cfr_sections
Data license: Public Domain (U.S. Government data) · Data source: Federal Register API & Regulations.gov API
40 rows where part_number = 401 and title_number = 20 sorted by section_id
This data as json, CSV (advanced)
Suggested facets: subpart, subpart_name, amendment_citations
| section_id ▼ | title_number | title_name | chapter | subchapter | part_number | part_name | subpart | subpart_name | section_number | section_heading | agency | authority | source_citation | amendment_citations | full_text |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 20:20:2.0.1.1.2.1.1.1 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | A | Subpart A—General | § 401.5 Purpose of the regulations. | SSA | (a) General. The purpose of this part is to describe the Social Security Administration (SSA) policies and procedures for implementing the requirements of the Privacy Act of 1974, 5 U.S.C. 552a and section 1106 of the Social Security Act concerning disclosure of information about individuals, both with and without their consent. This part also complies with other applicable statutes. (b) Privacy. This part implements the Privacy Act by establishing agency policies and procedures for the maintenance of records. This part also establishes agency policies and procedures under which you can ask us whether we maintain records about you or obtain access to your records. Additionally, this part establishes policies and procedures under which you may seek to have your record corrected or amended if you believe that your record is not accurate, timely, complete, or relevant. (c) Disclosure. This part also sets out the general guidelines which we follow in deciding whether to make disclosures. However, we must examine the facts of each case separately to decide if we should disclose the information or keep it confidential. | |||||
| 20:20:2.0.1.1.2.1.1.2 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | A | Subpart A—General | § 401.10 Applicability. | SSA | (a) SSA. All SSA employees and components are governed by this part. SSA employees governed by this part include all regular and special government employees of SSA; experts and consultants whose temporary (not in excess of 1 year) or intermittent services have been procured by SSA by contract pursuant to 5 U.S.C. 3109; volunteers where acceptance of their services are authorized by law; those individuals performing gratuitous services as permitted under conditions prescribed by the Office of Personnel Management; and, participants in work-study or training programs. (b) Other entities. This part also applies to advisory committees and councils within the meaning of the Federal Advisory Committee Act which provide advice to: Any official or component of SSA; or the President and for which SSA has been delegated responsibility for providing services. | |||||
| 20:20:2.0.1.1.2.1.1.3 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | A | Subpart A—General | § 401.15 Limitations on scope. | SSA | The regulations in this part do not— (a) Make available to an individual records which are not retrieved by that individual's name or other personal identifier. (b) Make available to the general public records which are retrieved by an individual's name or other personal identifier or make available to the general public records which would otherwise not be available to the general public under the Freedom of Information Act, 5 U.S.C. 552, and part 402 of this title. (c) Govern the maintenance or disclosure of, notification about or access to, records in the possession of SSA which are subject to the regulations of another agency, such as personnel records which are part of a system of records administered by the Office of Personnel Management. (d) Apply to grantees, including State and local governments or subdivisions thereof, administering federally funded programs. (e) Make available records compiled by SSA in reasonable anticipation of court litigation or formal administrative proceedings. The availability of such records to the general public or to any subject individual or party to such litigation or proceedings shall be governed by applicable constitutional principles, rules of discovery, and applicable regulations of the agency. | |||||
| 20:20:2.0.1.1.2.1.1.4 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | A | Subpart A—General | § 401.20 Scope. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 65 FR 16812, Mar. 30, 2000; 72 FR 20939, Apr. 27, 2007] | (a) Access. Sections 401.30 through 401.95, which set out SSA's rules for implementing the Privacy Act, apply to records retrieved by an individual's name or personal identifier subject to the Privacy Act. The rules in §§ 401.30 through 401.95 also apply to information developed by medical sources for the Social Security program and shall not be accessed except as permitted by this part. (b) Disclosure —(1) Program records. Regulations that apply to the disclosure of information about an individual contained in SSA's program records are set out in §§ 401.100 through 401.200 of this part. These regulations also apply to the disclosure of other Federal program information which SSA maintains. That information includes: (i) Health insurance records which SSA maintains for the Health Care Financing Administration's (HCFA) programs under title XVIII of the Social Security Act. We will disclose these records to HCFA. HCFA may redisclose these records under the regulations applying to records in HCFA's custody; (ii) Black lung benefit records which SSA maintains for the administration of the Federal Coal Mine Health and Safety Act; (However, this information is not covered by section 1106 of the Social Security Act.) and (iii) Information retained by medical sources pertaining to a consultative examination performed for the Social Security program shall not be disclosed except as permitted by this part. (2) Nonprogram records. Section 401.110 sets out rules applicable to the disclosure of nonprogram records, e.g., SSA's administrative and personnel records. | ||||
| 20:20:2.0.1.1.2.1.1.5 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | A | Subpart A—General | § 401.25 Terms defined. | SSA | Access means making a record available to a subject individual. Act means the Social Security Act. Agency means the Social Security Administration. Commissioner means the Commissioner of Social Security. Disclosure means making a record about an individual available to or releasing it to another party. FOIA means the Freedom of Information Act. Individual when used in connection with the Privacy Act or for disclosure of nonprogram records, means a living person who is a citizen of the United States or an alien lawfully admitted for permanent residence. It does not include persons such as sole proprietorships, partnerships, or corporations. A business firm which is identified by the name of one or more persons is not an individual. When used in connection with the rules governing program information, individual means a living natural person; this does not include corporations, partnerships, and unincorporated business or professional groups of two or more persons. Information means information about an individual, and includes, but is not limited to, vital statistics; race, sex, or other physical characteristics; earnings information; professional fees paid to an individual and other financial information; benefit data or other claims information; the social security number, employer identification number, or other individual identifier; address; phone number; medical information, including psychological or psychiatric information or lay information used in a medical determination; and information about marital and family relationships and other personal relationships. Maintain means to establish, collect, use, or disseminate when used in connection with the term record ; and, to have control over or responsibility for a system of records when used in connection with the term system of records. Notification means communication to an individual whether he is a subject individual. ( Subject individual is defined further on in this section.) Program information means personal information and… | |||||
| 20:20:2.0.1.1.2.2.1.1 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.30 Privacy Act and other responsibilities. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20939, Apr. 27, 2007] | (a) Policy. Our policy is to protect the privacy of individuals to the fullest extent possible while nonetheless permitting the exchange of records required to fulfill our administrative and program responsibilities, and responsibilities for disclosing records which the general public is entitled to have under the Freedom of Information Act, 5 U.S.C. 552, and 20 CFR part 402. (b) Maintenance of records. We will maintain no record unless: (1) It is relevant and necessary to accomplish an SSA function which is required to be accomplished by statute or Executive Order; (2) We obtain the information in the record, as much as it is practicable, from the subject individual if we may use the record to determine an individual's rights, benefits or privileges under Federal programs; (3) We inform the individual providing the record to us of the authority for our asking him or her to provide the record (including whether providing the record is mandatory or voluntary, the principal purpose for maintaining the record, the routine uses for the record, and what effect his or her refusal to provide the record may have on him or her). Further, the individual agrees to provide the record, if the individual is not required by statute or Executive Order to do so. (c) First Amendment rights. We will keep no record which describes how an individual exercises rights guaranteed by the First Amendment unless we are expressly authorized: (1) By statute, (2) By the subject individual, or (3) Unless pertinent to and within the scope of an authorized law enforcement activity. (d) Privacy Officer. The Privacy Officer is an advisor to the Agency on all privacy policy and disclosure matters. The Privacy Officer coordinates the development and implementation of Agency privacy policies and related legal requirements to ensure Privacy Act compliance, and monitors the coordination, collection, maintenance, use and disclosure of personal information. The Privacy Officer also ensures the integration of privacy principles into infor… | ||||
| 20:20:2.0.1.1.2.2.1.10 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.75 Rights of parents or legal guardians. | SSA | For purposes of this part, a parent or guardian of any minor or the legal guardian of any individual who has been declared incompetent due to physical or mental incapacity or age by a court of competent jurisdiction is authorized to act on behalf of a minor or incompetent individual. Except as provided in § 401.45, governing procedures for verifying an individual's identity, and § 401.55(c) governing special procedures for notification of or access to a minor's medical records, if you are authorized to act on behalf of a minor or legal incompetent, you will be viewed as if you were the individual or subject individual. | |||||
| 20:20:2.0.1.1.2.2.1.11 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.80 Accounting for disclosures. | SSA | (a) We will maintain an accounting of all disclosures of a record for five years or for the life of the record, whichever is longer; except that, we will not make accounting for: (1) Disclosures under paragraphs (a) and (b) of § 401.110; and, (2) Disclosures of your record made with your written consent. (b) The accounting will include: (1) The date, nature, and purpose of each disclosure; and (2) The name and address of the person or entity to whom the disclosure is made. (c) You may request access to an accounting of disclosures of your record. You must request access to an accounting in accordance with the procedures in § 401.40. You will be granted access to an accounting of the disclosures of your record in accordance with the procedures of this part which govern access to the related record. We may, at our discretion, grant access to an accounting of a disclosure of a record made under paragraph (g) of § 401.110. | |||||
| 20:20:2.0.1.1.2.2.1.12 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.85 Exempt systems. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 82 FR 16510, Apr. 5, 2017; 83 FR 63416, Dec. 10, 2018; 84 FR 45901, Sept. 3, 2019; 87 FR 25141, Apr. 28, 2022] | (a) General policy. The Privacy Act permits certain types of specific systems of records to be exempt from some of its requirements. Our policy is to exercise authority to exempt systems of records only in compelling cases. (b) Specific systems of records exempted. (1) Those systems of records listed in paragraph (b)(2) of this section are exempt from the following provisions of the Act and this part: (i) 5 U.S.C. 552a(c)(3) and paragraph (c) of § 401.80 of this part which require that you be granted access to an accounting of disclosures of your record. (ii) 5 U.S.C. 552a (d) (1) through (4) and (f) and §§ 401.35 through 401.75 relating to notification of or access to records and correction or amendment of records. (iii) 5 U.S.C. 552a(e)(4) (G) and (H) which require that we include information about SSA procedures for notification, access, and correction or amendment of records in the notice for the systems of records. (iv) 5 U.S.C. 552a(e)(3) and § 401.30 which require that if we ask you to provide a record to us, we must inform you of the authority for our asking you to provide the record (including whether providing the record is mandatory or voluntary, the principal purposes for maintaining the record, the routine uses for the record, and what effect your refusal to provide the record may have on you), and if you are not required by statute or Executive Order to provide the record, that you agree to provide the record. This exemption applies only to an investigatory record compiled by SSA for criminal law enforcement purposes in a system of records exempt under subsection (j)(2) of the Privacy Act to the extent that these requirements would prejudice the conduct of the investigation. (2) The following systems of records are exempt from those provisions of the Privacy Act and this part listed in paragraph (b)(1) of this section: (i) Pursuant to subsection (j)(2) of the Privacy Act, the Investigatory Material Compiled for Law Enforcement Purposes System, SSA. (ii) Pursuant to subsection (k)(2) of t… | ||||
| 20:20:2.0.1.1.2.2.1.13 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.90 Contractors. | SSA | (a) All contracts which require a contractor to maintain, or on behalf of SSA to maintain, a system of records to accomplish an SSA function must contain a provision requiring the contractor to comply with the Privacy Act and this part. (b) A contractor and any employee of such contractor will be considered employees of SSA only for the purposes of the criminal penalties of the Privacy Act, 5 U.S.C. 552a(i), and the employee standards of conduct (see appendix A of this part) where the contract contains a provision requiring the contractor to comply with the Privacy Act and this part. (c) This section does not apply to systems of records maintained by a contractor as a result of his management discretion, e.g., the contractor's personnel records. | |||||
| 20:20:2.0.1.1.2.2.1.14 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.95 Fees. | SSA | (a) Policy. Where applicable, we will charge fees for copying records in accordance with the schedule set forth in this section. We may only charge fees where you request that a copy be made of the record to which you are granted access. We will not charge a fee for searching a system of records, whether the search is manual, mechanical, or electronic. Where we must copy the record in order to provide access to the record (e.g., computer printout where no screen reading is available), we will provide the copy to you without cost. Where we make a medical record available to a representative designated by you or to a physician or health professional designated by a parent or guardian under § 401.55 of this part, we will not charge a fee. (b) Fee schedule. Our Privacy Act fee schedule is as follows: (1) Copying of records susceptible to photocopying—$.10 per page. (2) Copying records not susceptible to photocopying (e.g., punch cards or magnetic tapes)—at actual cost to be determined on a case-by-case basis. (3) We will not charge if the total amount of copying does not exceed $25. (c) Other fees. We also follow §§ 402.155 through 402.165 of this chapter to determine the amount of fees, if any, we will charge for providing information under the FOIA and Privacy Act. | |||||
| 20:20:2.0.1.1.2.2.1.2 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.35 Your right to request records. | SSA | The Privacy Act gives you the right to direct access to most records about yourself that are in our systems of records. Exceptions to this Privacy Act right include— (a) Special procedures for access to certain medical records (see 5 U.S.C. 552a(f)(3) and § 401.55); (b) Unavailability of certain criminal law enforcement records (see 5 U.S.C. 552a(k), and § 401.85); and (c) Unavailability of records compiled in reasonable anticipation of a court action or formal administrative proceeding. The Freedom of Information Act (see 20 CFR part 402) allows you to request information from SSA whether or not it is in a system of records. | |||||
| 20:20:2.0.1.1.2.2.1.3 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.40 How to get your own records. | SSA | (a) Your right to notification and access. Subject to the provisions governing medical records in § 401.55, you may ask for notification of or access to any record about yourself that is in an SSA system of records. If you are a minor, you may get information about yourself under the same rules as for an adult. Under the Privacy Act, if you are the parent or guardian of a minor, or the legal guardian of someone who has been declared legally incompetent, and you are acting on his or her behalf, you may ask for information about that individual. You may be accompanied by another individual of your choice when you request access to a record in person, provided that you affirmatively authorize the presence of such other individual during any discussion of a record to which you are requesting access. (b) Identifying the records. At the time of your request, you must specify which systems of records you wish to have searched and the records to which you wish to have access. You may also request copies of all or any such records. Also, we may ask you to provide sufficient particulars to enable us to distinguish between records on individuals with the same name. The necessary particulars are set forth in the notices of systems of records which are published in the Federal Register. (c) Requesting notification or access. To request notification of or access to a record, you may visit your local social security office or write to the manager of the SSA system of records. The name and address of the manager of the system is part of the notice of systems of records. Every local social security office keeps a copy of the Federal Register containing that notice. That office can also help you get access to your record. You do not need to use any special form to ask for a record about you in our files, but your request must give enough identifying information about the record you want to enable us to find your particular record. This identifying information should include the system of records in which the record is… | |||||
| 20:20:2.0.1.1.2.2.1.4 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.45 Verifying your identity. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20939, Apr. 27, 2007] | (a) When required. Unless you are making a request for notification of or access to a record in person, and you are personally known to the SSA representative, you must verify your identity in accordance with paragraph (b) of this section if: (1) You make a request for notification of a record and we determine that the mere notice of the existence of the record would be a clearly unwarranted invasion of privacy if disclosed to someone other than the subject individual; or, (2) You make a request for access to a record which is not required to be disclosed to the general public under the Freedom of Information Act, 5 U.S.C. 552, and part 402 of this chapter. (b) Manner of verifying identity —(1) Request in person. If you make a request to us in person, you must provide at least one piece of tangible identification such as a driver's license, passport, alien or voter registration card, or union card to verify your identity. If you do not have identification papers to verify your identity, you must certify in writing that you are the individual who you claim to be and that you understand that the knowing and willful request for or acquisition of a record pertaining to an individual under false pretenses is a criminal offense. (2) Request by telephone. If you make a request by telephone, you must verify your identity by providing identifying particulars which parallel the record to which notification or access is being sought. If we determine that the particulars provided by telephone are insufficient, you will be required to submit your request in writing or in person. We will not accept telephone requests where an individual is requesting notification of or access to sensitive records such as medical records. (3) Electronic requests. If you make a request by computer or other electronic means, e.g., over the Internet, we require you to verify your identity by using identity confirmation procedures that are commensurate with the sensitivity of the information that you are requesting. If we cannot confi… | ||||
| 20:20:2.0.1.1.2.2.1.5 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.50 Granting notification of or access to a record. | SSA | (a) General. Subject to the provisions governing medical records in § 401.55 and the provisions governing exempt systems in § 401.85, upon receipt of your request for notification of or access to a record and verification of your identity, we will review your request and grant notification or access to a record, if you are the subject of the record. (b) Our delay in responding. If we determine that we will have to delay responding to your request because of the number of requests we are processing, a breakdown of equipment, shortage of personnel, storage of records in other locations, etc., we will so inform you and tell you when notification or access will be granted. | |||||
| 20:20:2.0.1.1.2.2.1.6 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.55 Access to medical records. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20939, Apr. 27, 2007] | (a) General. You have a right to access your medical records, including any psychological information that we maintain. (b) Medical records procedures —(1) Notification of or access to medical records. (i) You may request notification of or access to a medical record pertaining to you. Unless you are a parent or guardian requesting notification of or access to a minor's medical record, you must make a request for a medical record in accordance with this section and the procedures in §§ 401.45 through 401.50 of this part. (ii) When you request medical information about yourself, you must also name a representative in writing. The representative may be a physician, other health professional, or other responsible individual who will be willing to review the record and inform you of its contents. Following the discussion, you are entitled to your records. The representative does not have the discretion to withhold any part of your record. If you do not designate a representative, we may decline to release the requested information. In some cases, it may be possible to release medical information directly to you rather than to your representative. (2) Utilization of the designated representative. You will be granted direct access to your medical record if we can determine that direct access is not likely to have an adverse effect on you. If we believe that we are not qualified to determine, or if we do determine, that direct access to you is likely to have an adverse effect, the record will be sent to the designated representative. We will inform you in writing that the record has been sent. (c) Medical records of minors —(1) Request by the minor. You may request access to your own medical records in accordance with paragraph (b) of this section. (2) Requests on a minor's behalf; notification of or access to medical records to an individual on a minor's behalf. (i) To protect the privacy of a minor, we will not give to a parent or guardian direct notification of or access to a minor's record, even tho… | ||||
| 20:20:2.0.1.1.2.2.1.7 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.60 Access to or notification of program records about more than one individual. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20940, Apr. 27, 2007] | When information about more than one individual is in one record filed under your social security number, you may receive the information about you and the fact of entitlement and the amount of benefits payable to other persons based on your record. You may receive information about yourself or others, which is filed under someone else's social security number, if that information affects your entitlement to social security benefits or the amount of those benefits. | ||||
| 20:20:2.0.1.1.2.2.1.8 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.65 How to correct your record. | SSA | (a) How to request a correction. This section applies to all records kept by SSA (as described in § 401.5) except for records of earnings. (20 CFR 422.125 describes how to request correction of your earnings record.) You may request that your record be corrected or amended if you believe that the record is not accurate, timely, complete, relevant, or necessary to the administration of a social security program. To amend or correct your record, you should write to the manager identified in the notice of systems of records which is published in the Federal Register (see § 401.40(c) on how to locate this information). The staff at any social security office can help you prepare the request. You should submit any available evidence to support your request. Your request should indicate— (1) The system of records from which the record is retrieved; (2) The particular record which you want to correct or amend; (3) Whether you want to add, delete or substitute information in the record; and (4) Your reasons for believing that your record should be corrected or amended. (b) What we will not change. You cannot use the correction process to alter, delete, or amend information which is part of a determination of fact or which is evidence received in the record of a claim in the administrative appeal process. Disagreements with these determinations are to be resolved through the SSA appeal process. (See subparts I and J of part 404, and subpart N of part 416, of this chapter.) For example, you cannot use the correction process to alter or delete a document showing a birth date used in deciding your social security claim. However, you may submit a statement on why you think certain information should be altered, deleted, or amended, and we will make this statement part of your file. (c) Acknowledgment of correction request. We will acknowledge receipt of a correction request within 10 working days, unless we can review and process the request and give an initial determination of denial or compliance before that t… | |||||
| 20:20:2.0.1.1.2.2.1.9 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | B | Subpart B—The Privacy Act | § 401.70 Appeals of refusals to correct records or refusals to allow access to records. | SSA | [72 FR 20940, Apr. 27, 2007, as amended at 88 FR 1329, Jan. 10, 2023] | (a) General. This section describes how to appeal decisions we make under the Privacy Act concerning your request for correction of or access to your records, those of your minor child, or those of a person for whom you are the legal guardian. This section describes how to appeal decisions made by SSA under the Privacy Act concerning your request for correction of or access to your records, those of your minor child, or those of a person for whom you are the legal guardian. We generally handle a denial of your request for information about another person under the provisions of the Freedom of Information Act (see part 402 of this chapter). To appeal a decision under this section, your request must be in writing. (b) Appeal of refusal to correct or amend records. If we deny your request to correct an SSA record, you may request a review of that decision. As discussed in § 401.65(e), our letter denying your request will tell you to whom to write. (1) We will review your request within 30 working days from the date of the receipt. However, for a good reason and with the approval of the Executive Director for the Office of Privacy and Disclosure, we may extend this time limit up to an additional 30 days. In that case, we will notify you about the delay, the reason for it and the date when the review is expected to be completed. (2) If, after review, we determine that the record should be corrected, we will do so. However, if we refuse to amend the record as you requested, we will inform you that— (i) Your request has been refused and the reason for the refusal; (ii) The refusal is our final decision; and (iii) You have a right to seek court review of our final decision. (3) We will also inform you that you have a right to file a statement of disagreement with the decision. Your statement should include the reason you disagree. We will make your statement available to anyone to whom the record is subsequently disclosed, together with a statement of our reasons for refusing to amend the record. Also, we will… | ||||
| 20:20:2.0.1.1.2.3.1.1 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.100 Disclosure of records with the written consent of the subject of the record. | SSA | [72 FR 20940, Apr. 27, 2007] | (a) General. Except as permitted by the Privacy Act and the regulations in this part, or when required by the FOIA, we will not disclose your records without your written consent. (b) Disclosure with written consent. The written consent must clearly specify to whom the information may be disclosed, the information you want us to disclose (e.g., social security number, date and place of birth, monthly Social Security benefit amount, date of entitlement), and, where applicable, during which timeframe the information may be disclosed (e.g., during the school year, while the subject individual is out of the country, whenever the subject individual is receiving specific services). (c) Disclosure of the entire record. We will not disclose your entire record. For example, we will not honor a blanket consent for all information in a system of records or any other record consisting of a variety of data elements. We will disclose only the information you specify in the consent. We will verify your identity and where applicable (e.g., where you consent to disclosure of a record to a specific individual), the identity of the individual to whom the record is to be disclosed. (d) A parent or guardian of a minor is not authorized to give written consent to a disclosure of a minor's medical record. See § 401.55(c)(2) for the procedures for disclosure of or access to medical records of minors. | ||||
| 20:20:2.0.1.1.2.3.1.10 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.145 Safeguards against unauthorized redisclosure or use. | SSA | (a) The FOIA does not authorize us to impose any restrictions on how information is used after we disclose it under that law. In applying FOIA principles, we consider whether the information will be adequately safeguarded against improper use or redisclosure. We must consider all the ways in which the recipient might use the information and how likely the recipient is to redisclose the information to other parties. Thus, before we disclose personal information we may consider such factors as— (1) Whether only those individuals who have a need to know the information will obtain it; (2) Whether appropriate measures to safeguard the information to avoid unwarranted use or misuse will be taken; and (3) Whether we would be permitted to conduct on-site inspections to see whether the safeguards are being met. (b) We feel that there is a strong public interest in sharing information with other agencies with programs having the same or similar purposes, so we generally share information with those agencies. However, since there is usually little or no public interest in disclosing information for disputes between two private parties or for other private or commercial purposes, we generally do not share information for these purposes. | |||||
| 20:20:2.0.1.1.2.3.1.11 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.150 Compatible purposes. | SSA | [72 FR 20941, Apr. 27, 2007] | (a) General. The Privacy Act allows us to disclose information maintained in a system of records without your consent to any other party if such disclosure is pursuant to a routine use published in the system's notice of system of records. A “Routine use” must be compatible with the purpose for which SSA collected the information. (b) Notice of routine use disclosures. A list of permissible routine use disclosures is included in every system of records notice published in the Federal Register. (c) Determining compatibility —(1) Disclosure to carry out SSA programs. We disclose information for published routine uses necessary to carry out SSA's programs. (2) Disclosure to carry out programs similar to SSA programs. We may disclose information for the administration of other government programs. These disclosures are pursuant to published routine uses where the use is compatible with the purpose for which the information was collected. These programs generally meet the following conditions: (i) The program is clearly identifiable as a Federal, State, or local government program. (ii) The information requested concerns eligibility, benefit amounts, or other matters of benefit status in a Social Security program and is relevant to determining the same matters in the other program. For example, we disclose information to the Railroad Retirement Board for pension and unemployment compensation programs, to the Department of Veterans Affairs for its benefit programs, to worker's compensation programs, to State general assistance programs and to other income maintenance programs at all levels of government. We also disclose for health maintenance programs like Medicaid and Medicare. (iii) The information will be used for appropriate epidemiological or similar research purposes. | ||||
| 20:20:2.0.1.1.2.3.1.12 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.155 Law enforcement purposes. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20941, Apr. 27, 2007] | (a) General. The Privacy Act allows us to disclose information for law enforcement purposes under certain conditions. Much of the information in our files is especially sensitive or very personal. Furthermore, participation in social security programs is mandatory, so people cannot limit what information is given to us. Therefore, we generally disclose information for law enforcement purposes only in limited situations. The Privacy Act allows us to disclose information if the head of the law enforcement agency makes a written request giving enough information to show that the conditions in paragraphs (b) or (c) of this section are met, what information is needed, and why it is needed. Paragraphs (b) and (c) of this section discuss the disclosures we generally make for these purposes. (b) Serious crimes. SSA may disclose information for criminal law enforcement purposes where a violent crime such as murder or kidnapping has been committed and the individual about whom the information is being sought has been indicted or convicted of that crime. (c) Criminal activity involving the social security program or another program with the same purposes. We disclose information when necessary to investigate or prosecute fraud or other criminal activity involving the social security program. We may also disclose information for investigation or prosecution of criminal activity in other income-maintenance or health-maintenance programs (e.g., other governmental pension programs, unemployment compensation, general assistance, Medicare or Medicaid) if the information concerns eligibility, benefit amounts, or other matters of benefit status in a social security program and is relevant to determining the same matters in the other program. | ||||
| 20:20:2.0.1.1.2.3.1.13 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.160 Health or safety. | SSA | The Privacy Act allows us to disclose information in compelling circumstances where an individual's health or safety is affected. For example, if we learn that someone has been exposed to an excessive amount of radiation, we may notify that person and appropriate health officials. If we learn that someone has made a threat against someone else, we may notify that other person and law enforcement officials. When we make these disclosures, the Privacy Act requires us to send a notice of the disclosure to the last known address of the person whose record was disclosed. | |||||
| 20:20:2.0.1.1.2.3.1.14 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.165 Statistical and research activities. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20941, Apr. 27, 2007] | (a) General. Statistical and research activities often do not require information in a format that identifies specific individuals. Therefore, whenever possible, we release information for statistical or research purposes only in the form of aggregates or individual data that cannot be associated with a particular individual. The Privacy Act allows us to release records if there are safeguards that the record will be used solely as a statistical or research record and the individual cannot be identified from any information in the record. (b) Safeguards for disclosure with identifiers. The Privacy Act also allows us to disclose data for statistical and research purposes in a form allowing individual identification, pursuant to published routine use, when the purpose is compatible with the purpose for which the record was collected. We will disclose personally identifiable information for statistical and research purposes if— (1) We determine that the requestor needs the information in an identifiable form for a statistical or research activity, will use the information only for that purpose, and will protect individuals from unreasonable and unwanted contacts; (2) The activity is designed to increase knowledge about present or alternative Social Security programs or other Federal or State income-maintenance or health-maintenance programs; or is used for research that is of importance to the Social Security program or the Social Security beneficiaries; or an epidemiological research project that relates to the Social Security program or beneficiaries; and (3) The recipient will keep the information as a system of statistical records, will follow appropriate safeguards, and agrees to our on-site inspection of those safeguards so we can be sure the information is used or redisclosed only for statistical or research purposes. No redisclosure of the information may be made without SSA's approval. (c) Statistical record. A statistical record is a record in a system of records which is maintained only for sta… | ||||
| 20:20:2.0.1.1.2.3.1.15 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.170 Congress. | SSA | (a) We disclose information to either House of Congress. We also disclose information to any committee or subcommittee of either House, or to any joint committee of Congress or subcommittee of that committee, if the information is on a matter within the committee's or subcommittee's jurisdiction. (b) We disclose to any member of Congress the information needed to respond to constituents' requests for information about themselves (including requests from parents of minors, or legal guardians). However, these disclosures are subject to the restrictions in §§ 401.35 through 401.60. | |||||
| 20:20:2.0.1.1.2.3.1.16 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.175 Government Accountability Office. | SSA | [72 FR 20941, Apr. 27, 2007] | We disclose information to the Government Accountability Office when that agency needs the information to carry out its duties. | ||||
| 20:20:2.0.1.1.2.3.1.17 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.180 Disclosure under court order or other legal process. | SSA | [72 FR 20941, Apr. 27, 2007] | (a) General. The Privacy Act permits us to disclose information when we are ordered to do so by a court of competent jurisdiction. When information is used in a court proceeding, it usually becomes part of the public record of the proceeding and its confidentiality often cannot be protected in that record. Much of the information that we collect and maintain in our records on individuals is especially sensitive. Therefore, we follow the rules in paragraph (d) of this section in deciding whether we may disclose information in response to an order from a court of competent jurisdiction. When we disclose pursuant to an order from a court of competent jurisdiction, and the order is a matter of public record, the Privacy Act requires us to send a notice of the disclosure to the last known address of the person whose record was disclosed. (b) Court. For purposes of this section, a court is an institution of the judicial branch of the U.S. Federal government consisting of one or more judges who seek to adjudicate disputes and administer justice. (See 404.2(c)(6) of this chapter). Entities not in the judicial branch of the Federal government are not courts for purposes of this section. (c) Court order. For purposes of this section, a court order is any legal process which satisfies all of the following conditions: (1) It is issued under the authority of a Federal court; (2) A judge or a magistrate judge of that court signs it; (3) It commands SSA to disclose information; and (4) The court is a court of competent jurisdiction. (d) Court of competent jurisdiction. It is the view of SSA that under the Privacy Act the Federal Government has not waived sovereign immunity, which precludes state court jurisdiction over a Federal agency or official. Therefore, SSA will not honor state court orders as a basis for disclosure. State court orders will be treated in accordance with the other provisions of this part. (e) Conditions for disclosure under a court order of competent jurisdiction. We disclose information … | ||||
| 20:20:2.0.1.1.2.3.1.18 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.185 Other specific recipients. | SSA | In addition to disclosures we make under the routine use provision, we also release information to— (a) The Bureau of the Census for purposes of planning or carrying out a census, survey, or related activity; and (b) The National Archives of the United States if the record has sufficient historical or other value to warrant its continued preservation by the United States Government. We also disclose a record to the Administrator of General Services for a determination of whether the record has such a value. | |||||
| 20:20:2.0.1.1.2.3.1.19 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.190 Deceased persons. | SSA | We do not consider the disclosure of information about a deceased person to be a clearly unwarranted invasion of that person's privacy. However, in disclosing information about a deceased person, we follow the principles in § 401.115 to insure that the privacy rights of a living person are not violated. | |||||
| 20:20:2.0.1.1.2.3.1.2 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.105 Disclosure of personal information without the consent of the subject of the record. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20940, Apr. 27, 2007] | (a) SSA maintains two categories of records which contain personal information: (1) Nonprogram records, primarily administrative and personnel records which contain information about SSA's activities as a government agency and employer, and (2) Program records which contain information about SSA's clients that it keeps to administer benefit programs under Federal law. (b) We apply different levels of confidentiality to disclosures of information in the categories in paragraphs (a) (1) and (2) of this section. For administrative and personnel records, the Privacy Act applies. To the extent that SSA has physical custody of personnel records maintained as part of the Office of Personnel Management's (OPM) Privacy Act government-wide systems of records, these records are subject to OPM's rules on access and disclosure at 5 CFR parts 293 and 297. For program records, we apply somewhat more strict confidentiality standards than those found in the Privacy Act. The reason for this difference in treatment is that our program records include information about a much greater number of persons than our administrative records, the information we must collect for program purposes is often very sensitive, and claimants are required by statute and regulation to provide us with the information in order to establish entitlement for benefits. | ||||
| 20:20:2.0.1.1.2.3.1.20 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.195 Situations not specified in this part. | SSA | If no other provision in this part specifically allows SSA to disclose information, the Commissioner or designee may disclose this information if not prohibited by Federal law. For example, the Commissioner or designee may disclose information necessary to respond to life threatening situations. | |||||
| 20:20:2.0.1.1.2.3.1.21 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.200 Blood donor locator service. | SSA | (a) General. We will enter into arrangements with State agencies under which we will furnish to them at their request the last known personal mailing addresses (residence or post office box) of blood donors whose blood donations show that they are or may be infected with the human immunodeficiency virus which causes acquired immune deficiency syndrome. The State agency or other authorized person, as defined in paragraph (b) of this section, will then inform the donors that they may need medical care and treatment. The safeguards that must be used by authorized persons as a condition to receiving address information from the Blood Donor Locator Service are in paragraph (g) of this section, and the requirements for a request for address information are in paragraph (d) of this section. (b) Definitions. State means the 50 States, the District of Columbia, the Commonwealth of Puerto Rico, the Virgin Islands, Guam, the Commonwealth of Northern Marianas, and the Trust Territory of the Pacific Islands. Authorized person means— (1) Any agency of a State (or of a political subdivision of a State) which has duties or authority under State law relating to the public health or otherwise has the duty or authority under State law to regulate blood donations; and (2) Any entity engaged in the acceptance of blood donations which is licensed or registered by the Food and Drug Administration in connection with the acceptance of such blood donations, and which provides for— (i) The confidentiality of any address information received pursuant to the rules in this part and section 1141 of the Social Security Act and related blood donor records; (ii) Blood donor notification procedures for individuals with respect to whom such information is requested and a finding has been made that they are or may be infected with the human immunodeficiency virus; and (iii) Counseling services for such individuals who have been found to have such virus. New counseling programs are not required, and an entity may use existing counseling p… | |||||
| 20:20:2.0.1.1.2.3.1.3 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.110 Disclosure of personal information in nonprogram records without the consent of the subject of the record. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20940, Apr. 27, 2007] | The disclosures listed in this section may be made from our nonprogram records, e.g., administrative and personnel records, without your consent. Such disclosures are those: (a) To officers and employees of SSA who have a need for the record in the performance of their duties. The SSA official who is responsible for the record may upon request of any officer or employee, or on his own initiative, determine what constitutes legitimate need. (b) Required to be disclosed under the Freedom of Information Act, 5 U.S.C. 552, and 20 CFR part 402. (c) For a routine use as defined in § 401.25 of this part. Routine uses will be listed in any notice of a system of records. SSA publishes notices of systems of records, including all pertinent routine uses, in the Federal Register. (d) To the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of Title 13 U.S.C. (e) To a recipient who has provided us with advance written assurance that the record will be used solely as a statistical research or reporting record; Provided, that, the record is transferred in a form that does not identify the subject individual. (f) To the National Archives of the United States as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Administrator of General Services or his designee to determine whether the record has such value. (g) To another government agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of such government agency or instrumentality has submitted a written request to us, specifying the record desired and the law enforcement activity for which the record is sought. (h) To an individual pursuant to a showing of compelling circumstances affecting the health or safety of any individual if … | ||||
| 20:20:2.0.1.1.2.3.1.4 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.115 Disclosure of personal information in program records without the consent of the subject of the record. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20940, Apr. 27, 2007] | This section describes how various laws control the disclosure of personal information that we keep. We disclose information in the program records only when a legitimate need exists. For example, we disclose information to officers and employees of SSA who have a need for the record in the performance of their duties. We also must consider the laws identified below in the respective order when we disclose program information: (a) Some laws require us to disclose information (§ 401.120); some laws require us to withhold information (§ 401.125). These laws control whenever they apply. (b) If no law of this type applies in a given case, then we must look to FOIA principles. See § 401.130. (c) When FOIA principles do not require disclosure, we may disclose information if both the Privacy Act and section 1106 of the Social Security Act permit the disclosure. | ||||
| 20:20:2.0.1.1.2.3.1.5 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.120 Disclosures required by law. | SSA | [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 20941, Apr. 27, 2007] | We disclose information when a law specifically requires it. The Social Security Act requires us to disclose information for certain program purposes. These include disclosures to the SSA Office of Inspector General, the Federal Parent Locator Service, and to States pursuant to an arrangement regarding use of the Blood Donor Locator Service. Also, there are other laws which require that we furnish other agencies information which they need for their programs. These agencies include the Department of Veterans Affairs for its benefit programs, U.S. Citizenship and Immigration Services to carry out its duties regarding aliens, the Railroad Retirement Board for its benefit programs, and to Federal, State and local agencies administering Temporary Assistance for Needy Families, Medicaid, unemployment compensation, food stamps, and other programs. | ||||
| 20:20:2.0.1.1.2.3.1.6 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.125 Disclosures prohibited by law. | SSA | We do not disclose information when a law specifically prohibits it. The Internal Revenue Code generally prohibits us from disclosing tax return information which we receive to maintain individual earnings records. This includes, for example, amounts of wages and contributions from employers. Other laws restrict our disclosure of certain information about drug and alcohol abuse which we collect to determine eligibility for social security benefits. | |||||
| 20:20:2.0.1.1.2.3.1.7 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.130 Freedom of Information Act. | SSA | The FOIA requires us to disclose any information in our records upon request from the public, unless one of several exemptions in the FOIA applies. When the FOIA requires disclosure (see part 402 of this chapter), the Privacy Act permits it. The public does not include Federal agencies, courts, or the Congress, but does include State agencies, individuals, corporations, and most other parties. The FOIA does not apply to requests that are not from the public (e.g., from a Federal agency). However, we apply FOIA principles to requests from these other sources for disclosure of program information. | |||||
| 20:20:2.0.1.1.2.3.1.8 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.135 Other laws. | SSA | When the FOIA does not apply, we may not disclose any personal information unless both the Privacy Act and section 1106 of the Social Security Act permit the disclosure. Section 1106 of the Social Security Act requires that disclosures which may be made must be set out in statute or regulations; therefore, any disclosure permitted by this part is permitted by section 1106. | |||||
| 20:20:2.0.1.1.2.3.1.9 | 20 | Employees' Benefits | III | 401 | PART 401—PRIVACY AND DISCLOSURE OF OFFICIAL RECORDS AND INFORMATION | C | Subpart C—Disclosure of Official Records and Information | § 401.140 General principles. | SSA | When no law specifically requiring or prohibiting disclosure applies to a question of whether to disclose information, we follow FOIA principles to resolve that question. We do this to insure uniform treatment in all situations. The FOIA principle which most often applies to SSA disclosure questions is whether the disclosure would result in a “clearly unwarranted invasion of personal privacy.” To decide whether a disclosure would be a clearly unwarranted invasion of personal privacy we consider— (a) The sensitivity of the information (e.g., whether individuals would suffer harm or embarrassment as a result of the disclosure); (b) The public interest in the disclosure; (c) The rights and expectations of individuals to have their personal information kept confidential; (d) The public's interest in maintaining general standards of confidentiality of personal information; and (e) The existence of safeguards against unauthorized redisclosure or use. |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE cfr_sections (
section_id TEXT PRIMARY KEY,
title_number INTEGER,
title_name TEXT,
chapter TEXT,
subchapter TEXT,
part_number TEXT,
part_name TEXT,
subpart TEXT,
subpart_name TEXT,
section_number TEXT,
section_heading TEXT,
agency TEXT,
authority TEXT,
source_citation TEXT,
amendment_citations TEXT,
full_text TEXT
);
CREATE INDEX idx_cfr_title ON cfr_sections(title_number);
CREATE INDEX idx_cfr_part ON cfr_sections(part_number);
CREATE INDEX idx_cfr_agency ON cfr_sections(agency);