I accidentally sent sensitive data through Honeycomb, what should I do?

If you have accidentally sent PII or other sensitive data through Honeycomb, there are several steps you can take to resolve the issue:

Delete the Dataset

The quickest way to remove all data is to delete the dataset and start fresh. You can do this in the Honeycomb UI or via API (Note: dataset deletion via API must be enabled by a Team Owner).

Before proceeding with dataset deletion, ensure that you extract any necessary information for recreating it if needed in the future. This includes items such as SLOs, triggers, or boards related to the dataset. You can collect this data manually from the UI or by using the API.

Delete the Column

Alternatively, you can remove specific columns containing the sensitive data. Utilize the Column Deletion API to accomplish this. This action will prevent the column from being queried and exclude the sensitive data from new query results. However, please note that this does not remove permalinks to existing queries that may contain the data.

The deleted column will be automatically recreated when new data flows in with the same field name, allowing you to continue using that field going forward once the sensitive data has been removed from your application.

If deleting the entire dataset is not possible and you need all permalinks purged, contact Honeycomb Support to initiate this process. Be aware that this action will delete all permalinks and query data related to the dataset during the period when the field was receiving sensitive data, not just those linked to the specific column in question.

Data is automatically removed from Honeycomb's system after 60 days unless you are an Enterprise customer with a custom retention period.