Skip to main content
An official website of the United States government
CIO Council

2.5 Privacy Act (1974)

The Privacy Act (5 U.S.C. § 552a. Title 5 Government Organizations and Employees) establishes a code of fair information practices that governs the collection, maintenance, use, and dissemination of information about individuals that is maintained in systems of records by Federal agencies. A system of records is defined as a group of records under the control of an agency from which information is retrieved by the name of the individual or by some identifier assigned to the individual.

The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register. The Privacy Act prohibits the disclosure of a record about an individual from a system of records absent the written consent of the individual, unless the disclosure is pursuant to one of twelve statutory exceptions. The Act also provides individuals with a means by which to seek access to and amendment of their records and sets forth various agency record-keeping requirements.

Latest News

September 26, 2025

AI Transparency Listening Session with the White House Office of Management and Budget

The White House Office of Management and Budget (OMB) is leading a series of listening sessions to learn more from industry about their approaches to AI transparency and auditable risk management.

Artificial Intelligence
January 15, 2025

AI in Action: 5 Essential Findings from the 2024 Federal AI Use Case Inventory

This year, agencies publicly reported more than 1,700 ways they are using Artificial Intelligence (AI) to advance their missions and deliver better experiences to the public.

Artificial Intelligence
October 31, 2024

CISO Council and CDO Council Release Joint Guide on Federal Zero Trust Data Security

Today, the CISO Council and CDO Council released the Federal Zero Trust (ZT) Data Security Guide, a first-of-its-kind document and key deliverable of OMB M-22-09, Moving the U.S. Government Towards Zero Trust Cybersecurity Principles. M-22-09 charged the Federal CDO Council and Federal CISO Council to convene a cross-agency working group of data and security experts to develop a data security guide for Federal agencies.

Cybersecurity