The Health Insurance Portability and Accountability Act of 1996, in part, required the establishment of national standards for the protection of sensitive personal information when it is electronically submitted. A key factor in determining the sensitivity of information is the context in which the information is used. For example, ssensitive PII is that which, when disclosed, could result in harm to the individual whose name or identity is linked to the information.
The following types of PII are considered sensitive when they are associated with an individual and must be protected when electronically submitted:
- Place of birth
- Date of birth
- Mother’s maiden name
- Biometric information (identification of humans by their characteristics or traits)
- Medical information
- Personal financial information
- Credit card or purchase card account numbers
- Passport numbers
- Potentially sensitive employment information, such as disciplinary actions or personnel ratings
- Criminal history
For more information about HIPPA, visit the Health and Human Services website.