PII stands for “personally identifiable information” – which is any data that may identify a particular person.
You may think it’s ONLY the most sensitive data, such as our financial information or SSN, are considered high risk – but you’d be shocked to know that as simple as our username is considered data that can be stolen!
How is our personal information identified?
Within the digital database, our information is labeled as PII.
What is considered and identified as PII data?
Social Security Number
Driver’s License Number
Bank Account Number
User ID/Log-In Information
By law if any organization holds or processes PII, it need to be safeguarded and encrypted and there are fines and penalties associated with data breach & cyber attacks from the industry-specific regulatory bodies.
As businesses hold this sensitive asset – it is so important to mitigate data risk by practicing good cyber security posture and transfer the financial risk by having robust cyber insurance for when cyber incident takes place that are out of your control!
Personal information – even if not sensitive – is considered PII and should be safeguarded. Any data that passes thru your business – whether you are storing or not, is your responsibility.