Pt. 505, App. H
Appendix H to Part 505
(a) Access. Review or copying a record or parts thereof contained in a Privacy Act system of records by an individual.
(b) Agency. For the purposes of disclosing records subject to the Privacy Act, Components of the Department of Defense are considered a single agency. For other purposes including access, amendment, appeals from denials of access or amendment, exempting systems of records, and recordkeeping for release to non-DOD agencies, the Department of the Army is considered its own agency.
(c) Amendment. The process of adding, deleting, or changing information in a system of records to make the data accurate, relevant, timely, or complete.
(d) Computer Matching Agreement. An agreement to conduct a computerized comparison of two or more automated systems of records to verify eligibility for payments under Federal benefit programs or to recover delinquent debts for these programs.
(e) Confidential Source. A person or organization who has furnished information to the Federal Government under an express promise that the person's or the organization's identity would be held in confidence or under an implied promise of such confidentiality if this implied promise was made before September 27, 1975.
(f) Cookie. A mechanism that allows the server to store its own information about a user on the user's own computer. Cookies are embedded in the HTML information flowing back and forth between the user's computer and the servers. They allow user-side customization of Web information. Normally, cookies will expire after a single session.
(g) Defense Data Integrity Board. The Board oversees and coordinates all computer matching programs involving personal records contained in systems of records maintained by the DOD Component; reviews and approves all computer matching agreements between the Department of Defense (DOD) and other Federal, State, and local governmental agencies, as well as memoranda of understanding when the match is internal to the DOD.
(h) Disclosure. The transfer of any personal information from a Privacy Act system of records by any means of communication (such as oral, written, electronic mechanical, or actual review) to any persons, private entity, or government agency, other than the subject of the record, the subject's designated agent or the subject's legal guardian. Within the context of the Privacy Act and this part, this term applies only to personal information that is a part of a Privacy Act system of records.
(i) Deceased Individuals. The Privacy Act confers no rights on deceased persons, nor may their next-of-kin exercise any rights for them. However, family members of deceased individuals have their own privacy right in particularly sensitive, graphic, personal details about the circumstances surrounding an individual's death. This information may be withheld when necessary to protect the privacy interests of surviving family members. Even information that is not particularly sensitive in and of itself may be withheld to protect the privacy interests of surviving family members if disclosure would rekindle grief, anguish, pain, embarrassment, or cause a disruption of their peace minds. Because surviving family members use the deceased's Social Security Number to obtain benefits, DA personnel should continue to protect the SSN of deceased individuals.
(j) Individual. A living person who is a citizen of the United States or an alien lawfully admitted for permanent residence. The parent or legal guardian of a minor also may act on behalf of an individual. Members of the United States Armed Forces are individuals. Corporations, partnerships, sole proprietorships, professional groups, businesses, whether incorporated or unincorporated, and other commercial entities are not individuals.
(k) Individual Access. The subject of a Privacy Act file or his or her designated agent or legal guardian has access to information about them contained in the Privacy Act file. The term individual generally does not embrace a person acting on behalf of a commercial entity (for example, sole proprietorship or partnership).
(l) Denial Authority (formerly Access and Amendment Refusal Authority). The Army Staff agency head or major Army commander designated authority by this part to deny access to, or refuse amendment of, records in his or her assigned area or functional specialization.
(m) Maintain. Includes keep, collect, use or disseminate.
(n) Members of the Public. Individuals or parties acting in a private capacity.
(o) Minor. An individual under 18 years of age, who is not married and who is not a member of the Department of the Army.
(p) Official Use. Within the context of this part, this term is used when Department of the Army officials and employees have demonstrated a need for the use of any record or the information contained therein in the performance of their official duties.
(q) Personal Information. Information about an individual that identifies, relates, or is unique to, or describes him or her, e.g., a social security number, age, military rank, civilian grade, marital status, race, salary, home/office phone numbers, etc.
(r) Persistent cookies. Cookies that can be used to track users over time and across different Web sites to collect personal information.
(s) Personal Identifier. A name, number, or symbol that is unique to an individual, usually the person's name or SSN.
(t) System of Records. A group of records under the control of the DA from which information is filed and retrieved by individuals' names or other personal identifiers assigned to the individuals. System notices for all systems of records must be published in the Federal Register. A grouping of records arranged chronologically or subjectively that are not retrieved by individuals' names or identifiers is not a Privacy Act system of records, even though individual information could be retrieved by individuals' names or personal identifiers, such as through a paper-by-paper search.
(u) Privacy Advisory. A statement required when soliciting personally identifying information by a Department of the Army Web site and the information is not maintained in a system of records. The Privacy Advisory informs the individual why the information is being solicited and how it will be used.
(v) Privacy Impact Assessment (PIA). An analysis, which considers information sensitivity, vulnerability, and cost to a computer facility or word processing center in safeguarding personal information processed or stored in the facility.
(w) Privacy Act (PA) Request. A request from an individual for information about the existence of, access to, or amendment of records pertaining to that individual located in a Privacy Act system of records. The request must cite or implicitly refer to the Privacy Act of 1974.
(x) Protected Personal Information. Information about an individual that identifies, relates to, is unique to, or describes him or her (e.g., home address, date of birth, social security number, credit card, or charge card account, etc.).
(y) Records. Any item, collection, or grouping of information, whatever the storage media (e.g., paper, electronic, etc), about an individual that is maintained by a DOD Component, including but not limited to, his or her education, financial transactions, medical history, criminal or employment history and that contains his or her name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph.
(z) Records Maintenance and Use. Any action involving the storage, retrieval, and handling of records kept in offices by or for the agency.
(aa) Review Authority. An official charged with the responsibility to rule on administrative appeals of initial denials of requests for notification, access, or amendment of records. Additionally, the Office of Personnel Management is the review authority for civilian official personnel folders or records contained in any other OMP record.
(bb) Routine Use. Disclosure of a record outside DOD without the consent of the subject individual for a use that is compatible with the purpose for which the information was collected and maintained by DA. A routine use must be included in the notice for the Privacy Act system of records published in the Federal Register.
(cc) Statistical record. A record in a system of records maintained for statistical research or reporting purposes and not used in whole or in part in making determinations about specific individuals.
(dd) System Manager. An official who has overall responsibility for policies and procedures for operating and safeguarding a Privacy Act system of records.
(ee) Third-party cookies. Cookies placed on a user's hard drive by Internet advertising networks. The most common third-party cookies are placed by the various companies that serve the banner ads that appear across many Web sites.
(ff) Working Days. Days excluding Saturday, Sunday, and legal holidays.