How can a firm build a system to automatically identify and redact PII from tax documents before sending data to an LLM?
One firm described building an internal system, trained on roughly 60,000 tax documents, that identifies what is and is not PII within a tax return and strips/crosses out that information before any data reaches an LLM. PII in this context includes things like name, Social Security number, address, and other third-party information a client wouldn't want exposed. The firm's stated policy is that no PII goes into a public LLM under any circumstances — if the model is not their own proprietary model, they use a no-names-basis policy, and they primarily use Claude for this work. This was framed as a top priority given that a data security failure could be highly damaging to their business; the speaker noted their background is in enterprise/bank software sales, which shaped this emphasis. The explanation was cut off before full technical detail on the redaction mechanism was given.
The full answer is members-only
Membership is free. Apply and get this answer, the recording, and the rest of the library.
Apply to joinAlready a member? Sign in