Personally Identifiable Information (PII) An overview January 16,
10 Slides92.50 KB
Personally Identifiable Information (PII) An overview January 16, 2008 1
Objective: Protect personal identity Combat theft 2
What is PII? USDA considers PII to be information that can be used to distinguish or trace an individual's identity, such as your social security number or medical records, or information that when combined or used with other identifying information is linked or linkable to a specific individual. 3
Steps to Safeguard Examples include: Encrypt electronic PII Remove PII Restrict access Confidentiality statement 4
Steps to Safeguard (cont) Alternate unique identifier Secure areas only Transporting/Shipping PII (AS- 2137) Secure destruction (AS- 2087) Terminate system access 5
Encrypting Sensitive/Privacy Data WinZip Page 4 “Encrypting” handout IT Help desk # 690-1000 IRM-378 6
Shipment of PII Encrypt before shipping Prevent inadvertent opening Signs of tampering apparent Approved methods: FedEX and USPS Exception: single envelope AD-2137 7
Terminating Info System Access Terminate access: Reassigned, separated, deceased Modify access: Reassigned within HRD FSA-13A IRM-400 8
Breach Policy One (1) hour OCIO, Office of Cyber Security (DM) 3505-000 9
Personally Identifiable Information (PII) Q&A 10