Report to the Congress on the Feasibility of Creating and Maintaining a National Registry of Child Maltreatment Perpetrators. What other appropriate privacy policies should be implemented in a national registry of child maltreatment perpetrators to ensure integrity and fairness?


Particularly where records can be used to take away an individual's rights, benefits, or privileges, or where the information could do significant harm to an individual's reputation and consequently affect his or her ability to obtain employment or housing, it is important to manage records appropriately and implement due process protections to ensure decisions are made on accurate, relevant, timely, and complete data. These practices should be applied across the life cycle of the information, including practices regarding collection, maintenance, use, disclosure, and disposition of records. To that end, legislation requiring the maintenance of databases about individuals almost always includes specific requirements to ensure that the use of the data protects and does not erode privacy rights. In a system such as a registry of child maltreatment perpetrators, those principles would suggest that a number of protections be applied to the use of the data and would likely include:

  • Data populated by a state should be updated on a periodic, regular basis.
  • The uses of the data should be limited to those uses having a nexus to the purpose of the system. For example, if the data is available for employment inquiries, it should be used for such inquiries only with respect to positions working with children (such as child care workers and teachers).
  • To reduce or eliminate misuse of the information, data use agreements should include a provision that prohibits authorized users from further disclosing the data they access.
  • The disclosure of data should be the minimum necessary to carry out the function. Particularly with respect to employment inquiries, if they are permitted, the data disclosed would include only whether or not the individual appears in the database, and, if they appear, which state submitted the record.
  • Adverse actions should not be taken solely based on information in the database, but should be independently verified.
  • If an adverse action is taken, an individual should have prompt notice of the action and his or her rights, if any, to challenge the action. A person who is denied some kind of right, benefit, or privilege (such as employment) based on information in the database, should be given a notice of the state of origin of the data and the due process rights that apply.

View full report


"ReportToCongress.pdf" (pdf, 432.1Kb)

Note: Documents in PDF format require the Adobe Acrobat Reader®. If you experience problems with PDF documents, please download the latest version of the Reader®