Organisations now have a scalable solution to locate and secure sensitive personal data buried across sprawling digital repositories. EzeScan's Document Repository Analyser (DRA) – part of its PII & PCI Automated Discovery & Redaction suite – delivers both discovery and remediation capabilities integrated in a single platform.

The solution addresses a critical gap in compliance workflows. Most discovery products on the market can only search and flag sensitive data – they cannot automatically remediate it. Organisations face mounting pressure to find personally identifiable information and payment card data whilst staying compliant with tightening privacy legislation.

"What our solution does that the other solutions on the market don't do, is we can search a repository, we can find the PII data and then we can align with a compliance workflow to remediate that," said Demos Gougoulas, Director of Sales and Marketing at EzeScan. "Our competitors would force their users to look at every single file and manually redact it."

EzeScan's DRA interrogates multiple enterprise systems critical to compliance teams: Content Manager, Objective, SharePoint, OneDrive and network file shares. The platform discovers duplicates, detects classification errors and identifies sensitive data across these repositories simultaneously.

"We can do it in situ," Gougoulas explained. "We can scan your Content Manager repository or your SharePoint libraries or your network drives with software that's installed on-premise to go and look for it. When it finds it, it provides you a workflow to remediate it."

This on-site capability addresses a significant barrier to compliance adoption. Most competitor products operate cloud-based models requiring organisations to upload documents for analysis – an impractical scenario for agencies managing millions of documents.

The solution offers deployment flexibility critical to large organisations managing sensitive information. "We offer the solution on-premise or in the cloud and it can act on ECM or file storage on-premise or in the cloud," Gougoulas noted. "We can do cloud-to-cloud if we have to. Some of the AI engines are external. If we need to be looking for handwriting, we use Microsoft's handwriting recognition engine, and then the customer can consume that themselves within their own Azure environment."

This approach lets Governance Risk and Compliance Managers maintain data sovereignty whilst leveraging advanced detection capabilities.

EzeScan's PII/PCI Compliance Solution Webinar

Discover how to uncover, remediate, and secure your organisation's sensitive data before someone else does. Request a recording of the webinar HERE.

EzeScan employs language models and image-based AI engines to locate sensitive information. The solution identifies images of passports, driver's licences and Medicare cards – even when photocopied at angles or partially obscured.

For organisations with legacy document repositories, this capability proves critical. One state government entity managing two million documents knew photocopied passports existed within their collections but lacked tools to locate them. EzeScan's PII/PCI compliance solution discovers what traditional OCR-dependent systems cannot.

Freedom of Information and Email Compliance

The platform streamlines Freedom of Information (FOI) workflows – a priority for government agencies and organisations subject to information access legislation. Records Managers and FOI officers can create FOI workflows within EzeScan's web application, enabling document approval, temporary redactions and audit trails.

Sensitive data protection extends to email systems where compliance risks frequently hide. For example, if an organisation is at risk of its staff forwarding email with sensitive information, EzeScan can find those emails and make the user aware of them before they push the send button.

"Our software will check the emails, and it will put a tag on the e-mail that says PCI or PII detected," Gougoulas explained. "So, there's a visual cue for the user to go in and delete it. If required, we can convert an e-mail to a PDF and then redact it, and then we can save it as a record in the EDRMS."

The platform's remediation capabilities extend beyond simple redaction. When credit card data appears on network drives, EzeScan's workflow can automatically redact the sensitive content, move the redacted version to an EDRMS like Content Manager, and place a stub on the original network location referencing the controlled copy's new location.

If business requirements mandate retaining original documents with sensitive data, the system can securely archive those separately whilst maintaining compliance documentation.

Records Managers can bulk-search and redact Freedom of Information requests containing thousands of pages, applying reason codes for audit compliance.

Addressing Budget-Constrained Compliance Programs

Competitive pricing has emerged as a significant differentiator. Government agencies report that existing solutions on the market command "ridiculous sums of money," leaving many organisations without budgets to address compliance risks until security incidents force action.

"Our aim is to make this tool available to everybody without having to sell the farm," Gougoulas stated. EzeScan's subscription model and on-premise installation approach keeps costs down and helps organisations with their procurement.

EzeScan's solution builds on its legacy in document capture, scanning and image-based processing. The company has spent years developing PII and PCI detection capabilities following requests from government entities facing compliance challenges after not finding what they needed in the market.

"They are ecstatic because to buy a similar product, which doesn't remediate, would cost them a couple hundred thousand dollars," Gougoulas said of early deployments. "Ours is nowhere near that."

“It also provides a lot of added functionality, so while its searching for PII it can find and flag duplicate documents, OCR any documents that are not text searchable, or other business orientated workflows. So, it's a lot more feature rich to suit information management requirements.”

EzeScan has been in business since 2002, with thousands of installations across Australasia, North America and the United Kingdom, providing capture and business process automation solutions including robotic process automation, forms data extraction and integrated EDRMS capture.

https://www.ezescan.com.au