Anthropic Data Handling

Overview

Anthropic's data policies: API inputs/outputs are NOT used for model training (commercial API). Zero-day retention is available. This skill covers PII redaction before sending to Claude and compliance patterns.

Anthropic Data Policies

Policy	Details
Training data	API data is NOT used for training (commercial API)
Data retention	30-day default; 0-day available via agreement
Encryption	TLS 1.2+ in transit, AES-256 at rest
SOC 2 Type II	Certified
HIPAA BAA	Available for eligible customers

PII Redaction Before API Calls

import re
import anthropic

def redact_pii(text: str) -> tuple[str, dict]:
    """Redact PII before sending to Claude, return redaction map for restoration."""
    redaction_map = {}
    patterns = [
        (r'\b\d{3}-\d{2}-\d{4}\b', 'SSN', '[SSN-REDACTED-{}]'),
        (r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b', 'EMAIL', '[EMAIL-REDACTED-{}]'),
        (r'\b\d{3}[-.]?\d{3}[-.]?\d{4}\b', 'PHONE', '[PHONE-REDACTED-{}]'),
        (r'\b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b', 'CARD', '[CARD-REDACTED-{}]'),
    ]

    counter = 0
    for pattern, label, replacement in patterns:
        for match in re.finditer(pattern, text):
            counter += 1
            placeholder = replacement.format(counter)
            redaction_map[placeholder] = match.group()
            text = text.replace(match.group(), placeholder, 1)

    return text, redaction_map

def restore_pii(text: str, redaction_map: dict) -> str:
    """Restore redacted PII in Claude's response."""
    for placeholder, original in redaction_map.items():
        text = text.replace(placeholder, original)
    return text

# Usage
user_input = "Contact John at john@example.com or 555-123-4567"
safe_input, redactions = redact_pii(user_input)
# safe_input: "Contact John at [EMAIL-REDACTED-1] or [PHONE-REDACTED-2]"

client = anthropic.Anthropic()
msg = client.messages.create(
    model="claude-sonnet-4-20250514",
    max_tokens=256,
    messages=[{"role": "user", "content": safe_input}]
)
final_output = restore_pii(msg.content[0].text, redactions)

Audit Logging

import json
import logging
from datetime import datetime, timezone

audit_logger = logging.getLogger("claude.audit")

def audited_request(client, user_id: str, purpose: str, **kwargs):
    """Wrap Claude API calls with audit logging."""
    # Log request metadata (never log content)
    audit_logger.info(json.dumps({
        "event": "claude.request",
        "timestamp": datetime.now(timezone.utc).isoformat(),
        "user_id": user_id,
        "purpose": purpose,
        "model": kwargs.get("model"),
        "max_tokens": kwargs.get("max_tokens"),
    }))

    response = client.messages.create(**kwargs)

    audit_logger.info(json.dumps({
        "event": "claude.response",
        "request_id": response._request_id,
        "input_tokens": response.usage.input_tokens,
        "output_tokens": response.usage.output_tokens,
        "stop_reason": response.stop_reason,
    }))

    return response

Data Handling Checklist

• PII redacted before sending to Claude API
• Audit logs capture who accessed what and when
• Logs never contain message content or PII
• Data retention policy matches your compliance needs
• Zero-day retention enabled if required (contact Anthropic)
• HIPAA BAA in place if handling PHI
• User consent obtained for AI processing
• Data deletion procedures documented

Error Handling

Risk	Mitigation
PII in prompts	Pre-call redaction pipeline
PII in responses	Post-call output scanning
Audit log gaps	Centralized logging with alerting
Data subject access request	Searchable audit trail by user_id

Resources

• Anthropic Privacy Policy
• Anthropic Security
• Usage Policy

Next Steps

For enterprise access control, see anth-enterprise-rbac.