In this world of digital devices and the World Wide Web, security is one of, if not the most important thing in the current day, as such, there are multiple types of security. In this blog post, I will be discussing one of the types of security, known as form security, more specifically I will discuss PII, HIPAA, FERPA, and PCI, which were made by the European Union to obtain consent to data, keep stored personal data to a minimum, and protect personal data with adequate measures.

What is PII?

PII (Personal Identifiable Information), is a very common form of protecting your data. PII is anything that can link yourself to your data, which keeps other people from trying to get it. PII can be anything like a passport, a driver’s license, or your date of birth, which are all things that are unique to you and that no one else has access to. Protecting your PII is especially important, as it only takes a few pieces of PII to make false accounts in your name, which can lead to bad credit or a false passport being made of you, or they could just sell your information to criminals online. 

PII can be labeled sensitive or nonsensitive. Non-sensitive PII is information that can be sent in an unencrypted form without harming an individual. Non-sensitive PII can be obtained from public records, phone books, and websites. This might include information such as zip code, race, and date of birth, which can be used to find an individual’s identity.

What is HIPAA?

HIPAA (Health Insurance Portability and Accountability Act)was passed by Congress in 1996. It gives the ability to transfer and continue health insurance coverage when someone changes or loses their job, reduces health care fraud and abuse, mandates industry-wide standards for health care information on electronic billing and other processes, and requires the protection of protected health information

Being able to transfer and continue your health insurance is very critical when you think about what might happen to you in the future. If you live near a place that is prone to natural disasters like Florida then you will need it as you will be moving in and out of the state almost regularly and health insurance wouldn’t help you if it didn’t transfer. Along with that, having standards for electronic billing on health care information is very important as it ties back to the PII, as your health is unique to you.

What is FERPA?

FERPA (The Family Educational Rights and Privacy Act) is a federal law that gives parents the right to access their children’s education records, the right to get the records amended, and the right to have partial control over the disclosure of PII from education records.

When a student turns 18 years old or enters postsecondary education at any age, the rights under FERPA transfer from the parents to the student. This means that everything that is listed above will be available to all students when they turn 18 years of age or go into secondary education. This gives students and parents the ability to keep things that they might not want to show off the educational record.

What is PCI DSS?

The PCI DSS (Payment Card Industry Data Security Standard) is a security standard made to reduce payment card fraud by increasing security controls around cardholder data. This means that it decreases the likelihood of criminals using your card for purchases by making cards have more security to them, which keeps you from having to deal with fake purchases.

This is very good for things like forms, as it can make sure that even if the form somehow gets infiltrated by black hat hackers, your personal information will be uncompromised. 

Conclusion on Form Security

Overall, PII, HIPAA, FERPA, and PCI are crucial for protecting your information. They make sure that organizations follow harsher guidelines to guard user privacy and also build trust. For all web developers/designers, this means that you have to implement strong security measures, such as encryption, to stop data from being breached and to also comply with legal standards. All web developers/designers are responsible for maintaining the anonymity of user data, and are therefore making user trust, but also adhering to regulation requirements.