Overview#

Private data is data that is considered "private" by the Resource Owner's Data Classification

Data should be classified as Private data or Company Confidential when the unauthorized disclosure, alteration or destruction of that data could result in a moderate level of risk to the Entity or their affiliates.

By default, all data that is not explicitly classified should be treated as Private data or Company Confidential

A reasonable level of security controls should be applied to Private data.

Private data is typically any data considered private and includes:

• Personal data
• Personally Identifiable Information
• Patient Data
• any other data that is considered "private" by the Resource Owner's Data Classification

We contrast Private data to Personal data as it may be an Organizational Entity that considers the data to be Private data

More Information#

There might be more information for this subject on one of the following:

• Best Practices For Unique Identifiers
• Computer Fraud and Abuse Act
• Data Breach
• Data Classification
• Federated Identity
• Hyperledger Indy
• IDM The Application Developers Dilemma
• Knowledge-Based Authentication
• Phantom Token Flow
• Private data
• Secret Files
• Session Management