PII Masking
Detecting and redacting personally identifiable information (names, emails, SSNs) from text before sending to an external LLM, then restoring in the response.
Quick answer
What is PII Masking?
Detecting and redacting personally identifiable information (names, emails, SSNs) from text before sending to an external LLM, then restoring in the response.
Last updated:
PII masking solves a hard constraint: most enterprise data contains PII, and most LLMs are external APIs. Sending raw customer data risks compliance violations (GDPR, HIPAA), unintended training on your data, and audit failures.
The masking flow: (1) before sending to LLM, scan the prompt for PII patterns (regex + ML classifiers); (2) replace each instance with a token like `[PERSON_1]`, `[EMAIL_2]`; (3) store the mapping in a vault; (4) send the masked prompt to the LLM; (5) on response, restore the original values from the mapping.
Implementations vary in coverage: simple regex catches obvious patterns (SSN, credit cards) but misses names, addresses, custom identifiers. Modern systems use named-entity-recognition models to catch the harder cases. The Einstein Trust Layer and gptfy's Security Layer both implement PII masking with these techniques.
Related terms
Browse all terms- Einstein Trust LayerSalesforce's LLM security abstraction — masks PII before sending to AI models, audits every prompt and response, and blocks training on customer data.
- GroundingSupplying an LLM with authoritative, current, customer-specific data inside the prompt so its response is anchored in real information, not training data.
See it in your Salesforce org
See PII Masking running in GPTfy
Book 30 minutes with a GPTfy engineer to see how PII Masking actually works inside a Salesforce org like yours.
Book a demo