Personally identifiable information

Personally identifiable information (PII) refers to information that can be used to distinguish or trace an individual’s identity, either alone (direct) or when combined with other personal or identifying information that is linked or linkable to a specific individual (indirect). Some information that is considered to be PII is available in public sources such as telephone books, public websites, and university listings. This type of information is considered to be Public PII and includes, for example, first and last name, address, work telephone number, email address, home telephone number, and general educational credentials. Examples of PII that may in combination allow a person to be identified include gender, race, birth date, geographic location, and disease diagnosis. PII can be more difficult to protect in the rare disease community due to the small number of people diagnosed with a specific rare disease.

The definition of PII is not anchored to any single category of information or technology. Rather, it requires a case-by-case assessment of the specific risk that an individual can be identified. Non-PII can become PII whenever additional information is made publicly available, in any medium and from any source, that, when combined with other available information, could be used to identify an individual.

Sourced From
NIH Grants and Funding Acronym and Glossary List
U.S. Department of Labor: Guidance on the Protection of Personal Identifiable Information
Learn More
NIH: De-identifying Protected Health Information Under the Privacy Rule
Rare Diseases Registry Program (RaDaR): Protect Human Research Participants