What constitutes Personally Identifiable Information?
Personally Identifiable Information (PII) is any information used to distinguish or trace an individual’s identity. Examples of PII include your full name, address, date of birth, Social Security Number, bank account number, biometric records, medical records, vehicle registration plate – a lot of which is also considered sensitive, and will need to be encrypted when stored in a database.
So, what is NOT PII? As personal as your email address is to you, for example, it’s not considered PII – it is not something that only you could be identified with, as there may be many people who could choose something like samsmith84@hotmail.com, whereas your driver’s license number can only be yours. Only if an email address gives access to financial information or other like resources can an email address be considered PII. Other things that fall into the category of ‘none of your business, but not PII’ are your gender or race, the country or state in which you live, or your salary.
Recent changes in EU law protecting the information of EU citizens has had global consequences – General Data Protection Regulation (GDPR), which became effective in May 2018. This has brought the differences between PII, ‘private information’ and ‘personal data’ into the heads of anyone tasked with ensuring GDPR compliance in their business.
USInfoSearch has several levels of PII availability for our customers, varying by use cases and requirements.
Because we take protection of personal data very seriously, we restrict full SSN access to our customers with legitimate business needs. We work with each one of our clients during the credentialing process to ensure they get the data that best suits their business needs.