FAR Part 24 Deck 1 Flashcards
(15 cards)
What does the Privacy Act of 1974 (5 U.S.C. 552a) require regarding government contracts?
Agencies must apply the Act’s requirements to contractors and their employees when they design, develop, or operate a system of records on individuals.
Define ‘Agency’ as per the Privacy Act.
Any executive department, military department, Government corporation, Government-controlled corporation, or other establishment in the executive branch of the Government.
What is meant by ‘Personally identifiable information’?
Information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other information.
What is a ‘System of records on individuals’?
A group of any records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number.
True or False: Contractors are considered employees of the agency for criminal penalties under the Privacy Act.
True.
What must contracting officers review to determine if a contract involves a system of records?
Requirements to determine whether the contract will involve the design, development, or operation of a system of records on individuals.
Fill in the blank: The Freedom of Information Act (5 U.S.C. 552, as amended) provides that information is to be made available to the public by _______.
[various methods including publication, opportunity to read and copy records, or upon request.]
What are the prohibitions related to proposals under the Freedom of Information Act?
A proposal in possession of the Government shall not be made available to any person, except for parts incorporated in a contract.
List the exemptions that may apply to requests for records under the Freedom of Information Act.
- Classified information
- Trade secrets and confidential commercial or financial information
- Interagency or intra-agency memoranda
- Personal and medical information
What type of training are contractors required to provide regarding privacy?
Initial privacy training and annual privacy training for employees with access to a system of records or handling personally identifiable information.
What must privacy training cover according to the regulations?
- Provisions of the Privacy Act of 1974
- Handling and safeguarding of personally identifiable information
- Authorized use of a system of records
- Restriction on unauthorized equipment
- Prohibition against unauthorized use or disclosure
- Procedures for suspected breaches
When should the clause at FAR 52.224-3, Privacy Training, be inserted in contracts?
When contractor employees will have access to a system of records or handle personally identifiable information.
What is the responsibility of contracting officers regarding the Privacy Act?
To ensure that contracts specify the system of records and comply with the requirements of the Act.
What documentation must contractors maintain regarding privacy training?
Documentation of completion of privacy training for all applicable employees.
True or False: A contractor employee can access a system of records without completing privacy training.
False.
