Definition
The automated process of identifying and obscuring sensitive personal information—such as names, addresses, and identifiers—within user prompts or retrieved context chunks before they are transmitted to an LLM provider. This serves as a critical security layer in RAG pipelines to ensure compliance with data privacy regulations like GDPR and HIPAA.
In-flight privacy filtering for AI prompts, not static database masking.
"A security officer using a black marker to strike out names on a classified memo before handing it to an outside consultant."
- NER (Named Entity Recognition)(Prerequisite)
- Data Leakage(Prevention Goal)
- Anonymization(Methodology)
- Zero-Retention Policy(Policy Context)
Conceptual Overview
The automated process of identifying and obscuring sensitive personal information—such as names, addresses, and identifiers—within user prompts or retrieved context chunks before they are transmitted to an LLM provider. This serves as a critical security layer in RAG pipelines to ensure compliance with data privacy regulations like GDPR and HIPAA.
Disambiguation
In-flight privacy filtering for AI prompts, not static database masking.
Visual Analog
A security officer using a black marker to strike out names on a classified memo before handing it to an outside consultant.