The IT Law Wiki


Paperwork Reduction Act of 1980, Pub. L. No. 96-511, 94 Stat. 2812 (Dec. 11, 1980), reauthorized with minor amendments in 1986 (Pub. L. No. 99-591) (Oct. 30, 1986) and reauthorized with more significant amendments in 1995 (Pub. L. No. 104-13) (May 22, 1995) (full-text), codified at 44 U.S.C. §3501 et seq.


Replacing the ineffective Federal Reports Act of 1942, the original PRA was enacted largely to relieve the public from the mounting information collection and reporting requirements of the federal government. It also promoted coordinated information management activities on a government-wide basis by the director of the Office of Management and Budget (OMB), and prescribed information management responsibilities for the executive agencies as well.

The PRA was designed to, among other things,

ensure the greatest possible public benefit from and maximize the utility of information created, collected, maintained, used, shared and disseminated by or for the Federal Government [and] improve the quality and use of Federal information to strengthen decision-making, accountability, and openness in Government and society.[1]

Information resources management

The management focus of the PRA was sharpened with the 1986 amendments, which refined the concept of information resources management (IRM) as

the planning, budgeting, organizing, directing, training, promoting, controlling, and management activities associated with the burden, collection, creation, use, and dissemination of information by agencies, and includes the management of information and related resources such as automatic data processing equipment.

This key term and its subset concepts received further definition and explanation in the PRA of 1995,[2] making IRM a tool for managing the contribution of information activities to program performance, and for managing related resources, such as personnel, equipment, funds, and technology.[3]

The evolution of the PRA reflects the beginning of an effort to manage electronic information and supporting IT better. A recodification of the 1980 statute, as amended, the PRA of 1995 specifies a full range of responsibilities for the director of OMB for all government information, regardless of form or format, throughout its entire life cycle.

Regarding IT, the director among other duties, is tasked with (1) developing and overseeing the implementation of policies, principles, standards, and guidelines for federal IT functions and activities, including periodic evaluations of major information system; (2) overseeing the development and implementation of certain statutorily specified technology standards; (3) monitoring the effectiveness of, and compliance with, certain statutorily authorized technology directives; (4) coordinating the development and review by the OMB Office of Information and Regulatory Affairs (OIRA) of policy associated with federal procurement and acquisition of IT with the OMB Office of Federal Procurement Policy; (5) ensuring, through the review of agency budget proposals, IRM plans, and other means, both (a) the integration of IRM plans with program plans and budgets for the acquisition and use of IT by each agency, and (b) the efficiency and effectiveness of inter-agency IT initiatives to improve agency performance and the accomplishment of agency missions; and (6) promoting agency use of IT to improve the productivity, efficiency, and effectiveness of federal programs, including through the dissemination of public information and the reduction of information collection burdens on the public.

Similar responsibilities are specified for the agencies regarding government information, regardless of form or format, throughout its life cycle. With respect to IT, the agencies are tasked with (1) implementing and enforcing applicable government-wide and agency IT management policies, principles, standards, and guidelines; (2) assuming responsibility and accountability for IT investments; (3) promoting the use of IT by the agency to improve the productivity, efficiency, and effectiveness of agency problems, including the reduction of information collection burdens on the public and improved dissemination of public information; (4) proposing changes in legislation, regulations, and agency procedures to improve IT practices, including changes that improve the ability of the agency to use technology to reduce burden; and (5) assuming responsibility for maximizing the value and assessing and managing the risks of major information systems initiatives through a process that is both (a) integrated with budget, financial, and program management decisions, and (b) used to select, control, and evaluate the results of major information system initiatives.

OMB government-wide guidance on the implementation of the PRA and related policies is provided in OMB Circular No. A-130, as amended. Appendices address federal agency responsibilities for maintaining records about individuals; cost accounting, cost recovery, and inter-agency sharing of information technology facilities; the security of federal automated information resources; and important key sections of the circular.


The Act requires the OMB approval of all surveys given to ten (10) or more participants. This includes any sort of survey where identical questions are given to ten or more participants, regardless of the format. The exception to the survey rule is an anonymous submission form where users can provide open-ended comments or suggestions without any sort of government guidance on the content.

Privacy Obligations

The PRA, as amended, directs agency heads to assign a CIO with responsibility for carrying out the agency’s information resources management activities to improve agency productivity, efficiency, and effectiveness.[4] The Act directs agency CIOs to undertake responsibility for implementing and enforcing applicable privacy policies, procedures, standards, and guidelines, and to assume responsibility and accountability for compliance with and coordinated management of the Privacy Act of 1974 and related information management laws.[5]

The Act also sets requirements for controlling the collection of information from individuals, including personal information. While the Act’s requirements are aimed at reducing the paperwork burden on individuals rather than specifically protecting personally identifiable information, the Act nevertheless serves an important role in protecting privacy by setting these controls.


  1. 44 U.S.C. §3501.
  2. 109 Stat. 165-166 (1995).
  3. See David Plocher, "The Paperwork Reduction Act of 1995: A Second Chance for Information Resources Management," 13 Gov't Info. Qrtly. 35-50 (1996).
  4. While the Privacy Act of 1974 established privacy responsibilities for agencies, it did not specify a senior agency official to be responsible for meeting these requirements.
  5. OMB issued guidance for agencies on the implementation of the Paperwork Reduction Act, including the responsibility of CIOs for privacy. See OMB Circular No. A-130.

See also