Configure an anonymization policy to specify which techniques are used when
anonymizing your data.
Before you begin
The data privacy configuration defines tables, sys_user and other, and columns to the
de-identified, depending on the use case and specifies parameterized types of the
techniques to be used while de-identifying data.
Note: To complete a privacy configuration, you must first configure a data privacy technique configuration. See
Create anonymization techniquesfor more information.
Role required: data_privacy_admin and admin
Procedure
-
Elevate to the data_privacy_admin role.
-
Navigate to .
All anonymization policies display. Published policies are available to schedule the anonymization job.
-
Select Create new policy.
-
Select to either anonymize Data tables or columns, User specific data, or Real time data.
| Data Type |
Description |
| Data tables or columns |
Records that match the data policy will be anonymized. |
| User specific data |
Select a set of users or user groups to be anonymized. |
| Real time data |
Anonymize real time entries for a set of columns. |
Data privacy policies can only apply to classified data, for more information on data classification, see Data classification.
-
Select Create.
There are sequential steps required to complete the policy, Define detailsand Assign techniques. Select user reference is also required when
defining the policy for user specific data.
-
Define the details for the new anonymization policy.
- Enter the policy name in the Name field, and the policy description in the Description field.
- Define what channels automatically activate the policy and the channel priority in Activation Channels
- In the Data Class field, select the data class to use with this policy.
- Turn on or off real time data anonymization. See Step 8 if real time data anonymization is on
Note: If you are not anonymizing an entry, select the DoNothing technique rather than leaving the entry empty. Policies with empty values in the Privacy Technique Configuration field cannot execute when
used in data privacy jobs.
After selecting a data class, the Assign techniques form displays for each record returned for the defined data class.
-
Assign anonymization techniques for the selected data class.
| Option | Description |
|---|
| Select Bulk Assign Techniques
|
Applies anonymization to all data records in the chosen data class. Select the data type and the anonymization technique to apply to all entries with the selected data type. Repeat this step for additional bulk
assignments of different data types. See Supported field types for anonymization for a list of data types.
|
| Select an anonymization technique for each data column record |
Your data privacy processor users can choose which records to anonymize when creating data privacy jobs. Individually apply anonymization to each data record in the chosen data class. |
- Optional:
Enter child tables to be scanned.
Child tables of the parent will be anonymized, if a table has no children this option will not be available.
Warning: A parent job will fail if a child job fails.
- Optional:
If Data Pattern Anonymization is selected, select the anonymization technique to be used.
- Optional:
Set the ordering for data patterns.
- Optional:
Tip: Use the Test feature to test sample inputs. You can review metrics from the result like scan time, result, and discovered patterns.
Select the Test button to test the policy.
-
Important: All tables must have a correct sys_dictionary entry.
Select Save.
-
Select Publish to update the anonymization policy for scheduling and be returned to Anonymization policies.
Note: Only published policies can be used for anonymization job scheduling.