James S. Huggins' Refrigerator Door: Click here to go to my Home Page. Privacy Protection Study Commission (PPSC) Fair Information Practices; qwerty
Privacy - - - The U-2, high altitude spy plane. My brother is a U-2 pilot - - - original photo from an unknown source

Privacy Protection Study Commission (PPSC) Fair Information Practices

The Privacy Act of 1974 created the Privacy Protection Study Commission. It's charter was to to study privacy issues and recommend future legislation.

In 1977 the Privacy Protection Study Commission (PPSC) issued its report: Personal Privacy in an Information Society .

(NB: This report is sometimes cited as Personal Privacy in an Information Age.)

The Commission concluded that the Privacy Act did not provide the benefits originally expected from its passage. It's report recommended improvements to the Privacy Act of 1974 and also recommended that the act be more vigorously enforced.

The report included a proposed revision of the Privacy Act of 1974 that clarified ambiguities, provided individuals with broader remedies, and tightened the exemptions. The Commission also recommended that Congress pass additional information privacy legislation to protect personal data held in private sector databases.

Fair Information Practices

The Center for Democracy and Technology (CDT) has a page about this report.

The CDT page notes the report included a set of voluntary Fair Information Practices (or Fair Information Principles) for employers' collecting personal data for hiring purposes and that the practices remain a useful guide for privacy in general.

In my review of the report, online, I am unable to identify the section which contains these practices as listed by CDT. In particular, I am unable to locate them in chapter 6, titled The employment Relationship

However, I have listed the practices as shown by CDT on this page below.

Privacy Protection Study Commission (PPSC) Fair Information Practices

1. Disclosures of Personal employment Data

An employer should limit external disclosures of information in records kept on individual employees, former employees, and applicants; it should also limit the internal use of such records.

2. Individual Access

A. An employer should permit individual employees, former employees, and applicants to see, copy, correct, or amend the records maintained about them, except highly restricted security records, where necessary.

B. An employer should assure that the personnel and payroll records it maintains are available internally only to authorized users and on a need-to-know basis.

3. Informing the Individual

A. An employer, prior to collecting the type of information generally collected about an applicant, employees, or other individual in connection with an employment decision, should notify him/her as to:

(1) the types of information expected to be collected;

(2) the techniques that may be used to collect such information;

(3) the types of sources that are expected to be asked;

(4) the types of parties to whom and circumstances under which information about the individual may be disclosed without his authorization, and the types of information that may be disclosed;

(5) the procedures established by statute by which the individual may gain access to any resulting record about himself;

(6) the procedures whereby the individual may correct, amend, or dispute any resulting records about himself.

B. An employer should clearly inform all its applicants upon request, and all employees automatically, of the types of disclosures it may make of information in the records it maintains on them, including disclosures of directory information, and of its procedures for involving the individual in particular disclosures.

4. Authorizing Personal Data Collection

No employer should ask, require, or otherwise induce an applicant or employee to sign any statement authorizing any individual or institution to disclose information about him, or about any other individual, unless the statement is:

(1) in plain language;

(2) dated;

(3) specific as to the individuals and institutions he is authorizing to disclose information about him;

(4) specific as to the nature of the information he is authorizing to be disclosed;

(5) specific as to the individuals or institutions to whom he is authorizing information to be disclosed;

(6) specific as to the purpose(s) for which the information may be used;

(7) specific as to its expiration date, which should be for a reasonable period of time not to exceed one year.

5. Medical Records

A. An employer that maintains an employment-related medical record about an individual should assure that no diagnostic or treatment information in any such record is made available for use in any employment decision. However, in certain limited circumstances, special medical information might be so used after informing the employee.

B. Upon request, an individual who is the subject of a medical record maintained by an employer, or another responsible person designated by the individual, should be allowed to have access to that medical record, including an opportunity to see and copy it. The employer may charge a reasonable fee for preparing and copying the record.

C. An employer should establish a procedure whereby an individual who is the subject of a medical record maintained by the employer can request correction or amendment of the record.

6. Use of Investigative Firms

each employer and agent of an employer should exercise reasonable care in the selection and use of investigative organizations, so as to assure that the collection, maintenance, use, and disclosure practices of such organizations fully protect the rights of the subject being investigated.

7. Arrest, Conviction, and Security Records

A. When an arrest record is lawfully sought or used by an employer to make a specific decision about an applicant or employee, the employer should not maintain the records for a period longer than specifically required by law, if any, or unless there is an outstanding indictment.

B. Unless otherwise required by law, an employer should seek or use a conviction record pertaining to an individual applicant or employee only when the record is directly relevant to a specific employment decision affecting the individual.

C. Except as specifically required by federal or state statute or regulation, or by municipal ordinance or regulation, an employer should not seek or use a record of arrest pertaining to an individual applicant or employee.

D. Where conviction information is collected, it should be maintained separately from other individually identifiable employment records so that it will not be available to persons who have no need of it.

e. An employer should maintain security records apart from other records.

8. General Practices

An employer should periodically and systematically examine its employment and personnel record-keeping practices, including a review of:

(1) the number and types of records it maintains on individual employees, former employees, and applicants;

(2) the items of information contained in each type of employment record it maintains;

(3) the uses made of the items of information in each type of record;

(4) the uses made of such records within the employing organization;

(5) the disclosures made of such records to parties outside the employing organization;

(6) the extent to which individual employees, former employees, and applicants are both aware and systematically informed of the uses and disclosures that are made of information in the records kept about them.


I based this page on a page from the Center for Democracy and Technology. That page is here.

The extra text menu links (previously here) are being removed in the site redesign.
Browser and search engine improvements have eliminated the motivation/necessity for them.

This page created:
Sat, 08.Mar.2003

Last updated:
16:17, Sat, 10.May.2014

. . .


 Explanation of the rewrite: New Page Layout.
 Check out my blog: My Ephemerae
 Yes ... I want you to link to my site Please link to me
 Want to email me? I'd love to hear from you.
 I have begun tutoring in the South Houston, Texas area.

. . .
Privacy Protection Study Commission (PPSC) Fair Information Practices; qwerty . . . Privacy Protection Study Commission (PPSC) Fair Information Practices; qwerty