In simple terms, personal data is an EU term and is far wider in scope due to the direct and indirect aspects of identification, than PII which is a US term.
Personal Data means: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
These terms are very much used interchangeably and as previous respondent stated PII is a US term. Strictly speaking under US definition PII does not include for example :Aggregated statistics
Internet Protocol (IP), Media Access Control (MAC) addresses, Cookie ID, Device ID. I often found that it is always good to clarify as stakeholders might only think of direct identifiers but forget the fact that data that one can maybe add via other sources means that e.g. behavioural data or a cookie by itself is also personal data.
These are terms that I understand have been coined in the USA and due to federal laws may well have different definitions. There is evidence of some organisations using the terminology in the UK. However, if you are based in the UK then I would recommend that the use of these acronyms are avoided. Instead the use of the tried and tested terminology that is used within the UK of ‘personal data’ and ‘special categories’ would be more readily understood by your audience as these are clear legal definitions. I hope that helps.
Dave_Wylie
In simple terms, personal data is an EU term and is far wider in scope due to the direct and indirect aspects of identification, than PII which is a US term.
Personal Data means: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
PII is described by Department of Homeland security as per this: https://www.dhs.gov/privacy-training/what-personally-identifiable-information
On the face of it it seems to becoming more aligned with the EU may of thinking …
Petra
These terms are very much used interchangeably and as previous respondent stated PII is a US term. Strictly speaking under US definition PII does not include for example :Aggregated statistics
Internet Protocol (IP), Media Access Control (MAC) addresses, Cookie ID, Device ID. I often found that it is always good to clarify as stakeholders might only think of direct identifiers but forget the fact that data that one can maybe add via other sources means that e.g. behavioural data or a cookie by itself is also personal data.
Smurf333
These are terms that I understand have been coined in the USA and due to federal laws may well have different definitions. There is evidence of some organisations using the terminology in the UK. However, if you are based in the UK then I would recommend that the use of these acronyms are avoided. Instead the use of the tried and tested terminology that is used within the UK of ‘personal data’ and ‘special categories’ would be more readily understood by your audience as these are clear legal definitions. I hope that helps.