(ISC)2 Certified in Cybersecurity Practice Exam

Which of the following is an example of biometric records that fall under PII?

• A. Medical history
• B. Social Security number
• C. Fingerprint scans
• D. Financial data

The correct answer is: Fingerprint scans

The choice of fingerprint scans as an example of biometric records that fall under Personally Identifiable Information (PII) is correct because biometric data, such as fingerprints, are unique identifiers that can be used to recognize and verify an individual's identity. PII includes any information that can be used to identify a person, and biometric data fits this definition perfectly because it is intrinsically linked to an individual's physical characteristics. In the context of data privacy and protection, biometric information is particularly sensitive because it is not easily changeable. Unlike a Social Security number or financial data, which can be altered or reset if compromised, biometric traits like fingerprints are permanent to the individual. This permanence adds an extra layer of concern regarding their confidentiality and security. Medical history, social security numbers, and financial data are also forms of PII; however, they do not fall under the category of biometric records. Medical history is health-related personal data, social security numbers serve as unique identifiers for tax and social welfare purposes, and financial data encompasses information related to an individual's financial transactions and accounts. While all these types of data are significant in their own right, they lack the biometric uniqueness associated with fingerprint scans.