Family Educational Rights and Privacy Act (FERPA)
Personally Identifiable Information (PII)
Personally identifiable information (PII) includes information that can be used to distinguish or trace an individual’s identity either directly or indirectly through linkages with other information.
Additional information on PII is available in the Family Educational Rights and Privacy Act Regulations, 34 CFR §99.3, and in the PTAC publication Checklist: Data Governance
Common examples of personally identifiable information:
Direct Identifiers
Name
Address
Social Security Number
Telephone Numbers
E-mail Addresses
Biometric Record
Indirect Identifiers
Combinations of gender, birth date, geographic indicator and other descriptors. Other examples of indirect identifiers include place of birth, race, religion, weight, activities, employment information, medical information, education information, and financial information.
Gramm-Leach-Bliley Act (GLBA)
Non Public Information (NPI) – Data Classification: Restricted-Specific, Restricted, Private
GLBA defines Non Public Information (NPI) as any financial information given by a consumer to a financial institution for the purpose of obtaining a financial product.
Financial Products or Services The term includes student loans, employee loans, activities related to extending credit, financial and investment advisory activities, management consulting and counseling activities, community development activities, and other miscellaneous financial services as defined in 12 CFR § 225.28.
Common examples of non-public personal information:
Names
Phone numbers
Addresses
Social Security Numbers
Credit and Income Histories
Credit and Bank Account Numbers