Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

Code · CFR · Title 22 — Foreign Relations · Part 1101 — Privacy Act of 1974 · § 1101.5

§ 1101.5. Security, confidentiality and protection of records.

409 words·~2 min read·/us/cfr/t22/s§ 1101.5·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

(a)The Act requires that records subject to the Act be maintained with appropriate administrative, technical and physical safeguards to ensure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience or unfairness to any individual on whom information is maintained.
(b)When maintained in manual form (typed, printed, handwritten, etc.) records shall be maintained, at a minimum, subject to the following safeguards, or safeguards affording comparable protection:
(1)Areas in which the records are maintained or regularly used shall be posted with an appropriate warning stating that access to the records is limited to authorized persons. The warning shall also summarize the requirements of § 1101.3 and state that the Act contains a criminal penalty for the unauthorized dislosure of records to which it applies.
(2)During working hours:
(i)The area in which the records are maintained or regularly used shall be occupied by authorized personnel or
(ii)access to the records shall be restricted by their storage in locked metal file cabinets or a locked room.
(3)During non-working hours, access to the records shall be restricted by their storage in locked metal file cabinets or a locked room.
(4)Where a locked room is the method of security provided for a system, that security shall be supplemented by:
(i)Providing lockable file cabinets or containers for the records or
(ii)changing the lock or locks for the room so that they may not be opened with a master key. For purposes of this paragraph, a master key is a key which may be used to open rooms other than the room containing records subject to the Act, unless those rooms are utilized by officials or employees authorized to have access to the records subject to the Act.
(5)Personnel handling personal information during routine use will ensure that the information is properly controlled to prevent unintentional or unauthorized disclosure. Such information will be used, held, or stored only where facilities or conditions are adequate to prevent unauthorized or unintentional disclosure.
(c)When the records subject to the Act are maintained in computerized form, safeguards shall be utilized based on those recommended in the National Bureau of Standard's booklet "Computer Security Guidelines for Implementing the Privacy Act of 1974" (May 30, 1975), and any supplements thereto, which are adequate and appropriate to assuring the integrity of the records.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.