How to Redact Sensitive Information

Overview

To ensure the protection of confidential data and maintain compliance with privacy standards such as HIPAA, BoldDesk provides a feature to redact sensitive information in tickets. This is achieved by defining redaction rules that automatically identify and obscure sensitive content.

Redaction allows teams to continue their work seamlessly while ensuring that sensitive data is not exposed or retrievable by unauthorised individuals.

Scope of redaction

Redaction rules apply specifically to the following areas within a ticket:

• Subject
• Responses
• Activity logs

Types of sensitive information that can be redacted

The system supports redaction of various types of sensitive data, including but not limited to:

• Credit card numbers
• Social Security Numbers (SSN)
• Phone numbers
• Email addresses

—

HIPAA compliance

Redaction is highly recommended when HIPAA compliance is enabled. However, this feature can also be used independently for general communication to enhance data privacy.

Data storage and retrieval

Once data has been redacted:

• The sensitive data is stored in the database in its redacted form.
• Original data cannot be retrieved after redaction.

This ensures that even internal users with database access cannot view the original sensitive information.

Best practices

• Enable redaction proactively, even if HIPAA is not currently required, to maintain a high standard of privacy.