(a) General. We will enter into arrangements with State agencies under which we will furnish to them at their request the last known personal mailing addresses (residence or post office box) of blood donors whose blood donations show that they are or may be infected with the human immunodeficiency virus which causes acquired immune deficiency syndrome. The State agency or other authorized person, as defined in paragraph (b) of this section, will then inform the donors that they may need medical care and treatment. The safeguards that must be used by authorized persons as a condition to receiving address information from the Blood Donor Locator Service are in paragraph (g) of this section, and the requirements for a request for address information are in paragraph (d) of this section.
(b) Definitions. State means the 50 States, the District of Columbia, the Commonwealth of Puerto Rico, the Virgin Islands, Guam, the Commonwealth of Northern Marianas, and the Trust Territory of the Pacific Islands.
Authorized person means--
(1) Any agency of a State (or of a political subdivision of a State) which has duties or authority under State law relating to the public health or otherwise has the duty or authority under State law to regulate blood donations; and
(2) Any entity engaged in the acceptance of blood donations which is licensed or registered by the Food and Drug Administration in connection with the acceptance of such blood donations, and which provides for--
(i) The confidentiality of any address information received pursuant to the rules in this part and section 1141 of the Social Security Act and related blood donor records;
(ii) Blood donor notification procedures for individuals with respect to whom such information is requested and a finding has been made that they are or may be infected with the human immunodeficiency virus; and
(iii) Counseling services for such individuals who have been found to have such virus. New counseling programs are not required, and an entity may use existing counseling programs or referrals to provide these services.
Related blood donor records means any record, list, or compilation established in connection with a request for address information which indicates, directly or indirectly, the identity of any individual with respect to whom a request for address information has been made pursuant to the rules in this part.
(c) Use of social security number for identification. A State or an authorized person in the State may require a blood donor to furnish his or her social security number when donating blood. The number may then be used by an authorized person to identify and locate a donor whose blood donation indicates that he or she is or may be infected with the human immunodeficiency virus.
(d) Request for address of blood donor. An authorized person who has been unable to locate a blood donor at the address he or she may have given at the time of the blood donation may request assistance from the State agency which has arranged with us to participate in the Blood Donor Locator Service. The request to the Blood Donor Locator Service must--
(1) Be in writing;
(2) Be from a participating State agency either on its own behalf as an authorized person or on behalf of another authorized person;
(3) Indicate that the authorized person meets the confidentiality safeguards of paragraph (g) of this section; and
(4) Include the donor's name and social security number, the addresses at which the authorized person attempted without success to contact the donor, the date of the blood donation if available, a statement that the donor has tested positive for the human immunodeficiency virus according to the latest Food and Drug Administration standards or that the history of the subsequent use of the donated blood or blood products indicates that the donor has or may have the human immunodeficiency virus, and the name and address of the requesting blood donation facility.
(e) SSA response to request for address. After receiving a request that meets the requirements of paragraph (d) of this section, we will search our records for the donor's latest personal mailing address. If we do not find a current address, we will request that the Internal Revenue Service search its tax records and furnish us any personal mailing address information from its files, as required under section 6103(m)(6) of the Internal Revenue Code. After completing these searches, we will provide to the requesting State agency either the latest mailing address available for the donor or a response stating that we do not have this information. We will then destroy the records or delete all identifying donor information related to the request and maintain only the information that we will need to monitor the compliance of authorized persons with the confidentiality safeguards contained in paragraph (g) of this section.
(f) SSA refusal to furnish address. If we determine that an authorized person has not met the requirements of paragraphs (d) and (g) of this section, we will not furnish address information to the State agency. In that case, we will notify the State agency of our determination, explain the reasons for our determination, and explain that the State agency may request administrative review of our determination. The Commissioner of Social Security or a delegate of the Commissioner will conduct this review. The review will be based on the information of record and there will not be an opportunity for an oral hearing. A request for administrative review, which may be submitted only by a State agency, must be in writing. The State agency must send its request for administrative review to the Commissioner of Social Security, 6401 Security Boulevard, Baltimore, MD 21235, within 60 days after receiving our notice refusing to give the donor's address. The request for review must include supporting information or evidence that the requirements of the rules in this part have been met. If we do not furnish address information because an authorized person failed to comply with the confidentiality safeguards of paragraph (g) of this section, the State agency will have an opportunity to submit evidence that the authorized person is now in compliance. If we then determine, based on our review of the request for administrative review and the supporting evidence, that the authorized person meets the requirements of the rules in this part, we will respond to the address request as provided in paragraph (e) of this section. If we determine on administrative review that the requirements have not been met, we will notify the State agency in writing of our decision. We will make our determination within 30 days after receiving the request for administrative review, unless we notify the State agency within this 30-day time period that we will need additional time. Our determination on the request for administrative review will give the findings of fact, the reasons for the decision, and what actions the State agency should take to ensure that it or the blood donation facility is in compliance with the rules in this part.
(g) Safeguards to ensure confidentiality of blood donor records. We will require assurance that authorized persons have established and continue to maintain adequate safeguards to protect the confidentiality of both address information received from the Blood Donor Locator Service and related blood donor records. The authorized person must, to the satisfaction of the Secretary--
(1) Establish and maintain a system for standardizing records which includes the reasons for requesting the addresses of blood donors, dates of the requests, and any disclosures of address information;
(2) Store blood donors' addresses received from the Blood Donor Locator Service and all related blood donor records in a secure area or place that is physically safe from access by persons other than those whose duties and responsibilities require access;
(3) Restrict access to these records to authorized employees and officials who need them to perform their official duties related to notifying blood donors who are or may be infected with the human immunodeficiency virus that they may need medical care and treatment;
(4) Advise all personnel who will have access to the records of the confidential nature of the information, the safeguards required to protect the information, and the civil and criminal sanctions for unauthorized use or disclosure of the information;
(5) Destroy the address information received from the Blood Donor Locator Service, as well as any records established in connection with the request which indicate directly or indirectly the identity of the individual, after notifying or attempting to notify the donor at the address obtained from the Blood Donor Locator Service; and
(6) Upon request, report to us the procedures established and utilized to ensure the confidentiality of address information and related blood donor records. We reserve the right to make onsite inspections to ensure that these procedures are adequate and are being followed and to request such information as we may need to ensure that the safeguards required in this section are being met.
(h) Unauthorized disclosure. Any official or employee of the Federal Government, a State, or a blood donation facility who discloses blood donor information, except as provided for in this section or under a provision of law, will be subject to the same criminal penalty as provided in section 7213(a) of the Internal Revenue Code of 1986 for the unauthorized disclosure of tax information.
Sec. Appendix A to Part 401--Employee Standards of Conduct
(a) General. All SSA employees are required to be aware of their responsibilities under the Privacy Act of 1974, 5 U.S.C. 552a. Regulations implementing the Privacy Act are set forth in this part. Instruction on the requirements of the Act and regulation shall be provided to all new employees of SSA. In addition, supervisors shall be responsible for assuring that employees who are working with systems of records or who undertake new duties which require the use of systems of records are informed of their responsibilities. Supervisors shall also be responsible for assuring that all employees who work with such systems of records are periodically reminded of the requirements of the Privacy Act and are advised of any new provisions or interpretations of the Act.
(b) Penalties. (1) All employees must guard against improper disclosure of records which are governed by the Privacy Act. Because of the serious consequences of improper invasions of personal privacy, employees may be subject to disciplinary action and criminal prosecution for knowing and willful violations of the Privacy Act and regulation. In addition, employees may also be subject to disciplinary action for unknowing or unwillful violations, where the employee had notice of the provisions of the Privacy Act and regulations and failed to inform himself or herself sufficiently or to conduct himself or herself in accordance with the requirements to avoid violations.
(1) All employees must guard against improper disclosure of records which are governed by the Privacy Act. Because of the serious consequences of improper invasions of personal privacy, employees may be subject to disciplinary action and criminal prosecution for knowing and willful violations of the Privacy Act and regulation. In addition, employees may also be subject to disciplinary action for unknowing or unwillful violations, where the employee had notice of the provisions of the Privacy Act and regulations and failed to inform himself or herself sufficiently or to conduct himself or herself in accordance with the requirements to avoid violations.
(2) SSA may be subjected to civil liability for the following actions undertaken by its employees:
(a) Making a determination under the Privacy Act and Secs. 401.65 and 401.70 not to amend an individual's record in accordance with his or her request, or failing to make such review in conformity with those provisions;
(b) Refusing to comply with an individual's request for notification of or access to a record pertaining to him or her;
(c) Failing to maintain any record pertaining to any individual with such accuracy, relevance, timeliness, and completeness as is necessary to assure fairness in any determination relating to the qualifications, character, rights, or opportunities of, or benefits to the individual that may be made on the basis of such a record, and consequently makes a determination which is adverse to the individual; or
(d) Failing to comply with any other provision of the Act or any rule promulgated thereunder, in such a way as to have an adverse effect on an individual.
(3) An employee may be personally subject to criminal liability as set forth below and in 5 U.S.C. 552a (i):
(a) Willful disclosure. Any officer or employee of SSA, who by virtue of his employment or official position, has possession of, or access to, agency records which contain individually identifiable information the disclosure of which is prohibited by the Privacy Act or by rules or regulations established thereunder, and who, knowing that disclosure of the specific material is so prohibited, willfully discloses the material in any manner to any person or agency not entitled to receive it, shall be guilty of a misdemeanor and may be fined not more than $5,000.
(b) Notice requirements. Any officer or employee of SSA who willfully maintains a system of records without meeting the notice requirements [of the Privacy Act] shall be guilty of a misdemeanor and may be fined not more than $5,000.
(c) Rules governing employees not working with systems of records. Employees whose duties do not involve working with systems of records will not generally disclose to any one, without specific authorization from their supervisors, records pertaining to employees or other individuals which by reason of their official duties are available to them. Notwithstanding the above, the following records concerning Federal employees are a matter of public record and no further authorization is necessary for disclosure:
(1) Name and title of individual.
(2) Grade classification or equivalent and annual rate of salary.
(3) Position description.
In addition, employees shall disclose records which are listed in SSA's Freedom of Information Regulation as being available to the public. Requests for other records will be referred to the responsible SSA Freedom of Information Officer. This does not preclude employees from discussing matters which are known to them personally, and without resort to a record, to official investigators of Federal agencies for official purposes such as suitability checks, Equal Employment Opportunity investigations, adverse action proceedings, grievance proceedings, etc.
(d) Rules governing employees whose duties require use or reference to systems of records. Employees whose official duties require that they refer to, maintain, service, or otherwise deal with systems of records (hereinafter referred to as ``Systems Employees'') are governed by the general provisions. In addition, extra precautions are required and systems employees are held to higher standards of conduct.
(1) Systems Employees shall:
(a) Be informed with respect to their responsibilities under the Privacy Act;
(b) Be alert to possible misuses of the system and report to their supervisors any potential or actual use of the system which they believe is not in compliance with the Privacy Act and regulation;
(c) Disclose records within SSA only to an employee who has a legitimate need to know the record in the course of his or her official duties;
(d) Maintain records as accurately as practicable.
(e) Consult with a supervisor prior to taking any action where they are in doubt whether such action is in conformance with the Act and regulation.
(2) Systems employees shall not:
(a) Disclose in any form records from a system of records except (1) with the consent or at the request of the subject individual; or (2) where its disclosure is permitted under Sec. 401.110.
(b) Permit unauthorized individuals to be present in controlled areas. Any unauthorized individuals observed in controlled areas shall be reported to a supervisor or to the guard force.
(c) Knowingly or willfully take action which might subject SSA to civil liability.
(d) Make any arrangements for the design, development, or operation of any system of records without making reasonable effort to provide that the system can be maintained in accordance with the Act and regulation.
(e) Contracting officers. In addition to any applicable provisions set forth above, those employees whose official duties involve entering into contracts on behalf of SSA shall also be governed by the following provisions:
(1) Contracts for design, or development of systems and equipment. The contracting officer shall not enter into any contract for the design or development of a system of records, or for equipment to store, service or maintain a system of records unless the contracting officer has made reasonable effort to ensure that the product to be purchased is capable of being used without violation of the Privacy Act or the regulations in this part. He shall give special attention to provision of physical safeguards.
(2) Contracts for the operation of systems of records. The Contracting Officer, in conjunction with other officials whom he feels appropriate, shall review all proposed contracts providing for the operation of systems of records prior to execution of the contracts to determine whether operation of the system of records is for the purpose of accomplishing a Department function. If it is determined that the operation of the system is to accomplish an SSA function, the contracting officer shall be responsible for including in the contract appropriate provisions to apply the provisions of the Privacy Act and regulation to the system, including prohibitions against improper release by the contractor, his employees, agents, or subcontractors.
(3) Other service contracts. Contracting officers entering into general service contracts shall be responsible for determining the appropriateness of including provisions in the contract to prevent potential misuse (inadvertent or otherwise) by employees, agents, or subcontractors of the contractor.
(f) Rules governing SSA officials responsible for managing systems of records. In addition to the requirements for Systems Employees, SSA officials responsible for managing systems of records as described in Sec. 401.40(c) (system managers) shall:
(1) Respond to all requests for notification of or access, disclosure, or amendment of records in a timely fashion in accordance with the Privacy Act and regulation;
(2) Make any amendment of records accurately and in a timely fashion;
(3) Inform all persons whom the accounting records show have received copies of the record prior to the amendments of the correction; and
(4) Associate any statement of disagreement with the disputed record, and
(a) Transmit a copy of the statement to all persons whom the accounting records show have received a copy of the disputed record, and
(b) Transmit that statement with any future disclosure. [62 FR 4143, Jan. 29, 1997, as amended at 72 FR 69617, Dec. 10, 2007]