Overview
The data leakage leakage policy detects and anonymizes Personally Identifiable Information (PII) and other types of sensitive data in text. It targets sensitive data such as credit card numbers, names, locations, social security numbers, phone numbers, and financial data. For example:Raw prompt: “My credit card number is 1234 5678 9012 3456.” Prompt passed to LLM: “My credit card number is [REDACTED_CREDIT_CARD]”This showcases the policy’s ability to identify and secure PII, keeping sensitive information confidential.
Guardrail details
The policy combines built-in entity detection with custom pattern options: Built-in Entity Detection- Purpose: Identifies common PII types like
CREDIT_CARD
,EMAIL_ADDRESS
,PHONE_NUMBER
, etc. - Customization: Choose which entities to detect by specifying them in the
entities
section in the policy configuration.
- Regex Patterns:
- Use: Captures complex patterns not covered by standard entities.
- Example: ZIP code identification.
- Configuration: Use the
regex
key in thepatterns
section.
- Deny List:
- Use: Blocks specific terms or phrases.
- Example: Preventing titles like ‘Mr.’ or ‘Mrs.’.
- Configuration: Defined under
deny_list
in thepatterns
section.