StacksVerified U.S. regulatory reference

20 CFR §401.90

Verified against eCFR.gov as of June 20, 2026View official text on eCFR.gov
  1. (a)All contracts which require a contractor to maintain, or on behalf of SSA to maintain, a system of records to accomplish an SSA function must contain a provision requiring the contractor to comply with the Privacy Act and this part.
  2. (b)A contractor and any employee of such contractor will be considered employees of SSA only for the purposes of the criminal penalties of the Privacy Act, 5 U.S.C. 552a(i), and the employee standards of conduct (see appendix A of this part) where the contract contains a provision requiring the contractor to comply with the Privacy Act and this part.
  3. (c)This section does not apply to systems of records maintained by a contractor as a result of his management discretion, e.g., the contractor's personnel records.