Sensitive information refers to privileged or proprietary information that only certain people are allowed to see and that is therefore not accessible to everyone. If sensitive information is lost or used in any way other than intended, the result can be severe damage to the people or organization to which that information belongs.
Sensitive information may also be called a sensitive asset.
Some examples of sensitive information are as follows:
According the Computer Security Act of 1987, organizations must be held responsible for protecting their own sensitive information by providing one or more of the following:
The Computer Security Act also requires federal agencies to identify their computer systems that contain sensitive information, establish training programs to increase security awareness, and establish a plan for the security of each computer system with sensitive information.
Sensitive information is not the same as classified information, which is a type of sensitive information in which access is governed by law.
Some sensitive information is called sensitive unclassified information. This is information that needs to be protected, but does not require strict classifications, such as those used for national security information.
Read More »