(a) The Board shall ensure that all persons involved in the design, development, operation, or maintenance of any Board systems are informed of all requirements necessary to protect the privacy of individuals. The Board shall ensure that all employees having access to records receive adequate training in their protection and that records have adequate and proper storage with sufficient security to ensure their privacy.
(b) All employees shall be informed of the civil remedies provided under 5 U.S.C. 552a(g)(1) and other implications of the Privacy Act and of the fact that the Board may be subject to civil remedies for failure to comply with the provisions of the Privacy Act and the regulations in this part.