Learn How Mallient Implements Real-Time PII and PHI Scanning for Safer Emails Using AWS

​The Challenge: Securing Sensitive Data in Email

Email is one of the most common vectors for data leaks involving PII and PHI. Whether it's a social security number, a medical diagnosis, or a client’s home address, once an email is sent, the data is exposed—potentially irreversibly.

Traditional email clients offer little to no protection against this. At best, they might offer end-to-end encryption; at worst, they transmit and store data in plain text. What’s missing is proactive detection of sensitive data before it leaves the user’s device.

Mallient’s Solution: Real-Time Detection with AWS Services

To solve this, Mallient integrates with several key AWS services that specialize in data classification and serverless processing:

Amazon Comprehend

Mallient uses Amazon Comprehend to detect PII in free-form email text. This includes common identifiers like names, phone numbers, addresses, email addresses, and credit card numbers. Comprehend uses natural language processing (NLP) to identify these entities in real-time without requiring custom model training.

Amazon Comprehend Medical

For customers in healthcare and regulated environments, Amazon Comprehend Medical adds the ability to detect PHI, such as patient names, medical conditions, and treatment plans, directly within email content.

AWS Lambda

Mallient employs AWS Lambda to run detection workflows without managing servers. Each time a user drafts or sends an email, Lambda functions are triggered asynchronously to scan the content for sensitive information. This ensures fast, scalable detection while keeping the user experience smooth.

Amazon S3

Detection logs and audit trails are stored securely in Amazon S3. This enables organizations using Mallient to maintain compliance with regulations like HIPAA, GDPR, and SOC 2 by providing evidence of data protection practices.

How the Detection Workflow Operates

1. Email Composition
   As a user types an email, Mallient automatically sends the text content to AWS Lambda via secure, encrypted transmission.

2. PII/PHI Detection

   • Amazon Comprehend is used to identify common PII entities.

   • For industry-specific use cases, Amazon Comprehend Medical is invoked to identify healthcare-related PHI.

3. User Feedback
   If sensitive information is detected, Mallient provides real-time inline warnings. Users are prompted to redact, encrypt, or review the content before sending.

4. Compliance Logging
   Detection results, timestamps, and response actions are securely logged to Amazon S3. These logs can be monitored or exported for compliance audits.

Key Benefits of Mallient’s Approach

• Proactive Risk Mitigation
  Detection occurs before an email is sent, preventing accidental data exposure.

• Regulatory Support
  With real-time classification and audit logging, Mallient helps organizations maintain compliance with privacy regulations.

• Minimal Overhead
  Serverless architecture ensures that security checks don’t slow down performance or require infrastructure management.

• User Awareness and Education
  By surfacing privacy warnings as users write emails, Mallient raises awareness and promotes better data hygiene.

A Privacy-First Commitment

All sensitive data processed for detection is handled securely using encrypted communication and access-controlled environments. No content is stored unnecessarily, and Mallient adheres to strict least-privilege access policies when interacting with AWS services.

Closing Thoughts

Email security doesn’t start with encryption—it starts with awareness. By integrating real-time PII and PHI detection using AWS tools like Comprehend, Comprehend Medical, Lambda, and S3, Mallient gives users the tools to protect sensitive information before it leaves their inbox.

This is just one of the ways Mallient is redefining what a secure, intelligent email client can be.