Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Protecting Personally Identifiable Information



Shirley M. Radack


This bulletin summarizes the information presented in NIST Special Publication (SP) 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII). Written by Erika McCallister, Tim Grance, and Karen Scarfone of NIST, the publication assists Federal agencies in carrying out their responsibilities to protect PII in information systems. SP 800-122 discusses how to identify and protect the confidentiality of PII as part of the organization s information security procedures, and explains the importance of protecting the privacy of the individuals whose personal information is kept by an organization. The bulletin summarizes background information on the characteristics of PII, and briefly discusses NIST s recommendations to agencies for protecting personal information, ensuring its security, and developing, documenting, and implementing information security programs under the Federal Information Security Management Act of 2002 (FISMA). References are provided to additional sources of information on protecting personally identifiable information.
ITL Bulletin -


confidentiality, confidentiality safeguards, FISMA, incident response, information security, information systems security, personally identifiable information (PII), privacy, security breaches, security controls, security impact assessments, security plans, security risks


Radack, S. (2010), Guide to Protecting Personally Identifiable Information, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed April 16, 2024)
Created April 28, 2010, Updated February 19, 2017