Data Security Policies
Votiro detects privacy risks in data. If sensitive information like PII, PCI, or PHI is sent to unauthorized users, Votiro will detect and mask that data while it is in-motion, so the recipient receives anonymized data.
To get to the Data Security Policies page, from the navigation pane on the left, click Settings > Data Security Policies.
The Data Security Policies page contains the following fields:
| 0 | Private Information | Select whether to analyze files for private information violation. | n | Analyze - Analyze sensitive data. Selecting this option opens the Privacy Playbooks option. |
| n | Skip - Do not analyze sensitive data. This disables the Privacy Playbooks option. |
|
| 1 | Privacy Playbooks | This option is displayed if Analyze is selected in Private Information. |
Privacy Playbooks
You can determine what sensitive data to detect and mask by creating a Privacy Playbook. You can use the default Privacy Playbook or create a Privacy Playbook using the wizard.
Default Privacy Playbook
You can use the default Privacy Playbook provided:
To modify the playbook, click the edit icon 
.
To delete the playbook, click the delete icon 
. A confirmation window opens.
Creating a Privacy Playbook using the wizard
To create a Privacy Playbook:
| 1. | In Private Information, click on Analyze. |
| 2. | In Privacy Playbooks, click on + Create Privacy Playbook. |
| 3. | The Privacy Playbook window opens: |
| 4. | Select the data to detect from the available options. There are three types of data: |
| t | PII - Personally Identifiable Information (PII) is any information connected to a specific individual that can be used to uncover that individual's identity, such as their social security number, full name, email address or phone number. |
| t | PCI - Payment Card Industry (PCI) data includes payment card processing data such as bank account number or credit card credentials. |
| t | PHI - Protected Health Information (PHI) is any information in the medical record or designated record set that can be used to identify an individual, such as blood type, for example. |
| 5. | Optionally, select Image OCR Solution if you wish to use optical character recognition to detect the selected data from a snapshot of the file containing the data. Currently, this option is available only for images within pdf files. Note that this option may affect performance. |
| 6. | You may use the Filter privacy labels box to search for selected data items. |
| 7. | After selecting the data to detect, click Next. The Privacy Playbook wizard advances to Step 2 Data to mask. For example: |
| 8. | Select which data will be masked (not displayed) in the output report. Note that there is an option to partially mask some data items such as SSN or credit card number. For example: |
| 9. | After selecting the data to mask, click Next. The Privacy Playbook wizard advances to Step 3 Minimal confidence level. |
| 10. | Select the minimal confidence level in the detected data. |
| t | Low - all data is reported (the confidence level is between 0% to 100%). |
| t | Medium - the data is reported only if the confidence level is between 50% to 100%. |
| t | High - the data is reported only if the confidence level is between 75% to 100%. |
| 11. | For example, a high level of confidence is selected: |
| 12. | After selecting the confidence level, click Next. The Privacy Playbook wizard advances to Step 4 Playbook Summary. |
| 13. | The Playbook Summary displays the data to detect at the selected minimal level of confidence and the data to mask. To accept the displayed data values and criteria, click Approve. To modify, click Go back. |
| 14. | After approving the Playbook, the Playbook is displayed in the Data Security Policies dashboard: |
| 15. | You may use the edit or delete icons to modify or delete a Playbook. |
| 16. | A maximum of three Playbooks can be created, with each at a different confidence level. For example, the screenshot below displays three Playbooks, at low, medium and high confidence levels: |
Comments
0 comments
Please sign in to leave a comment.