9Security and Personally Identifiable Information
This chapter contains the following:
Protecting Personally Identifiable Oracle Loyalty Information
The data or information used to uniquely identify a contact, or locate a person is called personally identifiable information (PII), such as social security number, addresses, bank account numbers, phone numbers, and so on. This information is considered confidential and sensitive, and must be protected to prevent unauthorized use of personal information for the purposes of legal regulation, financial liability, and personal reputation. For example, only authorized users must be allowed access to the social security numbers of people stored in a system.
In Oracle Loyalty, the PII data is secured and can be accessed only by the Loyalty Program Administrator job role. A Loyalty program administrator has complete privileges, such as view, edit, and manage of all the PII attributes. If any other job roles require access to PII attributes to meet their business requirements, then the IT Security Manager must create a job role and assign data policies required to access PII information.
In Oracle Loyalty, the PII attributes that are secured are as follows:
-
Home Address
-
Home Phone Number
-
Personal Email Address
-
Taxpayer Identification Number (Social Security Number)
The following table describes the table name and privilege mappings for each PII attribute.
| PII Attribute | Table Name | Privilege Title | Privilege Name |
|---|---|---|---|
|
Taxpayer Identification Number (Social Security Number) |
HZ_PERSON_PROFILES |
View Trading Community Person Social Security Data Manage Trading Community Person Social Security Data |
HZ_VIEW_TRADING_COMMUNITY_PERSON_SOCIAL_SECURITY_DATA HZ_MANAGE_TRADING_COMMUNITY_PERSON_SOCIAL_SECURITY_DATA |
|
Taxpayer Identification Number (Social Security Number) |
HZ_PERSON_PROFILES |
Manage Trading Community Person Social Security Data |
HZ_MANAGE_TRADING_COMMUNITY_PERSON_SOCIAL_SECURITY_DATA |
|
Citizenship Number |
HZ_CITIZENSHIP |
View Trading Community Person Citizenship Number Data |
HZ_VIEW_TRADING_COMMUNITY_PERSON_CITIZENSHIP_NUMBER_DATA |
|
Citizenship Number |
HZ_CITIZENSHIP |
Manage Trading Community Person Citizenship Number Data |
HZ_MANAGE_TRADING_COMMUNITY_PERSON_CITIZENSHIP_NUMBER_DATA |
|
Home Address |
HOME Address is identified by party site use defined in SITE_USE_TYPE field of the HZ_PARTY_SITE_USES table. |
View Trading Community Person Address Data |
HZ_VIEW_TRADING_COMMUNITY_PERSON_ADDRESS_DATA |
|
Home Address |
HOME Address is identified by party site use defined in SITE_USE_TYPE field of the HZ_PARTY_SITE_USES table. |
Manage Trading Community Person Address Data |
HZ_MANAGE_TRADING_COMMUNITY_PERSON_ADDRESS_DATA |
|
Home Phone |
HZ_CONTACT_POINTS rows with contact_point_purpose value PERSONAL |
View Trading Community Person Contact Data |
HZ_VIEW_TRADING_COMMUNITY_PERSON_CONTACT_DATA |
|
Home Phone |
HZ_CONTACT_POINTS rows with contact_point_purpose value PERSONAL |
Manage Trading Community Person Contact Data |
HZ_MANAGE_TRADING_COMMUNITY_PERSON_CONTACT_DATA |
|
Personal E-Mail |
HZ_CONTACT_POINTS rows with contact_point_purpose value PERSONAL |
View Trading Community Person Contact Data |
HZ_VIEW_TRADING_COMMUNITY_PERSON_CONTACT_DATA |
|
Personal E-Mail |
HZ_CONTACT_POINTS rows with contact_point_purpose value PERSONAL |
Manage Trading Community Person Contact Data |
HZ_MANAGE_TRADING_COMMUNITY_PERSON_CONTACT_DATA |
|
Additional Identifiers |
All rows that belong to PERSON party in HZ_ADDTNL_PARTY_IDS |
View Trading Community Person Additional Identifier Data |
HZ_VIEW_TRADING_COMMUNITY_PERSON_ADDITIONAL_IDENTIFIER_DATA |
|
Additional Identifiers |
All rows that belong to PERSON party in HZ_ADDTNL_PARTY_IDS |
Manage Trading Community Person Additional Identifier Data |
HZ_MANAGE_TRADING_COMMUNITY_PERSON_ADDITIONAL_IDENTIFIER_DATA |