Share via

privacy concerns when working with sensitive documents using Vision API

Suli Adeniye 20 Reputation points
2024-06-03T21:31:02.36+00:00

Hi:

I am trying to extract texts from some sensitive image pdf documents using the Vision API. Any suggestions on how to ensure non-disclosure of these documents when processing them on Azure.

Thank you.

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,565 questions
Azure AI Custom Vision
Azure AI Custom Vision
An Azure artificial intelligence service and end-to-end platform for applying computer vision to specific domains.
233 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,571 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marcin Policht 16,725 Reputation points MVP
    2024-06-03T21:57:01.6833333+00:00

    Refer to https://learn.microsoft.com/en-us/legal/cognitive-services/computer-vision/imageanalysis-data-privacy-security

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

    0 comments
  2. brtrach-MSFT 15,786 Reputation points Microsoft Employee
    2024-06-12T02:51:26.3766667+00:00

    @Suli Adeniye To expand upon the document that Marcin shared, when working with sensitive documents using the Azure Vision API, it’s crucial to ensure the non-disclosure and privacy of the data. Here are some measures you can implement to enhance security:

    1. Data Retention: The Vision API processes data temporarily and retains it for a maximum of 48 hours. After processing, the data is automatically deleted.
    2. Encryption: Ensure that data is encrypted both in transit and at rest. Azure Cognitive Services, including the Vision API, support encryption to protect your data.
    3. Access Controls: Implement strict access controls to ensure that only authorized personnel can access the data. Use Azure Active Directory to manage identities and access.
    4. Resource Group Deletion: Although not necessary for data that is only temporarily stored, you can delete the resource group after processing to ensure that all associated data is removed.
    5. Compliance and Privacy: Review the Microsoft Cognitive Services privacy statement and ensure you are familiar with the Azure Cognitive Services compliance and privacy documentation. Azure Computer Vision complies with various data protection regulations, including GDPR.

    Additionally, document and follow internal policies for handling sensitive data, including guidelines for using external APIs and services. Make sure to understand the specifics of compliance standards such as HIPAA and GDPR as they apply to your use case.

    0 comments