Which practice would NOT help comply with privacy regulations for PII?

Protecting PII under privacy regulations means limiting what you collect and securing data throughout its lifecycle—during collection, storage, transmission, access, and backups. Minimizing collection reduces the amount of data at risk. Encrypting data in transit and at rest protects it even if networks or storage are compromised. Strict access controls ensure only authorized people can view or modify the data. Storing PII in plaintext backups, however, leaves sensitive information unprotected in backups, which can be exposed if backups are lost, stolen, or accessed improperly. This higher risk level conflicts with regulatory expectations that backups, like all data, be protected. So, storing PII in plaintext backups is the practice that would not help with compliance.