An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Niagara conducts PII shred event

  • Published
  • By Tech. Sgt. Andrew Caya
  • 914th Airlift Wing Public Affairs
NIAGARA FALLS AIR RESERVE STATION, N.Y. --  As part of the Air Force emphasis on information protection, a specially designed truck was brought to the base July 12 which enabled members to shred documentation previously identified as containing personally identifiable information.

The Department of Defense defines PII as information that can be used to distinguish or trace an individual's identity, including but not limited to their name, Social Security number, date and place of birth, mother's maiden name, and biometric records, including any other personal information that is linked or linkable to a specific individual.

"If an adversary gets that information, they could do great harm to you," said Tech. Sgt. Jordan Romney, 914th Airlift Wing Command Support NCO.

According to Romney, there are processes to avoid a PII breach.

- Do not leave items such as performance reports, recall rosters, social rosters or alpha rosters in an area that could result in their loss or theft.

- Do not place PII on public web sites or SharePoint.

- Military members should not send PII to an email account that does not end in a ".mil"

-There is a special way to protect PII in an email: Encrypt all emails that contain PII and put "For Official Use Only" at the beginning of the subject line, and apply the following statement at the beginning of the email:

"The information herein is FOUO, which must be protected under the Privacy Act of 1974, as amended. Unauthorized disclosure or misuse of this personal information may result in criminal and/or civil penalties."

Once a person is finished working with PII, he should dispose of the documents --paper or electronic-- properly. Disposal methods may include but are not limited to tearing, erasing, pulverizing, and shredding.

People should use shredders that produce a crosscut to ensure paper pieces are indecipherable and permanently delete electronic records, said Romney.

"As long as we have the type of cross shred that makes the documents into saw dust, I'm happy," said Romney. "It's destroyed, you cannot recreate anything."

If any disclosures of PII are discovered, people should report it immediately through their supervisor and chain of command and contact the base Privacy Act manager.

Additionally, lost, stolen or possibly compromised PII must be reported to the U.S. Computer Emergency Readiness Team within one hour of the discovery. An investigation will be initiated and those who are found guilty of causing the breach could be charged with criminal and civil penalties.

DOD Instruction 5400.11-R, DOD Privacy Program, and Air Force Instruction 33-332, Air Force Privacy Program, establishes the current DOD and Air Force guidance on PII.