Breaches of personally identifiable information (PII) have increased dramatically over the past few years and have resulted in the loss of millions of records. Breaches of PII are hazardous to both individuals and organizations. Individual harms may include identity theft, embarrassment, or blackmail. Organizational harms may include a loss of public trust, legal liability, or high costs to handle the breach. To appropriately protect the confidentiality of PII, organizations should use a risk-based approach. This document provides guidelines for a risk-based approach to protecting the confidentiality of PII.

The attached Zip file includes:

• Intro Page.doc
• Cover Sheet and Terms.pdf
• Guide to Protecting the Confidentiality of PII.pdf