In most enterprises today, personal data such as last name, social security number, date of birth and so on seems to proliferate across multitude of databases. It is the responsibility of the custodian of that data to protect the "Personally Identifiable Information (PII)" for reasons varying from compliance to privacy protection. Various techniques are now prevalent to protect the personal information. Data de-identification is one such most commonly employed technique. This paper aims to share insights that help Data Custodians in an enterprise, Security Auditor, Risk and Compliance Group, Data Security Subject Matter Expert and the curious minds of the database world.