Records Management Handbook
To view or download PDF version, click here.
Privacy Act
The U.S. Privacy Act applies specifically to certain kinds of records the Laboratory is required to maintain on individuals. These are:
- Radiation exposure records
- Occupational and industrial accident records
- Labor standards complaints and grievances
- Employee insurance claims
Although the Laboratory is not required to apply the Privacy Act to other kinds of records, it is good business practice to restrict access to other potentially sensitive records, including:
- Personnel medical records
- Other personnel records, such as employment, performance, discipline, and compensation records
Notification
For further information on the Privacy Act, call the Records Administrator or review the “Privacy Act Records Notice.”
Storage/Security Protection
To ensure the confidentiality and security of individual records, each employee in contact with such records should:
- Keep paper records in locked file cabinets
- Protect electronic records with passwords
- Do not leave sensitive records unattended or exposed to casual view
- Use a shredder when disposing of them
- Treat drafts, notes and backup materials as equally confidential during work in progress.
- Date/name/address of requesting person or agency
- Purpose and nature of request
- Evidence of the subject individual’s consent, or a notation that the request was forwarded to the HR&S Director for review
Records Management at Jefferson Lab
Privacy Act