Data Loss Prevention - ICD Information Type

EASchmitt · ‎Mar 27 2019

Our DLP policies have been turned on for a little more than a week and I was reviewing the report to see what types of information are being flagged. There are quite a few that show the SensitiveInformationType as an ICD-10-CM flag (Screenshot 1). I reviewed the DlpCompliancePolicy (U.S.A Financial Data) that it's being detected in, but I don't see anything monitoring for ICD-10 (Screenshot 2).

According to our policy (USA Financial Data) and the compliance rule (Low volume of content detected in USA Financial Data), shouldn't this policy only be monitoring for CC#, US Bank Acct. #, and ABA Routing #? If so, why is the report showing flags for ICD-10? If not, where would I see the additional monitoring for ICD-10? I haven't found anything in mail flows either that would suggest it's monitoring for ICD-10 terms.

Vasil Michev · ‎Mar 27 2019

Looks like a bug to me, it should only detect sensitive information types you've explicitly specified in the policy settings. Open a support case.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Data Loss Prevention - ICD Information Type

Data Loss Prevention - ICD Information Type

Re: Data Loss Prevention - ICD Information Type