Free Essay

Personally Identifiable Information

In: Computers and Technology

Submitted By Stacious
Words 1070
Pages 5
Personally Identifiable Information
IFSM 201

Everyone in today’s society is at risk for identity theft or other fraudulent actions against them using unauthorized use of their personally identifiable information. Luckily, there are many different ways to prevent such actions. The Department of Homeland Security defines” personally identifiable information (PII) as any information that permits the identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual, regardless of whether the individual is a U.S. citizen, legal permanent resident, visitor to the U.S., or employee or contractor to the Department.” (Callahan, 2012).
Some Personally identifiable information that can be used to cause harm on their own are social security number, driver’s license number, password number, alien registration number, etc. Other PII that can be used to cause harm when combined with other information are: name, email address, home address, date of birth, last 4 digits of social security number, mother’s maiden name, account passwords, phone number etc. There are numerous ways to combine someone’s information and gain access to private information.
Unfortunately most PII are not difficult to get access to, because these information are use in everyday activities. Whether it is the doctor’s office that basically has all PII on a person or the lawyers office or a store that a credit card was used to purchase something or the car dealership that copies driver’s license before a test drive. Regrettably, most of these businesses does not know how to protect PII, therefore does not train there staff accordingly. Businesses or reckless in protecting customers PII by; mishandling, leaving the information in un lock cabinets or in plain view on a desk, sending the information through un-secure internet emails or fax or not a high enough security on their computer system making it easy for hackers to get access that information. Just in 2014, numerous companies were hacked including two of the largest retail stores in America, Target Home depot. According to the Washington post “Hackers also grabbed personal information, including names, home addresses and telephone numbers, of up to an additional 70 million Target customers in that attack.” (Douglas, 2014). It was also reported that “The cyber­attack has resulted in 2,400 cards from customers being used in fraudulent transactions so far.” (Douglas, 2014). Similar attacks were also against home depot where millions of customers personal information where compromised. These are just a few examples of what hackers been up to. Protecting ones PII for the most part is intuition, knowing what is sensible, making sure the information is being left in capable hands, kind of like protecting ones baby. It can hard to have to do at times and on the other it can happen by mistake. Like forgetting to shred and important piece of document with PII and it ends up in the wrong hands or leaving the information with someone whom you taught was trustworthy, turns out that person has a different agenda. Some common practices that everyone should participate in regarding PII but do not are: securing personal information in your home, don’t leave a social security on the dining room table, not everyone who visits you have to best intentions. Do not walk with social security number in wallet, this should be common sense unfortunately it is not. Do not leave electronics or other personal information documents in the car, if it must be the car it should be locked in the trunk out of plain view. Do not discuss PII over the phone or forward same information in an email. Do not post sensitive information on social media networks for examples do not create a status saying all your passwords are the same. It is imperative for everyone to know the risk that are involve in using social media and websites. Social media should be treated like a stranger and everyone should act accordingly. The Department of Homeland Security list more technical ways to protect ones PII that may not be so much of a common sense action. For mailings containing a small amount of Sensitive PII materials, Seal Sensitive PII materials in an opaque envelope or container, Mail using the U.S. Postal Service’s First Class Mail, Priority Mail, or an accountable commercial delivery service ,For large data extracts, database transfers, backup tape transfers, Encrypt the data (if possible) and use a receipted delivery service (i.e., Return Receipt, Certified or Registered mail) or a tracking service (e.g., "Track & Return") to ensure secure delivery is made to the appropriate recipient. (Callahan, 2012).
Taking precautions are not always successful with the right amount of motivation any decent hacker can get to the information they want. The hacker may not even get your information from you but a business that you shopped with. The thing is to not make it easy for hackers, maybe after couple tries to crack a password with success the hacker will give up. Make passwords and username unpredictable and change them for each online line account. Always take every precaution that is out there to make sure Personally Identifiable information for as long it they can be. Recklessness can lead to more than one attempt at identity theft and there may no way gain back what was stolen.
Bibliography
Callahan, M. E. (2012, March ). Homeland Security. Retrieved February 25, 2015, from http://www.dhs.gov/sites/default/files/publications/privacy/Guidance/handbookforsafeguardingsensitivePII_march_2012_webversion.pdf
Douglas, D. (2014, January 29). The Washington Post . Retrieved February 25, 2015, from http://www.washingtonpost.com/business/economy/holder-pledges-to-hunt-down-thieves-in-target-breach/2014/01/29/6f97517a-8900-11e3-833c-33098f9e5267_story.html
Identity Theft Resource Center . (n.d.). Retrieved February 25, 2015, from http://www.idtheftcenter.org/ITRC-Surveys-Studies/2014databreaches.html
Tsukayama, H. (2014, April 22). Washington Post . Retrieved February 25, 2015, from http://www.washingtonpost.com/blogs/the-switch/wp/2014/04/22/hackers-are-getting-better-at-offense-companies-arent-getting-better-at-defense/

--------------------------------------------
[ 1 ]. “Without a doubt, 2015 will see more massive takedowns, hacks, and exposure of sensitive personal information like we have witnessed in years past,” said Levin. (Identity Theft Resource Center )
[ 2 ]. "We’ve got a lagging situation here, where businesses are not acting quick enough to keep up with the capabilities of threat actors,” said David Burg, the global and U.S. advisory cybersecurity leader at PricewaterhouseCoopers (PwC). (Tsukayama, 2014)…...

Similar Documents

Premium Essay

Information Technology Acts Paper1

...Information Technology Acts Financial Services Modernization Act Of 1999 Can what happened during the Great Depression ever happen again? They are not sure. As a country, they have taken steps to decrease the extent of damage something like this could ever do again. The technological systems used today for tracking, maintaining, and storing data are much more complex, complicated, of larger capacity, and in need of complex laws to protect the information. To understand the full reasoning behind the need for this act we can look at what happened during the great depression. At that time, there were banks participating in brokerage and investment services without any oversight or regulation. When the Great Depression happened the impact it had on society, individuals, families, the economy, and the nation itself was of significant magnitude. Many people, companies, and businessmen lost everything they owned, their lives savings gone forever; banks closed and went bankrupt. Some men took their own lives over the monumental financial loss. In 1933 Congress passed the Glass-Steagall Act that prohibited commercial banks from taking these additional risks with security transactions. This helped protect people who kept their lives savings and earnings with the bank. Decades later while struggling during economic turns, financial leaders believed that if businesses could collaborate it would give them profitable divisions during downturns’ and therefore escape major......

Words: 1053 - Pages: 5

Premium Essay

Dlis Information Security Risk Assessment

...Assessment and Management Table 6 COMPLIANCE LAWS AND REGULATIONS 8 PROPOSED SCHEDULE 9 Risk Management Plan Approvals 10 * Department: Information Technology Product or Process: Risk Management Document Owner: Battle Creek, MI IT Version | Date | Author | Change Description | 0.1 | 1/6/14 | RFranklin | Initial Draft | 0.2 | 01/12/14 | RFranklin | Revision 1 | 0.3 | 1/13/14 | RFranklin | Revision 2 | * Project Risk Management Plan Purpose and Scope The purpose of this Risk Management Plan is to identify the strategies, methods, and procedures to be used within the Michigan Air National Guard, Battle Creek, Michigan supply chain in identifying, evaluating, and mitigating the risk involved in daily and long term operations. All Department of Defense and federal agencies must at least comply with the minimum standards set forth in Law, DOD directives, branch of service regulations, and local base regulations. This plan provides local guidelines for applying the FISMA standards using the NIST guidelines and procedures. The Scope of this plan is limited to the Michigan Air National Guard facilities, Battle Creek Michigan Information Technology facilities which need to be in compliance with the Defense Logistics Information Service policy. This limits the scope of this plan to the logistics supply chain regarding this facility, and does not include other systems such as payroll, base security,......

Words: 1209 - Pages: 5

Free Essay

Personal Identifiable Information in Today’s Age

...Personal Identifiable Information in Today’s Age Problem Statement Personal Identifiable Information (PII) is sensitive data of a person’s identity. If mishandled, this information can result in identity theft. There have been millions of consumers who have had their identity compromised from misuse or lost PII. To adequately protect PII, one must understand what it is. PII is information that can distinguish or trace a person identity. A few examples such as, a person’s Social Security number, age, home and office phone numbers are forms of PII. While the Social Security card is a distinctive document linking a person’s name and Social Security number, when associated with other forms of PII, as previously mentioned, it creates a high risk to the individual and eventually can lead to identity theft (Department of Defense, 2012). To assist consumers with identity theft government officials have established a Task Force and initiated several Acts to protect consumers. End Personal Identifiable Information in Today’s Age Information in today’s age is becoming easily accessible to many people. The Internet is just one resource that can provide information about a person. Internet search engines, such as Google provide a wealth of information, if used properly about a person. It is vital for the public and private sector to be aware and protect critical information from unwanted hands, if used illegally can cause damage to person’s identity. Besides search engines,......

Words: 953 - Pages: 4

Free Essay

Personally Identifiable Information (Pii) and Data Breaches

...Personally Identifiable Information (PII) and Data Breaches By Stevie D. Diggs University Maryland University College IFSM201 Section 7974 Semester 1309 Personally Identifiable Information (PII) and Data Breaches Knowing and training on personally identifiable information (PII) is important in today’s society. There has been research on data breaches and identity theft that links them both together. This is to help personnel have a clear understanding on the impact of what is at steak and an explanation of PII. Many businesses and organizations have different definition for PII because of the classification of data for each, and that is why understanding PII is important. Examples of PII include, but are not limited to the following: full name, maiden name, mother‘s maiden name, or alias; personal identification number, social security number (SSN), passport number, driver‘s license number, taxpayer identification number, or financial account or credit card number; address information, street address or email address; personal characteristics, including photographic image, fingerprints, handwriting, or other biometric data. How do you protect PII? Who has access to PII? Who are affected by data breaches and identity theft? How to prevent data breaches and identity theft? The research introduced in this essay is from Verizon along with multiple articles involving military and organizations. PII is defined definitely by military and organizations. Training along with......

Words: 1541 - Pages: 7

Premium Essay

Information

...There are Information Systems and Applications use by different parts of an organization. The ones that will be discussed in this essay are: Accounting, Finance, and Human Resource Department. The different systems that interchange within the organization’s departments are: Management Information System, Enterprise Resource Planning System, and the Expert System. Each of these systems help management had access to important information that help make changes on the organization’s productivities and uses the information to make changes within the organization and all business decisions. For example, the production plans and production results are inputs to the budgeting and accounting system (for financial planning) and the human resources systems (for staffing, training, etc.). The systems use a blend of computer and communications, hardware and software, human-machine interaction, and internal and external sources of data. A management information system (MIS) is a system or process that provides the information necessary to manage an organization effectively. MIS is viewed and used at many levels by management. It should be supportive of an organization’s longer term strategic goals and objectives. It is also those everyday financial accounting systems that are used to ensure basic control is maintained over financial recordkeeping activities. Financial accounting systems are an important functional element or part of the total MIS structure. An Enterprise Resource......

Words: 447 - Pages: 2

Premium Essay

Information

...those words, but essentially.  It is important to understand that many (probably most) people of faith believe in the healing power of God more than they believe in the healing power of someone with letters at the end of their name.  David States, “God certainly uses healthcare professionals to administer healing.  But God is still the final authority.” So specifically, don't ridicule, belittle, patronize or discount a person’s faith. There are issues found when experiencing health care concerns and that health care professionals should be humble.  Some found often are not.  When dealing with someone who believes in God, respecting that person and their religion involves leaving one's own god-complex in the waiting room.  If one does not personally hold a given faith, at least allow for the possibility that one does not know everything.  Be clinical with co-workers, be compassionate with patients.  Have patience with patients. Lutherans use simple principles of humility and found it is useful even when dealing with patients who are not religious. This can be especially true even more essential when dealing with those of deep faith.  For example, when someone who is terminally ill has little hope outside of their faith, a doctor who is casually dismissive is an external authority figure who is, in effect, attacking that hope.  Not just for the possibility of miraculous healing, but also the hope of life after death.  Now a person of deep faith won't be shaken by such an......

Words: 1292 - Pages: 6

Premium Essay

Health Information

...maintain or improving their health. - Health care practitioners: uses it as a primary means of communications among themselves. - Health Care providers and Administrators: uses the data to evaluate care, monitor the use of resources, and receive payment for services rendered. Administrators analyze financial and patient case mix information for business planning and marketing activities - Third party payers: the data become the basis for determining the appropriate payment to be made. - Utilization and case managers: uses it to coordinate care so that the patient is cared for in the most clinically cost-effective manner. - Quality of care committees: use the information as a basis for analysis, study, and evaluation of the quality of care given to the patient. - Accrediting, licensing, and certifying agencies: use the record to provide public assurance that quality health care is being provided. - Governmental agencies and public health: to determine the appropriate use of the governmental financial resources for health care facilities and educational and correctional institutions - Health information exchanges: provides patient centered care that improves quality, safety, efficiency, timeliness and accessibility - Employer: used to access job related conditions and injuries and to determine occupational hazards that may impede effective performance in the work place. - Attorney and Courts: use the records as......

Words: 3416 - Pages: 14

Free Essay

Information Systems

...to understand how your personal information will be treated as you make full use of the Forbes.com website and services. The Forbes.com website is owned and operated by Forbes.com LLC. Forbes has been awarded TRUSTe's Privacy Seal signifying that this privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe's program requirements including transparency, accountability and choice regarding the collection and use of your personal information. TRUSTe's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy trustmark and innovative trust solutions. If you have questions or complaints regarding our privacy policy or practices, please contact us by email at privacy@forbes.com. If you are not satisfied with our response you can contact TRUSTe here. Forbes complies with the U.S. - E.U. Safe Harbor Framework and the U.S. - Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Forbes has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Forbes' certification, please visit http://www.export.gov/safeharbor/. The TRUSTe program covers only information that is collected through this......

Words: 4264 - Pages: 18

Premium Essay

Pornography Benefits Women Bth Personally and Politically

...Pornography benefits women, both personally and politically (McElroy.W 1995. XXX: A Women’s Right to Pornography). Comment on this statement examining both sides of the argument. Pornography is any type of material that depicts erotic behaviour and is intended to cause sexual excitement in its audience. It is an issue that has been under constant debate in our society and there are many arguments for and against pornography it has been extensively debated whether pornographic material should be legally protected or banned. Those who believe pornography must be protected argue that the First Amendment to the U.S. Constitution guarantees freedom of expression, including sexual expression. A strong defender to this view is McElroy, who reflects this in her writing of “XXX: A Woman’s Right to Pornography”. Opponents of McElroy’s view raise moral concerns, arguing that the First Amendment does not protect expression that corrupts people's behaviour, therefore defending the suppression of pornography because it perpetuates gender stereotypes, as women are reduced to nothing more than sex objects which promotes violence against women and that men are viewed as “naturally” oppressive and violent and they are ruled by their sexual natures. Opponents also believe that even if pornography is viewed as speech it should be treated as a low value form of speech that is not entitled to First Amendment protection. According to the Radical feminist view, men are socialized to have sexual......

Words: 4001 - Pages: 17

Premium Essay

Personally Responsible Students

...Personally Responsible Students Katherine Poppell GEN/201 October 27, 2014 David Schemerhorn Personally Responsible Students The phrase “personal responsibility” simply means taking care of ones’ own life in every aspect without succumbing to fears or to the distractions of the outside world. In order to become a master student and achieve the goals a person has set for himself or herself, he or she must first have an internally defined level of personal responsibility. To that end, becoming a master student starts with taking control of ones’ own life. Such control includes becoming fiscally responsible as well as demonstrating emotional maturity. There are two ways to do this, planning and organizing. While some people may find it easy to plan and organize their task, others do not so it may require more work. One has to learn how to be prepared in your studies by setting goals, understanding what your learning style may be, highlighting and underlining your readings and notes; Time management as far as your readings and taking time to understand your studies, and using your critical thinking skills along with communicating your thoughts both verbally and in writing. Goal Setting and Time Management One of the many things we have learned during our introductory course into online school while attending the University of Phoenix is the importance of setting goals, prioritizing them, and the importance of......

Words: 1095 - Pages: 5

Premium Essay

Information Security

...effect date, April 21, 2000, affects U. S. commercial Web sites and third-party commercial Web sites that schools permit their students to access. "COPPA requires "operators of websites or online services directed to children and operators of websites or online services who have actual knowledge that the person from whom they seek information is a child (1) To post prominent links on their websites to a notice of how they collect, use, and/or disclose personal information from children; (2) With certain exceptions, to notify parents that they wish to collect information from their children and obtain parental consent prior to collecting, using, and/or disclosing such information; (3) Not to condition a child's participation in online activities on the provision of more personal information than is reasonably necessary to participate in the activity; (4) To allow parents the opportunity to review and/or have their children's information deleted from the operator’s database and to prohibit further collection from the child; and (5) To establish procedures to protect the confidentiality, security, and integrity of personal information they collect from children. Non-profit sites are not included in the act; however, many are voluntarily complying. The Children's Internet Protection Act went into effect April 20, 2001, requiring that schools and libraries that receive certain types of federal technology funding have safe-use Internet policies. The policies......

Words: 2799 - Pages: 12

Premium Essay

Information Security Challenge

... Information Security Challenge February 17, 2010 Information Security Challenges As the world becomes more saturated and dependent upon Information Access, increased opportunities await the criminal element to exploit. This creates new and more costly problem sets that must be mitigated in order to navigate in today’s business world. One of the larger challenges is, entering the criminal information market does not take an excessive capital investment. It simply requires a computer, online access and some talent. Potentiating this problem is the large legitimate market of information brokers that gather marked amounts of information today. This allows for the integration of legal identifiable information to augment those criminal activities. From far away places like Russia, Belarus and Nigeria, scores of criminal associations scour the Internet in search of information and opportunities to be used in identity theft, malware insertion or extortion through complete denial of service (DOS), (Higgins, 2008). The Bigger They are… the Harder They Fall Most of us have seen it in the news, “Veterans Administration loses Personally Identifiable Information (PII)”, “Bank of America (BOA) loses account numbers” etc… At first it seems minor but after investigation it turns out to be large amounts of PII lost (O’Brien, 2008). The criminals focus on big companies (mostly point of sale functions) as they are the slowest to adapt to change and they......

Words: 2242 - Pages: 9

Free Essay

Legal Issues in Information Security

...1. Did CardSystems Solutions break any federal or state laws? Yes, they deemed to be in violation of FTC ACT 15, U.S.C 41-58 2. In June 2004, an external auditor certified CardSystems Solutions as Payment Card Industry Data Security Standards-(PCI DSS) compliant. What is your assessment of the auditor’s findings? I personally disagreed with the auditors findings. If CardSysytems Solutions per the report were indeed deemed compliant, proper IP firewalls and antivirus programs would have been active as PCI DSS requires a firewall and an up to date anti-virus which CardSystem Solutions did not. 3. Can CardSystems Solutions sue the auditor for not performing his or her tasks and deliverables with accuracy? Do you recommend that CardSystem Solutions pursue this avenue? No. In 2004 they were PCI DSS compliant. At the time of the attack in June of 2005, they were not certified compliant. 4. Who do you think is negligent in this case study and why? CardSystems Solutions have to be considered the negligent party in the case. CardSystems Solutions is a high profiled company that is expected to comply with the regulations and requirements for properly protecting and storing private and secure data. 5. Do the actions of CardSystems Solutions warrant an “unfair trade practice” designation as stated by the FTC? Yes I believe it should 6. What security policies do you recommend to help with monitoring, enforcing, and ensuring PCI DSS compliance? SNMP......

Words: 437 - Pages: 2

Premium Essay

Information Privacy Law

...This essay discuss the Privacy Act of 1974, the Information Privacy Law, Electronic Communications Privacy Act, and other laws and provisions designed to protect an individual’s privacy. In this essay I will also discuss the importance on trust and integrity in the work environment. As communication technology expands, and the possibility of accessing that technology has grow increasingly less challenging to gain, it has become more difficult to protect personal information and the use of an individual’s personal information. Whether this information is used for business, consensus, personal, educational, or even fraudulent reasons, the Individual’s right to control his or her personal information held by others has grown into an enormous concern for most people over the age of eighteen. Additionally, considering the average age for acceptance to most internet social forums and email accounts is thirteen years old, the concern for personal information security can begin even before puberty. In this essay I will also discuss how Legislation and Law makers are have and are continuing to attempt to protect information privacy as new technologies and new institutional procedures arise. This essay will talk about but not go into great detail about how the information privacy is covered in the American Constitution, the provisions for this law, and the conditions of disclosure for this law. Because the Privacy act of 1974 does not cover in great depth email and communications......

Words: 1995 - Pages: 8

Free Essay

Personal Identifiable Information

...PII And Ethics Research Paper Jadrrih PII is an abbreviation that stands for Personal Identifiable Information as used in information security. This is information that can be used to identify, contact or locate a single person. Ethics are the standards set in place in order to distinguish right from wrong. As important as PII is in the modern information technology, it has its advantage, disadvantage and ethical issues. PII comes in handy in modern technology. The most commonly used information to identify individuals are ID and drivers numbers, social security numbers, vehicles registration number, date of birth, biometrics, facial recognition to name a few. If PII did not exist, it would be incredibly hard to narrow down and individual since many people share names. There are some advantages that tie in with PII when it comes to the purpose of distinguishing individual identity. Big corporations find PII important identifying their employees. For example most companies have employee ID which is unique from one employee to another. Government officials need to use PII to search and identify and distinguish individuals in their large data base. For example, all legal US residences have a social security number that identifies an individual. In forensic, PII is important to help track down and identify criminals. This identity can be obtained through facial recognition and finger prints resulting in a selective revelation of one’s......

Words: 765 - Pages: 4