Overview of PII Management

What is Personally Identifiable Information (PII)? 

PII is a legal term related to information security that refers to information that can be used by organizations on its own or with other information to identify, contact, or locate a single person, or to identify an individual. The concept of PII determines which data to store, process, manage and display that identifies users. As the controller of the data, it is your responsibility to handle the data appropriately. Keep in mind that data collected may not considered PII when looked at separately; however, data could lead to the identification of an individual when looked at collectively. Some examples of PII include:

• Full name

• Email address

• Social Security Number

• Date of birth

• Mailing address

• Phone number

Protecting PII is vital for the following reasons.

• Privacy - Ensuring the confidentiality of user data is a top priority for the software and its users.

• Security - Proper handling of PII prevents unauthorized access, data breaches, and identity theft.

• Compliance - The software must adhere to data protection regulations like GDPR and CCPA, which mandate the secure handling of PII.

Managing PII

The software offers features to assist you with managing PII.

• Role-Based Access Control (RBAC) - You can configure user roles with varying permissions to limit access to PII based on the principle of least privilege.

• Encryption and masking - Data is encrypted at rest and in-transit along with masking to protect it from unauthorized access.

• Audit Logs - Monitor user activity and access to PII, enabling the detection of potential breaches and unauthorized access.

Click on the topics below to learn more about managing PII:

• Enabling PII in Web Admin

• Configuring and Setting Up PII Fields

• Access Control and Authorization

• PII Data Storage and Security

• Transitioning from Data Sanitizer Managing PII