108 Country and Industry Presets for Instant PII Configuration
Research Source
Organizations deploying PII anonymization must select which entity types to detect from lists of 200-300+ options. Each jurisdiction has different requirements — German Personalausweis, French NIR, Italian Codice Fiscale, US SSN. Each industry has different PHI categories. Selecting the wrong entities means either missing PII (compliance failure) or over-detecting (processing overhead, false positives). Pre-built presets eliminate this configuration burden.
Executive Summary
Selecting from 320+ entity types per jurisdiction is error-prone. Miss a country-specific ID format and you have a compliance gap. Pre-built presets encode expert knowledge into one-click configurations .
cloak.business provides 108 pre-built presets: country-specific (DACH, France, UK, US, Nordics, and more), regional (EU, APAC, MENA), regulatory (GDPR, HIPAA, PCI-DSS), and industry (healthcare, finance, legal, education).
The Problem: The Entity Selection Problem
A German healthcare organization needs to detect: Personalausweis numbers, Steuer-ID (tax), Krankenversicherungsnummer (health insurance), standard PII (names, addresses, dates), financial data (IBANs, credit cards), and medical identifiers. Selecting these from a 320+ entity list requires deep knowledge of both German PII formats and healthcare PHI requirements. Get it wrong, and undetected PII flows through — a GDPR violation. Organizations without PII expertise default to broad detection, which increases false positives and processing costs.
Irreducible truth: PII configuration requires domain expertise that most organizations lack. Presets convert expert knowledge into reusable configurations, democratizing compliance-grade PII detection.
The Solution: How cloak.business Addresses This
Country Presets (70+ Countries)
Each country preset includes all PII formats specific to that jurisdiction. The Germany preset includes Personalausweis, Reisepass, Steuer-ID, IBAN (DE format), and German name patterns. The France preset includes CNI, NIR, NIF, and French-specific patterns. Country presets are maintained and updated as new PII formats are identified.
Regional and Regulatory Presets
Regional presets combine country-specific entities for multi-country operations. The EU preset covers all 27 member states. The APAC preset covers Japan, South Korea, India, and more. Regulatory presets align entity selection with specific frameworks: GDPR, HIPAA (18 PHI identifiers), PCI-DSS (payment card data).
Industry Presets
Healthcare presets include medical record numbers, prescription IDs, and diagnosis codes. Financial presets include account numbers, routing numbers, and transaction identifiers. Legal presets include case numbers, court identifiers, and bar numbers. Each preset is built from real-world entity requirements in that industry.
Preset Syncing Across Platforms
Presets created or selected on one platform sync across all cloak.business platforms — web app, desktop, Office Add-in, Chrome Extension, Nextcloud, and MCP Server. Configure once, apply everywhere.
Compliance Mapping
This feature directly supports GDPR Article 35 (DPIA — presets document which entities are processed and why), ISO 27001 Annex A.8 (asset management — presets define what constitutes PII per jurisdiction), and HIPAA §164.514 (de-identification — presets ensure all 18 PHI identifiers are included).
cloak.business's GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 compliance coverage, combined with Customer-selected hosting, provides documented technical measures organizations can reference in their compliance documentation.
Product Specifications
| Specification | Value |
|---|---|
| Entity Types | 320+ |
| Detection | 3-layer hybrid: Presidio + NLP + Stance classification |
| Test Coverage | 100% (419/419 tests) |
| Languages | 48 |
| Anonymization Methods | Replace, Redact, Mask, Hash, Encrypt (AES-256-GCM), RSA-4096 Asymmetric, Keep |
| Platforms | Web App, REST API, SDKs (JavaScript, Python), Cloud Storage Add-ins, Nextcloud |
| Pricing | Enterprise (custom) |
| Hosting | Customer-selected |
| Compliance | GDPR, HIPAA, PCI-DSS, ISO 27001, SOC 2 |
Limitations & Considerations
Integration Complexity: Organizations implementing this solution should expect comprehensive organizational assessment, compliance framework evaluation, and technical infrastructure review before deployment. Integration complexity varies based on existing systems, data workflows, and regulatory requirements.
Data Volume Scaling: Performance characteristics vary with data volume, document format diversity, and entity pattern complexity. Organizations processing high-volume document streams should conduct benchmark testing with representative samples to validate throughput and accuracy targets.
Team Training Requirements: Requires 2-4 weeks of onboarding for security and compliance teams to configure custom entity patterns, establish organizational policies, and integrate with existing workflows. Dedicated privacy engineering resources accelerate deployment.
Not for: Organizations without dedicated privacy engineering resources or regulatory compliance mandates may find simpler solutions more cost-effective. Best suited for teams with stringent data protection requirements (GDPR, HIPAA, CCPA).