Sensitive Information

Why Trust Techopedia

What Does Sensitive Information Mean?

Sensitive information refers to privileged or proprietary information that only certain people are allowed to see and that is therefore not accessible to everyone. If sensitive information is lost or used in any way other than intended, the result can be severe damage to the people or organization to which that information belongs.

Advertisements

Sensitive information may also be called a sensitive asset.

Techopedia Explains Sensitive Information

Some examples of sensitive information are as follows:

  • Personal information, including Social Security Number and bank credentials
  • Trade secrets
  • System vulnerability reports
  • Pre-solicitation procurement documentation, including work statements
  • Computer security deficiency reports

According the Computer Security Act of 1987, organizations must be held responsible for protecting their own sensitive information by providing one or more of the following:

  • Confidentiality: Sensitive information should only be accessible to those who are allowed to see it, not just those who wish to see it.
  • Integrity: Unauthorized users should not be able to make changes to the information, thus compromising its integrity.
  • Availability: Information must be accessible during a certain time and may not be destroyed during that time frame. People with permission to view the data must be able to view it.

The Computer Security Act also requires federal agencies to identify their computer systems that contain sensitive information, establish training programs to increase security awareness, and establish a plan for the security of each computer system with sensitive information.

Sensitive information is not the same as classified information, which is a type of sensitive information in which access is governed by law.

Some sensitive information is called sensitive unclassified information. This is information that needs to be protected, but does not require strict classifications, such as those used for national security information.

Advertisements

Related Terms

Margaret Rouse
Technology Expert
Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.