Sensitive information, such as personal identifiable information (PII), financial records, and health data, plays a crucial role in building personalized experiences. However, when working with sensitive data, developers face the responsibility of ensuring its security, compliance with regulations like GDPR and HIPAA, and proper integration within business systems.
HubSpot’s Sensitive Data API empowers developers to safely manage and integrate sensitive data while adhering to privacy standards. In this guide, we’ll explore how developers can use HubSpot’s sensitive data features to build secure, compliant solutions that protect customer information.
Sensitive data in HubSpot refers to any personal or confidential information requiring protection under laws such as GDPR or HIPAA.
This includes:
Developers using HubSpot’s API can securely access, store, and update sensitive data with the right permissions and encryption protocols in place.
HubSpot provides several features to help developers integrate sensitive data securely while ensuring compliance. Here’s how:
HubSpot’s sensitive data features are available for both private and public apps, but developers need to update their app’s scopes to access sensitive data properties. For private apps, sensitive data scopes like crm.objects.contacts.sensitive.read/write can be added directly in the app settings. Public apps, however, require approval from HubSpot’s Ecosystem Quality team to enable sensitive scopes after a testing and compliance process.
Once enabled, developers can retrieve, update, and manage sensitive data fields for contacts, companies, deals, tickets, and custom objects.
The Properties API allows developers to create, update, or delete sensitive data properties. These properties can be marked as sensitive during creation by adding the dataSensitivity field to requests. For example, a “Passport Number” field could be created as a sensitive property, which ensures that it’s encrypted and protected throughout its lifecycle.
Sensitive properties can also be retrieved through the API by filtering with the dataSensitivity parameter. For example, developers can fetch all contact properties that contain sensitive data by querying with dataSensitivity=sensitive.
When building integrations, developers must ensure that sensitive data is only shared where necessary. Using HubSpot’s API scopes, developers can precisely define which sensitive data fields are accessible in their app. Scopes like crm.objects.deals.sensitive.read control whether sensitive information related to deals is accessible through API calls.
This granular control helps developers limit exposure to only necessary data while maintaining tight security for sensitive fields.
HubSpot automatically encrypts sensitive data both in transit and at rest. However, developers should ensure that their API calls use HTTPS and avoid exposing sensitive data unnecessarily. The Forms API, for instance, allows developers to securely submit forms containing sensitive data while ensuring authentication and data integrity.
Additionally, HubSpot’s Webhooks API supports tracking changes to sensitive properties, but sensitive data values will be redacted in the webhook payload. Developers can retrieve actual values by querying the API directly.
Sensitive data can unlock powerful insights for custom applications and workflows, but it must be handled carefully. Here are a few ways developers can leverage sensitive data:
Using HubSpot’s Workflow API, developers can automate actions based on sensitive data. For example, an application can trigger a workflow when a customer’s financial status changes, automatically alerting the sales team of new upsell opportunities.
Sensitive data workflows can streamline customer engagement, ensuring secure handling of personal data while driving business outcomes.
Developers can use sensitive data to build personalized customer experiences. For example, integrating sensitive financial data into customer portals allows for tailored recommendations on financial services. In healthcare, patient history data can be used to deliver specific healthcare solutions securely.
Using HubSpot’s CRM Search API, developers can query records with sensitive data fields. This feature allows custom reports and insights to be built based on protected information, while still maintaining compliance with privacy laws.
For example, an insurance company could use sensitive health information to generate reports on customer eligibility for certain insurance plans, while ensuring that all sensitive data remains protected and compliant.
When working with sensitive data, developers should follow key security and compliance best practices:
For developers, managing sensitive data securely is critical to protecting customer privacy and ensuring compliance. HubSpot’s Sensitive Data API offers powerful tools to store, access, and integrate sensitive information while adhering to strict security protocols. By leveraging features like encrypted API calls, field-level permissions, and secure webhooks, developers can build robust applications that drive business value while maintaining data protection standards.
By following best practices and HubSpot’s sensitive data API guidelines, developers can confidently handle sensitive data in a secure and compliant way.
Interested in learning more? Get our ebook here - click to download, no email necessary