#682 — SOC 2 & PII Implementation

Repo: Twill-AI/facade State: open | Status: open Assignee: Unassigned

Created: 2025-10-27 · Updated: 2025-10-29

Description

• Set up Azure Key Vault for encryption key management
• Create encrypt_pii() and decrypt_pii() utility functions (AES-256)
• Add encrypted columns to database (ssn_encrypted, account_number_encrypted, routing_number_encrypted)
• Migrate existing plain text PII data to encrypted format
• Create mask_ssn() helper function (returns *--6789)
• Create mask_account_number() helper function (returns ******7890)
• Add PII_ACCESS activity type to audit logging
• Create log_pii_access() function to track who views PII (user_id, merchant_id, fields, timestamp, IP)
• Create log_pii_edit() function to track PII modifications
• Update all GET endpoints to decrypt PII internally before returning
• Return masked PII by default in API responses
• Add show_full_pii permission check for viewing unmasked data
• Update all POST/PATCH endpoints to encrypt PII before saving to database
• Create verify_recent_auth() function for re-authentication
• Add re-authentication requirement before showing full SSN/bank accounts
• Define role-based PII access rules (merchant: full, owner: full with re-auth, sales rep: masked only)
• Create can_view_full_pii() permission check function
• Document data retention policy (e.g., delete PII 7 years after account closure)
• Create scheduled job to delete expired PII automatically
• Implement secure PII deletion (overwrite with nulls, log deletion)
• Create incident response pla

Notes

Add implementation notes, blockers, and context here

Related

Add wikilinks to related people, meetings, or other tickets