Personally Identifiable Information (PII) protection is critical for AI systems to prevent privacy breaches and ensure compliance. There can be two ways to deal with PII:

  1. Validate: Validate the input and reject the input if it contains PII. (raise a 400 error)
  2. Mutate/Mask: Mask the PII data in the input. (replace the PII data with a placeholder)

Example of PII Data

Input: "My name is John Smith, SSN is 123-45-6789, email john@company.com"
Output: "My name is {REDACTED} SSN is {REDACTED}, email {REDACTED}"

Types of PII Data

  • Direct identifiers: Names, Social Security numbers, driver’s license numbers, passport numbers
  • Contact information: Email addresses, phone numbers, home addresses
  • Financial data: Credit card numbers, bank account details, routing numbers
  • Biometric data: Fingerprints, facial recognition data, voice prints
  • Digital identifiers: IP addresses, device IDs, online usernames

Available Integrations on Truefoundry

You can handle PII data by using any of the following integrations:

AWS Bedrock Guardrails

  • Offers sensitive information filters to detect and handle PII in input prompts or model responses.
  • Supports blocking or masking PII.
  • Allows custom regex patterns for specific use cases.
  • Read how to configure AWS Bedrock Guardrails on TrueFoundry here.

Azure PII Detection Services

  • Utilizes machine learning and AI algorithms to identify and redact sensitive information using Named Entity Recognition (NER).
  • Supports text, conversation, and document PII detection.
  • Offers options for masking detected entities.

Guardrails AI Integration

  • Provides a PII filter that validates text to ensure it does not contain PII.
  • Uses Microsoft’s Presidio for detection.
  • Supports various PII entities.
  • Offers programmatic fixes for anonymization.

Enkrypt AI Protection

  • Focuses on removing vulnerabilities in AI applications with customizable guardrails for PII detection and redaction.
  • Supports domain-specific requirements.
  • Ensures compliance with regulatory frameworks.

Custom PII Detection and Masking

  • Build your own PII detection logic with custom webhook endpoints.
  • Use presidio library or run a custom model internal to your enterprise.
  • Read how to configure Custom PII Detection and Masking on TrueFoundry here.