November 2024 Newsletter

Data privacy and PII

When you go to the bank or visit the doctor, you need to provide them with personal information. Things like your name, birthday and ID number. This information is valuable because it provides the key to your identity. If a criminal got hold of this data, they could use it to hack into your accounts, impersonate you or steal from you. That’s why you want the companies you do business with to keep your personal data safe.

But if your job involves handling other people’s personal data, then it’s your responsibility to handle it with the same strict privacy that you expect for your own data. That’s why it’s important to understand what personally identifiable information is and how to keep it secure.

Personally Identifiable Information

What is PII?

Personally Identifiable Information (PII) is any information which can be used to identify you, either on its own or combined with other data. PII includes things you might expect, like your full name, email address, credit card number and passport information. It also includes biometric data, such as your fingerprints. But PII can also include information you might not expect. Things like your gender, religion, ethnicity and political beliefs.

Even if the information is publicly available (such as the name of your employer), it’s still considered PII and needs to be handled securely. Privacy laws, such as GDPR and PDPA, outline what data is considered PII and establish penalties for privacy violations.

Protecting PII

Personal information must be protected and handled securely at every stage of its life cycle. That includes when the data is at rest, when it’s in transit and when the data is in use.

Data at rest

When data is at rest, it’s important to use encrypted storage devices and cloud accounts. Access to the data should be restricted to only those who need it.

Data in transit

When data is in transit, PII should be encrypted and sent only to authorized individuals.

Data in use

When PII is in use, employees should only access data they need to perform their duties. They should not attempt to view any PII beyond their proper access level. And employees should refrain from discussing or sharing any PII with unauthorized people.

PII is the key to identity. When you handle PII as part of your job, it’s your responsibility to keep other people’s data secure. Local privacy laws may vary, so follow your organization’s policies and procedures. By carefully handling data you are entrusted with, you protect yourself, your customers and your organization.

Want to learn more?

We understand that exceptional service delivery is only possible when our team is fully committed to purpose-driven work. That’s why we’re proud to lead the way in creating a culture of personal growth, development, and accountability. We believe that building strong relationships through trust and reliability is key to becoming an exceptional industry leader. Our ultimate goal is to help our clients succeed in today’s complex business environment.