PII is information that would identify an individual, either directly or indirectly, including any information that is linked or linkable to that individual.
Protecting PII is required by privacy regulations like the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), HIPAA, and dozens of other privacy regulations in other jurisdictions.
PII can include:
- Names
- Addresses
- Social security, passport, or driver license numbers
- Medical records
- Employment or education records
- Biometric data such as fingerprints, and voice or retina scans
It also includes information that could be linked to an individual’s device(s) such as Internet protocol (IP) addresses, cookie identifiers, and radio frequency identification (RFID) tags.
