Privacy: Compliance

The Privacy Act of 1974
The Privacy Act of 1974, 5 U.S.C. § 552a (2012) (Privacy Act) governs the collection, maintenance, use, and dissemination of personal information maintained in a system of records by Federal executive branch agencies. The Privacy Act:

• Requires Federal agencies to provide notice of an agency’s system of records through publication of System of Records Notices (SORN). MSPB’s SORNs are listed below.
• Governs how Federal agencies may disclose a record about an individual, either by written consent of the individual or pursuant to one of twelve statutory exceptions.
• Limits disclosure pursuant to one special, two general, and seven specific exemptions.
• Provides individuals a process by which to seek amendment of their records.
• Sets forth Federal agency record-keeping requirements.

System of Records Notices (SORN)
A system of records is defined by the Privacy Act of 1974 as "a group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual."  5 U.S.C. § 552a(a)(5). Agencies are required to publish a System of Records Notice (SORN) for each system of records it maintains. Below are systems of records maintained by MSPB.

• MSPB/GOVT – 1, Appeals and Case Records, 77 Fed. Reg. 65206 (Oct. 25, 2012) governs the information that MSPB collects during the adjudication process at MSPB and sets forth how MSPB maintains and protects appeals and case records, including any decisions rendered during adjudication. Decisions of the Board are posted to the MSPB website and decisions of AJs are available to the public upon request. Information from an appeal file may be disclosed as required by law under the provisions of the Freedom of Information Act and the Privacy Act. See 5 U.S.C. §§ 552, 552a.
• MSPB – 2, Surveys for Special Studies of the Civil Service, 86 Fed. Reg. 7307 (Jan. 27, 2021) governs the information that MSPB collects in order to develop and administer surveys for the special studies of the civil service, such as the Merit Principles Survey (MPS), and to evaluate and distribute the results of such surveys. This system of records contains information that MSPB collects, maintains, and uses regarding individuals who are potential or actual survey respondents (current or former Federal employees). The MPS and other surveys conducted by MSPB are tools that measure Federal employees’ perceptions of whether, and to what extent, Merit Systems Principles are being protected and Prohibited Personnel Practices are being prevented in Federal agencies. Information from this system of records may be disclosed as required by law under the provisions of the Freedom of Information Act and the Privacy Act of 1974. See 5 U.S.C. §§ 552, 552a.
• MSPB – 3, Reasonable Accommodations, 86 Fed. Reg. 73001 (December 23, 2021) governs the information that MSPB collects, maintains, and uses from applicants for employment and employees who request or receive reasonable accommodations or other appropriate modifications from MSPB for medical or religious reasons.
• MSPB-4, Emergency Alert System, 88 Fed. Reg. 60241 (August 31, 2023) governs the information that MSPB collects, maintains, and uses for operational response to critical events to ensure the safety and security of MSPB personnel and physical locations, as well as to keep MSPB personnel up to date on emergencies that may impact MSPB personnel and operations, such as active shooter situations, terrorist attacks, or severe weather conditions.

Privacy Impact Assessments (PIAs)
The E-Government Act of 2002 requires agencies to conduct a privacy impact assessment (PIA) when an agency develops, procures, or uses information technology to create, collect, use, process, store, maintain, disseminate, disclose, or dispose of Personally Identifiable Information (PII). PIAs document what PII MSPB is collecting, why the PII is being collected, and how the PII will be collected, used, accessed, shared, safeguarded and stored.

• Privacy Impact Assessment: Qualtrics
• Privacy Impact Assessment: MSPB Secure File Sharing System
• Privacy Impact Assessment: MSPB Certification of COVID-19 Vaccination Status (Updated EMFS)
• Privacy Impact Assessment: MSPB Reasonable Accommodations System
• Privacy Impact Assessment: Emergency Alert System PIA
• Privacy Impact Assessment: e-Appeal

Privacy Act and Paperwork Reduction Act Statements
The Privacy Act of 1974 requires each agency that will be collecting information as part of a new or modified system of records to provide a Privacy Act Statement on the form used to collect the information or on a separate form that can be retained by the individual. 5 U.S.C. § 552a(e)(3). The Privacy Act Statement should provide information regarding the authority for the collection, the principal purposes for which the information is intended to be used, how the information may be disclosed or shared, and the effects, if any, of not providing the requested information.

• Zoom for Government Privacy Act Statement
• e-Appeal Privacy Act and Paperwork Reduction Act Statements

Matching Notices and Agreements
The Privacy Act of 1974 provides procedural requirements for agencies to follow when engaging in computer-matching activities. Pursuant to 5 U.S.C. § 552a(o), "no record which is contained in a system of records may be disclosed to a recipient agency or non-Federal agency for use in a computer matching program except pursuant to a written agreement between the source agency and the recipient agency or non-Federal agency," subject to other delineated exceptions. Notices for approved computer matching programs are published in the Federal Register. For more information, please email privacy@mspb.gov.

Exemptions to the Privacy Act
The Privacy Act of 1974 provides for one special, two general, and seven specific exemptions. 5 U.S.C. § 552a(d)(5); 5 U.S.C. § 552a(j)(1) and (2); 5 U.S.C. § 552a(k)(1)-(7).

One Special Exemption -- 5 U.S.C. § 552a(d)(5)

Exemption (d)(5) - Information compiled in reasonable anticipation of a civil action or proceeding.

Two General Exemptions -- 5 U.S.C. § 552a(j)

Exemption (j)(1) - System of records maintained by the Central Intelligence Agency, or

Exemption (j)(2) - System of records maintained by an agency or component thereof which performs as its principal function any activity pertaining to the enforcement of criminal laws.

Seven Specific Exemptions -- 5 U.S.C. § 552a(k)

Exemption (k)(1) - applies to systems of records containing information properly classified in the interest of national defense or foreign policy.

Exemption (k)(2) - applies to systems of records containing investigatory material compiled for law enforcement purposes other than material covered by the general law enforcement exemption.

Exemption (k)(3) - applies to systems of records maintained in connection with providing protective services to the President of the United States or other individuals who receive protection from the Secret Service.

Exemption (k)(4) - applies to systems of records required by statute to be maintained and used solely as statistical records.

Exemption (k)(5) - applies to systems of records that contain investigatory material compiled solely to determine suitability, eligibility, or qualifications for Federal civilian employment, military service, Federal contracts, or access to classified information.

Exemption (k)(6) - applies to systems of records that contain testing or examination material used solely to determine individual qualifications for appointment or promotion in Federal service, but only when disclosure would compromise the objectivity or fairness of the testing or examination process. Exemption (k)(7) - applies to systems of records that contain evaluation material used to determine potential for promotion in the armed services.