Advanced PII Redaction feature automatically detects and redacts sensitive information from requests before they reach the LLM. This feature works seamlessly with our entire guardrails ecosystem, providing an additional layer of security for your AI interactions.

Enabling PII Redaction

On the Guardrail creation page, for select PII guardrails, you will see a Redact PII toggle. Just enable it to start redacting PII in your requests.

Guardrails Support

PII redaction is supported across 5 guardrail providers:

Portkey Pro PII

Redact Phone number, Email addresses, Location information, IP addresses, Social Security Numbers (SSN), Names, Credit card information from requests

AWS Bedrock Guardrails

You can select from a list of predefined PII or define a custom sensitive-information type using regular expressions (RegEx) and redact PII.

Azure Guardrails

Advanced detection of personally identifiable information (PII) and protected health information (PHI) to safeguard sensitive data.

Patronus AI

Based on Patronus’s EnterprisePII dataset, this guardrail can detect and redact confidential information typically found in business documents like meeting notes, commercial contracts, marketing emails, performance reviews, and more

Pangea

Pangea’s redact feature can redact PII like geographic locations, payment card industry (PCI) data, and many other types of sensitive information, with support for rule customization

Promptfoo

Promptfoo helps detect multiple PII exposures - in session data, via social engineering, or a direct exposure.

How It Works

  1. Detection: When enabled, the system scans incoming or outgoing requests for PII using the configured guardrail provider.
  2. Redaction: Detected PII is automatically replaced with standardized identifiers:
    • Email addresses → {{EMAIL_ADDRESS_1}}, {{EMAIL_ADDRESS_2}}, etc.
    • Phone numbers → {{PHONE_NUMBER_1}}, {{PHONE_NUMBER_2}}, etc.
    • And similar patterns for other PII types
  3. Processing: The redacted request is then forwarded to the LLM, ensuring sensitive data never reaches the model.
Example: 
Original Request:
"Hi, you can reach me at john@example.com or 555-0123"

Redacted Request:
"Hi, you can reach me at {{EMAIL_ADDRESS_1}} or {{PHONE_NUMBER_1}}"

Monitoring PII Redaction

You can track request transformations through two key indicators in the request/response body:
  1. transformed boolean flag: Indicates whether any redaction occurred
  2. check_results object: Contains detailed information about specific transformations

Best Practices

  1. Gradual Implementation:
    • Start by enabling the feature for a subset of requests
    • Monitor the logs and transformation results
    • Gradually expand coverage after validation
  2. Regular Monitoring:
    • Review transformation logs periodically
    • Validate that sensitive information is being caught appropriately
  3. Documentation:
    • Maintain records of what types of PII you’re scanning for
    • Document any specific compliance requirements being addressed

Security Considerations

  • Redaction is irreversible by design
  • Original PII storage and handling varies by guardrail provider
  • The feature can be applied to both input and output content
Compliance Implications This feature can help organizations meet various compliance requirements by:
  • Preventing accidental exposure of sensitive data to LLMs
  • Providing audit trails of PII handling
  • Supporting data minimization principles
  • Enabling systematic PII management across AI operations

Limitations

  • Redaction patterns are not customizable
  • Transformation is one-way (non-reversible)
  • Performance may vary based on chosen guardrail provider

Troubleshooting

If you experience issues:
  1. Verify the feature is enabled in your guardrails configuration
  2. Check the transformed flag and check_results for specific transformation details
  3. Review logs for any error messages or unexpected behavior
  4. Contact us here for additional assistance

FAQs