Protecting Personal Business Information

The term personal business refers to the tasks or responsibilities the individual or company manages on their own, for example, managing finances, managing household chores, or arranging appointments. It could also mean starting and running a business according to one’s capabilities or interests, as a sole proprietor.

While privacy laws regarding data vary from countries to countries and states to state however, they all have the same definitions for what constitutes personal information. The CCPA and Connecticut’s law, for instance, define personal data as information that is linked or connected to an identifiable individual with the exception of de-identified data or publicly available information. The CCPA also includes a category for sensitive personal information that requires greater protection than any other type of data.

It’s crucial to know how much data is stored within your company and where it’s located. This can be done by conducting a full inventory of all documents, files, and storage devices. This should include all file cabinets, desktops laptops, laptops, mobile devices and flash drives, disks and digital copiers. Be sure to check locations where sensitive information may be stored outside of your office. This is the case for employees’ homes as well as their computers at home that they work from.

Sensitive PII should be encrypted both in transport and at rest, and should be kept only the period necessary for business needs. This includes biometric information medical information covered under the Health Insurance Portability and Accountability Act (HIPAA) Unique identifiers like passports and Social Security numbers and employee personnel records.