From the Federal Manager’s Daily Report:
The Pentagon has issued guidance to DoD components on considerations for making public announcements regarding breaches of private information, an issue that has been much in the mind of the federal workforce in recent months following disclosure of two major cyber hacks of personally identifiable information, or PII, held by the Office of Personnel Management.
A memo from the DoD senior official for privacy, Michael L. Rhodes, says the department “must continue its efforts to promote a culture to continuously ‘think privacy’ and act swiftly to develop and implement effective breach mitigation plans, when necessary. One challenge is that no two breaches of PII involve the exact same circumstances, personnel, systems or information. A case-by-case analysis combined with the use of best judgment is required for effective breach management.”
Read more on FEDweek.