PII (CAT-MIP-0000000226)
Accepted • 2025-09-19 • by roop
Definition
PII (Personally Identifiable Information) refers to any data that can be used to identify an individual, either on its own or when combined with other information. This includes names, email addresses, phone numbers, government IDs, financial data, and biometric records. In MSP and IT environments, PII must be handled with strict security and compliance controls to meet privacy regulations such as GDPR, HIPAA, or CCPA.
Prompt Examples
- Apply DLP policies to restrict email transmission of PII.
- Report all access to PII records in the past 30 days.
- Scan file shares for unencrypted PII such as SSNs and credit card numbers.
- Which backup sets contain customer PII subject to GDPR?
Agent Execution
When a prompt refers to "PII," the AI agent will:
- Evaluate whether storage, access, and transmission comply with security and privacy policies
- Identify and classify PII using pattern recognition, tags, or predefined rules
- Locate data sources likely to contain PII based on content types or metadata
- Log all actions involving PII discovery, access, or handling for audit and compliance tracking
- Trigger alerts or remediation workflows in the event of unauthorized access or exposure
Synonyms
- Confidential Customer Info
- Identity Data
- Personal Data
- Personally Identifiable Information
- Sensitive Information
Relationships
- PII isMonitoredFor Breach, Misuse, or Unauthorized Access
- PII isProtectedBy Encryption, Access Control, or DLP Policy
- PII isStoredIn Database, CRM, or File System
- PII isSubjectTo Compliance Regulation or Data Policy
- PII mayBeAccessedBy User, Technician, or External System
History
| Date | Author | Reason |
|---|---|---|
| 2025-08-19 | roop | Draft – initial term proposal |
| 2025-09-19 | roop | Accepted – added to CAT-MIP registry |
| 2025-11-25 | jimmypuckett | Correct ID as it conflicted with "Audit Log" |