Discover and Tag Sensitive Data
Discover sensitive information from millions of fields without manual effort. Apply 60+ prebuilt classifiers alongside domain-specific, custom classifiers based on a desired confidence level, without worrying about false positives. Enable different teams to inspect tags and validate that data has been properly identified and tagged.
Anonymize PHI/PII Data
Apply anonymization techniques at query runtime with masking techniques such as k-anonymization, format preserving masking, hashing, regular expression, conditional masking, differential privacy, and randomized response — all without writing code or copying data.
Masking Sensitive Data
Implement obfuscation techniques when queries are made, using hashing, regular expression, rounding, conditional masking, replacing with null or constant, with reversibility, with format preserving masking, as well as external masking. Protect data without having to write code or copy data.
Discovering and tagging sensitive data as it is ingested into the data fabric allowed us to to scale and automate data access for the enterprise intelligent platform.
What is privacy compliance?
Privacy compliance refers to how organizations, regardless of industry, meet regulatory and legal standards for the collection, processing, and maintenance of sensitive personal data. It is a mandate for many companies that are subject to major regulations, such as the GDPR and HIPAA. Failing to achieve privacy compliance often results in legal consequences, including investigations and costly fines.
What are the key components of data privacy solutions?
Data privacy solutions are meant to help organizations manage data ethically, responsibly, and in compliance with pertinent regulations. In other words, they help dictate how data is collected, stored, shared, and used. Therefore, some of the key components of data privacy solutions include purpose limitation, which helps ensure data is only used for specific and approve purposes; data subject access requests (DSARs) and deletion requests, which allow data subjects to find out what information about them has been collected and stored, and to have that information erased, respectively; data minimization, which limits how long organizations can retain data once it’s no longer needed for use; data lifecycle, storage, and risk management; and data monitoring for threat detection and mitigation.
What is de-identified data?
De-identified data refers to data where personal information has been removed to prevent the identification of specific individuals within a data set. This personal information may include direct identifiers, such as subjects’ names, specific geographic locations, telephone numbers, and Social Security numbers, as well as indirect identifiers, like hair color, occupation, and race. De-identifying data mitigates privacy risks and prepares data for access, analysis, and sharing.
What methods are best for masking sensitive data?
Some of the key methods for masking sensitive data include:
Dynamic Data Masking shields confidential information in production data in real-time, without making any physical changes to the data set, and prevents data requesters from accessing the sensitive information.
k-Anonymization automatically anonymizes and hides infrequent, identifiable responses when specific columns are queried.
Conditional Data Masking uses dynamic access restrictions, based on policy conditions and characteristics, to mask columns, cells, and rows for certain users.
Randomized Response introduces plausible deniability into data to anonymize specific columns.
Differential Privacy injects noise into queries to protect the privacy of individual records.
What is privacy masking and how is it different than data masking?
Although it sounds similar, privacy masking is very different from data masking. Privacy masking refers to a capability common in security cameras that partially or entirely obstructs portions of the frame, thereby protecting subjects from being recorded. Images can have privacy masked applied either permanently, meaning the same areas are always covered, or temporarily. By contrast, data masking is a form of data access control that alters existing data in a data set to make a fake but ultimately convincing version of it. This allows sensitive data like social security numbers, credit card information, health data, and more, to be stored, transferred, and analyzed while remaining protected from leaks to potential attackers.
Have 29 minutes?
Let us show you how Immuta can transform the way you govern and share your sensitive data.