Data Rules are criteria/set of criteria that could spot sensitivity in data and defining a rule that classifies data as sensitive is the foremost step in achieving data security.
Data Rules are a gateway to adhere to compliance standards like HIPAA, PCI DSS, and GDPR using predefined criteria that encompass relevant criteria. You can also create your organization-specific Data Rule by leveraging custom criteria per your organizations' requirements.
The Data rules are created by following the steps explained below:
Step 1: On the product console, navigate to the Data Classification section in the Policies tab and select New Data Rules.
Step 2: Enter a name for the Data Rule and provide a description.
Step 3: Create a Data Rule using predefined criteria. The predefined criteria are listed under the field All, and can be searched in the field next to it.For more information about the predefined criteria, kindly refer below.
Step 4: Once appropriate criteria are selected, Save the Data Rule to associate with a policy.
Note: While searching, avoid searching criteria as initialism (like IBAN, HIPAA), but as complete words. Eg., PII won't give out any results, as Personal Identification Information lists the criteria tagged in this category.
The predefined criteria helps in classifying the sensitive data with ease and achieve the data compliance standards. For more information on how to use the data rules to meet compliance standards, kindly refer here. The various predefined criteria to create the data rules are as follows:
Note: More than one Regex pattern can be included by adding the entries.