My understanding is that the XBridge product was successful at this 
technically. CA has a new product in this area that is successful technically. 
(By "technically" I mean that the technology is successful in recognizing 
credit card numbers, SSNs, and so forth. There is more pattern to a credit card 
number than just "16 numeric digits.")

These products address files and datasets, but the same pattern recognition 
would apply to dumps.

The problem as I see it -- after taking several sessions at SHARE on data 
privacy -- is that the definition of "personal information" is endlessly 
elastic. Read "What constitutes personal data?" on 

And by the way, if you are in the US and think that the GDPR is a Europe-only 
thing, read "Who does the GDPR affect?" and "What are the penalties for 
non-compliance?" on the same page. Also note the countdown clock on their home 


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Paul Gilmartin
Sent: Friday, August 11, 2017 11:23 PM
Subject: Re: Scrubbing sensitive data in dumps

On Fri, 11 Aug 2017 17:09:10 -0400, Jim Mulder wrote:
>  We did have a meeting in z/OS development quite a few years ago to  
>discuss someone's wish for this type of function for z/OS dumps.  We 
>concluded that in general, identifying the sensitive data to be 
>modified would be so problematic that it was not worth pursuing.
This is reminiscent of a question posed (here?) (years?) ago concerning 
detecting credit card numbers in data sets, with the objective of obfuscating 

OK.  Any 16 numeric digits, or packed, or 64-bit binary in range, or ...
Validate check digit?

Same answer.

Or SSNs.

For IBM-MAIN subscribe / signoff / archive access instructions,
send email to with the message: INFO IBM-MAIN

Reply via email to