The Access Policy transformation applies data protection policies and data filter policies created in Data Access Management according to the properties of the Access Policy transformation. An access policy is a set of policies and associated data protection rules and data filter rules that apply data protections and filters that transform and filter the data accordingly.
Data protections can replace, transform, or redact values in a data set while maintaining the overall usefulness of the data. An access policy can protect different values in different mappings, based on factors such as the intended user of the data and metadata classifications that users assign to the source data. Access policies can help your organization comply with data privacy regulations such as the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Data protection rules apply pre-defined data protections to data classes. A data class is a categorization applied to fields within data assets to indicate the category of data such as birth dates, national identifiers, and postal codes.
Rules in an access policy can apply multiple data protection techniques, including the following operations:
•Retaining data
•Redacting all values of a given type such as birth dates
•Replacing specified field values with NULL
•Truncating values such as redacting the first three characters of a postal code
•Replacing values with consistently tokenized values such as always replacing "Smith" with "Abcd" or "1234" with "5678"
•Generalizing date values to the month, year, or decade
•Replacing values with a constant text value such as replacing all passwords with five asterisks
Data filters limit, filter, or otherwise restrict user access to data assets.
Data filter rules apply pre-defined filters that control access to rows or records of data.
Rules in an access policy can apply multiple data filters based on the following attribute types:
•User group
•Order usage context
•Asset term
An Access Policy transformation doesn't display the policies, since those are dynamically applied based on the data and metadata. Users with the appropriate permissions manage policies in Data Access Management.
Note: Not all organizations have Data Access Management. Your organization has Data Access Management if it appears on the My Services page. If it doesn't appear, contact Informatica Global Customer Support to request Data Access Management.