dark overlay
nav button USDA Logo

FSIS

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Web Content Viewer (JSR 286)

Actions
Loading...

Privacy Acts, OMB Guidance and Circulars


FSIS Privacy Program | FSIS Privacy Policy | Privacy Councils | Privacy Acts, OMB Guidance and Circulars | NIST Privacy Standards | Privacy Reports by GAO | FSIS and USDA Privacy Documents | Privacy 101: Basic Privacy Questions | Contact Information  


Acts

All linked documents are in PDF.

  • The Children’s Online Privacy Protection Act of 1998 (15 U.S.C. 6501-06) (COPPA) regulates the online collection and use of personal information provided by and relating to children under the age of 13.​
  • The Clinger-Cohen Act of 1996 (40 U.S.C. 1401, et. seq.) (CCA), formerly the Information Technology Management Reform Act of 1996 (ITMRA), is designed to improve the way the federal government acquires, uses and disposes information technology (IT).​
  • The E-Government Act of 2002 (44 U.S.C. 3601 et. seq.) establishes procedures to ensure the privacy of personal information in electronic records.​
  • The Confidential Information Protection and Statistical Efficiency Act of 2002 (CIPSEA). The CIPSEA protects the confidentiality of identifiable information acquired by federal agencies. It applies to data supplied by individuals and organizations to federal agencies under a pledge of confidentiality for statistical purposes. CIPSEA provides that data or information acquired by an agency under a pledge of confidentiality for exclusively statistical purposes shall not be disclosed by an agency in identifiable form, for any use other than an exclusively statistical purpose, except with the informed consent of the respondent.​
  • The Federal Information Security Management Act of 2002, (44 U.S.C. § 3541)(FISMA), requires agencies to develop, document, and implement an agency-wide program to provide information security for the information and systems that support the operations and assets of an agency. FISMA requires federal government information systems to have security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction. FISMA requires a mandatory set of IT system security processes that must be followed for all federal information systems. Compliance is monitored through yearly audits. The annual reports must include: 1) by agency, the number of each type of privacy review conducted that year; 2) information about the privacy advice provided by the Senior Agency Official for Privacy; 3) the number of written complaints for each type of privacy issue allegation received, and 4) the number of complaints the agency referred to another agency.​​
  • Freedom of Information Act (5 U.S.C. 552, as amended) (FOIA) generally provides that any person, including a business, to obtain access to federal agency records, except to the extent that such records (or portions of them) are protected from public disclosure by one of nine exemptions or by one of three special law enforcement record exclusions. The FOIA is a disclosure statute and applies to records that are: (1) either created or obtained by an agency, and (2) under agency control at the time of the FOIA request. When an agency receives a proper FOIA request for records, it must make the records "promptly available" unless the records or portions of the records are exempt from mandatory disclosure under subsection (b), or excluded under subsection (c). Subsection (c) permits an agency to respond to a request for excluded records as if the records do not exist.​
  • The Privacy Act of 1974, (5 U.S.C. § 552a), is a withholding statute that applies when the federal government maintains a “system of records” (a grouping of items or records) in which information about individuals is retrieved by use of the individuals’ personal identifiers (e.g., names, social security numbers, or any other codes or identifiers that are assigned to the individual). The Privacy Act of 1974 and its implementing regulations: 1) Prohibit the disclosure of personally identifiable information maintained by agencies in a system of records without the consent of the subject individual, subject to twelve codified exceptions; (2) Grant individuals increased rights of access to agency records maintained on them; (3) Grant individuals the right to seek amendment of agency records maintained on them upon a showing that the records are not accurate, relevant, timely, or complete; and (4) Establish a code of "fair information practices," requiring agencies to comply with statutory norms for collection, maintenance, and dissemination of records.​
  • Paperwork Reduction Act (PRA) of 1995 (44 U.S.C. 3501, et seq.) is designed to reduce the public’s burden of answering unnecessary, duplicative, and burdensome government surveys.
  • Records Management by Federal Agencies (44 U.S.C. ch. 31), as amended, establishes the framework for records management programs in Federal agencies. As the primary agency for records management oversight, the National Archives and Records Administration (NARA) is responsible for assisting Federal agencies in maintaining adequate and proper documentation of policies and transactions of the Federal government.​ See General Records Schedule 4.2: Information Access and Protection Records.

[Top of Page]

​Office of Management and Budget (OMB) Guidance

[Top of Page]

OMB Circulars

  • OMB Circular A-108 (Dec. 23, 2016). The reissuance of Circular A-108 describes agency responsibilities for implementing the review, reporting, and publication requirements of the Privacy Act of 1974 and related OMB policies. It supplements and clarifies existing OMB guidance, including OMB Circular No. A-130, “Managing Information as a Strategic Resource,” “Privacy Act Implementation: Guidelines and Responsibilities,” “Implementation of the Privacy Act of 1974: Supplementary Guidance,” and “Final Guidance Interpreting the Provisions of Public Law 100-503, the Computer Matching and Privacy Protection Act of 1988.”​
  • OMB Circular A-130 (July 28,2016), Management of Federal Information Resources, provides uniform government-wide information resources management policies as required by the Paperwork Reduction Act of 1980, as amended by the Paperwork Reduction Act of 1995, 44 U.S.C. Chapter 35. This Circular establishes policy for the management of Federal information resources and rescinds OMB Memoranda M-10-28, “Clarifying Cybersecurity Responsibilities and Activities of the Executive Office of the President and the Department of Homeland Security (DHS).”​

[Top of Page]
 

The information on this Website is provided for general informational purposes only and should not be considered as individual guidance or legal advice.

Last Modified Sep 08, 2017