e-CFR Navigation Aids


Simple Search

Advanced Search

 — Boolean

 — Proximity


Search History

Search Tips


Latest Updates

User Info


Agency List

Incorporation By Reference

eCFR logo

Related Resources

Electronic Code of Federal Regulations

We invite you to try out our new beta eCFR site at https://ecfr.federalregister.gov. We???ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the Help button on the bottom right of each page!

e-CFR data is current as of July 31, 2020

Title 29Subtitle BChapter XX → Part 2400

Title 29: Labor


§2400.1   Purpose and scope.
§2400.2   Description of agency.
§2400.3   Delegation of authority.
§2400.4   Collection and disclosure of personal information.
§2400.5   Notification.
§2400.6   Procedures for requesting records.
§2400.7   Special procedures for requesting medical records.
§2400.8   Procedures for requesting amendment.
§2400.9   Procedures for appealing.
§2400.10   Schedule of fees.

Authority: 5 U.S.C. 552a(f); 5 U.S.C. 553.

Source: 71 FR 57421, Sept. 29, 2006, unless otherwise noted.

return arrow Back to Top

§2400.1   Purpose and scope.

The purpose of the provisions of this part is to provide procedures to implement the Privacy Act of 1974 (5 U.S.C. 552a). This part is applicable only to records that are maintained by the Occupational Safety and Health Review Commission (OSHRC or the Commission), which includes all systems of records operated on behalf of OSHRC, pursuant to a contract, to accomplish an agency function, except for records that are disclosed to consumer reporting agencies under section 3711(e) of title 31, United States Code. This part is not applicable to the rights of parties appearing in adversary proceedings before the Commission to obtain discovery from an adverse party. Such matters are governed by the Commission's Rules of Procedure, which are published at 29 CFR 2200.1 et seq.

return arrow Back to Top

§2400.2   Description of agency.

The Commission adjudicates contested enforcement actions under the Occupational Safety and Health Act of 1970 (29 U.S.C. 651-677). Decisions of the Commission on such actions are issued only after the parties to the case are afforded an opportunity for a hearing in accordance with section 554 of title 5, United States Code. All such hearings are conducted by an OSHRC Administrative Law Judge at a place convenient to the parties and are open to the public. Each Commission member has the authority to direct that a decision of a Judge be reviewed by the full Commission before becoming a final order. The President designates one of the Commissioners as Chairman, who is responsible on behalf of the Commission for the administrative operations of the Commission.

return arrow Back to Top

§2400.3   Delegation of authority.

(a) The Chairman shall designate an OSHRC employee as the Privacy Officer, and shall delegate to the Privacy Officer the authority to ensure agency-wide compliance with this part.

(b) Custodians of the systems of records are responsible for the following:

(1) Adhering to this part within their respective units and, in particular, collecting, using and disclosing records, and affording individuals the right to inspect, obtain copies of and correct records concerning them;

(2) Reporting the existence of systems of records, changes to the contents of those systems and changes of routine use to the Privacy Officer, and also establishing the relevancy of records within those systems; and

(3) Maintaining an accurate accounting of each disclosure in conformance with §2400.4(c) of this part.

return arrow Back to Top

§2400.4   Collection and disclosure of personal information.

(a) The following rules govern the collection of personal information throughout OSHRC operations:

(1) OSHRC shall:

(i) Solicit, collect and maintain in its records only such personal information as is relevant and necessary to accomplish a purpose required by statute or executive order;

(ii) Maintain all records which are used by OSHRC in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to ensure fairness to the individual in the determination;

(iii) Collect information, to the greatest extent practicable, directly from the subject individual when such information may result in adverse determinations about an individual's rights, benefits or privileges under Federal programs; and

(iv) Inform any individual requested to disclose personal information whether that disclosure is mandatory or voluntary, by what authority it is solicited, the principal purposes for which it is intended to be used, the routine uses which may be made of it, and any penalties or consequences known to OSHRC which shall result to the individual from such non-disclosure.

(2) OSHRC shall not discriminate against any individual who fails to provide personal information unless that information is required or necessary for the conduct of the system or program in which the individual desires to participate. See §2400.4(a)(1)(i).

(3) No record shall be collected or maintained which describes how any individual exercises rights guaranteed by the First Amendment unless the Commission specifically determines that such information is relevant and necessary to carry out a statutory purpose of OSHRC, and the collection or maintenance of the record is expressly authorized by statute or by the individual about whom the record is maintained, or unless the record is pertinent to and within the scope of an authorized law enforcement activity.

(4) OSHRC shall not require disclosure of any individual's Social Security account number or deny a right, privilege or benefit because of the individual's refusal to disclose the number unless disclosure is required by Federal law.

(b) Disclosures—(1) Limitations. OSHRC shall not disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains.

(2) Exceptions. A record may be disseminated without satisfying the requirements of paragraph (b)(1) of this section if disclosure is made:

(i) To a person pursuant to a requirement of the Freedom of Information Act (5 U.S.C. 552);

(ii) To those officers and employees of OSHRC who have a need for the record in the performance of their duties;

(iii) For a routine use as contained in the system notices published in the Federal Register;

(iv) To a recipient who has provided OSHRC with adequate advance written assurance that the record shall be used solely as a statistical reporting or research record, and the record is to be transferred in a form that is not personally identifiable;

(v) To the Bureau of the Census for purposes of planning or carrying out a census or survey or related activity pursuant to the provisions of title 13, United States Code;

(vi) To the National Archives and Records Administration as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government, or for evaluation by the Archivist of the United States or the designee of the Archivist to determine whether the record has such value;

(vii) To a person pursuant to a showing of compelling circumstances affecting the health or safety of an individual, if upon such disclosure notification is transmitted to the last known address of such individual;

(viii) To another agency or an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity, if such activity is authorized by law and if the head of the agency or instrumentality has made a written request to OSHRC specifying the particular portion of the record desired and the law enforcement activity for which the record is sought;

(ix) To either House of Congress, or, to the extent of matter within its jurisdiction, any committee or subcommittee thereof, or any joint committee of Congress or subcommittee of any such joint committee;

(x) To the Comptroller General or any of his authorized representatives in the course of the performance of the duties of the Government Accountability Office;

(xi) Pursuant to the order of a court of competent jurisdiction; or

(xii) To a consumer reporting agency in accordance with section 3711(e) of title 31, United States Code.

(3) Employee credit references. OSHRC's Office of Administration shall verify the following information provided by an employee to a credit bureau or commercial firm from which an employee is seeking credit: Length of service, job title, grade, salary, tenure of employment, and Civil Service status.

(4) Employee job references. Prospective employers of an OSHRC employee or a former OSHRC employee may be furnished with the information in paragraph (b)(3) of this section in addition to the date and reason for separation, if applicable, upon the request of the employee or former employee.

(5) Disclosures to third parties. Prior to disseminating any record about an individual to any person other than an agency, unless the record is disseminated pursuant to paragraph (b)(2)(i) of this section, OSHRC shall make reasonable efforts to ensure that the record is accurate, complete, timely and relevant.

(6) Anticipated legal action. Nothing in this section shall allow an individual access to any information compiled in reasonable anticipation of a civil action or proceeding.

(c) Accounting of disclosures—(1) OSHRC shall maintain an accurate accounting of each disclosure, except for any disclosure made pursuant to paragraphs (b)(2)(i) and (b)(2)(ii) of this section.

(2) When an accounting is required under paragraph (c)(1) of this section, the following information shall be recorded: The date, nature, and purpose of each disclosure of a record to any person or to another agency, and the name and address of the person or agency to whom the disclosure is made.

(3) The accounting shall be maintained for at least five (5) years after disclosure or for the life of the record, whichever is longer.

(4) The accounting shall be made available to the individual named in the record upon inquiry, except for disclosures made pursuant to paragraph (b)(2)(viii) of this section relating to law enforcement activities. See §2400.6 for suggested form of request.

return arrow Back to Top

§2400.5   Notification.

(a) Notification of systems. The following procedures permit individuals to determine the types of systems of records maintained by OSHRC.

(1) Upon written request, OSHRC shall notify any individual whether a specific system named by him contains a record pertaining to him. See §2400.6 for suggested form of request.

(2) Upon establishing or revising a system of records, OSHRC shall publish in the Federal Register a notice of the existence and character of the system of records. This notice shall contain the following information:

(i) System name and location;

(ii) Security classification;

(iii) Categories of individuals covered by the system;

(iv) Categories of records in the system;

(v) Authority for maintenance of the system;

(vi) Purpose(s) of the system;

(vii) Routine uses of records maintained in the system, including categories of users and the purpose(s) of such uses;

(viii) Disclosures to consumer reporting agencies;

(ix) Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system;

(x) System manager(s) and address;

(xi) Procedures by which an individual can be informed whether a system contains a record pertaining to himself, gain access to such record, and contest the content, accuracy, completeness, timeliness, relevance and necessity for retention of the record;

(xii) Record source categories; and

(xiii) Exemptions claimed for the system.

(3) OSHRC shall submit a report, in accordance with guidelines provided by the Office of Management and Budget (OMB), in order to give advance notice to the Committee on Government Reform of the House of Representatives, the Committee on Homeland Security and Governmental Affairs of the Senate, and OMB of any proposal to establish a new system of records or to significantly change an existing system of records.

(b) Notification of disclosure. OSHRC shall make reasonable efforts to serve notice on an individual before any record pertaining to the individual is made available to any person under compulsory legal process when such process becomes a matter of public record.

(c) Notification of amendment—(1) OSHRC shall inform any person or other agency about any correction or notation of dispute made by OSHRC to any record that has been disclosed to the person or agency, if the correction or notation was made pursuant to §2400.8, and an accounting of the disclosure was made pursuant to §2400.4(c).

(2) In any disclosure to a person or other agency containing information about which the individual has filed a statement of disagreement and occurring after the statement was filed, OSHRC shall clearly note any portion of the record which is disputed and provide copies of the statement and, if OSHRC deems appropriate, copies of a concise statement of OSHRC's reasons for not making the requested amendments.

(d) Notification of new routine use. Any new or revised routine use of a system of records maintained by OSHRC shall be published in the Federal Register thirty (30) days before such use becomes operational. Interested persons may then submit written data, views, or arguments to OSHRC.

(e) Notification of exemptions. OSHRC shall publish in the Federal Register its intent to exempt any system of records and shall specify the nature and purpose of that system.

return arrow Back to Top

§2400.6   Procedures for requesting records.

The purpose of this section is to provide procedures by which an individual may gain access to his records.

(a) Submission of requests for access—(1) Manner. An individual seeking information regarding the contents of records systems or access to records about himself in a system of records should present a written request to that effect either in person or by mail to the Privacy Officer, OSHRC, One Lafayette Centre, 1120-20th Street, NW., Ninth Floor, Washington, DC 20036-3457.

(2) Specification of records sought. Requests for access to records shall describe the nature of the record sought, the approximate dates covered by the record, and the system in which the record is thought to be included as described in the “Notification” for that system as published in the Federal Register. The requester should also indicate whether he wishes to review the record in person or obtain a copy by mail. If the information supplied is insufficient to locate or identify the record, the requester shall be notified promptly and, if necessary, informed of additional information required.

(3) Period for response. Upon receipt of an inquiry the Privacy Officer shall respond promptly to the request and no later than 10 working days from receipt of such inquiry.

(b) Verification of identity. The following standards are applicable to any individual who requests records concerning himself:

(1) An individual seeking access to records about himself in person may establish his identity by the presentation of a single document bearing a photograph (such as a passport, employee identification card, or valid driver's license) or by the presentation of two items of identification which do not bear a photograph but do bear both a name and address (such as a valid driver's license, or credit card).

(2) An individual seeking access to records about himself by mail shall establish his identity by a signature, address, date of birth, place of birth, employee identification number, if any, and one other identifier such as a photocopy of an identifying document.

(3) An individual seeking access to records about himself by mail or in person who cannot provide the necessary documentation of identification may provide a notarized statement, or a declaration in accordance with 28 U.S.C. 1746, swearing or affirming to his identity and to the fact that he understands the penalties for false statements pursuant to 18 U.S.C. 1001. Forms for notarized statements may be obtained on request from the Privacy Officer.

(c) Verification of guardianship. The parent or guardian of a minor or a person judicially determined to be incompetent and seeking to act on behalf of such minor or incompetent shall, in addition to establishing his own identity, establish the identity of the minor or other person he represents as required in paragraph (b) of this section and establish his own parentage or guardianship of the subject of the record by furnishing either a copy of a birth certificate showing parentage or a court order establishing the guardianship.

(d) Accompanying persons. An individual seeking to review records about himself may be accompanied by another individual of his own choosing. Both the individual seeking access and the individual accompanying him shall be required to sign a form provided by OSHRC indicating that OSHRC is authorized to discuss the contents of the subject record in the presence of both individuals.

(e) When compliance is possible—(1) The Privacy Officer shall inform the requester of the determination to grant the request and shall make the record available to the individual in the manner requested, that is, either by forwarding a copy of the information to him or by making it available for review, unless:

(i) It is impracticable to provide the requester with a copy of a record, in which case the requester shall be so notified, and, in addition, be informed of the procedures set forth in paragraph (b) of this section, or

(ii) The Privacy Officer has reason to believe that the cost of a copy of a record is considerably more expensive than anticipated by the requester, in which case he shall notify the requester of the estimated cost, and ascertain whether the requester still wishes to be provided with a copy of the information.

(2) Where a record is to be reviewed by the requester in person, the Privacy Officer shall inform the requester in writing of:

(i) The date on which the record shall become available for review, the location at which it may be reviewed, and the hours for inspection;

(ii) The type of identification that shall be required in order for him to review the record;

(iii) Such person's right to have a person of his own choosing accompany him to review the record; and

(iv) Such person's right to have a person other than himself review the record.

(3) If the requester seeks to inspect the record without receiving a copy, he shall not leave OSHRC premises with the record and shall sign a statement indicating he has reviewed a specific record or category of record.

(f) Response when compliance is not possible. A reply denying a written request to review a record shall be in writing signed by the Privacy Officer and shall be made only if such a record does not exist or does not contain personal information relating to the requester, or is exempt. This reply shall include a statement regarding the determining factors of denial, and the requester's rights to administrative appeal and thereafter judicial review in a district court of the United States.

return arrow Back to Top

§2400.7   Special procedures for requesting medical records.

(a) Upon an individual's request for access to his medical records, including psychological records, the Privacy Officer shall make a preliminary determination on whether access to such records could have an adverse effect upon the requester. If the Privacy Officer determines that access could have an adverse effect on the requester, OSHRC shall notify the requester in writing and advise that the records at issue can be made available only to a physician of the requester's designation. Upon receipt of such designation, verification of the identity of the physician, and agreement by the physician to review the documents with the requesting individual, to explain the meaning of the documents, and to offer counseling designed to temper any adverse reaction, OSHRC shall forward such records to the designated physician.

(b) If, within sixty (60) days of OSHRC's written request for a designation, the requester has failed to respond or designate a physician, or the physician fails to agree to the release conditions, then OSHRC shall hold the documents in abeyance and advise the requester that this action may be construed as a technical denial. OSHRC shall also advise the requester of his rights to administrative appeal and thereafter judicial review in a district court of the United States.

return arrow Back to Top

§2400.8   Procedures for requesting amendment.

(a) Submission of requests for amendment. Upon review of an individual's personal record, that individual may submit a request to amend such record. This request shall be submitted in writing to the Privacy Officer and shall include a statement of the amendment requested and the reasons for such amendment, e.g., relevance, accuracy, timeliness or completeness of the record.

(b) Action to be taken by the Privacy Officer. Upon receiving an amendment request, the Privacy Officer shall promptly:

(1) Acknowledge in writing within ten (10) working days the receipt of the request;

(2) Make such inquiry as is necessary to determine whether the amendment is appropriate; and

(3) Correct or eliminate any information that is found to be incomplete, inaccurate, irrelevant to a statutory purpose of OSHRC, or untimely and notify the requester when this action is complete; or

(4) Notify the requester of a determination not to amend the record, of the reasons for the refusal, and of the requester's right to appeal in accordance with §2400.9.

return arrow Back to Top

§2400.9   Procedures for appealing.

(a) Submission of appeal—(1) If a request to inspect, copy or amend a record is denied, in whole or in part, or if no determination is made within the period prescribed by this part, then the requester may appeal to the Chairman, Attn: Privacy Appeal, OSHRC, One Lafayette Centre, 1120-20th Street, NW., Ninth Floor, Washington, DC 20036-3457.

(2) The requester shall submit his appeal in writing within thirty (30) days of the date of denial, or within ninety (90) days of such request if the appeal is from a failure of the Privacy Officer to make a determination. The letter of appeal should include, as applicable:

(i) Reasonable identification of the record to which access was sought or the amendment of which was requested.

(ii) A statement of the OSHRC action or failure to act being appealed and the relief sought.

(iii) A copy of the request, the notification of denial and any other related correspondence.

(b) Final decisions. The Chairman shall make his final decision not later than thirty (30) working days from the date of the request, unless he extends the time for good cause to be shown by him but not to exceed ninety (90) days from the date of the request. Any record found on appeal to be incomplete, inaccurate, irrelevant, or untimely, shall within thirty (30) working days of the date of such findings be appropriately amended.

(c) Decision requirements. The decision of the Chairman constitutes the final decision of OSHRC on the right of the requester to inspect, copy, change or update a record. The decision on the appeal shall be in writing and, in the event of a denial, shall set forth the reasons for such denial and state the individual's right to obtain judicial review in a district court of the United States. An indexed file of the agency's decisions on appeal shall be maintained by the Privacy Officer.

(d) Submission of statement of disagreement. If the final decision does not satisfy the requester, then any statement of reasonable length, provided by that individual, setting forth a position regarding the disputed information, shall be accepted and included in the relevant record.

return arrow Back to Top

§2400.10   Schedule of fees.

(a) Policy. The purpose of this section is to establish fair and equitable fees to permit reproduction of records for concerned individuals.

(b) Reproduction—(1) For the fees associated with reproduction of records, refer to Appendix A to part 2201, Schedule of Fees.

(2) OSHRC shall not normally furnish more than one copy of any record.

(c) Limitations. No fee shall be charged to any individual for the process of retrieving, reviewing, or amending records.

return arrow Back to Top

Need assistance?