Privacy Act of 1974; Privacy Act Regulation, 63703-63706 [2010-25367]

Download as PDF Federal Register / Vol. 75, No. 200 / Monday, October 18, 2010 / Rules and Regulations against which the product has been tested. This information will assist Federal agencies in determining whether or not a qualifying biobased product overlaps with EPA-designated re-refined lubricating oils and which product should be afforded the preference in purchasing. will give a procurement preference for qualifying biobased turbine drip oils. By that date, Federal agencies that have the responsibility for drafting or reviewing specifications for items to be procured shall ensure that the relevant specifications require the use of biobased turbine drip oils. Note to paragraph (d): Biobased multipurpose lubricant products within this designated item can compete with similar multipurpose lubricant products with recycled content. Under the Resource Conservation and Recovery Act of 1976, section 6002, the U.S. Environmental Protection Agency designated re-refined lubricating oils containing recovered materials as items for which Federal agencies must give preference in their purchasing programs. The designation can be found in the Comprehensive Procurement Guideline, 40 CFR 247.11. Dated: October 12, 2010. Pearlie S. Reed, Assistant Secretary for Administration, U.S. Department of Agriculture. § 2902.58 [Reserved] § 2902.59 Topical pain relief products. Privacy Act of 1974; Privacy Act Regulation (a) Definition. Products that can be balms, creams and other topical treatments used for the relief of muscle, joint, headache, and nerve pain, as well as sprains, bruises, swelling, and other aches. (b) Minimum biobased content. The preferred procurement product must have a minimum biobased content of at least 91 percent, which shall be based on the amount of qualifying biobased carbon in the product as a percent of the weight (mass) of the total organic carbon in the finished product. (c) Preference compliance date. No later than October 18, 2011, procuring agencies, in accordance with this part, will give a procurement preference for qualifying biobased topical pain relief products. By that date, Federal agencies that have the responsibility for drafting or reviewing specifications for items to be procured shall ensure that the relevant specifications require the use of biobased topical pain relief products. jlentini on DSKJ8SOYB1PROD with RULES § 2902.60 Turbine drip oils. (a) Definition. Products that are lubricants for use in drip lubrication systems for water well line shaft bearings, water turbine bearings for irrigation pumps, and other turbine bearing applications. (b) Minimum biobased content. The preferred procurement product must have a minimum biobased content of at least 87 percent, which shall be based on the amount of qualifying biobased carbon in the product as a percent of the weight (mass) of the total organic carbon in the finished product. (c) Preference compliance date. No later than October 18, 2011, procuring agencies, in accordance with this part, VerDate Mar<15>2010 16:06 Oct 15, 2010 Jkt 223001 [FR Doc. 2010–26122 Filed 10–15–10; 8:45 am] BILLING CODE 3410–93–P FEDERAL RESERVE SYSTEM 12 CFR Part 261a [Docket No. R–1313] Board of Governors of the Federal Reserve System. ACTION: Final rule. AGENCY: The Board of Governors of the Federal Reserve System (Board) is issuing a final rule to amend its regulation implementing the Privacy Act of 1974 (Privacy Act). The primary changes concern the waiver of copying fees charged to current and former Board employees, and applicants for Board employment, for access to their records under the Privacy Act; the amendment of special procedures for the release of medical records to permit the Board’s Chief Privacy Officer to consult with the Board’s Employee Assistance Program counselor to determine whether the disclosure of medical records directly to the requester could have an adverse effect on the requester; changes to the time limits for responding to requests for access to information and amendment of records; and updates to the exemptions claimed for certain systems of records. In addition, the Board is proposing to make minor editorial and technical changes to ensure that the Board’s regulation is consistent with the Board’s published systems of records and is clearer. SUMMARY: DATES: This rule is effective October 18, 2010. Brad Fleetwood, Senior Counsel, (202) 452– 3721, Legal Division. For users of Telecommunications Device for the Deaf (TDD) only, contact (202) 263–4869. SUPPLEMENTARY INFORMATION: The Board published a notice of proposed rulemaking to amend its regulation FOR FURTHER INFORMATION CONTACT: PO 00000 Frm 00009 Fmt 4700 Sfmt 4700 63703 implementing the Privacy Act in the Federal Register, 73 FR 25594, May 7, 2008. The proposed amendments: (1) Waived all copying fees in connection with any Privacy Act request by current or former Board employees and applicants for Board employment; (2) permitted the Chief Privacy Officer to consult with the Board’s Employee Assistance Program counselor as well as the Board’s physician to determine whether the disclosure of medical records directly to the requester could have an adverse effect on the requester; (3) required all requests for access (including requests made by current Board employees for access to their personnel records) to be submitted in writing to the Secretary of the Board; (4) lengthened the time limits for acknowledging (and where practicable, substantially responding to) an individual’s request for access to information and making a determination on a request to amend an individual’s record; (5) replaced the statutory exemptions listed in the Privacy Act with references to the relevant provisions in the Privacy Act; (6) updated the exemptions listed under 12 CFR 261a.12 to conform to the exemptions approved for each of the Board’s Privacy Act systems of records; and (7) made minor editorial and technical changes for clarity and consistency with the Board’s published systems of records. In response to these proposed amendments, the Board received three public comments relating to the privacy of information held by banks and other financial institutions. Because the Board’s Privacy Act regulation does not regulate the privacy of this information, the Board did not consider these comments relevant. The Board’s final rule adopts all of the amendments as proposed except that the Board has determined to revise the requirement that all requests for access be submitted in writing to the Secretary of the Board. This amendment was proposed to facilitate appropriate tracking and processing of all Privacy Act requests. However, after an internal review of this matter, the Board determined that because current and former employees frequently request access to records about themselves directly from Human Resources (HR) in person to require such employees to instead seek this information from the Secretary’s Office in writing would be extremely burdensome. Any benefit from an increased ability to track these requests would be more than outweighed by the increased difficulty that employees would face in seeking information about themselves. E:\FR\FM\18OCR1.SGM 18OCR1 63704 Federal Register / Vol. 75, No. 200 / Monday, October 18, 2010 / Rules and Regulations Therefore, the Board has determined that it is unnecessary at this time to require current or former employees to make Privacy Act requests through the Secretary’s Office. The final rule permits current and former Board employees to make Privacy Act requests in person or in writing to the Board office that maintains the record. The Board believes that this will facilitate employees’ access to their records consistent with the requirements of the Privacy Act. If the Secretary determines that this option impedes or frustrates in any way the appropriate tracking of requests, the Secretary may notify requesters that they must submit their requests through the Secretary’s office. In any case, a denial of an employee’s request (in whole or in part) must be reported to the Secretary of the Board so that the Secretary can ensure that the request was appropriately processed. The Board’s final rule also updates section 261a.5(c) regarding verification of identity to make it clear that a Board identification card is considered valid proof of identity for current and former Board employees. In addition, during the time between the date the proposed rulemaking was published and this final rulemaking, the Board published two new systems of records, BGFRS–37 (Electronic Applications) and BGFRS– 38 (Transportation Subsidy Records). As noted in the related Federal Register Notice, 73 FR 54595, September 22, 2008, certain portions of BGFRS–37 (Electronic Applications) may be exempt from 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) of the Privacy Act pursuant to 5 U.S.C. 552a(k)(2). Thus, the Board has amended section 261a.12 to reflect this exemption. The Privacy Act Regulation sets forth the procedures by which individuals may request access and amendment to records maintained in systems of records at the Board. The Board certifies that this rule will not have a significant economic impact on a substantial number of small entities, because it does not apply to business entities. jlentini on DSKJ8SOYB1PROD with RULES List of Subjects in 12 CFR Part 261a Privacy. Authority and Issuance For the reasons set forth in the preamble, the Board revises 12 CFR Part 261a as follows: VerDate Mar<15>2010 16:06 Oct 15, 2010 Jkt 223001 Subpart A—General Provisions Sec. 261a.1 Authority, purpose and scope. 261a.2 Definitions. 261a.3 Custodian of records; delegations of authority. 261a.4 Fees. Subpart B—Procedures for Requests by Individual to Whom Record Pertains 261a.5 Request for access to record. 261a.6 Board procedures for responding to request for access. 261a.7 Special procedures for medical records. 261a.8 Request for amendment of record. 261a.9 Board review of request for amendment of record. 261a.10 Appeal of adverse determination of request for access or amendment. Subpart C—Disclosure of Records 261a.11 Restrictions on disclosure. 261a.12 Exempt records. Authority: 5 U.S.C. 552a. Subpart A—General Provisions § 261a.1 Authority, purpose and scope. (a) Authority. This part is issued by the Board of Governors of the Federal Reserve System (the Board) pursuant to the Privacy Act of 1974 (5 U.S.C. 552a). (b) Purpose and scope. This part implements the provisions of the Privacy Act of 1974 with regard to the maintenance, protection, disclosure, and amendment of records contained within systems of records maintained by the Board. It sets forth the procedures for requests for access to, or amendment of, records concerning individuals that are contained in systems of records maintained by the Board. § 261a.2 Regulatory Flexibility Analysis ■ PART 261a—RULES REGARDING ACCESS TO PERSONAL INFORMATION UNDER THE PRIVACY ACT 1974 Definitions. For purposes of this part, the following definitions apply: (a) Business day means any day except Saturday, Sunday or a legal Federal holiday. (b) Guardian means the parent of a minor, or the legal guardian of any individual who has been declared to be incompetent due to physical or mental incapacity or age by a court of competent jurisdiction. (c) Individual means a natural person who is either a citizen of the United States or an alien lawfully admitted for permanent residence. (d) Maintain includes maintain, collect, use, or disseminate. (e) Record means any item, collection, or grouping of information about an individual maintained by the Board that PO 00000 Frm 00010 Fmt 4700 Sfmt 4700 contains the individual’s name or the identifying number, symbol, or other identifying particular assigned to the individual, such as a fingerprint, voice print, or photograph. (f) Routine use means, with respect to disclosure of a record, the use of such record for a purpose that is compatible with the purpose for which it was collected or created. (g) System of records means a group of any records under the control of the Board from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual. (h) You means an individual making a request under the Privacy Act. (i) We means the Board. § 261a.3 Custodian of records; delegations of authority. (a) Custodian of records. The Secretary of the Board is the official custodian of all Board records. (b) Delegated authority of the Secretary. The Secretary of the Board is authorized to— (1) Respond to requests for access to, accounting of, or amendment of records contained in a system of records, except for requests regarding systems of records maintained by the Board’s Office of Inspector General (OIG); (2) Approve the publication of new systems of records and amend existing systems of records, except those systems of records exempted pursuant to § 261a.12(b), (c) and (d); and (3) File any necessary reports related to the Privacy Act. (c) Delegated authority of designee. Any action or determination required or permitted by this part to be done by the Secretary of the Board may be done by a Deputy or Associate Secretary or other responsible employee of the Board who has been duly designated for this purpose by the Secretary. (d) Delegated authority of Inspector General. The Inspector General is authorized to respond to requests for access to, accounting of, or amendment of records contained in a system of records maintained by the OIG. § 261a.4 Fees. (a) Copies of records. We will provide you with copies of the records you request under § 261a.5 of this part at the same cost we charge for duplication of records and/or production of computer output under the Board’s Rules Regarding Availability of Information, 12 CFR Part 261. (b) No fee. We will not charge you a fee if: (1) Your total charges are less than $5, or E:\FR\FM\18OCR1.SGM 18OCR1 Federal Register / Vol. 75, No. 200 / Monday, October 18, 2010 / Rules and Regulations (2) You are a Board employee or former employee, or an applicant for employment with the Board, and you request records pertaining to you. Subpart B—Procedures for Requests by Individuals to Whom Record Pertains jlentini on DSKJ8SOYB1PROD with RULES § 261a.5 Request for access to records. (a) Procedures for making request. (1) Except as provided in paragraph (a)(2) or (f) of this section, if you (or your guardian) want to learn of the existence of, or to gain access to, your record in a system of records, you may submit a request in writing to the Secretary of the Board, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551. (2) If you request information contained in a system of records maintained by the Board’s OIG, you may submit the request in writing to the Inspector General, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551. (b) Contents of request. Except for requests made under paragraph (f) of this section, your written request must include – (1) A statement that the request is made pursuant to the Privacy Act of 1974; (2) Tthe name of the system of records you believe contains the record you request, or a concise description of that system of records; (3) Information necessary to verify your identity pursuant to paragraph (c) of this section; and (4) Any other information that might assist us in identifying the record you seek (e.g., maiden name, dates of employment, etc.). (c) Verification of identity. We will require proof of your identity, and we reserve the right to determine whether the proof you submit is adequate. In general, we will consider the following to be adequate proof of identity: (1) If you are a current or former Board employee, your Board identification card; or (2) If you are not a current or former Board employee, either (i) Two forms of identification, including one photo identification, or (ii) A notarized statement attesting to your identity. (d) Verification of identity not required. We will not require verification of identity when the records you seek are available to any person under the Freedom of Information Act (5 U.S.C. 552). (e) Request for accounting of previous disclosures. You may request an VerDate Mar<15>2010 16:06 Oct 15, 2010 Jkt 223001 accounting of previous disclosures of records pertaining to you in a system of records as provided in 5 U.S.C. 552a(c). (f) Requests Made by Board Employees. Unless the Secretary provides and you are notified otherwise, if you are a current or former Board employee, you also may request access to your record in a system of records by appearing in person before or writing directly to the Board office that maintains the record. § 261a.6 Board procedures for responding to request for access. (a) Compliance with Freedom of Information Act. We will handle every request made pursuant to § 261a.5 of this part (other than requests submitted under § 261a.5(f) that were granted) as a request for information pursuant to the Freedom of Information Act. The time limits set forth in paragraph (b) of this section and the fees specified in § 261a.4 of this part will apply to such requests. (b) Time for response. We will acknowledge every request made pursuant to § 261a.5 of this part within 20 business days from receipt of the request and will, where practicable, respond to each request within that 20day period. When a full response is not practicable within the 20-day period, we will respond as promptly as possible. (c) Disclosure. (1) When we disclose information in response to your request, except for information maintained by the Board’s OIG, we will make the information available for inspection and copying during regular business hours at the Board’s Freedom of Information Office, or we will we mail it to you on your request. For requests made under paragraph § 261a.5(f), you may request that the information be provided orally or in person. (2) When the information to be disclosed is maintained by the Board’s OIG, the OIG will make the information available for inspection and copying or will mail it to you on request. (3) You may bring with you anyone you choose to see the requested material. All visitors to the Board’s buildings must comply with the Board’s security procedures. (d) Denial of request. If we deny a request made pursuant to § 261a.5 of this part, we will tell you the reason(s) for denial and the procedures for appealing the denial. If a request made under paragraph § 261a.5(f) is denied, in whole or in part, the Board office that denied your request will simultaneously notify the Secretary of the Board of its action. PO 00000 Frm 00011 Fmt 4700 Sfmt 4700 63705 § 261a.7 Special procedures for medical records. If you request medical or psychological records pursuant to § 261a.5, we will disclose them directly to you unless the Chief Privacy Officer, in consultation with the Board’s physician or Employee Assistance Program counselor, determines that such disclosure could have an adverse effect on you. If the Chief Privacy Officer makes that determination, we will provide the information to a licensed physician or other appropriate representative that you designate, who may disclose those records to you in a manner he or she deems appropriate. § 261a.8 record. Request for amendment of (a) Procedures for making request. (1) If you wish to amend a record that pertains to you in a system of records, you may submit the request in writing to the Secretary of the Board (or to the Inspector General for records in a system of records maintained by the OIG) in an envelope clearly marked ‘‘Privacy Act Amendment Request.’’ (2) Your request for amendment of a record must— (i) Identify the system of records containing the record for which amendment is requested; (ii) Specify the portion of that record requested to be amended; and (iii) Describe the nature of and reasons for each requested amendment. (3) We will require you to verify your identity under the procedures set forth in § 261a.5(c) of this part, unless you have already done so in a related request for access or amendment. (b) Burden of proof. Your request for amendment of a record must tell us why you believe the record is not accurate, relevant, timely, or complete. You have the burden of proof for demonstrating the appropriateness of the requested amendment, and you must provide relevant and convincing evidence in support of your request. § 261a.9 Board review of request for amendment of record. (a) Time limits. We will acknowledge your request for amendment of your record within 10 business days after we receive your request. In the acknowledgment, we may request additional information necessary for a determination on the request for amendment. We will make a determination on a request to amend a record promptly. (b) Contents of response to request for amendment. When we respond to a request for amendment, we will tell you whether your request is granted or E:\FR\FM\18OCR1.SGM 18OCR1 63706 Federal Register / Vol. 75, No. 200 / Monday, October 18, 2010 / Rules and Regulations denied. If we grant your request, we will take the necessary steps to amend your record and, when appropriate and possible, notify prior recipients of the record of our action. If we deny the request, in whole or in part, we will tell you— (1) Why we denied the request (or portion of the request); (2) That you have a right to appeal; and (3) How to file an appeal. jlentini on DSKJ8SOYB1PROD with RULES § 261a.10 Appeal of adverse determination of request for access or amendment. (a) Appeal. You may appeal a denial of a request made pursuant to § 261a.5 or § 261a.8 of this part within 10 business days after we notify you that we denied your request. Your appeal must— (1) Be made in writing with the words ‘‘PRIVACY ACT APPEAL’’ written prominently on the first page and addressed to the Secretary of the Board, Board of Governors of the Federal Reserve System, 20th Street and Constitution Avenue, NW., Washington, DC 20551; (2) Specify the background of the request; and (3) Provide reasons why you believe the initial denial is in error. (b) Determination. We will make a determination on your appeal within 30 business days from the date we receive it, unless we extend the time for good cause. (1) If we grant your appeal regarding a request for amendment, we will take the necessary steps to amend your record and, when appropriate and possible, notify prior recipients of the record of our action. (2) If we deny your appeal, we will inform you of such determination, tell you our reasons for the denial, and tell you about your rights to file a statement of disagreement and to have a court review our decision. (c) Statement of disagreement. (1) If we deny your appeal regarding a request for amendment, you may file a concise statement of disagreement with the denial. We will maintain your statement with the record you sought to amend and any disclosure of the record will include a copy of your statement of disagreement. (2) When practicable and appropriate, we will provide a copy of the statement of disagreement to any prior recipients of the record. Subpart C—Disclosure of Records § 261a.11 Restrictions on disclosure. We will not disclose any record about you contained in a system of records to VerDate Mar<15>2010 16:06 Oct 15, 2010 Jkt 223001 any person or agency without your prior written consent unless the disclosure is authorized by 5 U.S.C. 552a(b). § 261a.12 Exempt records. (a) Information compiled for civil action. This regulation does not permit you to have access to any information compiled in reasonable anticipation of a civil action or proceeding. (b) Law enforcement information. Pursuant to 5 U.S.C. 552a(k)(2), we have determined that it is necessary to exempt the systems of records listed below from the requirements of the Privacy Act concerning access to records, accounting of disclosures of records, maintenance of only relevant and necessary information in files, and certain publication provisions, respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f), and §§ 261a.5, 261a.7, and 261a.8 of this part. The exemption applies only to the extent that a system of records contains investigatory materials compiled for law enforcement purposes. (1) BGFRS–1 Recruiting and Placement Records (2) BGFRS–2 Personnel Security Systems (3) BGFRS–4 General Personnel Records (4) BGFRS–5 EEO Discrimination Complaint File (5) BGFRS–18 Consumer Complaint Information (6) BGFRS–21 Supervisory Enforcement Actions and Special Examinations Tracking System (7) BGFRS–31 Protective Information System (8) BGFRS–32 Visitor Registration System (9) BGFRS–36 Federal Reserve Application Name Check System (10) BGFRS–37 Electronic Applications (11) BGFRS/OIG–1 OIG Investigative Records (c) Confidential references. Pursuant to 5 U.S.C. 552a(k)(5), we have determined that it is necessary to exempt the systems of records listed below from the requirements of the Privacy Act concerning access to records, accounting of disclosures of records, maintenance of only relevant and necessary information in files, and certain publication provisions, respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H) and (I), and (f), and §§ 261a.5, 261a.7, and 261a.8 of this part. The exemption applies only to the extent that a system of records contains investigatory material compiled to determine an individual’s suitability, eligibility, and qualifications for Board PO 00000 Frm 00012 Fmt 4700 Sfmt 4700 employment or access to classified information, and the disclosure of such material would reveal the identity of a source who furnished information to the Board under a promise of confidentiality. (1) BGFRS–1 Recruiting and Placement Records (2) BGFRS–2 Personnel Security Systems (3) BGFRS–4 General Personnel Records (4) BGFRS–10 General Files on Board Members (5) BGFRS–11 Official General Files (6) BGFRS–13 Federal Reserve System Bank Supervision Staff Qualifications (7) BGFRS–14 General File on Federal Reserve Bank and Branch Directors (8) BGFRS–25 Multi-Rater Feedback Records (9) BGFRS/OIG–1 OIG Investigative Records (10) BGFRS/OIG–2 OIG Personnel Records (d) Criminal law enforcement information. Pursuant to 5 U.S.C. 552a(j)(2), we have determined that the OIG Investigative Records (BGFRS/OIG– 1) are exempt from the Privacy Act, except the provisions regarding disclosure, the requirement to keep an accounting, certain publication requirements, certain requirements regarding the proper maintenance of systems of records, and the criminal penalties for violation of the Privacy Act, respectively, 5 U.S.C. 552a(b), (c)(1), and (2), (e)(4)(A) through (F), (e)(6), (e)(7), (e)(9), (e)(10), (e)(11) and (i). By order of the Board of Governors of the Federal Reserve System, October 4, 2010. Robert deV. Frierson, Deputy Secretary of the Board. [FR Doc. 2010–25367 Filed 10–15–10; 8:45 am] BILLING CODE 6210–01–P DEPARTMENT OF TRANSPORTATION Federal Aviation Administration 14 CFR Part 71 [Docket No. FAA–2010–0651; Airspace Docket No. 10–ANM–7] Amendment of Class D and Class E Airspace; Klamath Falls, OR Federal Aviation Administration (FAA), DOT. ACTION: Final rule. AGENCY: This action will amend Class D and Class E airspace at Klamath Falls, OR. Decommissioning of the Merrill SUMMARY: E:\FR\FM\18OCR1.SGM 18OCR1

Agencies

[Federal Register Volume 75, Number 200 (Monday, October 18, 2010)]
[Rules and Regulations]
[Pages 63703-63706]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-25367]


=======================================================================
-----------------------------------------------------------------------

FEDERAL RESERVE SYSTEM

12 CFR Part 261a

[Docket No. R-1313]


Privacy Act of 1974; Privacy Act Regulation

AGENCY: Board of Governors of the Federal Reserve System.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Board of Governors of the Federal Reserve System (Board) 
is issuing a final rule to amend its regulation implementing the 
Privacy Act of 1974 (Privacy Act). The primary changes concern the 
waiver of copying fees charged to current and former Board employees, 
and applicants for Board employment, for access to their records under 
the Privacy Act; the amendment of special procedures for the release of 
medical records to permit the Board's Chief Privacy Officer to consult 
with the Board's Employee Assistance Program counselor to determine 
whether the disclosure of medical records directly to the requester 
could have an adverse effect on the requester; changes to the time 
limits for responding to requests for access to information and 
amendment of records; and updates to the exemptions claimed for certain 
systems of records. In addition, the Board is proposing to make minor 
editorial and technical changes to ensure that the Board's regulation 
is consistent with the Board's published systems of records and is 
clearer.

DATES: This rule is effective October 18, 2010.

FOR FURTHER INFORMATION CONTACT: Brad Fleetwood, Senior Counsel, (202) 
452-3721, Legal Division. For users of Telecommunications Device for 
the Deaf (TDD) only, contact (202) 263-4869.

SUPPLEMENTARY INFORMATION: The Board published a notice of proposed 
rulemaking to amend its regulation implementing the Privacy Act in the 
Federal Register, 73 FR 25594, May 7, 2008. The proposed amendments: 
(1) Waived all copying fees in connection with any Privacy Act request 
by current or former Board employees and applicants for Board 
employment; (2) permitted the Chief Privacy Officer to consult with the 
Board's Employee Assistance Program counselor as well as the Board's 
physician to determine whether the disclosure of medical records 
directly to the requester could have an adverse effect on the 
requester; (3) required all requests for access (including requests 
made by current Board employees for access to their personnel records) 
to be submitted in writing to the Secretary of the Board; (4) 
lengthened the time limits for acknowledging (and where practicable, 
substantially responding to) an individual's request for access to 
information and making a determination on a request to amend an 
individual's record; (5) replaced the statutory exemptions listed in 
the Privacy Act with references to the relevant provisions in the 
Privacy Act; (6) updated the exemptions listed under 12 CFR 261a.12 to 
conform to the exemptions approved for each of the Board's Privacy Act 
systems of records; and (7) made minor editorial and technical changes 
for clarity and consistency with the Board's published systems of 
records.
    In response to these proposed amendments, the Board received three 
public comments relating to the privacy of information held by banks 
and other financial institutions. Because the Board's Privacy Act 
regulation does not regulate the privacy of this information, the Board 
did not consider these comments relevant.
    The Board's final rule adopts all of the amendments as proposed 
except that the Board has determined to revise the requirement that all 
requests for access be submitted in writing to the Secretary of the 
Board. This amendment was proposed to facilitate appropriate tracking 
and processing of all Privacy Act requests. However, after an internal 
review of this matter, the Board determined that because current and 
former employees frequently request access to records about themselves 
directly from Human Resources (HR) in person to require such employees 
to instead seek this information from the Secretary's Office in writing 
would be extremely burdensome. Any benefit from an increased ability to 
track these requests would be more than outweighed by the increased 
difficulty that employees would face in seeking information about 
themselves.

[[Page 63704]]

Therefore, the Board has determined that it is unnecessary at this time 
to require current or former employees to make Privacy Act requests 
through the Secretary's Office. The final rule permits current and 
former Board employees to make Privacy Act requests in person or in 
writing to the Board office that maintains the record. The Board 
believes that this will facilitate employees' access to their records 
consistent with the requirements of the Privacy Act. If the Secretary 
determines that this option impedes or frustrates in any way the 
appropriate tracking of requests, the Secretary may notify requesters 
that they must submit their requests through the Secretary's office. In 
any case, a denial of an employee's request (in whole or in part) must 
be reported to the Secretary of the Board so that the Secretary can 
ensure that the request was appropriately processed.
    The Board's final rule also updates section 261a.5(c) regarding 
verification of identity to make it clear that a Board identification 
card is considered valid proof of identity for current and former Board 
employees. In addition, during the time between the date the proposed 
rulemaking was published and this final rulemaking, the Board published 
two new systems of records, BGFRS-37 (Electronic Applications) and 
BGFRS-38 (Transportation Subsidy Records). As noted in the related 
Federal Register Notice, 73 FR 54595, September 22, 2008, certain 
portions of BGFRS-37 (Electronic Applications) may be exempt from 5 
U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), (H), and (I), and (f) of the 
Privacy Act pursuant to 5 U.S.C. 552a(k)(2). Thus, the Board has 
amended section 261a.12 to reflect this exemption.

Regulatory Flexibility Analysis

    The Privacy Act Regulation sets forth the procedures by which 
individuals may request access and amendment to records maintained in 
systems of records at the Board. The Board certifies that this rule 
will not have a significant economic impact on a substantial number of 
small entities, because it does not apply to business entities.

List of Subjects in 12 CFR Part 261a

    Privacy.

Authority and Issuance

0
For the reasons set forth in the preamble, the Board revises 12 CFR 
Part 261a as follows:

PART 261a--RULES REGARDING ACCESS TO PERSONAL INFORMATION UNDER THE 
PRIVACY ACT 1974

Subpart A--General Provisions
Sec.
261a.1 Authority, purpose and scope.
261a.2 Definitions.
261a.3 Custodian of records; delegations of authority.
261a.4 Fees.
Subpart B--Procedures for Requests by Individual to Whom Record 
Pertains
261a.5 Request for access to record.
261a.6 Board procedures for responding to request for access.
261a.7 Special procedures for medical records.
261a.8 Request for amendment of record.
261a.9 Board review of request for amendment of record.
261a.10 Appeal of adverse determination of request for access or 
amendment.
Subpart C--Disclosure of Records
261a.11 Restrictions on disclosure.
261a.12 Exempt records.

    Authority: 5 U.S.C. 552a.

Subpart A--General Provisions


Sec.  261a.1  Authority, purpose and scope.

    (a) Authority. This part is issued by the Board of Governors of the 
Federal Reserve System (the Board) pursuant to the Privacy Act of 1974 
(5 U.S.C. 552a).
    (b) Purpose and scope. This part implements the provisions of the 
Privacy Act of 1974 with regard to the maintenance, protection, 
disclosure, and amendment of records contained within systems of 
records maintained by the Board. It sets forth the procedures for 
requests for access to, or amendment of, records concerning individuals 
that are contained in systems of records maintained by the Board.


Sec.  261a.2  Definitions.

    For purposes of this part, the following definitions apply:
    (a) Business day means any day except Saturday, Sunday or a legal 
Federal holiday.
    (b) Guardian means the parent of a minor, or the legal guardian of 
any individual who has been declared to be incompetent due to physical 
or mental incapacity or age by a court of competent jurisdiction.
    (c) Individual means a natural person who is either a citizen of 
the United States or an alien lawfully admitted for permanent 
residence.
    (d) Maintain includes maintain, collect, use, or disseminate.
    (e) Record means any item, collection, or grouping of information 
about an individual maintained by the Board that contains the 
individual's name or the identifying number, symbol, or other 
identifying particular assigned to the individual, such as a 
fingerprint, voice print, or photograph.
    (f) Routine use means, with respect to disclosure of a record, the 
use of such record for a purpose that is compatible with the purpose 
for which it was collected or created.
    (g) System of records means a group of any records under the 
control of the Board from which information is retrieved by the name of 
the individual or by some identifying number, symbol, or other 
identifying particular assigned to the individual.
    (h) You means an individual making a request under the Privacy Act.
    (i) We means the Board.


Sec.  261a.3  Custodian of records; delegations of authority.

    (a) Custodian of records. The Secretary of the Board is the 
official custodian of all Board records.
    (b) Delegated authority of the Secretary. The Secretary of the 
Board is authorized to--
    (1) Respond to requests for access to, accounting of, or amendment 
of records contained in a system of records, except for requests 
regarding systems of records maintained by the Board's Office of 
Inspector General (OIG);
    (2) Approve the publication of new systems of records and amend 
existing systems of records, except those systems of records exempted 
pursuant to Sec.  261a.12(b), (c) and (d); and
    (3) File any necessary reports related to the Privacy Act.
    (c) Delegated authority of designee. Any action or determination 
required or permitted by this part to be done by the Secretary of the 
Board may be done by a Deputy or Associate Secretary or other 
responsible employee of the Board who has been duly designated for this 
purpose by the Secretary.
    (d) Delegated authority of Inspector General. The Inspector General 
is authorized to respond to requests for access to, accounting of, or 
amendment of records contained in a system of records maintained by the 
OIG.


Sec.  261a.4  Fees.

    (a) Copies of records. We will provide you with copies of the 
records you request under Sec.  261a.5 of this part at the same cost we 
charge for duplication of records and/or production of computer output 
under the Board's Rules Regarding Availability of Information, 12 CFR 
Part 261.
    (b) No fee. We will not charge you a fee if:
    (1) Your total charges are less than $5, or

[[Page 63705]]

    (2) You are a Board employee or former employee, or an applicant 
for employment with the Board, and you request records pertaining to 
you.

Subpart B--Procedures for Requests by Individuals to Whom Record 
Pertains


Sec.  261a.5  Request for access to records.

    (a) Procedures for making request. (1) Except as provided in 
paragraph (a)(2) or (f) of this section, if you (or your guardian) want 
to learn of the existence of, or to gain access to, your record in a 
system of records, you may submit a request in writing to the Secretary 
of the Board, Board of Governors of the Federal Reserve System, 20th 
Street and Constitution Avenue, NW., Washington, DC 20551.
    (2) If you request information contained in a system of records 
maintained by the Board's OIG, you may submit the request in writing to 
the Inspector General, Board of Governors of the Federal Reserve 
System, 20th Street and Constitution Avenue, NW., Washington, DC 20551.
    (b) Contents of request. Except for requests made under paragraph 
(f) of this section, your written request must include -
    (1) A statement that the request is made pursuant to the Privacy 
Act of 1974;
    (2) Tthe name of the system of records you believe contains the 
record you request, or a concise description of that system of records;
    (3) Information necessary to verify your identity pursuant to 
paragraph (c) of this section; and
    (4) Any other information that might assist us in identifying the 
record you seek (e.g., maiden name, dates of employment, etc.).
    (c) Verification of identity. We will require proof of your 
identity, and we reserve the right to determine whether the proof you 
submit is adequate. In general, we will consider the following to be 
adequate proof of identity:
    (1) If you are a current or former Board employee, your Board 
identification card; or
    (2) If you are not a current or former Board employee, either
    (i) Two forms of identification, including one photo 
identification, or
    (ii) A notarized statement attesting to your identity.
    (d) Verification of identity not required. We will not require 
verification of identity when the records you seek are available to any 
person under the Freedom of Information Act (5 U.S.C. 552).
    (e) Request for accounting of previous disclosures. You may request 
an accounting of previous disclosures of records pertaining to you in a 
system of records as provided in 5 U.S.C. 552a(c).
    (f) Requests Made by Board Employees. Unless the Secretary provides 
and you are notified otherwise, if you are a current or former Board 
employee, you also may request access to your record in a system of 
records by appearing in person before or writing directly to the Board 
office that maintains the record.


Sec.  261a.6  Board procedures for responding to request for access.

    (a) Compliance with Freedom of Information Act. We will handle 
every request made pursuant to Sec.  261a.5 of this part (other than 
requests submitted under Sec.  261a.5(f) that were granted) as a 
request for information pursuant to the Freedom of Information Act. The 
time limits set forth in paragraph (b) of this section and the fees 
specified in Sec.  261a.4 of this part will apply to such requests.
    (b) Time for response. We will acknowledge every request made 
pursuant to Sec.  261a.5 of this part within 20 business days from 
receipt of the request and will, where practicable, respond to each 
request within that 20-day period. When a full response is not 
practicable within the 20-day period, we will respond as promptly as 
possible.
    (c) Disclosure. (1) When we disclose information in response to 
your request, except for information maintained by the Board's OIG, we 
will make the information available for inspection and copying during 
regular business hours at the Board's Freedom of Information Office, or 
we will we mail it to you on your request. For requests made under 
paragraph Sec.  261a.5(f), you may request that the information be 
provided orally or in person.
    (2) When the information to be disclosed is maintained by the 
Board's OIG, the OIG will make the information available for inspection 
and copying or will mail it to you on request.
    (3) You may bring with you anyone you choose to see the requested 
material. All visitors to the Board's buildings must comply with the 
Board's security procedures.
    (d) Denial of request. If we deny a request made pursuant to Sec.  
261a.5 of this part, we will tell you the reason(s) for denial and the 
procedures for appealing the denial. If a request made under paragraph 
Sec.  261a.5(f) is denied, in whole or in part, the Board office that 
denied your request will simultaneously notify the Secretary of the 
Board of its action.


Sec.  261a.7  Special procedures for medical records.

    If you request medical or psychological records pursuant to Sec.  
261a.5, we will disclose them directly to you unless the Chief Privacy 
Officer, in consultation with the Board's physician or Employee 
Assistance Program counselor, determines that such disclosure could 
have an adverse effect on you. If the Chief Privacy Officer makes that 
determination, we will provide the information to a licensed physician 
or other appropriate representative that you designate, who may 
disclose those records to you in a manner he or she deems appropriate.


Sec.  261a.8  Request for amendment of record.

    (a) Procedures for making request.
    (1) If you wish to amend a record that pertains to you in a system 
of records, you may submit the request in writing to the Secretary of 
the Board (or to the Inspector General for records in a system of 
records maintained by the OIG) in an envelope clearly marked ``Privacy 
Act Amendment Request.''
    (2) Your request for amendment of a record must--
    (i) Identify the system of records containing the record for which 
amendment is requested;
    (ii) Specify the portion of that record requested to be amended; 
and
    (iii) Describe the nature of and reasons for each requested 
amendment.
    (3) We will require you to verify your identity under the 
procedures set forth in Sec.  261a.5(c) of this part, unless you have 
already done so in a related request for access or amendment.
    (b) Burden of proof. Your request for amendment of a record must 
tell us why you believe the record is not accurate, relevant, timely, 
or complete. You have the burden of proof for demonstrating the 
appropriateness of the requested amendment, and you must provide 
relevant and convincing evidence in support of your request.


Sec.  261a.9  Board review of request for amendment of record.

    (a) Time limits. We will acknowledge your request for amendment of 
your record within 10 business days after we receive your request. In 
the acknowledgment, we may request additional information necessary for 
a determination on the request for amendment. We will make a 
determination on a request to amend a record promptly.
    (b) Contents of response to request for amendment. When we respond 
to a request for amendment, we will tell you whether your request is 
granted or

[[Page 63706]]

denied. If we grant your request, we will take the necessary steps to 
amend your record and, when appropriate and possible, notify prior 
recipients of the record of our action. If we deny the request, in 
whole or in part, we will tell you--
    (1) Why we denied the request (or portion of the request);
    (2) That you have a right to appeal; and
    (3) How to file an appeal.


Sec.  261a.10  Appeal of adverse determination of request for access or 
amendment.

    (a) Appeal. You may appeal a denial of a request made pursuant to 
Sec.  261a.5 or Sec.  261a.8 of this part within 10 business days after 
we notify you that we denied your request. Your appeal must--
    (1) Be made in writing with the words ``PRIVACY ACT APPEAL'' 
written prominently on the first page and addressed to the Secretary of 
the Board, Board of Governors of the Federal Reserve System, 20th 
Street and Constitution Avenue, NW., Washington, DC 20551;
    (2) Specify the background of the request; and
    (3) Provide reasons why you believe the initial denial is in error.
    (b) Determination. We will make a determination on your appeal 
within 30 business days from the date we receive it, unless we extend 
the time for good cause.
    (1) If we grant your appeal regarding a request for amendment, we 
will take the necessary steps to amend your record and, when 
appropriate and possible, notify prior recipients of the record of our 
action.
    (2) If we deny your appeal, we will inform you of such 
determination, tell you our reasons for the denial, and tell you about 
your rights to file a statement of disagreement and to have a court 
review our decision.
    (c) Statement of disagreement. (1) If we deny your appeal regarding 
a request for amendment, you may file a concise statement of 
disagreement with the denial. We will maintain your statement with the 
record you sought to amend and any disclosure of the record will 
include a copy of your statement of disagreement.
    (2) When practicable and appropriate, we will provide a copy of the 
statement of disagreement to any prior recipients of the record.

Subpart C--Disclosure of Records


Sec.  261a.11  Restrictions on disclosure.

    We will not disclose any record about you contained in a system of 
records to any person or agency without your prior written consent 
unless the disclosure is authorized by 5 U.S.C. 552a(b).


Sec.  261a.12  Exempt records.

    (a) Information compiled for civil action. This regulation does not 
permit you to have access to any information compiled in reasonable 
anticipation of a civil action or proceeding.
    (b) Law enforcement information. Pursuant to 5 U.S.C. 552a(k)(2), 
we have determined that it is necessary to exempt the systems of 
records listed below from the requirements of the Privacy Act 
concerning access to records, accounting of disclosures of records, 
maintenance of only relevant and necessary information in files, and 
certain publication provisions, respectively, 5 U.S.C. 552a(c)(3), (d), 
(e)(1), (e)(4)(G), (H) and (I), and (f), and Sec. Sec.  261a.5, 261a.7, 
and 261a.8 of this part. The exemption applies only to the extent that 
a system of records contains investigatory materials compiled for law 
enforcement purposes.

(1) BGFRS-1 Recruiting and Placement Records
(2) BGFRS-2 Personnel Security Systems
(3) BGFRS-4 General Personnel Records
(4) BGFRS-5 EEO Discrimination Complaint File
(5) BGFRS-18 Consumer Complaint Information
(6) BGFRS-21 Supervisory Enforcement Actions and Special Examinations 
Tracking System
(7) BGFRS-31 Protective Information System
(8) BGFRS-32 Visitor Registration System
(9) BGFRS-36 Federal Reserve Application Name Check System
(10) BGFRS-37 Electronic Applications
(11) BGFRS/OIG-1 OIG Investigative Records

    (c) Confidential references. Pursuant to 5 U.S.C. 552a(k)(5), we 
have determined that it is necessary to exempt the systems of records 
listed below from the requirements of the Privacy Act concerning access 
to records, accounting of disclosures of records, maintenance of only 
relevant and necessary information in files, and certain publication 
provisions, respectively, 5 U.S.C. 552a(c)(3), (d), (e)(1), (e)(4)(G), 
(H) and (I), and (f), and Sec. Sec.  261a.5, 261a.7, and 261a.8 of this 
part. The exemption applies only to the extent that a system of records 
contains investigatory material compiled to determine an individual's 
suitability, eligibility, and qualifications for Board employment or 
access to classified information, and the disclosure of such material 
would reveal the identity of a source who furnished information to the 
Board under a promise of confidentiality.

(1) BGFRS-1 Recruiting and Placement Records
(2) BGFRS-2 Personnel Security Systems
(3) BGFRS-4 General Personnel Records
(4) BGFRS-10 General Files on Board Members
(5) BGFRS-11 Official General Files
(6) BGFRS-13 Federal Reserve System Bank Supervision Staff 
Qualifications
(7) BGFRS-14 General File on Federal Reserve Bank and Branch Directors
(8) BGFRS-25 Multi-Rater Feedback Records
(9) BGFRS/OIG-1 OIG Investigative Records
(10) BGFRS/OIG-2 OIG Personnel Records

    (d) Criminal law enforcement information. Pursuant to 5 U.S.C. 
552a(j)(2), we have determined that the OIG Investigative Records 
(BGFRS/OIG-1) are exempt from the Privacy Act, except the provisions 
regarding disclosure, the requirement to keep an accounting, certain 
publication requirements, certain requirements regarding the proper 
maintenance of systems of records, and the criminal penalties for 
violation of the Privacy Act, respectively, 5 U.S.C. 552a(b), (c)(1), 
and (2), (e)(4)(A) through (F), (e)(6), (e)(7), (e)(9), (e)(10), 
(e)(11) and (i).

    By order of the Board of Governors of the Federal Reserve 
System, October 4, 2010.
Robert deV. Frierson,
Deputy Secretary of the Board.
[FR Doc. 2010-25367 Filed 10-15-10; 8:45 am]
BILLING CODE 6210-01-P