Table of Contents

Protection of Personally Identifiable Information in Workforce Intelligence

Personally Identifiable Information (PII) includes any information that relates to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly. This includes any information that can be used to distinguish one person from another or identify who the data represents. This article describes the data collected by Pega Workforce Intelligence™ that relates to PII.

Workforce Intelligence captures data that is considered PII about the employees who use the service. No data is collected on a company’s consumers or customers.

Workforce Intelligence captures, transmits, and stores Windows events that describe how applications are used on an employee desktop. Information about what applications and websites are accessed, as well as employee desktop activities, such as the number of keystrokes entered, windows resizing, and cut/copy/paste activities, are collected for analysis. Limited information about the employee doing the work is also collected for analysis and aggregation purposes. Workforce Intelligence uses this data to provide insights and guidance to supervisors and business analysts.

Based on a customer’s configuration, there is a restricted set of information that can be considered PII or can contain PII information embedded within a collected value. The data that is collected and stored within Workforce Intelligence that is considered PII comprises the following:

  • Network ID
  • Employee name
  • Email address
  • Machine name
  • MAC address
  • Executable file name
  • Web domain

You can anonymize the employee name and you can implement rules to filter out metadata values. For an additional layer of analysis, you can enable screen title collection for application/domains. Depending on the structure of your application, this information might contain additional PII about your agents or consumers in the screen title.

To avoid these issues, information such as credit card and social security numbers are automatically removed by using preconfigured rules. If needed, you can add custom rules to remove data that your application provides in the title of the screen or application.

The set of data that might be considered PII or might have PII information embedded within a value is restricted. The following table lists the fields where this might occur.

Personally Identifiable Information in Workforce Intelligence
Type of data Field name Required? Additional information
Employee Network-id Required  
Employee First/Last Name Optional The name of the employee.
Employee User-email address Optional The user’s email address.
Employee Machine Name   You can mask this data.
Employee Mac Address   You can mask this data.
Application * Screen Title (Windows) Optional No data within the screen is collected, only the title. You can mask this data.
Application * Screen Title from HTML page (websites) Optional No data within the screen is collected, only the title. You can mask this data.
Application * URL Path (websites) Optional Contains the URL path for the website, excluding the domain. You can mask this data.

* You control whether data is collected for each application or website. In addition, you can mask the captured values by using regex before the data is sent to the cloud.

Did you find this content helpful?

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.