Privacy Laws, Regulations, and More

Listed below are various provisions of relevant federal privacy protection laws, regulations, directives, policies, instructional letters and more for reference. This page is intended to inform the public of GSA's privacy policies and practices as they apply to GSA employees, contractors, and clients.

• The Privacy Act of 1974 (5 U.S.C. 552a)
• Department of Justice guidance on the Privacy Act
• Clinger-Cohen Act of 1996, also known as the Information Technology Management Reform Act) [PDF]
• Computer Fraud and Abuse Act of 1986 [PDF]
• Computer Matching and Privacy Protection Act of 1988
• E-Government Act of 2002 (E-GOV) [PDF]
• Federal Information Security Management Act (FISMA) of 2002 [PDF]
• Records Management
• Paperwork Reduction Act (PRA) of 1995 [PDF]
• Rehabilitation Act of 1998 Section 508

Office of Management and Budget (OMB) Guidance on the implementation of the Privacy Act and on information security:

• OMB Circular No. A-130, Appendix I, Federal Agency Responsibilities for Maintaining Records About Individuals, which establishes Privacy Act requirements and procedures;
• OMB Circular No. A-130, Appendix III, Management of Federal Information Resources, which establishes guidelines for Federal agencies on complying with the fair information practices and security requirements for operating automated information systems; and
• (M-03-22) Memorandum for Heads of Executive Departments and Agencies, OMB Guidance for Implementing the Privacy Provisions of E-Government Act of 2002.