Page History

Personal information consists of any information processed by LBNL staff in support of official laboratory business which relates to or describes an identifiable individual. Personal information is an overarching term that encompasses highly sensitive personally identifiable information (personal information subject to legal, regulatory, or contractual obligations), prudent to protect personal information, and publicly available information (such as directory information or information that is lawfully made publicly available by government agencies). 

The below figure provides a high-level overview of the different kinds of personal information and their inherent risk profile.

Personal Information Rated "Controlled" - Personally Identifiable Information (PII)

Data elements under the PII category are the most sensitive types of personal information at the Lab. Any use, transmission, storage, destruction, or other processing of PII must be approved by the IT Division. Any actual 

1. Data Breach-Notice triggering Personal Information (under the California Information Practices Act, Cal. Civ. Code 1798.29), specifically:

1. A combination of first name or first initial and last name and:

1. Government Identifiers: Social Security Numbers, Drivers License Numbers, Passport Numbers, Green Card Numbers, and any other government-issued identifiers commonly used to identify an individual

2. Employee health information, including records originating from a healthcare provider containing descriptions of conditions, diagnosis, prescriptions, referrals, visits, and other health information, insurance and/or claims-related information.

3. Biometric Information

4. License Plate Recognition System information

5. Financial account information (such as debit and credit account information), including PINs or other authentication information

2. Usernames and Passwords that would permit someone to access an online account.

2. Personally Identifiable Information stored in Department of Energy-owned records maintained in Privacy Act Systems of Records

3. Certain Sensitive Personal Data of EU residents contained in records subject to the General Data Protection Regulation.

4. Certain datasets determined to be highly sensitive pursuant to a documented risk assessment by the Privacy Officer.

Personal Information Rated "Prudent To Protect"

The below data categories and elements are included in the definition of personal information and are generally regarded as "Prudent to Protect." Note that certain information collections containing purely prudent-to-protect information may be regarded as highly sensitive depending on a number of factors, including the total number of data elements for any one individual, the number of individuals and records present in the data set, and other factors. 

1. Contact Information: home address, home telephone number. 
2. Demographic Information: Gender, Gender Identity and Expression, Sexual Orientation, Racial or Ethnic Origin, Religious Affiliation, Political Beliefs, Date of Birth, Disability Status, Veteran Status, Salary.
3. Employment-Related Information: employee performance information, credit reports, drug test results, information related to the processing of security clearances, certain kinds of employee health records, job-application information, education information.
4. Online Behavior: web browsing history, IP Address, MAC Address, Email Address, Usernames, social media-related activities performed through an individual’s personal account.
5. Precise Geolocation
6. Authentication Information: answers to security questions (mother’s maiden name, favorite childhood friend, etc.). 
7. Pictures, audio, and/or video recording: CCTV Captures, Meeting Recordings

Personal Information not rated Prudent to Protect or Controlled

The below data categories and elements are included in the definition of personal information but are not subject to controls beyond what applies to information generated in the course of pursuit of LBNL's mission (such as information intended for publication).

1. Directory Information: this consists of information related to an individual published to facilitate contact with LBLN workforce members. This consists of information made publicly available on phonebook.lbl.gov such a your name, work email, phone, mailbox, and office information. 
2. De-Identified Information: this consists of personal information previously considered prudent to protect or controlled, but which has been rendered unidentifiable through one of many processes, such as pseudonymization and anonymization.