The Bureau of Ocean Energy Management (BOEM) Privacy Program is responsible for evaluating BOEM programs, systems, and initiatives for potential privacy impacts and developing privacy policies, procedures, and guidance to safeguard personally identifiable information (PII) and Privacy Act information.
What is the Privacy Act?
The purpose of the Privacy Act of 1974 (5 U.S.C. § 552a) is to balance the U.S. government’s need to maintain information about individuals with the rights of individuals to be protected against unwarranted invasions of their privacy resulting from the collection, maintenance, use, and disclosure of personal information.
The Privacy Act pertains only to information about individuals that is maintained in systems of records. A system of records is a group of records under an agency’s control from which information is retrieved by the name of the individual or by some identifier assigned to the individual. The Privacy Act sets forth various agency record-keeping requirements and requires that agencies give public notice of their systems of records by publication in the Federal Register. Through the Privacy Act, individuals (i.e., U.S. citizens and aliens lawfully admitted for permanent residence) are able to seek access to, as well as amend, their records.
What is PII?
The Office of Management and Budget (OMB) defines PII as "information which can be used to distinguish or trace an individual's identity, such as their name, Social Security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc."
For further details, see OMB Memorandum M-07-16 Safeguarding Against and Responding to the Breach of Personally Identifiable Information.
Protecting Privacy is Important
BOEM employees, contractors, consultants, interns, and volunteers are required by law and Department of the Interior (DOI) policy to properly collect, access, use, safeguard, share, and dispose of PII and Privacy Act records in order to protect the privacy of individuals.
Both individuals and agencies may experience harm as a result of a loss of PII maintained by an agency, even if the PII is not part of a system of records. Harm may include administrative burden, remediation costs, financial loss, loss of public reputation and public trust, and legal liability. Under the Privacy Act, any officer or employee who knowingly and willfully discloses PII which is prohibited from disclosure or maintains a system of records without meeting the Privacy Act notice requirements is guilty of a misdemeanor and may be fined up to $5,000.
Other Information BOEM Collects
Records BOEM obtains from outside the federal government may include possibly confidential information. The Privacy Act does not cover records that federal agencies maintain on organizations, businesses, or individuals operating as a business. However, confidential information may be protected under Exemption 4 of the Freedom of Information Act (FOIA). Commercial or financial information is considered confidential if disclosure is likely to cause substantial harm to the competitive position of the person from whom the information was obtained. Examples of confidential information include proprietary information provided in support of a grant application or related to a federal acquisition action, or privileged or confidential information a company may provide to indicate an interest in acquiring a commercial wind lease.
DOI’s FOIA regulations (43 C.F.R. Part 2, Subpart F) address how BOEM must treat FOIA requests for possibly confidential information.
BOEM Privacy Program Contact Information
For general privacy inquiries or additional information about our privacy compliance, you may contact the BOEM Privacy Program at firstname.lastname@example.org, 703-787-1739 or mail us at:
Bureau of Ocean Energy Management
45600 Woodland Rd.
Attn: Associate Privacy Officer
Sterling, VA 20166
Published on 12/19/2016