Safeguarding PII Published April 10, 2013 100 Air Refueling Wing Public Affairs RAF MILDENHALL, England -- The following is taken from a memorandum dated April 4, 2013, written by Chief of Information Dominance and Chief Information Officer Lt. Gen. Michael Basla regarding the safeguarding of personally identifiable information. (I) request your help curing the recent PII trend of unexcusable breaches. These breaches carry the potential of significant personal and professional impact to our Airmen. I am looking for your best ideas on how we reverse this negative trend and ask you make PII a special interest item across your commands and staffs. During February through March 2013, our Airmen have exposed PII 376 times, putting personal information at risk for more than 254,0000 of our people. This number of breaches within our Air Force warrants command attention before an actual identify misuse occurs and/or civil actions result. As we work to tighten policy, improve training and implement preemptive technical capabilities to assure Privacy Act compliance, we must emphasize to all military, civilian and contractors that it is everyone's duty to protect, control and properly manage PII. DoD 5400.11-R, DoD Privacy Program, and AFI 33-332, Air Force Privacy Program, establish requirements for safeguarding PII. A majority of the privacy breaches result from Airmen emailing (or transporting) official files that contain PII. The predominant number of breaches resulted from emailing "alpha-type" rosters often times with ranks, social security numbers, and organizations from our .mil to a .com network (e.g. Gmail). In the next 30 days, we will publish an update to AFI 33-332 that prohibits emailing or transferring any PII from .mil to .com networks. This will further restrict the use of the PII we collect on our Airmen to the official DoD or Air Force systems that support managing the force (e.g. finance, training, readiness, etc.). Requirements to remotely or electronically access this type of information must rely on Air Force-provided virtual private networks or similar secure services. We will continue our efforts with various functional to assess and minimize legacy overuse of PII, especially social security numbers. We will provide you quarterly updates on Privacy Act compliance to support command situational awareness and improvement efforts. Thank you in advance for your support and actions. If your Privacy Managers have any questions, my Air Force Privacy Officer Mr. Charles Shedrick, SAF/16PPF, is ready to assist: charles.shedrick@pentagon.af.mil, 571-256-2515 or DSN 260-2515.