Access to protected PII must be restricted to only those employees who need it to perform duties in connection with the scope of their work at the college. Protected PII must be protected, and properly stored and disposed of. Examples of protected PII include, but are not limited to:
“Non-sensitive PII is information that is not linked or closely associated with protected PII that, by itself, could not reasonably be expected to result in personal harm” U.S. Department of Labor. Examples of non-sensitive PII include, but are not limited to:
However, in some circumstances, providing a combination of multiple items in the non-sensitive PII could potentially result as protected PII.
On occasion, a student, employee, or vendor may email protected PII. In these instances, you should email the individual and inform them of the proper avenue to share their protected PII. Additionally, you must immediately delete and empty your email trash. Below is an example of an excerpt to communicate the process.
For more information, please review the U.S. Department of Labor’s Guide on the Handling and Protection of Personally Identifiable Information (PII).