Personal information helps identify an individual and can be anything from a person's full name, address, and contact number, to mention a few. Other elements that constitute personal information include details like a person's age, gender, and occupation.
Some states have laws that make it illegal to disclose sensitive personal information, such as medical records or financial or government documents.
It's important to note that "personal information" is broader than just "personally identifiable information" or PII. PII is a specific type of personal information that can be used to identify someone uniquely. For example, a person's official name, birth information, the Social Security number can all be considered PII. Continue reading to find out what is considered personal information:
What Are Some Examples of Personal Information?
Personal information is basic information that helps identify an individual. Examples include:
Physical location data or mailing address
Social security number (SSN)
Driver's license number
Bank account information
Contact information, including mobile phone numbers and landline numbers
Photographs and videos of the individual (including their image in photographs)
Credit card details, including security codes on your credit card, bank account details, and online payment services such as PayPal or Apple Pay.
Race or ethnic origin
Religion or beliefs
Sexual orientation or sex life; or
Criminal histories (where there is no public interest).
Personal Information Under Privacy Laws
Federal privacy laws don't require businesses to protect personal information. Most states don't have any privacy laws at all. However, various states have laws that protect certain types of personal data.
The definition of such information varies by country and jurisdiction. However, it includes any information that could identify you individually or relate to an identifiable person in most cases.
Personal data is any information used to trace an individual’s online activities in some jurisdictions. It entails such information as your IP address, browser cookies, mobile device identifier, and your name and contact information (such as email addresses).
In other countries like Australia, for example, it's more specific. For example, Australia's definition of "personal information" excludes anything related to a business or an individual's occupation, trade union membership, or political opinions unless it is actually about the individual.
In the US, there are several forms of personal information that are safeguarded by state and federal law:
Social Security Numbers (SSNs)
SSNs help verify a person's identity since most unscrupulous individuals use them to commit crimes like theft. That's why it's no surprise that many state laws are categorical on which situations you're allowed to use or disclose your SSN, and no one is allowed to use the numbers without your consent.
Driver’s License Numbers (DLNs)
DLNs are linked to specific individuals and can be used to verify if a person is legally allowed to drive or determine their driving record. Many states have laws protecting DLNs from illegal disclosure or before using them for marketing purposes.
Name and Address
These are the building blocks of identity theft. If someone has your name and address, they can apply for credit cards or take out loans in your name. In addition, identity thieves often use fake driver's licenses to open bank accounts where they deposit stolen funds.
Credit reports contain information pertaining to your credit card accounts, loans, debts, financial transactions, late payments, or ongoing criminal charges or court cases. Credit bureaus are required to follow the set regulations when collecting, storing, sharing, or reporting any data linked to an individual’s credit reports.
Financial information includes anything to do with financial transactions, such as investments, credit reports, bank statements, and other related documents,
Child Identification Details
This type of personal information involves every detail of a child's identity. It includes things like the child's name, home and school address, date of birth, and other identifying information such as the parent's name and driver's license number.
Medical records contain sensitive medical information about patients, including their diagnosis, treatment history, and other details about their health status. Most states require that these records be kept confidential, with some exceptions for law enforcement purposes or situations where there is imminent danger of death or serious injury to others.
Post Office Number
A post office box number is not considered "personal" when used by an organization to send or receive mail. Still, it may become "personal" if the organization uses it to track the location or activities of one person from another.
Differences Between Personal and Personally Identifiable Information (PII)
Personal information is any data that is personally identifiable to you. It can be anything from your name and address to your Social Security details or even your credit card number.
PII is a subset of personal information that can be used on its own or combined with other data to identify, contact, or locate an individual.
Personal Information vs. PII
Personal information and PII are two terms that are often used interchangeably. However, there are differences between the two.
Personal information involves any data which can verify an individual’s identity and is often referred to as personal data. For example, your name, address, contact information, and SSN all fall within this category.
If they're linked to your name, your personal information could contain credit card numbers or bank account information.
On the other hand, the PII is more specific than personal information because it only refers to data connected with an individual's identification or sensitive information. The term "personally identifiable" means that someone can use the data to identify who you are.
Such people may know your name and address but not your SSN or credit card details. They may not have enough information to identify you as an individual in that regard. Their knowledge of you could be something like ‘Person X resides at 123 Main Street.
But what if someone has your full name and address and your social security or credit card numbers (or any other unique identifier)? Under such scenarios, they can utilize that information to learn to breach your personal privacy based only on what they learn about you from this data set.
Another difference is that personal information includes any data linked to an individual but gives no insight into who they are. For example, a user's IP address is personal information because it helps track their location and online activities. Still, it does not provide any information about their identity.
In comparison, PII is any data that identifies an individual directly or indirectly. For example, it includes names, addresses, email addresses, and mobile phone numbers. It also entails any information combined with other PII data sets to produce identifying attributes like fingerprints or retinal scans.
What Are the Four Types of Personal Information?
Personal information can be divided into four categories:
Sensitive Personal Data subject
This is any information that could potentially harm an individual if it were made public or used inappropriately. Examples include medical records, bank account details, and criminal records.
General Personal Data
Any data concerning an individual that does not fall under sensitive personal data. They include dates of birth, social insurance numbers (SINs), and driving license details.
Details of Criminal Offenses
Criminal information refers to any offense committed by an individual that has been recorded by law enforcement agencies (police forces). Examples include speeding tickets or minor drug possession charges.
Information about National Identification Numbers (CPR nos.)
This category refers to the Dutch national identification number (CPR) and other government-related numbers issued in other countries around the world like social security numbers (SSN), health insurance cards, etc.
The Most Common Ways to Protect Personal Information
Some of the fundamental ways to protect specific personal information include:
- Limit what you post on social media sites. When you post something on Facebook or Twitter, it's not just limited to your friends; anyone with access to the internet can easily see it. If you want to share something with only a select group of people, activate settings to allow only those in your social network to view it.
- Use good passwords. Choose strong passwords that are difficult to decode, such as those that don't follow a specific pattern.
- Keep your computer safe from viruses, spyware, and other malware attacks by installing anti-virus software and regularly updating it.
- Avoid clicking on suspicious links or opening attachments in emails unless you're sure they're safe.
- Check privacy policies before signing up for an account with a website or service provider to understand what information they will be collecting from you, how they will use it, and how long they will keep it.
- Avoid writing down your passwords on sticky notes or any material form near your computer, or leave them written down in plain sight on your desk at work or home.
- Always log out of websites when you're finished using them so no one else will have access to your account if you accidentally leave your computer logged in while you step away for a few minutes.
Who Is an Identifiable Natural Person?
Personally, Identifiable Information is any data that uniquely identifies an individual's personal characteristics or contacts. An identifiable natural person is a living human being who can be identified using an identifier like a name, an identity number, physical data, or an internet identifier, either directly or indirectly. There are also one or more factors unique to that natural person's physical, physiologic, genetic, cognitive, economic, religious, or social identity.
What Do Agencies Have to Do with My Personal Information?
Agencies use particular individuals' information for administrative purposes, such as processing claims for social security payments. They may also use it for research purposes or provide essential public services like healthcare insurance, e.g., Medicare.
Is There Anything I Can Do If an Agency Uses My Personal Information Without My Consent?
Yes. You can complain directly to the agency if you believe they have breached their obligations under the Privacy Act. You can also present your complaints to the OAIC if you believe an agency has breached its obligations under the FOI Act (Freedom of Information)
Safeguard Your Data!
Since we are all aware of the dangers of sharing personal information online, we need to exercise caution when searching for products and services, sharing our thoughts and opinions on social media, and engaging in other activities that may reveal personal information.
While it's important to be cautious when sharing your data online, it's also important to know what is considered personal information. This will helps us know how to safeguard our personal information and avoid potential data breaches.