Looking for some advice on troubleshooting this discrepancy in how PII is masked within the Performance Dashboard compared to the Conversation Detail view. We are operating in the EU-West BYOC environment and have strict compliance requirements regarding GDPR. The expectation, based on our configuration, is that all Personally Identifiable Information (PII) should be redacted across all reporting surfaces once the data retention policy is applied.
However, we are observing a divergence. In the Conversation Detail view, phone numbers and email addresses are correctly masked as expected. Yet, in the Agent Performance dashboard and the Queue Activity reports, these fields occasionally display in plain text for interactions that occurred more than 24 hours ago. This behavior is inconsistent and poses a significant compliance risk.
“Data masking rules applied in Architect flows are inherited by reporting modules. Once a field is marked as PII and masked, it should remain obscured in all downstream analytics and performance views to ensure regulatory compliance.”
We have verified the following:
- The Architect flow explicitly marks the fields as PII using the standard masking actions.
- The data retention policy is set to mask PII after 24 hours.
- The Performance Dashboard is configured to use the native data source without any custom SQL overrides.
Is there a known latency or caching issue within the EU-West BYOC infrastructure that causes the masking policy to lag behind the actual data processing? Or is there a specific configuration in the Performance View settings that overrides the flow-level masking rules? We need to ensure that no plain-text PII is visible to agents or supervisors in the performance metrics. Any guidance on aligning the masking behavior across these views would be appreciated.