Almost every organization processes sensitive information (also called personally identifiable data or PII) within normal operations. This includes consumer names, credit credit card numbers and more. Different info privacy regulations have various definitions for what qualifies as personal organization information, therefore it’s imperative that you understand how these kinds of laws affect your business. If personal information falls into the wrong hands, it can bring about identity thievery, ransomware and more.

To be deemed personal business biz info portal info, the data need to relate to a single person in some way. It doesn’t have to get true, but it should be possible to name the individual from your information. It is also not limited to created and documented data just like photographs, movies, audio recordings or paperwork — personal business info can be disseminated verbally as well.

As businesses collect even more types of personal data, they must know how to categorize it and how the information pertains to individuals. It can be easy to get confused, specifically as new types of information are combined with the list. The best rule of thumb is to request whether the data identifies a unique individual and exactly how.

It’s also important to have a program in place to inventory each of the personal business information your small business has. Including a full search of document cabinets and computer systems, and mobile devices, display drives, home computers and digital copiers. A complete products on hand will help you determine where hypersensitive information is normally stored, letting you implement correct controls.