WHICH OF THE FOLLOWING IS NOT AN EXAMPLE OF PII 1. EDUCATION AND EMPLOYMENT HISTORY

a. WHICH OF THE FOLLOWING IS NOT AN EXAMPLE OF PII

1. EDUCATION AND EMPLOYMENT HISTORY

2. YOUR BROWSING HISTORY FOR A HOTEL LOBBY COMPUTER WHICH DOESNT VERIFY YOUR IDENTITY ORROOM NUMBER

3. WEBSITE COOKIES PLACED ON YOUR LAPTOP

4. GOVT IDENTIFIER SUCH AS TAX ID

b. MEASURE PROVIDING APPROPRIATE SECURITY AND NOT NECESSARILY THE MAXIMUM SECURITY THAT IS POSSIBLE IS REQUIRED FOR PERSONAL DATA?

1. TRUE

2. FALSE

Answer:- The correct options are:

a. 2. YOUR BROWSING HISTORY FOR A HOTEL LOBBY COMPUTER WHICH DOESNT VERIFY YOUR IDENTITY ORROOM NUMBER

b. 1. True

Explanation:

Personal Identifiable Information PII any information that can be used to identify an individual person. Common examples of PII include a person’s full name, date of birth, national identification numbers as well as education and employment information including financial details plus medical history etc. Option 2 can also not be classified under the levels mentioned above since browsing habits do not stay identifiable to one individual per say. The other options identify information such as government IDs, education and employment history that could be traced back to a person.

With regard to suitable security for personal information, data protection rules such as GDPR mandate that organizations adopt technical and organizational steps in order to ensure a level of safety proportioned with the risk. The compromise lies in “fitting security” depending on the level of classified information. For instance, highly sensitive medical records need strong security such as encryption while something like an email newsletter sign-up might only need regular TLS encryption. The aim is to protect personal data from unauthorized access and misuse without creating overly strict security requirements for organizations. Not the hypothetical maximum security is required, truly reasonable security controls suitable for the specific data at issue.