(a) The training shall include information regarding information privacy laws, regulations, policies and procedures governing the Department's collection, maintenance, use, or dissemination of personal information. The objective is to establish a culture of sensitivity to, and knowledge about, privacy issues involving individuals throughout the Department.
(b) To meet these training requirements, Components may establish three general levels of training for those persons, to include contractor personnel, who are involved in any way with the design, development, operation, or maintenance of privacy protected systems of records. These are:
(1)Orientation. Training that provides basic understanding of this part as it applies to the individual's job performance. This training shall be provided to personnel, as appropriate, and should be a prerequisite to all other levels of training.
(2)Specialized training. Training that provides information as to the application of specific provisions of this part to specialized areas of job performance. Personnel of particular concern include, but are not limited to medical, personnel, and intelligence specialists, finance officers, DoD personnel who may be expected to deal with the news media or the public, special investigators, paperwork managers, and other specialists (reports, forms, records, and related functions), computer systems development personnel, computer systems operations personnel, statisticians dealing with personal data and program evaluations, contractors that will either operate systems of records on behalf of the Component or will have access to such systems incident to performing the contract, and anyone responsible for implementing or carrying out functions under this part.
(3)Management. Training designed to identify for responsible managers (such as, senior system managers, denial authorities, and decision-makers) considerations that they shall take into account when making management decisions regarding operational programs and activities having privacy implications.
(c) Include Privacy Act training in other courses of training when appropriate. Stress individual responsibilities and advise individuals of their rights and responsibilities under this part to ensure that it is understood that, where personally identifiable information is involved, individuals should handle and treat the information as if it was their information.
Title 32 published on 2014-07-01.
The following are only the Rules published in the Federal Register after the published date of Title 32.
For a complete list of all Rules, Proposed Rules, and Notices view the Rulemaking tab.
This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.