This alert contains two recommendations directing actions Federal Emergency Management Agency (FEMA) should take to safeguard both Personally Identifiable Information (PII) and Sensitive Personally Identifiable Information (SPII) of disaster survivors and prevent additional privacy incidents similar to one we identified during our ongoing audit of FEMA’s Transitional Sheltering Assistance (TSA) program. FEMA concurred with both recommendations.