1. |
Definition. The term Personally Identifiable Information (PII) is defined as sensitive information:
a. |
that directly identifies an individual [e.g., name, personal/home address, social security number (SSN), financial banking information, other identifying number or code, home telephone number, personal email address, etc.]; or
|
b. |
by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification. (These data elements may include a combination of gender, race, birth date, geographic indicator, and other descriptors).
|
c. |
Additionally, information permitting the physical or online contacting of a specific individual is the same as personally identifiable information. This information can be maintained in either paper, electronic or other media.
|
|
3. |
Collecting PII information. As payor, GSA is required to collect PII information, such as SSN and sensitive banking information, from vendors in order to report payments made to certain vendors for non-employee services on Form 1099 to the Internal Revenue Service (IRS) in accordance with 26 U.S. Code sections 6041 and 6041A, as implemented in 26 Code of Federal Regulations (CFR). GSA will obtain the required SSN and banking information through other means and not the invoices; thus, under no circumstances, should vendors provide SSN or banking information on invoices to GSA.
|