Sensitive PII
Personally identifiable information (PII) can be sensitive or non-sensitive. Sensitive personal information
includes legal statistics such as:
Full name
Social Security Number (SSN)
Driver’s license
Mailing address
Credit card information
Passport information
Financial information
Medical records
The above list is by no means exhaustive.
Companies that share data about their clients normally use anonymization techniques to encrypt and
obfuscate the PII, so it is received in a non-personally identifiable form. An insurance company that
shares its clients’ information with a marketing company will mask the sensitive PII included in the data
and leave only information related to the marketing company’s goal.
Non-Sensitive PII
Non-sensitive or indirect PII is easily accessible from public sources like phonebooks, the Internet, and
corporate directories. Examples of non-sensitive or indirect PII include:
Zip code
Race
Gender
Date of birth
Place of birth
Religion
The above list contains quasi-identifiers and examples of non-sensitive information that can be released
to the public. This type of information cannot be used alone to determine an individual’s identity.
However, non-sensitive information, although not delicate, is linkable. This means that non-sensitive
data when used with other personal linkable information, can reveal the identity of an individual. De-
anonymization and re-identification techniques tend to be successful when multiple sets of quasi-
identifiers are pieced together and can be used to distinguish one person from another.