Organization PII Enforcement

Organization administrators can enforce PII detection policies across all organization members.

Overview

PII enforcement allows admins to:

• Require protection for specific data types across the organization
• Override individual user preferences for organization-managed models
• Set compliance reasons for audit trail
• Monitor all detection events

Accessing Enforcement Settings

1. Navigate to Admin → Guardrails (/admin/pii-enforcement)
2. You must have the admin role in your organization

Enforcement Dashboard

The dashboard shows:

Setting Up Enforcement

Step 1: Review PII Types

Each type shows:

• Label: Human-readable name
• Severity: Critical, High, Medium, or Low
• Description: What this type detects

Step 2: Enable Enforcement

Toggle Enforced for each type you want to require. When enforced:

• Users cannot disable this detection type
• Settings are applied silently to organization-managed models
• All detections are logged

Step 3: Add Policy Reason

For compliance, add a policy reason explaining why enforcement is required:

Example: "HIPAA compliance requirement"
Example: "SOC2 data protection policy"
Example: "Company security policy Section 4.2"

Step 4: Save Changes

Click Save Changes to apply the enforcement policy.

How Enforcement Works

[!IMPORTANT] Enforcement only applies to models managed by the organization. User-owned models follow individual preferences.

Resetting Enforcement

Click Reset All to disable enforcement for all types. This requires confirmation.

Compliance Considerations

• All enforcement events are logged with timestamps and user information
• Policy reasons are stored for audit purposes
• Events can be filtered and exported from the Guardrail Events page
• Enforcement changes are tracked in audit logs