# Deidentification## OverviewDeidentification protects sensitive information by automatically detecting and masking personal data. This is essential for compliance with regulations like HIPAA (healthcare) and GDPR (European data protection).## Key Concepts### PII (Personally Identifiable Information)Information that can identify an individual: names, addresses, phone numbers, email addresses, social security numbers, etc.### PHI (Protected Health Information)Health-related information protected under HIPAA: medical records, diagnoses, treatment information, health insurance details, etc.### Replacement TextWhen sensitive data is detected, it's replaced with configured text (e.g., "[REDACTED NAME]" or "[PATIENT]").## Managing RulesNavigate to Governance → Deidentification:The Rules tab displays all deidentification rules in a table:* Name: Rule identifier
- Type: What kind of data it detects
- Category: PII or PHI (shown as colored badges)
- Status: Toggle to enable/disable### Editing a Rule1) Click the rule row to select it
- View the replacement text in the right panel
- Modify the replacement as needed
- Click Save Rules to apply changes## Managing DictionariesDictionaries enhance detection accuracy with custom word lists:1) Switch to the Dictionary tab
- Select a dictionary type (Names, Companies, Products, etc.)
- Add entries:
- Type the word in the input field
- Press Enter or click the "+" button
- View entries in the table below
- Remove entries by clicking the trash icon### When to Use DictionariesUse dictionaries for:* Uncommon names not in standard databases
- Company-specific terms
- Product names
- Domain-specific vocabulary## Practical Application**Example workflow for healthcare data:**1) Enable the Names rule
- Set replacement to
[PATIENT]
- Add any uncommon patient names to the Names dictionary
- Enable Medical Record Number rule
- Set replacement to
[MRN]
- Save all rulesNow when documents are processed, sensitive information is automatically masked.## Compliance Benefits* HIPAA: Protect patient health information
- GDPR: Comply with European data protection requirements
- Industry Standards: Meet data handling requirements for finance, legal, and other regulated industries---Related: Data Lakes | Projects