32 CFR 806b.29 - Sending personal information over electronic mail.

prev | next
§ 806b.29 Sending personal information over electronic mail.

(a) Exercise caution before transmitting personal information over e-mail to ensure it is adequately safeguarded. Some information may be so sensitive and personal that e-mail may not be the proper way to transmit it. When sending personal information over e-mail within DoD, ensure: There is an official need; all addressee(s) (including “cc” addressees) are authorized to receive it under the Privacy Act; and it is protected from unauthorized disclosure, loss, or alteration. Protection methods may include encryption or password protecting the information in a separate Word document. When transmitting personal information over e-mail, add “FOUO” to the beginning of the subject line, followed by the subject, and apply the following statement at the beginning of the e-mail:

“This e-mail contains For Official Use Only (FOUO) information which must be protected under the Privacy Act and Air Force Instruction 33-332.”

(b) Do not indiscriminately apply this statement to e-mails. Use it only in situations when you are actually transmitting personal information. DoD Regulation 5400.7/Air Force Supp, Chapter 4 3, provides additional guidance regarding For Official Use Only information.


(c) Do not disclose personal information to anyone outside DoD unless specifically authorized by the Privacy Act (see § 806b.47).

(d) Do not send Privacy Act information to distribution lists or group e-mail addresses unless each member has an official need to know the personal information. When in doubt, send only to individual accounts.

(e) Before forwarding e-mails you have received that contain personal information, verify that your intended recipients are authorized to receive the information under the Privacy Act (see § 806b.47).

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.

United States Code