Protect personal information

  • Published
  • By Master Sgt. Pamela Vickers
  • AFSOC Privacy Act Manager
HURLBURT FIELD, Fla. --  With the ever present threat of identity fraud looming overhead, we must all play a proactive role in protecting our fellow wingman's personally identifying information. According to the Federal Trade Commission, identity theft strikes nearly 10 million U.S. consumers each year. It occurs when personal information is stolen and used without the person's knowledge to commit fraud or other crimes.

In September 2007, a Montgomery, Ala., man was convicted of stealing the identities of more than two dozen local Airmen from Hurlburt Field and Eglin Air Force Base. Many of the victims were deployed to the Middle East when their information was stolen. The person admitted to swiping a document from his girlfriend, an Airman assigned to Hurlburt Field, without her knowledge. The document contained identifying information for Hurlburt personnel which she had used to perform hurricane notification duties. This incident could have been prevented by following a few simple steps:

- Avoid using the entire Social Security Number on any document unless it is absolutely necessary. The last four numbers of the SSN can be used instead, because it is not unique to one individual. If the SSN is collected, it must be kept in an approved Privacy Act system of record

- Do not maintain records longer than permitted under the records disposal act. If a document must be taken home for official use, such as a recall roster or a hurricane notification roster, every effort must be made to protect it. The document should be shredded when it's no longer needed

- Scrub all rosters to make sure only the most pertinent information is listed on the rosters to successfully accomplish the mission. Just because it's always been done that way doesn't make it right. If it's not needed, leave it out

- Do not distribute or release personal information to other employees unless they have an official need to know

- Do not transmit personal data in e-mails without ensuring it is properly marked and encrypted

A little awareness can go a long way in stomping out identity theft and other Privacy Act violations.