13 CFR § 102.39 - SBA's exempt Privacy Act systems of records.
(1) Office of Inspector General Records Other Than Investigation Records - SBA 4, contains records pertaining to audits, evaluations, and other non-audit services performed by the OIG;
(2) Equal Employment Opportunity Complaint Cases - SBA 13, contains complaint files, Equal Employment Opportunity counselor's reports, investigation materials, notes, reports, and recommendations;
(3) Investigative Files - SBA 16, contains records gathered by the OIG in the investigation of allegations that are within the jurisdiction of the OIG;
(4) Investigations Division Management Information System - SBA 17, contains records gathered or created during preparation for, conduct of, and follow-up on investigations conducted by the OIG, the Federal Bureau of Investigation (FBI), and other Federal, State, local, or foreign regulatory or law enforcement agency;
(5) Litigation and Claims Files - SBA 19, contains records relating to recipients classified as “in litigation” and all individuals involved in claims by or against the Agency;
(6) Personnel Security Files - SBA 24, contains records on active and inactive personnel security files, employee or former employee's name, background information, personnel actions, OPM, and/or authorized contracting firm background investigations;
(7) Security and Investigations Files - SBA 27, contains records gathered or created during preparation for, conduct of, and follow-up on investigations conducted by OIG, the FBI, and other Federal, State, local, or foreign regulatory or law enforcement agencies as well as other material submitted to or gathered by OIG in furtherance of its investigative function; and
(8) Standards of Conduct Files - SBA 29, contains records on confidential employment and financial statements of employees Grade 13 and above.
(b) These systems of records are exempt from the following provisions of the Privacy Act and all regulations in this part promulgated under these provisions:
(1) 552a(c)(3) (Accounting of Certain Disclosures);
(2) 552a(d) (Access to Records);
(3) 552a(e)(1), 4G, H, and I (Agency Requirements); and
(4) 552a(f) (Agency Rules).
(1) Prevent the subject of investigations from frustrating the investigatory process;
(2) Protect investigatory material compiled for law enforcement purposes;
(3) Fulfill commitments made to protect the confidentiality of sources and to maintain access to necessary sources of information; or
(4) Prevent interference with law enforcement proceedings.
(d) In addition to the foregoing exemptions in paragraphs (a) through (c) of this section, the systems of records described in paragraph (a) of this section numbered SBA 4, 16, 17, 24, and 27 are exempt from the Privacy Act except for subsections (b), (c)(1) and (2), (e)(4)(A) through F, (e)(6), (7), (9), (10) and (11) and (i) to the extent that they contain:
(1) Information compiled to identify individual criminal offenders and alleged offenders and consisting only of identifying data and notations of arrests, confinement, release, and parole and probation status;
(2) Information, including reports of informants and investigators, associated with an identifiable individual compiled to investigate criminal activity; or
(3) Reports compiled at any stage of the process of enforcement of the criminal laws from arrest or indictment through release from supervision associated with an identifiable individual.
(e) The systems of records described in paragraph (d) of this section are exempt from the Privacy Act to the extent described in that paragraph because they are records maintained by the Investigations Division of the OIG, which is a component of SBA which performs as its principal function activities pertaining to the enforcement of criminal laws within the meaning of 5 U.S.C. 552a(j)(2). They are exempt in order to:
(1) Prevent the subjects of OIG investigations from using the Privacy Act to frustrate the investigative process;
(3) Protect the confidentiality of other sources of information;
(4) Avoid endangering confidential sources and law enforcement personnel;
(5) Prevent interference with law enforcement proceedings;
(6) Assure access to sources of confidential information, including that contained in Federal, State, and local criminal law enforcement information systems;
(7) Prevent the disclosure of investigative techniques; or
(8) Prevent the disclosure of classified information.