As described in a recent Customer Service Notice email from the Department, sending Personally Identifiable Information outside of USDA is a major security risk. PII must be encrypted before it is sent to prevent a third party from intercepting and stealing the PII.
Currently, Outlook and Outlook Web App do not have a means for FS employees to encrypt PII. However, in the coming weeks, Office 365 Message Encryption will be added to Outlook and OWA to allow users to encrypt sensitive information before emailing it to recipients outside of USDA.
Policy tip warning messages began on May 15th and will continue until OME is in place. You will receive this warning when you try to email unencrypted PII to an outside recipient. Please note that this warning will not prevent you from sending your email in any way for now. However, once OME is in place, you will be prevented from sending the email until you encrypt the message containing PII.
Further, attempting to send an email with unencrypted PII will also trigger the Department to send an alert to the Forest Service’s Cyber Incident Response Team. FS-CIRT will then open an investigation and the Privacy Officer will be obliged to investigate and file standard incident reports.
To ensure that you do not receive this warning message or trigger the alert, you should get into the habit of putting PII into attachments (not the body of the email) and encrypting the attachments. You can also use Box to file share with specific individuals with “need to know”.
What you need to do
Be aware of this change about sending PII through email.
Some additional resources are:
- Encryption Cheat Sheet
- Encryption Video for Adobe
- Encryption Video for Word
- Encryption Video for Excel
Help is available
For technical help call the Customer Help Desk at 1-866-945-1354 (TTY: 1-800-877-8339), start a chat with an agent, or type the full KBA number or “keywords” in double quotes into the Search box on the Customer Help Desk site to find helpful knowledge management documents.
The CIO is committed to providing reasonable accommodation in all of its activities, services, and programs for individuals with disabilities. If you require reasonable accommodation in accessing and using the information contained in this email, please email CIO News.
Visit the CIO News Archives for past emails.