News

Changes to PII breach reporting, notification processes

  • Published
  • By Jenny Gordon
  • Robins Public Affairs
Everyone is responsible for safeguarding personally identifiable information while using the Air Force Network.

While lock-out procedures were implemented last year by Air Force Space Command for those who have inappropriately transmitted PII, breaches have decreased but still continue to occur.

All Air Force personnel, military and civilian, contractors, Department of Defense, government, and other users who are authorized and use the AFNET are affected by these recent changes.

Awareness and education remain key in order to continue to protect sensitive information.

"Everyone just needs to think twice before hitting that send button," said Bernice Winn, Installation Privacy Act manager.

If you're found to have stored and transmitted PII over AFNET, several things will happen.
You will be identified; your account will be locked; and your wing commander or equivalent, will be notified of the breach, according to Guidance Memorandum AFSPCGM33-332, October 25, 2013, and signed by Gen. William Shelton, AFSC commander.

Examples of PII breaches include: transmitting Social Security numbers in any form, date of birth, home address, name of dependents and their ages, financial account numbers, medical information and authentication information (such as your mother's maiden name), to name a few.

Once locked out, it could take a few days to a week or more before network access is restored, according to Winn.

In November 2013, more than 5,000 individuals were affected by a single PII breach. From May through October of 2013, in the Air Force an average of 3.3 reports affected 1,935 members per day.

At Robins, there have been four PII breaches since Dec. 1, 2013. One breach is too many.

One available tool you can use to protect information can be found by visiting the Software Protection Initiative and clicking on http://www.spi.dod.mil/ewizard.htm. You must contact a system administrator for assistance to install this software. For information going off-base, you can also utilize the encryption capabilities in Microsoft Office.

Any questions concerning Privacy Act or Personally Identifiable Information can be addressed to the Base Privacy Act Office at DSN 468-2875.