The Privacy Act works in tandem with the FOIA to regulate federal agency records about individuals,
restricting the disclosure of personal information that might violate privacy while allowing individuals
access to records about themselves.
View Privacy Act training.
Frequently Asked Questions
The Privacy Act of 1974 is a federal law that establishes safeguard for the protection of records which the federal government collects and maintains on United States citizens and aliens lawfully admitted for permanent residence. The purpose of the Privacy Act is to balance the governmentâ€™s need to maintain information about individuals with the rights of individuals to be protected against unwarranted invasions of their privacy stemming from federal agenciesâ€™ collection, maintenance, use, and disclosure of personal information about them.
If you are seeking records on yourself, this is a Privacy Act request. A Privacy Act request is a
written request for records pertaining to an individual maintained
in a Privacy Act system of records, unless the record is subject to an exemption or the record
is information compiled in reasonable anticipation of a civil action or proceeding.
You will need to submit your request via mail at the address to the right. You must also provide proof of identity. Also, if you are seeking records of a personal nature on another living individual, you must provide a Privacy Act release from that party to obtain these records. This type of request is not appropriate for submission via electronic or facsimile transmission
A System of Records is a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifier assigned to the individual. The Privacy Act requires each agency to publish notice of its systems of records in the federal register. This notice is generally referred to as a system of records notice (SORN).
The initial response time is the same as a FOIA request (20 days), except request for amendments. The Privacy Act systems manager normally acknowledges receipt of request within 10 working days and provides a determination within 30 working days.
If you are the subject of the file and the word "None" appears in the last entry in the systems notice entitled "Exemptions Claimed for the System," then the entire record will be released to you.
Personally Identifiable Information (PII)
Personally identifiable information (PII) is personal information about an individual that identifies, links, relates, is unique to, or describes him or her. Such information can be used to distinguish or trace an individual's identity.
|Name||Other names used||Social Security Number (SSN)|
|Truncated SSN||Driver's license||Other ID number|
|Race/Ethnicity||Birth date||Place of birth|
|Personal cell number||Home telephone number||Personal email address|
|Mailing/home address||Religious preference||Security clearance|
|Mother's maiden name||Mother's middle name||Spouse information|
|Marital status||Biometrics||Child information|
|Financial information||Medical information||Disability information|
|Law enforcement||Employment information||Military records|
|Emergency contact||Education information||Other identifiable information|
- Immediately report the PII incident to the HQDA Privacy Office.
- Immediately notify the local Privacy Act Officer at (804) 765-3204.
- Within 24 hours, report the PII Incident to US-CERT..