What is sensitive information?
Sensitive information is privileged information which – if compromised through alteration, corruption, loss, misuse, or unauthorized disclosure – could cause serious harm to an individual or organization. You must always give the highest level of protection to privileged information. Here we discuss Personally Identifiable Information, or PII.
What is Personally Identifiable Information?
For the purpose of data protection, PII is defined as: any instance of an individual’s first name (or first initial) plus the last name, and any one of twenty-nine additional confidential items.
An example of these twenty-nine additional confidential items include: Social Security number, driver license, credit card number and expiration date, date or place of birth, wage and salary information, vehicle identifiers including license plate numbers, and medical history.
Is it PII?
They key to remember is, if the information can be used to uniquely identify a specific individual using non-public information, it’s considered PII and must be protected.
Example: John Smith was born on January 1, 1965. Which listing below would be the example of PII?
- John Smith – DOB 1/1/1965
- John S. – DOB 1/1/1965
- John Smith – DOB 1/1/xxxx
The answer is A. B and C are not examples of PII on their own.
Employees who do not take care of sensitive information can lead their organizations into fines, increased operating costs, loss of customer confidence, and even more governmental regulation. Do your part to keep your sensitive information safe at all times.
Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team and LMT Technology Solutions