---

32 C.F.R. § 311.5   Responsibilities.

Title 32 - National Defense

Title 32: National Defense
PART 311—OSD PRIVACY PROGRAM

Browse Previous |  Browse Next

§ 311.5   Responsibilities.

(a) The Director of Administration and Management, Office of the Secretary of Defense (DA&M, OSD) shall:

(1) Direct and administer the DoD Privacy Program for OSD Components.

(2) Establish standards and procedures to ensure implementation of and compliance with the Privacy Act of 1974, OMB Circular No. A–130, and DoD 5400.11–R.

(3) Designate the Director for Freedom of Information and Security Review as the point of contact for individuals requesting information of access to records and copies about themselves.

(4) Serve as the appellate authority within OSD when a requester appeals a denial for access to records under the Privacy Act.

(5) Serve as the appellate authority within OSD when a requester appeals a denial for amendment of a record or initiates legal action to correct a record.

(6) Evaluate and decide, in coordination with The General Counsel of the Department of Defense (GC, DoD), appeals resulting from denials of access or amendments to records by the OSD Components.

(7) Designate the Directives and Records Division, Correspondence and Directives Directorate, Washington Headquarters Services (WHS) as the office responsible for all aspects of the Privacy Act, except that portion about receiving and acting on public requests for personal records. As such, the Directives and Records Division shall:

(i) Exercise oversight and administrative control of the Privacy Act Program in OSD and those organizations assigned to OSD for administrative support.

(ii) Provide guidance and training to organizational entities as required by 5 U.S.C. 552a and OMB Circular A–130. Periodic training will be provided to public affairs officers and others who may be expected to deal with the news media or the public.

(iii) Collect and consolidate data from OSD Components, and submit an annual report to the Defense Privacy Office, as required by 5 U.S.C. 552a, OMB Circular A–130, and DoD 5400.11–R.

(iv) Coordinate and consolidate information for reporting all record systems, as well as changes to approved systems, to the OMB, the Congress, and the Federal Register, as required by 5 U.S.C. 552a, OMBCircularE A–130,andDoD 5400.11–R.

(v) Collect information from OSD Components, and prepare consolidated reports required by 5 U.S.C. 552a and DoD 5400.11–R.

(b) The Director for Freedom of Information and Security Review shall:

(1) Forward requests for information or access to records to the appropriate OSD Component having primary responsibility for any pertinent system of records under 5 U.S.C. 552a, or to OSD Components, under the Freedom of Information Act, as amended.

(2) Maintain deadlines to ensure that responses are made within the time limits prescribed in DoD 5400.7–R,³ DoD Instruction 5400.10,⁴ and this part.

³ See footnote 2 to §311.1.

⁴ See footnote 2 to §311.1.

(3) Collect fees charged and assessed for reproducing requested materials.

(4) Refer all matters about amendments of records and general and specific exemptions under the 5 U.S.C. 552a to the proper OSD Components.

(c) The General Counsel of the Department of Defense shall:

(1) Coordinate all OSD final denials of appeals for amending records, and review actions to confirm denial of access to records, as appropriate.

(2) Provide advice and assistance to the DA&M, OSD in the discharge of appellate and review responsibilities, and to the DFOISR on all access matters.

(3) Provide advice and assistance to OSD Components on legal matters pertaining to the Privacy Act of 1974.

(d) The Heads of the OSD Components shall:

(1) Designate an individual as the point of contact for Privacy Act matters; designate an official to deny initial requests for access to an individual's records or changes to records; and advise both DA&M, OSD and DFOISR of names of officials so designated.

(2) Report any new record system, or changes to an existing system, to the Chief, Directives and Records Division, WHS, at least 90 days before the intended use of the system.

(3) Review all contracts that provide for maintaining records systems, by or on behalf of his or her office, to ensure within his or her authority, that language is included that provides that such systems shall be maintained in a manner consistent with 5 U.S.C. 552a.

(4) Revise procurement guidance to ensure that any contract providing for the maintenance of a records system, by or on behalf of his or her office, includes language that ensures that such system shall be maintained in accordance with 5 U.S.C. 552a.

(5) Revise computer and telecommunications procurement policies to ensure that agencies review all proposed contracts for equipment and services to comply with 5 U.S.C. 552a.

(6) Coordinate with Automatic Data Processing (ADP) and word processing managers providing services to ensure that an adequate risk analysis is conducted to comply with DoD 5400.11–R.

(7) Review all Directives that require forms or other methods used to collect information about individuals to ensure that they are in compliance with 5 U.S.C. 552a.

(8) Establish administrative systems in OSD Component organizations to comply with the procedures listed in this part and DoD 5400.11–R.

(9) Coordinate with the GC, DoD on all proposed denials of access to records.

(10) Provide justification to the DFOISR when access to a record is denied in whole or in part.

(11) Provide the record to the DFOISR when the initial denial of a request for access to such record has been appealed by the requester, or at the time of initial denial when appeal seems likely.

(12) Maintain an accurate account of the actions resulting in a denial for access to a record or for the correction of a record. This account should be maintained so that it can be readily certified as the complete record of proceedings if litigation occurs.

(13) Ensure that all personnel who either have access to the system of records, or who are engaged in developing or supervising procedures for handling records in the system, are aware of their responsibilities for protecting personal information as established in the Privacy Act and DoD 5400.11–R.

(14) Forward all requests for access to records received directly from an individual to the DFOISR for appropriate suspense control and recording.

(15) Provide DFOISR with a copy of the requested record when the request is granted.

(e) The requester who desires to submit a request is responsible for:

(1) Determining whether to submit the request in writing or in person. A requester who seeks access to records pertaining to himself or herself which are filed by his or her name or personal identifier:

(i) May make such a request in person to the custodian of the records. If the requester is not satisfied with the response, however, in order to invoke any provision of 5 U.S.C. 552a, DoD 5400.11–R, or this part, the requester must file a request in writing as provided in §311.6(b)(10). The requester must provide proof of identify by showing drivers license or similar credentials.

(ii) Describing the record sought, and providing sufficient information to enable the material to be located (e.g., identification of system of records, approximate date it was initiated, originating organization, and type of document).

(iii) Complying with procedures provided in DoD 5400.11–R for inspecting and/or obtaining copies of requested records.

(iv) Submitting a written request to amend the record to the system manager or to the office designated in the system notice.

[64 FR 22785, Apr. 28, 1999, as amended at 66 FR 41780, Aug. 9, 2001]

Browse Previous |  Browse Next