Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Sensitive data in logs cleanup

CSP Request Details

None

CSP Rejection Details

None

CSP Approved

None

Description

It is necessary to review the information available in the module logs. Personally Identifiable Information (PII) that directly (explicit user personal data, financial information, etc.) or indirectly (references to files in S3 or local files containing personal information) allows the identification of a user must be removed. If removal is not possible, the information should be masked. Among the PII, the following should be removed (if applicable):

Direct Identifiers (explicitly identify an individual):

  • Full name

  • Social Security Number (SSN)

  • Passport number

  • Driver’s license number

  • Email address

  • Phone number

  • Physical address

Indirect Identifiers (can identify an individual when combined with other information):

  • Date of birth

  • IP address

  • Geolocation data

  • Employment information

  • Medical records

  • Financial data (e.g., credit card details)

Acceptance criteria:

All PII is not present in the module logs based on logs visual review.

Environment

None

Potential Workaround

None

defines

Checklist

hide

Activity

Show:

Details

Assignee

Reporter

Priority

Development Team

Volaris

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created February 10, 2025 at 10:31 PM
Updated February 12, 2025 at 3:00 PM
Configure
TestRail: Cases
TestRail: Runs

Flag notifications