In accordance with 32 CFR part 310, it is NGB's policy that:
(a) Personal information contained in any SOR maintained by any NGB organization will be safeguarded to the extent authorized by 5 U.S.C. 552a, Appendix I of Office of Management and Budget Circular No. A-130, and any other applicable legal requirements.
(b) NGB will collect, maintain, use, and disseminate personal information only when it is relevant and necessary to achieve a purpose required by a statute or Executive Order.
(c) NGB will collect personal information directly from the individuals to whom it pertains to the greatest extent possible and will provide individuals a PAS at the time of collection when the information being collected will be filed and/or retrieved by the subject's name or other unique identifier. The PAS will contain the following elements, as required by 5 U.S.C. 552a:
(1) The statutory authority or Executive Order that allows for the solicitation,
(2) The intended use/purpose that will be made of the information collected,
(3) The routine uses that may be made of the information collected; and
(4) Whether it is mandatory or voluntary for the individual to disclose the requested information and the non-punitive effects on the individual for not providing all or any part of the requested information. Collection can only be mandatory if the statutory authority or Executive Order cited provides a penalty for not providing the information.
(d) NGB offices maintaining records and information about individuals will ensure that such data is protected from unauthorized access, use, dissemination, disclosure, alteration, and/or destruction. Offices will establish safeguards to ensure the security of personal information is protected from threats or hazards that might result in substantial harm, embarrassment, inconvenience, or unfairness to the individual using guidelines found in 32 CFR part 310, subpart B, 32 CFR part 310, appendix A, and DoD Manual (DoDM) 5200.01, Volume 4, entitled ``DoD Information Security Program: Controlled Unclassified Information (CUI).'' (Available at http://www.dtic.mil/whs/ directives/corres/pdf/520001_vol4.pdf)
(e) NGB offices shall permit individuals to access and have a copy of all or any portion of records about them, unless an exemption for the system has been properly established (see 5 U.S.C. 552a, 32 CFR part 310, subparts D and F, and Sec. 329.7 of this part). Individuals requesting access to their record will also receive concurrent consideration under 5 U.S.C. 552 and 32 CFR part 286.
(f) NGB offices will permit individuals an opportunity to request that records about them be corrected or amended (see 5 U.S.C. 552a, 32 CFR part 310, subpart D, and Sec. 329.6 of this part).
(g) Any records about individuals that are maintained by the NGB will be maintained with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual before making any determination about the individual or before making the record available to any recipient pursuant to a routine use.
(h) NGB will keep no record that describes how individuals exercise their rights guaranteed by the First Amendment, unless expressly authorized by statute or by the individual to whom the records pertain, or is pertinent to and within the scope of an authorized law enforcement activity.
(i) NGB will notify individuals whenever records pertaining to them are made available under compulsory legal processes, if such process is a matter of public record.
(j) NGB will assist individuals in determining what records pertaining to them are being collected, maintained, used, or disseminated.
(k) NGB offices and personnel, including contractors, maintaining and having access to records and information about individuals will manage them and conduct themselves so as to avoid the civil liability and criminal penalties provided for under 5 U.S.C. 552a.