Defining and Protecting Personally Identifiable Information (PII)

Personally Identifiable Information (PII)The concern with identity theft and the protection of personal information is always growing.  Companies are collecting more and more detailed information on their customers, clients, and employees- and hackers are finding easier and easier ways to get that information from them.

How much information can someone find out about you?  It’s a great question-and you should wonder about it.  If you do a quick Google search on your name (or the name and/or email you use on any social media account), what do you find?  Try it now- we’ll wait.

I bet you find all your social media accounts; where you’ve lived, and the phone numbers you’ve used; websites and forums that you have participated in; organizations and companies you’ve worked for.  This is all from one simple search.  The less you’ve been concerned about who has your information, the more you’ll find.

It’s this type of information, officially known as Personally Identifiable Information (PII), that hackers are looking for.  That means that it should be as secure as you can make it- especially if it pertains to your business.  One breach, whether it’s a theft or a loss, can cost your company or organization dearly- or even close the doors for good.

What is PII- and how long should my company hold on to it?

Personally Identifiable Information is anything that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.  There’s a lot of things that could be added to this list, but the government and most companies identify these items as PII:

  • Full name (if it’s not a common name i.e. John Smith)
  • Home address
  • Email address (if it’s a private email address from an association, club, membership, etc.)
  • National identification number
  • Vehicle registration plate number
  • Driver’s license number
  • Face, fingerprints, or handwriting
  • Credit card numbers
  • Digital identity
  • Date of birth
  • Birthplace
  • Genetic information
  • Telephone number
  • Login name, screen name, nickname, or handle

     (source: Personally Identifiable Information)

Regardless of the size of your company, the industry you operate in there are specific legal requirements on the federal, state, and local levels governing the use, storage and destruction of this kind of information, and the classification and seriousness of a PII breach varies greatly.

There are also specific retention laws that companies need to consider.  We have compiled a detailed list here, but be sure to contact your legal counsel before destroying any PII.

Store and destroy your files securely

Now that we have defined what PII is, and given you resources on how long to hold onto it before it can be shredded or destroyed, we hope you understand how critical it is for you – and your company – to secure this information.

Storing this information is one thing- you need to limit the access to PII to a select few on your staff.  You can secure the data through a locked filing cabinet, or you can send all your documents to a secure off-site storage facility.  By using an external records storage service, you can guarantee security and reduce the risk of a breach.

PII records, along with confidential business information must be properly destroyed.  Here are a few options that might work well for your business.

Off-site shredding is when a shredding company you choose sends trucks to your location to collect the material you need to be shredded in locked bins.  They transport your files to a secure location and shred them there.

Mobile shredders have industrial shredders mounted in trucks come to your office or facility and shred all the files, records and documents while you watch. This is extremely helpful If you are required to witness the shredding of your documents, and want to ensure that all your PII documents are destroyed.

Both options will ensure that you have a secure, reliable way to destroy your Personally Identifiable Information for your customers and your employees.

If you need secure disposal of your PII Documents, Shred Nations Can Help!

Shred Nations specializes in helping you find the shredding contractor that that’s right for your businesses regardless of the size of the job.  If you’re looking for a quote on document shredding services, please fill out the form to the right, or give us a call at (800) 747-3365.

Within minutes of receiving your request, you will receive quotes to help you select the contractor that fits your situation and your office best.