Privacy Policy

Agency policy prescribes that all personnel will comply with the DCAA Privacy Program and the Privacy Act of 1974. Strict adherence is necessary to ensure uniformity in the implementation of the DCAA Privacy Program and create conditions that will foster public trust. It is also Agency policy to safeguard personal information contained in any system of records maintained by DCAA organizational elements and to make that information available to the individual to whom it pertains to the maximum extent practicable. The following issuances have been created to administer the DCAA Privacy Act program.

If you are a current employee and wish to obtain records pertaining to yourself, you may submit a request under the Privacy Act. Follow the same filing procedures as for FOIA requests, except that no fees are assessed for search/retrieval and review. Only reproduction costs may be assessed under the Privacy Act Requests may be requested via the Contact Us form.

If you are a former Defense Contract Audit Agency employee seeking records pertaining to you, please visit the National Personnel Records Center website for instructions how to obtain this information.

DCAA Instruction 5410.10; DCAA Privacy Act Program – This is DCAA’s instruction governing the Privacy Act of 1974. It provides policies and procedures for the Agency’s implementation of the Act and is intended to promote uniformity with the Agency. The Department of Defense has a final rule, which applies of all Agency Privacy Act records. This final rule was published in the Federal Register and may be forum at 32 CFR Part 310. Protection of Privacy and Access to and Amendment of Individual Records Under the Privacy Act of 1974.

The Privacy Act, an Employee Guide to Privacy

DCAA Privacy Impact Assessments – The Defense Contract Audit Agency (DCAA) PIA program coordinates the PIA process with DCAA, in compliance with the E-Government (E-Gov) Act of 2002, Section 208, OMB M-03-22, and DoDI 540.16.

A PIA is an analysis of how personally identifiable information (PII) is utilized to ensure data handling conforms to applicable legal, regulatory, and policy requirements regarding privacy. Additionally, a PIA determines the need, privacy risks and effects of collecting, maintaining, using and disseminating PII in electronic form as a well as examining and evaluating protections and alternative processes to mitigate potential privacy risks.

The DCAA PIA team assists information system owners and developers who collect, maintain and/or disseminate PII in demonstrating the incorporation of required protections throughout the entire life cycle of a system.

DCAA Privacy Act System Notices – This compilation is designed to offer members of the Agency, as well as members of the general public, a complete summary of DCAA records that are accessed by name, social security number, or other personal identifier. These records, known as “Privacy Act Systems of Records,” provide a detailed description of each record system to include instructions for individual access, safeguards, and purpose for the maintenance of the system. The system notices contained in this publication establish limitations and permissible practices in the collection, maintenance, dissemination, use, and disclosure of information concerning individuals by the Agency.

All notices printed herein are covered and mandated by the Privacy Act of 1974, 5 U.S.C. 552a, and have been duly published for public comment in the Federal Register prior to the collection of personal information. The notices are preceded by “Blanket Routine Uses” (See Preamble) and are followed by a listing of the DCAA official mailing address. These blanket routine uses universally apply to all DCAA systems of records and stand in addition to the routine uses established for individual systems of records.

Government-Wide Privacy Act Systems of Records Notices – Some federal agencies have responsibility for one or more systems of records which are applicable Government-wide. This negates the need for DCAA to publish a system notice if it maintains a record under Government-wide system of records notice.