prior to physical destruction. The media must be destroyed by incineration, chemical decomposition or the entire magnetic disk pack, drum, or platter recording surface must be obliterated by use of an emery wheel or disk sander. (c) Approval of Use of Mulching and Cross-cut Shredding Equipment. Prior to obtaining mulching or cross-cut shredding equipment, the Departmental Director of Security shall approve the use of such equipment. (d) Use of Burnbags. Any classified information to be destroyed by burning shall be torn and placed in opaque containers, commonly designated as burnbags, which shall be clearly and distinctly labeled “BURN” or “CLASSIFIED WASTE”. Burnbags awaiting destruction are to be protected by security safeguards commensurate with the classification or control designation of the information involved. (e) Records of Destruction. Appropriate accountability records shall be maintained on TD F 71–01.17 (Classified Document Certificate of Destruction) to reflect the destruction of all Top Secret and Secret information. As deemed necessary by the originator, or as required by special regulations, the TD F 71–01.17 shall be executed for the destruction of information classified Confidential or marked Limited Official Use. TD F's 71–01.17 shall be maintained for a three-year period after which the form may be destroyed. No record of the actual destruction of the TD F 71–01.17 is required. (f) Destruction of non-record Classified Information. Non-record classified information such as extra copies and duplicates, including shorthand notes, preliminary drafts, used carbon paper and other material of similar temporary nature, shall also be destroyed by burning, mulching, or cross-cut shredding as soon as it has served its purpose, but no records of such destruction need be maintained. [55 FR 1644, Jan. 17, 1990; 55 FR 5118, Feb. 13, 1990] National Security Decision Directive 197, Reporting Hostile Contacts and Security Awareness, provides that United States Government employees are responsible for reporting to their designated security officer: (a) Any suspected or apparent attempt by persons, regardless of nationality, to obtain unauthorized access to classified national security information, sensitive or proprietary information or technology and/or; (b) Instances in which they feel they are being targeted for possible exploitation. Contacts with representatives of designated countries of concern identified in §2.43(f) which involve requests for information which are not ordinarily provided in the course of an employee's job, regular or daily activity, and/or which might possibly lead to further requests for access to sensitive, proprietary or classified information or technology, are to be reported to designated security officers. Reports of such contacts are to be forwarded by the designated security officer to the Departmental Director of Security for appropriate action and coordination.
Title 31: Money and Finance: Treasury
PART 2—NATIONAL SECURITY INFORMATION
Subpart D—Safeguarding
§ 2.21 General [4.1].
§ 2.22 General restrictions on access [4.1].
§ 2.23 Access by historical researchers and former presidential appointees [4.3].
§ 2.24 Dissemination [4.1(d)].
§ 2.25 Standards for security equipment [4.1(b) and 5.1(b)].
§ 2.26 Accountability procedures [4.1(b)].
§ 2.27 Storage [4.1(b)].
§ 2.28 Transmittal [4.1(b)].
§ 2.29 Telecommunications and computer transmissions.
§ 2.30 Special access programs [1.2(a) and 4.2(a)].
§ 2.31 Reproduction controls [4.1(b)].
§ 2.32 Loss or possible compromise [4.1(b)].
§ 2.33 Responsibilities of holders [4.1(b)].
§ 2.34 Inspections [4.1(b)].
§ 2.35 Security violations.
§ 2.36 Disposition and destruction [4.1(b)].
§ 2.37 National Security Decision Directive 197.
