Protecting personal information

Indicate which of the following are examples of PII

A leave request with name, last four of SSN and medical info. An employee roster with home address and phone number. A supervisors list of employee performance ratings. A witness protection list. A workers compensation form with name and medical info. A workers compensation form with name and medical info.

Who is responsible for protecting PAI?

All of the above

Who is responsible for protecting PII?

All of the above

Personally owned equipment can be used to access or store PII for official purpose.

False

A privacy incident is the suspected or confirmed loss of control compromise unauthorized disclosure on authorize acquisition or any similar occurrence when?

True

Do you not share PII with anyone outside of DAS before checking with your component privacy officer since several acquirements must be met.

True

If you maintain PII in hardcopy or electronically use safeguards and technical access controls to restrict access to staff with an official need to know

True

Never email another individuals PI to or from your personal email account.

True

Privacy act protected information can be shared outside of DHS only why specifically authorized.

True

You may only email PII from DHS to an external email within an encrypted or password-protected attachment. Components require an encryption of people I I emailed internally

True

If someone within the DHS asks for PII in digital or hardcopy format what should you do first?

Verify the requesters need to know before sharing.