Federal Housing Finance Agency Print

​FHFA Privacy Office

 

FHFA Privacy Office Contacts:

David A. Lee, Senior Agency Official for Privacy & Chief Privacy Officer
Stacy J. Easter, Privacy Act Officer
Stephen E. Hart, Privacy Act Appeals Officer

FHFA Privacy Office
400 7th Street, SW
8th Floor
Washington, D.C. 20219
Phone: 202-649-3803
Fax: 202-649-1073
email: Privacy@fhfa.gov (for questions or to submit a request)

The Privacy Act of 1974, 5 U.S.C. § 552a, establishes a code of fair information practices that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in a systems of records (a group of records under the control of an agency from which information is retrieved by a unique identifier, e.g., name, ssn, etc.) by federal agencies. The Act balances the government’s need to maintain information about individuals with the right of individuals to be protected against unwarranted invasions of their privacy.

Under the Privacy Act, United States citizens and legal permanent residents, upon request, have the right to:
 
    • Access and review records about you, and

    • Amend information about you that is inaccurate, irrelevant, untimely or incomplete that is contained in an agency system of records.

 The Act mandates that the Government:

    • ​​Informs you why information is being collected and how it is going to be used;

    • Assures that information is accurate, relevant, complete and up-to-date before disclosing it to others; 

    • Allows you to find out about disclosures of your records to other agencies or persons; and 

    • Provides you with the opportunity to correct inaccuracies in your records.

 
Where to Request Records
 

To submit or track a Privacy Act request or appeal to the FHFA or FHFA-OIG click here, or mail to the above address. Please note that all mail sent to FHFA via the United States Postal Service is routed through a national irradiation facility, a process that may delay delivery by approximately two weeks. For any time-sensitive correspondence, please plan accordingly. Envelopes should be marked "Privacy Act Request." All requests for FHFA-OIG records will be forwarded to FHFA-OIG for direct a response. Requests submitted after normal business hours (8:30 a.m. to 5:00 p.m., Eastern Time, Monday through Friday), will be deemed received on the next normal business day.

 
FHFA Privacy Act Systems of Records Notices (SORN)

 

The Privacy Act requires that a notice describing each system of records be published in the Federal Register for review and comment by the public and other interested parties as part of the prescribe review and approval process. 

Listed below are ​FHFA and FHFA-OIG Privacy Act Systems of Records Notices as well as FHFA adopted Government-wide System of Record Notices. Each SORN below describes what, why, and how we collect, maintain, use and disseminate records in our system. 

 

FHFA Systems of Record Notices:

FHFA-1 Federal Home Loan Bank System Directory; FHFA-2 Financial Management System;

FHFA-3 Correspondence Tracking System (supercedes FHFA-3 published on 7/6/2009);
FHFA-4 Compensation Information Provided by the Regulated Entities;
FHFA-5 Photographic, Video, Voice, and Similar Files;
FHFA-6 Fraud Reporting System;
FHFA-7 Mail, Contact, Telephone, and Other Lists; FHFA-8 Federal Home Loan Bank Directors; FHFA-9 Administrative Grievance Records; FHFA-10 Employee Benefits Records; FHFA-11 Transit Subsidy Program Records; FHFA-12 Parking Program Records; and FHFA-13 Freedom of Information and Privacy Act Records;
FHFA-14 Emergency Notification System (supercedes FHFA-14 published on 1/5/2012);

FHFA-15 Payroll, Retirement, Time and Attendance and Leave Records; and FHFA-16 Personnel Investigative Files;
FHFA-17 - Visitor Badge, Employee and Contractor Day Pass, and Trackable Mail System; FHFA-18 - Reasonable Accommodation Information Systems; FHFA-19 - Computer Systems Activity and Access Records System; and FHFA-20 - Telecommunications System;
FHFA-21 National Mortgage Database System;

FHFA-22 Online Forms; 

FHFA-23 Suspended Counterparty System; and FHFA-24 Employee Adverse Action and Disciplinary Records System; and

Administrative Changes to FHFA Systems of Records Notices (FHFA-1 to 4; FHFA 7-16).

Government-wide Systems of Records Notices FHFA adopted can be found here.

 

FHFA Office of Inspector General Privacy Act SORNs:

 

FHFA-OIG-1: FHFA-OIG Audit Files Database; FHFA-OIG-2: FHFA-OIG Investigative & Evaluative Files Database; FHFA-OIG-3: FHFA-OIG Investigative & Evaluative MIS Database; FHFA-OIG-4: FHFA-OIG Hotline Database; and FHFA-OIG-5: FHFA-OIG Correspondence Database.

Revised OIG SORNS - FHFA-OIG-1; FHFA-OIG-2; FHFA-OIG-3; FHFA-OIG-4; and FHFA-OIG-5; and New SORN FHFA-OIG-6: FHFA-OIG Evaluations Files Database.

  

Privacy Impact Assessments (PIA)

 

A Privacy Impact Assessment (PIA) is an analysis of how Information in an Identifiable Form (IIF) is handled. Conducting PIAs for relevant electronic systems is required under the E-Government Act of 2002 (E-Gov Act) and accompanying OMB guidance published on September 26, 2003. PIAs are intended to ensure that the handling of IIF conforms to applicable legal, regulatory and policy requirements regarding privacy, helps determine the risks and effects of collecting, maintaining and disseminating IIF in an electronic system, and examines and evaluates protections and alternative processes for handling IIF to mitigate potential privacy risks.

IIF includes information that directly identifies an individual or FHFA intends to use to identify specific individuals in conjunction with other data elements. The FHFA uses PIAs to identify and address information privacy when planning, developing, and implementing information technology systems that collect and maintain IIF. The goals in completing a PIA are to:

    • Make informed policy and system design or procurement decisions regarding the collection of IIF;

    • Ensure accountability for privacy issues;

    • Analyze both technical and legal compliance with applicable privacy laws and regulations; and

    • Provide documentation on the flow of personal information and information requirements within FHFA systems.

 

FHFA Privacy Impact Assessments


Access Control Emergency Contacts Module PIA

Affordable Housing Program/Community Investment Cash Advance System PIA
Content Management Interface PIA
Electronic Time & Attendance System PIA
Federal Home Loan Bank System Directory PIA
FM Systems PIA
FOIAXpress PIA
GovTrip PIA
HR Navigator PIA
Litigation Support System PIA
National Finance Center's Personnel Payroll System (Redacted) PIA
Office of Conservatorship Status Tracking and Reporting PIA
Office of Personnel Management's Electronic Official Personnel Folder PIA
Office of Personnel Management's Fingerprint Transaction System PIA
Office of Personnel Management's USA Staffing PIA
Oracle e-Business Suite PIA
Plateau Talent Management System PIA
GSA Personal Identity Verification System - USAAccess (HSPD-12) PIA
Send Word Now PIA
TeamMate PIA - FHFB
Trakker PIA
FHFA Voice Over Internet Protocol (VOIP) and Unified Communication (UC) PIA
Kastle Systems PIA
Office of Inspector General Case Management System - PIA
National Mortgage Database PIA

Client Management System (CMS) PIA
Office of Inspector General GSS PIA  

Training Requests Application PIA

JPP/Merit Central PIA

Correspondence Tracking System PIA

HRIS PIA
MicroPact iComplaints PIA

Emergency Notification System PIA

Transit Benefit System PIA

Metrics That Matter PIA

Additional Privacy Act References:

FHFA and FHFA-OIG Privacy Act Regulation 12 CFR Part 1204 (Interim Final Regulation and Final Rule)
FHFA Use and Protection of Personally Identifiable Information (PII)

FHFA Breach Notification Policy and Plan

 

 

 ​
© 2016 Federal Housing Finance Agency