Department of Defense Forms (DD)
Secretary of Defense Forms (SD)
Standard Forms (SF)
Department of Labor Forms
Department of the Army Forms (DA)
A PII breach is a loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access, or any similar term referring to situations where persons other than authorized users and for an other than authorized purpose have access or potential access to personally identifiable information, whether physical or electronic. This includes, but is not limited to, posting PII on public-facing websites; sending PII via e-mail to unauthorized recipients; providing hard copies of PII to individuals without a need to know; loss of electronic devices or media on which PII is stored; use of PII by employees for unofficial business; and all other unauthorized access to and use of PII.
The most important thing to do if you discover that a breach of PII has occurred or is ongoing is to STOP IT as soon as possible.
1. If there is a suspected or confirmed Privacy breach, fill out Form DD2959, Breach of Personally Identifiable Information (PII) Report, to report it immediately.
2. After you complete the form, submit it to the DoDEA Privacy Office within 24 hours after discovery.
NOTE: The DD2959 form should also be used to report updates to previous submissions.
DoDEA employees responsible for a PII breach will be required, at minimum, to complete a the Safeguarding PII Course and submit their certificate of completion to their supervisor and DoDEA CPO. DoDEA supervisors must report to the DoDEA Privacy Officer within 15 days of the breach what disciplinary and/or administrative actions were assessed against those personnel responsible for a breach.