Trending

BROWSE ALL TOPICS

DoD ID Number Authorized as Substitute for SSN

Published, December 3, 2012

Fast Fact IconThe Department of the Navy Chief Information Officer Privacy Office reports that 80 percent of all "high-risk" personally identifiable information (PII) breaches involve the Social Security Number (SSN). Recent DON and Department of Defense policy guidance outlines steps that reduce or eliminate the collection, use, display and maintenance of the SSN in DON business practices. As a result, commands are now authorized to use the Electronic Data Interchange Personal Identifier, more commonly referred to as the DoD ID number, as a substitute for the SSN.

The DoD ID number originated in the Defense Enrollment Eligibility Reporting System and is used exclusively in the DoD. For many years, it was a unique identifier for personnel affiliated with DoD. Until recently, it was used only by DoD information systems to facilitate machine-to-machine communications and appeared in digital signatures. It is now intended to be known by the individual to whom it belongs, and it is used for personal access to systems, on forms, in digital signatures and for other uses typical of physical and technical identification processes. The expanded use of the DoD ID number has led to questions regarding its status as PII.

To ensure that the DoD ID number maintains its low-risk category as PII and does not become a vulnerability like the use of an individual's SSN, the DoD ID number will only be used as one factor in a multifactor authentication process. In this way, knowledge of the DoD ID number alone does not grant access to records unless accompanied by another factor such as a personal identification number or biometric. Because it has no value or application outside the DoD, there is little risk of harm to affected individuals if their DoD ID number is lost, stolen or compromised. "The DoD ID number, DoD benefits number, or any other internal number associated by the DON to an individual – by itself or with the associated name – shall be considered internal government operations-related PII. Loss, compromise or theft of the DoD ID number is low risk with regard to harm and/or identity theft," according to a February policy message released by DON CIO.

For more details, view DON CIO message: "DON SSN Reduction Plan Phase Three."

View more Fast Facts.

TAGS: Cybersecurity, Privacy

Related Policy
Improving Critical Infrastructure Cybersecurity
Processing of Electronic Storage Media for Disposal
DON Public Affairs Policy and Regulations
Safeguarding Personally Identifiable Information
DON Privacy Impact Assessment Guidance
Related News
DON IT West and East 2017 Conference Registration Now Open
Nominations for DON IM/IT Excellence Awards Due Dec. 5
DON CIO Awards Recognize Information Management and Information Technology Excellence
DON IT Conference Presentations Available
DON CIO Congratulates 2016 DON IM/IT Award Winners
Related CHIPS Magazine
Tech Support Companies Using Deceptive Pop-Up Ads to Scare Consumers into Purchasing Unneeded Service
Creating a Smart, Skilled Cybersecurity Workforce
Factsheet: National Background Investigations Bureau
DoD Releases Update of Manual Governing Defense Intelligence Activities
OPM Announces New Chief Information Officer
Related Resources
Personally Identifiable Information Posters
2014 PII Brief
DON Users Guide to Personally Identifiable Information
Inventory of DON Systems With Completed Privacy Impact Assessments
Privacy Frequently Asked Questions
Related Industry News
New Pentagon Website Can Tell If You Were Hacked by China
Nextgov 
America Needs To Stay the Course on GPS Security
Space News 
5 Ways to Spot a Coerced Insider Threat
Nextgov 
For Today's Government Data Security, Trust no one
Government Computer News 
OPM Security Chief: You're Gonna Need a Bigger Boat
Federal Computer Week 

DON CIO Information

Online Services & Community