JUNE 4, 2024 – The Department of Defense (DoD) and the Defense Information Systems Agency (DISA) recognizes the importance of protecting the privacy of its customers and employees, especially as it modernizes its information management and employee information systems.
Privacy issues must be addressed when systems are developed and privacy protections must be integrated into the development life cycle of these automated systems.
The vehicle for addressing privacy issues in a system under development is the Privacy Impact Assessment (PIA).
The PIA process provides a means to assure compliance with applicable laws and regulations governing customer and employee privacy.
A PIA addresses privacy factors for all new or significantly altered Information Technology (IT systems or projects that collect, maintain, or disseminate personal information from or about members of the public, Federal personnel contractors, or Foreign Nationals employed at U.S. military facilities internationally).
The Global Electronic Approval Routing System (GEARS) Privacy Impact Assessment (PIA) was approved on May 4. This approval allows GEARS to process Personally Identifiable Information (PII) and Personal Health Information (PHI).
However, it is important to remember that GEARS Packet creators must minimize the inclusion of PII/PHI and ensure that all individuals in the packet route are authorized to access this information and have a genuine need to know.
To obtain a copy of the Privacy Impact Assessment and see what is being safeguarded, please visit milBook: https://www.milsuite.mil/book/docs/DOC-1323957
Story by Gabriel Archer
U.S. Army Network Enterprise Technology Command