Privacy & Data

Privacy refers to an individual's right to keep their personal information, activities, and communications confidential.

Personally Identifiable Information (PII)

This refers to information that can be used to identify someone.

Full name
National identification number (i.e., SSN)
IP address
Home address
Motor vehicle registration plate number
Driver’s license or state ID number
Face, fingerprints, or handwriting
Credit card and bank account numbers
Date of birth
Birthplace
Genetic information

Data

Data refers to raw and unprocessed facts, figures, symbols, or information that can be in the form of numbers, text, images, or any other format. Data can be collected, stored, and manipulated to extract meaningful insights, support decision-making, or perform various tasks.

Data Classification

Data classification is a multifaceted process, encompassing state, use, and security importance, serving as a risk management tool to align protection costs with asset value and potentially becoming more intricate for larger enterprises with diverse data protection requirements, including compliance considerations.

Data States

At Rest/Being Stored
Being Created/Generated
Being Transmitted
Being Updated/Deleted

Data Usage

Input
Output
Initialized (internal)

Data Risk Impact

Impact	Damage	Financial Consequence
High	Death	Greater than $1,000,000
Medium	Severe Injury / Loss of Functionality	Greater than $100,000
Low	Minor Injury	Less than $100,000

Impact

Damage

Financial Consequence

High

Death

Greater than $1,000,000

Medium

Severe Injury / Loss of Functionality

Greater than $100,000

Low

Minor Injury

Less than $100,000

PreviousFederal Risk and Authorization Management Program (FedRAMP)NextIntroduction

Last updated 1 year ago