Definition of Personally Identifiable Information (PII)

When you evaluate the security requirements of an application, the sensitivity of the information stored, processed, or transmitted by the application is paramount. You have to handle Personally Identifiable Information (PII) with extra security. PII is personal data that could compromise individuals' privacy or put them at risk of identity theft. You should take extra care with servers that contain PII.

What is PII?

PII includes the following information:

  • A combination of any information that identifies an individual with that individual's sensitive and non-public financial, health, or other data or attribute. This can include a combination of the following elements from an individual:

    • A name, address, or phone number
    • A social security number or other government-issued number
    • A financial account number
    • A date of birth, address, biometric data, or mother's maiden name
    • Other personally identifiable information.
  • Any non-public personal information as defined in the Gramm-Leach-Bliley Act, 15 USC Subchapter 1, §6809(4).

  • Protected health information as defined in the Health Insurance Portability and Accountability Act, 45 CFR §160.103.

Related article

Load Balancers FAQ: SSL termination

Use the Feedback tab to make any comments or ask questions. You can also start a conversation with us.