Section Contents

Purpose-based access control is a method of data access control that makes access decisions based on the reason a user or tool intends to use the data, which provides flexibility data governance teams need to build a high-powered, granular access control model. Furthermore, most regulations (like GDPR and HIPAA) include purpose clauses that require sensitive data only be collected and used for precise reasons.

For example, the GDPR’s Purpose Limitation Principle states that “Personal data should only be collected and processed for a legitimate specific purpose.” Furthermore, the regulation claims that the specific purpose “should be expressed in an unambiguous, transparent, and simple manner” in order to be compliant. The goal of this clause is to ensure that sensitive information is not being unnecessarily collected, stored, and exposed to risk by organizations that use it. With purpose-based access control, organizations can exhibit the granular, purpose-based control over data access that ensures compliance with these standards.

Immuta projects allow you to connect purposes to data sources and users to enforce purpose-based access controls on your data.

Getting started with purposed-based access control

This getting started guide outlines how to quickly implement purpose-based access controls for your business use case using Immuta projects, purposes, and global data policies.

How-to guides

The how-to guides in this section illustrate how to create and manage projects and purposes.

• Create a project: Create a project to group data sources and users.
• Create a purpose: Create a purpose for your project to enforce access restrictions on the project data sources.
• Adjust a policy: Redistribute the noise of k-anonymization across multiple columns of a data source within a project to make specific columns more useful for analysis.

• Project management: This section guides project owners, governors, and project managers through managing project settings, data sources, and members.

  • Manage projects and project settings
  • Manage data sources
  • Manage members

Reference guides

• Projects and purposes: Immuta projects allow you to connect purposes to data sources and users to enforce purpose-based access controls on your data.
• Policy adjustments: Project owners can use policy adjustments to increase a data set's utility while retaining the amount of k-anonymization that upholds de-identification requirements. With this feature enabled, users can redistribute the noise across multiple columns of a data source within a project to make specific columns more useful for their analysis.

Concept guide

Why use purposes?: This explanatory guide contains a conceptual overview of purposes in Immuta and the business value achieved by using purpose-based access controls.