What is a Breach?
According to the Department of Defense (DoD), a breach of personal information occurs when the information is lost, disclosed to, accessed by, or potentially exposed to unauthorized individuals, or compromised in a way where the subjects of the information are negatively affected.
Breach Reporting
The Defense Health Agency (DHA) Privacy and Civil Liberties Office (Privacy Office) coordinates breach reporting within the Military Health System (MHS). Email us if you have questions about breaches or breach reporting within the MHS.
Guidance tools for breach reporting:
You also may be interested in...
Policy
In accordance with the policies outlined in this Memorandum, a risk assessment must be conducted for every breach to determine whether notification to affected individuals is necessary.
Policy
This Memorandum establishes policy and assigns responsibility for how sanctions should be determined and applied against workforce members of TRICARE Management Activity (TMA) who fail to follow appropriate standards for safeguarding personally identifiable information (PII) and/or protected health information (PHI).
Policy
This Memorandum establishes policy for documents transmitted and/or received by facsimile that contain Personally Identifiable Information and/or Protected Health Information (PII/PHI).
Policy
This Memorandum implements the recent Department of Defense (DoD) requirement on the use of digital signature for e-mail, and is in addition to my memorandum of June 13, 2007, “Use of Digital Signature on TRICARE Management Activity (TMA) Official Electronic Mail (e-mail).”
Policy
This Memorandum outlines procedures for breach notification reporting for the Military Health System (MHS).
Policy
This Memorandum provides recommendations on means to protect sensitive unclassified information on portable computing devices used within DoD and advises that the suggestions are expected to become policy in the near future.
Policy
This document outlines the use of digital signatures on official TRICARE Management Activity electronic mail.
Policy
This Memorandum outlines the framework within which Federal agencies must develop a breach notification policy while ensuring proper safeguards are in place to protect the information.
Policy
This Memorandum provides recommendations for planning and responding to data breaches which could result in identity theft.
Policy
This Memorandum addresses the efforts to properly safeguard information assets while using information technology by incorporating a checklist from the National Institute of Standards and Technology (NIST) for protection of remote information.
Policy
This Memorandum reemphasizes responsibilities under law and policy to appropriately safeguard sensitive personally identifiable information (PII) and train employees on responsibilities in this area.
Showing results 16 - 26
Page 2 of 2