Compliance with laws such as HIPAA (for health care information) and standards
such as PCI (for the payment card industry) require not only de-identifying
(or encrypting) personal information, but verifying
that you de-identified (or encrypted) it. The United States Congress will
likely continue to strentghen data privacy laws for retailers and financial institutions
to prevent breaches of privacy and identity theft.
Solutions:
For detection control, you can review the field-level protections specified in the self-documenting,
human-readable job scripts used in IRI's FieldShield and CoSort (SortCL) software.
For proof, you can log all jobs to a query-ready
XML audit file. The audit trail contains the job script, which shows
the protection technique(s) applied to each field in each table or file processed.
The log also contains other job metadata, like the:
• protection library function(s) used
• encryption keys or de-ID codes
• input and output tables or files
• user who ran the job
• job start and end times
• number of records processed
For prevention control, you can review FieldShield or SortCL job scripts to
validate a developer’s protections of output fields prior to execution.
For example, to mask the SSN field in a payroll feed, a developer can modify target table or file
fields in a FieldShield or SortCL job script with a few clicks. This modification can be one of many available protections:
• field-level encryption
• anonymization and pseudonymization
• de-identification and re-identification
• field redaction
As a compliance officer, you can see the protection(s) in each self-documenting job script. Once approved, the job can be saved or run on the local or any remote server running FieldShield or CoSort.
After execution, the job script can be isolated and protected for re-use in production.
Case Studies
White Papers
