Leaving a trail of personal information has become an almost necessary part of everyday life. According to Surfshark, the average smartphone user generates up to 188 footprints every day^[1] by using their device alone, contributing to a growing record of information businesses keep on their users.

Some of that information, such as app usage data or crash reports, might be relatively harmless. However, businesses also collect personal information whose sensitive nature warrants additional protections.

In this guide, we’ll discuss protected personal information (PPI) to see if and how it differs from personal information in general. We’ll also talk about laws that govern data protection and some methods you can use to protect your personal information further online.

What Is Personal Information (PI)?

The California Consumer Privacy Act (CCPA) defines personal information as “... information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”^[2]

Other state laws might give slightly different definitions. Still, they rest on the same premise—your personal information is data that could, on its own or in conjunction with other data, be used to identify you.

Some examples of personal information include:

• Name
• Address
• Shopping history
• Place of birth
• Gender
• Employment information
• Credit card number
• Government ID number

What Is Protected Personal Information? 

Protected personal information is a subset of personal information that may require additional legal protections due to its sensitive nature. As opposed to general personal information, PPI could cause significant harm if leaked or accessed by unauthorized parties, either on its own or in combination with other personal information.

Examples of PPI include:

• Social Security number (SSN)
• Numbers of government-issued documents, such as your driver's license, passport, or ID card
• Financial information such as your credit/debit card numbers and bank account details
• Medical records, including data on diagnoses, treatment history, or prescriptions
• Biometric data such as fingerprints
• Educational transcripts

Identity theft is one of the most serious potential consequences of unauthorized access to your PPI. Financial loss is another one, as is medical identity theft, where a criminal uses your stolen information to get medical care in your name.

Which Regulations Protect PPI? 

No single law in the U.S. explicitly defines or protects all PPI. Instead, various federal and state laws regulate the collection, use, storage, access, and disposal of protected personal information. 

Some of the most notable ones include:

• The Health Insurance Portability and Accountability Act (HIPAA)^[3]—Regulates how healthcare providers, clearing houses, and insurers collect, use, disclose, and secure individuals' medical information
• Gramm-Leach-Bliley Act (GLBA)^[4]—Requires financial institutions like banks, credit unions, and credit reporting agencies to inform customers of their information-sharing practices and safeguard their financial information
• Children’s Online Privacy Protection Act (COPPA)^[5]—Protects children's privacy online by requiring websites and online services directed at children under 13 to obtain verifiable parental consent before collecting, using, or disclosing their personal information
• Family Educational Rights and Privacy Act (FERPA)^[6]—Protects the privacy of student records and gives parents the right to access, review, and correct their child's education data

Several states also have their own data protection laws, such as the CCPA^[2], the Colorado Privacy Act (CPA)^[7], and the Virginia Consumer Data Protection Act (VCDPA)^[8]. These laws give you more control over your data and require businesses to implement reasonable security measures.

Online Security Practices To Protect PPI

At the core of data protection laws is the obligation of companies and institutions to implement measures and practices to secure your PPI adequately. However, you can also take steps to protect your PPI and personal information in general.

A good place to start is to limit the sharing of personal data online. You can review the data collection practices of services you use, such as Google and Amazon, and adjust their settings to minimize data collection.

Consider removing some of your data that’s already online. You might use specialized data-removal services to scrub your information from data brokers and people search engines. 

To further protect your personal information, consider these three methods:

1. Set strong passwords—Create complex, unique passwords for each account. Password managers such as 1Password or Norton Password Manager can help you create and store strong passwords.
2. Use virtual private networks (VPNs)—A VPN service such as Malwarebytes VPN, Private Internet Access, and Proton VPN masks your IP address and encrypts your internet traffic, making it difficult for hackers to intercept sensitive information. 
3. Pay with virtual cards—Virtual cards are randomly generated card numbers that provide an extra layer of security by limiting the amount of PPI shared with merchants and preventing the exposure of sensitive data in case of a data breach. Getting your virtual cards from a specialized provider like Privacy comes with advanced security and card controls. 

Protect Your Financial Personal Information With Privacy

After connecting your bank account or debit card to Privacy, you can create multiple virtual cards with unique card numbers. Privacy Cards act as a stand-in for your real payment card details, keeping them secure and out of reach of potential hackers.

As a PCI-DSS-compliant platform, Privacy ensures that all personal information transmitted and stored on their servers is encrypted with the AES-256-bit encryption algorithm, the same standard used by financial institutions, government agencies, and the military.

To further enhance security, Privacy employs the following measures:

• Two-factor authentication (2FA)—With 2FA, your account is protected by an additional step at signup, reducing the risk of unauthorized access.
• Third-party audits—Privacy undergoes regular audits to ensure its security protocols and technology meet industry standards and remain up-to-date.
• Fraud investigation—Privacy will investigate any potentially unauthorized payments and initiate a chargeback against the merchant on your behalf if it finds grounds for it.

Privacy Cards—Types and Features

Privacy allows you to create three card types, as explained in the following table:

Privacy also offers two types of card controls that let you:

1. Set spending limits, causing Privacy to deny any transactions that go above the limit to help you avoid hidden fees
2. Pause or close cards, letting Privacy block all future charges on them and protect you against accidental or unwanted charges

Make Online Payments With Convenience

Privacy offers multiple convenience features that help you manage and use your virtual cards seamlessly, including:

• Mobile app—You can install the Privacy App on your Android or iOS device to create, manage, and track card usage on the go.
• Browser extension—The Privacy Browser Extension allows you to quickly create virtual cards and autofill payment details on websites, making online shopping faster and more secure. The extension is available for all major browsers, including Firefox, Safari, Chrome, Edge, and Safari for iOS.
• Integration with 1Password—Privacy's integration with 1Password allows you to securely store and autofill virtual card details and passwords using the password manager’s browser extension. 

How To Get Started With Privacy

To join Privacy and protect your financial information with virtual cards, follow four steps:

1. Visit the Privacy signup page
2. Fill out the required Know-Your-Customer (KYC) information
3. Add a funding source
4. Request a Privacy Virtual Card
   ‍

Privacy offers four plans:

References

^[1]Surfshark, https://surfshark.com/research/chart/digital-footprints-via-apps, sourced October 3, 2024

^[2]California Legislative Information. https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=3.&part=4.&lawCode=CIV&title=1.81.5, sourced October 3, 2024

^[3]HHS.gov. https://www.hhs.gov/hipaa/for-individuals/index.html, sourced October 3, 2024

^[4]FTC. https://www.ftc.gov/business-guidance/privacy-security/gramm-leach-bliley-act, sourced October 3, 2024

^[5]FTC. https://www.ftc.gov/legal-library/browse/rules/childrens-online-privacy-protection-rule-coppa, sourced October 3, 2024

^[6]U.S. Department of Education. https://studentprivacy.ed.gov/faq/what-ferpa, sourced October 3, 2024

^[7]COAG. https://coag.gov/resources/colorado-privacy-act/, sourced October 3, 2024 

^[8]OAG. https://www.oag.state.va.us/consumer-protection/files/tips-and-info/Virginia-Consumer-Data-Protection-Act-Summary-2-2-23.pdf, sourced October 3, 2024

‍