Information Protection @ MIT

PII (Personally Identifying Information) Program

This program was conducted from late 2007 to early 2010. As of March 1, 2010 the program ended, but the work of the program continues under the complaince efforts surrounding MIT's Written Information Security Program (WISP).

The program was launched in response to increasing concerns regarding identity theft and the changing legal landscape with regard to safeguarding PII. Its focus was to identify and limit all the places at MIT where Social Security numbers (SSN) were and are being collected or recorded -- computer systems as well as paper files. The work ensures that any SSN we need to retain for business purposes are effectively protected.

Since the data collection phase encompasses the whole campus, members of the PII Program were available to present to groups or talk with individuals on different protection methods, including:

The team collected input from across the MIT community and initiated some projects to reduce the risk of PII being inadvertently compromised (e.g. reducing access to SSN via the data warehouse.)

Questions about this work can be addressed to infoprotect@mit.edu.