You need to profile a dataset that contains sensitive information — healthcare records, financial data, or a customer list with PII. Running a quality check requires looking at the data. But looking at the data — especially sending it to a third-party tool — creates the exposure you're trying to avoid.
This tension is real, and it has practical solutions.
The Core Tension
Traditional data quality tools work by uploading your data to a server, running the analysis there, and returning results. For sensitive data, this upload is a security and compliance concern:
Sohovi automatically detects PII in your datasets — emails, phone numbers, SSNs — all processed client-side so your data never leaves the browser.
- The data is now in transit (encryption helps, but doesn't eliminate risk)
- The data is now stored on a third party's server (even temporarily)
- The data is subject to the third party's privacy practices and breach risk
- If the data is regulated (HIPAA, GDPR), the transfer may require additional legal agreements
Solution 1: Browser-Based Processing
Tools that run entirely in your browser process data locally — the file is analyzed in your browser's JavaScript environment, and no data is transmitted to any server. Results are displayed in your browser; data stays on your machine.
Sohovi is built on this model: upload your CSV, the quality analysis runs in your browser, and your data never leaves your device. This is the most practical solution for everyday data quality checks on sensitive files.
Sohovi applies your data quality rules automatically across the whole dataset and highlights every violation — so nothing slips through.
Solution 2: Anonymize Before Profiling
For most data quality purposes, you don't need the actual values — you need the structure. Mask or anonymize sensitive values before profiling:
- Replace SSNs with synthetic values (123-XX-XXXX)
- Replace real email addresses with format-preserving fake versions (user123@domain456.com)
- Replace names with random names
- Replace actual values with tokens
Profile the anonymized dataset. The completeness rates, format patterns, and distributions are the same as the original; only the sensitive values are replaced.
Sohovi profiles every column in your dataset for completeness and flags the exact rows where values are missing — free to try.
Solution 3: Sample-Based Profiling
For large, sensitive datasets where anonymization is complex, profile a statistically representative sample rather than the full file. A random sample of 1,000–5,000 records often reveals the same quality issues as the full dataset with a fraction of the exposure.
Solution 4: Aggregate-Only Reporting
Some profiling tools can return only aggregate statistics (completeness percentages, distinct value counts, format distribution) without logging or storing individual record values. Verify with the vendor that no individual records are retained.
Building a Sensitive Data Quality Process
Define explicitly what level of sensitivity triggers what protocol:
- Low sensitivity (non-PII business data): Standard profiling tool, cloud-based is fine
- Medium sensitivity (PII but no regulated categories): Browser-based profiling only
- High sensitivity (regulated data — HIPAA, financial records): Browser-based or anonymization before profiling
Document your protocol. When an auditor asks how you handle sensitive data quality checks, you want a written answer.
