The Privacy Act. Disclaimers. Paul Klingenberg 6/14/2017 PRIVACY ACT AND SYSTEMS OF RECORDS 1

Similar documents
PRIVACY ACT 2016 SUPPLEMENTAL INFO. Document Title. Index 1 20 C.F.R GOVT-1 Privacy Act Systems Notice Excerpts 3-7

Privacy Act of 1974: A Basic Overview. Purpose of the Act. Congress goals. ASAP Conference: Arlington, VA Monday, July 27, 2015, 9:30-10:45am

A Basic Overview of The Privacy Act of 1974

Role of PAS in the Privacy Act

STATE BOARD FOR TECHNICAL AND COMPREHENSIVE EDUCATION PROCEDURE FREEDOM OF INFORMATION

Drivers Privacy Protection Act 18 U.S.C et. seq. (Public Law )

FOIA Exemptions 6 & 7C Personal Privacy Exemptions

APPLICATION FOR A SUPPORT STAFF POSITION 505 West Burkhart St Malden, MO 63863

THE PRIVACY ACT OF 1974 (As Amended) Public Law , as codified at 5 U.S.C. 552a

FOIA Exemptions 6 & 7C Personal Privacy Exemptions

NEW YORK IDENTITY THEFT RANKING BY STATE: Rank 6, Complaints Per 100,000 Population, Complaints (2007) Updated January 25, 2009

U.S. Victims of State Sponsored Terrorism Fund Application Form OMB No Expires 1/31/2017

Privacy Act of 1974; Department of Homeland Security, U.S. Customs and Border

APPLICATION FOR AN ADMINISTRATIVE POSITION Malden R-I School District 505 West Burkhart Street Malden, MO 63863

Case Problem Submission Worksheet (CIS Ombudsman Form DHS-7001) Instructions

GAPS REGISTRATION PROCESS FOR WHITFIELD COUNTY SCHOOLS

Application for Airport AOA Identification Media

FOIP Bulletin. Definitions. In this issue Introduction 1 1 Definitions. Number 14 June 2003

Cherokee County Fire & Emergency Services

State Data Breach Laws

Teacher Education Programs Background Check Requirements

Are There Cases When You Should Not Use This Form? What Information Is Needed to Search for USCIS Records? Verification of Identity in Person.

UTAH IDENTITY THEFT RANKING BY STATE: Rank 31, 57.8 Complaints Per 100,000 Population, 1529 Complaints (2007) Updated December 30, 2008

APPLICANT CHECKLIST II.

THE GENERAL ASSEMBLY OF PENNSYLVANIA HOUSE BILL

Illinois Freedom of Information Act

*The following steps must be completed BEFORE a badging application will be accepted.

I. PARTIES AUTHORITIES

Federal Criminal Background Check

EMPLOYMENT APPLICATION

Alias - Last Name Alias - First Name Alias - Middle Name. Alias - Last Name Alias - First Name Alias - Middle Name

Supreme Court of Florida

APPLICATION FOR VOLUNTEERS Mental Illness Recovery Center, Inc.

ID ACCESS BADGE APPLICATION FOR AOA and NON-SIDA

Applicant Rights and Consent to Fingerprint

Identity Theft Victim s Packet

NON SIDA VEHICLE ACCESS BADGE/GA

Occupational License Application

Subscriber Registration Agreement. Signing up is as easy as 1, 2, 3...

RE-APPLICATION FOR LPC-SUPERVISOR and LMFT-SUPERVISOR LICENSES [Applicable for lapsed license over two (2) years]

MICHIGAN WORKFORCE BACKGROUND CHECK CONSENT AND DISCLOSURE

FREEDOM OF INFORMATION/PRIVACY ACT POLICIES AND PROCEDURES WITHIN THE OFFICE OF THE JUDGE ADVOCATE GENERAL

Department of Police Services

Name {Last, First, Middle} Social Security Number: Check ( )Yes / ( ) No To submit to TSA Clearinghouse Print your Social Security Number Below

GENERAL AVIATION ACCESS APPLICATION

ST. CLOUD REGIONAL AIRPORT FINGERPRINTING AND BADGE APPLICATION

FEDERAL TRANSIT ADMINISTRATION REQUIREMENTS FOR PROFESSIONAL SERVICES CONTRACTS > $10,000

Sangamon County Circuit Clerk s Office. Small Claims Court Manual

Weapons Carry License Application Cherokee County

WEAPONS CARRY LICENSE APPLICATION CHEROKEE COUNTY

Aviation Security Identification Card (ASIC) Application Form S002

District Office 2083 College Avenue Elmira Heights, NY Mary Beth Fiore, Superintendent

What Is the Purpose of This Form? Who May File This Application? What Are the General Filing Instructions?

ST. CLOUD REGIONAL AIRPORT FINGERPRINTING AND BADGE APPLICATION

GENERAL AVIATION APPLICATION

One Hundred Fifth Congress of the United States of America

1. Purpose. 2. Membership and Organization. 3. Meetings. Canadian Imperial Bank of Commerce Corporate Governance Committee Mandate

MONTEFIORE HEALTH SYSTEM ADMINISTRATIVE POLICY AND PROCEDURE SUBJECT: SUMMARY OF FEDERAL AND STATE NUMBER: JC31.1 FALSE CLAIMS LAWS

POLICY TITLE: Public Access to District Records Policy No.: Page 1 of 6

Privacy Act; System of Records: Legal Case Management Records, State- to amend an existing system of records, Legal Case Management Records,

WE CAN NOT/WILL NOT CONTACT YOU!

The Army Privacy Program

MUST BE PRINTED IN COLOR

Massachusetts Overhauls Accessibility to Criminal Information of Applicants and Employees

INSTRUCTIONS FOR FILLING OUT THE BOISE AIR TERMINAL - APPLICATION FOR NON SIDA AOA ACCESS BADGE. Revised October 19, 2016

The Health Information Protection Act

ST. CLOUD REGIONAL AIRPORT FINGERPRINTING AND BADGE APPLICATION

Selected Federal Data Security Breach Legislation

REDMOND MUNICIPAL AIRPORT INITIAL ID APPLICATION AOA ID

Legislative Counsel s Digest: Section 5 Section 5 Section 5 Section 5 Section 5 section 5 Section 5 section 5

AIRPORT IDENTIFICATION BADGE APPLICATION

MEEKER COUNTY GUIDELINES AND PROCEDURES FOR MINNESOTA GOVERNMENT DATA PRACTICES ACT

To schedule an Application Processing Appointment

Choctaw Nation Gaming Commission P.O. Box 5229 Durant, OK Phone: (580) Fax: (580)

TRICARE Operations Manual M, April 1, 2015 Administration. Chapter 1 Section 5

Application for Airport SIDA Identification Media. / / Company Name Company Phone Job Title

Aviation Security Identification Card (ASIC) Application Form S002

ST. CLOUD REGIONAL AIRPORT FINGERPRINTING AND BADGE APPLICATION

Policy Framework for the Regional Biometric Data Exchange Solution

PERSONAL INFORMATION PROTECTION ACT

RESOLUTION OF THE NAVAJO NATION COUNCIL

MEDICAL UNIVERSITY OF SOUTH CAROLINA DEPARTMENT OF PUBLIC SAFETY

Be it enacted by the General Assembly of the Commonwealth of Kentucky: Section 1. KRS is amended to read as follows:

EXHIBIT G PRIVACY AND INFORMATION SECURITY PROVISIONS

Identity Cards Bill EXPLANATORY NOTES. Explanatory notes to the Bill, prepared by the Home Office, are published separately as Bill 9 EN.

MENTAL HEALTH ADVANCE DIRECTIVES - GUIDE FOR AGENTS

T. F. GREEN AIRPORT (PVD) - SECURITY BADGE APPLICATION SIGNATORY: (PRINT NAME ONLY APPROVED SIGNATORY ON FILE CAN SIGN APPLICATION)

A Guide to Residential Real Property Arbitration

FedRAMP Package Access Request Form For Review of FedRAMP Security Package

ID ACCESS BADGE APPLICATION FOR SECURED AREA/SECURITY IDENTIFICATION DISPLAY AREA (SIDA) / STERILE AREA

Help Shape Colorado s Lobbyist Rules

Melbourne International Airport Police Department Security Badge Application SIDA SECURE Area

PRIVACY IMPLICATIONS OF BIOMETRIC DATA. Kevin Nevias CISSP, CEH, CHFI, CISA, CISM, CRISC, CGEIT, CCNA, G /20/16

ICE. I.C.E. Under D.H.S. Customs and INS Investigations DRO

False Claims Act. Definitions:

ILLINOIS. Illinois Compiled Statutes Chapter /5(h)

Obtaining Information From Financial Institutions

PROTECTION OF PERSONAL INFORMATION ACT NO. 4 OF 2013

SCHWARTZ & BALLEN LLP 1990 M STREET, N.W. SUITE 500 WASHINGTON, DC

PROCESSING FOIA REQUESTS

Transcription:

Session 15 Federal Workers Compensation Conference 2017 June 28, 2017 Ashkea Herron McAllister United States Department of Labor Disclaimers This is NOT a comprehensive Privacy Act presentation it is specific to OWCP records maintained in DOL/GOVT-1, a government-wide System of Records (SOR). If you need Privacy Act advice regarding records maintained by your own agency under your own SOR, or under an OPM government-wide SOR, contact your General Counsel s/solicitor s Office. 2 3 RECORDS 1

What is The Purpose of the Privacy Act? Balance the Government s Need to Maintain Information with The Rights of Individuals to be Protected Against the Unwarranted Invasion of Their Privacy 4 How Does the Privacy Act Strike that Balance? Establishes Rights for Individuals Creates Responsibilities for Agencies Provides Oversight Mechanisms 5 Right for Individuals Notification (General, Specific) Access to Records About Oneself Amendment of Records in Error Ability to sue to enforce wrongs 6 RECORDS 2

Agency Responsibilities Establish regulations Maintain records to certain standards Protect records from disclosure Notify the public (general, specific) 7 4 Basic Policy Objectives 1. Restrict Disclosure 2. Grant individuals increased right of access 3. Grant individuals the right to seek amendment of agency records 4. Establish a code of fair information practices. 8 No Disclosure Without Consent 9 RECORDS 3

REMEMBER -- A disclosure may be written (most disclosures are) BUT... There are oral disclosures as well. ALL DISCLOSURES (INCLUDING DISCLOSURES FROM AQS/ARi) ARE COVERED BY PRIVACY ACT PRINCIPLES! 10 Privacy Act Terms Record Information About an Individual Examples Education, Financial Transactions, Medical History, and Criminal and Employment History Individual Identifier Examples Name, Identifying Number, Symbol, or Other Identifying Particular Assigned to an Individual, Such as a Fingerprint, Voice Print, Biometric, or Photograph 11 Privacy Act Terms System of Records Group of Records Under the Control of a Federal Agency Retrieved by Individual Identifier on a Regular Basis 12 RECORDS 4

Privacy Act Terms DOL/GOVT-1 DOL/GOVT-1 - Office of Workers' Compensation Programs, Federal Employees' Compensation Act File is the official name of the System of Records that contains FECA claims. 13 Privacy Act Terms Routine Use Allows for the disclosure of a record outside of the agency without consent (because of notification to the individual at the time of collection) Disclosure must be for a purpose which is compatible with the purpose for which [the information] was collected 14 Privacy Act Terms Personally Identifiable Information (PII) DOL defines PII as information: whose disclosure could result in harm to the individual whose name or identity is linked to that information. Examples include, but are not limited to, social security number; credit card number; bank account number; residential address; residential or personal telephone; biometric identifier (image, fingerprint, iris, etc.); date of birth; mother s maiden name; criminal records; medical records; and financial records. The conjunction of one data element with one or more additional elements increases the level of sensitivity and/or propensity to cause harm in the event of compromise. 15 RECORDS 5

No Disclosure Without Consent 16 Workers compensation records belong to DOL, AND DOL ONLY! Any records the employing agency has, including copies, belong to DOL. 17 So What Does That Mean? Any records the agency has belong to DOL, and can only be released in accordance with the Privacy Act, DOL s published routine uses, and with DOL s interpretation. 18 RECORDS 6

- Waiver No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains... -- 5 U.S.C. 552a(b) 19 Court Order... unless disclosure of the record would be... pursuant to the order of a court of competent jurisdiction. -- 5 U.S.C. 552a(b)(11) -- A subpoena is not sufficient. Only federal courts are courts of competent jurisdiction. 20 Routine Use... unless for a routine use... -- 5 U.S.C. 552a(b)(3) What are DOL s Published Routine Uses? In addition to the 14 universal routine uses that apply to all DOL systems of records, there are 22 routine uses for DOL/GOVT-1. 21 RECORDS 7

Routine Use - Examples 3 rd party in a 3 rd party action Employing agency at time of injury to verify billing, check status of claim, consider rehire, etc. Potential employers for return to work consideration Rehab agencies for evaluation Physicians for use in treatment Health insurance or medical/welfare plans for clarification of billing responsibility Labor union acting on behalf of the employee Employing Agency OIG 22 Right of Access v. Routine Use Disclosures Right of Access: Disclosure to the subject of the record (the FECA claimant), while appropriate, authorized, and required by 5 U.S.C. 552a(d)(1) (individual s right of access), is not a disclosure pursuant to a routine use. Routine use Disclosure: Example routine use e of DOL/GOVT-1 authorizes release of FECA file information to physicians treating or examining a FECA claimant Example routine use r allows release of FECA file information to GSA (for employees of other agencies) when a GSA building houses employees of those agencies 23 Routine Use So... What Does This All Mean? Workers Compensation Data Can be Released Only for the Routine Uses Established by DOL. 24 RECORDS 8

Routine Use What Else Does it Mean? When you release data, you can release only that part of the record that is necessary to meet the routine use. It is a violation of the Privacy Act to disclose any information not covered by the routine uses to anyone. When in doubt, call OWCP. 25 Disclosure Yes or No? EMPLOYING AGENCY OIG YES (IF INVESTIGATING FECA FRAUD) INJURY COMP YES SECURITY OFFICE YES with limitations SUPERVISOR YES IF RTW and with limitations EEO INVESTIGATOR NO (with PA WAIVER, YES) 26 Disclosure Yes or No? EMPLOYING AGENCY PERSONNEL ACTION NO AGENCY ATTORNEY NO (if assisting agency with FECA case itself, YES) BUDGET OFFICE YES, summary information only SAFETY AND HEALTH YES with limitations UNION REPRESENTATIVE YES but only if representing claimant before OWCP 27 RECORDS 9

Yes Does Not Mean an Unqualified Yes It is important to remember that, unless you have a Privacy Act waiver signed by the FECA claimant, or are responding to a first person request by the claimant, you always must confirm that the expected use of the information is compatible with the routine use, and you disclose the least amount of information necessary for the recipient s anticipated use. 28 Privacy Act Criminal Penalties (Individuals) 1. Federal Employee disclosure of information is prohibited. 2. Federal Employee willfully maintains a system of records without meeting notice requirements. 3. Anyone, including a Federal Employee, requests or obtains any record under false pretenses. --(all three)--misdemeanor, FINE NOT > $5,000 29 Privacy Act Criminal Penalties (Individuals) These provisions are solely criminal, and create no private right of action against a federal employee individually. In other words, if you violate an individual s privacy, the individual can only sue the government. BUT THE GOVERNMENT CAN PROSECUTE YOU!!! 30 RECORDS 10

Privacy Act Civil Remedies Civil Remedies Amendment, Access, Accuracy & Other Damages The lawsuit itself is against the federal agency only. An individual federal employee is not able to be sued for money damages under the Privacy Act. 31 Questions? 32 Main DOL Privacy Act Systems Page http://www.dol.gov/sol/privacy/main.htm DOL/GOVT-1 Systems Notice http://www.dol.gov/sol/privacy/dol-govt-1.htm DOL Universal Routine Uses http://www.dol.gov/sol/privacy/intro.htm DOL s Assertion of Control http://www.dol.gov/sol/privacy/gov-wide.htm 33 RECORDS 11

Contact Information Ashkea Herron McAllister mcallister.ashkea.h@dol.gov 202-513-6911 34 RECORDS 12

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback