DHA Home About DHA Human Resources Contact Us FOIA Site Map
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

Systems of Records

According to the Privacy Act of 1974, as amended (Privacy Act), as implemented within the Department of Defense (DoD) by DoD 5400.11-R, a system of records is a group of records maintained by a DoD Component and containing an individual’s personally identifiable information (PII), which is retrieved by information unique to that individual. There must be actual retrieval from the system by a DoD Component by some information unique to the individual for the Privacy Act and DoD 5400.11-R to apply.

Systems of Records Notices

Prior to the lawful operation of a system of records by a DoD Component, the Privacy Act requires publication of a system of records notice (SORN) in the Federal Register. The SORN for a system of records sets out details related to a new system of records or, for existing system of records, that the system is being altered or amended. A SORN provides an opportunity for interested persons to comment, and also fulfills the Privacy Act notice requirements to inform the general public of the nature of the data a DoD Component is collecting, the purpose and authority for such collection, and the rules a DoD Component must follow in collecting, maintaining, using, and disclosing such data.

Effective October 1, 2013, many of the TRICARE Management Activity (TMA) SORNS were transferred to the new Defense Health Agency (DHA). However, some SORNs transferred to DHA may still have a system identifier starting with a "D" because of that SORN's previous assignment to the Office of Secretary of Defense/Joint Staff. These transferred SORNs will soon be republished to have a system identifier starting with an "E." A list of all DHA SORNs may be accessed here.

Establishing New (or Altering/Amending Existing) Systems of Records

  • Prepare and submit a SORN review checklist to provide all relevant system information necessary for review and evaluation by the DHA Privacy and Civil Liberties Office in preparation for creating a new SORN or for amending (or deleting) the SORN for an existing system.

  • Complete a system format document to properly capture and track potential system changes and updates.

  • Prepare a new or revised narrative statement which describes the system.

  • Incorporate in the final SORN draft the changes and updates from the system format document and the concepts in the narrative statement and submitted to SORmail@tma.osd.mil.

  • Submit completed SORN drafts to the DHA Privacy and Civil Liberties Office for review and processing.

System of Record Notices and Privacy Impact Assessments

A SORN is generally required when a group of records maintained by a DoD Component contains PII and that PII is retrieved by information unique to the individual whose PII is being retrieved. A Privacy Impact Assessments (PIA) is generally required when a DoD information technology (IT) system collects PII. In most cases, a system that requires a SORN will also require a PIA, but there are situations where only a SORN or PIA is required. To determine whether an IT system requires a PIA, please visit the DHA Privacy Office’s webpage on PIAs.

“On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."
DoD Seal
7700 Arlington Boulevard, Suite 5101, Falls Church, VA 22042-5101
The appearance of hyperlinks to external Web sites does not constitute endorsement by the TRICARE Management Activity of these Web sites or the information, products or services contained therein. For other than authorized government activities, TRICARE Management Activity does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD Web site. Accessibility/Section 508