28 CFR 700.26 – Employee standards of conduct
(a) The Office shall inform its employees of the provisions of the Privacy Act, including the Act’s civil liability and criminal penalty provisions. The Office also shall notify its employees that they have a duty to—
Terms Used In 28 CFR 700.26
- Statute: A law passed by a legislature.
(1) Protect the security of records,
(2) Assure the accuracy, relevance, timeliness, and completeness of records,
(3) Avoid the unauthorized disclosure, either verbal or written, of records, and
(4) Ensure that the Office maintains no system of records without public notice.
(b) Except to the extent that the Privacy Act permits such activities, an employee of the Office of Independent Counsel shall:
(1) Not collect information of a personal nature from individuals unless the employee is authorized to collect such information to perform a function or discharge a responsibility of the Office;
(2) Collect from individuals only that information that is necessary to the performance of the functions or to the discharge of the responsibilities of the Office;
(3) Collect information about an individual directly from that individual, whenever practicable;
(4) Inform each individual from whom information is collected of—
(i) The legal authority that authorizes the Office to collect such information,
(ii) The principal purposes for which the Office intends to use the information,
(iii) The routine uses the Office may make of the information, and
(iv) The effects upon the individual of not furnishing the information;
(5) Maintain all records that are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as to assure fairness to the individual in the determination;
(6) Except as to disclosures to an agency or pursuant to 5 U.S.C. § 552a(b)(2), make reasonable efforts, prior to disseminating any record about an individual, to assure that such records are accurate, relevant, timely, and complete;
(7) Maintain no record concerning an individual’s religious or political beliefs or activities, or his membership in associations or organizations, unless—
(i) The individual has volunteered such information for his own benefit,
(ii) A statute expressly authorizes the Office to collect, maintain, use or disseminate the information, or
(iii) The individual’s beliefs, activities, or membership are pertinent to and within the scope of an authorized law-enforcement or correctional activity;
(8) Notify the head of the Office of the existence or development of any system of records that has not been disclosed to the public;
(9) When required by the Act, maintain an accounting in the prescribed form of all disclosures of records by the Office to agencies or individuals whether verbally or in writing;
(10) Disclose no record to anyone, except within the Office, for any use, unless authorized by the Act;
(11) Maintain and use records with care to prevent the inadvertent disclosure of a record to anyone; and
(12) Notify the head of the Office of any record that contains information that the Act or the foregoing provisions of this paragraph do not permit the Office to maintain.
(c) Not less than once a year, the head of each Office shall review the systems of records maintained by that Office to ensure that the Office is in compliance with the provisions of the Privacy Act.