Personally Identifiable Information (PII)

1. Personally Identifiable Information (PII) An overview January 16, 2008

2. Objective: • Protect personal identity • Combat theft

3. What is PII? • USDA considers PII to be information that can be used to distinguish or trace an individual's identity, such as your social security number or medical records, or information that when combined or used with other identifying information is linked or linkable to a specific individual.

4. Steps to Safeguard Examples include: • Encrypt electronic PII • Remove PII • Restrict access • Confidentiality statement

5. Steps to Safeguard (cont) • Alternate unique identifier • Secure areas only • Transporting/Shipping PII (AS-2137) • Secure destruction (AS-2087) • Terminate system access

6. Encrypting Sensitive/Privacy Data • WinZip • Page 4 “Encrypting” handout • IT Help desk # 690-1000 • IRM-378

7. Shipment of PII • Encrypt before shipping • Prevent inadvertent opening • Signs of tampering apparent • Approved methods: • FedEX and USPS • Exception: single envelope • AD-2137

8. Terminating Info System Access • Terminate access: • Reassigned, separated, deceased • Modify access: • Reassigned within HRD • FSA-13A • IRM-400

9. Breach Policy • One (1) hour • OCIO, Office of Cyber Security • (DM) 3505-000 

10. Personally Identifiable Information (PII) Q & A