by Tech. Sgt. Rob Hazelett
Air Reserve Personnel Center Public Affairs
5/9/2014 - BUCKLEY AIR FORCE BASE, Colo. -- Military
service members, Department of Defense civilians and contractors at the
Air Reserve Personnel Center were briefed on ways to safeguard
Personally Identifiable Information during a meeting here May 7.
Brig. Gen. Samuel "Bo" Mahaney, ARPC commander, was at the helm during
the session and said it's helpful to think in terms of a need-to-know
"One thing I want you to think about as we go through this isn't just,
'Did I send the information in the right format to someone who is
authorized to receive it?'" Mahaney said. "Think about the person you
sent it to as well. How responsible are they? What might they do with
Mahaney said ARPC had a few incidents that aren't necessarily from
anything the center is doing wrong, but the trail came back here.
"It might be somebody else out in the field doing something with the
information they shouldn't. So think through that second and third order
of effect, 'Do they really need all the information I'm providing?'"
Mahaney said. "We want to be the lead agency in the Air Force Reserve,
in the Air Force and in the DOD. We always want to be out in front
because we handle so much of this information. We want to make sure we
really reinforce the procedures in place to protect that information."
As the meeting continued, Tech. Sgt. Eric Robbins, ARPC privacy act
manager, highlighted some recent incidents ARPC has had and reinforced
the requirement on PII to members.
Robbins gave an introduction to what PII is, how PII can be protected,
PII trends in ARPC and the Air Force Reserve Command and the ARPC
commander's new PII policy.
PII is embedded in nearly every aspect of what we do, Robbins said, and
can be found in permanent change of station orders, driver's license
numbers, passport IDs, mother's maiden name, personal phone numbers and
travel orders ... just to name a few.
"When you have an identifier, such as a social security number or date
of birth tied with a name, that is considered PII," Robbins said. "It's
our responsibility to protect the member's information."
Protecting PII includes remaining vigilant of the emails members send out.
"If we're sending personal information by email it can only be sent via
dot mil to dot mil, and must be encrypted email," Robbins said. "Even if
a force support squadron requests information, and have validated their
request, we want to make sure they have an encrypted email account. You
want to properly mark the email For Official Use Only, have the privacy
act statement at the heading of the email and ensure that it stays
Master Sgt. Rachel Forman, ARPC customer support superintendant, said
the only ways to send PII are through encrypted email, myPers account,
DoD file exchange service, snail mail or fax.
Robbins said faxing PII is allowed, but there are some rules members must follow:
· The recipient must have a need to know
· Members must redact as much information on the document being sent
· A proper cover sheet must be used (AF IMT 3535)
· Members should call the recipient and let them know they are sending a fax and remain on the line until the fax is received
For more information, contact your privacy act manager.