Computer Matching and Privacy Protection Act of 1988 is a U.S. federal statute that regulates the use of computer matching by federal agencies involving personally identifiable records maintained in a system of records subject to the Privacy Act. Matches performed for statistical, research, law enforcement, tax, and certain other purposes are not subject to such regulation. It allows governmental agencies, with certain limitations, to compare computerized records to establish or verify eligibility for benefits or to recoup payments on benefits. The Act amends Privacy Act of 1974 to establish procedural safeguards regarding an agency’s use of Privacy Act records in performing certain types of computer matching.
The Act provides due process rights for individuals to prevent agencies from taking adverse actions unless they have independently verified the results of a match and given the subject 30 days’ advance notice. It requires every agency conducting or participating in a matching program to establish a Data Integrity Board, composed of senior agency officials, to oversee and coordinate program operations, including the execution of certain specified review, approval, and reporting responsibilities. Agencies are prohibited from reducing, suspending, or terminating financial assistance to an individual without first verifying the accuracy of computerized data used in the matching program and without first giving the individual 30 days to contest the action.
The Act is codified at 5 USCA § 552a.