PII Handling Guide
How Meridian identifies, classifies, and protects personally identifiable information across your stack.
What Meridian classifies as PII
- Email addresses, phone numbers, physical addresses
- Government IDs (SSN, passport, driver's license)
- IP addresses stored alongside user identifiers
- Payment tokens and billing metadata
- Biometric templates and facial geometry hashes
Detection pipeline
Meridian scans structured and unstructured data stores on a configurable cadence. The regex engine runs against column names, JSON keys, and cell values. Matches are scored by confidence — high-confidence hits auto-tag the column as PII in the data catalog.
Masking and redaction
Once tagged, PII columns can be masked at query time via Meridian's proxy layer. Supported strategies: full redaction, partial masking (last-4 display), tokenization with reversible vault, and format-preserving encryption for test environments.
Access controls
Role-based policies gate who can view unmasked PII. All access is logged to the audit trail with actor, timestamp, and justification reason. Break-glass procedures require multi-party approval.
Retention and deletion
Meridian enforces TTLs on PII-bearing records. Expired data is hard-deleted from primary stores and backup snapshots within the configured grace window. Deletion receipts are cryptographically signed.
This guide covers Meridian v3.2+. For GDPR/CCPA compliance mappings, see the compliance framework documentation.