Overview of Handling and Protecting Personally Identifiable Information (PII)
Handling and safeguarding PII maintained and used by FRTIB personnel is necessary to ensure the trust of TSP participants and beneficiaries. Privacy Act requests involving participants who request TSP account-specific information are administered by a division within FRTIB’s Office of Participant Services. In an effort to protect PII, FRTIB’s Information Technology Security Management Division has deployed a data loss prevention (DLP) tool to enhance the security of FRTIB’s most critical asset—PII. FRTIB’s DLP enhances privacy protections to PII and helps to reduce breaches. The Privacy Division has also published a PII Handling Policy which details how to identify and safeguard PII.
Recognizing PII
PII refers to information which can be used to distinguish or trace an individual’s identity, either alone or when combined with other information that is linked or linkable to a specific individual, such as information relating to TSP participants and their beneficiaries or individual FRTIB employees or contractors. Sensitive PII is PII which if lost, compromised, or disclosed without authorization could result in harm, embarrassment, inconvenience, or unfairness to an individual.
It is always important to consider the context in which the information is used when determining the level of sensitivity. The same types of information can be sensitive or non-sensitive depending on the context. For example, a list of employee names and phone numbers is far less sensitive than a list of employee names and phone numbers who are being treated for a particular disease.
The following types of PII are considered sensitive when associated with an individual:
- Social security number (including in truncated form);
- TSP account number (included in truncated form);
- Place of birth;
- Date of birth;
- Mother’s maiden name;
- Biometric information;
- Medical information;
- Personal financial information (including bank routing numbers);
- Credit card/purchase card account numbers;
- Passport numbers;
- Potentially sensitive employment information (e.g., performance ratings, disciplinary actions, results of background investigations);
- Criminal history; or
- Information that may stigmatize or may adversely affect an individual.
Minimizing the Collection of PII
FRTIB complies with the Privacy Act’s requirement to limit the collection of PII from individuals. FRTIB maintains only relevant and necessary information about individuals, in accordance with a legally authorized purpose. FRTIB also complies with the Office of Management and Budget (OMB) Circular A-130, Managing Information as a Strategic Resource, which directs agencies to eliminate unnecessary collections, maintenance, and uses of Social Security numbers (SSN).
FRTIB’s Privacy Division maintains an inventory of PII holdings and uses the PTA, PIA, and SORN processes to identify methods to further reduce the data the Agency collects and to ensure, to the maximum extent practicable, that such holdings are accurate, relevant, timely, and complete. Moreover, FRTIB’s SAOP ensures FRTIB minimizes the collection and use of participant information contained on TSP forms and correspondence.
Handling and Transmitting PII
FRTIB requires strict handling guidelines for employees and contractors who handle PII due to the nature of the data and the increased risk to an individual if data were to be compromised. Methods for properly handling PII include, but are not limited to the following, and must be done in accordance with FRTIB’s approved records schedules:
- Store sensitive PII on secure FRTIB network, systems, and FRTIB-approved media;
- Secure sensitive paper PII data by locking it in desks and filing cabinets;
- Remove visible PII from desks and office spaces when not in use (e.g., at the end of each day);
- Destroy sensitive PII by shredding;
- Delete sensitive electronic PII by emptying computer “recycle bin”;
- Only use FRTIB-provided email addresses for conducting official business; and
- Encrypt sensitive PII on computers, media, and other devices, especially when sending data outside of FRTIB’s network.
Sensitive PII may be distributed or released to other individuals only if: (1) it is within the scope of the recipient’s official duties; (2) the recipient has an official, job-based need to know; (3) the distribution is done in accordance with a legitimate underlying authority (e.g., a routine use to a SORN); and (4) sharing information is done in a secure manner. When in doubt FRTIB employees must treat PII as sensitive and must keep the transmission of sensitive PII to a minimum, even when it is protected by secure means.
Other ways for communicating, sending, and receiving sensitive PII include:
- Facsimile — When faxing information, FRTIB personnel should include an advisory statement about the contents on the cover sheet and should notify the recipient before and after transmission.
- Mail — FRTIB personnel should physically secure PII when in transit by sealing it in an opaque envelope or container, and mail it using First Class or Priority Mail, or a comparable commercial service. FRTIB personnel should not mail, or send by courier sensitive PII on CDs, DVDs, hard drives, flash drives, USB drives, floppy disks, or other removable media unless the data is encrypted.
- Hard Copy — FRTIB personnel should also hand-deliver documents containing sensitive PII whenever needed. FRTIB personnel should not leave sensitive PII unattended on printers, facsimile machines, copiers, or in other common places.