BY ORDER OF THE
SECRETARY OF THE AIR FORCE
AIR FORCE INSTRUCTION 33-332
10 MARCH 2020
Corrective Actions applied on 12 May 2020
Communication and Information
AIR FORCE PRIVACY AND CIVIL
LIBERTIES PROGRAM
COMPLIANCE WITH THIS PUBLICATION IS MANDATORY
ACCESSIBILITY: Publications and forms are available on the e- Publishing website at
www.e-Publishing.af.mil for downloading or ordering.
RELEASABILITY: There are no releasability restrictions on this publication.
OPR: SAF/CNZA
Supersedes: AFI33-332, 12 January 2015
Certified by: SAF/CNZ
(Ms. Wanda Jones-Heath)
Pages: 62
This instruction implements Air Force Policy Directive (AFPD) 33-3, Information Management.
This instruction applies to all Regular Air Force, Air Force Reserve, Air National Guard, civilian
employees, contractors in the performance of their duties to an Air Force contract, and the Civil
Air Patrol when performing functions for the Air Force. Failure to observe the prohibitions and
mandatory provisions in paragraphs 3.1.2 and 4.2.12.4, of this publication by military members
is a violation of Article 92 of the Uniform Code of Military Justice (UCMJ). Air National Guard
members not serving in a federal status who violate the mandatory provisions in paragraphs
3.1.2 and 4.2.12.4 may be punished under their respective state military codes or applicable
administrative action may be taken, as appropriate. Personnel not in a federal status are subject to
their respective state military code or applicable administrative actions, as appropriate. Civilians
who violate information security policy may be disciplined in accordance with AFI 36-704,
Discipline and Adverse Actions of Civilian Employees or AFI 34-301, Nonappropriated Funds
Personnel Management and Administration. In addition to this instruction, Air Force medical
organizations that meet the definition of a covered entity must also comply with DoDI 6025.18,
Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule Compliance In DoD
Health Care Programs, DoDI 8580.02, Security of Individually Identifiable Health Information
in DoD Health Care Programs; and Air Force Manual (AFMAN) 41-210, TRICARE Operations
and Patient Administration, which covers Protected Health Information (PHI) held by them. The
authorities to waive wing/unit level requirements in this publication are identified with a Tier
(“T-0, T-1, T-2, T-3”) number following the compliance statement. See AFI 33-360,
Publications and Forms Management, for a description of the authorities associated with the Tier
