Personally identifiable information—or PII—is critically important data for individuals and businesses, not only because operations rely on many of these data points but there are also significant circumstances for losing it. Of course, to properly protect PII, you need to know what the umbrella term of PII includes.
According to the National Institute of Standards and Technology’s (NIST) Computer Security Resource Center (CSRC) PII includes:
So, let’s say your business had collected data on a user named James Jones. We’ll run through a few examples of what would qualify as James Jones’ PII.
In the case of James Jones, your business would be on the hook for losing his data if that data included the following:
Even if you’ve secured all of James Jones’ above information, you may not be off the hook. More data can be identified as PII if combined with other forms, like the following:
So, if someone were to collect James Jones’ employment history and family information, they now have enough to classify as PII.
If not, reach out to Zinc! We can help assess your business’ cybersecurity and data handling habits… and, more importantly, help you correct any issues we find. Give us a call at (713) 979-2090 to get started.
About the author
Zinc has been serving the Texas area since 2017, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Comments