Data Protection Templates
Organizations may need to protect specific data types either by contractual obligation or to protect intellectual property. These are the recommended configurations to protect these data types.
Depending on the type of healthcare organization, disclosure of personal information may disclose health status (e.g., a sufficiently uniquely named person going to a health provider like an AIDS clinic would likely disclose the person’s PHI).
Other detectors that exist are not recommended for use for the above compliance frameworks.
For all use cases, Nightfall recommends:
- Scoping should cover all locations where the sensitive data should not be disclosed
- Tune and amend rules over time in accordance with your violations and data.
- Upgrade your rules from Basic to Advanced as needed.
- Please report any false positives to [email protected]. We will use your reports to improve our ML models.