Non-sensitive PII + Sensitive PII = Sensitive PII

Non-sensitive PII refers to any information that is publicly available.  If any of the information is combined with sensitive PII, then it would become sensitive PII.  Some Examples of Non-sensitive PII are:

  • Work phone #
  • Work fax #
  • Work email address
  • Work location

Sensitive PII is personally identifiable information, which if lost, compromised, or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual.  A person’s name in combination with any one of the following:

  • Email Address
  • Home telephone number
  • Place of birth
  • Date of birth
  • Driver’s license number
  • Mother’s maiden name
  • Passport number
  • Financial, medical, or criminal records
  • Biometrics (such as DNA, iris scan, fingerprints)
  • Financial/bank account numbers
  • Personal or government account credit or debit card number
  • Employment information to include ratings, disciplinary actions, performance elements and standards.

Non-Sensitive PII together combined with Sensitive PII = Sensitive PII

Tips for handling PII:


Everyone has the responsibility to protect “PII in any form (physical or electronic, sensitive or non-sensitive) from unauthorized disclosure, modification, or destruction in order to ensure its confidentiality, integrity, and availability.”


PII that is no longer needed should be destroyed in order to reduce risk to your organization (follow record retention schedules).


You should only share sensitive personal information to authorized individuals. If you have doubts about sharing sensitive data, consult with your supervisor or Privacy Manager.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.