PII incidents on the rise

According to Air Education and Training Command, the Air Force has seen an increase in personally identifiable information (PII) incident reports over the past six months. Sensitive/High Impact PII is PII, which if lost, compromised, or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual.

According to Air Education and Training Command, the Air Force has seen an increase in personally identifiable information (PII) incident reports over the past six months. Sensitive/High Impact PII is PII, which if lost, compromised, or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. (U.S. Air Force photo/Airman 1st Class Benjamin N. Valmoja)

LAUGHLIN AIR FORCE BASE, Texas --

Keeping suspect websites away from social security numbers may seem like common knowledge in today’s day and age.

Most experts would say giving free music sharing services credit card information might never be a good idea. What about giving up personal information for unit rosters? The line may become less clear when the request comes from a work-related source.

According to Air Education and Training Command, the Air Force has seen an increase in personally identifiable information (PII) incident reports over the past six months, due to expanded scanning criteria of unencrypted emails to, from and within the Air Force network.

“Making sure your information is kept safe is so important because it’s your information and you own it,” said John Partlow, 47th Communications Squadron privacy act manager. “Once someone else gets hold of it, they have it forever.”

Partlow explained that even as harmless as an email to a personal account may seem, it still constitutes an incident because the information is no longer in the government’s control.

To help keep users out of hot water, Partlow also shared three rules of PII:

— Do not share other people’s PII with people who do not have a need to know.

— Always avoid putting any PII in the share drive if at all possible.

— Do not collect other’s PII without sufficient reasoning.

For those who are unsure of the situation, Partlow said to not be afraid to ask for a privacy act notice, which will outline the whos, whats and why’s for a specific PII request.

PII could also be information that most people don’t necessarily associate with sensitive information, like mother’s maiden name, and an individual’s birth place.

For those looking for an approved file exchange service when encryption is out of the question, https://safe.amrdec.army.mil/safe/ is password protected and can be used in place of traditional emails.

Before pressing send on any email containing sensitive information, being aware of who is receiving the information is half the battle, said Partlow, and most notably, ensuring the recipient has an actual need-to-know regarding the information.

Internet phishing scams are common red flags for a PII incident. When it comes to official requests and exchanges of information, every Airman is responsible for safeguarding PII, and keeping each other out of harm’s way.