Manage Rules

In Data Privacy, a rule is a logical entity that has a sequence of rule actions that represent the most common operations on Data Privacy project resources. Rules can also be defined using an expression, which is rule logic. Rules can be shared between mainframe and distributed data and will produce consistent results when applied to data that is the same even when it is stored in fields of different data types and lengths. Data is normalized to the same format so that when the rule is executed, assuming the data is the same, the results are the same, regardless of the data source.

Data Privacy rules are stored in a rules repository that can be accessed by mainframe and distributed engines. Rules provide a definition of disguise criteria that, once saved, can be reused as desired. Rules that are defined and stored in the shared repository can be shared by each of the File-AID products that support Data Privacy.

From the Rules view, you can create a new rule, edit a rule, rename a rule, delete a rule, disable a rule, or import a global rule. Global rules must be imported into projects before they can be used by the disguise process.

Rules are created using data elements rather than specific fields in specific metadata. At execution time the source data identifiers within the data element are matched against the metadata to identify specific fields to disguise. All of the rules that act on the data elements contained within the metadata are applied to the object being disguised.

Important

A rule must reference at least one data element. Without a data element, the rule will never be identified and, therefore, will never be applied.

A rule is assigned to an object if the object has the data elements used by the rule. Any single field can only be replaced by one disguise rule. Multiple disguise rules can use the same source field as input to the rule, but only one rule can replace the source field in a given object.

When a rule is created, it can include condition checking to determine which actions within the rule will be applied to a source record. Condition checking will be based on values that exist in the original data value. Each rule will have the original contents of the source data available so that any condition checking and source value translation will operate against the expected original source values.

In some cases it is critical that disguise rules be applied in a specific order to get the expected results. This is important whenever public variables are being used. For example, rule one sets the value in the variable and rule two uses the value of the variable. Therefore, when rules are applied to a given object, they are executed in the order specified.

Rules Best Practice

The most practical way to make a rule reusable is to make a single rule specific to a single data element. The more specific the rule is, the more reusable it is. For example, if you create a rule that contains rule actions for three different data elements to be disguised, it will work fine for the specific file for which it was created. But, when you want to reuse the same rule for another file, if that file does not include the exact same three data elements to be disguised, the rule will not be selected for the second file.

Instead, what will work better is to create three separate rules, one for each data element to be disguised. Then when you want to reuse rules, you can select only those rules that apply based on the data elements in the current file.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*