Data Redaction
Opt-in service
Data redaction is currently an opt-in service. If you are interested in enabling this functionality, contact your BigPanda account team.
Ensure your private data stays secure using the data redaction service. With data redaction, you can remove sensitive data types, including PII, PHI, and PCI from your information, giving you confidence that your confidential data remains exclusively within your approved channels.
Enabling this service will strengthen your data protection by automatically identifying and removing sensitive information. This ensures your established access controls remain effective while maintaining compliance with applicable regulatory data handling requirements.
How it works
The data redaction service operates through a third-party SaaS subprocessor that integrates with the BigPanda platform. This partner maintains compliance with key frameworks, including PCI, GDPR, and CCPA, while also meeting HIPAA privacy and security requirements.
The data redaction service seamlessly integrates with BigPanda and meets all data security requirements of the platform.
Seamless integration - there is no change to how you integrate with the platform. BigPanda APIs will not change as the data flow occurs with the third-party vendor.
Customer segregation - each BigPanda customer has their own data privacy vault with customer-specific keys where identification and redaction takes place. No data is shared between customers.
Data processing and storage - data processing and redaction takes place in the data privacy vault. Once the process is complete, redacted data is then transmitted to BigPanda. Data containing sensitive information is not recoverable.
Data types
Data being transmitted to the BigPanda platform is identified as either Observability Data or Non-Observability Data:
Observability data is machine-generated, making it more structured, controlled, and predictable. This type of data generally does not contain sensitive information governed by privacy frameworks, such as personal or financial details or other regulated data types.
Non-observability data includes human-generated content that is less structured and predictable than machine-generated data. This creates a potential risk that sensitive information, including personal details, financial information, or other regulated data, could be included.
The data redaction service is configured to detect a default set of non-observability data types for redaction. Data that matches these types will be completely redacted and unrecoverable.
Those data types include information such as:
PCI - Bank account or credit card number, etc.
PHI - Healthcare number
PII - Passport number, Social Security number, driver license, address, etc.
Account Information - Username, password, secrets, encryption/API keys, AWS AKIA keys, etc.
Configuration
To begin using the service, download and set up the appropriate BigPanda Context Sync App Connector from the Marketplace.
Once the BigPanda Context Sync App Connector setup is complete please reach out to your account team to opt-in for Data Redaction.
Once enabled, the data redaction process is as follows:
Customer data is transmitted via existing integrations with BigPanda APIs. There is no change to our APIs as a result of implementing this service.
BigPanda redirects the transmitted data to your organization's dedicated data privacy vault.
Incoming data is identified and redacted.
The identification and redaction service adds a redacted version to the data privacy vault.
The redacted version is transmitted back to BigPanda for processing.
Both original and redacted versions of the dataset are deleted.