The Privacy Professional

What is Personal Data? In the US personal data is known as personally identifiable  information (PII).   Generally, it is defined as information that can be reasonably linked to an individual, using persistent identifiers.  Federal and State statutes determine a more specific definition of PII (GLBA, HIPAA, Privacy Act, ect). For example, under HIPAA there are 18 points of personally identifiable information . The pieces of identifiable information are as follows:  Name, address, city, county, zip, precinct, DOB, admission date, discharge date, date of death, ages over 80, Telephone/Fax #, Email address, SSN, Medical record #, Health plan #, Account#, Certificate/license #, Vehicle (VIN, Plate#), Device ID and Serial #, URL, Biometric ID (finger print, voice print), Full-face photographs,  and ny other unique identifiers. In the   EU (GDPR), personal data is defined as data related to an identifiable natural person, who can be identified (directly or indirectly) by reference

A Cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognize a user’s device. Cookies are categorized in two ways, the extent of data they store and the website that places the cookie on the user's device. A session cookie is one which is erased when the user closes the browser. Session cookies are considered to be less privacy intrusive than persistent cookies because they expire after a browser session so would not be stored longer term. For example, session cookies can be used for security when a user is accessing internet banking or to facilitate use of webmail. Persistent cookies differs from a session cookies. A persistent cookie remains on the user's computer/device for a pre-defined period of time. Persistent cookies are stored on a users’ device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across di