Sensitive Data Discovery
When enabled on the Immuta app settings page, this feature automatically identifies and tags columns based on the data within when the data source is created; this detection is based on a small sample of underlying data, which remains in the users' network.
Built-in discovered tags
Immuta is pre-configured with a set of these tags that can be used to write global policies before data sources even exist. See a list of the built-in Discovered tags below and the Built-in identifier reference page for information about where these tags will be applied.
Country tags
All the tags below belong to the Country parent. For example, the full tag name will appear as
Discovered . Country . Argentina.
| Child tag name | Description |
|---|---|
| Argentina | This tag is applied to data recognized as specific to Argentina (e.g. an Argentina National Identity Number). |
| Australia | This tag is applied to data recognized as specific to Australia (e.g. an Australian Medicare number, Australian passport number, or Australian Tax File number). |
| Belgium | This tag is applied to data recognized as specific to Belgium (e.g. a Belgium National ID card). |
| Brazil | This tag is applied to data recognized as specific to Brazil (e.g. a Brazil CPF number). |
| Canada | This tag is applied to data recognized as specific to Canada (e.g. a British Columbia PHN, Canadian driver's license number, OHIP string, Canadian passport number, Quebec's HIN, or Canadian Social Insurance number). |
| Chile | This tag is for data specific to Chile. |
| China | This tag is for data specific to China. |
| Colombia | This tag is for data specific to Colombia. |
| Denmark | This tag is applied to data recognized as specific to Denmark (e.g. a Denmark CPR or Person-number). |
| Finland | This tag is applied to data recognized as specific to Finland (e.g. a Finland National ID number). |
| France | This tag is applied to data recognized as specific to France (e.g. a French National ID card number, France National ID number, or French passport number). |
| Germany | This tag is applied to data recognized as specific to Germany (e.g. a German driver's license number or a Germany Identity Card number). |
| Hong Kong | This tag is for data specific to Hong Kong. |
| India | This tag is for data specific to India. |
| Indonesia | This tag is for data specific to Indonesia. |
| Japan | This tag is for data specific to Japan. |
| Korea | This tag is for data specific to Korea. |
| Mexico | This tag is for data specific to Mexico. |
| Netherlands | This tag is for data specific to Netherlands. |
| Norway | This tag is for data specific to Norway. |
| Paraguay | This tag is for data specific to Paraguay. |
| Peru | This tag is for data specific to Peru. |
| Poland | This tag is for data specific to Poland. |
| Singapore | This tag is for data specific to Singapore. |
| Spain | This tag is applied to data recognized as specific to Spain (e.g. a Spanish driver's license number, Spain Foreigner Identification number, Spain Tax Identification number, or Spanish passport number). |
| Sweden | This tag is applied to data recognized as specific to Sweden (e.g. a Sweden National ID number or Swedish passport number). |
| Taiwan | This tag is for data specific to Taiwan. |
| Thailand | This tag is applied to data recognized as specific to Thailand (e.g. a Thailand National ID number). |
| Turkey | This tag is for data specific to Turkey. |
| UK | This tag is applied to data recognized as specific to United Kingdom (e.g. a United Kingdom driver's license number, United Kingdom National Insurance number, United Kingdom passport number, or United Kingdom Taxpayer Reference number). |
| Uruguay | This tag is for data specific to Uruguay. |
| US | This tag is applied to data recognized as specific to the U.S. (e.g. an FDA code, United States ATIN, ABA routing number, DEA number, United States driver's license number, United States EIN, United States NPI number, United States ITIN, United States passport number, United States Preparer Taxpayer ID number, United States SSN, United States territory or state, or United States toll-free phone number). |
| Venezuela | This tag is for data specific to Venezuela. |
Entity tags
All the tags below belong to the Entity parent. For example, the full tag name will appear as
Discovered . Entity . Aadhaar Individual.
| Child tag name | Description |
|---|---|
| Aadhaar Individual | This tag is for Aadhaar Individual numbers. |
| Adoption Taxpayer ID Number | This tag is applied to data recognized as a United States Adoption Taxpayer Identification number. |
| Age | This tag is applied to data recognized as an age. |
| Bank Account | This tag is for bank account numbers. |
| Bank Routing MICR | This tag is applied to data recognized as an American Bankers Association routing number. |
| Bankers CUSIP ID | This tag is for CUSP identification numbers for stocks and bonds. |
| British Columbia Health Network Number | This tag is applied to data recognized as British Columbia's Personal Health Number. |
| BSN Number | This tag is for Netherlands citizen service numbers. |
| CDC Number | This tag is for CDC numbers. |
| CDI Number | This tag is for CDI numbers. |
| CIC Number | This tag is for CIC numbers. |
| CNI | This tag is applied to data recognized as a French National ID card number. |
| CPF Number | This tag is applied to data recognized as Brazil's CPF number. |
| CPR Number | This tag is applied to data recognized as Denmark's Personal Identification number. |
| Credit Card Number | This tag is applied to data recognized as a credit card number. |
| CURP Number | This tag is for Mexican CURP numbers. |
| CRYPTO | This tag is applied to data recognized as a Bitcoin Invoice Address. |
| Date | This tag is applied to data recognized as a date. |
| Date of Birth | This tag is applied to data recognized as a date of birth. |
| DEA Number | This tag is applied to data recognized a the DEA number of a healthcare provider. |
| DNI Number | This tag is applied to data recognized as an Argentina National Identity number. |
| Domain Name | This tag is applied to data recognized as a domain. |
| Driver's License Number | This tag is applied to data recognized as driver's licenses numbers from Canada, Germany, Spain, United Kingdom, or the United States. |
| Electronic Mail Address | This tag is applied to data recognized as an email address. |
| Employer ID Number | This tag is applied to data recognized as an Employer Identification number from the United States. |
| Ethnic Group | This tag is applied to data recognized as an ethnic group. |
| FDA Code | This tag is applied to data recognized as the code of a drug or ingredient registered with the FDA. |
| Gender | This tag is applied to data recognized as a gender. |
| GST Individual | This tag is for Indian GST individual numbers. |
| Healthcare NPI | This tag is applied to data recognized as a United States National Provider Identifier number. |
| IBAN Code | This tag is applied to data recognized as an International Bank Account number. |
| ICD10 Code | This tag is applied to data recognized as an ICD10 code from the International Statistical Classification of Diseases and Related Health Problems. |
| ICD9 Code | This tag is for ICD9 codes from the International Statistical Classification of Diseases and Related Health Problems. |
| ID Number | This tag is for any ID number. |
| Identity Card Number | This tag is applied to data recognized as an identity card number from Germany. |
| IMEI | This tag is applied to data recognized as an International Mobile Equipment Identity number. |
| Individual Number | This tag is for any individual number. |
| Individual Taxpayer ID Number | This tag is applied to data recognized as a United States Individual Taxpayer Identification Number. |
| IP Address | This tag is applied to data recognized as an IP address. |
| Location | This tag is applied to data recognized as a country, state, address, or municipality. |
| MAC Address | This tag is applied to data recognized as a Media Access Control address. |
| MAC Address Local | This tag is applied to data recognized as a local Media Access Control address. |
| Medicare Number | This tag is applied to data recognized as a Medicare number from Australia. |
| National Health Service Number | This tag is for national health service numbers. |
| National ID Card Number | This tag is applied to data recognized as a national ID card number from Belgium. |
| National ID Number | This tag is applied to data recognized as a national ID number from Finland, Sweden, and Thailand. |
| National Insurance Number | This tag is applied to data recognized as a United Kingdom national insurance number. |
| National Registration ID Number | This tag is for national registration ID numbers. |
| NI Number | This tag is for Norway NI numbers. |
| NIE Number | This tag is applied to data recognized as a Spanish Foreigner Identification number. |
| NIF Number | This tag is applied to data recognized as a Spanish Tax Identification number. |
| NIK Number | This tag is applied to data recognized as an Indonesian personal identification number (NIK). |
| NIR | This tag is applied to data recognized as France's National ID number. |
| Ontario Health Insurance Number | This tag is applied to data recognized as part of an Ontario Health Insurance Plan string. |
| PAN Individual | This tag is for PAN Individual numbers. |
| Passport | This tag is applied to data recognized as a passport number from Australia, Canada, France, Spain, Sweden, United Kingdom, and United States. |
| Person Name | This tag is applied to data recognized as people's names. |
| PESEL Number | This tag is for Poland PESEL numbers. |
| Postal Code | This tag is applied to data recognized as a United States zip code. |
| Preparer Taxpayer ID Number | This tag is applied to data recognized as a Preparer Taxpayer ID number. |
| Quebec Health Insurance Number | This tag is applied to data recognized as a Quebec Health Insurance Number. |
| Resident ID Number | This tag is for China Resident ID numbers. |
| RRN | This tag is for Korea Resident Registration numbers. |
| Social Insurance Number | This tag is applied to data recognized as a Canadian Social Insurance number. |
| Social Security Number | This tag is applied to data recognized as a United States Social Security Number. |
| State | This tag is applied to data recognized as a state of the United States. |
| Swift Code | This tag is applied to data recognized as a SWIFT code. |
| Tax File Number | This tag is applied to data recognized as an Australian Tax File number. |
| Taxpayer ID Number | This tag is applied to data recognized as Taxpayer ID numbers from the United States. |
| Taxpayer Reference | This tag is applied to data recognized as United Kingdom Taxpayer Reference numbers. |
| Telephone Number | This tag is applied to data recognized as a phone number. |
| Tollfree Telephone Number | This tag is applied to data recognized as a United States toll-free phone number. |
| URL | This tag is applied to data recognized as a URL. |
| Vehicle Identifier or Serial Number | This tag is applied to data recognized as a VIN. |
Identifier tags
None of the tags below have an additional parent or child tag. For example, the full tag name will appear as
Discovered . Identifier Direct.
| Tag name | Description |
|---|---|
| Identifier Direct | This tag is applied to data recognized as a direct identifier that can be uniquely associated with an individual. Examples of direct identifiers include: name, username, email, official individual identification numbers such as passport or identity card numbers, or privately issued individual identification numbers such as a student ID. |
| Identifier Indirect | This tag is applied to data recognized as an indirect identifier that is not uniquely associated with an individual. However this indirect identifier could become distinguishable when combined with other attributes. Examples of indirect identifiers include: age and affinity. |
| Identifier Undetermined | This tag is applied to data which could be an identifier associated with an individual. |
Personal information tags
None of the tags below have an additional parent or child tag. For example, the full tag name will appear as
Discovered . PCI.
| Tag name | Description |
|---|---|
| PCI | This tag is applied to data recognized as payment card information. |
| PHI | This tag is applied to data recognized as personal health data. |
| PII | This tag is applied to data recognized as personally identifiable information. |
Enable SDD
Only application admins have the option to enable sensitive data discovery on the Immuta app settings page. However, users can disable auto-tagging on a data-source-by-data-source basis, and governors can disable any unwanted “Discovered” tags in the Immuta application to prevent them from being used and auto-detected in the future.
Customize sensitive data discovery (public preview)
Users can configure SDD to customize what data is detected and what tags are applied to that data. For details, navigate to the Configure sensitive data discovery page.
Considerations
- SDD does not run on data sources with over 1600 columns.
- Deleting the built-in Discovered tags is not recommended: If you do delete built-in Discovered tags and use SDD, when the identifier is detected, the column will not be tagged. Tags can be disabled on a column-by-column basis from the data dictionary, or SDD can be turned off on a data-source-by-data-source basis when creating a data source.