Immuta’s explainable policy builder removes the guesswork from data access protection techniques such as masking and randomization. Now you can manage access and privacy to comply with internal rules and compliance with federal, industry, employment and contractual regulations – without ever having to copy or move data.
Dynamic Data Masking
Copying data and manually removing or anonymizing values can delay analysis and weaken data utility. Immuta’s dynamic masking policies support hashing, regular expression, rounding, conditional masking, replacing with null or constant, with reversibility, with format preserving masking and with k-anonymization, as well as external masking — all without ever copying or moving data.
Eliminate the manual, code-based or ETL approaches that require a team of math PhDs to prevent re-identification. Immuta enables data teams to apply k-anonymization at query time from any of your organization’s databases, allowing you to safely, seamlessly prepare sensitive data for use – without legal and privacy concerns or creating data copies.
Conditional Data Masking
Protect yourself from data leaks without resorting to manual changes by automating access restrictions based on masking policy conditions such as time-based windows, user’s geography, data in adjacent cells or reference tables. Immuta’s conditional logic in masking policies provides flexible policy enforcement, while reducing risk.
Protect yourself from data attacks without resorting to time-intensive security methods that require coding or new ETL pipelines. Immuta’s randomized response helps achieve local differential privacy for specific columns, making it possible to put mathematically guaranteed limits on an attacker’s ability to exploit your data.
Many data platforms don’t offer a quantifiable approach to data privacy protection. Immuta allows you to instantly apply differential privacy to any data source, injecting noise into queries to mathematically protect the privacy of individual records. Combine differential privacy with Immuta’s purpose-based controls to meet even the most stringent privacy regulations.
Explore More of Immuta's Capabilities
Frequently Asked Questions
What is data de-identification?Data de-identification is the removal of personal information, such as names, specific geographic locations, telephone numbers, and social security numbers, to prevent the identification of specific individuals within a data set. This practice mitigates privacy risks and prepares data for access, analysis, and sharing.
Why is it important to de-identify data?De-identifying data preserves individuals’ privacy and enables valuable data sharing and use. De-identification is a core requirement for HIPAA compliance, as it ensures that medical and health data can be used in areas such as research, policy assessment, and comparative effectiveness studies, without compromising the individual’s right to privacy.
Common masking techniques
- Dynamic Data Masking shields confidential information in production data in real time, without making any physical changes to the data set, and prevents data requesters from accessing the sensitive information.
- Dynamic K-Anonymization automatically anonymizes and hides infrequent, identifiable responses when specific columns are queried.
- Conditional Data Masking uses dynamic access restrictions, based on policy conditions and characteristics, to mask columns, cells, and rows for certain users.
- Randomized Response introduces plausible deniability into data to anonymize specific columns.
- Differential Privacy injects noise into queries to protect the privacy of individual records.