Skip to main content

Personally identifiable information (PII)

Risk & governance

Data that can identify a person directly or when combined—governing what may enter prompts, logs, and fine-tuning datasets for AI tools.

PII includes names, emails, government IDs, precise locations, account numbers, and sometimes free-text snippets that enable re-identification. AI tools amplify risk: prompts leak to vendors, caches, and support tickets.

Engineering stance

Classify data, block or redact before model calls, and align with legal on GDPR and other regimes—not only “turn off logging.”