Compliance Templates
Organizational compliance is one of the leading drivers that require DLP tooling such as Nightfall. These are the recommended configurations for each compliance framework.
Configuration | Considerations |
|---|---|
| For greater rigor, set on each of your locale’s detection rules alongside the Person Name detector configured to trigger with All Detectors, per:  |
Configuration | Considerations |
|---|---|
| Depending on the type of healthcare organization, disclosure of personal information may disclose PHI (e.g., a sufficiently uniquely named person going to a health provider like an AIDS clinic would likely disclose the person’s PHI). |
Configuration | Considerations |
|---|---|
| For greater rigor, set on each of your locale’s detection rules alongside the Person Name detector configured to trigger with All Detectors, per:  |
Configuration | Considerations |
|---|---|
| |
Configuration | Considerations |
|---|---|
| |
Configuration | Considerations |
|---|---|
| |
Other detectors that exist are not recommended for use for the above compliance frameworks.
For all use cases, Nightfall recommends:
- Scoping should cover all locations where the sensitive data should not be disclosed
- Tune and amend rules over time in accordance with your violations and data.
- Consider increasing the number of detections required before triggering an alert - more findings often mean higher confidence.
- Upgrade your rules from Basic to Advanced as needed.
- Please report any false positives to [email protected]. We will use your reports to improve our ML models.