> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dataharbor.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Data Remediation

> Proactive AI-assisted remediation for emerging data risks.

<Note>
  Data Remediation is **coming soon**. We'd love to hear about your use case — [get in touch](mailto:hello@dataharbor.co?subject=Interest%20in%20Data%20Remediation).
</Note>

# Data Remediation

**Fix it before it leaves the door.**

Proactive AI-assisted remediation. When risky data patterns appear, DataHarbor can apply protection immediately and alert you to review.

## How it works

1. **Detect** — Schema Analytics identifies a risk
2. **Suggest** — DataHarbor recommends a remediation
3. **Apply** — Optionally auto-apply with human-in-the-loop approval
4. **Verify** — Confirm the fix resolves the issue

## Remediation policy

Define how DataHarbor responds to newly detected fields based on risk level. Remediation rules live alongside your controls in the Virtual API Configuration:

```yaml theme={null}
objects:
  customers:
    controls:
      - type: redact
        fields: [ssn, date_of_birth]
      - type: tokenize
        fields: [email, phone]

    remediation:
      high:                        # SSN, credit card, passport patterns
        action: redact
        alert: true
      medium:                      # Email, phone, address patterns
        action: redact
      low:                         # Unknown fields with weak PII signal
```

When Schema Analytics detects a new field, DataHarbor classifies it by risk level and applies the matching remediation rule. High-risk fields like credit card numbers are redacted and trigger an alert for review. Medium-risk fields are quietly redacted. Low-risk fields are left alone.

## Remediation actions

| Action     | Behavior                                            |
| ---------- | --------------------------------------------------- |
| `redact`   | Immediately redact the field on all future requests |
| `tokenize` | Replace with a deterministic token                  |
| `mask`     | Partially redact, preserving structure              |
| `none`     | Take no action — leave the field as-is              |

## Human-in-the-loop

Even when remediation is automatic, you maintain control:

* **Review queue** — All auto-applied remediations appear for review
* **Undo** — Revert any auto-applied control
* **Tune** — Adjust risk classifications per field
* **Exclude** — Mark specific fields as "known safe" so they're never auto-remediated

## Audit trail

Every remediation — whether automatic or manual — is logged with the field name, risk classification, action taken, and who reviewed it.

## Next steps

<CardGroup cols={2}>
  <Card title="Schema Analytics" icon="chart-line" href="./schema-analytics">
    Understand what triggers remediation
  </Card>

  <Card title="Data Control" icon="shield" href="../control-blocks/data-control">
    Apply or refine controls manually
  </Card>
</CardGroup>
