Sensitive Data Policy

Attention: Sensitive Data Policy is also known as the Expert Review – Compliance Assist tool. Please contact your Account Executive or Account Services if you are interested in gaining access.

About Sensitive Data Policy

The Sensitive Data Policy tab contains ExpertReview – Compliance Assist, a powerful tool that helps you regulate the private personal information collected by your Qualtrics organization. Many organizations have strict rules about the kind of data they can collect from participants, and this administrative tool can help you flag questions and data that may violate your organization’s standard for respondent data privacy.

With ExpertReview – Compliance Assist, you can:

• Determine what topics will be flagged as sensitive data, using pre-built topics or your own customizable ones.
• Alert survey builders when they are asking for sensitive information.
• Warn respondents before they try to submit sensitive information.
• Redact sensitive information so the users in your brand never see it.

Sensitive data policy settings are not retroactive. Only responses collected after these settings have been saved will be flagged or redacted accordingly.

Attention: Changes to sensitive data policies impact ALL live surveys within the brand. Enabling redaction for sensitive data policies can break live surveys if there is a conflict between the sensitive data policy and question validation. For example, if a live survey has a text entry question with validation that requires the answer to be an email, enabling redaction for emails will block respondents from being able to answer that question and they won’t be able to proceed through the survey.

Qtip: This is a feature only available to Brand Administrators. Division Administrators do not have access to this feature.

Attention: The Sensitive Data Policy is not compatible with video feedback. Therefore, the Sensitive Data Policy will not be applied to Imported Video and Audio Projects or Unmoderated User Testing Questions. However, data collected through these features will have personally identifiable information redacted per AWS’s redaction rules. Please note this redaction only applies to the transcription itself, not the audio or video.

Qtip: Sensitive data policies can censor or remove information collected from survey questions, but do not affect respondent metadata, like location data. For that, try Anonymizing Responses. If you’d like to learn more about minimizing personal data collection in Qualtrics, see this guide.

Setting Up a Sensitive Data Policy

You can have multiple sensitive data policies per brand. All Brand Administrators can access and edit the brand’s sensitive data policies.

Go to the Admin page.

---

×

close

Select the Data Privacy tab.

---

×

close

Go to the Sensitive Data Policy section.

Click Add Topics.

Choose between the following:

• Qualtrics topics: Choose from a library of pre-made topics. Use the search or dropdowns to select topics for use. Different identification numbers such as Social Security will be separated by country rather than industry. See Built-In Topics for more details.
• New topic: Add a single custom topic. See Custom Topics for help with file formatting and Adding a Single Custom Topic for how to upload that file once ready.
• Import topics file: Import multiple topics at a time. Be sure to check the Qualtrics topics before using this option to upload topics that may already be commonly used. See Custom Topics for help with file formatting and Importing Multiple Custom Topics for how to upload that file once ready.

Save your changes.

Qtip: You can edit or remove these topics in the future.

Once your topics are created, don’t forget to go to Settings. There, you will determine whether to flag survey creators when they are making questions that may request sensitive data, or to flag survey takers when they try to provide sensitive information about themselves. Here you can also configure redaction.

---

×

close

Qtip: See Flag Survey Questions that Ask for Sensitive Information and Flag Survey Responses that Provide Sensitive Information for more details.

Also be sure to check out Exemptions. This is where you will identify if any surveys should be exempt from the sensitive data policy.

---

×

close

Qtip: Exemptions can be for the whole sensitive data policy, or for a specific policy. E.g., maybe there’s a survey allowed to collect phone numbers and no other identifying information. To set an exemption for a specific topic, click the topic name, then set the exemption to the right.

---

×

close

---

×

close

Flag Survey Questions that Ask for Sensitive Information

Qtip: These options are found by clicking Settings in the upper-right.

---

×

close

You will be able to warn survey creators that the questions they’ve created violate your company’s sensitive data policy. Enable Flag survey questions that ask for sensitive information.

Once this is enabled, you can click Include a custom warning message to write what users will see on the question that violates that policy.

---

×

close

What survey creators see

When a survey creator requests sensitive data, the question will be marked the same way questions that violate other ExpertReview recommendations are, with an orange iQ icon.

---

×

close

When the user clicks on the iQ icon, they will learn what phrases they used that triggered the warning. Here, the warning that the admin created will be displayed.

Qtip: This feature will not prevent the user from creating the question or publishing the survey – merely let them know they may violating brand policy. The specific topic issues will be flagged, e.g., identifying Social Security Numbers as opposed to just a vague privacy policy violation.

Flag Survey Responses that Provide Sensitive Information

Qtip: These options are found by clicking Settings in the upper-right.

---

×

close

You can flag responses so that survey takers are warned when they try to provide sensitive information. you can also make it so that if they disregard this warning, the survey creator can then report on the sensitive data they’ve collected.

---

×

close

Select Flag survey responses that provide sensitive information to allow survey builders to report on violations. These are listed by topic, not exact sensitive data provided (e.g., USA Phone Number, not 555-555-5555).

Enabling Warn survey respondents when they provide sensitive information created a message in the survey when respondents try to submit sensitive content.

If you select Redact sensitive information from survey responses, the information that violates the policy is completely deleted. The rest of the response will be fine, but the flagged and redacted information itself will be removed and irretrievable. Survey builders will still be able to report on violations, but these violations will be listed by topic, not specific violation.

Warn survey respondents they’ve provided sensitive information

This is what it looks like when a respondent tries to provide sensitive information. The appearance of the survey and questions asked will vary based on what you’ve built, but the window will display the number of questions affected and let respondents review their answers.

---

×

close

The respondent will be asked whether they want to change what they wrote (Review Answers) or keep going in the survey (Continue Without Reviewing).

Redacting sensitive information

When information is redacted, it is replaced with a series of asterisks ( * ) so that the survey builders cannot use any sensitive information the respondent has provided.

Turning this option off in the Sensitive Data Policy will not restore the redacted data. All redacted data is deleted permanently.

---

×

close

Qtip: This option redacts all sensitive data, regardless of topic. To narrow down what topics are redacted, see Global vs. Topic Redaction.

Global vs. Topic Redaction

When information is redacted, it is replaced with a series of asterisks so that the survey builders cannot use any sensitive information the respondent has provided.

Sometimes, you want to redact information provided pertaining to some topics, but not others. For example, while you may definitely redact any Social Security Numbers respondents try to enter into a survey, you may want phone numbers and email addresses to be left alone, so you can follow up with respondents if needed.

Global redaction can be enabled under the Settings using the Redact sensitive information from survey responses option. This redacts all flagged data, regardless of topic.

---

×

close

To redact information from one topic at a time:

Click on the name of the topic you want to edit.

---

×

close

Expand the Policy Settings.

---

×

close

Select Override Global Policy Settings.

Select Redact sensitive information pertaining to this topic from survey responses.

Click Save.

Attention: By enabling this option, you will be deleting all data that qualifies for redaction here on out. Turning this option off will not restore any data deleted by redaction. Once data is redacted, it is deleted permanently.

Reporting on Data Policy Violations in Responses

Responses can be flagged based on the privacy policies they violate. Survey builders can report on policies violated by using the Q_DataPolicyViolations field.

The topics tagged in a survey response may not correspond to the topics violated when building the survey. For example, consider a policy that flags USA phone numbers. A survey builder may ask for phone numbers, but if no respondent provides this information, no responses will be flagged. In contrast, if you have a general feedback question where a customer provides a phone number unprompted, this response will be flagged.

---

×

close

Qtip: If you want to view or report on Data Policy Violations, the field is readily available in your Data & Analysis and Reports tabs. However, to base survey logic (such as Branch Logic or Display Logic) you must first add Q_DataPolicyViolations as Embedded Data to your Survey Flow. When making edits to the survey, don’t forget to publish!

---

×

close

Qtip: You can display flagged responses in a CX dashboard by mapping the “Q_DataPolicyViolations” embedded data field as a multi-answer text set.

Attention: Imported Responses will be excluded from redaction.

Built-In Topics

While they are not guaranteed to be defined perfectly, Built-In Topics are a great way to get started on your sensitive data policy. They provide heavily researched options with large keyword dictionaries and carefully defined regex.

Once you have finished setting up for the first time, you can select more built-in topics later by clicking Add Topics and selecting Qualtrics topics.

---

×

close

On this window, use the dropdowns or the search bar to find your desired topics. Identification and other registration numbers can be found under their country of origin. (E.g., UK Insurance number is under its respective country instead of an industry.)

---

×

close

If you want to remove every topic listed, click Remove all above the list of selected topics.

Custom Topics

Sometimes, you may want to flag topics that are unique to your organization, such as employee ID, or use topics that Qualtrics hasn’t even thought of yet. Thankfully, you can import your own custom topics.

When using a JSON file, the topics you import are always added as new topics, not added onto existing, similar ones. For example, if you manually selected Social Security as a topic and then imported a JSON file with a topic called Social Security that had additional key words, you would have two Social Security topics in your Compliance Assist. This does not hurt the tool’s ability to check your brand for privacy violations in any way.

---

×

close

Export a JSON file of your topics by clicking Export at the top of the topics window. You can use this file to import your topics into another brand, or to make edits to the JSON file and add new custom topics.

Removing Topics

Go to the Actions dropdown to the far-right of the topic and click the trash can icon to remove a topic. This can be done for both custom and pre-built ones.

---

×

close

Qtip: If you want to remove every topic listed, click Remove all above the list of selected topics when you click Qualtrics topics.

---

×

close

Surveys Exempt from Sensitive Data Policies

Qtip: Surveys can only be added to 1 exemption. If a survey is already added to a sensitive data policy exemption, it cannot be added to another one.

There may be times when you need to mark surveys exempt from sensitive data policy violations. For example, if you have a workflow where you need to get back in touch with customers who wrote in upset, you probably need to collect some form of contact information, even if you generally forbid other surveys in the brand from doing so.

Marking Surveys Exempt

Click Bulk exemptions.

---

×

close

Click Add survey.

Search a survey by name. You can only select one survey at a time. Do not search by survey ID.

---

×

close

Select one of the following options:

• Survey is exempted from all current and future Sensitive Data Policy topics
• Survey is exempt only from the selected Sensitive Data Policy topics

  

  Qtip: You can select multiple topics. Click the trash can to remove a topic from the list of topics the survey is exempt from.

Click Save.

Qtip: Exemptions can be for the whole sensitive data policy, or for a specific policy. E.g., maybe there’s a survey allowed to collect phone numbers and no other identifying information. To set an exemption for a specific topic, click the topic name, then set the exemption to the right.

---

×

close

---

×

close

Managing Exemptions

Once you’ve marked surveys exempt from the sensitive data policy, they’ll appear on the Exemptions page.

Click the blue topics text to change the topics the survey is exempt from.

---

×

close

Click the trashcan to remove the exemption.

Topic Exemptions

By default, sensitive data policy topics apply to all questions and surveys. However, you can create exemptions for topics. You can exempt an entire survey or a question from a survey.

Click on the topic you’d like to add exemptions for.

---

×

close

To add exemptions for a specific survey, go to Survey Level.

---

×

close

Begin typing in the box to select a survey to apply the exemption to.

To add exemptions for a specific survey question, go to Question Level.

---

×

close

Click Add questions.

Begin typing to search for the survey that contains the questions you’d like to create exemptions for.

---

×

close

Click Continue.

Choose the questions you’d like to add the exemption to.

---

×

close

Click Apply.

Applying Sensitive Data Policies to Certain Surveys

By default, sensitive data policies will apply to all surveys in your organization, barring any exemptions you’ve created. However, you can change the behavior of an individual sensitive data policy so that surveys must be explicitly opted-in to the policy for it to take effect.

Go to Settings.

---

×

close

Enable the ‘Apply to select only’ sensitive data policy option.

Click Save.

Choose the policy that you’d like to apply to a survey.

---

×

close

Enable the Apply to select only option.

---

×

close

Begin typing in the box to select a survey to apply the policy to.

To remove a survey, click the trash can icon next to it.