Skip to main content

Set up protection of personally identifiable information in Creatio AI Studio

This article explains how to create and configure a PII (Personally Identifiable Information) protection policy in AI Studio to control how sensitive data is detected and handled before and after LLM execution.

his article explains how to create and configure a PII (Personally Identifiable Information) protection policy in Creatio AI Studio to control how PII or other sensitive data is detected and handled before and after LLM execution in your organization.

Your PII protection customizations shall always be consistent with your organization’s guidelines and applicable data processing laws and regulations.

Example

Create a global PII protection policy that tokenizes email addresses and phone numbers in all LLM requests.

  1. Go to the Trust & Governance section → Policies.

  2. Click Create policy in the top right. This opens a window.

  3. Select PII protection as the policy type.

  4. Go to the General settings & Runtime block and fill out the general settings.

    Field

    Field value

    Policy name

    A human-readable name for the policy. For example, "PII redaction."

    Scope

    To whom this policy applies. Available values:

    • "Global" — applies to all agents and LLM calls across the entire organization.
    • "Agent" — applies only to a specific agent.

    Enforcement

    What happens when a PII match is detected. Available values:

    • "Disabled" — the policy is configured but takes no action.
    • "Observe" — detects PII and logs matches without blocking or altering requests.
    • "Enforce" — actively redacts or tokenizes detected values in the payload.

    Severity

    The severity level assigned to this policy. Available values:

    • "Low"
    • "Medium"
    • "High"
    • "Critical"

    We recommend starting with the "Observe enforcement" mode before switching to "Enforce." Observe mode lets you review detection results in the decision log without affecting live LLM requests, allowing you to validate entity coverage and tune your configuration safely.

  5. Go to Select which sensitive values this policy should detect before model execution block and check the boxes for each entity type for which the policy must scan.

    Entity type

    Description

    Email

    Standard email address patterns, for example, john.doe@creatio.com.

    Phone

    Phone numbers in national and international formats, for example, +1 312 555 0187.

    Full name

    First and last name combinations.

    Address

    Physical mailing or street addresses.

    National ID

    Government-issued ID numbers, social security numbers, and similar.

    Bank account

    Bank account and IBAN-formatted numbers.

    Select all entity types relevant to your compliance requirements. Unselected types will not be detected or redacted, even if present in the payload.

  6. Add tenant-specific IDs (optional). If your organization uses internal data IDs that are not covered by the standard entity detectors, add them to the Add tenant-specific identifiers block.

    Input

    Description

    Regex patterns

    One regex pattern per line for structured IDs such as internal keys or case numbers. For example, client_[0-9]{6} or lead_[A-Z]{3}-[0-9]{4}.

    Dictionary entries

    One entry per line for tenant-specific labels, reserved names, or record aliases. For example: vip_customer_id or case_reference.

  7. Configure the action on match. Go to the Define how matched values are rewritten and what evidence is retained in the decision log block and select how the policy handles detected PII.

    1. Select one of the following in the Action on match field:

      Mode

      Behavior

      Mask

      Replaces detected values inline using a static placeholder label before the request is sent to the LLM. The original value is not preserved or recoverable from the payload. You can specify whether to store the original values in the audit log.

      Tokenize

      Replaces detected values using reversible placeholders, effectively hiding them from the LLM. The original values are restored in the outbound response after model execution is complete.

      Mask mode is irreversible. Once a value is masked in the inbound payload, the LLM never receives the original data, and it cannot be restored from the request. Use Tokenize mode if the original value must be available in the model response or downstream processing. Do not switch from Mask mode to Tokenize mode on a live policy without reviewing audit log entries first.

    2. Specify how matched values must appear in the payload sent to the LLM in the Placeholder style field, available when the "Mask" mode is selected. Out of the box, "Entity label."

For example, you set up tokenizing of emails and phone numbers:

Mode

Text

Before

Customer John Doe can be reached at john.doe@tenant.com or +1 312 555 0187. Refund account is GB29 NWBK 6016 1331 9268 19.

After (Mask)

Customer John Doe can be reached at [EMAIL] or [PHONE]. Refund account is GB29 NWBK 6016 1331 9268 19.

After (Tokenize)

Customer John Doe can be reached at john.doe@tenant.com or +1 312 555 0187. Refund account is GB29 NWBK 6016 1331 9268 19. (values are not sent to the LLM and restored in the outbound response)

  1. Configure runtime scan options at the bottom of the Define how matched values are rewritten and what evidence is retained in the decision log area.

    Toggle

    Description

    Pre-flight request scan

    Runs the PII detector on the inbound payload before the LLM call. Required for inbound payload protection. Toggled on out of the box and non-editable.

    Post-flight response scan

    Runs a second detection pass on the LLM-generated response before it is returned to the user. Useful for catching PII re-generated or inferred by the model.

    Hide original values from audit log

    Stores only the masked version of detected PII in the decision log, keeping original values out of audit storage.

    Turning on Hide original values from audit log affects your ability to review original data during policy audits or compliance reviews. Once this setting is active and a decision is logged, the original value cannot be retrieved from the audit log.

  2. Review all settings across the page and save the policy.

  3. Activate the policy. To do this, return to the Policies list, locate your policy, and change the Enforcement mode from "Observe" to "Enforce" once you validate detection results in the decision log.

As a result, Creatio AI Studio will apply the PII protection policy to all governed LLM requests that fall within the configured scope. You will be able to monitor the policy execution live in the Governance section.


See also

Creatio.ai overview

Creatio.ai architecture

Introduction to AI Agents

AI Agent list

AI Skill list

Creatio.ai system actions

Connect a custom LLM to Creatio.ai

Data privacy in Creatio.ai

Creatio.ai FAQ