PII Redaction Helper
How it works
PII (Personally Identifiable Information) redaction identifies and replaces sensitive personal data in free-text documents with generic placeholders, reducing re-identification risk for data sharing, log analysis, and compliance workflows. This tool applies pattern-based detection to find common PII types in pasted text.
**PII categories detected** Email addresses (regex: standard email pattern). Phone numbers (US formats: (555) 123-4567, 555-123-4567, 5551234567, +1-555-123-4567). US Social Security Numbers (NNN-NN-NNNN pattern). Credit card numbers (16-digit sequences matching Luhn). IP addresses (IPv4 octets). US ZIP codes (5-digit or ZIP+4 patterns in context). Dates of birth (various date formats). Street addresses (number + street name patterns). Names (NLP-based entity recognition is more accurate than regex for names).
**Limitations of pattern-based redaction** False positives: legitimate phone-number-like sequences in product codes or serial numbers may be redacted. False negatives: names require NLP/NER (Named Entity Recognition) — simple regex cannot detect "Alice Johnson went to the store." For production pipelines handling large volumes, use dedicated NLP libraries (spaCy, AWS Comprehend Medical, Google Cloud DLP) with trained entity models.
**GDPR and HIPAA context** GDPR Article 4: PII includes any information that can identify a natural person directly or indirectly. HIPAA Safe Harbor: 18 PHI identifiers must be removed for data to be considered de-identified. Redaction is a first step; k-anonymity and differential privacy provide stronger statistical de-identification guarantees.
Frequently Asked Questions
- Names; geographic data smaller than a state (except first 3 digits of ZIP if the geographic unit has >20,000 people); dates more specific than year (except age for those ≥90); phone numbers; fax numbers; email addresses; Social Security numbers; medical record numbers; health plan beneficiary numbers; account numbers; certificate/license numbers; vehicle identifiers; device identifiers; URLs; IP addresses; biometric identifiers; full-face photographs; any other unique identifying numbers. After removing all 18, data qualifies as de-identified under Safe Harbor. Expert Determination is an alternative method requiring statistical certification.
- Names are the hardest PII category to detect with regex — there are billions of valid names and no consistent pattern. 'John Smith' is a name; 'John Deere' (a company) and 'John' (just a word) may or may not be PII depending on context. Effective name detection requires NLP-based Named Entity Recognition (NER): models like spaCy, Stanford NER, AWS Comprehend, Google Cloud DLP, or Microsoft Presidio detect person names in context with 85–95% recall. Even NER misses unusual or international names and generates false positives on common words used as names.
- Redaction replaces PII with a placeholder: 'Patient John Smith' → 'Patient [NAME]'. The structure is preserved but the identifying information is removed. Anonymization more broadly removes all identifying information and typically applies k-anonymity (at least k individuals share each combination of quasi-identifiers). Pseudonymization replaces PII with a consistent fake value (the same person always maps to the same pseudonym), enabling record linkage while protecting direct identity. True anonymization is irreversible; pseudonymization is reversible with the mapping key.
- For production pipelines handling millions of log lines: use a dedicated DLP (Data Loss Prevention) service — AWS Macie, Google Cloud DLP, Microsoft Presidio, or dbt's pre-commit hooks for data pipelines. Apply redaction at the log sink level, not in application code (so no PII is written to the log file at all). Use regex for high-confidence patterns (SSN, credit card, email) and NER for low-confidence patterns (names, addresses). Implement sampling and human review to measure false positive/negative rates. This browser tool is for manual review and development; not for automated production pipelines.