Abstract

Personally identifiable information—or PII—is critically important data for individuals and businesses, not only because operations rely on many of these data points but there are also significant circumstances for losing it. Of course, to properly protect PII, you need to know what the umbrella term of PII includes.

What Counts as PII?

According to the National Institute of Standards and Technology’s (NIST) Computer Security Resource Center (CSRC) PII includes:

“Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.”

So, let’s say your business had collected data on a user named James Jones. We’ll run through a few examples of what would qualify as James Jones’ PII.

Examining Personally Identifiable Information

In the case of James Jones, your business would be on the hook for losing his data if that data included the following:

  • His name
  • His address
  • His phone number
  • His personal identification numbers
  • His information that identifies his property
  • His personal features
  • His asset information

Other Information Can Be Combined to Create PII

Even if you’ve secured all of James Jones’ above information, you may not be off the hook. More data can be identified as PII if combined with other forms, like the following:

  • His date and place of birth
  • His race
  • His religion
  • His weight
  • His activities
  • His geographic location
  • His employment history
  • His medical data
  • His educational history
  • His financial data
  • His family information

So, if someone were to collect James Jones’ employment history and family information, they now have enough to classify as PII.

PII is Critical to Protect… Are You Prepared?

If not, reach out to NetMGM! We can help assess your business’ cybersecurity and data handling habits… and, more importantly, help you correct any issues we find. Give us a call at 888-748-2525 to get started.

ABOUT THE AUTHOR

What is Personally Identifiable Information?

Rafiq Masri

With over 25 years of experience in Information Technology, Rafiq is one of the most accomplished, versatile and certified engineer in the field. He has spent the past 2 ½ decades administering and supporting a wide range of clients and has helped position Network Management, Inc. as a leader in the IT Managed Services space.

Rafiq has built a reputation for designing, building and supporting top notch IT infrastructures to match the business objectives and goals of his clients.

Embracing the core values of integrity, innovation, and reliability, Rafiq has a very loyal client base with some customer relationships dating back 20+ years.

Rafiq holds a bachelor’s degree in Mechanical Engineering from the University of Michigan and has completed graduate programs in Software Engineering and Business at Harvard and George Mason University. Rafiq is a former founder and CEO of Automation, Inc. in Ann Arbor, Michigan as well as a valued speaker on entrepreneurship and technology at industry events such as ExpoTech and others.