Friday, March 13, 2015

The Privacy Act of 1974

Have you ever wondered about the security of the information you provide the Government - Information such as tax returns, proposals, cost or pricing data, or data and records in support of an audit? How safe is it, really? Is it accessible by a competitor? By a news organization?

For the most part, contracting records given to contracting officers, contract auditors, GAO, Inspector Generals, etc are safe from further dissemination within the Government and from public disclosure. Such records are protected by the Privacy Act of 1974. Briefly, the Privacy Act states that no agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual (or company) to whom the record pertains.

There are some exceptions to this general rule including
  • For statistical purposes by the Census Bureau and the Bureau of Labor Statistics
  • For routine uses with a U.S. government agency
  • For archival purposes "as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government
  • For law enforcement purposes
  • For congressional investigations
  • Other administrative purposes.
The Privacy Act also requires that each Agency have administrative and physical security systems to prevent the unauthorized release of personal records. These administrative procedures include frequent training on unauthorized use or disclosure of personal information and criteria for disposing information that is no longer needed. So, for example, audit files that have no continuing relevance are boxed and sent to a federal records center where, after a few years, are destroyed. Similar procedures apply to electronic files. 

Notwithstanding the Privacy Act, there have been public (and not so public) disclosures of private information from time to time though it does not seem to be a significant problem. Back in the early 80s when the Government was buying $640 toilet seats, $7,600 coffee makers, and $436 hammers, a lot of contractor proprietary information was exposed. These disclosures came not from the Defense Department but through Congress who had gathered the information through one of the exceptions granted by the Privacy Act.

Generally, contractors need not worry about the security or public disclosure of routine information provided to Governmental agencies. There are sufficient protections in place to prevent that from happening.

No comments:

Post a Comment