Secure Sensitive PII in a locked desk drawer, file cabinet, or similar locked enclosure when not in use. When using Sensitive PII, keep it in an area where access is controlled and limited to persons with an official need to know. Avoid faxing Sensitive PII, if at all possible.
How do you protect personally identifiable information?
10 steps to help your organization secure personally identifiable information against loss or compromise
- Identify the PII your company stores.
- Find all the places PII is stored.
- Classify PII in terms of sensitivity.
- Delete old PII you no longer need.
- Establish an acceptable usage policy.
- Encrypt PII.
Which of the following actions should you take to protect personally identifiable information PII?
To protect PII:
- Identify What PII You Collect and Where It Is Stored. …
- Identify What Compliance Regulations You Must Follow. …
- Perform a PII Risk Assessment. …
- Securely Delete PII That’s Not Necessary to Business. …
- Classify PII by Confidentiality and Privacy Impacts. …
- Review and Update Safeguards That Protect PII.
How do you safeguard sensitive PII?
Try to minimize the collection of Sensitive PII; use email addresses or case record numbers instead. Access it only via DHS-approved, encrypted media devices, kept locked and secured at all times while at work, while teleworking, and in transit. Never share your username, password, or PIV card with anyone.
What are PII confidentiality safeguards?
United States: The National Institute of Standards and Technology (NIST) Guide to Protecting Confidentiality of Personally Identifiable Information defines PII as any information about an individual maintained by an agency, including any information that can be used to distinguish or trace an individual’s identify such …
What is the best example of personally identifiable information?
Personally identifiable information, or PII, is any data that could potentially be used to identify a particular person. Examples include a full name, Social Security number, driver’s license number, bank account number, passport number, and email address.
What is considered personally identifiable information?
Further, PII is defined as information: (i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or (ii) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., …
What is a PII breach?
For the purpose of safeguarding against and responding to the breach of personally identifiable information (PII) the term “breach” is used to include the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access, or any similar term referring to situations where persons other …
What is a PII violation?
One of the most familiar PII violations is identity theft, said Sparks, adding that when people are careless with information, such as Social Security numbers and people’s date of birth, they can easily become the victim of the crime. …
Do not use unauthorized mobile devices to access PII. Lock up portable devices (e.g., laptops, cell phones). Clear your web browser history to avoid other users accessing PII. Disable auto-fill settings on your web browser.
What is not considered sensitive PII?
Sensitive personally identifiable information can include your full name, Social Security Number, driver’s license, financial information, and medical records. Non-sensitive personally identifiable information is easily accessible from public sources and can include your zip code, race, gender, and date of birth.
Which of the following is not PII?
Info such as business phone numbers and race, religion, gender, workplace, and job titles are typically not considered PII. But they should still be treated as sensitive, linkable info because they could identify an individual when combined with other data.