PHI, PII & Alphabet Soup
Banks and healthcare organizations talk a lot about PHI and PII. Personal health information and personally identifiable info are supposed to be protected by any entity that requires such sensitive information from its customers. So, what is personally identifiable info? More importantly, how can you protect yours?
Defining Personally Identifiable Information
Personally identifiable information is any piece or group of data that can be used to trace the identity of a single individual. Your first name alone isn’t PII — there are likely thousands, if not millions, of people with the same first name. Someone isn’t going to be able to trace that name back to you without other info. The same goes for your last name alone, but if you put the two together, you’re starting to move toward PII. Other examples of PII include birth date, location of birth, social security number, health data, educational data, employment data, and mother’s maiden name.
Why Protect Personally Identifiable Information?
Industries that deal in personally identifiable info– such as healthcare and finance — are governed by strict regulations and are required to guard the personal information of patients and customers. Identity thieves only need a few pieces of that information to use someone else’s identity to access credit, public services, or financial accounts. To avoid such consequences, individuals should also work to protect their own identifiable information.
How Can you Protect Your Information?
Ask about privacy and data-management policies when you visit your bank, doctor’s office, or any business that requires your personal information to provide you with services.
Keep your own records organized and secure.
Don’t throw credit card statements or documents with personally identifiable info in the garbage. Instead, arrange to have those items professionally destroyed and shredded.
When using online services, such as email, use common sense and don’t click on links sent from people or organizations you don’t know. Organizations that you already deal with will never ask you for account numbers and similar data via email.
What other ways do you protect your personally identifiable information?