Personally identifiable information (PII) is any information or data that can be used to discover or distinguish an individual’s identity and specific details about the individual. While definitions for PII vary slightly, the National Institute of Standards and Technology (NIST) specifically defines personally identifiable information as:
Protecting Personally Identifiable Information
Also referred to as personal identifiable information, PII has become increasingly relevant in recent years as privacy laws and regulations have become more stringent for enterprises. As a result, IT departments are tasked with assessing and addressing the specific risks that an individual can be identified when corporate information is made publicly available, including when that information might be combined with other available information that could be used to identify an individual.
Compromised personal identifiable information carries the possibility of causing substantial harm to individuals in the form of identity theft or other fraudulent use of their personal information, and enterprises are now required to take all necessary measures to safeguard this sensitive information to protect their customers and employees and prevent being liable for compromised PII.
Examples of Personally Identifiable Information
Examples of details that fall under the umbrella of personally identifiable information include the individual’s full name, e-mail address, home address, telephone number, social security number, date of birth and birthplace, passport number, IP address in certain cases), driver’s license number, credit card numbers, mother’s maiden name, login credentials and more.