U.S. flag An official website of the United States government
  1. Home
  2. Regulatory Information
  3. Freedom of Information
  4. Privacy Act
  5. 09-10-0018 Employee Identification Card Information Records, HHS/FDA/OC
  1. Privacy Act

09-10-0018 Employee Identification Card Information Records, HHS/FDA/OC

System name:

Employee Identification Card Information Record, HHS/FDA/OC.

Security classification:


System location:

Personal Property Management Section, Services Unit (HFA–227), 5600 Fishers Lane, Rockville, MD 20857

Metropolitan Office Services Unit (HFA–216), 200 C Street, SW, Washington, DC 20204

Physical Security Staff (HFA-204), 7500 Standish Place, MPN, Rm. N-378, Rockville, MD 20855.

Administrative Branch at Field/District Offices. For the location of Field/District Offices, see appendix A to system notice 09–10–0002, Regulated Industry Employee Enforcement Records, HHS/FDA/OC.

Categories of individuals covered by the system:

Approximately 8,000 FDA employees.

Categories of records in the system:

Contains name, mail routing code, office telephone number, building, room number, birthdate, sex, identification photograph, height, weight, color of eyes, color of hair, and type of appointment.

Authority for maintenance of the system:

40 U.S.C. 471, et seq; Management and Disposal of Government Property Act.


The system is designed to maintain a record of all holders of FDA identification cards and security card keys, Forms HHS 576 (FDA employees only) FDA 2923, and FDA 3391, for renewal and recovery purposes and to identify numbers of lost or stolen cards. The system may also be used at FDA Headquarters to locate employees whose names have not been entered in the FDA locator system.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses: 1

1. Disclosure may be made to a Congressional office from the record of an individual in response to an inquiry from the Congressional office made at the request of that individual.

2. The Department of Health and Human Services (HHS) may disclose information from this system of records to the Department of Justice, or to a court or other tribunal, when

(a) HHS, or any component thereof; or

(b) Any HHS employee in his or her official capacity; or

(c) Any HHS employee in his or her individual capacity where the Department of Justice (or HHS, where it is authorized to do so) has agreed to represent the employee; or

(d) The United States or any agency thereof where HHS determines that the litigation is likely to affect HHS or any of its components,

is a party to litigation or has an interest in such litigation, and HHS determines that the use of such records by the Department of Justice, the court or other tribunal, is relevant and necessary to the litigation and would help in the effective representation of the governmental party, provided, however, that in each case, HHS determines that such disclosure is compatible with the purpose for which the records were collected.

3. Disclosure may be made to appropriate Federal agencies and Department contractors that have a need to know the information for the purpose of assisting the Department’s efforts to respond to a suspected or confirmed breach of the security or confidentiality of information maintained in this system of records, and the information disclosed is relevant and necessary for that assistance.

4. Disclosure may be made to the National Archives and Records Administration and/or the General Services Administration for the purpose of records management inspections conducted under authority of 44 U.S.C. 2904 and 2906.

5. Disclosure may be made to contractors and other persons who perform services for the agency related to this system of records and who need access to the records to perform those services. Recipients shall be required to comply with the requirements of the Privacy Act of 1974, as amended, 5 U.S.C. 552a.

6. When a record on its face, or in conjunction with other records, indicates a violation or potential violation of law, whether civil, criminal, or regulatory in nature, disclosure may be made to the appropriate public authority, whether federal, foreign, state, local, or tribal, or otherwise, responsible for enforcing, investigating or prosecuting such violation, if the information disclosed is relevant to the responsibilities of the agency or public authority.

7. In the event HHS/FDA deems it desirable or necessary, in determining whether particular records are required to be disclosed under the Freedom of Information Act, disclosure may be made to the Department of Justice for the purpose of obtaining its advice.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:


Forms filed in folders in a locked filing cabinet. Computer tapes and discs stored in a locked safe.


Information is filed and retrieved by name and date of birth.


1. Authorized users: Authorized FDA personnel whose official duties require access for issuance, renewal, retrieval, and location purposes.

2. Physical safeguards: Records are kept in locked file cabinets and on minicomputers at Headquarters and are maintained in secured areas. Computer discs and tapes are stored in locked safes.

3. Procedural (or technical) safeguards: Computer software providing restricted commands.

4. Implementation guidelines: Safeguards are established in accordance with Chapter 45–13 and PHS hf:45–13 of the Department's General Administration Manual and Part 6 of the Department's ADP Systems Manual.

Retention and disposal:

Records are maintained as long as the cards are valid. Computer tapes are erased immediately upon termination of employment and inactive forms are destroyed after 6 months by shredding.

System manager(s) and address:

Chief, Administrative Services Branch (HFA–210), 5600 Fishers Lane, Rockville, MD 20857.

Chief, Physical Security Staff (HFA–204), 7500 Standish Place, MPN II, Rm. N-378, Rockville, MD 20855.

Notification procedure:

An individual may learn if a record exists about him or her upon written request, with notarized signature if request is made by mail, or with identification if request is made in person, directed to:

FDA Privacy Act Coordinator (HFI–30), Food and Drug Administration, 5600 Fishers Lane, Rockville, MD 20857

Record access procedures:

Same as notification procedure. Requesters should also reasonably specify the record contents being sought, and provide any other names officially used during period of employment. You may also request an accounting of disclosures that have been made of your record, if any.

Contesting record procedures:

Contact the official at the address specified under notification procedure above and reasonably identify the record, specify the information being contested, the corrective action sought, and your reasons for requesting the correction, along with supporting information to show how the record is inaccurate, incomplete, untimely, or irrelevant.

Record source categories:

Individual on whom the record is maintained.

Systems exempted from certain provisions of the act:



 1 In a June 27, 2014 Federal Register Notice FDA added certain standard routine uses to this and other FDA SORNs. The Federal Register Notice of this action describes the routine uses in more detail and is available online at http://www.gpo.gov/fdsys/pkg/FR-2014-06-27/pdf/2014-15022.pdf. The routine uses added to this SORN appear as routine uses number 3 through 7 below.


Back to Top