As an owner of a company you must deal with the personal information of both your staff and customers. You are required by law to protect the data and ensure it is used properly. However, it is difficult to determine what is considered to be personal information.

It is important to keep in mind that the definition of personal data varies depending on the country and jurisdiction. In general, personal data is any information that can be used to identify the identity of a person. This includes data such as the email address of a person or telephone number, however it includes any other information that could be associated with an individual, making them identifiable. For instance their birth date, their mother’s maiden names biometric data, details about visas and passports, credit card details, and other sensitive data regarding employment (e.g. Performance ratings and discipline records).

Furthermore the information must be able to be identified by others. If it is very difficult for someone else to recognize the information, it is not considered to be personal. This is called the “practicability” test.

The final step in determining whether something is personal is that it must be about a living, identified person. This does not apply to business information such as invoices, orders or any other business documents.

If sensitive personal data is lost, stolen, or disclosed in any other way without authorization, it can be very harmful. It is vital to educate employees on the importance of protecting sensitive PII. You should also make steps to secure the information even when it’s not being used such as by locking off computers that are not being used and burning paper records. It is essential to periodically review the PII in your system, and limit access to those who have a business reason to identification of target audience do this.