[Federal Register: June 7, 2004 (Volume 69, Number 109)]
[Proposed Rules]
[Page 31767-31771]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr07jn04-16]
-----------------------------------------------------------------------
FEDERAL RESERVE SYSTEM
12 CFR Part 261a
[Docket No. R-1200]
Privacy Act of 1974 Privacy Act Regulation
AGENCY: Board of Governors of the Federal Reserve System.
ACTION: Proposed rule.
-----------------------------------------------------------------------
SUMMARY: The Board of Governors of the Federal Reserve System (Board)
proposes to amend its regulation implementing the Privacy Act of 1974.
The primary proposed changes concern the waiver of copying fees charged
to current or former Board employees for access to records under the
Privacy Act, and the special procedures for release of medical records.
In addition, the Board is proposing to make minor editorial and
technical changes.
DATES: Comment must be received on or before July 7, 2004.
ADDRESSES: You may submit comments, identified by Docket No. R-1200, by
any of the following methods:
Agency Web Site: http://www.federalreserve.gov Follow the instructions for submitting comments at http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm.
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments.
E-mail: regs.comments@federalreserve.gov. Include docket
number in the subject line of the message.
FAX: 202/452-3819 or 202/452-3102.
Mail: Jennifer J. Johnson, Secretary, Board of Governors
of the Federal Reserve System, 20th Street and Constitution Avenue,
N.W., Washington, DC 20551.
[[Page 31768]]
All public comments are available from the Board's web site at
http://www.federalreserve.gov/generalinfo/foia/ProposedRegs.cfm as submitted,
except as necessary for technical reasons. Accordingly, your comments
will not be edited to remove any identifying or contact information.
Public comments may also be viewed electronically or in paper in Room
MP-500 of the Board's Martin Building (20th and C Streets, NW.) between
9 a.m. and 5 p.m. on weekdays.
FOR FURTHER INFORMATION CONTACT: Elaine M. Boutilier, Managing Senior
Counsel, (202/452-2418), Legal Division. For the hearing impaired only,
contact Telecommunications Device for the Deaf (TDD)(202/263-4869).
SUPPLEMENTARY INFORMATION: The Board's Privacy Act Regulation was last
revised in 1995 (60 FR 3341, January 17, 1995). In its ongoing review
of regulations, the Board has determined that certain changes should be
made to the regulation to adopt better procedures.
The first substantive change concerns waivers of the fee charged
for copying records. The Privacy Act (5 U.S.C. 552a(f)(5)) permits an
agency to assess copying fees for providing access to records. Section
261a.4(a) of the Board's current regulation states that the duplication
fee for Privacy Act requests will be the same as that charged for
duplication of records in response to a Freedom of Information Act
request (currently $.10/page). Section 261a.4(c) states that, in the
connection with a request by an employee for records to use in
prosecuting a grievance or complaint of discrimination against the
Board, fees totaling less than $50 will be waived, but the Secretary of
the Board also may waive fees exceeding that amount. A review of
current Board practice revealed that copies of personnel files are
routinely provided to an employee upon request without assessing a
copying fee, and copies of records relied upon in an adverse action
must be provided to the subject employee without charge. Accordingly,
the Board proposes to waive all fees for providing copies of
information from systems of records to current or former employees.
The second substantive change concerns the special procedures for
disclosing medical records. Currently, section 261a.7 of the Privacy
Act Regulation permits the privacy officer, in consultation with the
Board's physician, to determine that disclosure of medical records
directly to the requester could have an adverse effect on the
requester. In that situation, the Board would transmit the records to a
licensed physician named by the requester, and the physician would
disclose the records to the requester in a manner deemed appropriate by
the physician. The Board proposes to expand the scope of these special
procedures to cover records maintained in the Board's Employee
Assistance Program (EAP) system of records. These records also may
contain material that could have an adverse effect if disclosed
directly to the requester, so the proposed change would permit a
similar indirect disclosure through a licensed physician or other
appropriate representative named by the requester. It is contemplated
that such ``appropriate representative'' could be a psychologist,
social worker, or even a parent or other relative.
The remaining proposed changes are technical or editorial in nature
and should not have a substantive effect on persons.
Initial Regulatory Flexibility Analysis
The Privacy Act Regulation sets forth the procedures by which
individuals may request access and amendment to records maintained in
systems of records at the Board. The Board certifies that this rule
will not have a significant economic impact on a substantial number of
small entities, because it does not apply to business entities.
List of Subjects in 12 CFR Part 261a
Privacy.
For the reasons set forth in the preamble, the Board proposes to
revise 12 CFR part 261a as follows:
PART 261a--PRIVACY ACT REGULATION
Subpart A--General Provisions
Sec.
261a.1 Authority, purpose and scope.
261a.2 Definitions.
261a.3 Custodian of records; delegations of authority.
261a.4 Fees.
Subpart B--Procedures for Requests by Individual to Whom Record
Pertains
Sec.
261a.5 Request for access to record.
261a.6 Board procedures for responding to request for access.
261a.7 Special procedures for medical records.
261a.8 Request for amendment of record.
261a.9 Board review of request for amendment of record.
261a.10 Appeal of adverse determination of request for access or
amendment.
Subpart C--Disclosure to Person Other than Individual to Whom Record
Pertains
Sec.
261a.11 Restrictions on disclosure.
261a.12 Exceptions.
Subpart D--Exempt Records
Sec.
261a.13 Exemptions.
Subpart A--General Provisions
Sec. 261a.1 Authority, purpose and scope.
(a) Authority. This part is issued by the Board of Governors of the
Federal Reserve System (the Board) pursuant to the Privacy Act of 1974
(5 U.S.C 552a).
(b) Purpose and scope. This part implements the provisions of the
Privacy Act of 1974 (5 U.S.C. 552a) with regard to the maintenance,
protection, disclosure, and amendment of records contained within
systems of records maintained by the Board. It sets forth the
procedures for requests for access to, or amendment of, records
concerning individuals that are contained in systems of records
maintained by the Board.
Sec. 261a.2 Definitions.
For the purposes of this part, the following definitions apply:
(a) Business day means any day except Saturday, Sunday or a legal
federal holiday.
(b) Designated system of records means a system of records
maintained by the Board that has been published in the Federal Register
pursuant to the requirements of 5 U.S.C. 552a(e).
(c) Guardian means the parent of a minor, or the legal guardian of
any individual who has been declared to be incompetent due to physical
or mental incapacity or age by a court of competent jurisdiction.
(d) Individual means a natural person who is either a citizen of
the United States or an alien lawfully admitted for permanent
residence.
(e) Maintain includes maintain, collect, use, disseminate, or
control.
(f) Record means any item, collection, or grouping of information
about an individual maintained by the Board that contains the
individual's name, or the identifying number, symbol, or other
identifying particular assigned to the individual, such as a
fingerprint, voice print, or photograph.
(g) Routine use means, with respect to disclosure of a record, the
use of such record for a purpose that is compatible with the purpose
for which it was collected or created.
(h) System of records means a group of any records under the
control of the Board from which information is retrieved by the name of
the individual or by some identifying number, symbol, or other
identifying particular assigned to the individual.
[[Page 31769]]
Sec. 261a.3 Custodian of records; delegations of authority.
(a) Custodian of records. The Secretary of the Board is the
official custodian of all records of the Board in the possession or
control of the Board.
(b) Delegated authority of Secretary. With regard to this part, the
Secretary of the Board is delegated the authority to--
(1) Respond to requests for access to, accounting of, or amendment
of records contained in a system of records, except for such requests
regarding systems of records maintained by the Board's Office of the
Inspector General (OIG);
(2) Approve the publication of new systems of records and amend
existing systems of records, except systems of records exempted
pursuant to Sec. 261a.13(b), (c) and (d);
(3) File the biennial reports required by the Privacy Act.
(c) Delegated authority of designee. Any action or determination
required or permitted by this part to be done by the Secretary of the
Board may be done by a responsible employee of the Board who has been
duly designated for this purpose by the Secretary.
(d) Delegated authority of inspector general. With regard to
systems of records maintained by the OIG, the Inspector General is
delegated the authority to respond to requests for access or amendment.
Sec. 261a.4 Fees.
(a) Copies of records. Copies of records requested pursuant to
Sec. 261a.5 shall be provided at the same cost charged for duplication
of records and/or production of computer output under the Board's Rules
Regarding Availability of Information, 12 CFR 261.17.
(b) No fee. Documents will be furnished without charge where total
charges are less than $5.
(c) Waiver of fees. No fees will be charged in connection with any
request by an employee or former employees of the Board for access to
information pertaining to that employee or former employee.
Subpart B--Procedures for Requests by Individual to Whom Record
Pertains
Sec. 261a.5 Request for access to record.
(a) Procedures for making request.
(1) Except as provided in paragraph (a)(2) of this section, any
individual (or guardian of an individual) desiring to learn of the
existence of, or to gain access to, his or her record in a designated
system of records shall submit a request in writing to the Secretary of
the Board, Board of Governors of the Federal Reserve System, 20th and
Constitution Avenue, NW, Washington, DC 20551.
(2) A request by a current Board employee for that employee's
personnel records may be made in person during regular business hours
at the Human Resources Function of the Management Division, Board of
Governors of the Federal Reserve System, 20th and Constitution Avenue,
NW, Washington, DC 20551.
(3) Requests for information contained in a system of records
maintained by the Board's OIG shall be submitted in writing to the
Inspector General, Board of Governors of the Federal Reserve System,
20th and Constitution Avenue, N.W., Washington, D.C. 20551.
(b) Contents of request. A request made pursuant to paragraph (a)
of this section shall include the following:
(1) A statement that it is made pursuant to the Privacy Act of
1974;
(2) The name of the system of records expected to contain the
record requested or a concise description of such system of records;
(3) Information necessary to verify the identity of the requester
pursuant to paragraph (c) of this section; and
(4) Any other information that may assist in the rapid
identification of the record to which access is being requested (e.g.,
maiden name, dates of employment, etc.).
(c) Verification of identity. The Board may require proof of
identity from a requester and reserves the right to determine the
adequacy of such proof. In general, the following shall be considered
adequate proof of identity:
(1) For a current Board employee, his or her Board identification
card; or
(2) For an individual other than a current Board employee, either--
(i) Two forms of identification, one of which has a picture of the
individual requesting access; or
(ii) A notarized statement attesting to the identity of the
requester.
(d) Verification of identity not required. No verification of
identity shall be required of individuals seeking access to records
that are otherwise available to any person under the Freedom of
Information Act, 5 U.S.C. 552.
(e) Request for accounting of previous disclosures. An individual
may request an accounting of previous disclosures of records pertaining
to such individual in a designated system of records as provided in 5
U.S.C. 552a(c).
Sec. 261a.6 Board Procedures for Responding to Request for Access.
(a) Compliance with Freedom of Information Act. Every request made
pursuant to Sec. 261a.5 shall also be handled by the Board as a
request for information pursuant to the Freedom of Information Act (5
U.S.C. 552), except that the time limits set forth in paragraph (b) of
this section and the fees specified in Sec. 261a.4 shall apply to such
requests.
(b) Time limits. Every request made pursuant to Sec. 261a.5 shall
be acknowledged or, where practicable, substantially responded to
within 20 business days from receipt of the request.
(c) Disclosure.(1) Information to be disclosed pursuant to this
part, except for information maintained by the Board's OIG, shall be
made available for inspection and copying during regular business hours
at the Board's Freedom of Information Office, or upon request, shall be
sent to the requester.
(2) Information to be disclosed that is maintained by the Board's
OIG shall be made available for inspection and copying by the OIG.
(3) The requester may be accompanied in the inspection of
information by a person of the requester's own choosing upon the
requester's submission of a written and signed statement authorizing
the presence of such person.
(d) Denial of request. A denial of a request made pursuant to Sec.
261a.5 shall include a statement of the reason(s) for denial and the
procedures for appealing the denial.
Sec. 261a.7 Special procedures for medical records.
Medical or psychological records requested pursuant to Sec. 261a.5
shall be disclosed directly to the requester unless such disclosure
could, in the judgment of the privacy officer, in consultation with the
Board's physician or Employee Assistance Program counselor, have an
adverse effect upon the requester. Upon such determination, the
information shall be transmitted to a licensed physician or other
appropriate representative named by the requester, who will disclose
those records to the requester in a manner the physician or
representative deems appropriate.
Sec. 261a.8 Request for amendment of record.
(a) Procedures for making request. (1) An individual desiring to
amend a record in a designated system of records that pertains to him
or her shall submit a request in writing to the Secretary of the Board
(or to the Inspector General for records in a system of records
maintained by the OIG) in an envelope clearly marked ``Privacy Act
Amendment Request.''
(2) Each request for amendment of a record shall--
[[Page 31770]]
(i) Identify the system of records containing the record for which
amendment is requested;
(ii) Specify the portion of that record requested to be amended;
and
(iii) Describe the nature of and reasons for each requested
amendment.
(3) Each request for amendment of a record shall be subject to
verification of identity under the procedures set forth in Sec.
261a.5(c), unless such verification has already been made in a related
request for access or amendment.
(b) Burden of proof. The request for amendment of a record shall
set forth the reasons the individual believes the record is not
accurate, relevant, timely, or complete. The burden of proof for
demonstrating the appropriateness of the requested amendment rests with
the requester, and the requester shall provide relevant and convincing
evidence in support of the request.
Sec. 261a.9 Board review of request for amendment of record.
(a) Time limits. The Board shall acknowledge a request for
amendment of a record within 10 business days of receipt of the
request. Such acknowledgment may request additional information
necessary for a determination on the request for amendment. A
determination on a request to amend a record shall be made promptly.
(b) Contents of response to request for amendment. The response to
a request for amendment shall include the following:
(1) The decision to grant or deny, in whole or in part, the request
for amendment; and
(2) If the request is denied:
(i) The reasons for denial of any portion of the request for
amendment;
(ii) The requester's right to appeal any denial; and
(iii) The procedures for appealing the denial to the appropriate
official.
Sec. 261a.10 Appeal of adverse determination of request for access or
amendment.
(a) Appeal. A requester may appeal a denial of a request made
pursuant to Sec. 261a.5 or Sec. 261a.8 to the Board within 10
business days of issuance of notification of denial. The appeal shall--
(1) Be made in writing to the Secretary of the Board, with the
words ``PRIVACY ACT APPEAL'' written prominently on the first page;
(2) Specify the background of the request; and
(3) Provide reasons why the initial denial is believed to be in
error.
(b) Determination. The Board shall make a determination with
respect to such appeal not later than 30 business days from its
receipt, unless the time is extended for good cause shown.
(1) If the Board grants an appeal regarding a request for
amendment, the Board shall take the necessary steps to amend the
record, and, when appropriate and possible, notify prior recipients of
the record of the Board's action.
(2) If the Board denies an appeal, the Board shall inform the
requester of such determination, give a statement of the reasons
therefor, and inform the requester of the right of judicial review of
the determination.
(c) Statement of disagreement. (1) Upon receipt of a denial of an
appeal regarding a request for amendment, the requester may file a
concise statement of disagreement with the denial. Such statement shall
be maintained with the record the requester sought to amend, and any
disclosure of the record shall include a copy of the statement of
disagreement.
(2) When practicable and appropriate, the Board shall provide a
copy of the statement of disagreement to any person or other agency to
whom the record was previously disclosed.
Subpart C--Disclosure To Person Other Than Individual To Whom
Record Pertains
Sec. 261a.11 Restrictions on disclosure.
No record contained in a designated system of records shall be
disclosed to any person or agency without the prior written consent of
the individual to whom the record pertains unless the disclosure is
authorized by Sec. 261a.12.
Sec. 261a.12 Exceptions.
The restrictions on disclosure in Sec. 261a.11 do not apply to any
disclosure--
(a) To those officers and employees of the Board who have a need
for the record in the performance of their duties;
(b) That is required under the Freedom of Information Act (5 U.S.C.
552);
(c) For a routine use listed with respect to a designated system of
records;
(d) To the Bureau of the Census for purposes of planning or
carrying out a census or survey or related activity pursuant to the
provisions of title 13 of the United States Code;
(e) To a recipient who has provided the Board with advance adequate
written assurance that the record will be used solely as a statistical
research or reporting record, and the record is to be transferred in a
form that is not individually identifiable;
(f) To the National Archives of the United States as a record that
has sufficient historical or other value to warrant its continued
preservation by the United States government, or for evaluation by the
administrator of General Services or his designee to determine whether
the record has such value;
(g) To another agency or to an instrumentality of any governmental
jurisdiction within or under the control of the United States for a
civil or criminal law enforcement activity if the activity is
authorized by law, and if the head of the agency or instrumentality has
made a written request to the Board specifying the particular portion
desired and the law enforcement activity for which the record is
sought;
(h) To a person pursuant to a showing of compelling circumstances
affecting the health or safety of an individual if upon such disclosure
notification is transmitted to the last known address of such
individual;
(i) To either House of Congress, or, to the extent of matter within
its jurisdiction, any committee or subcommittee thereof, any joint
committee of Congress or subcommittee of any such joint committee;
(j) To the Comptroller General, or any of his authorized
representatives, in the course of the performance of the duties of the
General Accounting Office;
(k) Pursuant to the order of a court of competent jurisdiction; or
(l) To a consumer reporting agency in accordance with 31 U.S.C.
3711(e).
Subpart D--Exempt Records
Sec. 261a.13 Exemptions.
(a) Information compiled for civil action. Nothing in this part
shall allow an individual access to any information compiled in
reasonable anticipation of a civil action or proceeding.
(b) Law enforcement information. Pursuant to section (k)(2) of the
Privacy Act of 1974 (5 U.S.C. 552a(k)(2)), the Board has deemed it
necessary to exempt certain designated systems of records maintained by
the Board from the requirements of the Privacy Act concerning access to
accountings of disclosures and to records, maintenance of only relevant
and necessary information in files, and certain publication provisions,
respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I),
and (f), and Sec. Sec. 261a.5, 261a.7, and 261a.8. Accordingly, the
following designated systems of records are exempt from these
provisions, but only to the extent that they contain investigatory
materials compiled for law enforcement purposes:
[[Page 31771]]
(1) BGFRS-1 Recruiting and Placement Records
(2) BGFRS-4 General Personnel Records
(3) BGFRS-5 EEO Discrimination Complaint File
(4) BGFRS-9 Consultant and Staff Associate File
(5) BGFRS-21 Supervisory Tracking and Reference System
(6) BGFRS/OIG-1 OIG Investigatory Records
(7) BGFRS-31 Protective Information System
(8) BGFRS-32 Visitor Log
(c) Confidential references. Pursuant to section (k)(5) of the
Privacy Act of 1974 (5 U.S.C. 552a(k)(5)), the Board has deemed it
necessary to exempt certain designated systems of records maintained by
the Board from the requirements of the Privacy Act concerning access to
accountings of disclosures and to records, maintenance of only relevant
and necessary information in files, and certain publication provisions,
respectively 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I),
and (f), and Sec. Sec. 261a.5, 261a.7, and 261a.8. Accordingly, the
following systems of records are exempt from these provisions, but only
to the extent that they contain investigatory material compiled to
determine an individual's suitability, eligibility, and qualifications
for Board employment or access to classified information, and the
disclosure of such material would reveal the identity of a source who
furnished information to the Board under a promise of confidentiality.
(1) BGFRS-1 Recruiting and Placement Records
(2) BGFRS-4 General Personnel Records
(3) BGFRS-9 Consultant and Staff Associate File
(4) BGFRS-10 General File on Board Members
(5) BGFRS-11 Official General Files
(6) BGFRS-15 General Files of Federal Reserve Agents, Alternates
and Representatives at Federal Reserve Banks
(7) BGFRS/OIG-2 OIG Personnel Records
(8) BGFRS-25 Multi-Rater Feedback Records
(d) Criminal law enforcement information. Pursuant to 5 U.S.C.
552a(j)(2), the Board has determined that portions of the OIG
Investigatory Records (BGFRS/OIG-1) shall be exempt from any part of
the Privacy Act (5 U.S.C. 552a), except the provisions regarding
disclosure, the requirement to keep an accounting, certain publication
requirements, certain requirements regarding the proper maintenance of
systems of records, and the criminal penalties for violation of the
Privacy Act, respectively, 5 U.S.C. 552a(b), (c)(1), and (2), (e)(4)(A)
through (F), (e)(6), (e)(7), (e)(9), (e)(10), (e)(11) and (i). This
designated system of records is maintained by the OIG, a Board
component that performs as its principal function an activity
pertaining to the enforcement of criminal laws. The exempt portions of
the records consist of--
(1) Information compiled for the purpose of identifying individual
criminal offenders and alleged offenders;
(2) Information compiled for the purpose of a criminal
investigation, including reports of informants and investigators, and
associated with an identifiable individual; or
(3) Reports identifiable to an individual compiled at any stage of
the process of enforcement of the criminal laws from arrest or
indictment through release from supervision.
By order of the Board of Governors of the Federal Reserve
System, June 1, 2004.
Robert deV. Frierson,
Deputy Secretary of the Board.
[FR Doc. 04-12727 Filed 6-4-04; 8:45 am]
BILLING CODE 6210-01-S