This is a DLP policy template that you can implement easily in the Nightfall platform.
Description | Detect and automatically block protected health information (PHI) from being shared with ChatGPT |
---|---|
Integration | ChatGPT |
Use Case | AI Data Governance |
Output Settings | Alert admins in Slack or Email, recommend configuring alerting to SIEM, and alert end-user with remediation instructions and educational messaging to proper handling of senstive patient health information handling to prevent future exposure. |
Inclusions | All ChatGPT conversations are monitored |
Exclusions | No exceptions or exclusions to this policy are permitted, as any conversational data shared with ChatGPT or similar tools would cross the secure boundary of the company's IT infrastructure and systems. |
These are the detection rules that will be applied within this policy, defining what types of sensitive data the policy is looking for.