Personally identifiable information (PII)
How personal data shapes public services
Personal identifiable information (PII) is any data that can be used to identify a specific person—either on its own or when combined with other information.
Common examples include: full name, home address, date of birth, social security number, email address, and phone number.
In civic systems, PII often extends beyond basic identifiers. It can include records about a person’s experiences with public institutions, such as:
Benefits histories
Education records
Housing case files
Criminal justice records
Clinical histories
Together, these records form the institutional portrait of a person’s life as seen through the systems meant to serve them.
In civic systems, people are often known through the records that represent them.
Why PII matters in civic systems
In government and nonprofit contexts, PII is not just a technical or legal concern. It’s the foundation of how institutions recognize people, make decisions, and deliver services.
Recognize
PII is how systems know who you are.
Without it, you may be invisible to the programs designed to support you.
With incorrect or incomplete information, you may be denied services you’re entitled to receive.
Decision-making
PII feeds the processes that determine:
Eligibility for benefits
Risk or priority scores
Access to housing or healthcare
Enforcement or compliance actions
These decisions often shape the course of a person’s life.
Consequences
When PII in mishandled, misinterpreted, or exposed:
People can lose benefits or services
Sensitive histories can be revealed
Identity theft or fraud can occur
Communities or populations can be made vulnerable to bad actors or targeted enforcement.
Collective histories can be distorted, extracted, or used without consent.
Trust in institutions erodes
For people already navigating complex or fragile circumstances, these consequences can be severe.
Not all PII is equal
PII is often treated as a single category, but in practice, different types of personal data carry different levels of sensitivity and impact.
Basic identifiers
Information used to distinguish one person from another:
Name
Address
Date of birth
Identification numbers (SSN, etc)
Transactional data
Records of interactions with systems:
Payment histories
Appointment records
Service usage
Application statuses
Sensitive personal histories
Deeply personal records that reflect major life experiences:
Clinical histories
Mental health records
Immigration status
Criminal justice involvement
Child welfare cases
Disability or veteran status
These forms or PII often contain details about a person’s body, trauma, family, or legal circumstances. They can determine access to care, freedom, housing, or safety.
A clinical history, for example, is one the most sensitive forms of PII—docunenting a person’s diagnoses, treatments, symptoms, and live experiences with illness and care. When handled poorly, it can cause harm. When handled with care, it can enable life-saving decisions.
The civic design perspective
Many institutions approach PII primarily as a compliance issues related to their need to secure, minimize, or redact information.
These concerns are important, but from a civic design perspective, PII is also something more:
A system’s memory of a person
The basis of life-altering decisions
A potential source of both harm and care
When systems treat PII as purely technical, they risk overlooking the human stakes embedded in every record.
A benefits file might contain years of financial hardship.
A housing file might reflect periods of instability.
A clinical history might document pain, loss, and recovery.
A tribal data record might hold generations of identity, governance, and sovereignty.
These are not just data points. They are fragments of real lives.
In civic systems, people are often known only through their data. The quality, accuracy, and care with which we handle personally identifiable information shapes not only decisions—but trust itself.
Design implications
Public systems that handle PII carry a responsibility not only to secure it, but to treat it with dignity and care.
This can mean:
Collect only what is necessary.
Avoid gathering data that does not directly support service delivery or outcomes.Preserve context, not just transactions.
Systems should reflect the continuity of a person’s experience, not just isolated events.Make it easy to correct errors.
People should have clear, accessible ways to review and update their information.Reduce the need to repeat traumatic histories.
Systems should share information responsibly, so people are not forced to retell painful stories at every step.Respect data sovereignty.
Policies and systems should recognize the right for individuals and communities to have agency over their information—both as active data and collective histories.Design for trust, not just compliance.
Policies and interfaces should communicate respect, clarity, and care.
In civic systems, people are often known only through their data. The quality, accuracy, and care with which we handle personally identifiable information shapes not only decisions—but trust itself.
PII is more than a category of data.
It is the raw material of how institutions see, remember (or intentionally forget), and respond to the people they serve.
Related blog posts and essays
