Analyze your data usage with Opendatasoft’s new data lineage feature

Learn more
Glossary

Personal Data

Personal data (or personally identifiable information (PII)) is information that relates to an identified or identifiable individual.

What is personal data?

Personal data (or personally identifiable information (PII)) is information that relates to an identified or identifiable individual. If different pieces of information collected together can lead to someone being directly or indirectly identifiable, then this also constitutes personal data.

Personal data can include the following:

  • Name
  • Gender/sexual orientation
  • Address
  • Telephone number
  • Date of birth
  • Email address
  • IP address and geolocation data
  • Internet browsing history/cookie identifiers
  • ID number/passport/driver’s license social security number
  • Sexual orientation/racial background
  • Credit or debit card number, bank account details
  • Employee records
  • Photos/video footage, as collected by CCTV
  • Biometric data such as fingerprints, iris scans
  • Health data/records and genetic data
  • Information on a person’s religious or philosophical beliefs

If it is possible to identify an individual directly from the information you are processing, even by making inferences between different data sources, then that information may be personal data.

Personal data subdivides into two groups:

  • Sensitive data – private data that if revealed could cause harm to an individual
  • Non-sensitive data – data that is personal, but is freely available through multiple sources (such as public records, phone books, corporate directories and websites.)

Both of these types of data must be protected and handled securely and in line with regulations and best practice.

Why is personal data important?

Use of personal data delivers benefits both to the individual involved, and to organizations. For example it can be used to deliver a personalized service to a consumer, such as targeting specific groups with particular products or offers.

However, it can be used to target people more insidiously, such as through adverts on social media based on posts individuals have viewed/liked or even profiling and discriminating against specific groups (such as charging different groups higher prices). Many digital companies (such as free social media networks) have built their business models on collecting personal data from consumers, and selling this information to advertisers who use it to target consumers with their products and services.

In the worst case scenario if personal data is stolen or leaked to hackers or criminals it can lead to identity theft, bank fraud, the threat of personal harm and other serious offenses. It is therefore vital to ensure that any personal data a company collects is protected and kept secure, especially if it is sensitive personal data.

What regulations affect personal data?

Driven by concerns about privacy and misuse of personal data, governments around the globe have implemented regulations around the collection, usage and protection of personal data. These seek to provide consumers with more control over their personal data and how it is used by third-parties.

Current regulations include:

Often, these regulations are backed by significant penalties for non-compliance. For example, under GDPR, organizations can be fined 4% of annual global revenue or €20 million for significant breaches.

The overall trend is for greater regulation around personal data, as more countries and states implement legislation that is predominantly based on the principles within the GDPR and CCPA.

How should organizations protect personal data?

Failing to protect personal data has serious consequences for organizations, including:

  • Legal action and fines under legislation such as GDPR and CCPA, as well as potential class-action lawsuits
  • Reputational damage, impacting customer loyalty, revenues and share price

Companies therefore need to protect personal data through:

  • Strong security and encryption to prevent hackers gaining access to personal data
  • Effective, documented data governance policies that specify who has access to particular data at a dataset and granular level, where it is stored and how it is transported
  • Constant monitoring and logging to provide a record of who has accessed specific data/datasets
  • The use of techniques such as anonymization and pseudonymisation to avoid the possibilities that data can be used to accidentally identify individuals

 

Download the ebook making data widely accessible and usable

Learn more

How local government can build trust through transparent data sharing Open data & transparency
How local government can build trust through transparent data sharing

Around the world, trust levels between government organizations and citizens are dropping. Rebuilding trust relies on greater transparency - we explore the importance of data sharing to the process and outline how municipalities can create effective open data portals to strengthen engagement with their stakeholders.

What are the essential features for your data portal? Data access
What are the essential features for your data portal?

Data portals are the heart of effective data sharing programs to democratize data. But what features should you look for in your portal to maximize usage and sharing? Our blog explains why success starts with a focus on the user experience.

Data interoperability, an essential component of becoming a data-centric business Digital transformation
Data interoperability, an essential component of becoming a data-centric business

How can you ensure that your data can be reused by everyone, regardless of their skills or the tools they use? This blog explains how to put in place a framework that enables you to offer interoperable data to all your stakeholders.

How local government can build trust through transparent data sharing Open data & transparency
How local government can build trust through transparent data sharing

Around the world, trust levels between government organizations and citizens are dropping. Rebuilding trust relies on greater transparency - we explore the importance of data sharing to the process and outline how municipalities can create effective open data portals to strengthen engagement with their stakeholders.

What are the essential features for your data portal? Data access
What are the essential features for your data portal?

Data portals are the heart of effective data sharing programs to democratize data. But what features should you look for in your portal to maximize usage and sharing? Our blog explains why success starts with a focus on the user experience.

Data interoperability, an essential component of becoming a data-centric business Digital transformation
Data interoperability, an essential component of becoming a data-centric business

How can you ensure that your data can be reused by everyone, regardless of their skills or the tools they use? This blog explains how to put in place a framework that enables you to offer interoperable data to all your stakeholders.

Start creating the best data experiences

Request a demo