# Data Privacy Filtering The `Data Privacy Filtering` panel controls the configuration of the data privacy services in SanteDB. Data privacy services allow administrators to: * Control how sensitive data is handled in SanteDB iCDR * Control which resources have specific privacy sensitivity in SanteDB iCDR * Control how sensitive records are disclosed or updated * Control which properties on which resources are forbidden (and will result in a privacy violation exception when collected, or queried). ![](/files/ZTLKIQ1biGMJRNQFttjF) | Option | Description | Example | | -------------- | ------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | | Default Action | The action which should be applied to all resources which have been flagged as sensitive, where no specific policy has been assigned. | See: [Policy Actions](#undefined) | | Resources | The resources which are to be protected with specialized policy enforcement. | | ## Resource Controls Expanding the resources input allows administrators to specify resources in the RIM which are subject to special protections. Clicking the ellipsis on the resources property will open a collection editor change the settings for resource controls: ![](/files/7wGrwXkHpLdz3ysz1TRp) | Option | Description | Example | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- | | Action | The action to be applied on resources which have privacy policies applied to them, when the requesting user does not have a grant for the policy. | See: [Policy Actions](#undefined) | | Resource Type | The type of resource that the policy applies to. | Patient, Person, etc. | | Fields | The properties which are forbidden or have specialized sub-policy enforcement instructions. | See: [#property-policies](#property-policies "mention") | {% hint style="info" %} You can set policies on identifiers (on entities and acts) by controlling the policy on `AssigningAuthority`. {% endhint %} ## Property Policies The property policies allow implementing jurisdictions to control which properties in which resources are forbidden. Examples of this functionality are: * Restricting the collection, disclosure, or querying of Patient religion or ethnicity to all users * Restricting the disclosure, collection or querying of Patient VIP status to only users which have "Access to Taboo Information" policy. ![](/files/eYvMBvdLu0uCOVgagQiK) | Option | Description | Example | | -------- | --------------------------------------------------------------------------------------------- | --------------------------------- | | Action | The action to apply when the caller attempts to access, query, or write data to the field. | See: [Policy Actions](#undefined) | | Policy | The policy OIDs which the user must posses in order for the Action not to result in an error. | 2.25.0303030 | | Property | The HDSI property path (root paths only) on the resource, where this policy applies. | | ## Policy Actions Resources, properties and the default policy actions dictate how the privacy filtering engine will handle data whenever: * The requesting principal lacks appropriate policy permissions to view data (when flagged), or * The requesting principal is querying, updating, or being disclosed data from a forbidden property. | Action | Behavior | | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | None | No action is taken on the resource or data element. | | Audit | The disclosure or update is permitted to continue, however a specialized security alert audit created indicating the property was disclosed or updated. | | Redact |

Note: The $pep.masked tag is appended to the resource.

| | Nullify |

Replaces the value of the property with null , if the action is applied to a resource then the status is set to Nullify and no data is disclosed.
Note: The $pep.masked tag is appended to the resource.

| | Hide |

Note: The $pep.masked tag is appended to the resource.

| | Error | Whenever a principal attempts to read, query, or update the resource, the policy enforcement service will raise an error. | | Hash |

Note: The $pep.masked tag is appended to the resource.

| --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.santesuite.org/operations/server-administration/configuration-tool/security-settings/data-privacy-filtering.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.