National Association of Government Contractors

Employee Privacy Training Required Under FAR

Following a recent update to the Federal Acquisition Regulation (FAR), some contractors (and their subcontractors) that provide certain services to the federal government, will be required to train their employees on privacy. 

The rule applies to contractors that:

  • Handle Personally Identifiable Information;
  • Have access to a system of records; or
  • Design, develop, maintain or operate a system of records.

The rule incorporates the Office of Management and Budget's (OMB) definitions of key terms.  The new rule defines “personally identifiable information” as “information that can be used to distinguish or trace an individual's identity, either alone or when combined with other information that is linked or linkable to a specific  individual.”

A “system of records”  refers to any system that “contains information that is retrieved by an individual's name or unique identifier.” The rule authorizes the government's contracting officer to determine whether a particular contract involves a system of records.

The required privacy training must address:

  • Key provisions of the Privacy Act of 1974,  and penalties for violations of the Act;
  • The appropriate handling and safeguarding of PII;
  • The authorized and official use of a system of records or any other PII;
  • Restrictions on the use of unauthorized equipment to create, collect, use, process, store, maintain, disseminate, disclose, dispose, or otherwise access, or store PII;
  • The prohibition against the unauthorized use of a system of records or unauthorized disclosure, access, handling, or use of PII or systems of records; and
  • Procedures to be followed in the event of a potential or confirmed breach of a system of records or unauthorized disclosure, access, handling, or use of PII.

Contractors are responsible for providing an initial training and annual privacy training refreshers. Contractors must train employees before employees handle PII or have access to a system of records. The rule requires contractors to maintain training records and, upon request, provide evidence to the government that relevant employees completed the required privacy training.

« Back to News

News & Tips
Government contractor news & industry tips from a source you can trust. Sign up for our weekly updates to stay informed and get involved. Easily unsubscribe at any time.

Our Insider's Guide Series was developed as an easy-to-understand series of guides to assist you through the government procurement process.

National Association of Government Contractors
1250 Connecticut Ave NW
Suite 200
Washington, DC 20036
Phone: 202-465-3750
Toll Free: 1.800.979.NAGC
LinkedIn Facebook Twitter

FedEx Shipping Discount
Office Depot Member Program
American Express
OneMain Financial Loans
Paychex Payroll Processing
NAGC Health

Privacy Policy | Subscriber Agreement & Terms of Use | Purchase Policy | Data & Cookies
Copyright © 2004 - 2018 National Association of Government Contractors.   All Rights Reserved. Geotrust RapidSSL