What is PII and How Can it Impact Employee Safety?

March 28, 2022

What is PII and How Can it Impact Employee Safety?

The definitions, terminology, and legislation around Personally Identifiable Information (PII) vary somewhat from country to country, so it's important to understand the regulations for your location.

Generally speaking, however, PII is any personal data that can be used alone or in combination with other information to identify an individual. It might include but isn't limited to:

  • Full names
  • Employment information
  • Business and work addresses
  • Telephone number
  • Email addresses
  • Social media handles
  • Photographs
  • Banking or credit details
  • Passport or driver's license numbers
  • Medical and insurance information

Organizations have processes and IT infrastructure in place to protect and secure the personal information they collect. Still, data is often leaked during data breaches and malicious activity like phishing, viruses, and ransomware.

Do your policies and procedures around the collection, storage, and management of PII instill confidence in your employees? Do they feel like you have their backs when it comes to the security of their personal information?

Why Should You and Your Employees Be Concerned?

Executives and employees at every level of your organization have the right to workplace safety.

Personal data leaks can leave your staff vulnerable to attacks outside of the workplace as PII is bought, sold, and distributed over the internet to publicly available data brokers and people search websites. Sadly, you can Google anyone's name, and many sites that claim to have their personal information available and accessible for a nominal fee will turn up.

With malicious intent, a disgruntled employee or customer, someone who disagrees with your company's viewpoints, or even random criminals can find identifying information like addresses and phone numbers with a quick Google search or a limited amount of hacking. With only a few details, they can make someone's life miserable.

If the data leak occurs within your organization, or if the threats come as a result of your company's business activities, you could be legally and financially responsible for any harm that comes to your employees.

The move to remote work in 2020, as a result of the pandemic, highlighted the need for much higher standards for data security in the business world. According to a 2021 IBM report on the cost of data breaches, the average cost of dealing with a data breach was much higher for companies that had employees working off-site.

Whether working from home meant company security lapses or employees were not as diligent at home as they might have been in the workplace, off-site work meant an uptick in data security concerns.

The pandemic has driven companies to dramatically increase IT spending related to identifying and managing security risks.

What Kinds of Threats Can Come from Exposed PII? 

A recent ONTIC study surveying American physical security, legal, and compliance leaders reported some startling facts about employee safety:

  • 64% of the executives surveyed reported a dramatic increase in physical threat activity in their organizations between 2020 and 2021. 
  • 71% of the leaders said their lack of protective intelligence in the year prior meant missed threats and physical harm to employees and customers in their companies
  • 60% of the companies say they receive at least one physical threat every week
  • 80% of the experts felt more pressure than ever before to protect their employees from physical harm

Most executives in the survey agreed that the challenges of remote work increased the need to increase their budgets in this area.

With so many highly politicized issues, racially charged environments, and financially motivated criminal activity, the risk of physical threats to employees is increasing. And these threats aren't limited to the office, where security staff and monitoring can keep employees safe. Unfortunately, threats against employees are happening more often in their homes, where they are unprotected.

Threats from cybercriminals might include:

  • Physical or online stalking of individuals and/or their families
  • In-person, online, or telephone harassment
  • Blackmail
  • Identity theft
  • Fraudulent purchases
  • Impersonation (applying for employment/housing)
  • Damage to credit ratings

Fortunately, your company can prevent many of these threats with improved security measures, especially related to your employees' PII.

What Can Your Company Do About Exposed PII?

You want to keep your executives and employees safe and their data secure. There are many ways your company can mitigate risks and improve threat management:

  • Continue to improve online security measures
  • Restrict access to personal data
  • Provide ongoing staff training on appropriate security practices like using caution when clicking on links within emails and using 2-factor identification when possible
  • Develop and improve policies and procedures around proper record handling, including file access permissions, password protection, and data encryption
  • Teach individuals to monitor internet activity in their name by setting up Google Alerts
  • Perform dark web scans to identify company or employee information
  • Retain expensive legal services to manage data leaks and harm to employees after the fact
  • Use an affordable online privacy platform to locate, delete, and monitor PII for individuals and entire companies to stop potential attackers in their tracks and prevent threats from occurring

Many cybercriminals are looking for the easiest method to get what they want. If they can't find the information they need quickly and inexpensively, they are likely to move on to their next target.

PrivacyBrain believes every company should have access to an affordable, comprehensive, and easy-to-use privacy management platform that combats the rise of workplace-related online harassment and physical threats so they can provide a safe work environment to their employees.

With continuous monitoring, you'll ensure dangerously exposed information remains private, keeping your employees safe from stalkers, internet trolls, and criminals.

If you're ready to add an extra level of protection to your employee data, contact us today to find out how we can remove and monitor exposed data on the internet.

Start protecting your employees today

We can help you understand the scope of risk your company may face when exposed employee information is floating around online.