Skip to main content

Military Health System

Test of Sitewide Banner

This is a test of the sitewide banner capability. In the case of an emergency, site visitors would be able to visit the news page for addition information.

Privacy Impact Assessments

A Privacy Impact Assessment is an analysis of how personally identifiable information is handled in DOD information systems or electronic collections. The PIA examines and evaluates protections for handling information to mitigate potential privacy risks. A PIA also analyzes and describes the following information about a system:

  • What information is being collected?
  • Why the information will be collected?
  • What is the intended use of the information?
  • With whom will the information be shared?
  • How will the information be secured?

The Defense Health Agency PIA program coordinates the PIA process within DHA, in compliance with the E-Government Act of 2002, Section 208, OMB M-03-22Download the PDF, and DODI 5400.16.

The DHA PIA team assists information system owners and developers who collect, maintain and/or disseminate PII in demonstrating the incorporation of required protections throughout the entire life cycle of a system.

You also may be interested in...

Mar 4, 2021

What is PII?

.PDF | 359.00 KB

The term “PII” is defined by the Office of Management and Budget (OMB) in OMB Circular A-130, Managing Information as a Strategic Resource (July 2016) as: Information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other information that is linked or linkable to a specific individual.

Mar 4, 2021

What is PHI?

.PDF | 372.22 KB

This is a description of items that fall under protected health information, otherwise known as "PHI".

Jul 4, 2015

DoD Privacy Impact Assessment Guidance

This Instruction establishes policy and assigns responsibilities for completion and approval of PIAs in accordance with the guidance in DoD Instruction 5025.01 and the authority in DoD Directive 5144.1.

  • Identification #: DoD Instruction 5400.16
  • Type: Instructions
Mar 14, 2014


This Instruction reissues and renames DoD Directive (DoDD) 8500.01E as a DoD Instruction (DoDI) pursuant to the authority in DoDD 5144.02 to establish a DoD cybersecurity program to protect and defend DoD information and information technology (IT).

  • Identification #: DoD Instruction 8500.01
  • Type: Instructions
Fact Sheet
Jul 1, 2011

Machine-Readable Policies Information Paper

.PDF | 175.68 KB

This Information Paper provides an overview of the E-Government (E-Gov) Act of 2002 mandating the use of machine-readable privacy policies by Federal agencies on websites used by the public.

Nov 28, 2000

OMB Circular A 130 Management of Federal Information Resources

This Circular (Transmittal Memorandum No. 4) establishes policy for the management of Federal information resources. The Office of Management and Budget (OMB) includes procedural and analytic guidelines for implementing specific aspects of these policies as appendices.

  • Identification #: OMB Circular No. A-130 Revised, Transmittal Memorandum No. 4
  • Type: Guidelines
Last Updated: August 31, 2023
Follow us on Instagram Follow us on LinkedIn Follow us on Facebook Follow us on Twitter Follow us on YouTube Sign up on GovDelivery