Skip to Content


Privacy Act of 1974; System of Records

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.


Notice of a new system of records and removal of five system of records notices.


Pursuant to the Privacy Act of 1974, 5 U.S.C. 552a, and Office of Management and Budget (OMB) Circular No. A-130, notice is hereby given that the Department of Justice (Department or DOJ) proposes to establish a new Department-wide system of records entitled, “Department of Justice Employee Assistance Program (EAP) Records,” JUSTICE/DOJ-015. The purpose of publishing this Department-wide notice is to consolidate existing EAP notices published by separate DOJ components and provide a comprehensive notice to cover all Department EAP records, thereby increasing administrative efficiency and promoting consistent maintenance of DOJ EAP records. Accordingly, this Department-wide system notice replaces, and the Department hereby removes, the following system notices previously published by individual DOJ components:

Executive Office for United States Attorneys (EOUSA), “Employee Assistance Program (EAP) Counseling and Referral Records,” JUSTICE/USA-020, 66 FR 15755 (Mar. 20, 2001);

Federal Bureau of Investigation (FBI), “FBI Alcoholism Program,” JUSTICE/FBI-014, 52 FR 47251 (Dec. 11, 1987);

Federal Bureau of Prisons (BOP), “Employee Assistance Program Record System,” JUSTICE/BOP-014, 65 FR 46739 (July 31, 2000);

Justice Management Division (JMD), “Employee Assistance Program (EAP) Counseling and Referral Records,” JUSTICE/JMD-016, 65 FR 36718 (June 9, 2000); and

United States Marshals Service (USMS), “U.S. Marshals Service (USMS) Employee Assistance Program (EAP) Records,” JUSTICE/USM-015, 72 FR 49015, (Aug. 27, 2007).


In accordance with 5 U.S.C. 552a(e)(4) and (11), the public is given a 30-day period in which to comment. Therefore, please submit any comments by March 5, 2012.


The public, Office of Management and Budget (OMB) and Congress are invited to submit any comments to the Department of Justice, ATTN: Privacy Analyst, Office of Privacy and Civil Liberties, Department of Justice, National Place Building, 1331 Pennsylvania Avenue NW., Suite 1000, Washington, DC 20530-0001, or by facsimile at (202) 307-0693. To ensure proper handling, please reference the above CPCLO Order No. on your correspondence.


Dr. Leo Shea, Department of Justice, Justice Management Division, National Place Building, 1331 Pennsylvania Avenue NW., Suite 1055, Washington, DC 20530, or by facsimile at (202) 514-8797.


The records in this system of records document the work performed by the EAP on behalf of the EAP client and allow for the tracking of the EAP client's progress and the EAP client's participation in the EAP or EAP related community programs.

In accordance with 5 U.S.C. 552a(r), the Department has provided a report to OMB and Congress on this new system of records.

Dated; January 12, 2012.

Nancy C. Libin,

Chief Privacy and Civil Liberties Officer, United States Department of Justice.



Department of Justice Employee Assistance Program (EAP) Records.




Employee Assistance Program (EAP) records are located at the U.S. Department of Justice, 1331 Pennsylvania Avenue NW., Washington, DC 20530, and other Department of Justice (DOJ) offices throughout the country. For those components that operate component-specific EAPs, records are located at the component's primary location and/or its field division sites. The main address for each DOJ component is posted on the DOJ Web site, EAP records for components that utilize contractors in providing EAP services may also be maintained by such contractors, on behalf of the Department, at the contractor's location. To determine the location of particular EAP records, contact the appropriate EAP Privacy Act system manager, whose contact information is listed below in the System Managers and Addresses section.


Current and former employees of the Department, and in limited instances their family members, who have sought counseling or have been referred for counseling or treatment through the EAP. The remainder of this notice will refer to these individuals as “EAP client(s).”


Records may include any record, written or electronic, which may assist in diagnosing, evaluating, counseling, and/or treating an EAP client, or resolving an EAP client's complaint or management's concerns (management consultation) regarding the EAP client's performance, attendance, or conduct issues. Included are client identification data, such as name, home and/or work address, email address, employee identification numbers, job title/series, telephone numbers, date of birth, race, gender, marital status, relationship of family member to employee, and emergency contacts; the EAP counselor's intake/termination and outcome documents; case notes; pertinent personal, family, employment, disciplinary, financial, legal, psychosocial, medical, and/or employment histories; medical tests or screenings, including drug and alcohol tests and information on positive drug tests generated by the staff of the Drug Free Workplace Program or treatment facilities from which the EAP client may be receiving treatment; treatment and rehabilitation plans; insurance data; behavioral improvement plans; and records of referrals. Referrals include those to community treatment resources and social service agencies that provide legal, financial, or other assistance not related to mental health or general medical services. Where clinical referrals have been made, records may include relevant information related to counseling, diagnosis, prognosis, treatment, and evaluation, together with follow-up data that may be generated by the community program providing the relevant services. Other records included in the system are the written consent forms used to permit the disclosure of information outside the EAP. EAP client records may also include account information, such as contractor billings and government payments, when EAP services are provided by an EAP contractor to the client.


5 U.S.C. 3301, 7361, 7362, 7901, 7904; 42 U.S.C. 290dd, 290dd-2; 44 U.S.C. 3101; 5 CFR part 792, subpart A; 42 CFR part 2; Sec. 503, Pub. L. 100-71, 101 Stat. 391, as amended; E.O. 12564, 51 FR 32889; and DOJ Order No. 1200.1.


The EAP is a voluntary program designed to assist EAP clients in obtaining help in handling personal problems that may affect job performance, and to provide emotional support and assistance during periods of crisis. Records are maintained to document and track a client's participation in the EAP or community programs and the nature and effects of the employee's personal problems. If an EAP client so consents, these records may also be used to track compliance with Abeyance or Last Chance Agreements that include treatment options, in which the EAP is an integral part of establishing and/or monitoring treatment compliance.


In addition to those disclosures generally permitted under 5 U.S.C. 552a(b), relevant records or information in this system may be disclosed without EAP client consent as follows:

(Note: To the extent that disclosure of substance abuse patient records is more restricted than disclosure of other EAP records, the EAP staff will follow such restrictions. See 42 U.S.C. 290dd-2; 42 CFR part 2. Similarly, nothing in these routine uses should be construed as authorizing a disclosure which is prohibited under State law; nor may any State law either authorize or compel any disclosure of substance abuse patient records not encompassed by this notice and governing EAP regulations. See 42 CFR 2.20.)

(a) To appropriate State or local authorities to report, where required under State law, incidents of suspected child, elder, or domestic abuse or neglect.

(b) To any person or entity to the extent necessary to prevent an imminent crime which directly threatens loss of life or serious bodily injury.

(c) To contractors or authorized EAP community health care providers that provide counseling and other services through referrals from the EAP staff to the extent that it is appropriate, relevant, and necessary to enable the contractor or provider to perform his or her counseling, treatment, rehabilitation, and evaluation responsibilities.

(d) To contractors, grantees, experts, consultants, students, and others performing or working on a contract, grant, cooperative agreement, or other assignment providing other services to an EAP program, when necessary to provide these services. In the case of substance abuse patient records, a service provider must meet the qualifications established by 42 CFR 2.11.

(e) To any person who is responsible for the care of an EAP client when the EAP client to whom the records pertain is mentally incompetent or under legal disability.

(f) To any person or entity to the extent necessary to meet a bona fide medical emergency.

(g) To law enforcement officers to report information directly related to an EAP client's commission of a crime on the premises of the EAP program or against EAP program personnel or a threat to commit such a crime, provided that the disclosure is limited to the circumstances of the incident, including the client status of the individual committing or threatening to commit the crime, that individual's name and address, and that individual's last known whereabouts.

(h) To a former EAP employee of the Department for purposes of: Responding to an official inquiry by a federal, State, or local government entity or professional licensing authority, in accordance with applicable Departmental regulations; or facilitating communications with the employee or contractor that may be necessary for personnel-related or other official purposes where the Department requires information and/or consultation assistance from the employee or contractor regarding a matter within that person's current or former area of responsibility.

(i) To appropriate agencies, entities, and persons when (1) the Department suspects or has confirmed that the security or confidentiality of information in the system of records has been compromised; (2) the Department has determined that as a result of the suspected or confirmed compromise there is a risk of harm to economic or property interests, identity theft or fraud, or harm to the security or integrity of this system or other systems or programs (whether maintained by the Department or another agency or entity) that rely upon the compromised information; and (3) the disclosure made to such agencies, entities, and persons is reasonably necessary to assist in connection with the Department's efforts to respond to the suspected or confirmed compromise and prevent, minimize or remedy such harm.




Information in this system may be maintained in paper or electronic format. Records in paper format include hardcopy manual files and index cards. Records in electronic format are kept in computerized databases and electronic media.


Records in this system may be indexed and retrieved by the name of the EAP client or by an identifying case number or symbol that is cross-indexed to the EAP client's name, in accordance with policies and procedures outlined in DOJ Order 1200.1.


Internal EAP records are maintained by component EAP staff. In most cases, access to Department buildings is restricted by 24-hour guard service and electronic identification. EAP records are secured in a GSA security-approved safe or equivalent as approved by the component's Security Program Office. Safes are locked when staff members are not in their offices. Access to these files is strictly limited to approved EAP personnel only. Only the case number appears on the file label. The file is cross-referenced with a separately secured list with corresponding name and case number. EAP case-sensitive information in electronic format is only stored on a computer hard drive or equivalent device if it is an approved system with firewall and password protection. Systems operating on a component's LAN-based system encrypt stored EAP sensitive data. Electronic media are accessible only by a confidential password and secured in a safe as referenced above, within a locked room when not in use. Department contractors that maintain EAP records are required to provide adequate file security to prevent the theft of client files or inadvertent release of personal health information. Adequate file security may include the removal of an EAP client's personal information in a payment voucher prepared to effect payment for services rendered by the contractor in performance of the contract. Further, contractor invoices or documents in support of payment which do include specific EAP client information are hand-carried by local contractors to the component's EAP Administrator when feasible.


Records are retained during their useful life in accordance with records retention schedules approved by the National Archives and Records Administration. All records regardless of the storage medium are destroyed three years after the date of the last counseling session, unless a longer retention period is necessary because the EAP has actual notice of an administrative or judicial proceeding specific to the client. In such cases, the records are retained for six months after the conclusion of the proceedings. Destruction is by EAP personnel. Paper records are destroyed through the use of a high-grade shredder. Any electronic storage device that was used to store sensitive EAP information is degaussed before it is discarded, transferred, or donated outside the EAP.


EAP records are located at various DOJ-operated and contractor-operated facilities. Six components of the DOJ operate component-specific EAPs. The primary Privacy Act system manager and address for component-specific EAPs are as follows:

ATF: EAP Administrator, Human Resources Division, Bureau of Alcohol, Tobacco, Firearms, and Explosives, 99 New York Ave. NE., Washington, DC 20226.

DEA: EAP Administrator, Drug Enforcement Administration, 8701 Morrissette Drive Springfield, VA 22152.

EOUSA: EAP Administrator, Executive Office for United States Attorneys, 600 E St. NW., Room 2800, Washington, DC 20530.

FBI: EAP Administrator, Federal Bureau of Investigation, 935 Pennsylvania Ave. NW., Room 10190, Washington, DC, 20535-0001.

BOP: EAP Administrator, Federal Bureau of Prisons, 320 First St. NW., Room HOLC-871, Washington, DC 20534.

USMS: EAP Administrator, United States Marshals Service, Room 750, CS-3, Washington, DC 20530.

For all other DOJ components, the primary Privacy Act system manager and address is EAP Administrator, Justice Management Division, U.S. Department of Justice, 1331 Pennsylvania Ave. NW., Suite 1055, Washington, DC 20530.


If you wish to be notified if the system contains a record pertaining to you, please follow the Record Access Procedures, below.


You may request notice about or access to any EAP records pertaining to you, request an accounting of any DOJ disclosure of these records, or request amendment or correction of these records as provided in the Department's Privacy Act regulations set forth in 28 CFR subpart D, Protection of Privacy and Access to Individual Records Under the Privacy Act of 1974. EAP records are located at various DOJ-operated and contractor-operated facilities, and you may make your request by writing directly to the Privacy Act Office of the component that maintains your EAP records. The appropriate address to use, and any additional requirements for submitting a request to a given component, are listed in Appendix I of 28 CFR part 16. Further details are provided in Attachment B of the Department's FOIA Reference Guide, available on the Department's Web site here: If you cannot determine where within the Department to send your request, you may send it to the FOIA/PA Mail Referral Unit, Justice Management Division, U.S. Department of Justice, Room 115, LOC Building, Washington, DC 20530-0001, and the Mail Referral Unit will forward your request to the component(s) that it determines to be most likely to maintain your records.

For the quickest possible handling, both the request letter and the envelope should be marked “Privacy Act Request.” The request should include a description of the records sought and must include sufficient information to verify your identity, including your full name, current address, and date and place of birth. You must sign and date your request, and your signature must either be notarized or submitted under 28 U.S.C. 1746, a law that permits statements to be made under penalty of perjury as a substitute for notarization. (While no specific form is required, you may obtain a form (Form DOJ-361) for use in certification of your identity from the FOIA/PA Mail Referral Unit at the address listed above, or on the Department's Web site at If you desire to request amendment or correction of information maintained in your records, you should also comply with the additional provisions in Contesting Record Procedures, below.


If you desire to contest and request amendment or correction of information about you maintained in the system, please follow the Record Access Procedures, above. In addition, you should also comply with the provisions of 28 CFR 16.46, which include requirements that you identify each particular record in question and state clearly and concisely what information is being contested, the reasons for contesting it, and the proposed amendment or correction that you want.


Records are generated by EAP personnel, the EAP client who is the subject of the record, the personnel office, employee relations/labor relations counsel, the EAP client's supervisor, the EAP client's co-workers, employee bargaining units, EAP contractors, referral counseling and treatment programs or individuals, and other outside sources. In the case of drug abuse counseling, records may also be generated by the staff of the Drug-Free Workplace Program and the medical review officer.



[FR Doc. 2012-2463 Filed 2-2-12; 8:45 am]