GDPR

What is personally identifiable information (PII)? How to protect it under GDPR

The EU's General Data Protection Regulation requires companies to protect the privacy of their EU customers. That means keeping personally identifiable information (PII) safe. Here's what you need to know.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Personally identifiable information (PII) is any data that can be used to identify a specific individual. Social Security numbers, mailing or email address, and phone numbers have most commonly been considered PII, but technology has expanded the scope of PII considerably. It can include an IP address, login IDs, social media posts, or digital images. Geolocation, biometric, and behavioral data can also be classified as PII.

This broad definition of PII creates security and privacy challenges, especially when specific and stringent safeguards for it are spelled out in regulations such as the European Union’s (EU’s) General Data Protection Regulation (GDPR). It goes into full effect May 25, 2018, and it impacts any company, worldwide, that processes or stores personal data of EU residents.

The new rules grant people more rights regarding how companies handle their personally identifiable information (PII), and it imposes heavy fines for non-compliance and data breaches--up to 4 percent of a company’s yearly revenue. The GDPR also requires that companies report data breaches within a 72-hour window. (See “General Data Protection Regulation (GDPR) requirements, deadlines and facts” for more specifics on the regulation.)

Even if you don’t do business with the EU, it’s likely to have impact on global security standards going forward. Consequently, companies working in the EU or with GDPR-impacted data are quickly trying to come into compliance ahead of time. For security teams, this means making sure that PII is adequately protected and that the proper reporting processes are in place.

To continue reading this article register now

Shop Tech Products at Amazon