Definition

personally identifiable information (PII)

Personally identifiable information (PII) is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII. 

PII can be sensitive or non-sensitive. Non-sensitive PII is information that can be transmitted in an unencrypted form without resulting in harm to the individual. Non-sensitive PII can be easily gathered from public records, phone books, corporate directories and websites.

Sensitive PII is information which, when disclosed, could result in harm to the individual whose privacy has been breached. Sensitive PII should therefore be encrypted in transit and when data is at rest. Such information includes biometric information, medical information, personally identifiable financial information (PIFI) and unique identifiers such as passport or Social Security numbers.

This was last updated in January 2014

Continue Reading About personally identifiable information (PII)

Dig Deeper on PII and PIFI data privacy and retention

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

The distinction between sensitive and non-sensitive PII is helpful. Is it a generalization (e.g., all phone numbers are non-sensitive because they're found in phone books), or is it tailored to each person (e.g., the numbers included in phone books are non-sensitive, but unlisted numbers are sensitive)?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close