Ensuring Data Privacy in Power BI Reports

Some visuals in Power BI allow report viewers to right-click and select the "Show data point as a table" feature. This feature enables report viewers to see the underlying data behind a visual, which can be useful for detailed analysis. However, it also poses a high risk of exposing sensitive information such as PII, HIPAA, FERPA, etc., especially in public (non-authenticated) reports.

To mitigate this risk, OIT strongly encourages Power BI developers to avoid using sensitive data in their data sets. Instead, we recommend using clean data sets by following these best practices:

1. De-identify Data: Remove or mask any personally identifiable information or other sensitive data.

2. Create Views: Use views to filter and present only the necessary data.

3. Edit the Data Set in Power Query Editor: Exclude sensitive data before importing it into Power BI.

4. Hide Option in Fields Pane: Use the hide option in the Fields Pane in Power BI Desktop to prevent sensitive data from being displayed within a report.

Please implement reporting best practices and always ensure any data set being utilized in a report complies with our data protection policies. If you have any questions or need further assistance, feel free to reach out.