National Privacy Regulations

Documentation | Support

Go to the table of contents

Go to the previous page

Go to the next page

View or print as PDF

Forcepoint DLP Predefined Policies and Classifiers > Data Loss Prevention policies > Regulations, Compliance and Standards > National Privacy Regulations

National Privacy Regulations

Predefined Policies and Classifiers | Forcepoint DLP | v8.4.x

Forcepoint DLP includes regulatory policies for numerous countries.

United States of America - State Privacy Regulations

Policies for promoting compliance with Australian Privacy regulations.

Australian Privacy Act (2012 Revision)

The Australian Federal Privacy Act mandates protection of private information and limits its storage, usage, and distribution. The policy detects private information of Australians. Each one of this policy's rules relates to different private information. Enable the rules you want to enforce. The rules for this policy are:

Australian Privacy Act: Medicare and Sensitive Disease or Drug

Australian Privacy Act: Medicare and Common Medical Condition

Australian Privacy Act: Name and Driver License

Australian Privacy Act: Name and TFN

Australian Privacy Act: Name and Address

Australian Privacy Act: TFN and Address

Australian Privacy Act: ABN and Address (Default)

Australian Privacy Act: ABN and Address (Wide)

Australian Privacy Act: Name and Bank Account number

Australian Privacy Act: DNA profile

Australian Privacy Act: Name and Racial or Ethnic Origins

Australian Privacy Act: Name and Crime

Australian Privacy Act: Name and Sexual preference

Australian Privacy Act: Credit file (Wide)

Australian Privacy Act: Credit file (Default)

Australian Privacy Act: Credit file (Narrow)

Australian Privacy Act: Name and ABN (Default)

Australian Privacy Act: Name and ABN (Wide)

Australian Privacy Act: Australian Name and Sensitive Disease or drug

Australian Privacy Act: Australian Name and Common Medical Condition

Policies for promoting compliance with Canadian Privacy regulations.

The Personal Information Protection and Electronic Documents Act is a Canadian law governing how private sector organizations collect, use and disclose personal information in the course of commercial business. The policy detects Canadian Personally Identifiable Information (PII) like social insurance numbers or credit cards, either alone or in combination with sensitive private information like health conditions.

PIPEDA: CCN and Common Medical Condition

PIPEDA: CCN and Sensitive Disease or Drug

PIPEDA: DOB and Address or SIN or Name

PIPEDA: Name and Driver License Number

PIPEDA: Name and Government Issues ID Card Number w proximity

PIPEDA: Name and Indian Status Number w proximity

PIPEDA: Name and Permanent Resident Card Number w proximity

PIPEDA: Name and Physical Information

PIPEDA: Name and Sensitive Disease

PIPEDA: SIN and Address or DOB or Name

PIPEDA: SIN and CCN

PIPEDA: SIN and Common Medical Condition

PIPEDA: SIN and Sensitive Disease or drug

Policies for promoting compliance with European Union Privacy regulations.

Denmark Personal Information Protection Law

The Denmark Personal Information Protection Law (PIP) regulates the handling of personal information. The policy comprises rules for detection of CPR numbers and Danish bank account numbers. The rules for this policy are:

DPIP: CPR and Name - Wide

DPIP: CPR and Name - Default

DPIP: CPR and Name - Narrow

DPIP: CPR numbers (Wide)

DPIP: CPR numbers (narrow)

DPIP: CPR numbers (default)

DPIP: Credit Cards

DPIP: Bank Account number - Wide

DPIP: Bank Account number with terms

DPIP: Bank Account number with strict format - Narrow

Personal Data Act (523/1999)

Finland's Personal Data Act provides restrictions on the processing, storage and transmission of personal and sensitive information, including personal ID. Under the Law, personal information relating to identity may only be processed, stored and transmitted with the consent of the individual. Personal information cannot generally be transferred outside of Finland unless the country has "comparable" protections. The policy comprises rules for detection of Finnish Social Security Numbers and DNA sequences. The rules for this policy are:

Finland Personal Data Act: Finnish SSN (Wide)

Finland Personal Data Act: Finnish SSN

Finland Personal Data Act: DNA Sequence

France BNR (Ordonnance 2011-1012)

A policy to promote compliance with the France Breach Notification Requirement (Ordonnance 2011-1012). According to this Ordinance, electronic communication service provider must inform, without delay, the French Data Protection Authority in case of any security breach. A data security breach is defined as any security breach that accidentally or unlawfully results in the destruction, loss, alteration, disclosure or unauthorized access to personal data that is being processed in the context of electronic communication services that are provided to the public. The rules for this policy are:

France BNR 2011-1012: CCN and Name

France BNR 2011-1012: INSEE numbers

France BNR 2011-1012: Name and Health

France BNR 2011-1012: INSEE and Health

France BNR 2011-1012: Name and INSEE

France Data Protection Law 2004-801

Policy for the French Law 2004-801, which implements the EU Directive 95 on privacy. The policy contains rules to detect combinations of French full names and INSEE numbers with sensitive private information like credit card number or health conditions. The rules for this policy are:

France Privacy: CCN and Name

France Privacy: INSEE numbers

France Privacy: Name and Health

France Privacy: INSEE and Health

France Privacy: Name and INSEE

Germany Federal Privacy Protection Act

Policy for the German Federal Privacy Protection Act, implementing the EU Directive 95 on privacy. The policy contains rules to detect combinations of German full names with sensitive private information like credit card number, ethnicity, and health conditions. the rules for this policy are:

Germany FPP: CCN and Name

Germany FPP: Ethnicity and Name

Germany FPP: Health and Name

Germany FPP: Crime and Name

Greece - Hellenic DPA of 1997

The Hellenic Data Protection Act of 1997 regulates the processing of personal data and therefore mandates the protection of private information. The policy detects Greek AFM (Î‘ÏÎ¹Î¸Î¼ÏŒÏ‚ Î¦Î¿ÏÎ¿Î»Î¿Î³Î¹ÎºÎ¿Ï ÎœÎ·Ï„ÏÏŽÎ¿Ï…) and ID numbers, alone or in proximity to a Greek names in Greek or Latin letters, and combinations of Greek names in proximity to sensitive medical information in Greek and English. The rules for this policy are:

Greece: AFM number (Default)

Greece: AFM number (Wide)

Greece: AFM number and Name (Default)

Greece: AFM number and Name (Wide)

Greece: ID and Name (Default)

Greece: ID and Name (Wide)

Greece: Sensitive Medical Information and Name (Default)

Greece: Sensitive Medical Information and Name (Wide)

Hungarian Data Protection Laws

Act LXIII of 1992 on Protection of Personal Data and Disclosure of Data Public Interest mandates, among others, that personal data shall be protected against unauthorized access, transfer and public exposure. Data may only be processed, stored and transmitted with the consent of the individual. The Act sets out sanctions for violations. The policy comprises rules for detection of Hungarian Personal Numeric Code Numbers (szemelyi azonosito szam) Social Security Numbers (TAJ szam), Tax ID Numbers (Adoazonosito jel) and DNA information. The rules for this policy are:

Hungarian Data Protection Laws: Hungary Szemelyi Azonosito Szam (Wide)

Hungarian Data Protection Laws: Hungary Szemelyi Azonosito Szam (Default)

Hungarian Data Protection Laws: Hungary TAJ szam (Wide)

Hungarian Data Protection Laws: Hungary TAJ szam (Default)

Hungarian Data Protection Laws: Hungary Adoazonosito jel (Wide)

Hungarian Data Protection Laws: Hungary Adoazonosito jel (default)

Hungarian Data Protection Laws: DNA Sequence

Ireland Data Protection Acts (DPA)

Ireland Data Protection Acts (DPA) of 1988 and 2003, and in particular, the Personal Data Security Breach Code of Practice set by Ireland Data Protection Commissioner (DPC), mandate protection of personal information and requires that, in case where there is a risk of unauthorized disclosure, loss, destruction or alteration of personal data, the data controller must give immediate consideration to informing those affected. The policy contains rules to detect Irish Personally Identifiable Information (PII) like Personal Public Service Numbers (PPS/RSI) or passport numbers, alone or in combination with credit card numbers. The rules for this policy are:

Ireland DPA: Irish PRSI/PPS Number and CCN

Ireland DPA: Irish Driver Number and CCN

Ireland DPA: Irish Passport Number and CCN

Ireland DPA: Irish Personal Public Service Number

Ireland DPA: Irish Driver Number

Ireland DPA: Irish Passport Number

Ireland DPA: Irish IBAN (default)

Ireland DPA: Irish IBAN (wide)

Ireland DPA: Irish Bank Account

Ireland DPA: Name and Sensitive Diseases

Italy Health Data Privacy Act

The Italy Health Data Privacy Act protects persons from violation of their right to privacy through the processing of personal data. The Act helps to ensure that personal data is processed in accordance with fundamental respect for the right to privacy, including the need to protect personal integrity and private life and ensures that personal data is of adequate quality. The policy contains rules to detect combinations of Italy Personally Identifiable Information (PII) like Codice Fiscale and full name, with sensitive health information. The rules for this policy are:

Italy HDPA: Codice Fiscale

Italy HDPA: Codice Fiscale and Health Information

Italy HDPA: DICOM

Italy HDPA: Name and Codice Fiscale

Italy HDPA: Name and Health Information

Italy HDPA: SPSS Text Files

Netherlands Personal Data Protection Act

Policy to promote compliance with the Dutch Personal Data Protection Act, which implements the EU Directive 95 on privacy. The policy contains rules to detect combinations of Netherlands sofinummer and sensitive private information like account number, driver license number, passport number, ethnicity and health conditions. The rules for this policy are:

DUTCH PDP: Sofi and Ethnicities

DUTCH PDP: Sofi and Account with Password

DUTCH PDP: Sofi and CCN

DUTCH PDP: Sofi and Crime

DUTCH PDP: Sofi and Diseases

Dutch PDP: Dutch Bank Accounts with proximity

Dutch PDP: Dutch Bank Accounts

Dutch PDP: Driver License Numbers

Dutch PDP: Passport Numbers

The Law on the Protection of Personal Data (LPPD) is based on the European Union (EU) Data Protection Directive. Under the Law, personal information relating to identity may only be processed, stored and transmitted with the consent of the individual. Personal information cannot generally be transferred outside of Poland unless the country has 'comparable' protections. The law sets out civil and criminal sanctions for violations. The policy comprises rules for detection of Polish NIP numbers, PESEL numbers, Polish ID numbers, DNA information and Polish REGON numbers, alone or in proximity to a Polish name. The rules for this policy are:

Poland LPPD: DNA Sequence

Poland LPPD: NIP Number (Wide)

Poland LPPD: NIP Number (Default)

Poland LPPD: NIP Number and Name

Poland LPPD: PESEL Number (Wide)

Poland LPPD: PESEL Number (Default)

Poland LPPD: PESEL and Name

Poland LPPD: Polish ID Number (Wide)

Poland LPPD: Polish ID Number (Default)

Poland LPPD: Polish ID and Name

Poland LPPD: REGON Number (Wide)

Poland LPPD: REGON Number (Default)

Poland LPPD: REGON and Name

Spain Data Privacy Act

The Spanish Data Privacy Act implementing the EU Directive 95 on privacy. The policy contains rules to detect combinations of Spain National Identity Documents and sensitive private information like account numbers, ethnicity and health conditions. The rules for this policy are:

SPAIN DPA: DNI and Ethnicities

SPAIN DPA: DNI and Account with Password

SPAIN DPA: DNI and CCN

SPAIN DPA: DNI and Crime

SPAIN DPA: DNI and Diseases

Sweden Personal Data Act of 1998

Sweden's Personal Data Act of 1998 was enacted to protect people against the violation of their personal integrity by processing of personal data. The act includes restrictions on the storage and transmission of personal data. The pre-defined policy comprises rules for detection of Swedish Personal Identity Number (personnummer) in traffic and DNA information. The rules for this policy are:

Sweden Personal Data Act: Swedish ID - wide

Sweden Personal Data Act: Swedish ID - default

Sweden Personal Data Act: DNA Sequence

Swedish Patient Data Act (SFS 2008:355 Patientdatalagen)

A policy to promote compliance with the Swedish Patient Data Act (Patientdatalag, SFS 2008:355) that mandates protection of protected health information (PHI) and Personally Identifiable Information (PII) of Swedish citizens and residents. The policy comprises rules for detection of health information or medical conditions (in Swedish or English), in proximity to personally identifiable information such as personnummer or name, and for detection of SPSS files and Database files. The rules for this policy are:

SFS 2008:355: Database File

SFS 2008:355: DICOM

SFS 2008:355: DNA Profile

SFS 2008:355: ICD10 Code

SFS 2008:355: ICD10 Code and Description

SFS 2008:355: ICD10 Code and Name (Wide)

SFS 2008:355: ICD10 Code and Name (Default)

SFS 2008:355: ICD10 Code and Name (Narrow)

SFS 2008:355: ICD10 Code and Personal Number

SFS 2008:355: ICD10 Description

SFS 2008:355: Name and Health Information

SFS 2008:355: Name and Personal Number

SFS 2008:355: Name and Sensitive Disease or Drug

SFS 2008:355: Personal Number

SFS 2008:355: Personal Number and Health Information

SFS 2008:355: Personal Number and Sensitive Disease or Drug

SFS 2008:355: SPSS Text File

Information Governance Toolkit

Policy for compliance with the NHS Information Governance Toolkit (IG Toolkit). The rules for this policy are:

IG Toolkit: DICOM

IG Toolkit: DNA Profile (Default)

IG Toolkit: DNA Profile (Narrow)

IG Toolkit: DOB and Name

IG Toolkit: Driver Number and Name (Wide)

IG Toolkit: Driver Number and Name (Default)

IG Toolkit: ICD9 Code

IG Toolkit: ICD9 Code and Full Name

IG Toolkit: ICD9 Description and Full Name

IG Toolkit: ICD10 Code

IG Toolkit: ICD10 Code and Full Name

IG Toolkit: ICD10 Description and Full Name

IG Toolkit: Name and Common Medical Condition (Default)

IG Toolkit: Name and Common Medical Condition (Narrow)

IG Toolkit: Name and Sensitive Disease or Drug (Default)

IG Toolkit: Name and Sensitive Disease or Drug (Narrow)

IG Toolkit: National Insurance Number and Name

IG Toolkit: NDC Number (Default)

IG Toolkit: NDC Number (Narrow)

IG Toolkit: NHS Number (Wide)

IG Toolkit: NHS Number (Default)

IG Toolkit: NHS Number (Narrow)

IG Toolkit: Passport Number and Name

IG Toolkit: Tax ID Number and Name

The UK Data Protection Act 1998 provides provision for the regulation of the processing of information relating to individuals, including the obtaining, holding, use or disclosure of such information. The policy contains rules to detect UK Personally Identifiable Information (PII) like National Insurance numbers, passport numbers, alone or in combination with credit card numbers. The rules for this policy are:

UK DPA: UK National Insurance Number and CCN

UK DPA: UK Driver Number and CCN

UK DPA: UK Driver Number and CCN (Wide)

UK DPA: UK Passport Number and CCN

UK DPA: UK Tax ID Number and CCN

UK DPA: UK National Insurance Number

UK DPA: UK Driver Number

UK DPA: UK Passport Number

UK DPA: UK Tax ID Number

UK DPA: NHS Numbers (wide)

UK DPA: NHS Numbers (narrow)

UK DPA: NHS Numbers (default)

EU Directive 9546EC

Directive 95/46/EC on the protection of personal data regulates the processing of personal data. The policy detects combinations of national identification numbers and credit card numbers prevalent in Europe. The rules for this policy are:

EU 95 46: Dutch Sofinummer and CCN

EU 95 46: French INSEE numbers and CCN

EU 95 46: Italian Codice Fiscale numbers and CCN

EU 95 46: Norway Personal Number and CCN

EU 95 46: Spanish DNI numbers and CCN

EU 95 46: Swiss new format AHV and CCN

EU 95 46: Swiss Old format AHV and CCN

EU 95 46: UK National Insurance Number and CCN

Policy for promoting regulatory compliance with the requirements of the Basel Committee on Banking Supervision. The policy contains rules to detect financial data like account numbers, passwords, or magnetic credit card tracks. Additional rules detect combinations of Personally Identifiable Information (PII) like credit cards and identification numbers. The rules for this policy are:

EU Finance: CCN: with National ID

EU Finance: CCN and PIN number

EU Finance: Suspected passwords

EU Finance: Credit Card Magnetic Strips

EU Finance: Password dissemination for Web traffic

EU Finance: 5-8 digit Account Numbers

EU Finance: 10 digit Account Numbers

EU Finance: 9 digit Account Numbers

Policies for promoting compliance with Hong Kong Privacy regulations.

Hong Kong Personal Data Privacy Ordinance

The Hong Kong Personal Data Privacy Ordinance (PDPO) protects the privacy interests of living individuals in relation to personal data. The Ordinance covers any data relating directly or indirectly to a living individual from which it is practicable to ascertain the identity of the individual and which are in a form in which access or processing is practicable, including, for example, Hong Kong Identity Card Number, name and address. The rules for this policy are:

PDPO: Common Surname and Address (default)

PDPO: Common Surname and Address (narrow)

PDPO: Common Surname and Address (wide)

PDPO: Hong Kong ID - default pattern

PDPO: Hong Kong ID - wide

PDPO: Hong Kong ID (default pattern) and Common Address

PDPO: Hong Kong ID (default pattern) and Common Surname

PDPO: Hong Kong ID (default pattern) with Common Surname and Address

PDPO: Hong Kong ID (formal form) and Common Address

PDPO: Hong Kong ID (formal form) and Common Surname

PDPO: Hong Kong ID (formal form) with Common Surname and Address

PDPO: Hong Kong ID (wide) and Common Address

PDPO: Hong Kong ID (wide) and Common Surname

PDPO: Hong Kong ID (wide) and Common Surname and Address

PDPO: Hong Kong ID formal form

Policies for promoting compliance with Iceland Privacy regulations.

Iceland Privacy Act

The Iceland Act on Protection of Individuals with regard to the Processing of Personal Information (law 77/2000) follows the EU Data Protection Directive and restricts the processing, storage, and transmission of personal and sensitive information. The predefined policy comprises rules for detecting Icelandic identification numbers (Kennitala) of individuals and DNA profiles. The rules for this policy are:

Iceland Privacy Act: Kennitala of Individuals (Default)

Iceland Privacy Act: Kennitala of Individuals (Wide)

Iceland Privacy Act: DNA Sequence

Policy for detecting sensitive personal information as defined by the India Information Technology Act. The rules for this policy include:

India IT Act: Suspected Passwords

India IT Act: CCN (Default)

India IT Act: CCN (Narrow)

India IT Act: Indian Name and Physical Information

India IT Act: Indian Name and Sensitive Disease or Drug

India IT Act: Indian Name and Common Medical Condition

India IT Act: Indian Name and Sexual Orientation

India IT Act: Indian Name and Biometric Information

India IT Act: Indian Name and Password

India IT Act: Password dissemination for Web traffic

Policies for promoting compliance with Israel Privacy regulations.

Israeli Health Care

Policy for detection of protected health information of Israeli citizens, to promote compliance with Israeli privacy rules and Israeli patients rights law of 1996.

Israeli Health Care: DICOM

Israeli Health Care: Identity Number and General Medical Information

Israeli Health Care: Identity Number and Sensitive Medical Information

Israeli Health Care: Name and General Medical Information

Israeli Health Care: Name and Sensitive Medical Information

Israeli Health Care: SPSS Text File

Policies for promoting compliance with Japan Privacy regulations.

The Japan Personal Information Protection Law (PIP) states a set of obligations for companies handling personal data. The law protects individuals by regulating the handling of information by private sector businesses. The policy contains rules to protect Japan PII (Personally Identifiable Information), either alone or with a credit card number. The rules for this policy are:

JPIP: Account and Credit Card Number

JPIP: Credit Card Numbers

JPIP: Telephone Numbers

JPIP: Surname and Account

JPIP: Surname and Driver License

JPIP: Surname and Pension Number

JPIP: Surname and Ledger Number

JPIP: E-mail Addresses

JPIP: Individual Numbers (Wide)

JPIP: Individual Numbers (Default)

JPIP: Individual Numbers (Narrow)

JPIP: Corporate Numbers (Wide)

JPIP: Corporate Numbers (Default)

JPIP: Corporate Numbers (Narrow)

Policies for promoting compliance with Malaysia Privacy regulations.

The Malaysian Personal Data Protection Act of 2009 mandates, among others, that any person in Malaysia who collects or stores any personal data in respect of commercial transactions, should take practical steps to protect the personal data from any loss or unauthorized access or disclosure. Penalties for incompliance comprise fine not exceeding 250000 ringgit or imprisonment for a term not exceeding two years or to both. The policy comprises rules for detection of Malaysian personal information, such as Malaysian ID, alone or in combination with sensitive information such as sensitive health information, credit card numbers, account number, ethnicities and religion etc. Additional rules detect combinations of names with sensitive health information or passwords.

Malaysia PDPA: Malaysian ID

Malaysia PDPA: Malaysian ID and CCN

Malaysia PDPA: Malaysian ID and Account number

Malaysia PDPA: Malaysian ID and Ethnicities or Religion

Malaysia PDPA: Malaysian ID and Crime

Malaysia PDPA: Malaysian Name and sensitive health information

Malaysia PDPA: DNA Sequences

Malaysia PDPA: Malaysian Name and Password

Policies for promoting compliance with New Zealand Privacy regulations.

New-Zealand Privacy Act

New Zealand's Privacy Act of 1993 applies to almost every person, business or organization in New Zealand. The act sets out information privacy principles, which, among others, limit transmission and storage of personal data. The pre-defined policy comprises rules for detection and monitoring of NZ National Health Index (NHI) numbers and DNA information. The rules for this policy are:

New Zealand Privacy Act: NHI number (wide)

New Zealand Privacy Act: NHI number (default)

New Zealand Privacy Act: DNA Sequence

Policies for promoting compliance with Norway Privacy regulations.

Norway Health Data Privacy Act

The Norway Health Data Privacy Act protects persons from violation of their right to privacy through the processing of personal data. The Act helps to ensure that personal data is processed in accordance with fundamental respect for the right to privacy, including the need to protect personal integrity and private life and ensures that personal data is of adequate quality. The policy contains rules to detect combinations of Norwegian Personally Identifiable Information (PII) like personnummer and full name, with sensitive health information.

Norway HDPA: DICOM

Norway HDPA: ICD10 Code

Norway HDPA: ICD10 Code and Description

Norway HDPA: ICD10 Code and First Name

Norway HDPA: ICD10 Code and Full Name

Norway HDPA: ICD10 Code and Last Name

Norway HDPA: ICD10 Code and PIN Number

Norway HDPA: ICD10 Description

Norway HDPA: Name and Health Information

Norway HDPA: Name and Personal Number

Norway HDPA: Personal Number (Wide)

Norway HDPA: Personal Number (Default)

Norway HDPA: Personal Number (Narrow)

Norway HDPA: Personal Number and Health Information

Norway HDPA: SPSS Text File

Policies for promoting compliance with Philippines Privacy regulations.

Philippines Data Privacy Act

The Philippines Data Privacy Act of 2012 adopts generally accepted international principles and standards for personal data protection. It states that all sensitive personal information maintained by the government shall be secured with the use of the most appropriate standard recognized by the information and communications technology industry. Sensitive personal information includes information about an individual's age, color, health, genetics, offense committed, or ID numbers. The rules for this policy are:

Philippines DPA: DNA Profile

Philippines DPA: Name and Address (Wide)

Philippines DPA: Name and Address (Default)

Philippines DPA: Name and Address (Narrow)

Philippines DPA: Name and CCN (Wide)

Philippines DPA: Name and CCN (Default)

Philippines DPA: Name and CCN (Narrow)

Philippines DPA: Name and Common Medical Condition (Wide)

Philippines DPA: Name and Common Medical Condition (Default)

Philippines DPA: Name and Crime (Wide)

Philippines DPA: Name and Crime (Default)

Philippines DPA: Name and Date of Birth (Wide)

Philippines DPA: Name and Date of Birth (Default)

Philippines DPA: Name and Password (Wide)

Philippines DPA: Name and Password (Default)

Philippines DPA: Name and PhilHealth Identification Number (Wide)

Philippines DPA: Name and PhilHealth Identification Number (Default)

Philippines DPA: Name and Physical Information (Wide)

Philippines DPA: Name and Physical Information (Default)

Philippines DPA: Name and Sensitive Disease or Drug (Wide)

Philippines DPA: Name and Sensitive Disease or Drug (Default)

Philippines DPA: Name and SSS Number (Wide)

Philippines DPA: Name and SSS Number (Default)

Philippines DPA: Name and TIN (Wide)

Philippines DPA: Name and TIN (Default)

Philippines DPA: Password Dissemination for Web Traffic

Philippines DPA: PhilHealth Identification Number (Wide)

Philippines DPA: PhilHealth Identification Number (Default)

Philippines DPA: SSS Number (Wide)

Philippines DPA: SSS Number (Default)

Philippines DPA: TIN Number (Wide)

Philippines DPA: TIN Number (Default)

Policies for promoting compliance with Russia Privacy regulations.

Russian Federal Law No. 152-FZ

Federal Law No. 152-FZ regulates activities related to processing of personal data in the Russian Federation by means of automation equipment, and mandates protecting the confidentiality of personal information. The policy detects personal information that should be protected, like passport number, personal pension account number (SNILS), Taxpayer Identification Numbers (INN), personal phone numbers, etc., in proximity to Russian names. The rules for this policy are:

Russia Federal Act 152-FZ: Personal Pension Account Number (SNILS) and Name

Russia Federal Act 152-FZ: Moscow Social Card Number and Name

Russia Federal Act 152-FZ: Passport Number and Name

Russia Federal Act 152-FZ: Phone Number and Name

Russia Federal Act 152-FZ: Primary State Registration Number (OGRNIP) and Name

Russia Federal Act 152-FZ: Taxpayer Identification Number of Individuals and Name

Russian Federation IIIP

The law of the Russian Federation on Information, Informatization, and Information Protection of 1995 covers both the government and private sectors and imposes a code of fair information practices and other restrictions on the processing of personal and sensitive information. The pre-defined policy comprises rules for detection of a Russian passport number when appearing together with Russian full names and for detection of DNA information. The rules for this policy are:

Russian Federation IIIP: DNA Sequence

Russian Federation IIIP: Passport Number

Russian Federation IIIP: Passport Number and Name (Wide)

Russian Federation IIIP: Passport Number and Name (Default)

Russian Federation IIIP: Passport Number and Name (Narrow)

Policies for promoting compliance with Singapore Privacy regulations.

The Singapore Electronic Transaction Act (ETA) mandates applying adequate measures to assure the confidentiality of electronic records, imposing fines and incarceration for compromising confidentiality. It also outlines the liability of directors, managers, secretaries and other officers of the body corporate in case of a breach. The rules for this policy are:

Singapore ETA: Identification Number (Wide)

Singapore ETA: Identification Number (Default)

Singapore ETA: Identification Number and CCN

Singapore ETA: Name and Address (Default)

Singapore ETA: Name and Address (Narrow)

The Singapore Personal Data Protection Act of 2012 covers all private sector organizations engaged in data activities within Singapore. It regulates the management of personal data by businesses and imposes financial penalties. The rules for this policy are:

Singapore PDPA: DNA Sequence

Singapore PDPA: Identification Number (Wide)

Singapore PDPA: Identification Number (Default)

Singapore PDPA: Name and Address (Default)

Singapore PDPA: Name and Address (Narrow)

Singapore PDPA: Name and CCN

Singapore PDPA: Name and Identification Number (Default)

Singapore PDPA: Name and Identification Number (Narrow)

Singapore PDPA: Name and Password

Singapore PDPA: Name and Phones Number (Wide)

Singapore PDPA: Name and Phones Number (Default)

Singapore PDPA: Name and Phones Number (Narrow)

Singapore PDPA: Name and Sensitive Health Information

Singapore PDPA: Phones Number (Wide)

Singapore PDPA: Phones Number (Default)

Singapore PDPA: Phones Number (Narrow)

Policies for promoting compliance with South Africa Privacy regulations.

The Republic of South Africa Electronic Communication and Transaction Act defines a national e-strategy for the Republic and also prevents abuse of information systems. Chapter VIII of the act deals with protection of personal information. The policy detects combinations of valid South Africa ID number with credit card numbers. The rule for this policy is:

SA ECT: ID with CCN

The "Protection of Personal Information" (POPI) bill regulates the collection, dissemination, use and retention of private information.The rules for this policy are:

SA POPI: SA ID and Ethnicities or Religion

SA POPI: SA ID and Account number

SA POPI: SA ID and CCN

SA POPI: SA ID and Crime

SA POPI: SA ID and Health Information

SA POPI: SA ID and Date of Birth

SA POPI: SA Name and Password

SA POPI: SA Name and sensitive health information

SA POPI: SA Name and Personal Finance terms

SA POPI: DNA Sequences

Policies for promoting compliance with Switzerland Privacy regulations.

Swiss Confederation Federal Act of Data Protection

The Federal Act of Data Protection of 1992 regulates personal information held by government and private bodies. The Act requires that information must be legally and fairly collected and places limits on its use and disclosure to third parties. Transfers to other nations must be registered and the recipient nation must have equivalent laws. The pre-defined policy comprises rules for detection of Swiss AHV numbers and DNA information. The rules for this policy are:

Swiss Federal Act of Data Protection: Old format AHV

Swiss Federal Act of Data Protection: new format AHV

Swiss Federal Act of Data Protection: DNA Sequence

Policies for promoting compliance with Taiwan Privacy regulations.

Taiwan - Personal Information Protection Act. The rules for this policy are:

Taiwan PIPA: ID Card Number (Wide)

Taiwan PIPA: ID Card Number (Default)

Taiwan PIPA: ID Card Number and Surname (Wide)

Taiwan PIPA: ID Card Number and Surname (Default)

Taiwan PIPA: ID Card Number, Surname and Private Information (Wide)

Taiwan PIPA: ID Card Number, Surname and Private Information (Default)

Policies for promoting compliance with Thailand Privacy regulations.

Thailand Official Information Act

The Thailand Official Information Act, B.E. 2540 of 1997 sets a code of information practices for the processing of personal information by state agencies. The act mandates, among other things, not to disclose personal information to other state agencies or other persons without prior consent given in writing, except in limited circumstances. The pre-defined policy comprises rules for detecting validated Thai National ID Numbers and DNA sequences. The rules for this policy are:

Thailand Official Information Act: National ID (wide)

Thailand Official Information Act: National ID (default)

Thailand Official Information Act: DNA Sequence

Turkey Protection of Personal Data Draft Law

A policy for protection of personal information, in accordance with Turkey's "Protection of Personal Data" Draft Law. The rules for this policy are:

Turkey Protection of Personal Data Draft Law: TC Kimlik

Turkey Protection of Personal Data Draft Law: TC Kimlik one support

Turkey Protection of Personal Data Draft Law: TC Kimlik and CCN

Turkey Protection of Personal Data Draft Law: Spreadsheets

Turkey Protection of Personal Data Draft Law: Confidential in Header Footer

Go to the table of contents

Go to the previous page

Go to the next page

View or print as PDF

Forcepoint DLP Predefined Policies and Classifiers > Data Loss Prevention policies > Regulations, Compliance and Standards > National Privacy Regulations

Copyright 2017 Forcepoint. All rights reserved.