10 CFR 1008.9 - Action in response to a request for access: initial denial of access.
(a) A request by an individual for information about or access to a record or information pertaining to that individual that is contained in a system of records may be denied only upon a determination by the appropriate System Manager, with the concurrence of the appropriate General Counsel, that:
(1) The record is subject to an exemption under § 1008.12;
(2) The record is information compiled in reasonable anticipation of a civil action or proceeding; or
(3) The individual has unreasonably failed to comply with the procedural requirements of this part.
(b) The Privacy Act Officer shall give written notice of the denial of a request of information about or access to records or information pertaining to the individual and contained in a system of records. Such written notice shall be sent by certified or registered mail, return receipt requested and shall include the following information:
(1) The System Manager's name and title;
(2) The reasons for the denial, including citation to the appropriate sections of the Privacy Act and this part; and
(c) Nothing in this section shall:
(2) Prevent a System Manager from waiving any exemption authorizing the denial of records, in accordance with § 1008.12.