To protect sensitive data such as personally identifiable information (PII), organizations should consider data masking, pseudonymization, or anonymization. These tools conceal sensitive data and ensure privacy by disconnecting PII and the user’s identity. However, when using these techniques, it is important to have data pseudonymized or anonymized to prevent indirect identification of individuals. Other data masking tools include encryption, deleting characters, numbers and dates, and substitution. When using data masking techniques, access controls should be designed to display just the minimum required data, and obfuscation mechanisms should be put in place to hide data from users with certain roles. Credit card masking information should also be considered. Lastly, it is important to consider access controls, agreements or prohibitions on usage, and tracking the provision and receipt of processed data to ensure the protection of sensitive information.
Conformance1
Tools for conforming to standards, goals and processes
