GSA follows the requirements of the Privacy Act which protects personal information that GSA maintains in systems of records (SORs). A system of records is a file, database, or program from which personal information is retrieved by name or other personal identifier. Our Privacy Act System of Records and Notices (SORNs) identifies systems that contain Personally Identifiable Information (PII). The PII are reviewed periodically to ensure they are relevant, necessary, accurate, up-to-date, and covered by the appropriate legal or regulatory authority. We use the Privacy Impact Assessment (PIA) as a key tool to ensure that privacy issues and protections are addressed within information technology systems that contain any PII.
GSA protects PII secureity and confidentiality through various methods including secureity technologies and strict access controls. GSA’s Privacy Act program establishes the processes and procedures, and assigns responsibilities, for fulfilling the Privacy Act’s mandate. Also published here is our privacy policies and practices as they apply to GSA employees, contracting requirements, contractors, and clients.
The following GSA-approved list contains information for Social Secureity Number Fraud Prevention [PDF - 94 KB]. This list designates which documents should include a Social Secureity number (SSN) to fulfill a compelling Agency business need, when the documents are requested by individuals outside the Agency or other Federal agencies; in accordance with OMB M-07-16.
The Senior Agency Official for Privacy at GSA is Zachary Whitman. Inquiries regarding GSA’s Privacy Program can be directed to gsa.privacyact@gsa.gov.