What is Personally identifiable information PII?

Understanding Personally identifiable information PII

Any data about a human being that could be used to identify that person. PII encompasses any information that can be used to identify contact or locate an individual either alone or combined with other readily accessible sources. It includes direct identifiers like names and ID numbers and indirect identifiers that could be combined to identify individuals. PII is subject to protection requirements in numerous regulations including GDPR CCPA HIPAA and standards like ISO 27701. Organizations protect PII through classification minimization access controls encryption anonymization techniques and privacy-by-design approaches. For example a healthcare system might protect patient PII by implementing data classification role-based access controls field-level encryption of sensitive identifiers data loss prevention systems strict retention policies and comprehensive audit logging of all access to PII. Related terms Privacy Personal data Data protection GDPR Data minimization De-identification Privacy impact assessment Data subject.