Review documents

This section describes common tasks and interfaces used by Reviewers when working with Data Breach Response. Reviewers check documents to ensure the machine is accurately predicting what documents contain PII. They correct the machine's predictions when necessary and make sure all PII types are detected.

Spreadsheet review

The Data Breach Response product uses AI to identify table boundaries, column headers, and the personal information that sits within those tables. In addition, individuals and their personal information appearing in the same table row will be automatically linked and appear on the Entity Report. Below is a high-level overview of the recommended review approach for spreadsheets, as it differs from non-spreadsheet documents:

  • Predict table boundaries and column headers. During the Incorporate Feedback process, Data Breach Response finds table boundaries with column headers to predict where and what type of personal information is contained in tables.
  • Verify identified table boundaries and column headers. PI identified within tables are dependent on the table boundaries being properly identified. Table boundaries identified by the product can be edited or removed. New table boundaries can be added. For more information, see Creating a table
  • Verify Personal Information identified outside of tables. The Data Breach Response product can also identify personal information that sits within cells outside of a table. Please use the PI Detection card to navigate to those. That PI can also be edited, removed, or new PI sitting outside a table can be added. For more information, see Capturing PI

Reviewing PI within tables

The Data Breach Response product identifies table boundaries with column headers to predict where and what type of personal information is contained in tables. There are instances where tables boundaries may need to be edited, removed, or added.

Creating a table

If there is a table in a sheet that has not been identified, a new table can be created. To create a new table:

  1. Select the table icon on the bottom of the native spreadsheet viewer or right click from the viewer and select Add Table Boundary.
    An image of the Add Table Boundary button
  2. From the table card, click Add New Table.
    An image of the Add New Table button
  3. Add a Name for the table.
  4. Insert the Table Boundaries for the table.
  5. If the table does not have headers (the first row of the table contains PI), then disable the Header toggle. The header location will be auto filled with the first row of the table.
    If the Header toggle is selected, a header value must be entered.
    An image of the Header toggle
  6. Click Save after confirming that the cell range is correct.

Editing a table

Table boundaries are marked by a dashed line around the predicted table. Existing table boundaries can be modified:

  1. Right click on the table boundary of the table you wish to edit.
  2. From the Context Menu, select Personal Information. Click Edit Table Boundary.
    An image of the Edit Table Boundary button
  3. A table card will appear. Click the Edit button in the table card.
  4. The Name of the table, Table Boundary, and Header values can be changed.
    An image of Table Information options
  5. Click Save.

Capturing PI

PI can be captured for a single cell, or for an entire column. It is appropriate to annotate an entire column if the majority of cells in that column represent the same type of PI. If this is not the case and PI is scattered inconsistently across the sheet, then manual annotations for single cells can be created.

Adding PI

To add PI:

  1. Right click the relevant column header.
  2. From the Context Menu, select Personal Information.
  3. Click Add.
  4. Select the PI Type to assign to the column.
    An image of the PI Type dropdown menu
  5. Click Save.

The PI will appear in the PI Detection panel.

Editing PI

To edit PI:

  1. From the Context Menu, select Personal Information.
  2. Click Edit.
  3. Select the new PI Type to assign to the column.
  4. Click Save.

Deleting PI

To delete annotations that have been applied to entire columns:

  1. From the Context Menu, select Personal Information.
  2. Click Remove Column Annotation.
  3. A confirmation modal appears. Click Remove.
    An image of the Remove button

Adding partial cell PI

To add partial cell PI:

  1. Right click the cell containing the PI in the spreadsheet.
    Note: Only one cell can be selected when adding partial cell PI.
  2. From the Context Menu, select Personal Information.
  3. Click Add.
  4. The PI is captured in the PI Value field.

    Type to edit the PI Value if needed.

    An image of the Add PI Detection window and available options
  5. Choose the PI Type.
  6. Click Add.

The PI now appears in the PI Detection panel.

Editing partial cell PI:

To edit partial cell PI:

  1. Right click the cell containing the PI in the spreadsheet.
  2. From the Context Menu, select Personal Information.
  3. Click Edit.
  4. Edit the PI Value and PI Type.

    An image of the Edit PI Detection window
  5. Click Save.

Removing partial cell PI:

To remove partial cell PI:

  1. Right click the cell containing the PI in the spreadsheet.
  2. From the Context Menu, select Personal Information.
  3. Click Delete
    A confirmation modal appears.
  4. Click Remove.
    An image of the Remove PI Detection window

Non-spreadsheet review

Data Breach Response identifies personal information located within documents, reducing the manual burden on reviewers. When reviewing non-spreadsheets, the goal is to validate the predictions highlighted by the AI.
An image of a non-spreadsheet document in the Document Viewer

Capturing PI

Add or remove PI by following the procedures below.

Adding PI

To add PI:

  1. Select the text for annotation using the cursor.
  2. Right click on the document to open the Context Menu.
  3. From the Context Menu, select Personal Information. Click Add.
    An image of the Add button
  4. From the Add PI Detection modal, select the PI type for the auto-filled PI value. You cannot change this text without re-highlighting it.
  5. Click Save.

Editing PI

To edit PI:

  1. Right click the highlighted PI to edit.
  2. From the Context Menu, select Personal Information. Click Edit.
    An image of the Edit button
  3. From the Edit PI Detection modal, select the PI type for the auto-filled PI value.
  4. Click Save.

Removing PI

To remove PI:

  1. Right click the highlighted PI to remove it.
  2. From the Context Menu, select Personal Information. Click Remove.
    An image of the Remove button
  3. Click Remove on the confirmation modal.

Adding drawn annotations

In some cases, PI detections cannot be made on a document due to poor OCR quality. In these instances, PI can be recorded by doing the following:

Note: Drawn annotations can only be applied to PDFs.

  1. In the PI Detection panel, select Draw Annotation.
    An image of the Draw Annotation button in the PI Detection panel
  2. Draw a box over the text that contains the PI to record.
    AN image of a box drawn over text containing PI.
  3. A panel will appear in the Draw Annotation section of the PI Detection panel.
    Enter the PI Value and PI Type.
    An image of the PI Detection panel showing PI Value and PI Type options
  4. Click Save.

Creating entity linkages

Linkages are relationships between PI and text in a document. For example, in the image below, there is a link between the annotation for Jessica Kessler (person), her account number, and her credit card expiration date. It is important to note that for information to appear in the Entity Report, it is not enough to only tag the personal information within the document. To appear on the Entity Report, individuals and their personal information must be linked in the non-spreadsheet viewer.

An example image showing a link between an entity and their information.

Adding linkages through the Linked Entities panel

To add linkages through the Linked Entities panel:

  1. Select the + icon in the Linked Entities panel.
    An image of the add icon in the Linked Entities panel
  2. Select the individual from the Entity drop-down menu.
  3. Add the PI Value and Type of the value to link.
    An image of the Linked Entites panel showing Pi Value and PI Type options
  4. Repeat Step 3 for each additional PI to link to that entity.
  5. Click the Checkmark button when done.

Removing linkages

  1. Navigate to the entity to remove linkages for in the Linked Entities panel.
  2. Select the Unlinkicon next to the PI value to unlink.

Locking detections

For PI detections to be preserved on a document when the Incorporate Feedback pipeline is rerun, PI must be saved before moving on to the next document when reviewing.

To save PI detections before Incorporate Feedback is run, click the Lock Annotations button in the PI Detections panel. You can continue to make changes and Add/Edit/Remove PI after a document is locked. Those updates will remain on the document.
Changes can not be made while Incorporate Feedback is running.
An image of the Lock Annotations button

If you do not want to preserve any manual PI Detections that were added on the document, select Unlock Annotations.

Note: Selecting Unlock Annotations will erase any manual annotations on the document.

An image of the Unlock Annotations button

Errors

Personal information will not appear in the PI Detection panel under the following circumstances:

  • The AI process, called Incorporate Feedback in Data Breach Response, has not been run.
  • The AI process, called Incorporate Feedback in Data Breach Response, is in progress.
    • Detections will be available in the PI Detection panel once IF is complete. While IF is in progress, the panel will display the following message:

      An image of an error message: "Personal information detection is in progress. Results will appear once it is complete."
  • The AI process, called Incorporate Feedback in Data Breach Response, has failed.
    • If an error has been encountered during PI detection or it has failed, the following message will appear in the PI Detections panel:
      An image of an error message: "Personal information detection encountered an error while running. Please go to the Privacy Workflow tab to remediate."
  • No PI was detected after the AI was run.
    • If a document does not contain PI, the PI detection panel will display a messaging indicating this.
      An image of an error message: "No Personal Informnation detected."