Regulatory Information

Privacy Act

FDA is pleased to provide the following materials regarding the Agency's privacy program.

How to Make a Privacy Act Request
Privacy Program Resources
Privacy Impact Assessments (PIAs)
Privacy Act Records & Applicable System of Records Notices (SORNs)
FDA Systems Containing Privacy Act Records & Applicable System of Records Notices (SORNs)
FDA Privacy Act Systems of Records Notices (SORNs)
Department of Health and Human Services (HHS) SORNs
Rescinded FDA SORNs
Government-Wide SORNs
FDA Exempt Systems

 

How to Make a Privacy Act Request

Please see the FDA's Privacy Regulations for a detailed description on how to submit a Privacy Act Request.

Privacy Program Resources

Privacy Impact Assessments (PIAs)

A PIA is a decision-making tool used to identify and mitigate privacy risks at the beginning of and throughout the development life cycle of a program or system. It helps the public understand what personally identifiable Information (PII) the Department is collecting, why it is being collected, and how it will be used, shared, accessed, secured and stored.

Approved PIAS are published on the HHS Privacy Impact Assessment.

Approved Third-Party Website and Applications PIAs are published on the HHS Privacy Impact Assessment.

Privacy Act Records & Applicable System of Records Notices (SORNs)

Privacy Act Systems of Records Notices (SORNs) describe government records subject to the Privacy Act, relevant use and disclosure practices, and record access and amendment procedures. The Privacy Act requires agencies to publish SORNs in the Federal Register and make them available online. SORNs specific to FDA records that are subject to the Privacy Act are listed below.

FDA also maintains Privacy Act records covered by SORNs published by the Department of Health and Human Services (HHS) or other federal agencies and which are, respectively, HHS-wide and/or government-wide in scope. These SORNs address information collection activities that are common within HHS and across government (e.g., human resources records, for which publication of individual agency SORNs would be duplicative). SORNs for HHS systems are available online at http://www.hhs.gov/foia/privacy/sorns.html. Likewise, SORNs published by agencies outside HHS and which apply to records across the federal government are available line at http://dpclo.defense.gov/Privacy/SORNsIndex/GovernmentWideNotices.aspx. HHS-wide and government-wide SORNs that apply to FDA records are listed below.

In a June 27, 2014 Federal Register Notice FDA added certain standard “routine uses” to the Agency’s remaining SORNs. These added routine uses provide for appropriate disclosures of records to contract employees, to recordkeeping authorities, to law enforcement authorities when a record indicates a violation of law, to the U.S. Department of Justice in the course of obtaining Freedom of Information Act guidance, and to relevant offices and organizations in the course of responding to security breaches. These routine uses are described in more detail in the June 27, 2014 Notice available online at http://www.gpo.gov/fdsys/pkg/FR-2014-06-27/pdf/2014-15022.pdf.

FDA Systems Containing Privacy Act Records & Applicable System of Records Notices (SORNs)

The following FDA systems contain Privacy Act records. The list cites the FDA, HHS and/or Government-wide SORNs that apply to each system. Those SORNs are listed in another section below which links to the full content of each SORN.

FDA Privacy Act Systems (Click to see list)

CDRH
  • CDRH Pathlore Learning Management System (LMS). SORN OPM/GOVT-1, General Personnel Records, OPM and SORN 09-90-0021, Training Management Information System, HHS/OS/ASPER.
CFSAN
  • CFSAN Integrated Centralized Execution Platform (InCEP). SORN OPM/GOVT-1, General Personnel Records, OPM.
  • CFSAN Salesforce (C-FORCE). SORN OPM/GOVT-1, General Personnel Records, OPM.
CTP
  • CTP Integrated Centralized Execution Platform (InCEP). SORN OPM/GOVT-1, General Personnel Records, OPM.
  • CTP Integrated Centralized Execution Platform (InCEP) – Stakeholder Relationship Management System (SRMS). SORN 09-10-0004 Communications (Oral and Written) With the Public, HHS/FDA/OC and SORN OPM/GOVT-1, General Personnel Records, OPM.
CDER
  • CDER Continuing Education/ ORISE Project System. SORN OPM/GOVT-1, General Personnel Records, OPM.
OC
  • OC AdminApps: Communications Applications – Correspondence. SORN 09-10-0004 Communications (Oral and Written) with the Public, HHS/FDA/OC.
  • OC AdminApps: Communications Applications – Records and Case Management. SORN 09-10-0004 Communications (Oral and Written) with the Public, HHS/FDA/OC.
  • OC AdminApps: EASE and Related Applications – Enterprise Administrative Support Environment (EASE). SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: EASE and Related Applications – Contractor Management. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: EASE and Related Applications – eArrive. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: EASE and Related Applications – eDepart. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: EASE and Related Applications – Help Desk. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: EASE and Related Applications – Security. SORN OPM/GOVT-1, General Personnel Records, OPM and SORN 09-90-0777, Facility and Resource Access Control Records, HHS.
  • OC AdminApps: Ethics Applications – Ethics. SORN 09-90-0008, Conflict of Interest Records, HHS/OS/ASPER and SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: FDA Advisory Committee Tracking and Reporting Systems (FACTRS). SORN 09-90-0059, Federal Advisory Committee Membership Files, HHS/OS/ASPER.
  • OC AdminApps: Freedom of Information Related Systems – Freedom of Information (FOI). SORN 09-90-0058, Freedom of Information Case Files and Correspondence Control Log, HHS/OS/ASPA/FOIA.
  • OC AdminApps: Freedom of Information Related Systems – FOI Invoicing. SORN 09-40-0012, Debt Management and Collection System, HHS/PSC/FMS and SORN 09-90-0024, Financial Transactions of HHS, Accounting and Finance Offices, HHS.
  • OC AdminApps: Internship and Fellowship Programs – Career Profiles. SORN OPM/GOVT-5, Recruiting, Examining, and Placement Records, OPM.
  • OC AdminApps: Internship and Fellowship Programs – Center for Veterinary Medicine (CVM) Applicant Student Tracking. SORN OPM/GOVT-5, Recruiting, Examining, and Placement Records, OPM.
  • OC AdminApps: Internship and Fellowship Programs – Fellowship. SORN OPM/GOVT-5, Recruiting, Examining, and Placement Records, OPM.
  • OC AdminApps: Master PIA – Awards. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: Office of Health and Constituent Affairs Tracking System. SORN 09-90-0059, Federal Advisory Committee Membership Files, HHS/OS/ASPER.
  • OC AdminApps: Office of International Programs Travel Applications – Activity Tracking. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC AdminApps: Office of International Programs Travel Applications – International Travel Management. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC EntelliTrak (OEEO). SORN 09-90-0009, Discrimination Complaints Records, HHS/OS/ASPER.
  • OC FDA Records Management Training System (FRMT). SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC Financial Reporting System (FRS). SORN 09-90-0024, Financial Transactions of HHS Accounting and Finance Offices, HHS.
  • OC iComplaints. SORN 09-90-0009, Discrimination Complaints Records, HHS/OS/ASPER and SORN EEOC/GOVT-1, Equal Employment Opportunity in the Federal Government Complaint and Appeal Records, EEOC.
  • OC Unified Talent Management Suite. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • OC User Fees System. SORN 09-10-0021, FDA User Fee System, HHS/FDA.
  • OC Consolidated Infrastructure (CI) - Enterprise Identification and Authentication (EIA). SORN 09-90-0777, Facility and Resource Access Control Records, HHS.
  • OC CI - HP Service Manager System (HPSM). SORN OPM/GOVT-1, General Personnel Records, OPM, HHS/OS/ASPER; SORN 09-90-0024, Financial Transactions of HHS Accounting and Finance Offices, HHS; and SORN 09-90-0777, Facility and Resource Access Control Records, HHS.
  • OC CI Physical and Personnel Security System (PPSS). SORN 09-10-0018, Employee Identification Card Information Records, HHS/FDA/OC and SORN 09-90-0777, Facility and Resource Access Control Records, HHS.
  • OC CI - Unified Communication Services (UCS). SORN 09-90-0001, Telephone Directory/Locator System, HHS/OS/ASMB/OMAS.
ORA
  • ORA OCI Automated Investigative Management System (AIMS) – administrative records system. SORN OPM/GOVT-1, General Personnel Records, OPM.
  • ORA OCI Automated Investigative Management System (AIMS) – investigative records system. SORN 09-10-0002, Regulated Industry Employee Enforcement Records, HHS/FDA/OC and SORN 09-10-0013, Employee Conduct Investigative Records, HHS/FDA/OM.

FDA Privacy Act Systems of Records Notices (SORNs)

Rescinded FDA SORNs

On December 8, 2014, FDA published a SORN for records regarding FDA Commissioning of State and Local Officials, HHS/FDA/ORA, System No. 09-10-0022 (79 FR 72687). This notice also deleted the following SORN which was rendered obsolete: http://www.gpo.gov/fdsys/pkg/FR-2014-12-08/pdf/2014-28634.pdf

On June 27, 2014 FDA deleted the following four System of Records Notices for record systems no longer in use. The Federal Register Notice of this deletion is available online at http://www.gpo.gov/fdsys/pkg/FR-2014-06-27/pdf/2014-15022.pdf.

  • Science Advisor Research Associate Program, HHS/FDA/ORA, System No. 09–10–0007. First published in the Federal Register, September 29, 1977 (42 FR 51922 at 52146).
  • Radiation Protection Program Personnel Monitoring System, HHS/FDA/CDRH, System No. 09–10–0008. First published in the Federal Register, September 29, 1977 (42 FR 51922 at 52147) and published as revised with updated system location and manager information, December 31, 1992 (57 FR 62828 at 62829).
  • Certified Retort Operators, HHS/FDA/CFSAN, System No. 09–10–0011. First published in the Federal Register, September 29, 1977 (42 FR 51922 at 52148) and published as revised with minor changes, December 29, 1993 (58 FR 69056).
  • Epidemiological Research Studies of the Center for Devices and Radiological Health, HHS/FDA/CDRH, System No. 09–10–0017. First published in the Federal Register, May 29, 1979 (44 FR 30765 at 30766) and republished with minor changes in December 28, 1994 (59 FR 67087).

Government-Wide SORNs

FDA Exempt Systems

Federal Register notices regarding the exemptions for the first three systems listed below are available online: Notice of Proposed Rulemaking (40 FR 41140) and Final Rule (40 FR 47406). For SORN 09-10-0020, the Proposed Rule is available here and the Final Rule is available here.

Department of Health and Human Services (HHS) SORNs

Contact FDA

Privacy Act Program

Cullen Cowley, J.D.
FDA Senior Official for Privacy
Division of Freedom of Information

Office of the Executive Secretariat, OC

5630 Fishers Lane

Room 1035

Rockville, MD 20857

Page Last Updated: 10/02/2018
Note: If you need help accessing information in different file formats, see Instructions for Downloading Viewers and Players.
Language Assistance Available: Español | 繁體中文 | Tiếng Việt | 한국어 | Tagalog | Русский | العربية | Kreyòl Ayisyen | Français | Polski | Português | Italiano | Deutsch | 日本語 | فارسی | English