← Template libraryMode on clone: log
GDPRcriticalv1.0.0 · System
Special Category Data Block
Blocks processing of GDPR Art. 9 special category data (health, racial origin, religion, biometric) unless explicit lawful basis is established.
📘Clone & start observing
Creates a Guideline policy. Observation only — nothing is blocked until you promote to Strict.
Defaults to template name. Customise to distinguish multiple instances of the same template.
Leave empty to apply broadly via the template's default data-classification / risk-tier filters.
Rationale
Art. 9 prohibits processing of special categories without explicit consent or other lawful basis. This policy provides a hard block at the input boundary.
Example violation
Prompt mentions: "patient diagnosed with HIV positive seeking life insurance quote"Triggers (1)
- inputScan prompts for special category data
Detectors (3)
- keyword_listhealth-termsHealth/medical terminology
- keyword_listreligion-termsReligion/belief terminology
- keyword_listbiometric-termsBiometric data terminology
Actions (3)
- blockReject with explanation
- require_reviewAllow override only by DPO
- logRecord blocked attempt
Tunable parameters (4)
Health terms
advancedkeywords
Terms triggering Art. 9 health processing concern.
Default: ["HIV","diabetes","cancer","diagnosed","prescription","patient","medical condition"]
Religion/belief terms
advancedkeywords
Terms triggering Art. 9 religious-data concern.
Default: ["Christian","Muslim","Jewish","Hindu","atheist","religious belief"]
Biometric terms
advancedkeywords
Terms triggering Art. 9 biometric concern.
Default: ["fingerprint","facial recognition","iris scan","DNA","biometric"]
Role allowed to override
basicstring
Only this role can override the block.
Default: "DPO"
Regulatory references
GDPR Art. 9
Template defaults (suggested target after promotion)
Suggested mode
block
Risk tiers
—
Data classifications
—
Departments
—
Cloned policies start in Guideline mode. Use the promotion wizard to flip to Strict once you trust the false-positive rate.