Regulations last checked for updates: Nov 25, 2024

Title 5 - Administrative Personnel last revised: Oct 24, 2024
§ 2606.201 - Requests for access.

(a) Records in an OGE Governmentwide system of records. An individual requesting access to records pertaining to him in an OGE Governmentwide system of records should submit a written request, which includes the words “Privacy Act Request” on both the envelope and at the top of the request letter, to the appropriate system manager as follows:

(1) Records filed directly with OGE by non-OGE employees: The Deputy Director, Office of Agency Programs, Office of Government Ethics, Suite 500, 1201 New York Avenue, NW., Washington, DC 20005-3917;

(2) Records filed with a Designated Agency Ethics Official (DAEO) or the head of a department or agency: The DAEO at the department or agency concerned; or

(3) Records filed with the Federal Election Commission by candidates for President or Vice President: The General Counsel, Office of General Counsel, Federal Election Commission, 999 E Street, NW., Washington, DC 20463.

(b) Records in an OGE Internal System of Records. An individual requesting access to records pertaining to him in an OGE internal system of records should submit a written request, which includes the words “Privacy Act Request” on both the envelope and at the top of the request letter, to the Deputy Director, Office of Administration and Information Management, Office of Government Ethics, Suite 500, 1201 New York Avenue, NW., Washington, DC 20005-3917.

(c) Content of request. (1) A request should contain a specific reference to the OGE system of records from which access to the records is sought. Notices of OGE systems of records subject to the Privacy Act are published in the Federal Register, and copies of the notices are available on OGE's Web site at http://www.usoge.gov, or upon request from OGE's Office of General Counsel and Legal Policy. A biennial compilation of such notices also is made available online and published by the Office of Federal Register at the GPO Access Web site (http://www.access.gpo.gov/su_docs/aces/PrivacyAct.shtml) in accordance with 5 U.S.C. 552a(f) of the Act.

(2) If the written inquiry does not refer to a specific system of records, it should include other information that will assist in the identification of the records for which access is being requested. Such information may include, for example, the individual's full name (including her maiden name, if pertinent), dates of employment, social security number (if any records in the system include this identifier), current or last place and date of Federal employment. If the request for access follows a prior request to determine if an individual is the subject of a record, the same identifying information need not be included in the request for access if a reference is made to that prior correspondence, or a copy of the response to that request is attached.

(3) The request should state whether the requester wants a copy of the record, or wants to examine the record in person.

§ 2606.202 - OGE or other agency action on requests.

A response to a request for access should include the following:

(a) A statement that there is a record or records as requested or a statement that there is not a record in the system of records;

(b) The method of access (if a copy of all the records requested is not provided with the response);

(c) The amount of any fees to be charged for copies of records under § 2606.206 of this part or other agencies' Privacy Act regulations as referenced in that section;

(d) The name, title, and telephone number of the official having operational control over the record; and

(e) If the request is denied in whole or in part, or no record is found in the system, a statement of the reasons for the denial, or a statement that no record has been found, and notice of the procedures for appealing the denial or no record finding.

§ 2606.203 - Granting access.

(a) The methods for allowing access to records, when such access has been granted by OGE or the other agency concerned are:

(1) Examination in person in a designated office during the hours specified by OGE or the other agency;

(2) Providing photocopies of the records; or

(3) Transfer of records at the option of OGE or the other agency to another more convenient Federal facility.

(b) When a requester has not indicated whether he wants a copy of the record, or wants to examine the record in person, the appropriate system manager may choose the means of granting access. However, the means chosen should not unduly impede the data subject's right of access. A data subject may elect to receive a copy of the records after having examined them.

(c) Generally, OGE or the other agency concerned will not furnish certified copies of records. When copies are to be furnished, they may be provided as determined by OGE or the other agency concerned.

(d) When the data subject seeks to obtain original documentation, the Office and the other agencies concerned reserve the right to limit the request to copies of the original records. Original records should be made available for review only in the presence of the appropriate system manager or his designee.

Note to paragraph (d) of § 2606.203:

Section 2071(a) of title 18 of the United States Code makes it a crime to conceal, remove, mutilate, obliterate, or destroy any record filed in a public office, or to attempt to do so.

(e) Identification requirements—(1) Access granted in person—(i) Current or former employees. Current or former employees requesting access to records pertaining to them in a system of records may, in addition to the other requirements of this section, and at the sole discretion of the official having operational control over the record, have their identity verified by visual observation. If the current or former employee cannot be so identified by the official having operational control over the records, adequate identification documentation will be required, e.g., an employee identification card, driver's license, passport, or other officially issued document with a picture of the person requesting access.

(ii) Other than current or former employees. Individuals other than current or former employees requesting access to records pertaining to them in a system of records must produce adequate identification documentation prior to being granted access. The extent of the identification documentation required will depend on the type of records to be accessed. In most cases, identification verification will be accomplished by the presentation of two forms of identification with a picture of the person requesting access (such as a driver's license and passport). Any additional requirements are specified in the system notices published pursuant to subsection (e)(4) of the Act.

(2) Access granted by mail. For records to be accessed by mail, the appropriate system manager shall, to the extent possible, establish identity by a comparison of signatures in situations where the data in the record is not so sensitive that unauthorized access could cause harm or embarrassment to the individual to whom they pertain. No identification documentation will be required for the disclosure to the data subject of information required to be made available to the public by 5 U.S.C. 552,the. When, in the opinion of the system manager, the granting of access through the mail could reasonably be expected to result in harm or embarrassment if disclosed to a person other than the individual to whom the record pertains, a notarized statement of identity or some similar assurance of identity may be required.

(3) Unavailability of identification documentation. If an individual is unable to produce adequate identification documentation, the individual will be required to sign a statement asserting identity and acknowledging that knowingly or willfully seeking or obtaining access to records about another person under false pretenses may result in a criminal fine of up to $5,000 under subsection (i)(3) of the Act. In addition, depending upon the sensitivity of the records sought to be accessed, the appropriate system manager or official having operational control over the records may require such further reasonable assurances as may be considered appropriate, e.g., statements of other individuals who can attest to the identity of the data subject. No verification of identity will be required of data subjects seeking access to records which are otherwise available to any person under 5 U.S.C. 552.

(4) Inadequate identification. If the official having operational control over the records in a system of records determines that an individual seeking access has not provided sufficient identification documentation to permit access, the official shall consult with the appropriate system manager prior to denying the individual access. Whenever the system manager determines, in accordance with the procedures herein, that access will not be granted, the response will also include a statement of the procedures to obtain a review of the decision to deny access in accordance with § 2606.205.

(f) Access by the parent of a minor, or legal guardian. A parent of a minor, upon presenting suitable personal identification as otherwise provided under this section, may access on behalf of the minor any record pertaining to the minor in a system of records. A legal guardian, upon presentation of documentation establishing guardianship and suitable personal identification as otherwise provided under this section, may similarly act on behalf of a data subject declared to be incompetent due to physical or mental incapacity or age by a court of competent jurisdiction. Minors are not precluded from exercising on their own behalf rights given to them by the Privacy Act.

(g) Accompanying individual. A data subject requesting access to his records in a system of records may be accompanied by another individual of the data subject's choice during the course of the examination of the record. The official having operational control of the record may require the data subject making the request to submit a signed statement authorizing the accompanying individual's access to the record.

(h) Access to medical records. When a request for access involves medical or psychological records that the appropriate system manager believes requires special handling, the data subject should be advised that the material will be provided only to a physician designated by the data subject. Upon receipt of the designation and upon verification of the physician's identity as otherwise provided under this section, the records will be made available to the physician, who will disclose those records to the data subject.

(i) Exclusion. Nothing in these regulations permits a data subject's access to any information compiled in reasonable anticipation of a civil action or proceeding (see subsection (d)(5) of the Act).

(j) Maximum access. This regulation is not intended to preclude access by a data subject to records that are available to that individual under other processes, such as the Freedom of Information Act (5 U.S.C. 552) or the rules of civil or criminal procedure, provided that the appropriate procedures for requesting access thereunder are followed.

§ 2606.204 - Request for review of an initial denial of access.

(a)(1) A data subject may submit a written appeal of the decision by OGE or the other agency to deny an initial request for access to records or a no record response.

(i) For records filed directly with OGE, the appeal must be submitted to the Director, Office of Government Ethics, Suite 500, 1201 New York Avenue, NW., Washington, DC 20005-3917.

(ii) For records in OGE's executive branch Governmentwide systems of records that are filed directly with an agency (including the Federal Election Commission) other than OGE, the appeal must be submitted to the Privacy Act access appeals official as specified in the agency's own Privacy Act regulations or the respective head of the agency concerned if it does not have any Privacy Act regulations.

(2) The words “Privacy Act Appeal” should be included on the envelope and at the top of the letter of appeal.

(b) The appeal should contain a brief description of the records involved or copies of the correspondence from OGE or the agency in which the initial request for access was denied. The appeal should attempt to refute the reasons given by OGE or the other agency concerned in its decision to deny the initial request for access or the no record finding.

§ 2606.205 - Response to a request for review of an initial denial of access.

(a) If the OGE Director or agency reviewing official determines that access to the records should be granted, the response will state how access will be provided if the records are not included with the response.

(b) Any decision that either partially or fully affirms the initial decision to deny access shall inform the requester of the right to seek judicial review of the decision in accordance with 5 U.S.C. 552a(g) of the Privacy Act.

§ 2606.206 - Fees.

(a) Fees for records filed with OGE—(1) Services for which fees will not be charged:

(i) The search and review time expended by OGE to produce a record;

(ii) The first copy of the records provided; or

(iii) The Office of Government Ethics making the records available to be personally reviewed by the data subject.

(2) Additional copies of records. When additional copies of records are requested, an individual may be charged $.15 per page.

(i) Notice of anticipated fees in excess of $25.00. If the charge for these additional copies amounts to more than $25.00, the requester will be notified and payment of fees may be required before the additional copies are provided, unless the requester has indicated in advance his willingness to pay fees as high as those anticipated.

(ii) Advance payments. An advance payment before additional copies of the records are made will be required if:

(A) The Office estimates or determines that the total fee to be assessed under this section is likely to exceed $250.00. When a determination is made that the allowable charges are likely to exceed $250.00, the requester will be notified of the likely cost and will be required to provide satisfactory assurance of full payment where the requester has a history of prompt payment of Privacy Act fees, or will be required to submit an advance payment of an amount up to the full estimated charges in the case of requesters with no history of payment; or

(B) The requester has previously failed to pay a Privacy Act fee charged in a timely fashion (i.e., within 30 days of the date of the billing). In such cases, the requester may be required to pay the full amount owed plus any applicable interest as provided by paragraph (a)(2)(iii) of this section, and to make an advance payment of the full amount of the estimated fee before the Office begins to process a new request.

(iii) Interest charges. Interest charges on an unpaid bill may be assessed starting on the 31st day following the day on which the billing was sent. Interest shall be at the rate prescribed in 31 U.S.C. 3717 and shall accrue from the date of billing. To collect unpaid bills, the Office will follow the provisions of the Debt Collection Act of 1982, as amended (96 Stat. 1749 et seq.) and the Debt Collection Improvement Act of 1996 (110 Stat. 1321-358 et seq.), including the use of consumer reporting agencies, collection agencies, and offset.

(iv) Remittance. Remittance should be made by either a personal check, bank draft or a money order that is payable to the Department of the Treasury of the United States.

(b) Fees for records filed with agencies other than OGE. An agency shall apply its own Privacy Act fee schedule for records in OGE's executive branch Governmentwide systems that are filed directly with the agency. An agency that does not have a Privacy Act fee schedule may apply the fee schedule in this section.

§ 2606.207 - Accounting of disclosures.

(a) The Office of Government Ethics or the other agency concerned will maintain an accounting of disclosures in cases where records about the data subject are disclosed from OGE's system of records except—

(1) When the disclosure is made pursuant to the Freedom of Information Act, as amended (5 U.S.C. 552); or

(2) When the disclosure is made to those officers and employees of OGE or the other agency which maintains the records who have a need for the records in the performance of their duties.

(b) This accounting of disclosures will be retained for at least five years or for the life of the record, whichever is longer, and will contain the following information:

(1) A brief description of the record disclosed;

(2) The date, nature, and purpose for the disclosure; and

(3) The name and address of the individual, agency, or other entity to whom the disclosure is made.

(c) Under sections 102 and 105 of the Ethics in Government Act, 18 U.S.C. 208(d) and 5 CFR parts 2634 and 2640 of OGE's executive branch regulations, a requester other than the data subject must submit a signed, written application on the OGE Form 201 or agency equivalent form to inspect or receive copies of certain records, such as SF 278 Public Financial Disclosure Reports, Certificates of Divestiture, 18 U.S.C. 208(b)(1) and (b)(3) waivers, and OGE certified qualified blind and diversified trust instruments and other publicly available qualified trust materials. The written application requests the name, occupation and address of the requester as well as lists the prohibitions on obtaining or using the records. These applications are used as the accounting of disclosures for these records.

(d) Except for the accounting of a disclosure made under subsection (b)(7) of the Privacy Act for a civil or criminal law enforcement activity that is authorized by law, the accounting of disclosures will be made available to the data subject upon request in accordance with the access procedures of this part.

authority: 5 U.S.C. 552a,5.S.C. App. (Ethics in Government Act of 1978)
source: 68 FR 27891, May 22, 2003, unless otherwise noted.
cite as: 5 CFR 2606.202