What is Sensitive Data?
Sensitive information is confidential data that must be kept secure and out of the hands of anybody who does not have authorization to see it. Access to sensitive data should be limited to certain personnel within your company and kept secure to prevent data leaks and data breaches. In recent years, there has been an increased regulatory scrutiny over how companies handle sensitive data. Organisations and firms need to have in place procedures that processes and handles data securely as well as manage third-party vendors and cyber Security. Ignoring the aforementioned points could result in a business being fined up to $4 million.
What is classified as sensitive data? All data containing the following elements, whether original or duplicated, is considered sensitive information. • • • • • • •
Personal information Protected Health Information (PHI) Education records Customer information Card holder data Confidential personnel information Confidential information
What is personal data? Personal information (or personal data) is information that can identify an individual. According to GDPR, this information can include a person's name, surname, phone number, social security number, or any other personally identifiable information (PII). This is different to anonymous data, or non-directly identifiable information, which