6 CFR § 5.22 - Responsibility for responding to requests for access to records.

§ 5.22 Responsibility for responding to requests for access to records.

(a) In general. Except as stated in paragraphs (c), (d), and (e) of this section, the component that first receives a request for access to a record, and has possession of that record, is the component responsible for responding to the request. In determining which records are responsive to a request, a component ordinarily will include only those records in its possession as of the date the component begins its search for them. If any other date is used, the component will inform the requester of that date.

(b) Authority to grant or deny requests. The head of a component, or the component head's designee, is authorized to grant or deny any request for access or amendment to a record of that component.

(c) Consultations, coordination, and referrals. All consultations, coordination, and referrals for requests of records subject to the Privacy Act or JRA will follow the same process and procedures as described in § 5.4(d), including how to handle those requests that pertain to law enforcement information, as specified in § 5.4(d)(2), and classified information, as specified in § 5.4(d)(2) and (e). Further, whenever a request is made for access to a record containing information that has been classified by or may be appropriate for classification by another component or agency under any relevant executive order concerning the classification of records, the receiving component will refer to § 5.24 for processing.

(d) Release of medical records.

(1) Generally, an individual has the right to access their medical records maintained by the Department. Special procedures for requests from an individual requesting medical records that include psychological records for which direct release may cause harm to the individual requesting access are set forth in paragraph (d)(2) of this section.

(2) If a request is made for access to medical records that include psychological records, and a component medical practitioner or qualified designee determines that direct release is likely to adversely affect the individual who is requesting access, the component will request the individual to provide the name and contact information of a representative who is capable of ameliorating the potential adverse effect. The representative may be a physician or other health professional who will be willing to review the record and inform the requester of its contents. Once provided, the component FOIA office or designated component official will send the medical records to the individual's designated representative. The component will inform the subject individual in writing (either via U.S. mail or electronic mail whenever possible) that the record has been sent to that individual's chosen representative. The representative does not have the discretion to withhold any part of the individual's record. If the subject individual does not comply with the procedural requirement to designate a representative, the component may decline to release the requested information.

(3) Paragraph (d)(2) of this section does not apply to Coast Guard records held by another agency.

(e) Notice of referral. Whenever a component refers all or any part of the responsibility for responding to a request to another component or agency, it ordinarily will notify the requester of the referral and inform the requester of the name of each component or agency to which the request has been referred and of the part of the request that has been referred.

(f) Timing of responses to consultations and referrals. All consultations and referrals received by DHS will be handled according to the date the Privacy Act or JRA access request was initially received by the first component or agency, not any later date.

(g) Agreements regarding consultations and referrals. Components may establish agreements with other components or agencies to eliminate the need for consultations or referrals with respect to types of records.