ML20151D552
| ML20151D552 | |
| Person / Time | |
|---|---|
| Issue date: | 04/28/1978 |
| From: | Felton J NRC OFFICE OF ADMINISTRATION (ADM) |
| To: | Haase W OFFICE OF MANAGEMENT & BUDGET |
| Shared Package | |
| ML20151D555 | List: |
| References | |
| NUDOCS 8804140309 | |
| Download: ML20151D552 (7) | |
Text
.c . - * . . . . . , .. ...-<...s..s.,.>.s.--..v,.s.s..... ,...,s... . . , . . . . ... ..<.r.-. . - ,,.)
1
$.' . . (j
$p
((Nacia' 2*g i- UNITED STATES NUCLEAR REGULATORY COMMISSION
- )^ Y
< o WASHING TON, D. C. 20666 O E g
s,,,<**
Mr. Walter W. Haase APR 2 81978 Deputy Associate Director for Infonnation Systems Policy Office of Management and Budget Executive Office of the President -
Washington, D. C. 20503
Dear Mr. Haase:
)
In accordance with Transmittal Memorandum No. 4 to 0MB Circular No. A-108, I am enclosing five copies of the "1977 Annual Report of the Nuclear Regulatory Conmission on the Administration of the Privacy Act of 1974".
I also am enclosing for your information copies of Manual Chapter l NRC-0204, Privacy Act, which is referred to in the report. !
, / '
J. . Felton, Director Division of Rules and Records Office of Administration
Enclosures:
As stated i
I l
I l
l l
APPENDIX A
~
8804140309 700420 PDR ORG EUSOMH PDR
..m....~.m......... . . ~ . . . . . . . . .. , . . . . - , . . . . . . .........;..,.x.._..-..
- 3. . ... .. ,. -~.
1977 EdNUAL REPORT OF THE NUCLEAR REGULATORY COMMISSION ON THE ADMINISTRATION OF THE PRIVACY ACT OF 1974
- a. Summary of Accomplishments and Future Plans (1) Protecting individual privacy During 1977 the NRC completed and issued NRC Manual Chapter 0204, "Privacy Act," as part of its management directives system.
Copies of the new Manual Chapter were given to all NRC employees. The Manual Chapter defines in detail the objectives, responsibiliites, requirements, and procedures established by the NRC to implement the provisions of the Privacy Act of 1974. In particular, it specifies procedures and requirements to assure that the NRC collects, maintains, uses, and disseminates records of identifiable personal information in a manner that assures that the information is for a necessary and lawful purpose, that it is current and accurate for its intended use, and that adequate safeguards are provided to prevent misuse of the information.
In addition, during 1977 the NRC conducted meetings at each of its I five Regional Offices to inform the staff of the requirements of the Privacy Act in protecting personal privacy and to inform individuals of their rights under the Act to obtain information.
During 1978, the NRC plans to make a concerted effort to review each system of records (a) to assure that the information maintained within the system is relevant, timely, accurate, complete, anc necessary for an agency purpose, and (b) to assure that the procedures for accounting for disclosures pursuant to subsection (c) of the Act are being implemented properly.
(2) Reducing the scope of personal recordkeeping The NRC currently maintains 36 personal data systems subject to i the Privacy Act of 1974. These systems contain records covering about l 325,000 individuals. Over 75 percent of these are persons who have been subject to radiation exposure in the course of their duties in the nuclear industry. Another 5 percent are individuals who are on NRC mailing lists at their own request. The remaining individuals on whom the NRC maintains records are primarily NRC employees, NRC licensees, and individuals who have corresponded with the NRC on miscellaneous matters. '
APPENDIX A
~.............-.a. ~ ,. <.,w-.-
. ( .
1 NRC systems of records are periodically screened to remove obsolete information, in accordance with approved record disposal schedules.
Although the NRC created no new systems of records in 1977, the nonnal ,
growth in the licensed nuclear industry and NRC employment created a '
significant increase in the number of individuals about whom information is maintained,
- b. Scope and Nature of Federal Personal Recordkeeping (1) Inventory of Federal personal data systems In accordance with Transmittal Memorandum No. 4 to OMB Circular No. A-108, the NRC Inventory of Federal Personal Data Systems was transmitted from J. M. Felton to Walter W. Haase, Deputy Associate Director for Information Systems Policy, OMB, on March 6,1978. '
(2) Analysis of changes to systems of records During 1977 the NRC created no new systems of records. Three systems of records which previously had been manual were fully automated, :
and one system which was manual was partially automated. In each case the decision to automate was made to increase efficiencies and to improve management reporting; i j
- c. Agency Administration of the Act i l
(1) Mcountingfordisclosures(subsection (c)) !
Virtually all disclosures outside the NRC concerned information required to be released pursuant to the Freedom of Information Act, are )
routine payroll and accounting information made available to Federal, ;
State, and local taxing authorities, or are disclosures of investigative i and security information to other agencies under the NRC's published '
routine uses. Of the 125 Privacy Act requests received by the NRC in 1977, only four persons requested an accounting of disclosures.
(2) Maintenance of on,1y that information necessary for an authorized function (subsection (e)(1))
Each NRC system of records notice published in the Federal l Register contains the specific authority for the maintenhnce of the '
information in the system. As indicated previously in response to item a.(1), the NRC plans to review each system in IC78 to assure that only i necessary information is maintained therein.
(3) Publication requirements (subsections (e)(4), (e)(11), (f))
During 1977, more than 90 percent of the requests received by the NRC were from present or fonner NRC employees who had actual notice of the systems of records maintained. Requests received from the public APPENDIX A
^
~ . . . . . . . . , . . .. .....L..n. .. - .. . M~- - ~ *" ' "-'~' ~"
(~
did not usually specify a specific system of records, but rather were general requests for all records about the individual. It thus appears
' that members of the general pubite did not make reference to the Federal Register Notice prior to submitting their requests.
(4) Standard of accuracy, relevance, timeliness, and completeness (subsection (e)(5))
This standard has been called to the attention of all employees in meetings and by means of the Privacy Act Manual Chapter which was issued to all employees. As indicated previously, compliance with this standard will be reviewed during 1978.
(5) Validation of records before disclosure outside the agency (subsection (e)(6))
As indicated previously in response to item c.(1), there are few disclosures outside the agency that are subject to this subsection, and the NRC has sought to assure that those records which are disclosed are accurate, complete, timely, and relevant for an agency purpose.
(6) Restrictions on recordkeeOng about First Amerdment activities (subsection (e)(7))
Except as authorized by subsection (e)(7), the NRC maintains no records about how any individual exercises First Amendment rights.
(7) Rules of conduct for agency personnel (subsection (e)(9))
The NRC Privacy Act Manual Chapter specifies the rules of conduct required of system managers and other persons involved in the design, development, operation, or maintenance of any NRC system of records.
(8) Safeguards on information (subsection (e)(10))
The necessary safeguards required to insure the security and confidentiality of records are discussed in the Privacy Act Manual ,
Chapter and specified in the NRC Notice of Systems of Records.
i l
APPENDIX A
. . . . . . . .. . . . .. ... . .. -. o . <-
~
(.
(9) Operation of the exemption provisions (subsection (j) and (k))
Portions of 13 NRC systems of records are exempt from subsections (c)(3); (d); (e)(1); (e)(4)(G), (H) and (I); and (f) of the Privacy Act.
The only exemption exercised by the NRC in 1977 was that concerning access under subsection (d)(1). This exemption was exercised pursuant to subsection (k)(5) on three occasions in order to withhold the identity of a confidential source who furnished information to the NRC under an implied promise of confidentiality. The procedures and policies developed by the NRC to permit at:ess by individuals to systems of records, including exempt systems, are set forth in the Privacy Act Manual Chapter.
- d. Changes in Patterns of Information Exchange (1) Has the requirement that information be collected to the extent practicable from the individual (subsection (e)(2)) significantly affected agency information collection practices?
This requirement has had no noticeable effect upon NRC information collection practices.
(2) Has there been a change in the willingness of individuals to provide infomation about themselves? Has the privacy notification statement required by subsection (e)(3) made a perceptible difference?
There is an increasing awareness by individuals of the requirements of the Privacy Act and of their right to obtain Privacy Act Statements concerning the purpose of their furnishing information and its interded use by the agency. However, there has been no significant change in the willingness of individuals to provide information about themselves.
(3) Has there been a change in the amount and/or quality of information available from third party sources? Are pledges of confidentiality regularly requested?
There has been a noticeable decrease in the willingness of companies, particularly larger corporations, to furnish information in response to personnel reference checks concerning applicants for employment.
Approximately 50 percent of those persons furnishing information to the NRC, in response to personnel reference checks, request a pledge of confidentiality. The NRC also has experienced a marked decrease in the amount of information obtained through the FBI and Civil Service Commission in regard to NRC personnel security investigations.
APPENDIX A
. . ....... . . . . .. . . . . . . .. . . . . . . . ..............,_.....m.... .. . . . . .
T l
(4) Has it become necessary to develop alternative sources of information? If so, describe them.
Where information is not furnished by an applicant's previous employer, the NRC seeks to obtain from the applicant additional personal references, preferably individuals who have worked with the applicant in the past and who know the applicant's work habits and experience.
(5) How have the Act's limitations on the disclosure of information affected agency activities?
There has been no noticeable impact on agency activities.
(6) Were any new policies regarding the routine use provisions i adopted during the year? Describe any major new routine uses which were established, including the purpose for the routine use, the recipient of the information, and the reason ,
for its establishment?
No new routine uses for NRC systems of records, or policies regarding routine uses, were adopted in 1977.
(7) How have the State and local privacy and freedom of information '
laws affected the exchange of information?
As indicated in response to item d.(3), there has been a decrease in tne investigative agencies' ability to obtain information with respect to personnel security investigations performed for the NRC. We are not .
in a position to siy, however, the extent to which this is the result of 1 State and local privacy and freedom of information laws. !
- e. Exercise of Individual Rights l (1) Processing of requests (a) Requests for access to records 125 Requests to amend records 0 Requests granted in full 121*
Requests granted in part 3 Requests pending 1
{
(b) Appeals (decision sustained) 1 (c) Civil actions filed 0
- Includes four joint F0IA/ Privacy Act requests in which some documents, l not contained within systems of records, were denied on the basis of j F0IA only, j APPENDIX A
~ . . .
(2) Information about requests (a) Ninety-four percent of the requests received by the NRC were made by, or on behalf of, current or former Federal employees. Six percent of the requests were made by members of the general public.
(b) Requests citing Privacy Act only 105 Requests citing Privacy Act & F0IA 18 Requests citing neither Act 2 In accordance with OMB Circular A-108, when a request specifies and may be processed under both the F0IA and the Privacy Act, or specifies neither Act, the Privacy Act procedures set forth in the Commission's regulations (Subpart B of 10 CFR Part 9) and the Privacy Act Manual Chapter are followed.
(c) Ninety-three of the 125 requests received in 1977 identified specific systems of records, either by section number or by type of records sought (i.e. personnel files, security files, performance appraisals, etc.).
(d) Of the 125 requests received,121 requests included exempt systems of records within the scope of the request. Of these 117 were granted in full, and one request was pending at the end of the year.
- f. Public Scrutiny of Federal Personal Recordkeeping Practices In 1977 the NRC made no substantive amendments to its systems of records or its regulations in Subpart B of 10 CFR Part 9 implementing the Privacy Act. Thus, no coments have been received.
- g. Problems Areas and Recomendations for Change The NRC has had no major problems in connection with implementation of the Privacy Act and has no recommendations for change.
APPENDIX A