Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
edwardrmiles
Helper III
Helper III

How do you avoid exposing data that's sensitive when personally identifiable?

‎09-15-2016 08:18 AM

I'm interested to hear any approaches I can use to avoid exposing data that's sensitive when personally identifiable but analytically interesting when aggregated

 

It's easy enough to remove or mask user names etc. but when you start applying filters on a set of data it's easy to imagine scenarios problems.  For example, say I have HR data with an Average Pay measure, and I add a filter for Department and Role. If there are any roles in a given department being performed by one employee (quite a common scenario) then the Average Pay measure is in fact that individuals pay, and that exposes sensitive data.

 

Thus far the only solution I have come up with is to add a condition in a measure that returns blank if disticnt count of masked user identifiers is below a threshold (and hiding from report view the column). Something like this:

 

Average Pay:= IF( DISTINCTCOUNT([MaskedUserId]) < 10, BLANK(), AVERAGE('HrData'[Pay]) )

 

Does anyone have a more elegant / comprehensive solution? In particular this only works where users aren't allowed to edit the report

 

Thanks!

 

 

Labels:
Message 1 of 2
870 Views
0
1 REPLY 1
v-haibl-msft
Employee
Employee

‎09-15-2016 08:40 PM

@edwardrmiles

 

I think you can also try to use Row-level security (RLS). Just give a simple sample as below.

Assuming we have a similar table like below. We can create a calculated column to get the role count in one department.

RoleCount_Per_Depart = 
CALCULATE ( COUNTROWS ( Table1 ), ALLEXCEPT ( Table1, Table1[Department] ) )

How do you avoid exposing data that's sensitive when personally identifiable_1.jpg

 

Then we can create a non-admin role which can only see the data that belong to those departments which have more than 1 employee.

How do you avoid exposing data that's sensitive when personally identifiable_2.jpg

 

After publish to PBI Service, we can configure RLS to include ordinary employee into the Non-Admin group. Then employees in this group will not be able to see the data that belong to those departments which have only 1 employee.

How do you avoid exposing data that's sensitive when personally identifiable_4.jpg

How do you avoid exposing data that's sensitive when personally identifiable_5.jpg

 

Best Regards,

Herbert

Message 2 of 2
836 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All