Privacy Act

Question 1

ABC Bank

no_reply@online.abcbank.com “Account Status” 9:15am

Answer 1

Report the suspicious email to your system administrator or security officer.

Question 2

CDR Smith
cdr.smith32@navy.mil “Recall Roster” 8:03am
Does this represent a PII breach?

Answer 2

Yes

Question 3

CDR Smith
cdr.smith32@navy.mil “Recall Roster” 8:03am
What action should you take first?

Answer 3

Upon discovery and within one hour, contact your privacy official or supervisor to report the breach.

Question 4

CDR Smith
cdr.smith32@navy.mil “Recall Roster” 8:03am
What should CDR Smith have done to prevent this PII Breach?

Answer 4

CDR Smith should not have sent an unencrypted email containing everyone’s PII to individuals who do not have a need to know.

Question 5

Pat Z Anderson
pat.z.anderson@navy.mil “Overseas Travel Form” 7:22am
What action should you take first?

Answer 5

Consult with your command forms manager/admin office or visit the Naval Forms Online website to verify this is an approved form.

Question 6

Pat Z Anderson
pat.z.anderson@navy.mil “Overseas Travel Form” 7:22am
Please select the proper controls for sending PII.

Answer 6

All of the above.

Question 7

To prevent a future breach of this kind, what controls should be put in place?

Answer 7

A, B, & C

Question 8

Look around the office and identify areas where PII could be mishandled.

Answer 8

1. Printed form containing PII in plain view
2. Fax machine
3. Recycle bin