Detection Rules /   DETECTION RULE
Generate Code Validate Data Nightfall Console  

Protected Health Information (PHI)

This is a DLP detection rule template that you can implement easily in the Nightfall platform.

Description: Aims to prevent the exposure of sensitive patient health information in accordance with the Health Insurance Portability and Accountability Act (HIPAA). Detects data that uniquely identifies an individual in combination with a diagnostic indicator such as medication, diagnosis, and procedure.
Logical operator: ANY i.e. This rule will evaluate to TRUE if any of the Detectors meet their criteria below.

Detectors in this Detection Rule

Detector Minimum Confidence Minimum Number of Findings Scope
Protected Health Information VERY_LIKELY 1 content

Used in These Policies

Detect HIPAA Violations in Slack and Notify

This policy enables you to detect protected health information (PHI) in unsanctioned Slack channels and automatically notify the end-user to self-remeidate the issue.

Slack
Detect Sensitive Data Per ISO 27001 in Google Drive (US) and Notify

This policy enforces broad protection of sensitive assets in GDrive in compliance with ISO2 70001.

Google Drive
Detect HIPAA Violations in Jira and Notify

Detect and automatically notify when protected health information (PHI) is found in Jira

Jira
Detect HIPAA Violations in Confluence and Notify

Detect and automatically notify when protected health information (PHI) is found in Confluence

Confluence
Prevent Sharing of Protected Health Information (PHI) with ChatGPT

Detect and automatically block protected health information (PHI) from being shared with ChatGPT

ChatGPT
Detect HIPAA Violations in Salesforce and Notify

Detect and automatically notify when protected health information (PHI) is found in Salesforce

Salesforce
Detect HIPAA Violations in Zendesk and Notify

Detect and automatically notify when protected health information (PHI) is found in Zendesk

Zendesk
Detect HIPAA Violations in Microsoft Teams and Notify

Detect and automatically notify when protected health information (PHI) is found in Microsoft Teams

Microsoft Teams
Detect HIPAA Violations in Microsoft OneDrive and Remediate

Detect and automatically notify when protected health information (PHI) is found in OneDrive accessible outside the organization or via public link. Automatically restrict access to the Owner.

Microsoft OneDrive
Detect HIPAA Violations in Notion and Notify

Detect and automatically notify when protected health information (PHI) is found in Notion

Notion
Monitor bulk downloads of Protected Health Information (PHI) from Google Drive

Detect when a user downloads more than 5 files containing protected health information (PHI) in 24 hours

Google Drive
Prevent Sharing of Protected Health Information (PHI) via Gmail and Notify

Detect and automatically block protected health information (PHI) from being shared via Gmail, Notify the user

Gmail
Detect Protected Health Information (PHI) in Text Payload and Redact

Detect and automatically redact when protected health information (PHI) is found in a text scan.

API

Use Detection Rule via API

Read API Reference

curl --request POST \
     --url https://api.nightfall.ai/v3/scan \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer  REPLACE-WITH-YOUR-KEY' \
     --header 'Content-Type: application/json' \
     --data '
{
     "policy": {
          "detectionRules": [
               {
                    "detectors": [
                         {
                              "minNumFindings": 1,
                              "minConfidence": "VERY_LIKELY",
                              "displayName": "Protected Health Information",
                              "detectorType": "NIGHTFALL_DETECTOR",
                              "nightfallDetector": "PROTECTED_HEALTH_INFORMATION"
                         }
                    ],
                    "name": "My Inline Detection Rule",
                    "logicalOp": "ANY"
               }
          ]
     },
     "payload": [
          "INSERT 1+ PAYLOAD(S)",
          "INSERT 1+ PAYLOAD(S)"
     ]
}
'

          import requests
          import json

          api_key = "REPLACE-WITH-YOUR-KEY"
          url = "https://api.nightfall.ai/v3/scan"

          headers = {
              "Accept": "application/json",
              "Authorization": f"Bearer {api_key}",
              "Content-Type": "application/json"
          }

          payload = {
              "policy": {
                  "detectionRules": [
                      {
                          "detectors": [
                              {
                                  "minNumFindings": 1,
                                  "minConfidence": "VERY_LIKELY",
                                  "displayName": "Protected Health Information",
                                  "detectorType": "NIGHTFALL_DETECTOR",
                                  "nightfallDetector": "PROTECTED_HEALTH_INFORMATION"
                              }
                          ],
                          "name": "My Inline Detection Rule",
                          "logicalOp": "ANY"
                      }
                  ]
              },
              "payload": [
                  "INSERT 1+ PAYLOAD(S)",
                  "INSERT 1+ PAYLOAD(S)"
              ]
          }

          response = requests.post(url, headers=headers, data=json.dumps(payload))
          print(response.status_code)
          print(response.json())

Protected Health Information (PHI) Detection Rule Validator

Input any text to validate or test. The default minimum confidence is set to "Possible".