If a customer requests Coupa to copy their production data to their sandbox or development environment, we will take certain steps to sanitize their data for security reasons. We would like to share in this document the steps we take in data sanitization.
Coupa sanitizes by replacing the following data fields with random values.
General Information Coupa Sanitizes
- All geographical identifiers smaller than a state. According to the current publicly available data from the Bureau of the Census,
- If the geographic unit formed by combining all zip codes with the same initial three digits contains more than 20,000 people, the initial three digits of the zip code are not changed.
- If the geographic unit formed by combining all zip codes with the same initial three digits contains 20,000 or fewer people, the initial three digits of a zip code are changed to 000.
- Dates (other than year) directly related to an individual
- Phone numbers
- Fax numbers
- Email addresses
- Social Security numbers
- Medical record numbers
- Health insurance beneficiary numbers
- Account numbers
- Certificate/license numbers
- Advance Shipping Notice information
- User-related field attributes
- Expense-related field attributes
- Invoice-related field attributes
- Supplier-related field attributes
- Item-related field attributes
- Vehicle identifiers and serial numbers, including license plate numbers
- Device identifiers and serial numbers
- Web Uniform Resource Locators (URLs)
- Internet Protocol (IP) address numbers
- Biometric identifiers, including finger, retinal and voice prints
- Full face photographic images and any comparable images
- Any other unique identifying number, characteristic, or code except the unique code assigned by the investigator to code the data
The following data types in all environments are sanitized
- Personally identifiable information – including but not limited to names, addresses, and email addresses
- Payment information – including but not limited to bank account numbers and credit card details
- Protected health information – including but not limited to health details
- Credentials or authentication keys
- Cardholder data - including the primary account number (PAN) and cardholder name along with expiration date or service code. A service code is a three- or four-digit number on cards that use a magnetic-stripe. The service code specifies acceptance requirements and limitations for a magnetic-stripe-read transaction.
The following data types in the GovCloud environment are sanitized
- User's mention name
- Item Number
- Item Description
- Item Name
- Supplier Part Number
- Revision Record's data