Skip to content

Ingestion safety: write-time exclusion and redaction controls #44

New issue
New issue
Open
Open
Ingestion safety: write-time exclusion and redaction controls#44
@aurexav

Description

@aurexav
aurexav
opened on Feb 16, 2026

Summary

Provide API-level write-time exclusion and redaction controls for sensitive content.

Why

Privacy/exclusion policy should be explicit and verifiable at ingestion time, not only handled by upstream callers.

Scope

  • Add request-level exclusion controls for ingest endpoints:
    • explicit exclusion spans/fields
    • optional redaction transforms before persistence
  • Persist policy decision metadata for auditing.
  • Add verification endpoint/fields to confirm excluded content was not stored.

Acceptance Criteria

  • Sensitive segments marked for exclusion are provably absent from persisted note content.
  • Redaction/exclusion actions are visible in audit metadata.
  • Default behavior remains backward-compatible when controls are omitted.

Related

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions