top of page
Security of Personal and Sensitive Information

Applied IT (Year 12) - Impacts of Technology (U4)

Christian Bien

Personal Information

Personal information is any information that can be used to identify you. Personal information could be characterised as belonging to you.​


Examples of Personal Information

  • Address

  • Date of Birth

  • Name

  • Email Address

  • Phone Number


Sensitive Information

Sensitive information is information that is protected and should not be disclosed unless under specific circumstances. The Privacy Act defines sensitive information as  "information or an opinion about an individual’s:

  • racial or ethnic origin;

  • political opinions;

  • membership of a political association;

  • religious beliefs or affiliations;

  • philosophical beliefs;

  • membership of a professional or trade association;

  • membership of a trade union;

  • sexual preferences or practices;

  • criminal record

(Source: Australian Law Reform Commission) http://www.alrc.gov.au/publications/6.%20The%20Privacy%20Act%3A%


Security of Personal and Sensitive Information

Businesses and Government organisation have an obligation to protect the personal and sensitive information collected about their customers. Unauthorised access of personal and sensitive information could lead to identity theft and fraud.​


Challenges of Digital Security

Before, personal and sensitive data were stored physically making security easier to detect unauthorised access. Video surveillance could detect who accessed data and you could tell when data was stolen if a document had disappeared.​


Nowadays, more data is becoming digitalised to allow for improved access by organisations. This poses internal and external threats to the security of data. Now data can accessed and copied without anyone knowing. Internet connections also bring threats of global hackers located around the world.​


Ways to Secure Digital Personal and Sensitive Information

  • Physical security - locks on servers, video surveillance of server rooms and keys or keycards to restrict access

  • Electronic Audit Trails - allows administrators to see what files were accessed by which user and at what time. Some audit trails can be programmed to prompt a user to input a reason to why they are accessing certain files

  • File permissions - restrict access of personal and sensitive information to authorised users

  • Firewalls - monitors incoming and outgoing data packets and blocks unauthorised data packets

  • Anti-Virus Software - detects and removes malware on systems that could be used to discretely access personal and sensitive information

bottom of page