The White House's Office of Management and Budget instructed U.S.
federal agencies to alert the US-CERT within one hour to any breach
involving personally identifiable information, even if the possibility
of a breach is only suspected.
The memo (PDF), dated last week, is the fourth letter regarding information-security policy sent to government agencies in the past two months. Another memo (PDF),
dated Monday, required that government agencies report any computer
systems missing from their inventory and outline the results of an
investigation into handling of personally identifiable information
within their agency. An earlier memo mandated that agencies use encryption to protect sensitive data on laptops.