Record Use, Retention & Dissemination

Overview

At DCSA, we control the reports, information, and other investigative materials developed during the vetting process. During the vetting process, DCSA allows certain uses for decentralized copies.

Decentralized Copies and How They’re Used

Investigative materials are maintained as part of Personnel Vetting Records System, DUSDI 02-DoD, system of records notice. When DCSA discloses a record from this record system to an agency, the disclosed record shall be considered a decentralized copy.

The decentralized copy remains a part of the Personnel Vetting Records System even while the copy is in the recipient agency’s custody. Under sections 1.1(e) and 1.3(q) of E.O. 13467, as amended, investigative records “developed during the vetting process,” including for “ongoing assessments,” are subject to the investigating agency’s controls while in use by recipient departments and agencies.

Copy Retention

Decentralized copies must be consistent with the guidance defined in applicable NARA General Records Schedules. Under NARA General Records 5.6, section 170, investigative reports and related documents furnished to an agency by the investigation service provider (ISP) should be destroyed in accordance with the ISP’s instructions.

Decentralized records may be maintained only so long as the subject of the report remains of interest to the agency for the purposes defined in the DUSDI 02-DoD SORN (e.g. suitability, security, credentialing purposes). Upon separation or when the subject is no longer of interest to the agency, the agency must dispose of any/all background investigation records.

Internal Dissemination

Internal Dissemination is the sharing of information within an organization. Learn how recipient departments and agencies may retain and use decentralized copies from DCSA for internal dissemination.

Supporting Policies

Recipient departments and agencies may retain and use the decentralized copy (which include the received reports, information, and other investigative material) within that recipient for authorized purposes (including, but not limited to, adjudications, hearings and appeals, continuous evaluation (CE), inspector general functions, counterintelligence, research, and insider threat programs), in compliance with subsection (b)(1) of the Privacy Act of 1974, as amended (section 552a of title 5, United States Code).

While EO 13467 section 1.1(e) allows agencies to release records, “any redisclosure” should be coordinated with the DCSA FOI/P Office for Investigations to ensure that the redisclosure “…does not violate statutory restrictions or result in unauthorized disclosure….”

Limitations

DCSA background investigation records do include items that have been disclosed to DCSA with redisclosure limitations. Even when internally sharing a background investigation, recipient agencies should be mindful of the purpose and should be cognizant of the following limitations:

Appropriately marked classified material (Top Secret, Secret, Confidential data) may be part of the investigative file. This type of data should only be disclosed if the recipient has a need to know, is properly cleared, and has the appropriate level of investigation and security clearance.
Other government agency data and reports. Recipient agencies should accordingly consult directly with that other government agency prior to re-disclosing that other government agency’s record to another internal agency component for a purpose other than which it was collected.
Financial information protected by either the Fair Credit Reporting Act (e.g., a Credit Report) or the Right to Financial Privacy Act (e.g., FINL items collected with a special OFI-16A release) has redisclosure limitations.
FINCEN information is protected by the Bank Secrecy Act.
IRS Tax Information collected with a 4506-T release is potentially limited as a result of 26 U.S.C. 6103.
Fingerprint Name Check Only results; National Crime Information Center (NCIC) checks; and Interstate Identification Index (Triple I) searches;
Law Enforcement / Criminal History Record Information, collected under title 5, U.S.C. 9101(b)(1) is limited. Part 9101(d) indicates redisclosure limitations.
Information that is otherwise exempt from release under the Privacy Act or the FOIA.

Help With Questions on Internal Dissemination

If your office intends to share a DCSA background investigation record internally within your agency, and you question the releasability of certain items, please contact DCSA FOI/P Office for Investigations and ask to speak with a Government Information Specialist in the Records Receipt & Maintenance branch.

878-274-1185

External Dissemination

External Dissemination is the sharing of information outside an organization. Learn about external dissemination of a decentralized copy to a subject for the purpose of providing procedural rights or administrative due processes.

Supporting Policies

Recipient departments and agencies may only release a decentralized record to an investigative subject for the purpose of providing procedural rights or administrative due process, in compliance with EO 13467, section 1.1(e), as amended.

Recipient agencies shall direct any other requests for external releases of copies of the reports, information, or other investigative materials to the DCSA's FOI/P Office for Investigation. DCSA's FOI/P Office for Investigation will make a release determination by applying the routine uses described in DUDSI 02-DoD or other uses permitted in 5 U.S.C. 552a(b); or, in the case of a Freedom of Information Act (FOIA) referral, by applying the FOIA.

While EO 13467 section 1.1(e) allows agencies to release records, any redisclosure should be coordinated with the DCSA's FOI/P Office for Investigation to ensure that any redisclosure “…does not violate statutory restrictions or result in unauthorized disclosure….”

Privacy Act Access or Amendment Requests

Under 32 CFR 310, only DCSA's FOI/P Office for Investigation can respond to initial Privacy Act requests for background investigation records in the Personnel Vetting Records System, DUSDI 02-DoD, system of records. If an agency receives, from the subject of investigation and/or their representative, a request for access to or amendment of the background investigation in their agency’s possession, the agency should contact the DCSA's FOI/P Office for Investigations and refer that request to DCSA's FOI/P Office for Investigations for Investigation accordingly.

Exceptions: Release of the following items may be made to the subject of investigation without first requesting permission from the DCSA's FOI/P Office for Investigations:

The individual’s credit report
The individual’s fingerprint results (fingerprint results only, not any name-based search results from the FBI)
The individual’s completed Standard Form (e.g., SF86)

Limitations

The received investigative information may include items disclosed to DCSA with redisclosure limitations. Agencies should be cautious of the following limitations:

Classified material such as Top Secret, Secret, Confidential, even if the Subject already has a clearance
Information that would reveal the identity of a source granted confidentiality
Sensitive or Restricted Medical information. If a subject’s investigation includes sensitive medical data annotated as releasable only through another medical provider, recipient agencies should work through DCSA's FOI/P Office for Investigation prior to disclosing these records to a subject
Other government agency data and reports. Recipient agencies must accordingly consult directly with that other government agency prior to disclosing that other government agency’s record to their subjects.
Fingerprint Name Check Only results; National Crime Information Center (NCIC) checks; and Interstate Identification Index (Triple I) searches;
Information that would reveal FINCEN as the source of the information provided
Law Enforcement information containing specific restrictive language unless requested pursuant to section 9101(b)(1) of title 5, U.S.C.
Part 9101(d) indicates criminal history record information received under (b)(1) shall be made available to the individual who is the subject of such information upon request
Information that is otherwise exempt from release under the Privacy Act or the FOIA. If the agency has reason to believe an investigative record contains exempt information, the agency should work through DCSA’s FOI/P office prior to disclosing these records to a subject. As explained below, the DCSA's FOI/P office can provide a sanitized copy of the investigative record for the agency to disclose to the subject.
Information concerning other persons (3rd party information)
OPM test material that includes reference to actual scoring, rating, or examining criteria

Request Releasable Copies

DCSA's FOI/P Office for Investigation can, if the agency requests, prepare a version of the background investigation report for release to the subject for due process or procedural purposes, such as the “materials relied upon”. The request can be made with one of the following methods:

Email: dcsa.boyers.dcsa.mbx.inv-foip@mail.mil
Fax: (724) 794-4590
Physical Address: Defense Counterintelligence and Security Agency Freedom of Information and Privacy Act Office Supervisory Government Information Specialist PO Box 618 Boyers, PA 16018

For deliveries requiring a street address use:
1137 Branchton Road
Boyers, PA 16018