Personally Identifiable Information (PII) Standards with ID Scanning

ID scanning technology has become more prevalent than ever in businesses, schools and hospitals everywhere to electronically gather Visitor information during sign-in at these facilities. With just the swipe of a driver’s license, the personal information displayed on your drivers’ license or passport is detected and filled in on screen and “can be” stored in the company’s database. This information includes personal details such as - legal name, address and date of birth.. So how can you, as a business make sure that your Visitor’s personal information is safe?

When choosing a Visitor Management System (VMS) it is critical to find a solution that can meet Personally Identifiable Information (PII) standards. According to GSA, PII “refers to information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.”

Some ways to ensure your VMS is following these standards:

Drivers License & Passport ID Scanning Policies
It is essential to find a VMS solution that allows for User-defined scanning policies. This will allow the VMS to only store information that the Company chooses to keep. Any information deemed PII can be completely ignored during the scanning process and no information from the scan resides on the local workstation.

On-Premise VMS Solution
A client-server solution for managing visitors is often the preferred model for thousands of Companies worldwide when concerned with system reliability and secure options for protecting visitor PII (Personally Identifiable Information). With client-server software a visitor’s PII is secure on your server and is not transmitted over the internet. Web-based software gives more opportunity for malicious users to tamper with data on the client side and at the network level. So if data security is a requirement, chances are you will want to explore a client-server option.

Customizable Visitor Data Retention Policies
With an on-premise solution, Companies can choose their own data retention policies because all data is stored on the company’s internal database. Customer can mask or disable PII fields. Data in transit is encrypted and customer encryption for data at rest is supported. Certain on-premise solutions also allow for the Company to encrypt their own database.

Following these guidelines can ensure that your company is following PII guidelines.