As organizations battle to keep personally identifiable information (PII) safe and secure, it becomes more and more apparent that all employees have a role to play in protecting data privacy.

The important thing to remember is that PII is more than just social security numbers and credit card numbers. PII includes any piece of information that can be used individually or in combination to identify a specific person. One-to-one identifiers (e.g., license numbers, finger prints, and insurance policy numbers) can be tied to individuals, but one-to-many identifiers — data points like first names, job titles, city of residence, and last names — can be combined to achieve the same end. In fact, it’s estimated that 87% of the U.S. population can be identified using just three pieces of PII: gender, zip code, and birth date.

With that rather startling statistic in mind, it is clear that even seemingly small pieces of data can have value. If you come into contact with, collect, or store PII for coworkers or customers, here are four tips that can help keep PII safe:

1.) Use appropriate security safeguards for PII

Gauge the level of sensitivity associated with PII, think about the ramifications in the event of a breach. The more sensitive the data, the more intense the protections should be.

2.) Only collect PII you truly need

It’s important to think about the information you truly need to have and limit collection to business-critical items. For example, if you’re building a mailing list, think about whether you need anything beyond an email address. If you don’t do hard-copy mailings or calling campaigns, there’s no reason to collect mailing addresses and phone numbers.

3.) Be smart about storing PII

The more PII there is on an organization’s network, the more vulnerable that organization is in the event of a breach. So before you store it, consider if it’s business critical. If not, securely dispose of it. If so, apply the appropriate safeguards (including physical security measures for paper files and encryption and secure server storage for electronic files). In addition, be sure to revisit stored data and purge that which is out of date or no longer business critical.

4.) Apply general security best practices to PII when appropriate

Keep common-sense best practices in mind when dealing with PII because they add an important layer of security. Password protecting secure systems is a must, as is keeping your passwords private. Do not let unauthorized individuals access secure areas or systems, and don’t be too quick to disclose personal data about yourself, your coworkers, or your customers over the phone or on social media.

At the end of the day, it’s about recognizing PII and keeping security and privacy top of mind as you use, collect, and store personal data. Also be sure to familiarize yourself with any corporate or industry policies that govern handling of PII.