Managing Personally Identifiable Information

Overview on managing personally identifiable information (PII).

Data governance policies often require more tightly controlled access to Personally Identifiable Information (PII) than to other data. PII can include information such as phone numbers, social security numbers, credit or bank account numbers, and addresses.

MarkLogic Data Hub enables you to easily restrict access to PII in your harmonized data using the Element Level Security (ELS) feature of MarkLogic, using the following steps:
  1. Designate properties as PII in your entity model.
  2. Deploy your model to your FINAL database.
  3. Use Data Hub to generate a security configuration that restricts access to the PII properties to users with the pii-reader security role.
  4. Deploy the security configuration to your FINAL database.
After the configuration files are deployed,
  • Only users with the pii-reader role will be able to view PII properties in harmonized documents that they are allowed to view.
  • When the document is displayed to users who do not have the "pii-reader" role, PII properties are omitted entirely (i.e., neither property names nor values are visible).