Differences between revisions 10 and 13 (spanning 3 versions)
Revision 10 as of 2024-02-02 18:39:55
Size: 1759
Editor: DominicRicottone
Comment: Introduction
Revision 13 as of 2026-02-05 21:04:41
Size: 1856
Editor: DominicRicottone
Comment: Reorg
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:

Compare to [[UnitedStates/InformationLaw/PrivateInformation|private information]] and [[UnitedStates/InformationLaw/ProtectedHealthInformation|PHI]].
Line 13: Line 15:
'''Personally Identifiable Information''' is any information that can be used to distringuish or trace an identity, whether alone or when used in connection with other information. '''Personally Identifiable Information''' is any information that can be used to distinguish or trace an identity, whether alone or when used in connection with other information.
Line 27: Line 29:
The [[UnitedStates/InformationLaw/FreedomOfInformationAct|Freedom of Information Act]] defines PII-based restrictions on freedom of information requests.
Line 31: Line 35:
== Department of Defense Privacy Program == == Department of Defense Policies ==
Line 41: Line 45:
----



== Freedom of Information Act ==

The [[UnitedStates/InformationLaw/FreedomOfInformationAct|Freedom of Information Act]] defines PII-based restrictions on freedom of information requests.

Personally Identifiable Information

Personally Identifiable Information (PII) is any information that can uniquely identify a person.

Compare to private information and PHI.

Contents

  1. Personally Identifiable Information
    1. Definition
    2. Federal Regulations
    3. Department of Defense Policies

Definition

Personally Identifiable Information is any information that can be used to distinguish or trace an identity, whether alone or when used in connection with other information.

PHI is a subclass of PII with additional requirements and considerations.

Federal Regulations

The Privacy Act of 1974 established requirements for the federal government's use of PII.

The Federal Information Security Management Act of 2002 (FISMA) identifies security controls on the use of PII. The Office of Management and Budget (OMB) has produced guides and memoranda to further specify the requirements of these acts.

The Freedom of Information Act defines PII-based restrictions on freedom of information requests.

Department of Defense Policies

DoD 5400.11-R defines the Privacy Program which controls the use of PII within the U.S. Department of Defense.

If a PII leak is discovered to have (potentially or actually) occurred, organizations must issue a report...

  • to the United States Computer Emergency Readiness Team (US-CERT) in 1 hour
  • to Component Privacy Office in 24 hours
  • and to the Defense Privacy, Civil Liberties, and Transparency Division in 48 hours

CategoryRicottone

UnitedStates/InformationLaw/PersonallyIdentifiableInformation (last edited 2026-02-05 21:04:41 by DominicRicottone)