ChatGPT: Uncovering the opportunities and threats for cybersecurity
ChatGPT's emergence has captivated businesses and individuals, offering potential productivity enhancements. However, it also introduces new threats to cybersecurity.
May 30, 2023
May 25, 2023
As tech advances, so does the need to protect sensitive data from unauthorised access. In this blog post, we’re breaking down the concept of personal information, why it's important, and the proven steps to safeguard it.
The term “Personal Information” (PI) is often used interchangeably with “Personally Identifiable Information” (PII), but it’s important to note that PI is not a legal term. To ensure clarity and consistency, it’s recommended to use the term “personal information” as defined by the law. For instance, in New Zealand, the Privacy Act refers to “personal information,” while the GDPR in Europe uses the term “personal data.” These terms both have legal definitions that determine our obligations to protect and handle personal information appropriately.
Personal information encompasses any data related to an identifiable natural person. It goes beyond traditional identifiers like name, address, or contact details. Any information, regardless of its form, format, or platform, becomes personal information where it pertains to an individual.
This could include:
The breadth of personal information is extensive, and it exists across various mediums.
When determining whether information qualifies as personal information, both identifiability and context play important roles.
Identifiability refers to the ability to associate the information with a specific individual directly or indirectly. While some information may seem unrelated to an individual at first glance, it can still be considered personal information if it affects that individual’s legal rights or can be reasonably deduced to be about them.
Contextual factors, such as the purpose of the data, its relevance and its impact on the individual, contribute to whether it falls under the umbrella of personal information. It’s crucial to consider the broader implications of this data being identified, even if it may not appear directly linked to a specific person.
Given the risks associated with mishandling personal information, safeguarding measures should be at the forefront of your privacy program. Here are some proven methods to consider:
Overall, protecting personal information should be a priority for your organisation. As tech continues to advance, the risks associated with unauthorised access and misuse of personal data become more complex. By committing to safeguarding personal information, we can all contribute to a safer and more trustworthy digital environment for all.
“The pre-built policy was one of the most valuable features for us. And the list of action items we needed to get better. I can tell the board that we have a security policy in place and we're working through the list of standards. It's a really easy way to get your security sorted. That's the main thing for us ⏤ it makes our lives easier.”
Tane van der Boon
Founder & CEO