What is 'personal information'?

The Personal Information Protection Act covers personal information. Regardless of whether you are in the cloud, if you use personal information in your business, you need to comply with the privacy law.

Personal information is all information about human beings, identifiable human beings. Person's name, contact information, financial situation, purchase history: All that can be indicated as "This is an identifiable person"

Even if the name is not displayed, it may be personal information. The question is whether there is a reasonable opportunity to identify someone from the message. Also, it does not have to be "secret" or "confidential" - it only needs to be relevant to them.

Information on business practices or policies, trade secrets, and aggregated statistics that do not recognize personal information is usually not personal information. Because there is a possibility that confidentiality or commercial attention may be required, there are times when you may want to protect it. Some aspects of this guide may give you an idea on how to achieve your goals. However, the "Privacy Act" is not important

What kind of personal information is involved? Certain types of personal information are more likely to get injured if infringed. For example, government-issued identifiers (financial information such as Medicare, driver's license number, health information, credit card number and debit card number) are more important than the name and e-mail address of the news subscription list. The combination of personal information is usually more likely to cause harm than a single personal message (eg, if the merger can be used to steal personal information, address, birth date, driver's license number Such).

The theft of personal information is also called a fraud of personal information, it occurs when you use the personal information of another person by mistake and use it illegally. It is often used to earn money, and abusing someone's personal information may make the victim feel infringed, overwhelmed and justified. There may be a warning that you will never carry a social security card, never continuously change the password of your account, or provide personal information by phone, but there may be a slip . In my survey, the most common question I got from victims of personal information theft was "Where is my information leaked?"

Personal information described in the field of US legislation, such as Personal Identification Information (PII) and Confidential Personal Information (SPI) used in Information Security and Privacy Law, used alone or in combination with other information It is possible information. Contact people, find contacts, or identify individuals in the context. The abbreviation PII is widely accepted in the American context, but its abbreviation has four general variants based on identifiable / perceptible / individual / individual. Not all are equal, for legal purposes the effective definition will depend on the jurisdiction and the intended use of the term.

GDPR is suitable for processing personal data. Personal data refers to any information relating to an identified or identifiable natural person ("data subject"). Identifiable natural persons are those who can be identified directly or indirectly by reference, in particular by name, ID number, position data, online identifier, or by reference to one or more of physics, physiology, genetics, psychology, economics, It is. Cultural or social identity