What we’re thinking about

Insights, news, and tips from our top tech and business innovators.

How does your organization protect its personal identifiable information (PII)?

Annelore van der Lint | June 3, 2015

protectionEvery year, we file our personal income taxes with the IRS. These filings contain our personal information such as social security number, address, birthdate, and annual income; all personal information that could be used to steal our identities. And that is exactly what happened a week ago, when the IRS became the latest victim of a security breach that gave cybercriminals access to approximately 100,000 personal accounts. With cyber-attacks occurring every day, companies need to rethink about how they store and protect PII. 

Concerns over the recent information breaches has stressed the need for companies to review their privacy and data protection practices. Data protection extends beyond privacy. It gives the individual the right to know what personal data is collected, on what legal grounds, how it is used, how long it is kept and who is keeping it. Organizations that manage large volumes of customer, employee, health or credit card information, will demand higher levels of data protection to ensure that information is secured. It is estimated that in 2015, 50% of global organizations will be subject to privacy audits required by law. There are many solutions available to help organizations conduct company-wide privacy and security risk assessments. However, the biggest challenge in data protection is locating PII.

Every organization houses many terabytes of data that continue to grow exponentially, and this large volume of data is subjected to privacy and data protection regulations. However, in most organizations, there is no clear ownership of this data or where that data lives or what is in that data. With so much data, companies cannot afford the traditional process of sifting through all the data. This is extremely inefficient and can be very costly.

That’s why organizations need to analyze the data that is useful to them. But how do you identify the data that should be kept for regulatory inquiries such as compliance with GDPR rules, litigation and strategic business decisions versus those that need to deleted because they are obsolete?

Download our white paper, Privacy and Data Protection: It all starts with PII, to learn more about how to manage your information and the technologies available to help you identify and safeguard your most valuable asset, your data.

Written by Annelore van der Lint

Connect with Annelore van der Lint on LinkedIn or