SPAWAR safeguards SSNs through decisive action and strict controls on SSN use.
The White House's Office of Management and Budget Memorandum (M-07-16), issued May 22, 2007, "Safeguarding Against and Responding to the Breach of Personally Identifiable Information," required that Executive Department officials safeguard personally identifiable information, also known as PII, maintained by the government and prevent its breach to ensure the government retains the trust of the American public. The term "PII" refers to information which can be used to distinguish or trace individuals' identity, such as their Social Security number (SSN).
The Space and Naval Warfare Systems Command (SPAWAR) takes this responsibility seriously. In recent months, SPAWAR has successfully contained two separate breach incidents involving
loss of control, unauthorized disclosure, and unauthorized acquisition of documents containing SSNs.
SPAWAR prevented spillage of the SSNs through prompt investigation, thoughtful analysis, required reporting and coordinated action. These incidents prompted SPAWAR to conduct command training for safeguarding PII and eliminating the unnecessary collection and use of SSNs. A summary of the two incidents follows.
The first incident involved an electronic breach regarding the Personalized Recruiting for Immediate and Delayed Enlistment (PRIDE) electronic information system. A contractor employee sent an e-mail with an Excel spreadsheet attachment containing full SSNs to recipients. It was real data taken from the PRIDE recruit master repository to be used for testing. The e-mail and the Excel spreadsheet were sent unencrypted. Each recipient had a need to know some of the information but not all of the information. Further, the attachment containing PII did not have the proper privacy marking.
Before sending an e-mail that contains PII, ask: Do the recipient(s) have a need to know all of the information? Are the means of transmission secure? Is it essential to include the SSN or could it be eliminated?
Other preventive actions include:
• Establish procedures for proper maintenance, storage and dissemination of the PRIDE recruit master repository;
• Provide PII training to ensure civilian, military and contractor personnel follow established procedures;
• Limit PII elements to individual organizations. Send only the information that is necessary to perform the required tasks;
• Establish strict controls so that only those personnel with a need to know have access to files containing SSNs;
• Ensure procedures are in place so that all electronic or hard
copy documents and attachments containing PII are marked: FOR OFFICIAL USE ONLY – PRIVACY SENSITIVE: Any misuse or unauthorized disclosure of this information may result in both
criminal and civil penalties;
• Ensure that compliance spot checks include data collections, surveys and spreadsheets; and
• Foster compliance of Secretary of the Navy Instruction (SECNAVINST) 5211.5E, "Department of the Navy (DON) Privacy Program."
The second incident involved a breach concerning a key SPAWAR satellite program. An employee of a prime contractor in support of the program inadvertently posted paper copies of access lists, which displayed full names and full SSNs, near the entrances of two secured areas at the contractor's facility. A requirement to include the SSN on the access lists did not exist. Internal security procedures were not followed.
Before posting access lists that display SSNs ask: Who are the recipients of this information? What is the need to post an individual's SSN to verify access? Can the requirement for including
the SSN be eliminated?
Other preventive actions include:
• Establish procedures for proper maintenance, storage and dissemination of access lists;
• Ensure security basics are understood through training;
• Review the feasibility of eliminating the SSN on access lists;
• Limit PII elements on access lists;
• Ensure that compliance spot checks include access lists; and
• Foster compliance of SECNAVINST 5211.5E.
In conclusion, SPAWAR works diligently to safeguard personally identifiable information and eliminates the collection and use of the SSN when it is not required to accomplish its mission.