Browse Definitions :
Definition

sensitive information

Ivy Wigmore
By

Sensitive information is data that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization.

There are three main types of sensitive information:

Personal information: Sensitive personally identifiable information (PII) is data that can be traced back to an individual and that, if disclosed, could result in harm to that person. Such information includes biometric data, medical information, personally identifiable financial information (PIFI) and unique identifiers such as passport or Social Security numbers. Threats include not only crimes such as identity theft but also disclosure of personal information that the individual would prefer remained private. Sensitive PII should be encrypted both in transit and at rest.

Business information: Sensitive business information includes anything that poses a risk to the company in question if discovered by a competitor or the general public. Such information includes trade secrets, acquisition plans, financial data and supplier and customer information, among other possibilities. With the ever-increasing amount of data generated by businesses, methods of protecting corporate information from unauthorized access are becoming integral to corporate security.  These methods include metadata management and document sanitization.

Classified information: Classified information pertains to a government body and is restricted according to level of sensitivity (for example, restricted, confidential, secret and top secret). Information is generally classified to protect security. Once the risk of harm has passed or decreased, classified information may be declassified and, possibly, made public.

This was last updated in August 2014

Continue Reading About sensitive information

Networking
Security
  • PCI DSS 12 requirements

    The PCI DSS 12 requirements are a set of security controls businesses must implement to protect credit card data and comply with ...

  • cardholder data (CD)

    Cardholder data (CD) is any personally identifiable information (PII) associated with a person who has a credit or debit card.

  • PCI DSS merchant levels

    Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per ...

CIO
  • systems thinking

    Systems thinking is a holistic approach to analysis that focuses on the way that a system's constituent parts interrelate and how...

  • crowdsourcing

    Crowdsourcing is the practice of turning to a body of people to obtain needed knowledge, goods or services.

  • synthetic data

    Synthetic data is information that's artificially manufactured rather than generated by real-world events.

HRSoftware
  • employee engagement

    Employee engagement is the emotional and professional connection an employee feels toward their organization, colleagues and work.

  • talent pool

    A talent pool is a database of job candidates who have the potential to meet an organization's immediate and long-term needs.

  • diversity, equity and inclusion (DEI)

    Diversity, equity and inclusion is a term used to describe policies and programs that promote the representation and ...

Customer Experience
  • needs assessment

    A needs assessment is a systematic process that examines what criteria must be met in order to reach a desired outcome.

  • customer touchpoint

    A customer touchpoint is any direct or indirect contact a customer has with a brand.

  • customer service charter

    A customer service charter is a document that outlines how an organization promises to work with its customers along with ...

Close