PII (Personally Identifiable Information) Masking Guide
What is PII Masking?
PII masking is a security feature that hides sensitive user information, such as names, addresses, and phone numbers, with asterisks (********), making it unreadable to unauthorized users.
When does PII Masking Happen?
- Users input data into fields containing PII when creating tasks/contacts.
- PII fields are automatically masked when the task/contact status changes from draft to created.
- Masking displays PII fields as asterisks in both draft and detail views.
Editing Permissions:
- Users can only edit PII fields while the task/contact is in draft status.
- Once the task/contact is created, users cannot modify PII fields and will see masked representations.
- Admins with full access privileges can edit or view PII fields through the admin portal.
Error Handling:
- Mobile users without proper access permissions will not be able to edit masked fields.
Permissions and Logging:
- Users with appropriate role permissions (edit and view) for PII fields can perform actions on them.
- All actions performed on PII masked fields will be logged for security purposes.
Phone Number Masking:
- Masking applied to phone number fields allows users to initiate cloud calls but not normal phone calls.
Security Measures:
- PII masking follows strict security protocols to ensure the confidentiality and integrity of sensitive user information.
Format for Masking:
- If the field value has 4 characters or fewer, mask it with "****".
- If the field value has 5 to 8 characters, mask the first four characters with "****" and display the remaining characters.
- If the field value has 9 to 12 characters, mask the first five to eight characters with asterisks and display the remaining 4 characters.
Assumptions:
- If any field contains collection data, the data will be masked regardless of the task's status.
- If a field contains collection data, but it's empty or null, and the user enters data, any subsequent transactions will also mask the field data if collection data is present in the metadata.
- If a field's length is less than 4 characters, it will be masked as "****".
How to enable PII in URVA?
- In form editor, open any form field.
- Go to Validations and then click Enable PII.
The data will be masked as below on web and mobile
Related Articles
View, Create & Update Hierarchy
URVA users can create a hierarchy and map that hierarchy to the users accordingly so that they can view the data according to the hierarchy. Create Hierarchy one by one: From URVA home page, go to the Admin settings. Click Hierarchy under the ...Map template with an Activity
Map any template with an activity form following these steps: From URVA Home page, under Admin settings go to Basic Setup and click on Templates. Click on the + New Template to add a new template and select any template type such as PDF, SMS, ...Create different templates on URVA
One can create a template for notifications to be sent to any user or customer via SMS, Email, WhatsApp or a push notification. Create templates by following the steps mentioned below: From URVA home page, go to Admin Settings and then click on ...