§ 1.28 Training, rules of conduct, penalties for non-compliance.
(a) Training. The Deputy Assistant Secretary for Privacy, Transparency, & Records must institute a Departmental training program to instruct Treasury employees and employees of Government contractors covered by 5 U.S.C. 552a(m), who are involved in the design, development, operation, or maintenance of any system of records, on a continuing basis with respect to the duties and responsibilities imposed on them and the rights conferred on individuals by the Privacy Act, the regulations in this subpart, including the appendices thereto, and any other related regulations. Such training must provide suitable emphasis on the civil and criminal penalties imposed on the Department and the individual employees by the Privacy Act for non-compliance with specified requirements of the Act as implemented by the regulations in this subpart. Components may supplement or supplant the departmental annual privacy awareness training to address Privacy Act issues unique to their missions. (See 5 U.S.C. 552a(e)(9).)
(b) Rules of conduct. In addition to the Standards of Conduct published in part O of this title, particularly 31 CFR 0.735–44, the following applies to Treasury employees (including, to the extent required by the contract or 5 U.S.C. 552a(m), Government contractors and employees of such contractors), who are involved in the design, development, operation, or maintenance of any system of records, or in maintaining any records, for or on behalf of the Department, including any component thereof.