[Code of Federal Regulations] [Title 32, Volume 6] [Revised as of July 1, 2005] From the U.S. Government Printing Office via GPO Access [CITE: 32CFR806b.1] [Page 36-37] TITLE 32-NATIONAL DEFENSE CHAPTER VII--DEPARTMENT OF THE AIR FORCE PART 806b_PRIVACY ACT PROGRAM--Table of Contents Subpart A_Overview of the Privacy Act Program Sec. 806b.1 Summary of revisions. Subpart A_Overview of the Privacy Act Program Sec. 806b.1 Summary of revisions. 806b.2 Basic guidelines. 806b.3 Violation penalties. 806b.4 Privacy Act complaints. 806b.5 Personal notes. 806b.6 Systems of records operated by a contractor. 806b.7 Responsibilities. Subpart B_Obtaining Law Enforcement Records and Confidentiality Promises 806b.8 Obtaining law enforcement records. 806b.9 Confidentiality promises. Subpart C_Collecting Personal Information 806b.10 How to collect personal information. 806b.11 When To Give Privacy Act Statements (PAS). 806b.12 Requesting the Social Security Number. Subpart D_Giving Access to Privacy Act Records 806b.13 Making a request for access. 806b.14 Processing a request for access. 806b.15 Fees. 806b.16 Denying or limiting access. 806b.17 Special provision for certain medical records. 806b.18 Third party information in a Privacy Act System of records. 806b.19 Information compiled in anticipation of civil action. 806b.20 Denial authorities. [[Page 37]] Subpart E_Amending the Record 806b.21 Amendment reasons. 806b.22 Responding to amendment requests. 806b.23 Approving or denying a record amendment. 806b.24 Seeking review of unfavorable Agency determinations. 806b.25 Contents of Privacy Act case files. Subpart F_Appeals 806b.26 Appeal procedures. Subpart G_Privacy Act Notifications 806b.27 When to include a Privacy Act warning statement in publications. 806b.28 Warning banners. 806b.29 Sending personal information over electronic mail. Subpart H_Privacy Impact Assessments 806b.30 Evaluating information systems for Privacy Act compliance. Subpart I_Preparing and Publishing System Notices for the Federal Register 806b.31 Publishing System notices. 806b.32 Submitting notices for publication in the Federal Register. 806b.33 Reviewing notices. Subpart J_Protecting and Disposing of Records 806b.34 Protecting records. 806b.35 Balancing protection. 806b.36 Disposing of records. Subpart K_Privacy Act Exemptions 806b.37 Exemption types. 806b.38 Authorizing exemptions. 806b.39 Requesting an exemption. 806b.40 Exemptions. Subpart L_Disclosing Records to Third Parties 806b.41 Disclosure considerations. 806b.42 Social rosters. 806b.43 Placing personal information on shared drives. 806b.44 Personal information that requires protection. 806b.45 Releasable information. 806b.46 Disclosing other information. 806b.47 Rules for releasing Privacy Act information without the consent of the subject. 806b.48 Disclosing the medical records of minors. 806b.49 Disclosure accountings. 806b.50 Computer matching. 806b.51 Privacy and the Web. Subpart M_Training 806b.52 Who needs training? 806b.53 Training tools. 806b.54 Information collections, records, and forms or Information Management Tools (IMT). Appendix A to Part 806b--Definitions Appendix B to Part 806b--Preparing a System Notice Appendix C to Part 806b--DoD ``Blanket Routine Uses'' Appendix D to Part 806b--General and Specific Exemptions Appendix E to Part 806b--Privacy Impact Assessment Authority: Pub. L. 93-579, 88 Stat. 1896 (5 U.S.C. 552a). Source: 69 FR 954, Jan. 7, 2004, unless otherwise noted. This part moves responsibility for the Air Force Privacy Program from Air Force Communications and Information Center to the Air Force Chief Information Officer; prescribes Air Force Visual Aid 33-276, Privacy Act Label as optional; adds the E-Gov Act of 2002 requirement for a Privacy Impact Assessment for all information systems that are new or have major changes; changes appeal processing from Air Force Communications and Information Center to Air Force Legal Services Agency; adds Privacy Act warning language to use on information systems subject to the Privacy Act, includes guidance on sending personal information via e-mail; adds procedures on complaints; and provides guidance on recall rosters; social rosters; consent statements, systems of records operated by a contractor, and placing information on shared drives.