Skip to main content

2.13. Sensitive Data

Sensitive data is information that requires special protection due to its confidential or personal nature — for example, employee phone numbers or salary amounts. The Sensitive Data toolkit allows you to mask or clear sensitive data using sensitive data criticality levels.

2.13.1. Data Types Where Sensitive Data Is Masked

Note:

You can mark as "sensitive data" only the values of attributes located in the Attribute Library. This means that data in standard attributes cannot be marked as sensitive.

Sensitive data will be masked when viewed in the following locations:

Sensitive data in attributes is masked only when viewed in a grid. However, if a user opens the document, they will see the actual unmasked data. To view the list of users who opened a document and saw sensitive data without masking, see Track Sensitive Data Views.

2.13.2. Data Types Where Sensitive Data Is Not Masked

Sensitive data is not masked in the following scenarios:

  • Data queries from processes
  • Passing variables when starting a process or when sending a message/signal to a process
  • Writing data to system logs and/or audit logs
  • Generating documents based on attribute values
  • Server scripts
  • Passing data through integrations
  • In API requests

2.13.3. Sensitive Data Criticality Levels

Sensitive data criticality levels allow you to mark attribute values as sensitive data to mask or clear them. Each criticality level can mask data for the users you define.

Example: you can create five sensitive data criticality levels, accessible only to specific users:

  • Internal Data (INT) — accessible to one organization only.
  • Confidential Data (CONF) — accessible to users with the roles "Department Managers", "Project Managers".
  • Financial Data (FIN) — accessible to users with the roles "CFO", "Chief Accountant", "Financial Analyst".
  • Legally Protected Information (LEGAL) — accessible to the user group "Legal Team".
  • Top Secret (TOP) — accessible to specific accounts (e.g., CEO, CFO, CTO).

2.13.3.1. Create Sensitive Data Criticality Levels

To create criticality levels, follow these steps:

  1. In the navigation panel, select the Administration 1 workspace.

  2. Go to the Settings 2 shortcut group, then select the Sensitive Data Criticality Levels 3 shortcut.

  3. In the toolbar, select Create 4.

  4. Fill in the fields 1 using the hints in the table below, then in the toolbar select Save 2.

FieldDescription
Code*
  • The code must be unique to avoid confusion and ensure correct platform operation.
  • The code must be short (typically up to 10 characters), easy to remember, and associated with the name.
  • Use only Latin letters and digits to avoid compatibility and encoding issues.
    Example: "CONF" (for the confidential level), "PUB" (for the public level). Or simply numbered: "1" (lowest criticality level), "5" (highest criticality level).
Name*Enter the name of this criticality level.
Example: "Confidential Data", "Financial Data".
Description Add a description to further explain what data this level protects or the audience that will have access to information at this level.
Example: "Data for internal use within the organization. Available to all employees, but not for external distribution."
AccessSelect the Add button to add organizational units and/or administration subjects for whom sensitive data will not be masked. In the required field 1, add one or more units, then select the Add 2 button.

You can add individual users in the "Users" field, entire organizations in the "Our Organizations" field, or other unit types in the correspondingly named fields.
Example: For the "Financial Data" level, access can be granted to users with the roles "CFO", "Chief Accountant", "Financial Analyst".
Note:

Fields marked with * are required.

2.13.3.2. Apply Criticality Levels to Attributes

You can apply the created criticality levels to custom attributes of type Number, Date and/or Time, Text.

Sensitive data will be masked when viewed in the following locations:

Note:

If a user does not have access to a specific attribute with sensitive data, that data will be masked for them everywhere — across all documents, dictionary records, and so on. Masking is applied at the attribute level, not at the level of individual documents or dictionary records. If you need to mask sensitive data only for specific documents or tasks, create a separate attribute for them and mark it as sensitive.

To mark an attribute as containing sensitive data, follow these steps:

  1. In the navigation panel, select the Studio 1 workspace.

  2. Select the Attribute Library 2 shortcut, then select the required attribute 3.

  3. In the Attribute contains sensitive data field, select the checkbox.

  4. In the Make attribute sensitive? window, select the Yes button.

  5. In the Criticality Level field, select the required level from the dropdown list.

Note:

If no criticality levels appear in the dropdown list, it means they have not been created yet. To create levels, see the Create Sensitive Data Criticality Levels section.

  1. In the Additional Access field, you can specify organizational units and/or administration subjects for whom sensitive data at this level will not be masked. Sensitive data will be displayed without masking for all users you add in this field, as well as for users added in the Access field when the selected criticality level was created.

  2. In the toolbar, select Save.

From now on, whenever you use this attribute in documents, tabular document attributes, or user dictionary records, the data inside it will be masked for all users except those to whom you have granted access. That is, when viewing the grid with documents, the content of this attribute will be replaced with "*" instead of letters and "0" instead of numbers.

2.13.4. Track Sensitive Data Views

The sensitive data feature does not hide information from users — it only masks it in the table preview. When a user opens a document or dictionary record, they will see the sensitive data without masking. However, a record of such a view will be saved.

To view the list of users who opened an entity with sensitive data, follow these steps:

  1. Navigate to the shortcut where the entity whose views you want to track is located:
    1.1. Open a user dictionary record.
    1.2. Open a document.

  2. Select the required entity record 1, then in the upper-right corner select the 2 icon.

  3. Select Audit 3.

In the Audit registry, you will see all information about actions, users, and dates related to this entity.

2.13.5. Clear Sensitive Data

In some cases, it may be necessary to delete sensitive data. Here are a few possible reasons:

  • When personal data must be deleted in accordance with data protection laws (for example, GDPR).
  • After a project ends, when detailed information is no longer needed but general data should be retained.
  • To create test datasets that preserve the structure of real documents without containing actual sensitive information.

To clear sensitive data, follow these steps:

  1. Select the required entity record 1, then in the upper-right corner select the 2 icon. You can select multiple records at once; see the Select Multiple Records at Once section.

  2. Select Clear Sensitive Data 3.

  3. In the Clear Sensitive Data window, select the checkboxes next to the criticality levels 1 whose data you want to clear, then select the Clear 2 button.

2.13.6. Limitations When Working with Sensitive Data

When the Sensitive Data model is activated, restrictions are imposed on certain operations involving attributes that contain sensitive data. These restrictions ensure proper protection of sensitive information and prevent unauthorized access or data leaks.

2.13.6.1. Prohibited Operations When Selecting All Attributes

The following queries using .attrs() are prohibited for these entities:

User Dictionaries:

  • select.from('frm_UserDictionaryItem').attrs('attrValues')
  • select.from('frm_UserDictionaryItem').attrs('*')

Documents and Their Components:

  • select.from('dfx_Document').attrs('attrValues')
  • select.from('dfx_Document').attrs('*')
  • select.from('dfx_DocumentItem').attrs('attrValues')
  • select.from('dfx_DocumentItem').attrs('*')

2.13.6.2. Prohibited Filtering and Sorting Operations

The following operations are prohibited for entities containing sensitive data:

  • Filtering (where): select.from('dfx_Document').where('attrValues.sen_01', '=', 'value')

  • Sorting (orderBy): select.from('dfx_Document').orderBy('attrValues.sen_01')

  • Grouping (groupBy): select.from('dfx_Document').groupBy('attrValues.sen_01')

2.13.6.3. Impact on Existing Processes

If your system already has business processes or scripts that use the operations listed above, they will stop working after the Sensitive Data model is activated.

Recommendations for adaptation:

  • Analyze all existing scripts for the use of prohibited operations
  • Instead of selecting all attributes (attrs('*')), specify only the non-sensitive attributes you need
  • Use alternative filtering and sorting methods that do not involve sensitive data
Note:
  • These restrictions cannot be bypassed or disabled, as they are part of the sensitive data protection mechanism
  • When developing new scripts, account for these restrictions at the design stage
  • If your business processes critically depend on such operations involving sensitive data, consider restructuring them

2.13.7. View Criticality Level Usage

You can view the list of attributes to which a specific sensitive data criticality level has been applied.

  1. In the navigation panel, select the Administration 1 workspace.

  2. Select the Settings 2 shortcut group, then select the Sensitive Data Criticality Levels 3 shortcut.

  3. Select the required criticality level 4.

  4. In the Criticality Level Usage table, you will see the list of attributes that use this level.