Outbound Filter - PII Protection
PII Protection (Personally Identifiable Information) policies inspect outbound mail for sensitive data — national ID numbers, credit card numbers, and other regulated content — and either deliver, block, or hold the message based on the policy.
Page Layout
The page header reads PII Protection.
Search Criteria
A two-field search bar:
| Field | Purpose |
|---|---|
| Usage | Dropdown (default Total) — filter by whether the policy is active |
| Whether delivery or not | Dropdown (default Total) — filter by the delivery decision (Deliver / Do Not Deliver) |
A free-text input box and a blue Search button complete the bar.
Action Bar
A counter (for example TOTAL - 1) is followed by:
| Button | Purpose |
|---|---|
| Register | Open the Register PII Policy dialog (note: this is Register, not Add as on most other pages) |
| Delete | Delete the policies selected by the row checkboxes |
The View 30 dropdown on the right controls page size.
Columns
| Column | Description |
|---|---|
| ☐ | Row selection checkbox |
| Group | Group the policy applies to (for example WNS-365) |
| Policy sequence | Order in which the policy is evaluated |
| Sub-group Name | Sub-group the policy applies to |
| Usage | Whether the policy is currently active (Used / Not Used) |
| Delivery of Detected Emails | What happens to mail that triggers the policy (Deliver / Do Not Deliver) |
| Registrant | Administrator who created the policy |
| Date | Timestamp the policy was created or last modified |
What PII Protection Detects
The patterns SGuard considers PII are configured in the Settings module — typical detections include:
- National identification numbers
- Credit card numbers (Luhn-validated)
- Bank account numbers
- Custom regular expressions defined by your organization
When mail matches a PII pattern, SGuard checks the policy assigned to the sender's group:
- Delivery of Detected Emails = Deliver — the message is sent but logged for audit
- Delivery of Detected Emails = Do Not Deliver — the message is blocked and routed to the Outbound Protect Privacy mailbox for review
Compliance Use Cases
PII Protection policies are commonly used to satisfy:
- Data protection regulations (GDPR, local privacy laws)
- Industry rules (PCI-DSS for credit card data, HIPAA for health information)
- Internal data-handling policies
A Do Not Deliver policy can silently block legitimate mail (for example a finance team sending account numbers to an external auditor). Pair the policy with a clear escalation path so users know how to request release of false positives.