Anthropic Data Handling
Overview
Anthropic's data policies: API inputs/outputs are NOT used for model training (commercial API). Zero-day retention is available. This skill covers PII redaction before sending to Claude and compliance patterns.
Anthropic Data Policies
| Policy | Details | |--------|---------| | Training data | API data is NOT used for training (commercial API) | | Data retention | 30-day default; 0-day available via agreement | | Encryption | TLS 1.2+ in transit, AES-256 at rest | | SOC 2 Type II | Certified | | HIPAA BAA | Available for eligible customers |
PII Redaction Before API Calls
import re
import anthropic
def redact_pii(text: str) -> tuple[str, dict]:
"""Redact PII before sending to Claude, return redaction map for restoration."""
redaction_map = {}
patterns = [
(r'\b\d{3}-\d{2}-\d{4}\b', 'SSN', '[SSN-REDACTED-{}]'),
(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b', 'EMAIL', '[EMAIL-REDACTED-{}]'),
(r'\b\d{3}[-.]?\d{3}[-.]?\d{4}\b', 'PHONE', '[PHONE-REDACTED-{}]'),
(r'\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b', 'CARD', '[CARD-REDACTED-{}]'),
]
counter = 0
for pattern, label, replacement in patterns:
for match in re.finditer(pattern, text):
counter += 1
placeholder = replacement.format(counter)
redaction_map[placeholder] = match.group()
text = text.replace(match.group(), placeholder, 1)
return text, redaction_map
def restore_pii(text: str, redaction_map: dict) -> str:
"""Restore redacted PII in Claude's response."""
for placeholder, original in redaction_map.items():
text = text.replace(placeholder, original)
return text
# Usage
user_input = "Contact John at john@example.com or 555-123-4567"
safe_input, redactions = redact_pii(user_input)
# safe_input: "Contact John at [EMAIL-REDACTED-1] or [PHONE-REDACTED-2]"
client = anthropic.Anthropic()
msg = client.messages.create(
model="claude-sonnet-4-20250514",
max_tokens=256,
messages=[{"role": "user", "content": safe_input}]
)
final_output = restore_pii(msg.content[0].text, redactions)
Audit Logging
import json
import logging
from datetime import datetime, timezone
audit_logger = logging.getLogger("claude.audit")
def audited_request(client, user_id: str, purpose: str, **kwargs):
"""Wrap Claude API calls with audit logging."""
# Log request metadata (never log content)
audit_logger.info(json.dumps({
"event": "claude.request",
"timestamp": datetime.now(timezone.utc).isoformat(),
"user_id": user_id,
"purpose": purpose,
"model": kwargs.get("model"),
"max_tokens": kwargs.get("max_tokens"),
}))
response = client.messages.create(**kwargs)
audit_logger.info(json.dumps({
"event": "claude.response",
"request_id": response._request_id,
"input_tokens": response.usage.input_tokens,
"output_tokens": response.usage.output_tokens,
"stop_reason": response.stop_reason,
}))
return response
Data Handling Checklist
- [ ] PII redacted before sending to Claude API
- [ ] Audit logs capture who accessed what and when
- [ ] Logs never contain message content or PII
- [ ] Data retention policy matches your compliance needs
- [ ] Zero-day retention enabled if required (contact Anthropic)
- [ ] HIPAA BAA in place if handling PHI
- [ ] User consent obtained for AI processing
- [ ] Data deletion procedures documented
Error Handling
| Risk | Mitigation | |------|------------| | PII in prompts | Pre-call redaction pipeline | | PII in responses | Post-call output scanning | | Audit log gaps | Centralized logging with alerting | | Data subject access request | Searchable audit trail by user_id |
Resources
Next Steps
For enterprise access control, see anth-enterprise-rbac.