Jonathan Garcia
ISFM 201
Research Paper
01 May 2016
Personally Identifiable Information (PII)
What is Personally Identifiable Information or PII? What is the importance of it? PII can be sensitive or non-sensitive. Non-sensitive PII is information that can be transmitted in an unencrypted form without resulting in harm to the individual. Anyone can collect Non-sensitive PII from public records, phone books, corporate directories and websites. Sensitive PII is information which, when disclosed, could result in harm to the individual whose privacy has been breached.
Such information includes biometric information, medical information, personally identifiable financial information (PIFI) and unique identifiers. Any information
…show more content…
The loss of PII not only affects individuals but also companies responsible for the safekeeping of PII. To understand how one can protect their personally identifiable information, one must first understand the threats and the consequences that come from that data being compromised. The main threat one’s personally identifiable information is by hackers . Hackers utilize a number of vulnerabilities to gain access to a computer system for the sole purpose of gaining information. The system is not limited to a person’s own personal computer, but also includes the systems that businesses use to store customer information. In recent years, the number of “hacks” into company systems has increased. For example, the hacker(s) that performed the Ashley Madison breech could have used the information to extort money from each of the millions of users to keep their information from disclosure to the media. Those that have used the site may be inclined to do so as a way to keep the knowledge of their actions out of the public eye and from their spouses or partners. (Hackett, …show more content…
These methods are not only good in practice in one’s personal life, but also in one’s professional life as many companies and government agencies have policies regarding use of information technology resources and the retention of personally identifiable information. The most important protection for personally identifiable information is a person’s knowledge of the type of threats and risks there are to their information. For example, the ability to identify a phishing attempt will keep a person from providing information that may compromise their data. Companies in communications with their customers specifically state they will never request a customer’s password. If someone does request this under the guise of being a part of that company, this is a red flag and the customer or user should not provide the information and immediately seek out the company to alert them of phishing attempts. (Lord,