# Sensitive Data Types

The following table provides a helpful, quick-reference guide for which data types to mark as private, but any questions should be directed to your security auditor.

| Credit Card Information                                          | Patient Health Information  |
| ---------------------------------------------------------------- | --------------------------- |
| Full Personal Account Number (PAN)                               | First and Last Name         |
| Credit Card Number                                               | Gender                      |
| Cardholder Name                                                  | Birth Date                  |
| CVV Number                                                       | Mother's Maiden Name        |
| Card Expiration Date                                             | Social Security Number      |
| **Checking Information**                                         | Financial Records           |
| Bank Routing Number                                              | Email Address               |
| Bank Account Number                                              | Driver's License Number     |
| **Personal Account Information**                                 | Passport Number             |
| <p>Public Transportation Pass/Card<br>Serial/Account Numbers</p> | Personal Health Information |

#### PCI-DSS Requirements

For PCI-compliance, the following types of data are considered sensitive and should, therefore, be treated as private in your IVR apps. It is the customer’s responsibility to ensure that the correct information is secured in your IVR apps.

* Full Track Data (This is data from the magnetic stripe or chip on the card.)
* CAV2/CVC/CVV2/CID
* Pin/Pin Block Number
* Primary Account Number (i.e., credit card number)
* Cardholder Name
* Service Code
* Expiration Date&#x20;

If you have questions about PCI-compliance, please contact your PCI auditor.

Additionally, although legal and regulatory requirements differ by state and industry, we recommend handling the following data types with additional security:

* Social Security Number
* Date of Birth
* Bank Account Number
* Personal Health Information


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.plumvoice.com/fuse/data-security/sensitive-data-types.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.