Skip to content

What Personal Information is Protected by the Privacy Act?

Paige Harris May 25, 2022 8:00:00 AM

The concept of privacy isn’t exclusive to this generation. As early as the 1970s, the United States had already made the protection of people’s personal information a priority, as is evidenced in The Privacy Act of 1974. This half-century-old piece of legislation mandates how federal agencies maintain records about individuals retrieved by personal identifiers such as names, social security numbers, and other identifying numbers or symbols.

All business owners need to be familiar with the Privacy Act, as well as other landmark data privacy laws, so that they comply with all relevant mandates. For example, since the GDPR applies to all businesses doing business with citizens in the European Union, these regulations may apply to you too if your website has a global audience. Because it can be confusing to figure out which laws apply to your business, when you create a Privacy Policy or a Terms of Use, it is helpful to use a Terms of Service generator free of charge such as the one offered by Enzuzo–and never, ever steal a Privacy Policy or copy Terms and Conditions from another site!CTA Create Privacy Policy Graphic - Yellow

What is the Privacy Act?

The Privacy Act of 1974 (5 U.S.C. 552a) is a landmark data privacy regulation that contains important rights and restrictions on data stored by U.S. federal agencies. Although it’s nearly 50 years old, the law has stood the test of time and has similarities with the privacy laws of today.

According to the Privacy Act, U.S. government agencies must:

  • Collect only relevant and necessary information needed to carry out specific functions and tasks.
  • Not maintain secret records on individuals.
  • Explain why information is collected, why it’s needed, and how it’s used.
  • Ensure that records are used only for given reasons.
  • Seek permission from the individual should his or her records be used for other purposes.
  • Protect records from unauthorized access or disclosure.
  • Allow people to see, amend, or update their records.

What Personal Information Is Protected by the Privacy Act?

The Privacy Act protects the records of individuals, which is essentially synonymous with what most data privacy laws today refer to as personal information. This data includes any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, education, financial transactions, medical history, and criminal or employment histories. Information protected may contain names or identifying numbers, symbols, or other particulars associated with an individual, such as fingerprints, voice recordings, or photographs.

In other words, any information that can possibly identify an individual is protected by the Privacy Act.

CCPA - Enzuzo - Do Not Sell My Info-1Exemptions to the Privacy Act

There are exemptions to the Privacy Act that allow government agencies to bypass the code. The exemptions primarily cover all records maintained by the Central Intelligence Agency and selected records maintained by an agency that are necessary to enforce criminal laws.

In addition, there are seven specific exemptions to the regulation that apply if the information is:

  • Classified in the interest of national defense or foreign policy.
  • Necessary investigatory material.
  • Connected to providing protective services to the U.S. President or other individuals being safeguarded by the Secret Service.
  • Required by statute to be maintained for statistical records.
  • Investigatory material compiled to determine suitability, eligibility or qualifications for federal employment, military service, federal contracts, or access to classified information.
  • Testing, examination, and/or evaluation materials used to determine qualifications for appointments or promotions in the federal government.


The Privacy Act of 1974 is a landmark data privacy code that has been protecting the personal information of U.S. citizens for nearly 50 years. Business owners must be familiar with this federal regulation to properly comply with its conditions, as well as when creating their data privacy-related documents or Terms of Conditions agreements. You can protect both your business from possible liabilities and infringements, as well as protect your users by securing their data privacy rights by using Enzuzo’s free Terms of Service generator.

Leave a Comment