6209.13,21.4-27.1 Page 1 of 32 FSH 6209.13 - FREEDOM OF INFORMATION ACT/PRIVACY ACT HANDBOOK WO AMENDMENT 6209.13-94-1 EFFECTIVE 12/8/94 21.4 - Other Agencies' Privacy Act Systems of Records That Affect Forest Service. (Ex. 01.) 21.4 - Exhibit 01 SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.4 - Exhibit 01--Continued SEE THE PAPER COPY OF THE MASTER SET FOR SECTION 21.4 - EXHIBIT 01. 21.5 - Records-Systems Prohibitions. No Forest Service employee may maintain any record describing how any individual exercises rights guaranteed by the first amendment of the Constitution, unless expressly authorized by statute or by the individual about whom the record is maintained, or unless pertinent to and within the scope of an authorized law enforcement activity. (Note that this is more rigorous than the "relevant and necessary" standard described in sec. 24.1.) The first amendment rights include, but are not limited to: 1. Religious and political beliefs. 2. Freedom of speech and of the press. 3. Freedom of assembly and petition. In determining whether a particular activity constitutes the exercise of a right guaranteed by the first amendment, apply the broadest reasonable interpretation. For example, if an individual wishes to find out how many employees belong to a professional association, explain that answering this request is voluntary for employees, because belonging to an organization is a first amendment right. Unless the request is for a specific law enforcement purpose, responses are not required. 21.6 - Criminal Penalties. The act establishes criminal sanctions for three violations: 1. Unauthorized Disclosure. Any employee in an official position with possession of, or access to, Forest Service records containing individually identifiable information, for which disclosure is prohibited, and who knowingly and willfully discloses the material in any manner to any person or agency not entitled to receive it, shall be guilty of a misdemeanor and be fined up to $5,000. 2. Failure To Publish Public Notice. Any employee who willfully maintains a system of records without meeting the public notice requirements (sec. 21.1 and 21.2) shall be guilty of a misdemeanor and be fined up to $5,000. 3. Obtaining Records Under False Pretenses. Any individual who knowingly and willfully requests or obtains any record concerning an individual from the Forest Service under false pretenses shall be guilty of a misdemeanor and be fined up to $5,000. Legal actions may be taken against the Forest Service as discussed in section 26. 21.61 - Government Contracts. Requirements of the PA outlined in this chapter, including criminal penalties, apply to contracts for the operation of a system of records for the Forest Service. Contractors and their employees operating such a system are considered Government employees while performing the contract. 22 - EXEMPTIONS FROM ACCESS TO SYSTEMS OF RECORDS. The PA provides individuals with the right of access to records maintained on them in most systems of records (for more information on access to records, see sec. 23). However, individuals do not have access in most cases to records systems listed in sections 22.1 and 22.2 that are exempt from disclosure. Certain other provisions apply to all systems of records, even those generally exempt from disclosure: conditions of disclosure, accounting for disclosures, restrictions on maintaining records about activities protected by the first amendment, and coverage in the PA Biennial Report (FS-6200-F, section 27). 22.1 - Special Exemptions. The PA does not require an agency to grant access to any information compiled in reasonable anticipation of a civil action or proceeding (5 U.S.C. 552a(d)(5)). 22.2 - Two General Exemptions. 1. Central Intelligence Agency Records. 2. Criminal Law Enforcement Records (such as Federal Bureau of Investigation records). 22.3 - Specific Exemptions. 1. Classified Material. This allows records to be kept secret when they are in the interest of national defense or foreign policy. 2. Investigatory Material Compiled for Law Enforcement Purposes. This material is exempt from access, with the following exception: if, because of the maintenance of such material, an individual is denied any right, privilege, or benefit to which he or she would otherwise be entitled by Federal law, the information shall be provided to the extent that access does not reveal the identity of a confidential source. 3. Records Maintained To Provide Protective Services. These include records maintained for providing protective services to the President of the United States or other individuals. 4. Statistical Records. Includes records required by statute to be maintained and used solely as statistical records. 5. Investigatory Material Compiled for Determining Suitability for Federal Employment or Military Service. This exemption applies only when disclosure of such material would reveal the identity of a source who furnished information under a promise of confidentiality from an Office of Personnel Management investigator. 6. Testing or Examination Material. Material used to assess the qualifications of an individual for appointment or promotion is exempt if disclosure to the individual would reveal information about the testing process that potentially provides an unfair competitive advantage. 7. Material Used To Evaluate Potential for Promotion in Armed Services. This exemption does not apply to the Forest Service. 22.4 - Obtaining an Exemption. To obtain an exemption from disclosure of information, the system manager must determine that the system falls within one of the exemptions in sections 22.1 through 22.3, and publish the determination as a public notice to meet the requirements of the Administrative Procedures Act (5 U.S.C. 553). The notice in the Federal Register must at least specify the name of the system, the specific exemption provision, and the reason. 23 - ACCESS TO RECORDS. The PA provides an individual the right of access only to records which are contained in a system of records, and only to those records retrieved by reference to the individual's name or some other personal identifier. See section 22 for records exempted from disclosure. If an individual is named in a record indexed under a heading other than an individual identifier, the act does not apply and the individual may not be given access to that record. These examples illustrate the application of the PA: 1. A record on Joan Doe as an employee in a file of employees, from which material is accessed by reference to her name. This is the simplest case of a record in a system of records and Joan Doe would have a right of access. 2. A reference to Joan Doe in a record about James Smith in the same file. This is also a record within a system, but Joan Doe would not be granted access to her record in James Smith's file. 3. A record about Joan Doe in a contract source evaluation file about her employer, Corporation X, which is not accessed by reference to an individual name or personal identifier. This is a record that is not in a system of records and, therefore, Joan Doe would not have a right of access. A system manager may not deny an individual access to a record covered by the PA solely because that record may be withheld under the Freedom of Information Act. The only grounds for denying access to such records are the PA exemptions (sec. 22.1, 22.2, 22.3, and 24.6). 23.1 - Requests. Requests for access to records may be made in person or may be submitted in writing to the system manager, unless the public notice describing the system prescribes otherwise (sec. 23.12). 23.11 - Requests Made in Person. An individual seeking access to his or her record may present a request personally to the system manager or system manager's designee during office working hours. 23.12 - Identification. Following are the requirements for identification of individuals seeking access to records: 1. In Person. Each individual making a request in person shall present satisfactory proof of identity, consisting of a document bearing the individual's photograph (such as a driver's license or identification card) or signature (such as a social security card or nationally recognized credit card). 2. Not in Person. System Mangers normally should instruct an individual who makes a PA request by telephone to confirm it in writing. System managers may, however, honor the request if they are able to identify the requester satisfactorily. 23.13 - Requests Made in Writing. An individual seeking access to a system of records must give a reasonable description of the specific record or records sought. If two or more systems with separate system managers are involved, make a separate request for each system. The request should state whether or not the individual wishes to inspect the records or desires copies of the records. If copies are made, apply the fee schedule in section 14.1 (ex. 01). To expedite handling, advise the requester to mark the envelope and the face of the request "PRIVACY ACT REQUEST." 23.14 - Third-Party Accompaniment. Individuals may bring a person of their choosing to review the record, upon request and provided the individuals furnish a written statement authorizing any discussion of their record in the other person's presence. Do not use this provision to require that individuals who request access with third-party accompaniment provide any reasons for the access or for the other person's presence. 23.15 - Approvals of Access. Grant requests promptly, unless: 1. The record was compiled in reasonable anticipation of a civil action or proceeding or 2. The record is in a system of records exempted from access provisions of the PA (sec. 22.1 and 22.2). Notify the requester when and where either the record or copies are available for inspection. If copies are requested, also notify the individual of the exact or approximate amount of fees due. The requirements to grant access or to provide copies do not necessarily require that the physical record itself be made available. The medium of the record (such as an electronic) may require that the record be extracted in some manner. Likewise, if a record contains personal information about other individuals not relevant to the request, extract that personal information and provide the appropriate record. When requested records are in the Federal Records Center, contact the appropriate Forest Service records officer to recall the files and make them available. 23.16 - Time Limits. System managers shall acknowledge requests for access to records within 10 working days of receipt of the request. Wherever practicable, indicate in the acknowledgment whether access can be granted and, if so, when. System managers should provide access granted to a record within 20 working days of receipt of the request. A system manager unable to meet this 20-day limit for good cause shall inform the individual in writing within 20 days of the reasons and the anticipated time that access will be granted. An example of good cause may be that the record is in a records center and is, therefore, not readily accessible. 23.17 - Fees. Use exhibit 01 in section 14.1 as a standard for the PA. The Office of Personnel Management prohibits charging for personnel records when the fee would be $15 or less. 23.2 - Denials of Access. Only Privacy Act system managers or their designees shall make decisions to deny requests for access to records in the systems for which they are responsible. The decision for a full or partial denial shall advise the individual in writing of: 1. Basis for denial. 2. Right to appeal. 3. Explanation of appeal process (FSM 6272.3 - 6272.4). 23.21 - Appeal of Denied Access. (FSM 6272.3 - 6272.4). 24 - COLLECTION OF INFORMATION. 24.1 - Evaluation. Do not collect personal information merely because an individual deems it useful. It must be both relevant and necessary to accomplish a purpose required by a statute or Executive order of the President. 24.11 - Question of Need. In analyzing the need for information, consider at least the following questions: 1. How does this information relate to the legal purpose for which the system is maintained? 2. What are the adverse consequences, if any, of not collecting that information? 3. What is the financial cost of maintaining the record as compared to the risk of not maintaining it? 4. Could the need be met through the use of information which is not in individually identifiable form? 5. Could part of the record be purged, consistent with the Federal Records Act and related regulations? 24.12 - Frequency. Privacy Act system managers must assess the legality, need, and relevance of the information contained in or proposed for each system of records at the following times: 1. When preparing public notices. 2. In connection with the initial design of a new system of records. 3. Before January 15, when Report FS-6200-F, PA Biennial Report, is prepared (sec. 27.3). This provision does not authorize destruction of records required under the Federal Records Act. 24.2 - Collecting Information From Individuals. System managers shall provide individuals with sufficient information about the request to enable them to make an informed decision regarding whether to respond. As a minimum, notify the individual about: 1. The authority for solicitation of the information (statute or Executive order of the President), 2. Whether disclosure of the information is mandatory or voluntary, 3. The principal purpose or purposes for which the information is intended, 4. The routine uses of the information, and 5. The effects on the individual, if any, of not providing all or part of the information. Personal information solicited from individuals (item 2) may be mandatory only if the requester cites the specific authority requiring that information be supplied. Even if such information is voluntary, however, the requester may be very frank about the detrimental effects upon individuals choosing not to supply it (item 5). See section 24.41 for information on providing social security numbers. 24.3 - Collecting Information by Interview. The interviewer shall provide a statement that the individual can retain. The interviewer also should orally summarize that information before the interview ends. 24.4 - Collecting Information by Form. The notice to the individual shall be on a form, a tear-off sheet attached to a form, or a separate sheet, whichever is most practical. 24.41 - Collecting an Individual's Social Security Number. The PA system manager must distribute a written explanation to each individual when a form or document is used to solicit a social security number. The written explanation shall include: 1. Whether disclosure of the social security number is mandatory or voluntary. 2. Statute or other authority for soliciting the social security number. 3. Use(s) to be made of the social security number. Collection of social security numbers may be listed as mandatory only if required by a statute or by a regulation issued by the Department of Agriculture before January 1, 1975. Furthermore, it is unlawful to deny any right, benefit, or privilege (including access to a record) provided by law to individuals because of their refusal to disclose a social security number, unless the specific authority is cited. Carefully word all statements on data collection forms to avoid denying an individual any rights, benefits, or privileges. 24.42 - Collecting Information From Third Parties. To the greatest extent practicable, collect information directly from an individual when that information may affect their rights, benefits, and privileges. Collecting information from third parties may be allowed, however, when it is the best available alternative. Consider these factors in deciding whether a third- party source is practical: 1. Type of information can come only from a third party. 2. Cost of collecting the information directly from the individual rather than a third party is unreasonably high. 3. Risk that inaccurate information collected from a third party could result in an adverse determination. 4. Information collected from an individual needs to be verified by a third party. 5. Provisions for the concerned individual to verify information collected from third parties before that information is used. 24.5 - Maintaining Collected Information. System managers must maintain records subject to the PA with administrative, technical, and physical safeguards to ensure the security, integrity, and confidentiality of records. 24.51 - Records Maintained Manually. Maintain records subject to the PA with the following minimum safeguards: 1. Post files in which the records are maintained with a warning that access is limited to authorized persons and that the Act contains a criminal penalty for unauthorized disclosure of such records (sec. 21.6). 2. During working hours, restrict access to the area in which records are maintained by locking them in a room or in file cabinets, or by limiting occupancy to personnel authorized for access. 3. During nonworking hours, lock records in file cabinets or in a room. 24.52 - Records Maintained in Computerized Form/Electronically. Data processing facility managers shall ensure that computerized data files subject to the act and maintained by the Agency or by private commercial facilities under Federal contract (sec. 21.61) have these minimum safeguards: 1. Limit the number of entrances to the computer facility and data storage areas to a minimum. 2. Secure all openings through which an intruder could gain entrance or receive material. 3. Provide adequate protection for remote terminals, tape libraries, trash areas, and so forth, which are not within the computer facility. 4. Devise fire protection and disaster response plans adequate for records storage area. 5. Store records containing personal data in locked desks, filing cabinets, or storage devices when not in use. 6. Apply the principle of "need to know" in determining permission to view, use, manipulate, or otherwise work with records containing personal data. 7. Conspicuously mark all records which contain personal data. 8. Dispose of or destroy records containing personal data according to direction in FSH 6209.11, section 40. Also see section 17.6. 9. Provide central registration and control of all keys and access methods to the computer facility and data storage areas and devices. 10. Conduct frequent unscheduled security inspections, reviewing unit operations to ensure that threats and hazards to data confidentiality and security are identified properly and appropriate safeguards are implemented. 24.53 - Standards of Accuracy. Ensure fairness to individuals by continually maintaining records used in making determinations about them with accuracy, relevance, timeliness, and completeness. 24.54 - Mailing Lists. The Agency may not sell or rent an individual's name and address, unless such action is specifically authorized by law. This provision still allows distribution of names and addresses otherwise permitted to be made public, following the fee schedule for copies in section 14.1 (ex. 01). 24.6 - Disclosure of Records. Obtain written consent from individuals before disclosing their records to anyone except in the following situations: 1. For employees of the Department of Agriculture who need the record to perform their duties. 2. When disclosure is required by the Freedom of Information Act (FOIA). 3. For routine uses, as described in the public notice about the system. 4. To the Bureau of the Census for planning or carrying out a census or survey. 5. To recipients who produce adequate advance assurance that they will use the records only for statistical research or reporting and will not provide the record in a way that an individual can be identified. 6. For the National Archives and Records Administration as a record with sufficient historical or other value to warrant continued preservation. 7. To another Federal, State, or local government jurisdiction for a civil or criminal law enforcement activity, on receipt of a written request which states the desired portion and the intended use. Request must be signed by the Head of the Agency or designated Acting. 8. To a person who shows compelling reasons affecting the individual's health and safety and only after disclosure notification has been sent to the concerned individual's address. 9. For a committee or subcommittee of either House of Congress, but only to the extent of its subject-matter jurisdiction. 10. To the Comptroller General or any authorized representative of the General Accounting Office in the performance of official duties. 11. Under a court order. 12. When a congressional office establishes that it is working on behalf of a constituent and needs certain records of that individual to process the request. Take note that the above exceptions to allow disclosure of records without written consent are not mandatory. The system manager shall establish a third party's "need to know" according to the PA before releasing any records. In making such a judgment, a system manager also shall avoid obstructing the orderly conduct of Federal Government business and delaying services performed in the individual's interest. Examine all PA requests in relation to FOIA provisions, especially exemption 6 (sec. 11.4). If the FOIA requires release of the information, the system manager must comply and no further consideration of the PA requirements is necessary. 24.61 - Accounting of Disclosure. With the exception of items 1 and 2 of section 24.6, make an accounting whenever a record is disclosed to any person or to another agency. The disclosure accounting must show: 1. Date of disclosure. 2. Name and address of person or agency to whom disclosure was made. 3. Nature and purpose of the disclosure. System managers shall explain only why they released the information. Do not ask individuals to explain or justify access to their own records. Ask for a justification from a requester seeking access to another individual's record and also obtain permission from that individual before release (if not contained in the "routine use"). The PA requires audit trails on all systems of records. System managers shall maintain records for the time frame specified in FSH 6209.11, Records Management Handbook. Failure to maintain such accountings may result in criminal penalties (sec. 21.6). 24.62 - Access to Disclosure Accounting. Except for records requested for civil or criminal law enforcement activities (sec. 24.6, item 7), make accountings of all disclosures of a record available if the concerned individual so requests. 24.63 - Correspondence. Transmit all correspondence related to access and amendment of records in a sealed envelope marked "FOR OFFICIAL USE ONLY." 25 - AMENDMENTS OF RECORDS. 25.1 - Requests for Amendment. Any individual may submit a request to amend or correct a personal record. Separate requests must be made for amendments in each system with a different system manager. To facilitate the request, the system manager should advise the requester to write the petition for amendment and address it to the system manager of the record. Advise the requester to include the following in the petition: 1. The basis for the requested correction or amendment (with all available supporting documents and materials), identifying whether the current information in the record is unnecessary, inaccurate, irrelevant, untimely, or incomplete. 2. The specific wording to be deleted, if any. 3. The specific wording to be inserted or added, if any, and the exact place for the insertion or addition. 4. The words "PRIVACY ACT REQUEST" on the face of the envelope and the letter. 25.11 - Processing Requests. The PA system manager shall acknowledge a request to correct or amend a record by notifying the requester, no later than 10 working days after receipt, estimating the time needed for action on the request and asking for further information if needed to process the request. In estimating time, take into account any unusual circumstances. Do not send an acknowledgment if the request can be processed and the individual notified within 10 days. At the time submitted, acknowledge in writing a request filed in person. The system manager shall consider the following criteria in reviewing a request for amendment: 1. The relevance and necessity of the information in terms of the purpose for which it was collected. 2. The timeliness, completeness, and currency of the information in view of the purpose for which it was collected. 3. The degree of possibility that denial of the request could result unfairly in determinations adverse to the individual. 4. The character of the record to be amended. 5. The propriety and feasibility of complying with the means of amendment requested. The Forest Service will not gather evidence for the individual, but reserves the right to verify the evidence which the individual submits. 25.2 - Approvals. If a request petition is approved, in whole or in part, the PA system manager shall: 1. Correct the record accordingly, 2. Advise the individual in writing of such action, and 3. Advise all previous recipients of the record in writing that the correction was made and state the substance of the correction. 25.3 - Denials. PA system managers shall deny an individual's request to correct or amend a record only when (1) the individual does not show enough evidence to justify the amendment, or (2) the individual substantially fails to comply with the procedural requirements of section 25.1. If the request for amendment is denied, in whole or in part, the system manager shall so advise the individual in writing, providing: 1. The reasons for the denial, citing the appropriate section of this chapter. 2. Information on the appeal procedure (FSM 6272.3 and 6272.5). 25.4 - Time Limits. PA system managers shall acknowledge receipt of a request for amendment within 10 working days after receipt, unless a decision on the request has been sent already. The system manager must decide to accept or reject the petition within 20 working days after receipt. Suspend the 20-day time limit and notify the requester if additional information is required in support of the petition. The 20-day time limit resumes when the system manager receives the additional information. The system manager may extend the 20-day time limit for a decision on a petition request for the following reasons: 1. A decision requires analysis of voluminous records. 2. Part of the challenged records must be collected from facilities at another location. 3. Part of the challenged records is of concern to another Department or Federal agency whose assistance and views are needed for processing the request. A system manager who determines an extension is necessary shall promptly inform the requester of the extension and the expected decision date. 25.5 - Appeal of Denied Amendment. (FSM 6272.3 and 6272.5). 26 - CIVIL REMEDIES. An individual may seek court relief if the Forest Service violates any requirement of the Privacy Act. An individual may have grounds for action under provisions of the law in addition to those provided in this chapter. Examples are: 1. An individual may seek judicial review under other provisions of the Administrative Procedures Act. 2. A Federal employee may file a grievance under Forest Service personnel procedures or through a union contract. 3. Other legal actions as explained in section 21.6. 26.1 - Grounds for Civil Action. An individual may seek a remedy in the Federal district courts whenever the Forest Service makes an adverse decision or takes an adverse action. An individual may seek judicial review after exhausting all administrative remedies, and may seek an injunction for the following: 1. Refusal To Amend Record. 2. Denial of Access to Record. An individual may contest the Forest Service's interpretation of the definitions in the act that apply to information maintained by the Agency. 3. Failure To Maintain Record Accurately. An individual may bring action by showing that the deficiency in the record resulted in an adverse determination. 4. Failure To Comply With Any Other Provision of Act. Civil action may be brought against the Forest Service by showing that the Agency's failure related to a record was intentional or willful and that it had an adverse effect on the individual in the record. If the court rules for an individual in any suit brought against the Forest Service under items 1, 2, or 3, it may direct the Agency to take the appropriate action and to pay court costs and attorney fees. If the court determines that the claim of adverse effect is true and was caused by an intentional or willful act in a suit brought against the Forest Service under item 4, the Agency shall be liable to the individual for: 1. Cost of actual damages sustained by the individual, but no less than $1,000, and 2. Court costs and attorney fees. 27 - REPORT FS-6200-F, PRIVACY ACT BIENNIAL REPORT. Each Region, Station, Area, and the Institute shall submit to the Washington Office FOIA officer report FS-6200-F, PA Biennial Report, by January 15, covering activity for a two year period. Summarize the following information in the report: 1. Major accomplishments. 2. Major plans for activities next year. 3. List of systems exempted, the number of instances with respect to each system exempted in which the exemption was invoked to deny access, and the reasons for invoking the exemption. 4. Changes to the total inventory of personal data system including reasons for major changes. 5. Estimates of the number of individuals (in relation to the total number of records in the system) who have: a. Requested information in writing on the existence of records pertaining to them. b. Refused to provide information. c. Requested access to their records in writing. d. Requested to amend their records. e. Appealed initial refusals to amend records in writing. The Washington Office Freedom of Information Act officer sends the consolidated report FS-6200-F, Privacy Act Biennial Report, to the Office of Governmental and Public Affairs (USDA) by February 1. The Department later submits the report to Congress and the Office of Management and Budget. 27.1 - Exhibits. System managers may refer to exhibits 01 through 05 for sample responses to adapt for their use when responding to PA requests. 27.1 - EXHIBITS 01 THRU 05 ARE SEPARATE DOCUMENT.