Federal Housing Finance Agency

Mission Statement:

Ensure that the housing GSEs operate in a safe and sound manner so that they serve as a reliable source of liquidity and funding for housing finance and community investment.

Contact Us	Site Map	Subscribe
Advanced Search

Public Info
Agency Reports
Advisory Council Reports
Collateral Securing Advances Report
Quarterly Conservator's Reports
Federal Property Manager's Reports
Fannie Mae and Freddie Mac State Borrower Assistance Map
Foreclosure Prevention Reports
Enterprise Guarantee Fees Reports
FHLB Securitization Reports
Refinance Reports
Other Reports
Sustainability Plans
Public Use Databases
Resources for Consumers
Complaints and Inquiries
Annual Report to Congress
Consumer Information
Executive Compensation
Enterprises' Public Use Database
FHFA Frequently Asked Questions (FAQs)
FHFA News Center
News Releases
Congressional Letters
Testimony & Speeches
Statements
Media Advisories
Notices
Joint Mortgage Servicing Compensation Initiative
Real Estate Owned (REO) Pilot Initiative
Subscribe to FHFA News Releases and Web Updates
FHFA Records and Information Management
FHLBanks' Public Use Database
FOIA
FHFA Reading Room
FHFB Reading Room
OFHEO Reading Room
Reference Guide
FOIA Reports
OFHEO FOIA Reports
FHFB FOIA Reports
Privacy Program
Subscribe to News Releases and Web Updates
Other Links
Meetings and Hearings
Open Government
News Center Archive (FHFB)
News Releases Archive (FHFB)
Testimony Archive (FHFB)
Speeches Archive (FHFB)
Petitions (FHFB)
Responses to FHFB Resolution of 12/20/02
News Center Archive (OFHEO)
News Releases Archive (OFHEO)
Testimony Archive (OFHEO)
Statements Archive (OFHEO)
Speeches Archive (OFHEO)
FHFA Inventory, Priorities and Schedule

Welcome to the Federal Housing Finance Agency's (FHFA) Privacy Office Webpage.

FHFA Privacy Office Contacts

David A. Lee, Senior Agency Official for Privacy & Chief Privacy Officer
Stacy J. Easter, Privacy Act Officer
Stephen E. Hart, Privacy Act Appeals Officer

FHFA Privacy Office
400 7th Street, SW
8th Floor
Washington, D.C. 20024

To submit a Privacy Act request to FHFA or FHFA-OIG click here, or mail to the above address. Please note that all mail sent to FHFA via the United States Postal Service is routed through a national irradiation facility, a process that may delay delivery by approximately two weeks. For any time-sensitve correspondence, please plan accordingly.

Voice:        202.649.3803
Facsimile:   202.649.1073
Email:        privacy@fhfa.gov

PRIVACY ACT of 1974
The Privacy Act of 1974, 5 U.S.C. § 552a, establishes a code of fair information practices that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which information is retrieved by the name of the individual or by some identifier assigned to the individual.

The Privacy Act requires agencies to give the public notice of their systems of records by publication in the Federal Register. The Privacy Act prohibits the disclosure of information from a system of records absent the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions. The {rivacy Act also provides individuals with a means by which to seek access to and amendment of their records, and sets forth various agency record-keeping requirements.

Broadly stated, the purpose of the Privacy Act is to balance the government's need to maintain information about individuals with the rights of individuals to be protected against unwarranted invasions of their privacy stemming from federal agencies' collection, maintenance, use, and disclosure of personal information about them. The historical context of the Act is important to an understanding of its remedial purposes. In 1974, Congress was concerned with curbing the illegal surveillance and investigation of individuals by federal agencies that had been exposed during the Watergate scandal. It was also concerned with potential abuses presented by the government's increasing use of computers to store and retrieve personal data by means of a universal identifier -- such as an individual's social security number. The Act focuses on four basic policy objectives:

(1) To restrict disclosure of personally identifiable records maintained by agencies.

(2) To grant individuals increased rights of access to agency records maintained on themselves.

(3) To grant individuals the right to seek amendment of agency records maintained on themselves upon a showing that the records are not accurate, relevant, timely, or complete.

(4) To establish a code of "fair information practices" which requires agencies to comply with statutory norms for collection, maintenance, and dissemination of records.

FHFA issued a regulation (12 CFR Part 1204 (Interim Final Regulation) and Final Rule) to provide the procedures and guidelines under which it will implement the Privacy Act. This regulation also addresses how the FHFA Office of Inspector General will implement the Privacy Act. In addition, FHFA issued a Policy on the Use and Protection of Personally Identifiable Information (PII). This policy establishes how FHFA will collect, use, maintain, and secure PII. FHFA also issued a Breach Notification Policy and Plan which outlines the actions that FHFA will take in the event that PII maintained by FHFA is either lost, stolen or otherwise compromised.

The Privacy Act only applies to records about individuals maintained by Federal agencies. It applies to these records only if they are in a “system of records” which means they are retrieved by an individual’s name, Social Security number, or some other unique identifier. If you are interested in more details about the Privacy Act, you should read the Privacy Act in its entirety. The full text of the Privacy Act is available on the Department of Justice’s website at http://www.justice.gov/opcl/privstat.htm.

If you would like to request documents about you from FHFA see Section 1204.3 of FHFA's Privacy Act Regulation - How Do I Make a Privacy Act Request?

Listed below are FHFA Privacy Act Systems of Records Notices (SORN).

Systems of Records Notices: FHFA-1 Federal Home Loan Bank System Directory; FHFA-2 Financial Management System; and FHFA-3 Correspondence Tracking System; Systems of Records Notice: FHFA-4 Compensation Information Provided by the Regulated Entities; Systems of Records Notice: FHFA-5 Photographic Files; Systems of Records Notice: FHFA-6 Fraud Reporting System; Systems of Records Notice: FHFA-7 Mail, Contact, Telephone, and Other Lists; FHFA-8 Federal Home Loan Bank Directors; FHFA-9 Administrative Grievance Records; FHFA-10 Employee Benefits Records; FHFA-11 Transit Subsidy Program Records; FHFA-12 Parking Program Records; and FHFA-13 Freedom of Information and Privacy Act Records; Systems of Records Notice: FHFA-14 Emergency Notification System; FHFA-15 Payroll, Retirement, Time and Attendance and Leave Records; and FHFA-16 Personnel Investigative Files; FHFA-17 Visitor Badge, Employee and Contractor Personnel Day Pass, and Trackable Mail System; FHFA-18 Reasonable Accomodation Information System; FHFA-19 Computer Systems Activity and Access Records System; and FHFA-20 Telecommunications System.

In addition, FHFA has adopted a number of Government-wide Systems of Records Notices. Click here for a listing of these Notices.

Listed below are FHFA Office of Inspector General Privacy Act SORNs:

FHFA-OIG-1: FHFA-OIG Audit Files Database; FHFA-OIG-2: FHFA-OIG Investigative & Evaluative Files Database; FHFA-OIG-3: FHFA-OIG Investigative & Evaluative MIS Database; FHFA-OIG-4: FHFA-OIG Hotline Database; and FHFA-OIG-5: FHFA-OIG Correspondence Database

Privacy Impact Assessments (PIA)

What is a PIA?

A Privacy Impact Assessment (PIA) is an analysis of how Information in an Identifiable Form (IIF) is handled. Conducting PIAs for relevant electronic systems is required under the E-Government Act of 2002 (E-Gov Act) and accompanying OMB guidance published on September 26, 2003. PIAs are intended to ensure that the handling of IIF conforms to applicable legal, regulatory and policy requirements regarding privacy, helps determine the risks and effects of collecting, maintaining and disseminating IIF in an electronic system, and examines and evaluates protections and alternative processes for handling IIF to mitigate potential privacy risks.

IIF includes information that directly identifies an individual or FHFA intends to use to identify specific individuals in conjunction with other data elements. The FHFA uses PIAs to identify and address information privacy when planning, developing, and implementing information technology systems that collect and maintain IIF. The goals in completing a PIA are to:

- Make informed policy and system design or procurement decisions regarding the collection of IIF;

- Ensure accountability for privacy issues;

- Analyze both technical and legal compliance with applicable privacy laws and regulations; and

- Provide documentation on the flow of personal information and information requirements within FHFA systems.

Listed below are FHFA Privacy Impact Assessments:
Access Control Emergency Contacts Module PIA
Affordable Housing Program/Community Investment Cash Advance System PIA
Content Management Interface PIA
Electronic Time & Attendance System PIA
Federal Home Loan Bank System Directory PIA
FM Systems PIA
FOIAXpress PIA
GovTrip PIA
HR Navigator PIA
Litigation Support System PIA
National Finance Center's Personnel Payroll System (Redacted) PIA
Office of Conservatorship Status Tracking and Reporting PIA
Office of Personnel Management's Electronic Official Personnel Folder PIA
Office of Personnel Management's Fingerprint Transaction System PIA
Office of Personnel Management's USA Staffing PIA
Oracle e-Business Suite PIA
Plateau Talent Management System PIA
GSA Personal Identity Verification System - USAAccess (HSPD-12) PIA
Send Word Now PIA
TeamMate PIA - FHFB
Trakker PIA
FHFA Voice Over Internet Protocol (VOIP) and Unified Communication (UC) PIA
Kastle Systems PIA
Office of Inspector General Case Management System - PIA
National Mortgage Database - PIA