Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)

Citation: NIST, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) (SP 800-122) (Jan. 2009).

This publication provides guidelines for a risk-based approach to protecting the confidentiality of personally identifiable information (PII). The recommendations are intended primarily for U.S. federal government agencies and those who conduct business on behalf of those agencies, but other organizations might find portions of the publication useful.

The National Institute of Standards and Technology (NIST) developed this publication in furtherance of its statutory responsibilities under the Federal Information Security Management Act of 2002 (FISMA).