When the Transportation Security Administration recently revealed some “for your eyes only” stuff in their operations manual, it was a startling reminder that publishing government documents online can be hazardous to the government’s health. The improperly redacted document revealed things like the types of identification used by officials, what checkpoint x-ray machines would and would not show, and other information that terrorists might find useful. This is not what President Obama meant when he issued a directive for more open government.

While the blush of embarrassment fades from TSA’s face, the business of making sure it doesn’t happen again begins — again.

In April 2005, the Defense Department’s Multi-National-Force-Iraq unit had egg on its face when an Italian blogger uncovered a poorly redacted report investigating a shooting. In response, the National Security Agency released a set of detailed guidelines (pdf) entitled “Redacting with Confidence: How to Safely Publish Sanitized Reports Converted from Word to PDF.”

The NSA pointed out the three most common mistakes made when redacting documents:

•  Covering texts, charts, tables, or diagrams with black rectangles, or highlighting text in black, most common mistake is covering text with black (or changing the background to black).

•  Covering up parts of an image with separate graphics such as black rectangles, or making images “unreadable’ by reducing their size. As with text, this works only on printed copies.

•  Failing to remove metadata and documents properties, which is often as sensitive as the original document; its presence in downgraded or sanitized documents has historically led to compromise.

According to Barry Murphy, an analyst with Murphy Insights, these kinds of mistakes occur because of a simple misunderstanding of how things work. “If I put a lot of black magic marker on paper I am actually covering the data so that it is redacted,” Murphy told Computerworld magazine. “In the digital world that is not true.”

The repercussions of releasing badly redacted document can be enormous and it isn’t just the U.S. government that has suffered the consequences. “We continue to see very public examples of improper redaction performed by major corporations and governmental organizations that have unwittingly revealed business strategy, financial data and Personal Identifiable Information (PFI),” said Gary Heath, CEO of Informative Graphics Corporation.

IGC has developed recommendations on how to properly redact a document and “standalone and electronic redaction technologies that include Redact-It-Desktop.” Other tools and software are being developed but the NSA warns that they cannot be completely trusted. “Reliance on these tools may give a false sense of security,” said NSA in its report.

The latest TSA mistake is most damnable because the information on how to properly redact a document is out there for anyone to see. What does NSA say?

Here are 5 tips on how to safely redact a sensitive document:

1. Save a copy of the original document; make changes to the copy, and keep the original.

2. Delete, rather than black-out, sensitive text, diagrams, tables and images.

3. Turn off track changes, comments and other visible markups, which can contain potentially compromising hidden data.

4. Rename the document to show that manual redaction is complete.

5. Create a new Word document to PDF and review final output for missed redactions or formatting issues.

Learn them and love them, and you’ll save your agency from a serious case of the Whoops.