Understanding Compliance for Detection and Redaction

Organizations that process sensitive content often need to align their detection and redaction workflows with specific regulatory standards — HIPAA for healthcare, GDPR for data privacy, PCI DSS for payment card data, or CJIS for criminal justice information. Without a structured approach, users must manually remember which PII entities and object detection classes each regulation requires, selecting them individually every time they process content. This is error-prone and time-consuming, especially when multiple regulations apply.

Compliance in VIDIZMO solves this by letting portal administrators pre-define named groups of detection and redaction classes that correspond to regulatory standards. Users then select a compliance entry during processing, and VIDIZMO handles the rest — auto-populating the correct classes, locking them to prevent accidental removal, and tagging processed content for audit and search.

Concept

A compliance entry is a named configuration that maps to a set of detection and redaction classes. For example, a "HIPAA" compliance entry might include Person, Email Address, Phone Number, Address, Medical License, and US Social Security Number as detection classes. When a user selects HIPAA during processing, all of these classes are selected automatically.

Each compliance entry maps classes for both detection and redaction, but these are applied separately. Compliance (Detection) controls which AI insights run on the content. Compliance (Redaction) controls which detected entities are automatically redacted, and only shows entries already selected for detection — you can only redact what has been detected first. This two-step approach gives organizations the flexibility to detect a broad set of PII for awareness while redacting only a specific subset before sharing.

When you select a compliance entry, the mapped classes are locked in the dropdown — they can't be accidentally removed. Deselecting the compliance entry itself unlocks and removes the auto-populated classes. You can still add more classes manually beyond what the compliance entry includes.

Compliance entries can also include sub-types such as specific object detection classes or custom pattern entity types. These auto-populate into the sub-type dropdowns and follow the same locking behavior as parent classes.

Compliance Tagging

When content is processed with one or more compliance entries selected, VIDIZMO automatically adds the compliance entry names as tags on the content. This makes it straightforward to:

• Search for all content processed under a specific compliance standard
• Filter content in the Media Library by compliance tags
• Generate reports on compliance coverage across your portal's content

How VIDIZMO Implements Compliance

VIDIZMO provides compliance capabilities through a combination of administrator configuration and processing integration:

1. Compliance management — Administrators create entries in Portal Settings > Library > Compliance Settings, mapping classes and sub-types to each standard. Global entries (system-provided) cover common standards and can be activated per-portal or cloned for customization.

2. Processing integration — Compliance dropdowns appear above the detection and redaction class selectors in the VIDIZMO Indexer settings, Process Modal, and Studio Space. Selected entries auto-populate and lock the mapped classes.

3. Custom patterns — Custom patterns mapped to a built-in detection class run automatically when that class is selected through compliance. Unmapped custom patterns appear as selectable sub-type options under Custom Patterns, so organizations can extend compliance coverage with their own detection rules.

4. Redaction codes — When creating redaction codes under Library > Redaction Codes Settings, administrators can map codes to specific detection and redaction classes (including Object Detection, Custom Patterns, and PII classes). This ties the compliance workflow end-to-end — from detection to redaction to labeling.

Use Cases

Healthcare Organizations (HIPAA)

A hospital portal administrator creates a "HIPAA" compliance entry that includes Person, Email Address, Phone Number, Address, Medical License, and US Social Security Number. When staff process patient interview recordings, they select HIPAA from the compliance dropdown. All required PII entities are detected and redacted automatically before the content is shared externally.

Financial Institutions (PCI DSS)

A bank creates a "PCI DSS" compliance entry mapping Credit Card Number, IBAN Code, and US Bank Account Number. Processing customer-facing training videos with this compliance entry ensures all payment card data is detected and redacted without manual class selection.

Government Agencies (FOIA)

A government agency creates compliance entries for different FOIA exemption categories. When preparing records for public release, staff select the appropriate compliance entry. Combined with redaction codes, each redaction is both performed and labeled with the correct exemption justification.

See Also

• How to Configure Compliance for Detection and Redaction
• Configuring VIDIZMO Indexer for PII Detection and Redaction
• Understanding PII Detection and Redaction using VIDIZMO Indexer
• Understanding Redaction Codes in VIDIZMO
• How to Create Custom Patterns

Did you find this article helpful?

Sorry we couldn't be helpful. Help us improve this article with your feedback.

Your email*

Your feedback*

Need more information

Difficult to understand

Inaccurate/irrelevant content

Missing/broken link

Glad we could be helpful. Thanks for the feedback.

Your response has been recorded. Thank you for the feedback.