Sensitive vs. Non-Sensitive Personally Identifiable Information

Sensitive PII
Personally identifiable information (PII) can be sensitive or non-sensitive. Sensitive personal information
includes legal statistics such as:
 Full name
 Social Security Number (SSN)
 Driver’s license
 Mailing address
 Credit card information
 Passport information
 Financial information
 Medical records
 The above list is by no means exhaustive.

Companies that share data about their clients normally use anonymization techniques to encrypt and
obfuscate the PII, so it is received in a non-personally identifiable form. An insurance company that
shares its clients’ information with a marketing company will mask the sensitive PII included in the data
and leave only information related to the marketing company’s goal.

Non-Sensitive PII
Non-sensitive or indirect PII is easily accessible from public sources like phonebooks, the Internet, and
corporate directories. Examples of non-sensitive or indirect PII include:
 Zip code
 Race
 Gender
 Date of birth
 Place of birth
 Religion
The above list contains quasi-identifiers and examples of non-sensitive information that can be released
to the public. This type of information cannot be used alone to determine an individual’s identity.

However, non-sensitive information, although not delicate, is linkable. This means that non-sensitive
data when used with other personal linkable information, can reveal the identity of an individual. De-
anonymization and re-identification techniques tend to be successful when multiple sets of quasi-
identifiers are pieced together and can be used to distinguish one person from another.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.