Keep the enemy in the dark, protect PII

  • Published
  • By Senior Airman Marcus Morris
  • 18th Wing Public Affairs
KADENA AIR BASE, Japan --  Before sending an email containing personal information to or from a government computer, there are a few things everyone should be aware of about Personal Identifiable Information.

PII is unique information about an individual not releasable to the public without the written consent of the individual. Examples include, but are not limited to social security number, date of birth, age, marital status, race and medical or financial information.

The information can be used to distinguish and trace an individual's identity or personal information. It is vital to avoid lost, stolen or compromised information due to criminal activities involving PII, which may cause severe impact to the affected individual.

"Anyone can become a victim, and PII sent to the wrong people or through unencrypted channels can put the mission and lives at risk," said Airman 1st Class Kevin Inniss, 18th Communications Squadron Base Privacy Act manager. "Every Air Force member and civilian employee must be vigilant in protecting and properly safeguarding and destroying PII."

Items such as performance reports, recall rosters, social rosters or alpha rosters should not be left in areas where they could be easily lost or stolen. Make sure to cover hard-copy Privacy Act documents with the Air Force Form 3327 or the Defense Department Form 2923 Privacy Act cover sheets and shred the documents when they are finished being used.

Furthermore, do not place PII on public websites or SharePoint. Encrypt all emails that contain PII, put (FOUO) at the beginning of the subject line, and apply the following statement at the beginning of the email before anything else:

"This e-mail contains FOR OFFICIAL USE ONLY (FOUO) information which must be protected under the Freedom of Information Act (5 U.S.C 552) and/or the Privacy Act of 1974 (5 U.S.C. 552a). Unauthorized disclosure or misuse of this PERSONAL INFORMATION may result in disciplinary action, criminal and/or civil penalties. Further distribution is prohibited without the approval of the author of this message unless the recipient has a need to know in the performance of official duties. If you have received this message in error, please notify the sender and delete all copies of this message."

Do not haphazardly apply this statement to every email, to the bottom of your email or include it in the signature block -- use only when actually transmitting personal information for official purposes within the government. Do not send Privacy Act information to distribution lists or group email addresses unless each member has an official need to know regarding the personal information.

Email between non .mil sources and .mil sources are monitored heavily and can cause a user's network account to be locked if they are found to contain PII. This will require an O-6 or higher's approval to unlock the account after remedial information assurance training is completed.

Report any discovered disclosures of PII through the chain of command and the base Privacy Act manager. Additionally, lost, stolen or possible compromised PII must be reported to (http://www.us-cert.gov) within one hour of the discovery. An investigation will be initiated and those who are found guilty of causing the breach could be charged with criminal and civil penalties.

For more information, call the Kadena Air Base Privacy Act manager at 634-2244.