Nyraxis AI

PII Detection

Detects and blocks personal identifiable information including names, emails, SSNs, credit cards, phone numbers, and addresses.

PII Detection

PII Detection identifies and blocks personally identifiable information from being sent to or returned from LLMs. Supporting 54 entity types across 9 languages, it ensures compliance with privacy regulations including HIPAA Safe Harbor. This prevents accidental data leakage that could expose your users or organization to regulatory risk.

What it detects

  • Full names and partial name components
  • Email addresses
  • Social Security Numbers (SSN)
  • Credit card numbers (all major networks)
  • Phone numbers (international formats)
  • Physical and mailing addresses
  • Dates of birth
  • Medical record numbers
  • Health plan beneficiary numbers
  • Account numbers and financial identifiers

Configuration

{
  "policy_type": "pii_detection",
  "mode": "blocking",
  "config": {
    "entities": ["EMAIL", "SSN", "CREDIT_CARD", "PHONE_NUMBER", "ADDRESS", "PERSON"],
    "hipaa_mode": true,
    "threshold": 0.85
  }
}

Example violation

{
  "policy_type": "pii_detection",
  "severity": "high",
  "description": "Credit card number detected in user input",
  "details": {
    "entity_type": "CREDIT_CARD",
    "confidence": 0.98,
    "position": { "start": 42, "end": 61 }
  }
}

Best practices

  • Enable hipaa_mode for any healthcare application to ensure Safe Harbor compliance
  • Set threshold to 0.85 or higher to reduce false positives on ambiguous strings
  • Include all relevant entity types rather than relying on defaults — explicit is safer
  • Test with representative data samples to tune detection sensitivity for your domain

Tracing

Group spans into meaningful traces with nyraxis_sdk.trace()

Prompt Injection

Detects instruction override and system prompt extraction attempts using multi-layer analysis.

On this page

PII DetectionWhat it detectsConfigurationExample violationBest practices