• Record Type:
    OSHA Instruction
  • Current Directive Number:
    ADM 03-00-001
  • Old Directive Number:
    ADM 3-6.2
  • Title:
    OSHA TSCA Confidential Business Information Security Manual
  • Information Date:

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Subject: OSHA TSCA Confidential Business Information Security Manual

A. Purpose. This instruction establishes a security system to enable OSHA to ensure the confidentiality of information obtained by EPA under the Toxic Substances Control Act and on loan to OSHA.

B. Scope. This instruction applies OSHA-wide.

C. References. The following documents may provide further clarification if any is needed.

1. 15 USC 2613, Disclosure of Data (TSCA)
2. 5 USC 552 Freedom of Information Act
3. 40 CFR Part 2, Confidentiality of Business Information
4. 41 CFR Chapter 15, Public Contracts and Property Management
5. EPA, TSCA Confidential Business Information Security Manual.

D. Policy. Anyone seeking access to or using TSCA Confidential Business Information in OSHA's possession shall be bound by the security procedures set forth in this manual, and shall be held responsible for any violation resulting in unauthorized disclosure of the information.

E. Treatment of Violation.

1. Unauthorized disclosure of TSCA Confidential Business Information may subject an employee to the criminal penalties under TSCA Section 14 (d)(1) as follows: "Criminal Penalty for Wrongful Disclosure - (1) Any officer or employee of the United States or former officer or employee of the United States,

OSHA Instruction ADM 3-6.2 OCT 1, 1981 Office Of Management Systems And Organization

who by virtue of such employment or official position has obtained possession of, or has access to, material the disclosure of which is prohibited by subsection (a), and who knowing that disclosure of such material is prohibited by such subsection, willfully discloses the material in any manner to any person not entitled to receive it, shall be guilty of a misdemeanor and fined not more than $5,000 or imprisoned for not more than one year, or both."
2. Violations of these procedures by employees may result in removal from the authorized access list. Violations resulting in unauthorized disclosure of TSCA data will prosecuted to the full extent of the law.

Thorne Auchter Assistant Secretary

Distribution: National

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Table of Contents

Chapter

I. Definitions
II. Responsibilities
III. Access and Handling of TSCA Information

Appendix

A. Request for Access to TSCA Confidential Business Information
B. TSCA Federal Non-EPA Employee Confidentiality Agreement
C. Confidentiality Agreement for United States Employees Upon Termination or Transfer
D. TSCA Confidential Business Information Inventory Log
E. TSCA Confidential Business Information Cover Sheet
F. TSCA Confidential Business Information User Copy Sign Out Log
G. Loan Receipt for TSCA Confidential Business Information

-i-

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Chapter I

DEFINITIONS

A. "Access" is the ability and opportunity to gain knowledge of Confidential Business Information (in any manner whatsoever).

B. "Authorized Person" is any person authorized to receive TSCA Confidential Business Information in accordance with the requirements of Chapter II.

C. "TSCA" Confidential Business Information" is any information in any form received by OSHA through EPA from any person, firm, partnership, corporation, association, or local, state or Federal agency, or foreign government, which contains trade secrets or commercial or financial information, and which has been claimed as confidential by the person submitting it and which has not been determined to be non-confidential under the procedures in 40 CFR Part 2

D. "Document" is any recorded information regardless of its physical form or characteristics, including, without limitation, written or printed material; data processing card decks, printouts, and tapes; maps, charts; paintings; drawing; engravings; sketches; working notes and papers; reproductions of such things by any means or process; and sound, voice or electronic recordings in any form. Under the provisions of this instruction, however, OSHA cannot accept computer tapes or other media requiring computer security.

E. "Document Control Assistant (DCA)" is a person who is responsible for assisting the Document Control Officer in performing duties related to information processing, document control and security.

F. "Document Control Number" is the unique number assigned by a Document Control Officer to a document containing TSCA Confidential Business Information.

G. "Document Control Officer (DO)" is the Director of the Technical Data Center and is responsible for the security, control, and distribution of all TSCA Confidential Business Information received by him/her.

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

H. "Employee" is any person employed by OSHA on a full time or part time basis in accordance with the procedures of the Office of Personnel Management. This definition does not include contractors, grantees, or their employees.

I. "Information" is knowledge which can be communicated by any means.

J. "Secure Facility" is a building or portion of a building which has been inspected and approved prior to use by the EPA Office of Inspector General (OIG) for handling TSCA Confidential Business Information.

K. "Secure Room" is a room approved prior to use by the EPA Office of Inspector General (OIG) for storage and/or use of documents, electronic media, and microforms in accordance with Chapter II.C.2.

L. "Violation" is the failure to comply with any provision this manual, whether or not such failure leads to actual unauthorized disclosure of TSCA Confidential Business Information.

I-2

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Chapter II

RESPONSIBILITIES

A. Deputy Assistant Secretary. The Deputy Assistant Secretary shall review and approve the suitability of all OSHA employees identified as requiring access to TSCA Confidential Business Information. (See Chapter III.)

B. Directors of Directorates and Regional Administrators. Program Directors and RAs are responsible for implementing these procedures within their areas of responsibility. Specifically, they shall:

1. Designate employees on their staffs for access to TSCA Confidential Business Information, subject to the approval of the Deputy Assistant Secretary.
2. Obtain a Confidentiality Agreement (See Appendix C) from all employees requiring and approved for access to TSCA Confidential Business Information.
3. Ensure that authorized personnel participate in training and education programs, as available, regarding the security of TSCA Confidential Business Information.
4. Take appropriate disciplinary action when any employee fails to comply with the procedures set forth in this manual.
5. Approve all written requests for TSCA Confidential Business Information which involve movement of documents from one OSHA facility to another.

C. Document Control Officer (DCO). The Director of the Technical Data Center shall act as DCO for OSHA. (Regional Administrators shall designate Document Control Assistants and set up secure facilities if they need access to TSCA data.) The DCO is responsible for the control and security of TSCA Confidential Business Information. Specifically, his/her responsibilities include the following.

1. Maintaining a current list of all DCOs, DCAs, and authorized personnel throughout OSHA.
2. Maintaining a file of all signed Confidentiality Agreements for all authorized persons throughout OSHA.

II-I

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

3. Interpreting and/or clarifying the procedures in this manual as needed to facilitate their implementation.
4. Serving as consultant to all OSHA personnel regarding these procedures and any other matters relating to security of Confidential Business Information.
5. Logging of all TSCA Confidential Business Information received, both incoming and outgoing, including computer generated printouts.
6. Assigning a document control number and attaching a cover sheet (Appendix E) to all TSCA Confidential Business Information documents when the document lacks either of the above.
7. Releasing Confidential Business Information to authorized persons only.
8. Ensuring that authorized persons who request overnight use of TSCA Confidential Business Information have proper storage facilities available prior to release of such information. (Overnight use of the documents is possible, but not encouraged).
9. Maintaining a system for retrieval of documents.
10. Maintaining a system to ensure that any TSCA Confidential Business Information transmitted to other offices is received.
11. Authorizing and supervising the reproduction and destruction of TSCA Confidential Business Information.
12. Conducting an annual inventory of all Confidential Business Information documents in OSHA.
13. Reporting any case of alleged or actual wrongful disclosure of Confidential Business Information immediately to the DOL Office of Inspector General, the EPA Office of Inspector General, and the EPA Assistant Administrator for Pesticides and Toxic Substances.
14. Administering, witnessing, and keeping on file the Confidentiality Agreements for United States Employees upon Termination or Transfer for employees who have had access to Confidential Business Information and are transferring or terminating.

II-2

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

D. Document Control Assistants. DCAs are responsible for performing the duties listed in paragraph C above, as assigned by the DCO to whom they report. (DCA's in Regional Offices shall report to the DCO in the TDC.) In the absence of the DCO, the DCA may act for him/her in routine matters. Difficult, unusual, or non-routine questions or situations should be referred to the DCO.

E. Employees. Employees are responsible for the control and security of all TSCA Confidential Business Information received by them. Specifically, their responsibilities include the following:

1. Discussing TSCA Confidential Business Information only with authorized persons.
2. Safeguarding Confidential Business Information when in actual use as specified in Chapter III.
3. Storing TSCA Confidential Business Information as specified in Chapter III when not in use and at close of business.
4. Safeguarding combinations to locks, safes, and rooms that secure Confidential Business Information.
5. Reporting immediately possible violations of TSCA or of these procedures to the DCO and the Director, Office of Personnel Management (see paragraph F).
6. Not reproducing TSCA Confidential Business Information documents. Copies must be obtained through the DCO.
7. Not discussing TSCA Confidential Business Information over the telephone except upon approval of the Program Director or the RA.

F. Director, Office of Personnel Management. The Director of the Office of Personnel Management is responsible for assisting in implementing these procedures. Specifically, his/her responsibilities include the following:

1. Ensuring that appropriate investigations of employees are conducted when required.
2. Conducting fact finding in cases of violations of these procedures where no wrongful disclosure of Confidential Business Information is evident and furnishing the

II-3

OSHA Instruction 3-6.2 October 1, 1981 Office Of Management Systems And Organization

results to the appropriate Office Director or Regional Administrator for remedial and/or disciplinary action.

G. Director, Office of Administrative Services. The Director shall provide services to establish and maintain the secure facilities and rooms necessary to protect TSCA Confidential Business Information in OSHA' s possession. Specifically, he/she shall conduct periodic physical security surveys to ensure compliance with this instruction.

II-4

OSHA Instruction 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Chapter III

ACCESS AND HANDLING OF TSCA INFORMATION

A. Access to and Handling of TSCA Confidential Business Information.

1. Initiating Request. Directors of Directorates, Office Directors, and Regional Administrators shall initiate requests for any of their employees to be placed on the authorized access list for TSCA Confidential Business Information. By (1) completing Part I of Request for Access to TSCA Confidential Business Information (OSHA-76) (see Appendix A); (2) obtaining from the employee a signed Confidentiality Agreement; (Appendix B) and (3) transmitting both to the Deputy Assistant Secretary.
2. Approving Operational Needs. The Deputy Assistant Secretary will approve or disapprove the request on the basis of operational need by completing Part II of the Request (OSHA-76). He/she may limit or circumscribe such access in any way he/she deems appropriate. If approved, the form will be sent to the Director, Office of Personnel Management.
3. Investigation. All employees authorized for access to Confidential Business Information must have, at a minimum, a National Agency Check and Inquiries (NACI) prior to such access, unless a waiver is approved (see paragraph II.A.4. Employees such as DCOs, and others designated by the Deputy Assistant Secretary who require full and continuous access to Confidential Business Information must have a full background investigation prior to access. The Office of Personnel Management will verify that (1) an appropriate investigation has been conducted, and (2) there is nothing of record to preclude access to TSCA Confidential Business Information. If these two conditions are met, the Director, OPM, or his/her designee, will complete Part III of the Request for Access (OSHA-76). Upon this action the employee becomes an authorized person and the DCO will place his/ her name on the authorized access list. The DCO will furnish each Director of a Directorate and each RA with a list of of the authorized persons on his/her staff.

III-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

4. Waivers. If the appropriate investigation has not been completed and there is an urgent need for an employee to have access, the Deputy Assistant Secretary may request a waiver. Personnel will initiate an NACI or full field investigation, as appropriate, and concurrently obtain a name check from the FBI and Federal Office of Personnel Management. If the name checks reveal nothing of record to preclude access, the employee will be placed on the authorized access list.

B. Procedures for Gaining Access to TSCA Confidential Business Information. The procedures for obtaining documents containing TSCA Confidential Business Information are as follows:

1. The authorized person will request the document from the appropriate DCO.
2. The DCO will verify that the requestor is on the authorized access list.
3. The DCO will obtain the document from local secure storage or EPA and make a copy of it. The original shall remain with the DCO.
NOTE: OSHA can only accept hardcopy of TSCA Information. No computer tapes are acceptable.
4. If the requestor has storage capability as described in Chapter III.C.2., he/she may check the document out for a maximum of 30 days. Otherwise, the document must be returned to the DCO by close of business that same day.
5. The DCO will enter the appropriate information in the User Copy Sign Out Log (OSHA-78A) (Appendix F) and will assure that the copy has a document control number and a cover sheet.

C. Procedures for Handling TSCA Confidential Business Information.

1. Receipt. Upon receipt of documents, including computer generated printouts, containing TSCA Confidential Business Information, the Document Control Officer shall:

III-2

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

a. Assign a Document Control Number to any document that does not already have one.
b. Attach a TSCA Confidential Business Information Cover Sheet to any document that does not already have one; and
c. Enter all TSCA Confidential Business Information received into the Inventory Log (OSHA-77) (Appendix D).
Such a document will be considered the original. When an authorized person wishes to gain access to the document, the procedures in Chapter II. B.1. shall be followed.
2. Storage.
a. When not in use and at close of business, TSCA Confidential Business Information must be stored, at a minimum, within a metal cabinet with a bar and 3-way changeable combination padlock approved by EPA.
b. When warranted by the volume of Confidential Business Information, Central Document Storage rooms may be authorized by the Deputy Assistant Secretary provided they are approved, prior to use, by EPA. These rooms must include combination locked doors and may include one or more of the following, depending upon the location, construction and configuration of the room.

(1) Contact alarmed doors/windows
(2) Ultrasonic alarm
(3) Vibration alarms

(4) Other remote intrusion alarms
c. Combinations to cabinets and/or rooms where Confidential Business Information is stored may be issued only to authorized persons. Combinations must be changed once each year or every time a person who knows a combination terminates or transfers, whichever comes first.

III-3

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

3. Safeguards During Use. Confidential Business Information, when in actual use by an authorized person, shall be protected as follows.
a. Kept under the constant surveillance of an authorized person, who is in a physical position to exercise direct security controls over the material
b. Covered, turned face down, placed in storage containers, or otherwise protected, when unauthorized persons are present.
c. Returned to approved storage containers when not in use and at close of business
d. Discussed only with other authorized Persons.
e. Within a office one authorized person may transfer custody of a confidential business information document to another authorized person, provided the Loan Receipt for TSCA Confidential Business Information (Appendix G) is used. A copy of the Receipt Form shall be furnished to the DCO. The secondary recipient shall also sign the Cover Sheet.
4. Transmission.
a. External
(1) Requests for TSCA Confidential Business Information which require the transmission of documents from one OSHA facility to another, or to persons or parties outside OSHA must be in writing and signed by the appropriate official.
(2) TSCA Confidential Business Information must be transmitted by Registered Mail, return receipt requested, in a double envelope. The inner envelope must reflect the address of the recipient with the following additional wording on the front side of the inner envelope: "Confidential Business Information To Be Opened By Addressee Only." The outer envelope must reflect the normal address without the additional wording.
(3) Authorized persons may handcarry TSCA Confidential Business Information to other OSHA

III-4

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

facilities or to persons or parties outside OSHA providing the Document Control Officer maintains a record and obtains a receipt from the person receiving the information. Information being handcarried should be packaged as described in II.C.4.a.(2)
b. Internal. Within an OSHA installation, TSCA Confidential Business Information shall be handdelivered only, by one authorized person to another. At no time shall Confidential Business Information be transmitted through inter-office mailing channels.
5. Reproduction. TSCA Confidential Business Information may not be reproduced except upon approval by and under the supervision of a DCO or DCA. Any reproduction should be kept to an absolute minimum. The DCO or DCA shall enter all copies into the document control system and apply the same control requirements as for the original.
6. Destruction. TSCA Confidential Business Information documents may not be destroyed except upon approval by and under the supervision of a Document Control Officer. The originals of materials provided by EPA shall not be destroyed, but returned to EPA. All copies shall be destroyed before returning the document to EPA. Printed material shall be destroyed by shredding or burning and the Document Control Officer shall remove and retain the Cover Sheet for one year. Micrographic material shall be chemically destroyed. Information stored on magnetic material shall be destroyed by degaussing. The DCO shall keep a record of the destruction in the Inventory Log for originals, and in the User Copy Sign Out Log for copies.
7. Meetings. For any meeting, symposium, panel discussion, or seminar at which Confidential Business Information will be discussed, the meeting chairperson shall:
a. Provide a sign-in sheet, including the date, time, place and subject of the meeting and require all attendees to sign it and record their DOL identification card number. The Chairperson shall give the sign-in sheet to the Document Control Officer who will retain it for one year.
b. Ensure that only authorized persons are present and shall announce that Confidential Business

III-5

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Information it to be discussed.
c. Review with the attendees their responsibility for safeguarding Confidential Business Information in any and all forms, including, but not limited to any notes taken, any subsequent discussions.
d. Insure that no recording is made of the meeting unless he/she has authorized it. If authorized, the recording must be treated as all other Confidential Business Information and entered into the document control system.
e. Ensure that the meeting room is secured after the meeting. This shall include erasing all blackboards, destroying all tear sheets and other notes and ensuring that nothing is left in the room which could lead to the unauthorized disclosure of Confidential Business Information.
8. Generation of Confidential Business Information Documents. When a document is generated from extracts of Confidential Business Information documents (except notes covered in paragraph II C.9), the newly generated document shall be:
a. Identified with a TSCA Confidential Business Information stamp with a notation "CBI extracts from document #________, dated________."
b. Entered into the document control system and safeguarded as all other TSCA Confidential Business Information.
9. Notes containing Confidential Business Information. When notes containing Confidential Business Information are taken from a document, a meeting, or any other source, the notes, must be protected as Confidential Business Information. If the notes are to be circulated to other authorized persons, they shall be entered into the document control system. Any document generated from the notes shall be treated as in Chapter II.C.8. Notes made by an authorized person for his/her own use, and destroyed after the use, do not need a control number, but they shall be safeguarded like all TSCA data.

III-6

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

10. Retirement of documents. When Confidential Business Information documents are to be retired for legal, historical or reference purposes, they shall be shipped to the Federal Records Center in accordance with the procedures in the OSHA Records Management Manual.
11. Retention of Logs. All logs maintained under these procedures shall be retained for at least ten years.
12. Lost or Unaccounted for Documents. If any employee becomes aware that a TSCA Confidential Business Information document is lost or otherwise unaccounted for, he/she shall immediately notify the DCO. If the document is not located within a reasonable time, the matter shall be referred to the Office of Personnel Management.
13. Contracts. When OSHA desires to contract out work for which access to TSCA Confidential Business Information is required, EPA must be contacted and will make whatever provisions are required to release the information. OSHA will not release TSCA data to contractors on its own authority.

III-7

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix A

For Form OSHA-76 REQUEST FOR ACCESS TO TSCA CONFIDENTIAL BUSINESS INFORMATION see printed copy of directive.

A-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix B

For Form OSHA-76A

TSCA FEDERAL NON-EPA EMPLOYEE CONFIDENTIALITY AGREEMENT see printed copy of directive.

B-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix C

For Form OSHA-76B

CONFIDENTIALITY AGREEMENT FOR UNITED STATE EMPLOYEES UPON TERMINATION OR TRANSFER see printed copy of directive.

C-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix D

For Form OSHA-77

TSCA CONFIDENTIAL BUSINESS INFORMATION INVENTORY LOG STORAGE FACILITY LOCATION see printed copy of directive.

D-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix E

For Form OSHA-78 TSCA CONFIDENTIAL BUSINESS INFORMATION see printed copy of directive.

E-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix F

For Form OSHA-78A

TCSA CONFIDENTIAL BUSINESS INFORMATION USER COPY SIGN OUT LOG see printed copy of directive.

F-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix G

For Form OSHA-78B

LOAN RECEIPT FOR TSCA CONFIDENTIAL BUSINESS INFORMATION see printed copy of directive.

G-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Appendix H

Index

Subject Page A

Access

Definition I-1 Obtaining documents III-2 To TSCA/CBI Ch-III Authorized person, definition I-1

C

Central Document Storage Room

Establishment III-4 Confidentiality Agreements Initiation II-1 OSHA-76A C-1 OSHA-76B D-1 Contracts III-8 Copies III-5 Cover Sheet, TSCA/CBI See Forms, OSHA-78

D

DCA

See "Document Control Assistant"

DCO

See "Document Control Officer"

Deputy Assistant Secretary:

Approving operational needs III-1 Responsibilities - TSCA II-1 Waivers III-2 Destruction of documents III-5 Director, Office of Administrative Services:

Responsibilities - TSCA II-4 Director, Office of Personal Management:

Investigations III-1 Responsibilities - TSCA III-3 Waivers III-2 Disclosure III-3 Document, definition I-1

H-1

OSHA Instruction ADM 3-6.2 October 1, 1981 Office of Management Systems And Organization

Document Control Assistant (DCA):

Definition I-1 Responsibilities II-3 Document Control Number: II-2 Assignment III-3 Definition I-1 Document Control Officer (DCO):
Definition I-I Destruction of documents III-5 Obtaining Documents III-2 Responsibilities II-1 Documents Generated from TSCA/CBI III-7 Lost/Unaccounted for III-7

E

Employee:

Definition I-2 Responsibilities II-3

F

Forms:

  OSHA-76, Request for Access to TSCA/CBI                     III-1
                                                                A-1
  OSHA-76A, TSCA Federal Non-EPA Employee
       Confidentiality Agreement:                               B-1
            Filing                                             II-1
  OSHA-76B, Confidentiality Agreement for U.S.
       Employees Upon Termination or Transfer                   C-1
            Filing                                             II-2
  OSHA-77 TSCA/CBI Inventory Log:                               D-1
       Destruction of documents                                II-5
       Receipt of documents                                   III-3
  OSHA-78, TSCA/CBI Cover Sheet:                                E-1
       Custody transfer within Office                         III-4
       DCO responsibilities                                    II-1
       Destruction of documents                               III-5
       Receipt of documents                                   III-3
  OSHA-78A, TSCA/CBI User Copy Sign Out Log:                    F-1
          Destruction of documents                            III-5
          Gaining Access to TSCA/CBI                          III-2
 OSHA-78B, Loan Receipt for TSCA/CBI                            G-1
       Safeguards during use                                  III-4

H-2

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

Information, definition I-2 Inventory II-2 Inventory Log See Forms, OSHA-77

L

Loan Receipt for TSCA/CBI

See Forms, OSHA-78B Logs, retention III-7 Lost Documents III-7 Meetings Sign-in Sheet III-6

N

NACI

See National Agency Check and Inquiry National Agency Check and Inquiry III-1 Notes III-7

O

OSHA-76 Request for Access

See Forms, OSHA-76 OSHA-77, TSCA Federal Non-EPA Employee confidentiality Agreement See Forms, OSHA-77 OSHA-77, Inventory Log See Forms, OSHA-77 OSHA-78, TSCA/CBI Cover Sheet See Forms, OSHA-78 OSHA-78A, TSCA/CBI User Copy Sign Out Logs See Forms, OSHA-78A OSHA-78B, Loan Receipt for TSCA/CBI See Forms, OSHA-78A Office of Administrative Services Responsibilities - TSCA II-4 Office of Personnel Management Investigation III-1 Responsibilities - TSCA II-3 Waivers III-2

H-3

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

P

Program Directors

Responsibilities II-1

R

Receipt of TSCA/CBI documents III-3 Recordings, meetings III-6 Regional Administrators Responsibilities II-1 Request for Access to TSCA/CBI (OSHA-76) III-1 Requesting documents Procedures III-2 Requests for TSCA/CBI Initiating III-1 Approving III-1 Waivers III-1 Investigation III-1 Productions III-5 DCO II-2 Retiring Documents III-7

S

Safeguards during Use III-4 Secure Facility Definition I-2 Maintenance II-4 Secure Room Definition I-2 Secure Rooms Safeguarding Security II-3 Sign-In Sheet Meetings III-6 TSCA/CBI Definition I-7 Storage III-3 TSCA/CBI Cover Sheet See Forms, OSHA-78 Transfer of documents between Authorized persons III-4 Transmission External III-5 Internal III-5

H-4

OSHA Instruction ADM 3-6.2 October 1, 1981 Office Of Management Systems And Organization

U

Unaccounted for documents III-7 User Sign Out Log See Forms, OSHA-78A

V

Violation

Definition I-2 Treatment 1

W

Waivers III-2

H-5