Skip to content

Right to Privacy Policy#

This policy works on look-up principle and does static masking using literal or scheme algorithms for sensitive information such as Email, US-Phone, or US-Address, etc. Such information is encrypted in the source folder itself and considered for right to privacy.

This policy supports scan for JDBC, FileSystem and No-SQL applications.


Before applying RTP policy, the resource file should already be scanned. It doesn't work on realtime scan or offline scan.

The Right to Privacy policy has the following fields:

  • Name: This field indicates name of Right to Privacy policy.

  • Type: This field indicates type of policy.

  • Alert Level*: This field indicates alert level: High, Medium or Low.

  • Description: This field indicates description for Right to Privacy policy.

  • Status: This field indicates the status of policy i.e. enable/disable. By default it is disable.

  • Application: This field indicates the name of application.

  • Lookup File Location: Resource files records are looked up against the fields given in the lookup file. If the tag is matched, then the value of the field in the resource file will be encrypted. Ensure that the header of the lookup file must be the header of the tag to be searched.

  • Archive Location: This field indicates location where a copy of the input file is kept before any tagged records are expunged from it.

  • Search for tags: In this field, policy will find the data based on added tags.

  • Apply Encryption Schemes: This field populated with the list of scheme name which have been added under Scheme section of the application. To view the schemes, click and expand the Encryption & Masking from left menu, and then select the Schemes.

  • Use LITERAL: If Use LITERAL is enabled, then the sensitive values are replaced with literals for scheme in the resource file.

  • Auto Run: If Auto Run is enabled, then the RTP policy is executed after a given interval of time.

Here is an example of the Right to Privacy policy:

  • In the Lookup File Location field, add .csv file and it should include which sensitive data need to expunge from resources based on tags. For example: File name is input.csv file with EMAIL tag (, PERSON_NAME tag (Alex).

  • Now, while scanning if “” tagged with EMAIL tag and “Alex” tagged with PERSON_NAME tag then this row will be considered for Right to Privacy.

Last update: August 24, 2021