An Oracle blog about PeopleSoft Technology

Sensitive Data Masking is as Simple as 1,2,3,4

Julie Alonso
Product Management Director
This is a syndicated post, view the original post here

Sensitive Data Masking safe guard’s confidential employee information like National ID and Banking Information which has become more important than ever.  For personal and sensitive information shared by employees, it's important that the sensitive data is only accessed by Administrators who are authorized.  Your organization might grant access to Personal Data to users with different security roles, such as HR Administrators or a HR Service Representative, each requiring different access levels. 

PeopleSoft HCM provides row-level security for Administrator components and ensures that only authorized users have access, however, this doesn’t secure the access to fields on the page that show sensitive information like birth date. For protecting sensitive data, you have the ability to easily mask highly sensitive fields like an employee’s national id, date of birth, bank account numbers, driver’s license and passport number.  Below is an example of how you would mask an employee’s driver’s license number.

Step 1 (Log in PS/PS) – Check on Enable Data Masking > Save. 

Setup HCM > Install > Installation Table > HCM Options Tab

Step 2 – Check ON data masking parameter for Driver’s License Number. 

Click the Masking Parameters hyperlink

Enter in the number of digits you want unmasked (you can mask the entire field or partial).  Click the OK button, Click the Save button.

Set Up HCM > Security > Data Masking > Setup Component Level Masking

Step 3 – Define what Security User Roles can see unmasked data (ex. HR Administrator) and who sees the data as masked (ex. HR Service Rep). Field Group = DL (Driver’s License), Click Search button

Enter the Role of who can see UNMASKED data, save the page (this is the delivered role, you may have role name if you cloned the delivered role) 

Set Up HCM > Security > Data Masking > Setup Authorized Roles

Step 3A - PeopleSoft delivered a role “Data Privacy Officer” – this role needs to be assigned in the User Profile.  User ID = PS (Super User Admin)

PeopleTools > User Profiles > User Profiles

 Step 4 – As an HR Administrator, you can see the Dr. License unmasked for Jean Parsons.

Navigation – Workforce Administration dashboard > New Hire Tasks > Driver’s License Data > Jean Parsons

Logout – Login as RCHANNING/RCHANNING (a HR Rep)

Navigation – Workforce Administration dashboard > New Hire Tasks > Driver’s License Data> Jean Parsons

 As an HR Representative, you can see the Dr. License masked for Jean Parsons. The HR Rep can only see the last 4 digits (as defined in Step 2 above).

For Additional Information on Data Privacy - https://www.youtube.com/watch?v=g9bX55tHSMc


Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.