318.5—Designations and responsibilities
(1)
Implement the Agency's Privacy Program in accordance with the specific requirements set forth in this part, 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310.
(2)
Establish procedures, as well as rules of conduct, necessary to implement this part so as to ensure compliance with the requirements of 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310.
(3)
Ensure that the DTRA Privacy Program periodically shall be reviewed by the DTRA Inspectors General or other officials, who shall have specialized knowledge of the DoD Privacy Program.
(1)
Manage activities in support of the DTRA Program oversight in accordance with part, 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310.
(2)
Provide operational support, guidance and assistance to Systems Managers for responding to requests for access/amendment of records.
(4)
Provide guidance and assistance to DTRA elements in their implementation and execution of the DTRA Privacy Program.
(5)
Prepare and submit proposed new, altered, and amended systems of records, to include submission of required notices for publication in the Federal Register consistent with this part, 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310.
(6)
Prepare and submit proposed DTRA privacy rulemaking, to include documentation for submission of the proposed rule to the Office of the Federal Register for publication. Additionally, provide required documentation for reporting to the OMB and Congress, consistent with this part, 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310.
(i)
All information requirements developed to collect and/or maintain personal data conform to DoD Privacy Act Program standards;
(ii)
Appropriate procedures and safeguards shall be developed, implemented, and maintained to protect personal information when it is stored in either a manual and/or automated system of records or transferred by electronic or non-electronic means; and
(iii)
Specific procedures and safeguards shall be developed and implemented when personal data is collected and maintained for research purposes.
(8)
Conduct reviews, and prepare and submit reports consistent with the requirements in this part, 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310, or as otherwise directed by the Defense Privacy Office.
(9)
Conduct training for all assigned and employed DTRA personnel and for those individuals having primary responsibility for DTRA Privacy Act Record Systems consistent with requirements of this part, 5 U.S.C. 552a, OMB Circular A-130, and 32 CFR part 310.
(3)
Initiate prompt, constructive management actions on agreed-upon actions identified in agency Privacy Act reports.
(1)
Ensure that all personnel who have access to information from an automated system of records during processing or who are engaged in developing procedures for processing such information are aware of the provisions of this Instruction.
(2)
Promptly notify automated system managers and the Privacy Act Officer whenever they are changes to Agency Information Technology that may require the submission of an amended system notice for any system of records.
(3)
Establish rules of conduct for Agency personnel involved in the design, development, operation, or maintenance of any automated system of records and train them in these rules of conduct.