The built-in Information Classifier policies are arranged in the following groups.
Table: Corporate Compliance
Policy |
Detects |
Authentication Policy |
Authentication information, such as user name and password credentials. |
Company Confidential and Intellectual Property Policy |
Documents that are confidential, secret, or internal-only, or that contain intellectual property source code. |
Ethics and Code of Conduct Policy |
Terms that may be unethical or against corporate code of conduct policy. |
IP Address Policy |
Internet Protocol version 4 (IPv4) and version 6 (IPv6) addresses. |
PCI-DSS Policy |
Content that is subject to the Payment Card Industry Data Security Standard (PCI-DSS), including credit and debit card numbers. |
Proposals / Bids Policy |
Corporate proposal and bid documents. |
Table: Financial Regulations
Policy |
Detects |
Bank Account Number Policy |
Country-specific or international bank account numbers. |
Credit Card Policy |
Credit and debit cards. |
Gramm-Leach-Bliley Act (GLBA) Policy |
Personal financial information for Financial Services Modernization Act of 1999, also known as Gramm-Leach-Bliley Act (GLBA) or Public Law 106-102. |
Sarbanes-Oxley (SOX) Policy |
Forms and terms relating to the Sarbanes - Oxley Act of 2002 (Public Law 107). |
SWIFT Codes Policy |
Society for Worldwide Interbank Financial Telecommunication (SWIFT) codes, also known as Bank Identifier Codes (BIC), Business Identifier Codes (BIC), or ISO 9362, and related content. |
U.S. Financial Forms / Documents Policy |
U.S. financial forms and documents. |
Table: Health Regulations
Policy |
Detects |
Australia Individual Healthcare Identifier (IHI) Policy |
Australia Individual Healthcare Identifiers (IHI) and related content. |
Canada Healthcare Identifiers Policy |
Canada Healthcare Identifiers and related content. |
ICD 10 CM Diagnosis Indexes Policy |
ICD 10 CM diagnosis indexes (textual names). |
Medical Record Number Policy |
Medical record numbers (generically). |
U.S. Drug Enforcement Agency (DEA) Number Policy |
U.S. Drug Enforcement Agency (DEA) numbers and related content. |
U.S. Health Insurance Portability and Accountability Act (HIPAA) Policy |
Electronic patient health information (ePHI) information for United States Health Insurance Portability and Accountability Act (HIPAA), also known as Public Law 104-191. |
Table: International Regulations
Policy |
Detects |
Australia Drivers License Number Policy |
Australian driver's license numbers. |
Australia Passport Policy |
Australian passport numbers. |
Australia Tax Policy |
Australian tax file number and related content. |
Canada Drivers License Number Policy |
Canadian driver's license numbers. |
Canada Passport Policy |
Canadian passport numbers. |
Canada Social Insurance Number Policy |
Canadian social insurance numbers. |
France National ID Policy |
French National Identifiers and related content. |
Italy Codice Fiscale Policy |
Italian Codice Fiscale numbers, also known as Italian fiscal code card numbers. |
Switzerland National ID Policy |
Swiss National Identifiers and related content. |
U.K. Drivers License Number Policy |
U.K. driver's license numbers and related content. |
U.K. National ID Policy |
U.K. National Identifiers and related content. |
U.K. National Insurance Number (NINO) Policy |
U.K. National Insurance number and related content. |
U.K. Passport Number Policy |
U.K. passport number and related content. |
U.K. Unique Tax Reference (UTR) Policy |
U.K. Unique Tax Reference (UTR) number and related content. |
U.S. Drivers License Number Policy |
U.S. driver's license numbers. |
U.S. Passport Policy |
U.S. passport and passport card numbers. |
U.S. Social Security Number (SSN) and Taxpayer ID Policy |
U.S. taxpayer identification numbers. This is typically the U.S. Social Security Number (SSN). |
Table: Personally Identifiable Information
Policy |
Detects |
Belgium Personal Data Policy |
Personal data applicable to Belgium's Data Protection Directive (DPL), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Denmark Personal Data Policy |
Personal data applicable to Denmark's Act on Processing of Personal Data (APPD), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
France Personal Data Policy |
Personal data applicable to France's Federal and State laws, including France's Act No 78-17 on Information Technology, Data Files and Civil Liberties (DPA), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Germany Personal Data Policy |
Personal data applicable to Germany's Federal and State laws, including Germany's Federal Data Protection Act (BDSG), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Italian Personal Data Policy |
Personal data applicable to Italy's Legislative Decree No. 196/2003, which contains the Italian Personal Data Protection Code (Code), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Netherlands Personal Data Policy |
Personal data applicable to Netherlands for Dutch Data Protection Act, European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Norway Personal Data Policy |
Personal data applicable to Norway's Personal Data Act (PDA), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Spain Personal Data Policy |
Personal data applicable to Spain's Data Protection Act (Law 15/1999 on the protection of personal data), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Sweden Personal Data Policy |
Personal data applicable to Sweden for Swedish Personal Data Act (PDA), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
Turkey Personal Data Policy |
Personal data applicable to Turkey's Law on Protection of Personal Data No 6698 (Data Protection Law, KVKK), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
United Kingdom Personal Data Policy |
Personal data applicable to United Kingdom's Data Protection Act 1998 (DPA), European Privacy Directive 95/46/EC on data protection (Data Protection Directive), and the European General Data Protection Regulation (GDPR). |
U.S. Personal Data Policy |
Personal data applicable to United States's Federal and State laws, including The Federal Trade Commission Act (FTC Act), the Financial Services Modernization Act (Gramm-Leach-Bliley Act (GLB/GLBA)), the Health Insurance Portability and Accountability Act (HIPAA), the Fair Credit Reporting Act (FCRA), the Fair and Accurate Credit Transactions Act (FACTA), among many others. |
Table: U.S. Federal Regulations
Policy |
Detects |
Criminal History Policy |
Identity history summary (Criminal History Record, or Rap sheet) for Criminal Justice Systems. |
Fair Credit Reporting Act (FCRA) Policy |
Personal credit information for Fair Credit Reporting Act (FCRA). |
Family Educational Rights and Privacy Act (FERPA) Policy |
Educational content subject to the Family Educational Rights and Privacy Act (FERPA). |
Federal Financial Institutions Examination Council (FFIEC) Policy |
Personally identifiable and financial information for the Federal Financial Institutions Examination Council (FFIEC). |
Federal Information Security Management Act (FISMA) Policy |
Personal and security information and for Federal Information Security Management Act (FISMA) of 2002, also known as E-Government Act of 2002, also known as Public Law 107-347. The type of information that should be protected depends on the relevant agency/sector. |
U.S. Internal Revenue Service (IRS) 1075 Policy |
IRS tax forms and financial information for the U.S. Internal Revenue Service (IRS) 1075 and Internal Revenue Code (IRC) 6103. |
U.S. Securities and Exchange Commission (SEC) Forms Policy |
U.S. Securities and Exchange Commission (SEC) Forms. |
Table: U.S. State Regulations
Policy |
Detects |
California Assembly Bill 1298 (HIPAA) Policy |
Electronic patient personally identifiable information (PII) for California Assembly Bill 1298 (California/CA AB 1298). |
California Financial Information Privacy Act (SB1) Policy |
Personal financial information for California Financial Information Privacy Act, also known as CA SB1. |
Massachusetts Regulation 201 CMR 17.00 (MA 201 CMR 17) Policy |
U.S.- and Massachusetts- centric personally identifiable information in accordance with Massachusetts Regulation 201 CMR 17.00. |