Understanding PII in the Age of Data Privacy

Personally Identifiable Information, or PII, is data that can be used to identify an individual. For a user of your product, their PII is the data that they input to identify themselves when creating an account, such as an email address or a phone number.  

PII data can be further broken down into “linkable” and “unlinkable” data. Generalized data that describes a person’s identity, such as gender, age, date of birth, geolocation, income or anything else that cannot be used to directly identify a specific individual is considered unlinkable. Unique data elements such as a name, address, email, social security number or other information that can be used to directly identify a specific individual  is considered linkable data.

As businesses have started to collect more data on their users through the proliferation of cloud-based apps and services, governments have introduced new data regulations to ensure that companies are taking measures to protect that data. The EU’s GDPR and California’s CCPA stepped in to regulate the way that personal data is collected, stored and transacted. These regulations have broadened the definition of PII and have required companies to rethink how they collect, store and process PII.

In many cases, companies have had to make significant investments to build completely new processes and adopt new technologies in order to understand what PII they collect and how it travels throughout their organization. Oftentimes this means rearchitecting their data stores or data lakes in order to have a finer grain of control over how PII is accessed and used. For many companies, this has resulted in a patchwork of data privacy solutions that has created more overhead without offering additional protection for PII.

Because PII is a fundamental part of how customers use products, companies need an efficient way to use PII without putting the data at risk. This requires a new approach that re-thinks how PII data is stored and used throughout an organization. Businesses should be able to protect their sensitive data without losing its utility.

At Skyflow, we’ve developed a zero-trust data security and privacy platform that uses privacy-preserving technology to protect PII data while allowing companies to use it to drive business growth. Businesses can store their sensitive data in an isolated, centralized data store and reduce the amount of PII that they store in other applications and systems. This approach reduces the overall exposure of PII within your systems and isolates it to a central store that can be governed with granular access policies.

If you want to learn more about how Skyflow’s vault technology can help you manage and protect PII, feel free to reach out.