Data Privacy and Security
Snaps Data Classification Framework
Snaps defines entity types by contracts. Each contract specifies various attribute definitions. When a user property is created, it includes two attributes related to its data classification level.
The "dataPrivacy" attribute should be set to appropriately classify a user property into one of the following levels:
- PII - personally identifiable information
- PCI - payment card data
- HIPAA - protected health information
- Sensitive - internal information which is sensitive in nature and restricted in its use and distribution
- Application - no additional confidentiality requirements
The default classification level is Application.
Additionally, a "dataPrivacyMask" can be specified, which allows Snaps' development environment provisioning script to transform/anonymize the data.
Updated over 5 years ago