The document discusses protecting personally identifiable information (PII) in accordance with new data protection regulations. It outlines the types of data that are at risk, how data can be exposed through accidents or attacks, and steps individuals and departments should take. These include minimizing collection of sensitive data, securely destroying data, using strong passwords, and talking to IT about tools and processes for securing data.