PII (Personally Identifiable Information) tags are used to identify data assets that contain personal information that could be used to identify an individual. PII tags can be used to help organizations protect personal data and comply with data privacy regulations such as GDPR and CCPA.

How to Tag PII in Secoda

By going to the data tab, you can find and quickly tag PII data in Secoda easily. To tag your PII data, go to Settings -> Data

Once you're in the Data tab, you can see all the tables and columns that Secoda has identified that may contain PII data. You can select or deselect any of these columns or tables before applying the PII tag.

Secoda identifies PII columns based on a set of keywords that match column names. Some examples include first name, last name, address etc. If you'd like to customize these key words, you can do so by clicking on the settings button by the PII columns. Note, keywords are case and space sensitive.

Governance Metadata

After tagging your data with the PII tag, these will populate in the Governance metadata column in your Catalog.

PII and Previews

Secoda offers the ability to Preview the first 50 rows of a table. If permissions are granted for Preview, any column of the table that is marked as PII will not show as part of the Preview.

This behaviour does not extend to Queries. If a query is run on a table, the results are shown exactly as returned from the Source. This means that if the query results are returned with data from columns marked as PII, the user making the query will be able to view the potentially sensitive information.

We recommend setting up the permissions for each Integration according to the governance policies for your organizational structure. Preview and Queries can be disabled for the workspace, or available to specific User Groups/Users. More information about how to set up permissions for Queries and Previews can be found in their respective documentation. Information about roles within Secoda can be found here.

Removing PII Tags

Benefits of Using PII tags

1. Enhanced data privacy: By using PII tags, organizations can identify and protect personal data, helping to ensure that it is only accessed by authorized personnel and used in accordance with data privacy regulations.

2. Improved data governance: PII tags can help organizations establish clear policies and procedures for handling personal data and ensure that they are being followed. This can improve data governance and reduce the risk of data breaches or privacy violations.

3. Enhanced data security: PII tags can help organizations identify and secure personal data, reducing the risk of unauthorized access or misuse.

4. Improved compliance: By using PII tags, organizations can demonstrate compliance with data privacy regulations and reduce the risk of fines or other penalties.