Introduction to the Privacy Act
What is the Freedom of Information Act?
In the course of its daily business, the Federal Government keeps hundreds of databases on individuals. In 1974, Congress created the Privacy Act, 5 U.S.C. § 552a, in response to concerns about how the creation and use of computerized databases might impact individuals' privacy rights. The Privacy Act (1) grants individuals rights of access to agency records maintained on themselves, but only if the records are maintained in a Privacy Act System of Records; (2) restricts disclosure of personally identifiable records; (3) grants individuals the right to seek correction of agency records maintained on themselves upon a showing that the records are not accurate, relevant, or complete; and (4) establishes a code of "fair information practices "to comply with statutory requirements for the collection, maintenance, and dissemination of records.
Privacy Impact Assessments and Personally Identifiable Information
Agencies are required to conduct privacy impact assessments (PIAs) for manual and automated information systems and collections. PIAs identify and assess how agencies handle personally identifiable information (PII) (PDF; 157KB) and they determine if the system is a Privacy Act System of Record. PII is any information about an individual that that can be used to distinguish or trace an individual's identity and that is linked or linkable to that individual; for example, a person's name combined with his/her social security number, or date of birth, or mother's maiden name, or biometric records, etc. PII should not be confused with "private" information, which is information that an individual prefers not to make publicly known, e.g., because of the information's sensitive nature. PII is much broader in scope and includes all information that can be used to directly or indirectly identify individuals.
What is a Privacy Act System of Record?
A System of Record (SOR) is any group of records from which information is retrieved by an individual's name, social security number, or other identifying number, symbol or particular unique to the individual. The Privacy Act requires agencies to publish a notice in the Federal Register when establishing or revising an SOR. A SOR notice explains the legal authority for collecting and storing the records, individuals about whom records will be collected, what kinds of information will be collected, and how the records will be used. A SOR does not exist nor is a SOR notice required if personal information is not retrieved by a unique identifier. GIPSA maintains the following SORs.
- USDA/P&SA-2: Persons Engaged in Business as Livestock Market Agencies and Dealers under the Provisions of the Packers and Stockyards Act (PDF; 41KB)
- USDA/FGIS-1: Employment History Records of Licensed Nonfederal Employees (PDF; 671KB)
- USDA/FGIS-2: Investigations Undertaken by the Government Pursuant to the USGSA or AMA (PDF; 670KB)
- USDA/FGIS-4:Non-violation Case File System on Individuals Subject to the USGSA or AMA (PDF; 572KB)
- USDA/FGIS-6:Conflict of Interest of Employees of Official Agencies and of Individuals under Contract with FGIS (PDF; 762KB)
How do I know if GIPSA has a file on me?
Agencies are generally required to inform you, upon request, whether or not they have files on you; and further are required to report publicly the existence of all systems of records they keep on individuals.
How to Request Information under the Privacy Act
You may write to the Privacy Act Officer or to the GIPSA Administrator to request access to or to amend your record; however, only United States citizens and aliens lawfully admitted for permanent residence are eligible to file a PA request.
Privacy Act Officer
USDA, GIPSA, MBS
1400 Independence Avenue, S.W.
Washington, D.C. 20250-3642
1400 Independence Avenue, S.W.
Washington, D.C. 20250-3610
GIPSA accepts requests for records under the Privacy Act only by mail or commercial carrier. GIPSA cannot accept Privacy Act requests by email because we must have the requester's signature.
You must submit your request in writing, include your full name and date and place of birth, identify the GIPSA Privacy Act System of Records you wish to have searched, and include as much detail as possible to identify the information requested or sought to be amended. Remember to sign your request and provide some form of identity (such as a copy of your driver's license) that reflects your full name and address.
Indicate clearly on your correspondence and envelope "Privacy Act Request" to ensure timely response and provide your return address, telephone number, and email address (if applicable) with the request.
If the records sought are to be disclosed to someone other than you, GIPSA requires your written consent authorizing release of the records to that person. Records maintained on individuals will be released unless they are exempt from disclosure, in accordance with the Privacy Act and/or the Freedom of Information Act.
What is the cost for obtaining records under the Privacy Act?
The Privacy Act allows requestors to be charged only for the cost of copying records for you - not for the time spent locating them.
What if you find that GIPSA has incorrect information about you in its files?
Agencies that maintain personal information about individuals must keep complete, accurate, timely, and relevant files. If, after seeing your file, you believe that it contains incorrect information and that it should be amended, you may write to GIPSA's Privacy Act Officer. Identify each particular record in question; state the amendment or correction that you want; and state why you believe that the record is not accurate, relevant, timely, or complete. GIPSA will notify you within 10 working days from when it receives an amendment request if your request is granted or denied.
If granted, GIPSA will describe the amendment or correction made and will advise you of your right to obtain a copy of the corrected or amended record.
GIPSA will inform you of the reason(s) for refusing to amend your record and will provide you the opportunity to request a review of its refusal. GIPSA will complete its review and make a final determination within 30 working days from the date your request is received, unless the Administrator extends the time frame. If the reviewing official also refuses to amend your record, GIPSA will permit you to file a concise statement setting forth the reasons for your disagreement with the refusal and attach that statement to the record involved. GIPSA also will notify you how you can seek judicial review of the reviewing official's determination.