Top 10 PII Lessons Learned

By DON CIO Privacy Team - Published, July 15, 2010

Privacy Tip When a Department of the Navy activity reports a personally identifiable information breach, it must include lessons learned in an after-action report. Lessons learned are an important feedback mechanism and are used to shape future DON privacy policy. The following information is a compilation of the most frequently reported lessons learned.

Individually, each tip provides a means to reinforce or improve on a key aspect of safeguarding personally identifiable information (PII). Collectively, implementation of these 10 tips will result in a stronger and more effective command privacy program.

  1. Support and involvement from senior leadership is key. The Under Secretary of the Navy signed the memo: "Safeguarding Personally Identifiable Information," dated Feb. 12, 2010, to underscore the importance of safeguarding PII as well as detail the actions being put in place to eradicate the loss and compromise of PII. As a result, key DON leadership took immediate action at subordinate levels to reinforce their support and need to improve privacy safeguards across their respective areas of responsibility.
  2. Aggressive PII compliance spot checks with corrective action taken are very effective. Spot checks to ensure PII compliance must be performed and documented twice a year with corrective actions taken by all DON commands. To assist them in this effort, commands may adapt the DON Spot Check tool for their use.
  3. Eliminate/reduce the use, display and storage of all PII. While many of the Department's business processes require the legitimate use of sensitive PII, including Social Security numbers, there are significant and unacceptable cases where sensitive PII should not be used, maintained or collected. Convenience is not a valid excuse for the use of sensitive PII. Also, DON policy prohibits storage of PII on any personal electronic storage device, including laptops and cell phones/personal digital assistants.
  4. Mark all documents containing PII with FOUO Privacy Sensitive warning. As simple as this is, it is an effective tool in preventing accidental transmission and disclosure of PII to individuals without a need to know. A best practice is to attach a Privacy Act cover sheet to hard copy documents containing PII.
  5. Ensure shared drive access permissions are established and routinely checked. Shared drives and web portals are useful tools to store and share information. However, each command shared drive must be properly managed to ensure personnel understand that indiscriminate posting of PII is not authorized. When there is a need to post PII to a shared drive, access to those files must be strictly controlled and routinely monitored for compliance. Problems often occur when network maintenance causes the removal of access controls.
  6. Special care must be taken when moving, closing or consolidating offices that handle PII. There continue to be more non-electronic breaches than electronic ones. Moving or closing offices present challenges in the safeguarding of PII. A move plan must include privacy considerations that prevent losses or compromise of PII.
  7. Closely scrutinize employees/contractors who have access to PII. Insider threat is the most difficult breach to detect and prevent. While it represents a small number of DON breaches, it appears to be a growing problem. Managers must be vigilant and aware of the potential for this kind of activity. Problems have occurred when disgruntled or fired employees continue to have network access when the situation warrants an immediate suspension or revocation.
  8. Paper documents and hard drive disposal methods must be better defined and tightly controlled. Problem areas include dumping paper documents containing PII in trash receptacles, improperly disposing of paper in recycle containers and using shredders that do not adequately reduce documents to an unrecognizable form. Many personnel are not aware that many copiers and printers contain hard drives that store significant data. Before those pieces of equipment are returned to the vendor they must be properly sanitized. Or, if they are owned by the government, they must be physically destroyed.
  9. A command records management program with a records disposal schedule is an effective tool for reducing PII breaches. A good records management program removes the unnecessary collection of PII when it is no longer needed. This is an underutilized program that pays big dividends in the safeguarding of PII.
  10. Campaign continuously to increase PII awareness. The importance of the proper handling and safeguarding of PII can not be overstated. The message must be championed by leadership and all those who safeguard privacy information.

Related CHIPS Magazine
Related Resources