PII Settings
How PII Scrubbing Works
Section titled “How PII Scrubbing Works”Before any conversation data reaches the AI, it passes through Heard’s PII scrubbing pipeline. Personally identifiable information such as names, phone numbers, email addresses, SSNs, and credit card numbers is replaced with anonymous placeholders.
The AI reasons on anonymized data:
- It sees
[CUSTOMER_1]instead of “Sarah Chen” - It sees
[PHONE_1]instead of “+1-555-0123” - PII is re-associated only when executing an action that requires it (e.g., addressing an email)
Sensitivity Levels
Section titled “Sensitivity Levels”Admins choose how aggressively PII is scrubbed:
- Navigate to Settings → Privacy → PII Sensitivity
- Select the level:
| Level | What’s Scrubbed | Best For |
|---|---|---|
| Standard | Phone numbers, email addresses, SSNs, credit card numbers, account numbers | Most businesses |
| High | Everything in Standard + personal names, company names, addresses, dates of birth | Healthcare, financial services |
| Maximum | Everything in High + contextual PII (implied references, custom patterns) | Highly regulated industries |
Allow List
Section titled “Allow List”Some PII might be safe to pass through. For example, your own company name or product names might be safely ignored even if the NER model flags them as personal names.
- Navigate to Settings → Privacy → Allow List
- Add terms that should not be scrubbed:
| Term | Type | Reason |
|---|---|---|
| ”Acme Corp” | Company name | It’s your company, not PII |
| ”ProWidget” | Product name | Sounds like a name but isn’t |
Deny List
Section titled “Deny List”Force specific patterns to always be scrubbed, even if the automatic detection misses them:
- Navigate to Settings → Privacy → Deny List
- Add patterns:
| Pattern | Type | What It Matches |
|---|---|---|
ACCT-\d{6} | Regex | Your internal account number format |
| ”Project Phoenix” | Text | Confidential project name |