Private Personal Information (PPI)
Private Personal Information (PPI) is a category of sensitive information that is associated with an individual person, such as an employee, student, or donor. PPI should be accessed only on a strict need-to-know basis and handled with care.
PPI is information that can be used to uniquely identify, contact, or locate a single person. Personal information that is “de-identified” (maintained in a way that does not allow association with a specific person) is not considered sensitive.
Appropriate protection of PPI that is not publicly available is required by Laws and Regulations Related to Handling Sensitive Protected Data, contractual obligations, and university policies. These regulations apply to PPI stored or transmitted on any type of media: electronic, paper, microfiche, and even verbal communication.
Frequently Used by:
Category:
Examples:
For Employees:
- Social Security Number
- National ID Number
- Bank account numbers
- Tax information (W2, W4, 1099)
- Date and location of birth
- Country of citizenship
- Citizenship status
- Visa permit data
- Driver’s license
- Gender
- Ethnicity
- Disability information
- Marital status
- Military status
- Criminal record
- Home address
- Grievance information
- Discipline information
- Leave-of-absence reason
- Benefit information
- Health information
For Students:
- Grades/transcripts
- Class lists or enrollment information
- Student Financial Services information
- Athletics or department recruiting information
- Credit card numbers
- Bank account numbers
- Wire transfer information
- Payment history
- Financial aid, grant, and loan information
- Student tuition bills
- Ethnicity
- Advising records
- Disciplinary records
Laws/Regulations/Policies:
Additional Resources:
M+Box Core Apps:
M+Google Mail and Calendar:
M+Google Drive (Docs):
M+Google Sites, Talk, Groups, Tasks:
M+Google Additional Services (Non-Core):
M+Box Additional Apps (Non-Core):
Personal Device (phone, tablet, laptop, etc.):
Personal Account (Dropbox, Evernote, etc.):
UMHS Exchange Email and Calendar:
CTools:
Wolverine Access:
MiDatabase:
MiServer:
Desktop Virtualization (VDI):
TSM Backup:
MiWorkspace:
Sitemaker:
Virtualization as a Service (VaaS):
Value Storage:
Mainstream Storage:
Data Warehouse:
ITS Exchange Email and Calendar:
Desktop Backup (Powered by CrashPlan):
Flux:
Key: Storage Permission Levels
Permitted
Permitted with IIA Consultation
Not Permitted
For IIA consultation, please contact the ITS Service Center
Using Private Personal Information (PPI) Data
This list shows which services can and cannot be used to store and share Private Personal Information (PPI) Data. Click any service for more details.
- CTools
- Data Warehouse
- Desktop Backup (Powered by CrashPlan)
- Desktop Virtualization (VDI)
- Flux
- ITS Exchange Email and Calendar
- M+Box Core Apps
- M+Google Drive (Docs)
- M+Google Mail and Calendar
- M+Google Sites, Talk, Groups, Tasks
- Mainstream Storage
- MiDatabase
- MiServer
- MiWorkspace
- TSM Backup
- UMHS Exchange Email and Calendar
- Virtualization as a Service (VaaS)
- Wolverine Access
Don't see the service you need? Contact the ITS Service Center.
