Personal data


Personal data is data of a Digital Subject

Personal data has many different definitions within both Regulatory compliance and Standard compliance.

Personal data certainly would include Personally Identifiable Information and Patient Data.

Personal data and Contexts#

Personal data may be classified within two broad categories:

Organizational Entities may be Sensitive Data or have a Data Classification of Confidential data but NOT Personal data or (Personally Identifiable Information (PII))

Personal data and Medical Care#

Personal data within the context of Medical Care we refer to as Patient Data is considered Personal data. This Patient Data is interpreted differently even within the different contexts within Medical Care


Within HIPAA Protected Health Information is considered Personal data even though it is not directly able to provide Identification.

European Commission (GDPR PSD2)#

According to the European Commission "Personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. Personal data can be anything from a name, a photo, an email Address, bank details, posts on social networking websites, medical information, or a computer’s IP Address." [1]

Any information related to an identified or identifiable Natural Person that could be used to directly or indirectly identify that Natural Person is covered by GDPR. Such data includes: (but is not limited to)

entities are responsible for any Personal data they collect, whether that data resides in a customer database, employee database, or even a supplier database. What’s more, Custodian of personal data collected by a company — even if they just store the data and don’t have access to it — need to comply with the GDPR or risk being fined.

Specific mention and inclusion of data relating to:

is included.

Not only is the Personal data itself covered by the General Data Protection Regulation, but everything that’s done with the data, too. "Processors [of data] also have a Responsibility," Hammarstrand said. "What’s new in this legislation is they have a direct responsibility. They could actually be reviewed and fined if they are not complying with the legislation."

More Information#

There might be more information for this subject on one of the following: