Protecting Electronic Personally Identifiable Information (PII)

government compliance and data destruction—securing electronic personally identifiable information, or PIIAnything can be purchased on the internet, from plane tickets to clothing to groceries. It’s becoming commonplace (and tremendously easy) to submit contact information and a credit card number and have anything delivered to your door in a matter of days.

It is every company’s responsibility to take the necessary steps to ensure that this information is secured and protected from the time they receive it until the time it’s destroyed, regardless of whether or not it’s stored electronically or in hard-copy format.

Before your company collects personally identifiable information (PII) from your website, emails, or any other electronic source, be sure that you’re protecting it with appropriate procedures and encryption methods to avoid a data breach that could cost your company millions.

How is Electronic PII Defined?

We define PII and talk about retention times in more detail here, but simply put, personally identifiable information is anything that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

Here’s some examples of PII that your company might be knowingly (or unknowingly) collecting and/or tracking:

    • Personally Identifying InformationCredit card/bank account numbers
    • Home address
    • Geo-location data
    • Mapping data
    • Mobile app user data
    • Web tracking, user preference and experience cookies, logs (i.e. IP addresses, analytics, etc)
    • Email addresses
    • Phone numbers
    • Video/audio (including live cams)
    • Comments (on Facebook, blogs, etc)
    • Photos of people

Any company can have a website, but not every company protects it the way they should. If you are collecting this data, be sure that you’re protecting your company and your customers by utilizing proper encryption methods and preventative procedures to avoid litigation from a data breach.

Protecting Electronic PII

Securing any PII or electronic data can be quite a challenge depending on the capacity of your online security and the amount of data you need to protect. Below is a summary of an excellent article on protecting electronic restricted data from the University of California Santa Cruz. Utilize some or all of these techniques to ensure your information is protected:

    • Securely delete PII when there is no longer a business need for its retention. Include email, old versions of files, archives, copies, backups, etc. Be sure to securely shred all hard drives or media when disposing of any equipment
    • Shred Your PIITruncate, de-identify or redact PII that you need to retain whenever possible
    • Implement a hierarchy of authorized users with increased levels of security for more sensitive information
    • Use strong passwords that can’t be easily guessed, and protect them
    • Schedule regular updates for your software and anti-virus programs
    • Use proper physical security for all workstations and offices
    • Secure laptop computers and mobile devices at all times
    • Protect information when using the internet and email
    • Beware of scams and phishing schemes aimed at getting PII
    • Don’t install unknown or unsolicited programs on your computer

Get more details here—but the best advice that anyone can give on protecting electronic PII is:

The best way to protect restricted data (PII) is not to have it in the first place.”

Do you need hard drive or product shredding services? Shred Nations can Help!

Shred Nations offers hard drive destruction services and hard drive shredding services that ensure all data is completely unrecoverable. Our trained staff of specialists can help you decide what the best course of action is for your secure hard drive destruction project.

Shred Nations has a network of contractors who can come to your location, or you can ship your drives to a secure facility to be destroyed. You can also get a certificate of destruction that details when and where the hard drive was destroyed. The bits are separated into component parts and recycled.

To get started, fill out the form to the right, or give us a call at (800) 747-3365 for a free, no obligation quote on services near you.