facebook
twitter
rss
account
search
search
 

IG: Pentagon not safeguarding privacy data

July 3, 2007 at 11:45 AM   |   Comments

WASHINGTON, July 3 (UPI) -- Despite several high-profile compromises of private information, the U.S. Department of Defense is not protecting personal data adequately, a report says.

Officials assigned to protect personal data like Social Security numbers and other records at the Defense Department usually are not specifically trained in the requirements of the 1974 Privacy Act.

Moreover, the military departments and agencies manage the data separately in a decentralized system. While a single Pentagon office is supposed to ensure compliance with the law, it has "failed to ensure that DOD consistently

implemented Privacy Program policy for reporting, collecting, using, safeguarding, and maintaining personal information."

That is the conclusion of a recent investigation by the Defense Department inspector general.

"The personal information contained in DOD systems could be vulnerable to access by unauthorized personnel and individuals identified in systems of records vulnerable to identify theft and fraudulent activities. Effective oversight and administration of the DOD Privacy Act program is contingent on the allocation of sufficient resources and establishment of internal control mechanisms to verify accomplishments of the program's intent," states the June 13 report.

In an electronic era where much of that information is stored on computers and networks, the potential for compromised data is significant. A year ago, a laptop and external hard drive belonging to the Veterans Affairs Department and containing millions of Social Security numbers and birthdates of veterans and military personnel was stolen. It was eventually recovered intact.

"Federal agencies have a special duty to protect personally identifiable information. The increased focus on privacy following information losses at numerous federal agencies has resulted in (the Office of Management and Budget) placing additional requirements on already thinly resourced DOD privacy program staff, and the current decentralized program cannot provide an effective response. DOD privacy officials do not consistently implement safeguards and policies for protecting personal privacy information as required by the Privacy Act, and component privacy officers do not oversee privacy programs within their components."

© 2007 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Most Popular
1
GM recalls 221,000 Cadillacs and Impalas GM recalls 221,000 Cadillacs and Impalas
2
New National Security Cutter delivered to Coast Guard New National Security Cutter delivered to Coast Guard
3
First MT30 engine for Korean Navy frigates passes acceptance tests First MT30 engine for Korean Navy frigates passes acceptance tests
4
Ukraine's State Guard Service receives armored personnel carriers Ukraine's State Guard Service receives armored personnel carriers
5
Navy's Triton surveillance drone flies cross-country Navy's Triton surveillance drone flies cross-country
Trending News
Video
x
Feedback