>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

4.3Personally Identifiable Information (PII)

>Control Description

For the purposes of this document, PII is information which can be used to distinguish or trace an individual’s identity, such as name, social security number, or biometric records, alone or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, or mother’s maiden name. Any FBI CJIS provided data maintained by an agency, including but not limited to, education, financial transactions, medical history, and criminal or employment history may include PII. A criminal history record for example inherently contains PII as would a Law Enforcement National Data Exchange (N-DEx) case file. PII shall be extracted from CJI for the purpose of official business only. Agencies shall develop policies, based on state and local privacy rules, to ensure appropriate controls are applied when handling PII extracted from CJI. Due to the expansive nature of PII, this Policy does not specify auditing, logging, or personnel security requirements associated with the life cycle of PII.

>Cross-Framework Mappings

SCF

CPL-01
Compare
DCH-02
Compare
PRI-05
Compare
PRI-05.1
Compare
PRI-05.4
Compare

Ask AI

Configure your API key to use AI features.