Sensitive information is data that is required to be protected from being accessed by unauthorised parties. This is done as to safeguard the security and the privacy of an individual or organisation. The three main types of sensitive information that exist are: personal information, business information and classified information.
Personal information is any data that can be linked to an individual and if released could result in harm to the person. Examples of such information includes; social security numbers, passport numbers, biometric information, medical data and personally identifiable financial information. If such information is stolen it can result in personal information getting into the wrong hands as well as identify theft.
Business information relates to any data that would cause damage to a company if accessed by a competitor or the public. This can include financial data, trade secrets, supplier information, customer data as well as other other sensitive materials.
This relates to any information that a government body restricts due to security concerns. Different levels of sensitivity exist often with labelling such as; restricted, secret, top secret and confidential. Often over a period of time this information is declassified and eventually made public once it’s been considered that the risk of harm has passed.
Prevention is better than cure, in order to avoid a data breach occurring and what do if your business is breached read the below fact sheet. It describes how your business can prepare for, recognise, and respond to a data breach.
If you are a merchant that requires technical or PCI DSS help, please click here