privacy concerns when working with sensitive documents using Vision API

Suli Adeniye 20 Reputation points


I am trying to extract texts from some sensitive image pdf documents using the Vision API. Any suggestions on how to ensure non-disclosure of these documents when processing them on Azure.

Thank you.

Azure AI Custom Vision
Azure AI Custom Vision
An Azure artificial intelligence service and end-to-end platform for applying computer vision to specific domains.
232 questions
{count} votes

Accepted answer
  1. dupammi 7,750 Reputation points Microsoft Vendor

    Hi @Suli Adeniye

    Thank you for your question.

    When working with sensitive documents using the Vision API, it's important to take steps to ensure non-disclosure and maintain privacy. To achieve this, you can implement the following measures:

    Firstly, the Vision API processes data temporarily and retains it only for a maximum of 48 hours. This means that after processing, the data is automatically deleted and not stored permanently. Secondly, ensure that data is encrypted both in transit and at rest. Azure Cognitive Services, including the Vision API, support encryption to protect your data. Thirdly, implement strict access controls to ensure that only authorized personnel can access the data. Use Azure Active Directory to manage identities and access. Fourthly, although not necessary for data that is only temporarily stored, you can delete the resource group after processing to ensure that all associated data is removed. Fifthly, review the Microsoft Cognitive Services privacy statement to understand the data handling policies in place: Microsoft updates to Cognitive Services terms. Lastly, make sure to document and follow internal policies for handling sensitive data, including guidelines for using external APIs and services.

    Azure Computer Vision complies with various data protection regulations, including GDPR. The data is processed and stored in the region you select, and Microsoft will not share your data with others. Ensure you are familiar with the Azure Cognitive Services compliance and privacy documentation to understand the specifics of compliance standards such as HIPAA and GDPR.

    I hope you understand. Thank you.

    Please don't forget to click Accept Answer and Yes for was this answer helpful.

0 additional answers

Sort by: Most helpful