Data Privacy (PII Redaction)

Every enterprise AI application that processes real-world data is a potential privacy risk. Customer support bots receive messages containing medical symptoms, account numbers, and social security numbers. RAG systems ingest HR files, legal contracts, and financial records full of sensitive personal data. Coding assistants are fed production database dumps containing live customer records. Without active PII controls, this sensitive data flows into model context windows, gets logged in observability platforms, and may be transmitted to third-party API providers — creating regulatory exposure that legal and compliance teams are increasingly scrutinizing.

PII redaction operates at multiple stages in the AI pipeline. **Pre-processing redaction** strips PII from documents and user inputs before they are sent to the model — replacing "John Smith at john.smith@example.com" with "[PERSON] at [EMAIL]". **Pseudonymization** replaces real values with consistent tokens that can be reversed by an authorized service, preserving semantic relationships (useful for entity resolution tasks) without exposing raw data. **Synthetic data generation** replaces entire sensitive datasets with realistic but fictitious data for development and testing. **Output filtering** scans model responses for PII that may have been reconstructed or leaked from the training data.

The compliance calculus is straightforward: under GDPR, sending unredacted personal data to a third-party LLM provider likely constitutes a data transfer requiring a Data Processing Agreement (DPA) and potentially violates data minimization principles. Under HIPAA, any PHI in an AI pipeline requires a signed BAA with every vendor in the chain. Enterprise teams should map every data flow in their AI stack, identify where PII can enter, and enforce redaction at the earliest possible point — before data leaves the enterprise perimeter.