An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Home : News : News
JBSA News
NEWS | Feb. 11, 2011

Protection key to safeguarding PII

LACKLAND AIR FORCE BASE, Texas  –   A large number of Air Force offices on base handle personal information; therefore, it is imperative that all personnel understand what constitutes Personally Identifying Information and the proper handling of this sensitive information.

What is PII?

PII is defined as any information about an individual that identifies links, relates, is unique to or describes him or her. Examples include names, addresses, social security numbers, telephone numbers or email addresses.

It is vital to protect this information, because it can easily result in identity theft. Identity theft is a situation in which an individual's personal information is used without authorization in an attempt to commit fraud or other crimes.

How should you protect PII information?

First, do not leave items such as performance reports, recall rosters or alpha rosters in an area that could result in their loss or theft. Always keep in mind, "If you are not watching what you throw away, someone else probably is."

Additionally, once you are done with this type of information and you need to dispose of it, do not just throw it in the trash. Destroy the material by shredding it so the personal data is not recognizable and beyond reconstruction.

Finally, the Air Force has mandated that all FOUO and PII information sent over e-mail must be encrypted. "FOUO" must be included in the subject line and the following Privacy Act statement must appear at the beginning of the text: "This e-mail contains FOR OFFICIAL USE ONLY (FOUO) information which must be protected under the Privacy Act OF 1974 and AFI 33-332, Privacy Act Program."

If you discover any unauthorized disclosures of PII data, report it immediately through your supervisor and chain of command and contact Karen Frey, Lackland privacy act manager at 671-9146.

Lost, stolen or possibly compromised PII must also be reported to U.S. CERT, www.us-cert.gov, within one hour of discovery.

Notification to the affected individuals is necessary and must be made within 10 business days of the discovery. An investigation will be initiated. Persons who are found guilty of causing the breach could be charged with criminal and civil penalties.

Everyone can be a victim. The monetary and emotional cost of repairing an individual's identity can be extensive, requiring years to recover. Everyone must be diligent in protecting and properly destroying PII information.

Helpful guides

- DoD 5400.11-R, DoD Privacy Program
- AFI 33-119, Air Force Messaging
- AFI 33-332, Air Force Privacy Program
- USD Memorandum, "DoD Social Security Number Reduction Plan" March 28, 2008
- SecDef Memorandum, Safeguarding Against and Responding to the Breach of Personally Identifiable Information (PII), June 5, 2009
(Courtesy of Lackland Privacy Act Manager)
Staying Connected
Hosted by Defense Media Activity - WEB.mil Veteran's Crisis Line