Open paolodamico opened 2 years ago
clarkus
commented
2 years ago We could allow admins to identify certain properties as PII sensitive.
Could this be part of the structuring and management features of taxonomy (https://github.com/PostHog/posthog/issues/7589)? I imagine finding the property in question, flagging it as PII. That flag automatically restricts the event and its data to only specific user roles.
paolodamico
commented
2 years ago That could certainly be a great way to start on this! I do think proactively suggesting properties that may contain PII based on value patterns or attribute names would be quite important, but what you suggest sounds like a great starting point
posthog-bot
commented
6 months ago This issue hasn't seen activity in two years! If you want to keep it open, post a comment or remove the stale label – otherwise this will be closed in two weeks.
Is your feature request related to a problem?
Split out from #7620. As requested by some enterprise customers, some team members should be able to run analytics on PostHog freely but without having access to PII from end users (as it's not required and it can be a liability/compliance issue).
Describe the solution you'd like
Have a role that has no access to PII. They either don't see attributes that contain PII or see redacted data. The way to identify PII is tricky, we could rely on common regex patterns for stuff like emails, SSNs, ... but there's other stuff that's difficult to detect. We could allow admins to identify certain properties as PII sensitive.
Describe alternatives you've considered
Additional context
Thank you for your feature request – we love each and every one!