Personally Identifiable Information (PII)

By / November 10, 2021

What is PII?

The Nation Institute of Standard and Technology (NIST), defines personally identifiable information (PII) as Any information about an individual maintained by an agency, including any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.

The definition continues, Information which can be used to distinguish or trace the identity of an individual (e.g., name, social security number, biometric records, etc.) alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual (e.g., date and place of birth, mother’s maiden name, etc.).

According to the NIST description, PII can be divided into two categories: linked data, which is data directly connected to a person; and linkable data, which is not directly connected to a person.

What is viewed as PII?

Any information that can interestingly distinguish an individual, separate from some other person is PII. It may include name, social security number, date and place of birth, email, address, phone number, passport number, fingerprint, handwriting, driver’s license number, credit or debit card number, login name, etc.

Leader in Access Management, Okta in 2020 conducted an online survey of more than 12,000 individuals between the ages of 18 and 75 in six countries. They made a rundown of 13 unique kinds of information considered as PII. The Okta report lists those categories in descending order.

Source: Okta report on Cost of Privacy (2020)

The report states that the survey respondent believes only 6 out of the 13 types of information constituted their online identity. In its report Cost of Privacy (2020),

Why secure PII?

The legitimate use of PII is often used for targeted advertisements by organizations today. Yet, in the possession of cybercriminals, there is an issue.

Because of the value that PII data holds, a little piece of information in the hands of cybercriminals can be utilized to carry out a phishing attack, launch social engineering attacks, etc. It is progressively significant that we protect PII.

Protecting your PII

Tons of data are continuously collected, stored, and distributed by organizations/websites we visit each day. However, there are precautionary measures people can take in protecting their PII which includes;

  • Be selective of what you post on social media. If possible limit your social media audience to people you know.
  • Shred important documents before discarding them to avoid dumpster dividing.
  • Ask questions before handing out sensitive information like your social security number when asked.
  • Safely destroying or removing old media with sensitive data.
  • Avoid using public Wi-Fi.
  • Use virtual private networks (VPNs) to handle sensitive information.
  • Use incognito mode on your web browser to prevent tracking and storage of records tied to your identity.
  • Keep Social Security cards in a safe place.

Knowing what PII is, the thing that it’s utilized for, and how to secure it are largely fundamental pieces of remaining safe online

1 thought on “Personally Identifiable Information (PII)”

  1. Pingback: National Computer Security Day - PVT365

Leave a Comment

Your email address will not be published. Required fields are marked *