(a) System managers will establish administrative, technical, and physical safeguards to ensure the security and confidentiality of records, protect the records against possible threats or hazards, and permit access only to authorized persons. Automated systems will incorporate security controls such as password protection, verification of identity of authorized users, detection of break-in attempts, firewalls, or encryption, as appropriate.
(b) System managers will ensure that employees and contractors who have access to personal information in their system will have the proper background investigation and meet all privacy training requirements.
Title 41 published on 2009-07-01
no entries appear in the Federal Register after this date.
This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.