Personally Identifiable Information
Frequently Asked Questions
- Email: Use the Encrypted option from your email software (i.e., Gmail, Outlook) as an add-on to securely send email to both internal and external recipients if the file contains PII-related data.
- Email Files: In the event you must attach a file/document, containing your PII, you should zip the files and incorporate password protection. Send two emails to the recipient: one with the password protected and zipped file attached; the other with the password to be used to access the file. Do not send both items in a single email.
- Finally, you should ask the recipient to contact you to confirm they have received the PII file and have been able to successfully access it. You should then delete both emails from your “Sent Items” folder.
Phishing is the fraudulent attempt to obtain sensitive information, such as usernames, passwords, and account details, typically through an email, text message, or even a phone call.
These messages may impersonate a company, charity, or government agency and often make up an urgent request to convince you to sign on to a fake site, open an email attachment containing malware, or respond with personal or account information. The information you provide can be used to commit identity theft or access your account to steal money.
Avoid downloading PII to portable devices (i.e., flash drive, external hard drive, etc.) to reduce the possibility that these devices are stolen.
Lock computers when you step away. Do not share passwords.
A “breach” is defined as loss of control, compromise, unauthorized acquisition, unauthorized access, or any similar term referring to situations where persons other than authorized users and for any reason other than authorized purpose have access or potential access to personally identifiable information, whether physical or electronic.