Reid Houser, Head of Global Compliance & Privacy Officer at Sitel Group, explains what type of personal information will be affected by the General Data Protection Regulation.
Personal data, or Personally Identifiable Information (PII) as it is more commonly known in the regulation, is any piece of information that can identify an individual, either directly or indirectly. For example, if I have your name, your address, your home phone number, your cell phone number, or any other pieces of information that I can use to identify you, that’s PII. Personal Identifiable Information needs to be secure at all times. The rule also defines Sensitive Personal Information, which can include social security numbers, credit card information, sexual orientation or union membership. That type of data must be encrypted when in transit, and when it comes to rest.