Guides
Go To Operata
Start typing to search…

API - Data Privacy Controls

Controlling CTR data sent to Operata

Controlling Data sent to Operata

Data collected by Operata can contain sensitive data or personally identifiable information (PII). In some circumstances, it may be required to redact certain data before it is sent to Operata.

This is achieved by using the content redaction configuration managed via our API, which supports either an allow or deny list.

Privacy-First Default

Operata operates on a privacy-first basis. When deployed without any redaction configuration, only the minimum required set of CTR fields is sent to Operata. Customers can then progressively expand the data they send by configuring an allow-list.

To send additional fields beyond the default minimum payload, configure an allow-list:

{
    "key": "REDACTION_CONFIG",
    "value": {
        "type":"WHITELIST",
        "fields":[
          "Attributes.myCustomField"
        ]
    }
}

The above configuration sends Attributes.myCustomField in addition to the default minimum payload.

To send the entire CTR payload, explicitly define an empty deny-list:

{
    "key": "REDACTION_CONFIG",
    "value": {
        "type":"BLACKLIST",
        "fields":[
        ]
    }
}

Scope

Privacy controls apply to Contact Trace Record data collected by the CTR Collection stack. Data collected from other sources (IVR Flow Logs, Amazon Lex) may also contain PII, particularly in utterance text, slot values, and AI-generated responses. Contact Operata support to discuss the appropriate redaction configuration for these data sources.

This guide covers using the Operata API

Programmatic Allow or Deny List

  • Allow Sends all CTR fields to Operata, except those defined in the configuration.
  • Deny Excludes all CTR fields by default, except those defined in the configuration.

Only single configuration is supported at a time, either a Allow or Deny, but never both.

Also note that the following list of fields are mandatory and cannot be added to the deny list or excluded from the allow list.

Mandatory Fields

{
    "key": "REDACTION_CONFIG",
    "value":
    {
        "type": "WHITELIST",
        "fields":
        [
            "Agent",
            "Agent.NumberOfHolds",
            "Agent.DeviceInfo",
            "Agent.CustomerHoldDuration",
            "Agent.Username",
            "Agent.LongestHoldDuration",
            "Agent.AgentInteractionDuration",
            "Agent.AfterContactWorkStartTimestamp",
            "Agent.ConnectedToAgentTimestamp",
            "Agent.AfterContactWorkDuration",
            "Agent.AfterContactWorkEndTimestamp",
            "Agent.HierarchyGroups",
            "AgentConnectionAttempts",
            "AnsweringMachineDetectionStatus",
            "AWSAccountId",
            "AWSContactTraceRecordFormatVersion",
            "Channel",
            "ConnectedToSystemTimestamp",
            "ContactId",
            "NextContactId",
            "PreviousContactId",
            "DisconnectReason",
            "InitialContactId",
            "InitiationMethod",
            "LastUpdateTimestamp",
            "DisconnectTimestamp",
            "InitiationTimestamp",
            "InstanceARN",
            "QualityMetrics",
            "Queue",
            "Queue.Name",
            "Queue.Duration",
            "Queue.DequeueTimestamp",
            "Queue.EnqueueTimestamp",
            "SystemEndpoint",
            "SystemEndpoint.Type",
            "SystemEndpoint.Address",
            "TransferCompletedTimestamp",
            "TransferredToEndpoint"
        ]
    }
}

Full documentation for Contact Trace Records data model can be found here.

Defining the redaction configuration

The payload of the redaction configuration consists of;

    1. The type, either BLACKLIST or WHITELIST,
    1. The fields that will be either included or excluded.

Once you've decided on defining either a allow or deny list, you will need to define the payload of fields to include or exclude. An allow list will only include the mandatory fields plus the fields specified, while a deny list will exclude the specified fields.
Fields will only be included or excluded if they exist in the CTR.

Example Deny List

In this example, the CustomerDetails field within Attributes contains sensitive PII data, and will be removed prior to transmission to Operata. All other fields within Attributes are included;

{
    "key": "REDACTION_CONFIG",
    "value": {
        "type":"BLACKLIST",
        "fields":[
            "Attributes.CustomerDetails"
        ]
    }
}

Example Allow List

In this example, the InitiationMethod and AnsweringMachineDetectionStatus fields are the only top-level fields included within the CTR. RoutingProfile within Agent is also included, while all other fields within Agent are excluded;

{
    "key": "REDACTION_CONFIG",
    "value": {
        "type":"WHITELIST",
        "fields":[
            "InitiationMethod",
            "AnsweringMachineDetectionStatus",
            "Agent.RoutingProfile"

        ]
    }
}

Updating the redaction configuration

The Operata REST API has a number of endpoints to fetch (GET), set (PUT), and remove (DEL) the redaction configuration.

While the configuration is updated immediately, there may be up to a 30 minute delay for the change to be propagated across all collection points.

If you have issues or questions don't hesitate to contact us.

Updated 11 days ago