Almost every business processes private information (also known as personally identifiable data or PII) within normal surgical procedures. This includes buyer names, credit greeting card numbers and even more. Different info privacy laws and regulations have differing definitions so that qualifies as personal organization information, consequently it’s essential to understand how these types of laws apply at your business. If sensitive information falls in to the wrong hands, it can lead to identity fraud, ransomware and even more.

To be viewed as personal organization details, the data need to relate to one person in some way. This doesn’t have for being true, but it surely should be possible to distinguish the individual through the information. Is also not limited to drafted and recorded data just like photographs, movies, audio songs or documents — personal business info can be conveyed verbally as well.

As businesses collect even more types of personal data, they must know how to categorize it and how the information relates to individuals. It can be easy to get confused, especially as new types info are added to the list. The best rule of thumb is to request whether the data identifies a specific individual and how.

It’s important too to have a program in place to inventory all of the personal business information your small business has. This can include a full search of file cabinets and computer systems, along with mobile devices, expensive drives, home personal computers and digital copiers. A complete inventory will help you decide where delicate information is stored, enabling you to implement right controls.