PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION (PII) IN RELATION TO FITNESS REPORTS AND EVALUATIONS:
RAAUZYUW RUENAAA8701 1501426-UUUU--RUCRNAD
ZNR UUUUU ZUI RUEWMCE8523 1501405
R 301425Z MAY 07 PSN 209089K28
FM CNO WASHINGTON DC
TO NAVADMIN
ZEN/NAVADMIN @ AL NAVADMIN(UC)
INFO ZEN/CNO CNO
BT
UNCLAS
FM CNO WASHINGTON DC//N1//
TO NAVADMIN INFO CNO WASHINGTON DC//N1// UNCLAS //N05211//
NAVADMIN 138/07
MSGID/GENADMIN/CNO WASHINGTON DC/N1/MAY//
SUBJ/PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION (PII) IN
RELATION TO FITNESS REPORTS AND EVALUATIONS//
REF/A/GENADMIN/28DEC2005//
REF/B/GENADMIN/SECNAV/142105ZJUL06//
REF/C/GENADMIN/DON CIO/171952ZAPR07//
REF/D/DOC/CNO/20SEP2005//
NARR/REF A IS SECNAVINST 5211.5E (DON PRIVACY PROGRAM). REF B IS ALNAV
059/06 (SAFEGUARDING PERSONAL INFORMATION). REF C IS DON CIO INTERIM
POLICY ON HANDLING OF PII ON COMPUTERS, MOBILE COMPUTING DEVICES AND
REMOVABLE STORAGE MEDIA. REF D IS OPNAVINST 1610.10A (NAVY PERFORMANCE
EVALUATION SYSTEM).//
RMKS/1. THIS NAVADMIN EMPHASIZES THE
SAFEGUARDING OF PERSONALLY IDENTIFIABLE INFORMATION (PII) AS OUTLINED
IN REFS A THROUGH C AND IN PARTICULAR, PII GENERATED THROUGH THE NORMAL
FITNESS REPORT (FITREP) AND EVALUATION (EVAL) PROCESS. ALL HANDS HAVE
A DUTY TO SAFEGUARD PII IN BOTH WRITTEN AND ELECTRONIC FORMATS AND
SHOULD TAKE APPROPRIATE ACTIONS TO PROTECT AND PRESERVE THE
CONFIDENTIALITY AND SECURITY OF PERSONAL INFORMATION ENTRUSTED TO THEM.
SOCIAL SECURITY NUMBERS (SSN) OF INDIVIDUALS AND REPORTING SENIORS
CONTAINED IN PERFORMANCE EVALUATIONS REPRESENT A SPECIAL VULNERABILITY
DUE TO THEIR REQUIRED USE, WIDESPREAD STORAGE (ON BOTH PAPER AND ON
ELECTRONIC MEDIA) AND LONG TERM RETENTION.
2. REF D, SECTIONS 1 THROUGH 4 NOTES THAT REPORTING SENIORS HAVE THE
OPTION TO PROVIDE COPIES OF FITREP/EVALS WITHOUT THEIR SSN TO
INDIVIDUALS, THEIR FIELD SERVICE RECORDS, AND COMMAND FILES. SIMILARLY,
REPORTING SENIOR SSNS ARE NOT REQUIRED ON FITREP/EVAL RELATED
CORRESPONDENCE (E.G., PERFORMANCE INFORMATION MEMORANDA, LETTERS OF
EXTENSION OR CORRECTION, ETC.). APPROPRIATE MASKING OF THE INDIVIDUALS
SSN (USING ONLY THE LAST 4 DIGITS) IS ENCOURAGED FOR COPIES PROVIDED TO
THEM, THEIR FIELD SERVICE RECORDS, AND/OR COMMAND FILES. REPORTING
SENIORS SHOULD ADOPT THESE BEST PRACTICES FOR ALL FITREPS, EVALS AND
RELATED CORRESPONDENCE THEY PREPARE.
3. INDIVIDUAL AND REPORTING SENIOR SSNS ARE STILL REQUIRED FOR FITREP/
EVALS AND SUMMARY REPORTS ENTERED INTO OFFICIAL OFFICER AND ENLISTED
RECORD FILES HELD BY BUPERS. THE NAVFIT 98A SOFTWARE REQUIRES THESE
ENTRIES TO COMPLETE VALIDATION AND THE RESULTING PII IS STORED WITH THE
SOFTWARE ON THE COMPUTER. REPORTING SENIORS SHOULD TAKE APPROPRIATE
ACTIONS AS OUTLINED IN REF C TO ENSURE ELECTRONIC FITREP/EVAL RELATED
PII ARE MAINTAINED AND SAFEGUARDED IN AUTHORIZED SPACES, ON GOVERNMENT
OWNED COMPUTERS. ADDITIONALLY, PORTABLE ELECTRONIC STORAGE DEVICES
(CONTAINING FITREP/EVAL PII E.G., FLOPPY DISKS, CD-ROMS, ETC.) SHOULD
BE ENCRYPTED AND PROPERLY MARKED.
4. REPORTING SENIORS AND COMMANDS SHOULD REVIEW THEIR CURRENT HOLDINGS
OF FITREP/EVALS (BOTH HARD AND SOFTCOPY) AND ENSURE COMPLIANCE WITH
GUIDANCE PROVIDED RELATED TO PROTECTING THIS SENSITIVE PERSONAL DATA.
PROPERLY DISPOSING OF REDUNDANT AND/OR UNNECESSARY PII IS EASILY ONE OF
THE SINGLE BEST METHODS TO REDUCE THE VULNERABILITY OF COMPROMISE.
5. MORE INFORMATION IS AVAILABLE ON THE DON PRIVACY ACT WEBSITE AT
HTTP://PRIVACY.NAVY.MIL.
6. RELEASED BY VADM J. C. HARVEY, JR., N1.//
BT
#8701
NNNN