Trending

BROWSE ALL TOPICS

Correct PII Breach Procedures

Published, May 6, 2013

Fast Fact IconDo you know what to do if you suspect there's been a compromise of personally identifiable information?

Your first step would be to report the suspected breach to your supervisor or privacy official. If it's agreed that a breach may have occurred, the supervisor or privacy official will submit an initial breach report using SECNAV 5211/1. The form is designed to send the report to all the appropriate recipients including the DON CIO privacy team. The privacy team will review the report and determine whether notifications to the affected individuals are required. If so, the privacy team will direct the submitter to provide written notification to the individuals within 10 days of breach discovery. Once notifications have been made, the submitter closes the breach by submission of an After Action Report using SECNAV 5211/2.

For additional information and breach reporting resources, including a sample breach notification letter, go to DON CIO PII Breach Reporting Resources.

View more Fast Facts.

TAGS: Privacy

Related Policy
Providing Comprehensive Identity Protection Services, Identity Monitoring, and Data Breach Response
Federal Acquisition Regulation; Basic Safeguarding of Contractor Information Systems
DON Revision of PII Breach Reporting Forms
Use of Best Judgment for Individual PII Breach Notification Determinations
DoD Component Responsibility to Ensure Government Contract Compliance with the Privacy Act
Related News
DON IM/IT Excellence Awards Nominations Due Dec. 5
How to Obtain Military Personnel, Health, and Award Records
Privacy Tips
Register for DON IT East and West 2017
PII Breach Articles from CHIPS Magazine
Related Resources
Privacy Briefs
Contractor Privacy Responsibilities
Quickstep Process for Marking Emails Containing PII
Blanket Purchase Agreements for Identity Monitoring
Email and PII

DON CIO Information

Online Services & Community