Skip to main content
When responding to incidents, sensitive information can end up in places you didn’t expect — alert payloads, Slack messages, escalation details, or call transcripts. incident.io gives you tools to prevent sensitive data from entering the platform, erase it when it does, and redact it before it reaches AI models.

Prevention

The best approach is to stop sensitive data from reaching incident.io in the first place.
  • Use IDs, not raw values. If your monitoring detects an issue with a customer, send a customer ID (e.g., customer_12345) rather than their name, email, or account details. Responders can look up details in your internal systems.
  • Keep PII out of your logs. If alerts are triggered from log queries, sensitive data in your logs will end up in your alerts.
  • Be mindful in Slack and Teams. It’s common for data to be pasted into an incident channel without checking for sensitive fields.
You can build a workflow that posts a reminder in new incident channels, prompting responders to avoid sharing sensitive data.

Erasing data

If sensitive information has already made its way into incident.io, you can permanently erase it from several places.
Erasing data is permanent and cannot be undone. The original content is replaced with a placeholder value.
By default, only account owners can erase data. You can grant this to other roles by enabling the Permanently erase data permission in your custom RBAC configuration.

Alerts

Alerts are the most common way sensitive data enters incident.io, because they’re often generated automatically from monitoring tools. To erase an alert, navigate to the alert in the dashboard and select Erase data from the overflow menu. This permanently replaces the alert’s title, description, and attributes. Any linked escalation will also have its title and description erased. If sensitive data keeps arriving from a particular alert source, update the source configuration to strip it out before it reaches incident.io.

Escalations

To erase an escalation, navigate to it in the dashboard and select Erase data from the overflow menu. The title and description are replaced with a placeholder value.

Incident details

Most incident fields are directly editable, so you can clean up sensitive data without erasing:
  • Edit the name, summary, and any custom field values from the incident page
  • Edit any incident updates that reference sensitive information

Messages in Slack and Microsoft Teams

When a message in an incident channel is edited or deleted in Slack or Microsoft Teams, any copy stored by incident.io is updated to reflect the change. So if sensitive data is posted in the channel, editing or deleting it at the source removes it from incident.io too.

Activity log and timeline

Changes to an incident are recorded in the activity log and timeline. To erase sensitive data from timeline entries:
  1. Open the incident and go to the Post-incident tab
  2. Click the pencil icon to enter edit mode under Timeline
  3. Use Erase data in the overflow menu of the relevant entry

AI data redaction

incident.io has Zero Data Retention agreements with all AI providers (OpenAI and Anthropic), meaning they don’t store any inputs or outputs and don’t use them for training. On top of this, you can enable automatic redaction that strips sensitive patterns from messages before they’re sent to AI models. When enabled, matches are replaced with [REDACTED] so the AI never sees the original values. Available redaction strategies:
StrategyWhat it matches
Credit card numbersCommon credit card formats (Visa, Mastercard, Amex, etc.) — 13 to 19 digit sequences
US Social Security numbersNumbers in XXX-XX-XXXX format
Phone numbersPhone numbers in various formats, including international numbers
You can enable any combination of these strategies.
Redaction can occasionally remove data that isn’t actually sensitive (e.g., a long number that resembles a credit card). This may reduce AI accuracy in some cases.
To enable AI data redaction, contact your account team or email help@incident.io. For more on how incident.io uses AI, see How do we use AI?.

Audit trail

All data erasure actions are recorded in the audit log, including who performed the erasure and when. The erased content itself is not included in audit log entries.

Need help?

If you need to remove data that isn’t covered above, contact us at help@incident.io and we’ll help you clean it up.
Yes. Erasing replaces the original content with a placeholder value and cannot be undone. All erasure events are recorded in the audit log.
By default, only account owners. You can grant this to other roles using the Permanently erase data permission in custom RBAC.
If you decide to stop using incident.io, we’re happy to delete application data upon request. Contact us at help@incident.io.
Yes. When enabled, sensitive patterns are stripped from message content before any data is sent to AI providers.