What Companies Should Know About PII & Protecting It

Share This Post

Personally Identifiable Information (PII) is any data that can be used to identify an individual. This can be done using direct identifiers (name, social security number, etc.) which are unique to an individual, or using quasi-identifiers (date of birth, race, postal code, etc.) which in isolation cannot pinpoint an individual, but in conjunction with multiple other quasi-identifiers can ultimately lead to identification.

Regulatory compliance and PII

The definition of PII changes from country to country across various regulations. There is currently no exhaustive definition as its legal ramifications continue to evolve every year. In some instances, PII is also known or referred to as “personal data” although there is a difference between the two. An example of this is in Europe, where the term “personal data” is defined much broader under the General Data Protection Regulations (GDPR). Under the GDPR, PII is considered as “any information which is related to an identified or identifiable natural person”

For this reason, it is important for businesses to stay up-to-date on annual regulatory changes to be aware of what qualifies as PII and avoid being fined.

Who is responsible for data protection & why is it important?

As consumers continue to demand privacy, the demand for data protection increases. In today’s world, personal data can be used to steal or exploit individual identity so it is imperative that companies incorporate privacy into their workflows. Every business that collects individuals’ data is in turn responsible for protecting that data. 

Whether you’re looking to build an in-house solution to handle your PII, or onboard an external vendor, it’s important to be realistic about the solution’s capabilities and gaps. One misconception is that PII can be 100% removed or scrubbed from a dataset. You can read more about this in Private AI’s whitepaper, which outlines the results of a redaction accuracy technical test.

It’s crucial for companies to understand what and how much PII is being collected from their users, that they should be evaluating their data management protocols and tools, and staying up to date on evolving data protection regulations.

Interested in learning more on how to incorporate privacy into your workflows?
Contact us to learn more.

Subscribe To Our Newsletter

Sign up for Private AI’s mailing list to stay up to date with more fresh content, upcoming events, company news, and more! 

More To Explore


Testé sur un ensemble de données composé de données conversationnelles désordonnées contenant des informations de santé sensibles. Téléchargez notre livre blanc pour plus de détails, ainsi que nos performances en termes d’exactitude et de score F1, ou contactez-nous pour obtenir une copie du code d’évaluation.

99.5%+ Accuracy

Number quoted is the number of PII words missed as a fraction of total number of words. Computed on a 268 thousand word internal test dataset, comprising data from over 50 different sources, including web scrapes, emails and ASR transcripts.

Please contact us for a copy of the code used to compute these metrics, try it yourself here, or download our whitepaper.