Whitepaper: Using Information Stewardship within Government to Protect PII - 71002

Loss and theft of Personally Identifiable Information (PII) from government, military and defense organizations continues to be a significant problem. Given the amount of attention to this area and the wealth of standards and technology available – why do these leaks still occur? This document considers the sources of leakage and describes how better information stewardship based on information centric security is essential to manage these risks. 

According to the National Institute for Standards and Technology (NIST), examples of PII include, but are not limited to:

Name, such as full name, maiden name, mother‘s maiden name, or alias;

Personal identification number, such as social security number (SSN), passport number, driver‘s license number, taxpayer identification number, or financial account or credit card number;

Address information, such as street address or email address;

Personal characteristics, including photographic image (especially of face or other identifying characteristic), fingerprints, handwriting, or other biometric data (e.g., retina scan, voice signature, facial geometry);

Information about an individual that is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information)...