The Postal Service is reminding employees and contractors to follow the Privacy Act of 1974.
The law governs how federal agencies collect, use, maintain and disseminate personally identifiable information about individuals held in their systems of records.
Each time the Postal Service collects personal information from an employee, customer or business partner, the organization must provide that individual with a notice telling them:
• How the information will be used and disclosed;
• How they will be affected if they do not provide their information; and
• The statutory authority for collecting the information.
If the Postal Service begins collecting a new type of personal information, it may be necessary to create a new system of records or update an existing one. This requires publishing a notice in the Federal Register, a process that may take up to four months or longer.
If a business initiative involves any personally identifiable information, employees should email the USPS Privacy and Records Management Office to determine if Privacy Act rules apply.
Once the Postal Service collects and maintains personal information, there are limits to what can be disclosed outside the organization. USPS employees or contractors are also typically prohibited from accessing such information, except on a need-to-know basis.
Postal Service employees also should never enter the organization into any contract that requires compliance with state privacy laws or those of foreign countries.
Employees with questions should email the USPS Ethics Office.
