Navy readies new policy to safeguard personal data
Safeguarding against and responding to the breach of personally identifiable information
The Navy is on the verge of releasing a new policy that will govern the safeguarding of personally identifiable information, the service’s chief information officer, Robert Carey, told Federal Computer Week today.
Carey declined to offer a specific date, saying only that the policy would be released this summer. “We’re close,” he said.
Last year, the Navy and Marine Corps reported 38 cases of lost data stored on government laptop computers, BlackBerries, thumb drives or other storage media that contained personally identifying information on military personnel, he told an audience of industry executives today an event sponsored by the American Council for Technology.
“You only read about a few [cases] – it stays inside the Navy,” he said.
Carey said the loss of personally identifiable information is a serious matter, similar in scope to the loss of classified material. With the new policy, the Navy will begin to turn up the heat on the issue and hold offenders accountable, he added.
Personally identifiable information, can be anything from names and Social Security numbers to biometric records or an individual’s medical history.
Carey, who recently returned from service in Iraq as a Navy Reserve officer, set out personally identifiable information interim guidance last month. In an April 17 servicewide message, he said most cases of lost or stolen information are caused by the careless misuse or loss of laptop computers and other mobile devices. “This unacceptable trend continues to hinder our warfighting ability at every level and keeps [Marines and sailors] from focusing on day-to-day duties,” Carey wrote.
According to the interim guidance, storing personally identifiable information on personal laptop computers will be prohibited after Oct. 1.