scope:

This order applies to:

a. Any FAA information and information systems that collect, store, process, disseminate, transmit, or dispose of information, or those information systems managed by contract personnel for the FAA, and non-FAA owned information systems that access FAA information or information systems. An information system can be either electronic (e.g., computers, PDA's, hard drives, CDs/DVDs thumb drives, or other multi-media devices.), paper (e.g., reports, records, files, phone books, etc.), or plastic (e.g., microfiche, tapes, etc.), or any other media.

b. Systems include but are not limited to the National Airspace System (NAS), mission support systems, administrative information systems, any information system funded by the FAA, all information systems connected to FAA information or information systems, and prototype information systems connected to any FAA operational and non operational information and information systems.

Purpose of this Order.

a. This order implements within the Federal Aviation Administration (FAA) the Privacy Act of 1974 (the Privacy Act), as amended by the Computer Matching and Privacy Protection Act of 1988; supplements the guidance provided by the Office of Management and Budget (OMB) and the Department of Transportation (DOT), Office of the Secretary of Transportation (OST); and provides instructions and guidance to all FAA elements to assist them in implementing the provisions of the Privacy Act. It implements the provisions of DOT H 1350.2, Departmental Information Resources Management Manual (DIRMM).

b. The objective of this order, in its format and content, is to provide a single reference source for the protection of personally identifiable information (PII) and privacy records within the FAA.