A PM is working with the development team and stakeholders to determine how to relate first name, last name, and address in a database. Which of the following identifies these types of data elements?
First name, last name, and address are Personally Identifiable Information (PII) because they can identify (directly or when combined with other data) a specific individual. CompTIA Project+ includes compliance/privacy and information handling considerations relevant to projects, and knowing common sensitive data categories is part of applying appropriate controls.
The other options don’t fit: PCI refers to payment card information standards/data (e.g., card numbers, CVV) rather than general identity details. PHI is Protected Health Information, tied to healthcare/medical data and regulated in healthcare contexts. CMS typically refers to a content management system, which is a technology platform, not a data classification category.
Correctly identifying data as PII matters because it drives project requirements for security and privacy: access control (need-to-know/least privilege), encryption in transit/at rest, retention rules, logging, and potentially regulatory obligations depending on jurisdiction. As the PM coordinates database design decisions with stakeholders, labeling these fields as PII ensures the team applies the correct controls and avoids accidental exposure—like overly broad access or insecure storage—throughout development, testing, and production deployment.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit