Personally Identifying Information (PII for short) is data that describes a person which is considered to be sensitive in a legal jurisdiction. PII may include a person's name, social security or social insurance number, mailing address, personal e-mail address, credit card numbers, driver's license number, telephone number, etc.
Many jurisdictions (e.g., USA, European Union, etc.) and some organizations (e.g., Payment Card Industry) have laws, rules and regulations that require organizations to take special care when handling PII, to not share it, to protect it against accidental disclosure or malicious compromise, to notify users of such compromise. Different rules may pertain to different types of organizations or data. For example, PCI-DSS pertains to protection of credit card data, HIPAA pertains to protection of health insurance data, GLB refers to investor data, etc.
Hitachi ID Identity Manager attaches access rights not to sets of users but to types of relationships, using user classes. This is essential to privacy protection, as illustrated by the following example:
Using relationships makes it easy to define various user support models. For example, users in a country-specific help desk can reset passwords for other users in the same country, or managers in some regions may be allowed to reset passwords for their direct (or indirect) reports.
Using this access control model makes it practical to manage highly sensitive or privacy-related data using the Identity Manager request portal and approvals workflow. Personal data such as date of birth, social security number, student or employee number, enrollment and deactivation dates, healthcare classification and more are all safe to manage using Identity Manager.
Hitachi ID Password Manager is a solution that helps users to more effectively manage their already-existing credentials and resolve problems such as forgotten passwords or PINs in a self-service fashion.