This article will help you understand how to detect, redact, and manage sensitive personal data within emails and attachments in Sedna, ensuring compliance with global data protection regulations such as GDPR, POPIA, and CCPA.
Prerequisites
Available to organisations using Sednaβs Personal Data Redaction module.
Access level determines whether you can view, restore, or download redacted content.
Overview
The Personal Data Redaction module in Sedna automatically detects, redacts, and manages personal data (e.g., passports, medical records, payroll details) in emails and attachments. All processing occurs within Sednaβs infrastructure, ensuring security and compliance without additional sub-processors.
Why This Matters
In industries such as maritime and global trade, sensitive data is often shared via email. Without automation, finding and securing this data is slow and error-prone, risking fines of up to β¬20M or 2% of global turnover under GDPR.
Common risks include:
Sharing crew medical data with agents/terminals.
Sending immigration documents (passports, visas) over unsecured email.
Exchanging payroll/bank details without encryption.
Retaining legacy personal data beyond legal limits.
Key Features
Automatic Personal Data Detection: Scans 400+ file formats.
Personal Data Redaction Scan Card: Displays detection status and redaction countdown.
Automated & Manual Redaction.
Permission-Based Views for authorised/unauthorised users.
How It Works
Detection β Sedna scans messages and attachments for personal data.
Notification β Scan Card displays detection status and when redaction will occur.
Redaction β Sensitive data is hidden from unauthorised users.
Access Control β Authorised users can restore or download original content.
Supported Data Types
Passports, visas, national IDs
Medical/vaccination records
Bank account details (IBAN, payroll)
Crew lists
Employment contracts and HR memos
Historical emails containing personal data
Compliance Coverage
Supports:
GDPR (EU & UK)
LGPD (Brazil)
PDPA (Singapore)
POPIA (South Africa)
CCPA (California)
Instructions
For Regular Users
You Can:
Manually flag messages for redaction.
Access non-redacted messages in your workflow.
You Cannot:
View/download original content once redacted.
Restore or remove quarantined items.
To Manually Flag a Message:
Open the message in Stream.
Select Flag for Redaction from options.
The message will be redacted after the configured queue period.
For Authorised Users (e.g., Legal, Compliance)
You Can:
View/download original content after redaction.
Restore redacted messages.
Adjust queue timelines in coordination with Engineering/Product.
You Cannot:
Partially un-redact messages
Change global redaction policies without Product/Engineering support.
To Restore a Message:
Open the redacted message.
Click the more settings option (Click the three-dot menu (β’β’β’) in the top right corner)
Select "Restore unredacted version"
To view scan results on a Message:
Open the message.
Click the more settings option (Click the three-dot menu (β’β’β’) in the top right corner))
Select "Download scan results'
Queue Periods & Redaction Timelines
Default queue: 30 days (configurable).
Automatic redaction: Triggered by system detection.
Manual redaction: Triggered by user flag.
-
After redaction:
Identified personal data is redacted
Attachments are hidden
Only authorised users can restore.
Best Practice Tips
Flag suspicious messages promptly.
Coordinate with Legal/Compliance for restoring or deleting sensitive content.
Outcome
After completing these steps, sensitive data will be automatically or manually redacted according to policy, with controlled access for authorised users, ensuring compliance with applicable privacy regulations.
Further Reading
[Managing User Roles in Sedna]
Comments
0 comments
Please sign in to leave a comment.